Fix Security Tests for OpenSSLv3

author: Tobias Mayer <tobim@fastmail.fm> 2023-02-18 14:50:15 +0100
committer: Jens Geyer <Jens-G@users.noreply.github.com> 2023-02-19 10:48:22 +0100
commit: 05604e261455f1d85a5d04c4364a21d2a7e417b2 (patch)
tree: 47587a73cb11480d67ac718a0bfc056c9116d595
parent: 51fc54f8c161ae94e4d230cddae8d9d2ee279fad (diff)
download: thrift-05604e261455f1d85a5d04c4364a21d2a7e417b2.tar.gz
2 files changed, 8 insertions, 6 deletions
diff --git a/lib/cpp/test/SecurityFromBufferTest.cpp b/lib/cpp/test/SecurityFromBufferTest.cpp
index d2751919f..194e67fdd 100644
--- a/lib/cpp/test/SecurityFromBufferTest.cpp
+++ b/lib/cpp/test/SecurityFromBufferTest.cpp
@@ -198,15 +198,16 @@ BOOST_AUTO_TEST_CASE(ssl_security_matrix) {
   try {
     // matrix of connection success between client and server with different SSLProtocol selections
         static_assert(apache::thrift::transport::LATEST == 5, "Mismatch in assumed number of ssl protocols");
+        bool ossl1 = OPENSSL_VERSION_MAJOR == 1;
         bool matrix[apache::thrift::transport::LATEST + 1][apache::thrift::transport::LATEST + 1] =
         {
     //   server    = SSLTLS   SSLv2    SSLv3    TLSv1_0  TLSv1_1  TLSv1_2
     // client
-    /* SSLTLS  */  { true,    false,   false,   true,    true,    true    },
+    /* SSLTLS  */  { true,    false,   false,   ossl1,   ossl1,   true    },
     /* SSLv2   */  { false,   false,   false,   false,   false,   false   },
     /* SSLv3   */  { false,   false,   true,    false,   false,   false   },
-    /* TLSv1_0 */  { true,    false,   false,   true,    false,   false   },
-    /* TLSv1_1 */  { true,    false,   false,   false,   true,    false   },
+    /* TLSv1_0 */  { ossl1,   false,   false,   ossl1,   false,   false   },
+    /* TLSv1_1 */  { ossl1,   false,   false,   false,   ossl1,   false   },
     /* TLSv1_2 */  { true,    false,   false,   false,   false,   true    }
         };
 
diff --git a/lib/cpp/test/SecurityTest.cpp b/lib/cpp/test/SecurityTest.cpp
index cba876842..df0cdaf76 100644
--- a/lib/cpp/test/SecurityTest.cpp
+++ b/lib/cpp/test/SecurityTest.cpp
@@ -220,15 +220,16 @@ BOOST_AUTO_TEST_CASE(ssl_security_matrix)
     {
         // matrix of connection success between client and server with different SSLProtocol selections
         static_assert(apache::thrift::transport::LATEST == 5, "Mismatch in assumed number of ssl protocols");
+        bool ossl1 = OPENSSL_VERSION_MAJOR == 1;
         bool matrix[apache::thrift::transport::LATEST + 1][apache::thrift::transport::LATEST + 1] =
         {
     //   server    = SSLTLS   SSLv2    SSLv3    TLSv1_0  TLSv1_1  TLSv1_2
     // client
-    /* SSLTLS  */  { true,    false,   false,   true,    true,    true    },
+    /* SSLTLS  */  { true,    false,   false,   ossl1,   ossl1,   true    },
     /* SSLv2   */  { false,   false,   false,   false,   false,   false   },
     /* SSLv3   */  { false,   false,   true,    false,   false,   false   },
-    /* TLSv1_0 */  { true,    false,   false,   true,    false,   false   },
-    /* TLSv1_1 */  { true,    false,   false,   false,   true,    false   },
+    /* TLSv1_0 */  { ossl1,   false,   false,   ossl1,   false,   false   },
+    /* TLSv1_1 */  { ossl1,   false,   false,   false,   ossl1,   false   },
     /* TLSv1_2 */  { true,    false,   false,   false,   false,   true    }
         };
author	Tobias Mayer <tobim@fastmail.fm>	2023-02-18 14:50:15 +0100
committer	Jens Geyer <Jens-G@users.noreply.github.com>	2023-02-19 10:48:22 +0100
commit	05604e261455f1d85a5d04c4364a21d2a7e417b2 (patch)
tree	47587a73cb11480d67ac718a0bfc056c9116d595
parent	51fc54f8c161ae94e4d230cddae8d9d2ee279fad (diff)
download	thrift-05604e261455f1d85a5d04c4364a21d2a7e417b2.tar.gz