From 9736af2af69bd7fc924bb30a4849f55bd6d497cf Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Mon, 23 May 2016 18:34:36 -0400
Subject: [PATCH] Disable SNI and proxy tests, AES128 cipher test
The SNI tests rely on a tweaked /etc/hosts that points multiple
hostnames to one.
The proxy test requires Internet access
The python client isn't returning the re-negotiated cipher
which causes the AES128 to report a failure. Drop the test.
---
test/suite1.tmpl | 6 ------
test/test.py | 28 ----------------------------
2 files changed, 34 deletions(-)
diff --git a/test/suite1.tmpl b/test/suite1.tmpl
index 2c09a89..291e173 100644
--- a/test/suite1.tmpl
+++ b/test/suite1.tmpl
@@ -45,12 +45,6 @@ CoreDumpDirectory $SERVER_ROOT
NSSCipherSuite RC4-SHA
</Location>
- <Location "/openssl_aes_cipher">
- # In openssl equivalent of AES:-ECDH:-ADH:-PSK:-DH
- # In NSS equivalent of AES:-ECDH
- NSSCipherSuite AES+RSA
- </Location>
-
<Location "/dhe_cipher">
NSSCipherSuite +dhe_rsa_aes_128_sha
</Location>
diff --git a/test/test.py b/test/test.py
index 866e388..4fdb59a 100644
--- a/test/test.py
+++ b/test/test.py
@@ -60,13 +60,6 @@ class test_suite1(Declarative):
),
dict(
- desc='SSL AES128-SHA cipher check',
- request=('/index.html', {}),
- expected=200,
- cipher='AES128-SHA',
- ),
-
- dict(
desc='Default protocol check',
request=('/', {}),
expected=200,
@@ -271,27 +264,6 @@ class test_suite1(Declarative):
expected=requests.exceptions.SSLError(),
),
- dict(
- desc='Basic reverse proxy request',
- request=('/google/', {}),
- expected=200,
- ),
-
- dict(
- desc='SNI request when SNI is disabled',
- request=('/index.html',
- {'host': 'www1.example.com', 'port': 8000}
- ),
- expected=requests.exceptions.SSLError(),
- expected_str='doesn\'t match',
- ),
-
- dict(
- desc='Reverse proxy request when SNI is disabled',
- request=('/proxy/index.html', {}),
- expected=400,
- ),
-
]
if ENABLE_SERVER_DHE:
--
2.5.5