From: Matt Caswell <matt@openssl.org>
Date: Tue, 1 Dec 2020 15:34:24 +0000 (+0000)
Subject: Fix no-dtls
X-Git-Tag: openssl-3.0.0-alpha10~202
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4be35545aea9f76e3704fe88bb8f3fc135ceb4c8;p=thirdparty%2Fopenssl.git

Fix no-dtls

Ensure we correctly detect if DTLS has been disabled in the client auth
test_ssl_new tests.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13587)
---

diff --git a/test/ssl-tests/04-client_auth.cnf.in b/test/ssl-tests/04-client_auth.cnf.in
index 5c748cb515b..ad0ae7ae187 100644
--- a/test/ssl-tests/04-client_auth.cnf.in
+++ b/test/ssl-tests/04-client_auth.cnf.in
@@ -15,13 +15,14 @@ our $fips_mode;
 
 my @protocols;
 my @is_disabled = (0);
-push @is_disabled, anydisabled("ssl3", "tls1", "tls1_1", "tls1_2", "dtls1", "dtls1_2");
 
 # We test version-flexible negotiation (undef) and each protocol version.
 if ($fips_mode) {
     @protocols = (undef, "TLSv1.2", "DTLSv1.2");
+    push @is_disabled, anydisabled("tls1_2", "dtls1_2");
 } else {
     @protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "DTLSv1", "DTLSv1.2");
+    push @is_disabled, anydisabled("ssl3", "tls1", "tls1_1", "tls1_2", "dtls1", "dtls1_2");
 }
 
 our @tests = ();