rpms / openssl

Clone
Source Code
GIT

Blame SOURCES/openssl-1.1.1-no-brainpool.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   a9339fc095215c02032f0ff531f9b78f91d6e062
  2.   SOURCES
  3.   openssl-1.1.1-no-brainpool.patch
Blob History Raw
782d48 
diff -up openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.in.no-brainpool openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.in
782d48 
--- openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.in.no-brainpool	2019-02-26 15:15:30.000000000 +0100
782d48 
+++ openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.in	2019-05-07 11:52:35.885597934 +0200
782d48 
@@ -141,22 +141,23 @@ our @tests = (
782d48 
     {
782d48 
         name => "ECDSA with brainpool",
782d48 
         server =>  {
782d48 
-            "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
782d48 
-            "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
782d48 
-            "Groups" => "brainpoolP256r1",
782d48 
+#            "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
782d48 
+#            "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
782d48 
+#            "Groups" => "brainpoolP256r1",
782d48 
+            "CipherString" => "aNULL",
782d48 
         },
782d48 
         client => {
782d48 
             #We don't restrict this to TLSv1.2, although use of brainpool
782d48 
             #should force this anyway so that this should succeed
782d48 
             "CipherString" => "aECDSA",
782d48 
             "RequestCAFile" => test_pem("root-cert.pem"),
782d48 
-            "Groups" => "brainpoolP256r1",
782d48 
+#            "Groups" => "brainpoolP256r1",
782d48 
         },
782d48 
         test   => {
782d48 
-            "ExpectedServerCertType" =>, "brainpoolP256r1",
782d48 
-            "ExpectedServerSignType" =>, "EC",
782d48 
+#            "ExpectedServerCertType" =>, "brainpoolP256r1",
782d48 
+#            "ExpectedServerSignType" =>, "EC",
782d48 
             # Note: certificate_authorities not sent for TLS < 1.3
782d48 
-            "ExpectedServerCANames" =>, "empty",
782d48 
+#            "ExpectedServerCANames" =>, "empty",
782d48 
             "ExpectedResult" => "Success"
782d48 
         },
782d48 
     },
782d48 
@@ -787,18 +788,19 @@ my @tests_tls_1_3 = (
782d48 
     {
782d48 
         name => "TLS 1.3 ECDSA with brainpool",
782d48 
         server =>  {
782d48 
-            "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
782d48 
-            "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
782d48 
-            "Groups" => "brainpoolP256r1",
782d48 
+#            "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
782d48 
+#            "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
782d48 
+#            "Groups" => "brainpoolP256r1",
782d48 
+             "CipherString" => "aNULL",
782d48 
         },
782d48 
         client => {
782d48 
             "RequestCAFile" => test_pem("root-cert.pem"),
782d48 
-            "Groups" => "brainpoolP256r1",
782d48 
+#            "Groups" => "brainpoolP256r1",
782d48 
             "MinProtocol" => "TLSv1.3",
782d48 
             "MaxProtocol" => "TLSv1.3"
782d48 
         },
782d48 
         test   => {
782d48 
-            "ExpectedResult" => "ServerFail"
782d48 
+            "ExpectedResult" => "Success"
782d48 
         },
782d48 
     },
782d48 
 );
782d48 
diff -up openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.no-brainpool openssl-1.1.1b/test/ssl-tests/20-cert-select.conf
782d48 
--- openssl-1.1.1b/test/ssl-tests/20-cert-select.conf.no-brainpool	2019-02-26 15:15:30.000000000 +0100
782d48 
+++ openssl-1.1.1b/test/ssl-tests/20-cert-select.conf	2019-05-07 12:15:12.762907496 +0200
782d48 
@@ -233,23 +233,18 @@ server = 5-ECDSA with brainpool-server
782d48 
 client = 5-ECDSA with brainpool-client
782d48
782d48 
 [5-ECDSA with brainpool-server]
782d48 
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
782d48 
-CipherString = DEFAULT
782d48 
-Groups = brainpoolP256r1
782d48 
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
782d48 
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
782d48 
+CipherString = aNULL
782d48 
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
782d48
782d48 
 [5-ECDSA with brainpool-client]
782d48 
 CipherString = aECDSA
782d48 
-Groups = brainpoolP256r1
782d48 
 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
782d48 
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
782d48 
 VerifyMode = Peer
782d48
782d48 
 [test-5]
782d48 
 ExpectedResult = Success
782d48 
-ExpectedServerCANames = empty
782d48 
-ExpectedServerCertType = brainpoolP256r1
782d48 
-ExpectedServerSignType = EC
782d48
782d48
782d48 
 # ===========================================================
782d48 
@@ -1577,14 +1572,12 @@ server = 47-TLS 1.3 ECDSA with brainpool
782d48 
 client = 47-TLS 1.3 ECDSA with brainpool-client
782d48
782d48 
 [47-TLS 1.3 ECDSA with brainpool-server]
782d48 
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
782d48 
-CipherString = DEFAULT
782d48 
-Groups = brainpoolP256r1
782d48 
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
782d48 
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
782d48 
+CipherString = aNULL
782d48 
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
782d48
782d48 
 [47-TLS 1.3 ECDSA with brainpool-client]
782d48 
 CipherString = DEFAULT
782d48 
-Groups = brainpoolP256r1
782d48 
 MaxProtocol = TLSv1.3
782d48 
 MinProtocol = TLSv1.3
782d48 
 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
782d48 
@@ -1592,7 +1585,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/ro
782d48 
 VerifyMode = Peer
782d48
782d48 
 [test-47]
782d48 
-ExpectedResult = ServerFail
782d48 
+ExpectedResult = Success
782d48
782d48
782d48 
 # ===========================================================

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation