From f0d894ccbc38a0a5ab4405af5cc5516bf3b2e716 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20L=C3=BCck?= <christian@clue.engineering>
Date: Mon, 3 Jan 2022 08:17:30 +0100
Subject: [PATCH] Skip legacy TLS 1.0 tests if disabled by system

---
 tests/FunctionalSecureServerTest.php | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/tests/FunctionalSecureServerTest.php b/tests/FunctionalSecureServerTest.php
index b81be4d5..2dfe955b 100644
--- a/tests/FunctionalSecureServerTest.php
+++ b/tests/FunctionalSecureServerTest.php
@@ -174,11 +174,13 @@ public function testClientUsesTls10WhenCryptoMethodIsExplicitlyConfiguredByClien
         try {
             $client = Block\await($promise, $loop, self::TIMEOUT);
         } catch (\RuntimeException $e) {
-            if (strpos($e->getMessage(), 'no protocols available') !== false || strpos($e->getMessage(), 'routines:state_machine:internal error') !== false) {
-                $this->markTestSkipped('TLS v1.0 not available on this system');
-            }
-
-            throw $e;
+            // legacy TLS 1.0 would be considered insecure by today's standards, so skip test if connection fails
+            // OpenSSL error messages are version/platform specific
+            // […] no protocols available
+            // […] routines:state_machine:internal error
+            // SSL operation failed with code 1. OpenSSL Error messages: error:0A000438:SSL routines::tlsv1 alert internal error
+            // Connection lost during TLS handshake (ECONNRESET)
+            $this->markTestSkipped('TLS 1.0 not available on this system (' . $e->getMessage() . ')');
         }
 
         $this->assertInstanceOf('React\Socket\Connection', $client);