The branch OpenSSL_1_0_2-stable has been updated
via 8fbbbdd5fcfeca62d339d1db11887da2a298ee8e (commit)
from 8b4e971f66779193281d6a3bf8ff7535e6ff13b4 (commit)
- Log -----------------------------------------------------------------
commit 8fbbbdd5fcfeca62d339d1db11887da2a298ee8e
Author: Matt Caswell <matt at openssl.org>
Date: Mon Jun 18 13:00:40 2018 +0100
Fix no-ssl3-method in 1.0.2
Fixes #5322
Reviewed-by: Tim Hudson <tjh at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6510)
-----------------------------------------------------------------------
Summary of changes:
test/testssl | 18 +++++++++++-------
1 file changed, 11 insertions(+), 7 deletions(-)
diff --git a/test/testssl b/test/testssl
index 21bc4d8..8bea40a 100644
--- a/test/testssl
+++ b/test/testssl
@@ -172,14 +172,18 @@ for protocol in TLSv1.2 SSLv3; do
test_cipher $cipher $protocol
done
echo "testing connection with weak DH, expecting failure"
- if [ $protocol = "SSLv3" ] ; then
- $ssltest -cipher EDH -dhe512 -ssl3
+ if [ $protocol = "SSLv3" ] && ../util/shlib_wrap.sh ../apps/openssl no-ssl3; then
+ echo "skipping weak DH test for disabled protocol"
else
- $ssltest -cipher EDH -dhe512
- fi
- if [ $? -eq 0 ]; then
- echo "FAIL: connection with weak DH succeeded"
- exit 1
+ if [ $protocol = "SSLv3" ] ; then
+ $ssltest -cipher EDH -dhe512 -ssl3
+ else
+ $ssltest -cipher EDH -dhe512
+ fi
+ if [ $? -eq 0 ]; then
+ echo "FAIL: connection with weak DH succeeded"
+ exit 1
+ fi
fi
fi
if ../util/shlib_wrap.sh ../apps/openssl no-ec; then