Commit 476877a2ff for openssl.org
commit 476877a2ff9c2cb9e4601ce388370ce0a9f74f8b
Author: Clemens Lang <cllang@redhat.com>
Date: Mon Nov 24 11:11:33 2025 +0100
test: Add test for #29196
Add a test that will cause one of the problems reported in
https://github.com/openssl/openssl/issues/29196 and skip it on 32-bit
systems.
Signed-off-by: Clemens Lang <cllang@redhat.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29192)
diff --git a/test/sslapitest.c b/test/sslapitest.c
index 9105552bdb..df2f8ef289 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -13815,7 +13815,7 @@ static int test_ssl_trace(void)
* Test that SSL_CTX_set1_groups() when called with a list where the first
* entry is unsupported, will send a key_share that uses the next usable entry.
*/
-static int test_ssl_set_groups_unsupported_keyshare(void)
+static int test_ssl_set_groups_unsupported_keyshare(int idx)
{
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
int testresult = 0;
@@ -13828,6 +13828,16 @@ static int test_ssl_set_groups_unsupported_keyshare(void)
NID_ffdhe2048,
};
+ switch (idx) {
+ case 1:
+ client_groups[0] = NID_id_tc26_gost_3410_2012_512_paramSetC;
+ if (sizeof(unsigned long) == 4) {
+ return TEST_skip("SSL_CTX_set1_groups() is broken on 32-bit systems with TLS"
+ " group IDs > 0x20, see https://github.com/openssl/openssl/issues/29196");
+ }
+ break;
+ }
+
if (!TEST_true(create_ssl_ctx_pair(libctx,
TLS_server_method(),
TLS_client_method(),
@@ -14204,7 +14214,7 @@ int setup_tests(void)
if (datadir != NULL)
ADD_TEST(test_ssl_trace);
#endif
- ADD_TEST(test_ssl_set_groups_unsupported_keyshare);
+ ADD_ALL_TESTS(test_ssl_set_groups_unsupported_keyshare, 2);
return 1;
err: