diff options
-rwxr-xr-x | tests/bugs/nfs/bug-1053579.t | 4 | ||||
-rw-r--r-- | tests/features/ssl-ciphers.t | 25 |
2 files changed, 23 insertions, 6 deletions
diff --git a/tests/bugs/nfs/bug-1053579.t b/tests/bugs/nfs/bug-1053579.t index 2f53172e24..d62df82876 100755 --- a/tests/bugs/nfs/bug-1053579.t +++ b/tests/bugs/nfs/bug-1053579.t @@ -39,6 +39,10 @@ do done TEST useradd -o -M -u ${NEW_UID} -g ${NEW_GID} -G ${NEW_USER}-${NEW_GIDS} ${NEW_USER} +# It's not guaranteed that the latest added group will be returned as the last +# group for the user. To be sure, we take the latest group returned by 'id' +LAST_GID="$(id -G ${NEW_USER} | tr ' ' '\n' | tail -1)" + # preparation done, start the tests TEST glusterd diff --git a/tests/features/ssl-ciphers.t b/tests/features/ssl-ciphers.t index b70fe360e0..53b6995575 100644 --- a/tests/features/ssl-ciphers.t +++ b/tests/features/ssl-ciphers.t @@ -110,15 +110,28 @@ EXPECT "N" openssl_connect -ssl2 -connect $H0:$BRICK_PORT # Test SSLv3 protocol fails EXPECT "N" openssl_connect -ssl3 -connect $H0:$BRICK_PORT -# Test TLSv1 protocol based on openssl version -cmd="openssl version" -ver=$(eval $cmd | awk -F " " '{print $2}' | grep "^1.1") -if [ "x${ver}" = "x" ]; then - supp="N" +TLS10="$(openssl_connect -tls1 -connect $H0:$BRICK_PORT)" +TLS11="$(openssl_connect -tls1_1 -connect $H0:$BRICK_PORT)" +TLS12="$(openssl_connect -tls1_2 -connect $H0:$BRICK_PORT)" +TLS13="$(openssl_connect -tls1_3 -connect $H0:$BRICK_PORT)" + +# TLS support depends on openssl version. +# +# TLS v1.0 requires openssl v0.9.6 or higher +# TLS v1.1 requires openssl v1.0.1 or higher +# TLS v1.2 requires openssl v1.0.1 or higher +# TLS v1.3 requires openssl v1.1.1 or higher +# +# If TLS is supported by the current version of openssl, at least one of the +# protocols should connect successfully. Otherwise all connections should fail. + +if [[ "$(openssl version | awk '{ print $2; }')" < "0.9.6" ]]; then + supp="^NNNN$" else supp="Y" fi -EXPECT "${supp}" openssl_connect -tls1 -connect $H0:$BRICK_PORT + +EXPECT "${supp}" echo "${TLS10}${TLS11}${TLS12}${TLS13}" # Test a HIGH CBC cipher cph=`check_cipher -cipher AES256-SHA -connect $H0:$BRICK_PORT` |