projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Allow TLSv1.3 in a no-ec build
[openssl.git] / test / recipes / 70-test_tls13psk.t
diff --git a/test/recipes/70-test_tls13psk.t b/test/recipes/70-test_tls13psk.t
index 40e6ed105bc27759e5f3a6a2e07471b9480dd264..11031f3f44ede486e53aa9d2038283281c29c4ae 100644 (file)
--- a/test/recipes/70-test_tls13psk.t
+++ b/test/recipes/70-test_tls13psk.t
@@ -66,7 +66,11 @@ ok(TLSProxy::Message->fail(), "PSK not last");
 #        ciphersuite. Should see PSK on second ClientHello
 $proxy->clear();
 $proxy->clientflags("-sess_in ".$session);
-$proxy->serverflags("-curves P-256");
+if (disabled("ec")) {
+    $proxy->serverflags("-curves ffdhe3072");
+} else {
+    $proxy->serverflags("-curves P-256");
+}
 $proxy->filter(undef);
 $proxy->start();
 #Check if the PSK is present in the second ClientHello
@@ -81,7 +85,11 @@ ok($pskseen, "PSK hash matches");
 $proxy->clear();
 $proxy->clientflags("-sess_in ".$session);
 $proxy->filter(\&modify_psk_filter);
-$proxy->serverflags("-curves P-256");
+if (disabled("ec")) {
+    $proxy->serverflags("-curves ffdhe3072");
+} else {
+    $proxy->serverflags("-curves P-256");
+}
 $proxy->ciphersuitesc("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384");
 $proxy->ciphersuitess("TLS_AES_256_GCM_SHA384");
 #We force an early failure because TLS Proxy doesn't actually support
Unnamed repository; edit this file 'description' to name the repository.