From: Clemens Lang Date: Mon, 24 Nov 2025 10:11:33 +0000 (+0100) Subject: test: Add test for #29196 X-Git-Tag: 4.0-PRE-CLANG-FORMAT-WEBKIT~122 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=476877a2ff9c2cb9e4601ce388370ce0a9f74f8b;p=thirdparty%2Fopenssl.git test: Add test for #29196 Add a test that will cause one of the problems reported in https://github.com/openssl/openssl/issues/29196 and skip it on 32-bit systems. Signed-off-by: Clemens Lang Reviewed-by: Norbert Pocs Reviewed-by: Simo Sorce Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/29192) --- diff --git a/test/sslapitest.c b/test/sslapitest.c index 9105552bdb1..df2f8ef2891 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -13815,7 +13815,7 @@ static int test_ssl_trace(void) * Test that SSL_CTX_set1_groups() when called with a list where the first * entry is unsupported, will send a key_share that uses the next usable entry. */ -static int test_ssl_set_groups_unsupported_keyshare(void) +static int test_ssl_set_groups_unsupported_keyshare(int idx) { #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) int testresult = 0; @@ -13828,6 +13828,16 @@ static int test_ssl_set_groups_unsupported_keyshare(void) NID_ffdhe2048, }; + switch (idx) { + case 1: + client_groups[0] = NID_id_tc26_gost_3410_2012_512_paramSetC; + if (sizeof(unsigned long) == 4) { + return TEST_skip("SSL_CTX_set1_groups() is broken on 32-bit systems with TLS" + " group IDs > 0x20, see https://github.com/openssl/openssl/issues/29196"); + } + break; + } + if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), TLS_client_method(), @@ -14204,7 +14214,7 @@ int setup_tests(void) if (datadir != NULL) ADD_TEST(test_ssl_trace); #endif - ADD_TEST(test_ssl_set_groups_unsupported_keyshare); + ADD_ALL_TESTS(test_ssl_set_groups_unsupported_keyshare, 2); return 1; err: