From be1c7e50e1e8809ea56f2c9d472eccd8ffd73a97 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 04:57:58 +0200 Subject: Adding upstream version 1.44.3. Signed-off-by: Daniel Baumann --- web/server/h2o/libh2o/t/40ssl-cipher-suite.t | 38 ++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 web/server/h2o/libh2o/t/40ssl-cipher-suite.t (limited to 'web/server/h2o/libh2o/t/40ssl-cipher-suite.t') diff --git a/web/server/h2o/libh2o/t/40ssl-cipher-suite.t b/web/server/h2o/libh2o/t/40ssl-cipher-suite.t new file mode 100644 index 00000000..bda71842 --- /dev/null +++ b/web/server/h2o/libh2o/t/40ssl-cipher-suite.t @@ -0,0 +1,38 @@ +use strict; +use warnings; +use File::Temp qw(tempfile); +use Net::EmptyPort qw(check_port empty_port); +use Scope::Guard qw(scope_guard); +use Test::More; +use t::Util; + +my $port = empty_port(); + +# spawn server that only accepts AES128-SHA +my ($conffh, $conffn) = tempfile(UNLINK => 1); +print $conffh <<"EOT"; +listen: + host: 127.0.0.1 + port: $port + ssl: + key-file: examples/h2o/server.key + certificate-file: examples/h2o/server.crt + cipher-suite: AES128-SHA +hosts: + default: + paths: + /: + file.dir: @{[ DOC_ROOT ]} +EOT +my ($guard, $pid) = spawn_server( + argv => [ bindir() . "/h2o", "-c", $conffn ], + is_ready => sub { + check_port($port); + }, +); + +# connect to the server with AES256-SHA as the first choice, and check that AES128-SHA was selected +my $log = `openssl s_client -cipher AES256-SHA:AES128-SHA -host 127.0.0.1 -port $port < /dev/null 2>&1`; +like $log, qr/^\s*Cipher\s*:\s*AES128-SHA\s*$/m; + +done_testing; -- cgit v1.2.3