Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Ledest:erlang:23
erlang
4651-ssl-Add-check-that-OpenSSL-s_client-suppor...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 4651-ssl-Add-check-that-OpenSSL-s_client-supports-sigalgs.patch of Package erlang
From 15804043853e7b7098e655f23ecb12f455c0da0e Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin <ingela@erlang.org> Date: Wed, 5 Jan 2022 09:07:35 +0100 Subject: [PATCH 1/2] ssl: Add check that OpenSSL s_client supports sigalgs option Also exclude OpenSSL-1.0* as even if it support sigalgs option it does note support the signature algs we are interested in. --- lib/ssl/test/openssl_sni_SUITE.erl | 33 ++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/lib/ssl/test/openssl_sni_SUITE.erl b/lib/ssl/test/openssl_sni_SUITE.erl index 4e25ddb467..3d00d25e1e 100644 --- a/lib/ssl/test/openssl_sni_SUITE.erl +++ b/lib/ssl/test/openssl_sni_SUITE.erl @@ -248,15 +248,40 @@ sni_test(ServerNode, ServerOptions0, ClientOptions, Config) -> maybe_add_sigalgs(Version, ServerOptions) when Version == 'tlsv1.3'; Version == 'tlsv1.2' -> - [{signature_algs, [rsa_pss_rsae_sha512, - rsa_pss_rsae_sha384, - rsa_pss_rsae_sha256]} | ServerOptions]; + case maybe_add_openssl_sigalgs(Version) of + [] -> + [{signature_algs, [rsa_pss_rsae_sha512, + rsa_pss_rsae_sha384, + rsa_pss_rsae_sha256, + {sha512, rsa}, + {sha384, rsa}, + {sha256, rsa}, + {sha224, rsa}, + {sha, rsa} + ] + } | ServerOptions]; + _ -> + [{signature_algs, [rsa_pss_rsae_sha512, + rsa_pss_rsae_sha384, + rsa_pss_rsae_sha256]} | ServerOptions] + end; maybe_add_sigalgs(_, ServerOptions) -> ServerOptions. maybe_add_openssl_sigalgs(Version) when Version == 'tlsv1.3'; Version == 'tlsv1.2' -> - [{sigalgs, "rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:rsa_pss_rsae_sha256"}]; + case ssl_test_lib:portable_cmd("openssl", ["version"]) of + "OpenSSL 1.0" ++ _ -> + []; + _ -> + HelpText = ssl_test_lib:portable_cmd("openssl", ["s_client", "--help"]), + case string:str(HelpText, "-sigalgs") of + 0 -> + []; + _ -> + [{sigalgs, "rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:rsa_pss_rsae_sha256"}] + end + end; maybe_add_openssl_sigalgs(_) -> []. -- 2.31.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor