Tests: expect ssl_sni_reneg.t failures on stable in certain cases.
Notably, if built with OpenSSL 1.1.1 on Linux, SSL renegotiation could be
handled too late if client manages to keep recv buffer filled on server.
diff --git a/ssl_sni_reneg.t b/ssl_sni_reneg.t
index 3b516c8..7687b66 100644
--- a/ssl_sni_reneg.t
+++ b/ssl_sni_reneg.t
@@ -104,6 +104,8 @@
###############################################################################
+my ($ossl) = $t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
+
my ($s, $ssl) = get_ssl_socket(8080);
ok($s, 'connection');
@@ -119,10 +121,16 @@
Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF);
+TODO: {
+local $TODO = 'not yet' if $ossl ge '1.1.1' and $^O eq 'linux'
+ and !$t->has_version('1.15.2');
+
ok(!Net::SSLeay::read($ssl), 'response');
}
+}
+
# virtual servers
# in [1.15.4..1.15.5) SSL_OP_NO_RENEGOTIATION is cleared in servername callback
@@ -141,10 +149,16 @@
Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF);
+TODO: {
+local $TODO = 'not yet' if $ossl ge '1.1.1' and $^O eq 'linux'
+ and !$t->has_version('1.15.2');
+
ok(!Net::SSLeay::read($ssl), 'virtual servers');
}
+}
+
###############################################################################
sub get_ssl_socket {
