From be82f7b32087496d94edaa309a7b2ea9a8c84e1d Mon Sep 17 00:00:00 2001 From: Emilia Kasper Date: Wed, 10 Aug 2016 18:36:47 +0200 Subject: Don't attempt to load the CT log list with no-ec In practice, CT isn't really functional without EC anyway, as most logs use EC keys. So, skip loading the log list with no-ec, and skip CT tests completely in that conf. Reviewed-by: Rich Salz --- test/handshake_helper.c | 3 ++- test/recipes/80-test_ssl_new.t | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/test/handshake_helper.c b/test/handshake_helper.c index 3e7f129..ee87512 100644 --- a/test/handshake_helper.c +++ b/test/handshake_helper.c @@ -376,7 +376,8 @@ static void configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, ticket_key_len) == 1); OPENSSL_free(ticket_keys); -#ifndef OPENSSL_NO_CT + /* The default log list includes EC keys, so CT can't work without EC. */ +#if !defined(OPENSSL_NO_CT) && !defined(OPENSSL_NO_EC) TEST_check(SSL_CTX_set_default_ctlog_list_file(client_ctx)); switch (extra->client.ct_validation) { case SSL_TEST_CT_VALIDATION_PERMISSIVE: diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t index 1530bc2..06ddbdc 100644 --- a/test/recipes/80-test_ssl_new.t +++ b/test/recipes/80-test_ssl_new.t @@ -42,6 +42,7 @@ my $no_tls = alldisabled(available_protocols("tls")); my $no_dtls = alldisabled(available_protocols("dtls")); my $no_npn = disabled("nextprotoneg"); my $no_ct = disabled("ct"); +my $no_ec = disabled("ec"); my %conf_dependent_tests = ( "02-protocol-version.conf" => !$is_default_tls, @@ -57,7 +58,7 @@ my %skip = ( "08-npn.conf" => $no_tls || $no_npn, "10-resumption.conf" => disabled("tls1_1") || disabled("tls1_2"), "11-dtls_resumption.conf" => disabled("dtls1") || disabled("dtls1_2"), - "12-ct.conf" => $no_tls || $no_ct, + "12-ct.conf" => $no_tls || $no_ct || $no_ec, ); foreach my $conf (@conf_files) { -- cgit v1.1