Skip to content

Commit

Permalink
Adjust TLS version for LibreSSL deprecation of TLSv1.1 and older
Browse files Browse the repository at this point in the history
  • Loading branch information
@lgv5
lgv5 committed Dec 30, 2023
1 parent 06c5bb0 commit 6f31727
Showing 1 changed file with 9 additions and 5 deletions.
14 changes: 9 additions & 5 deletions t/mojo/user_agent_tls.t
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ subtest 'Web server with valid certificates and no verification' => sub {
. '&ca=t/mojo/certs/ca.crt'
. '&ciphers=AES256-SHA:ALL'
. '&verify=0x00'
. '&version=TLSv1';
. '&version=TLSv1_2';
my $port = $daemon->listen([$listen])->start->ports->[0];

# Invalid certificate
Expand All @@ -95,12 +95,16 @@ subtest 'Web server with valid certificates and no verification' => sub {
$tx = $ua->get("https://localhost:$port");
ok !$tx->error, 'no error';
is $ua->ioloop->stream($tx->connection)->handle->get_cipher, 'AES256-SHA', 'AES256-SHA has been negotiatied';
is $ua->ioloop->stream($tx->connection)->handle->get_sslversion, 'TLSv1', 'TLSv1 has been negotiatied';
is $ua->ioloop->stream($tx->connection)->handle->get_sslversion, 'TLSv1_2', 'TLSv1.2 has been negotiatied';
};

subtest 'Client side TLS options' => sub {
my $daemon = Mojo::Server::Daemon->new(app => app, ioloop => Mojo::IOLoop->singleton, silent => 1);
my $listen = 'https://127.0.0.1/?version=TLSv1_1';
my $listen = 'https://127.0.0.1'
. '?cert=t/mojo/certs/server.crt'
. '&key=t/mojo/certs/server.key'
. '&ca=t/mojo/certs/ca.crt'
. '&version=TLSv1_2';
my $port = $daemon->listen([$listen])->start->ports->[0];

subtest '(Not) setting verification mode' => sub {
Expand All @@ -116,9 +120,9 @@ subtest 'Client side TLS options' => sub {

subtest 'Setting acceptable protocol version' => sub {
my $ua = Mojo::UserAgent->new(ioloop => Mojo::IOLoop->singleton);
$ua->tls_options({SSL_version => 'TLSv1_2'});
$ua->tls_options({SSL_version => 'TLSv1_3'});
my $tx = $ua->get("https://localhost:$port");
like $tx->error->{message}, qr/wrong ssl version/, 'has error';
like $tx->error->{message}, qr/tlsv1 alert protocol version/, 'has error';
};
};

Expand Down

0 comments on commit 6f31727

Please sign in to comment.