[ruby/openssl] test/openssl/test_ssl: skip test_fallback_scsv if necessary

Run the test case only when the OpenSSL supports both TLS 1.1 and TLS 1.2. Note that the fallback SCSV mechanism is for TLS 1.2 or older and not for 1.3. Fixes: https://github.com/ruby/openssl/issues/336 https://github.com/ruby/openssl/commit/6f2e6d7cf7
2020-02-17 08:14:47 +00:00 · 2020-02-17 08:14:47 +00:00 · 8f91dc712a
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@ -1420,6 +1420,10 @@ end
  end

  def test_fallback_scsv
+    supported = check_supported_protocol_versions
+    return unless supported.include?(OpenSSL::SSL::TLS1_1_VERSION) &&
+      supported.include?(OpenSSL::SSL::TLS1_2_VERSION)
+
    pend "Fallback SCSV is not supported" unless \
      OpenSSL::SSL::SSLContext.method_defined?(:enable_fallback_scsv)
    pend "This test seems to fail on OpenSSL 1.1.1d or later" if OpenSSL::OPENSSL_VERSION_NUMBER >= 0x10101040