Fix ssl_test_new and ssl_test_old when SSLv3 is enabled #11586
Closed
Conversation
A couple of fetches of the MD5 and SHA1 digests were not using the libctx in libssl and causing test_ssl_new to fail in travis. This only occurs on builds with SSLv3 enabled (its disabled by default). [extended tests]
In builds where SSLv3 is enabled ssl_test_old was failing. We need to make sure we disable SSLv3 related tests when using the FIPS provider. [extended tests]
[extended tests]
|
Approved if the SSLv3 related test failures are fixed and no new ones are introduced. |
Although some builds failed due to unrelated issues, there aren't any TLS test failures in so I will push this now. |
openssl-machine
pushed a commit
that referenced
this pull request
Apr 21, 2020
A couple of fetches of the MD5 and SHA1 digests were not using the libctx in libssl and causing test_ssl_new to fail in travis. This only occurs on builds with SSLv3 enabled (its disabled by default). [extended tests] Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #11586)
openssl-machine
pushed a commit
that referenced
this pull request
Apr 21, 2020
In builds where SSLv3 is enabled ssl_test_old was failing. We need to make sure we disable SSLv3 related tests when using the FIPS provider. [extended tests] Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #11586)
|
Pushed. Thanks. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
The ssl_test_new and ssl_test_old tests are failing when SSLv3 is enabled.
There are a couple of fetches, that only occur in those codepaths and weren't using the correct libctx. Also we need to disable some tests in ssl_test_old when using the FIPS provider.
Marking this as urgent because it is one of the causes for the current travis failures (other fixes for travis failures in #11585 and #11573.
I've marked this with "extended tests". I do expect some of those tests to fail because of the other issues - but hopefully it won't fail due to ssl_test_new/ssl_test_old.