Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adjust TLS version for LibreSSL deprecation of TLSv1.1 and older
Browse files Browse the repository at this point in the history
lgv5 committed Dec 30, 2023
1 parent 06c5bb0 commit 6f31727
Showing 1 changed file with 9 additions and 5 deletions.
14 changes: 9 additions & 5 deletions t/mojo/user_agent_tls.t
Original file line number Diff line number Diff line change
@@ -82,7 +82,7 @@ subtest 'Web server with valid certificates and no verification' => sub {
. '&ca=t/mojo/certs/ca.crt'
. '&ciphers=AES256-SHA:ALL'
. '&verify=0x00'
. '&version=TLSv1';
. '&version=TLSv1_2';
my $port = $daemon->listen([$listen])->start->ports->[0];

# Invalid certificate
@@ -95,12 +95,16 @@ subtest 'Web server with valid certificates and no verification' => sub {
$tx = $ua->get("https://localhost:$port");
ok !$tx->error, 'no error';
is $ua->ioloop->stream($tx->connection)->handle->get_cipher, 'AES256-SHA', 'AES256-SHA has been negotiatied';
is $ua->ioloop->stream($tx->connection)->handle->get_sslversion, 'TLSv1', 'TLSv1 has been negotiatied';
is $ua->ioloop->stream($tx->connection)->handle->get_sslversion, 'TLSv1_2', 'TLSv1.2 has been negotiatied';
};

subtest 'Client side TLS options' => sub {
my $daemon = Mojo::Server::Daemon->new(app => app, ioloop => Mojo::IOLoop->singleton, silent => 1);
my $listen = 'https://127.0.0.1/?version=TLSv1_1';
my $listen = 'https://127.0.0.1'
. '?cert=t/mojo/certs/server.crt'
. '&key=t/mojo/certs/server.key'
. '&ca=t/mojo/certs/ca.crt'
. '&version=TLSv1_2';
my $port = $daemon->listen([$listen])->start->ports->[0];

subtest '(Not) setting verification mode' => sub {
@@ -116,9 +120,9 @@ subtest 'Client side TLS options' => sub {

subtest 'Setting acceptable protocol version' => sub {
my $ua = Mojo::UserAgent->new(ioloop => Mojo::IOLoop->singleton);
$ua->tls_options({SSL_version => 'TLSv1_2'});
$ua->tls_options({SSL_version => 'TLSv1_3'});
my $tx = $ua->get("https://localhost:$port");
like $tx->error->{message}, qr/wrong ssl version/, 'has error';
like $tx->error->{message}, qr/tlsv1 alert protocol version/, 'has error';
};
};

0 comments on commit 6f31727

Please sign in to comment.