From: Artem Boldariev Date: Mon, 15 Jan 2024 15:21:45 +0000 (+0200) Subject: Skipping portions of cipher-suites test in FIPS mode X-Git-Tag: v9.19.22~81^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=dbcdd868f9b06f92d4f6484dad747c146a06ad81;p=thirdparty%2Fbind9.git Skipping portions of cipher-suites test in FIPS mode We need to skip some portions the system test in FIPS mode as some of the algorithms used in the test are not available when using the FIPS mode (e.g. TLS_CHACHA20_POLY1305_SHA256) --- diff --git a/bin/tests/system/cipher-suites/tests.sh b/bin/tests/system/cipher-suites/tests.sh index 2c8076717c4..f5b28b79dfe 100644 --- a/bin/tests/system/cipher-suites/tests.sh +++ b/bin/tests/system/cipher-suites/tests.sh @@ -67,13 +67,19 @@ tls_xfer_expect_success "$testing" 4 example tls_xfer_expect_success "$testing" 2 example-aes-128 tls_xfer_expect_success "$testing" 3 example-aes-256 -tls_xfer_expect_success "$testing" 4 example-chacha-20 +if ! $FEATURETEST --have-fips-mode; then + tls_xfer_expect_success "$testing" 4 example-chacha-20 +fi tls_xfer_expect_failure "$testing" 2 example-aes-256 -tls_xfer_expect_failure "$testing" 2 example-chacha-20 +if ! $FEATURETEST --have-fips-mode; then + tls_xfer_expect_failure "$testing" 2 example-chacha-20 +fi tls_xfer_expect_failure "$testing" 3 example-aes-128 -tls_xfer_expect_failure "$testing" 3 example-chacha-20 +if ! $FEATURETEST --have-fips-mode; then + tls_xfer_expect_failure "$testing" 3 example-chacha-20 +fi tls_xfer_expect_failure "$testing" 4 example-aes-128 tls_xfer_expect_failure "$testing" 4 example-aes-256 @@ -82,7 +88,9 @@ tls_xfer_expect_failure "$testing" 4 example-aes-256 tls_xfer_expect_failure "$testing" 5 example tls_xfer_expect_failure "$testing" 5 example-aes-128 tls_xfer_expect_failure "$testing" 5 example-aes-256 -tls_xfer_expect_failure "$testing" 5 example-chacha-20 +if ! $FEATURETEST --have-fips-mode; then + tls_xfer_expect_failure "$testing" 5 example-chacha-20 +fi echo_i "exit status: $status" [ $status -eq 0 ] || exit 1