Fix test failures with OpenSSL 1.1 and later. The MockHTTPinC server must
also disable TLSv1.3 if the OpenSSL library enables it by default.
* test/MockHTTPinC/MockHTTP.h (mhSSLProtocol_t): Add mhProtoTLSv13.
* test/MockHTTPinC/MockHTTP_server.c
(initSSLCtx): Handle TLSv1.3 in the context if OpenSSL supports it.
(sslHandshake): Remove the quite useless printf() "fix".
git-svn-id: https://svn.apache.org/repos/asf/serf/trunk@1844837 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/test/MockHTTPinC/MockHTTP.h b/test/MockHTTPinC/MockHTTP.h
index a6d457d..e780db5 100644
--- a/test/MockHTTPinC/MockHTTP.h
+++ b/test/MockHTTPinC/MockHTTP.h
@@ -71,6 +71,7 @@
mhProtoTLSv1 = 0x04,
mhProtoTLSv11 = 0x08,
mhProtoTLSv12 = 0x10,
+ mhProtoTLSv13 = 0x20,
} mhSSLProtocol_t;
typedef enum mhThreading_t {
diff --git a/test/MockHTTPinC/MockHTTP_server.c b/test/MockHTTPinC/MockHTTP_server.c
index f302169..df89250 100644
--- a/test/MockHTTPinC/MockHTTP_server.c
+++ b/test/MockHTTPinC/MockHTTP_server.c
@@ -2696,6 +2696,10 @@
if (! (cctx->protocols & mhProtoTLSv12))
SSL_CTX_set_options(ssl_ctx->ctx, SSL_OP_NO_TLSv1_2);
#endif
+#ifdef SSL_OP_NO_TLSv1_3
+ if (! (cctx->protocols & mhProtoTLSv13))
+ SSL_CTX_set_options(ssl_ctx->ctx, SSL_OP_NO_TLSv1_3);
+#endif
#if OPENSSL_VERSION_NUMBER >= 0x10002000L /* >= 1.0.2 */
# ifndef OPENSSL_NO_TLSEXT
@@ -3045,11 +3049,6 @@
return APR_EAGAIN;
}
- /* XXX This is magic that makes the tests pass on macOS
- with OpenSSL 1.0.2n and later. Please don't ask
- for explanations; see above, re: "magic". */
- fprintf(stderr, "\n");
-
_mhLog(MH_VERBOSE, cctx->skt,
"SSL Error %d: Library=%d, Function=%d, Reason=%d",
ssl_err, lib, func, reason);
