test: Add test for #29196

Add a test that will cause one of the problems reported in
https://github.com/openssl/openssl/issues/29196 and skip it on 32-bit
systems.

Signed-off-by: Clemens Lang <cllang@redhat.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29192)

(cherry picked from commit 476877a2ff9c2cb9e4601ce388370ce0a9f74f8b)

diff --git a/test/sslapitest.c b/test/sslapitest.c
index 9105552bdb15aa13ed5cd109f8d2522201159336..df2f8ef289159c3c6fd01f3034fafd2129ceca8c 100644 (file)
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -13815,7 +13815,7 @@ static int test_ssl_trace(void)
  * Test that SSL_CTX_set1_groups() when called with a list where the first
  * entry is unsupported, will send a key_share that uses the next usable entry.
  */
-static int test_ssl_set_groups_unsupported_keyshare(void)
+static int test_ssl_set_groups_unsupported_keyshare(int idx)
 {
 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
     int testresult = 0;
@@ -13828,6 +13828,16 @@ static int test_ssl_set_groups_unsupported_keyshare(void)
         NID_ffdhe2048,
     };
 
+    switch (idx) {
+    case 1:
+        client_groups[0] = NID_id_tc26_gost_3410_2012_512_paramSetC;
+        if (sizeof(unsigned long) == 4) {
+            return TEST_skip("SSL_CTX_set1_groups() is broken on 32-bit systems with TLS"
+                             " group IDs > 0x20, see https://github.com/openssl/openssl/issues/29196");
+        }
+        break;
+    }
+
     if (!TEST_true(create_ssl_ctx_pair(libctx,
                                        TLS_server_method(),
                                        TLS_client_method(),
@@ -14204,7 +14214,7 @@ int setup_tests(void)
     if (datadir != NULL)
         ADD_TEST(test_ssl_trace);
 #endif
-    ADD_TEST(test_ssl_set_groups_unsupported_keyshare);
+    ADD_ALL_TESTS(test_ssl_set_groups_unsupported_keyshare, 2);
     return 1;
 
  err: