test24-tls-protos-tls1_1.sh (hitch-1.5.2) | : | test24-tls-protos-tls1_1.sh (hitch-1.6.0) | ||
---|---|---|---|---|
#!/bin/sh | #!/bin/sh | |||
# Test tls-protos in global scope | # Test tls-protos in global scope | |||
. hitch_test.sh | . hitch_test.sh | |||
if ! openssl s_client -help 2>&1 | grep -q -e "-ssl3" | ||||
then | ||||
skip "Missing SSLv3 support" | ||||
fi | ||||
# only TLSv1.1 | # only TLSv1.1 | |||
cat >hitch.cfg <<EOF | cat >hitch.cfg <<EOF | |||
backend = "[hitch-tls.org]:80" | backend = "[hitch-tls.org]:80" | |||
frontend = "[*]:$LISTENPORT" | frontend = "[*]:$LISTENPORT" | |||
pem-file = "${CERTSDIR}/default.example.com" | pem-file = "${CERTSDIR}/default.example.com" | |||
tls-protos = TLSv1.1 | tls-protos = TLSv1.1 | |||
EOF | EOF | |||
start_hitch --config=hitch.cfg | start_hitch --config=hitch.cfg | |||
# this will fail on platforms that have OpenSSL compiled without SSLv3 | # this will fail on platforms that have OpenSSL compiled without SSLv3 | |||
# XXX: find how to detect the lack of SSLv3 | ||||
! s_client -tls1_2 | ! s_client -tls1_2 | |||
# this will fail on platforms that have OpenSSL compiled without SSLv3 | ||||
s_client -tls1_1 | s_client -tls1_1 | |||
End of changes. 3 change blocks. | ||||
3 lines changed or deleted | 5 lines changed or added |