From 32281b98f0a9e86de91d7ed56fb62a49edffcd8d Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Sun, 7 Jul 2024 18:41:44 +0100
Subject: [PATCH 1/1] Testsuite: munge for OpenSSL 3.2.1

---
 test/runtest | 23 ++++++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/test/runtest b/test/runtest
index d3264ab82..8c58059d5 100755
--- a/test/runtest
+++ b/test/runtest
@@ -965,8 +965,12 @@ RESET_AFTER_EXTRA_LINE_READ:
   s/(TLS error on connection from .* \(SSL_\w+\): error:)(.*)/$1 <<detail omitted>>/;
   next if /SSL verify error: depth=0 error=certificate not trusted/;
 
+  # OpenSSL 3.2.1
   # OpenSSL 3.0.0
-  s/TLS error \(D-H param setting .* error:\K.*dh key too small/xxxxxxxx:SSL routines::dh key too small/;
+  s/TLS\ error\ \(D-H\ param\ setting\ .*\ error:\K
+    .*
+    (?:dh\ key\ too\ small|unknown\ security\ bits)
+   /xxxxxxxx:SSL routines::dh key too small/x;
 
   # OpenSSL 1.1.1
   s/error:\K0B080074:x509 certificate routines:X509_check_private_key(?=:key values mismatch$)/05800074:x509 certificate routines:/;
@@ -1069,10 +1073,23 @@ RESET_AFTER_EXTRA_LINE_READ:
     next if /SSL verify error: depth=0 error=certificate not trusted/;
     s/SSL3_READ_BYTES/ssl3_read_bytes/i;
     s/CONNECT_CR_FINISHED/ssl3_read_bytes/i;
-    s/^[[:xdigit:]]+:error:[[:xdigit:]]+(?:E[[:xdigit:]]+)?(:SSL routines:ssl3_read_bytes:[^:]+:).*(:SSL alert number \d\d)$/pppp:error:dddddddd$1\[...\]$2/;
+    s/^[[:xdigit:]]+:error:[[:xdigit:]]+(?:E[[:xdigit:]]+)?
+      (:SSL\ routines:ssl3_read_bytes:)
+      ssl(?:v3|\/tls)
+      ([^:]+:)
+      .*
+      (:SSL\ alert\ number\ \d\d)$
+     /pppp:error:dddddddd$1sslv3$2\[...\]$3/x;
     s/^error:\K[^:]*:(SSL routines:ssl3_read_bytes:(tls|ssl)v\d+ alert)/dddddddd:$1/;
     s/^error:\K[[:xdigit:]]+:SSL routines::(tlsv13 alert certificate required)$/dddddddd:SSL routines:ssl3_read_bytes:$1/;
-    s/^error:\K[[:xdigit:]]+:SSL routines::((tlsv1|sslv3) alert (unknown ca|certificate revoked))$/dddddddd:SSL routines:ssl3_read_bytes:$1/;
+    s/^error:\K
+      [[:xdigit:]]+:SSL\ routines::
+      ((?:tlsv1|sslv3)\ alert\ (?:unknown\ ca|certificate\ revoked))$
+     /dddddddd:SSL routines:ssl3_read_bytes:$1/x;
+    s/^error:\K
+      [[:xdigit:]]+:SSL\ routines::
+      ssl\/tls\ (alert\ (?:unknown\ ca|certificate\ revoked))$
+     /dddddddd:SSL routines:ssl3_read_bytes:sslv3 $1/x;
 
     # gnutls version variances
     next if /^Error in the pull function./;
-- 
2.30.2