Don't attempt to load the CT log list with no-ec

In practice, CT isn't really functional without EC anyway, as most logs use EC keys. So, skip loading the log list with no-ec, and skip CT tests completely in that conf. Reviewed-by: Rich Salz <rsalz@openssl.org>
2025-03-31 20:10:45 +08:00 · 2016-08-10 18:36:47 +02:00 · 2016-08-10 18:36:47 +02:00 · be82f7b320
commit be82f7b320
parent e86e76a6c4
2 changed files with 4 additions and 2 deletions
--- a/test/handshake_helper.c
+++ b/test/handshake_helper.c
@ -376,7 +376,8 @@ static void configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
                                              ticket_key_len) == 1);
    OPENSSL_free(ticket_keys);

-#ifndef OPENSSL_NO_CT
+    /* The default log list includes EC keys, so CT can't work without EC. */
+#if !defined(OPENSSL_NO_CT) && !defined(OPENSSL_NO_EC)
    TEST_check(SSL_CTX_set_default_ctlog_list_file(client_ctx));
    switch (extra->client.ct_validation) {
    case SSL_TEST_CT_VALIDATION_PERMISSIVE:
--- a/test/recipes/80-test_ssl_new.t
+++ b/test/recipes/80-test_ssl_new.t
@ -42,6 +42,7 @@ my $no_tls = alldisabled(available_protocols("tls"));
 my $no_dtls = alldisabled(available_protocols("dtls"));
 my $no_npn = disabled("nextprotoneg");
 my $no_ct = disabled("ct");
+my $no_ec = disabled("ec");

 my %conf_dependent_tests = (
  "02-protocol-version.conf" => !$is_default_tls,
@ -57,7 +58,7 @@ my %skip = (
  "08-npn.conf" => $no_tls || $no_npn,
  "10-resumption.conf" => disabled("tls1_1") || disabled("tls1_2"),
  "11-dtls_resumption.conf" => disabled("dtls1") || disabled("dtls1_2"),
-  "12-ct.conf" => $no_tls || $no_ct,
+  "12-ct.conf" => $no_tls || $no_ct || $no_ec,
 );

 foreach my $conf (@conf_files) {