Allow TLSv1.3 in a no-ec build

Now that we have TLSv1.3 FFDHE support there is no reason why we should not allow TLSv1.3 to be used in a no-ec build. This commit enables that to happen. It also fixes no-ec which was previously broken. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9156)
author: Matt Caswell <matt@openssl.org> 2019-06-13 12:06:12 +0200
committer: Matt Caswell <matt@openssl.org> 2019-06-17 11:57:19 +0200
commit: dbc6268f68e50b2e49d7c5b1157b4f6bcea5d6f9 (patch)
tree: 67a9fa2beac320e8d437c04225cbc377a0145f2d /test/tls13ccstest.c
parent: Replumbing: Adapt the default and legacy providers to use library context upcall (diff)
download: openssl-dbc6268f68e50b2e49d7c5b1157b4f6bcea5d6f9.tar.xz
openssl-dbc6268f68e50b2e49d7c5b1157b4f6bcea5d6f9.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/test/tls13ccstest.c b/test/tls13ccstest.c
index d89354c142..d0bc43a8fa 100644
--- a/test/tls13ccstest.c
+++ b/test/tls13ccstest.c
@@ -315,8 +315,13 @@ static int test_tls13ccs(int tst)
 
     if ((tst >= 3 && tst <= 5) || tst >= 9) {
         /* HRR handshake */
+#if defined(OPENSSL_NO_EC)
+        if (!TEST_true(SSL_CTX_set1_groups_list(sctx, "ffdhe3072")))
+            goto err;
+#else
         if (!TEST_true(SSL_CTX_set1_groups_list(sctx, "P-256")))
             goto err;
+#endif
     }
 
     s_to_c_fbio = BIO_new(bio_f_watchccs_filter());
author	Matt Caswell <matt@openssl.org>	2019-06-13 12:06:12 +0200
committer	Matt Caswell <matt@openssl.org>	2019-06-17 11:57:19 +0200
commit	dbc6268f68e50b2e49d7c5b1157b4f6bcea5d6f9 (patch)
tree	67a9fa2beac320e8d437c04225cbc377a0145f2d /test/tls13ccstest.c
parent	Replumbing: Adapt the default and legacy providers to use library context upcall (diff)
download	openssl-dbc6268f68e50b2e49d7c5b1157b4f6bcea5d6f9.tar.xz openssl-dbc6268f68e50b2e49d7c5b1157b4f6bcea5d6f9.zip