From ad8c607df66aac55ca6133281635513a34ef5a88 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Mon, 29 Jul 2019 15:11:53 +0200
Subject: ssl: Avoid broken ALPN/NPN renegotiation in OpenSSL

All these test work fine with current OpenSSL master
---
 lib/ssl/test/ssl_test_lib.erl | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'lib/ssl/test/ssl_test_lib.erl')

diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index 7009a628f1..9bf2393897 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -2716,3 +2716,25 @@ new_config(PrivDir, ServerOpts0) ->
 
     [{cacertfile, NewCaCertFile}, {certfile, NewCertFile},
      {keyfile, NewKeyFile} | ServerOpts].
+
+sane_openssl_alpn_npn_renegotiate() ->
+     case os:cmd("openssl version") of 
+         "LibreSSL 2.9.1" ++ _ ->
+             false;
+         "LibreSSL 2.6.4" ++ _ ->
+             false;
+         "OpenSSL 1.1.1a-freebsd" ++ _ ->
+             false;
+         _  ->
+             true
+     end.
+
+openssl_sane_dtls_alpn() ->
+    case os:cmd("openssl version") of
+        "OpenSSL 1.1.0g" ++ _ ->
+            false;
+        "OpenSSL 1.1.1a" ++ _ ->
+            false;
+        _->
+            openssl_sane_dtls()
+    end.
-- 
cgit v1.2.3