Remove twitter.com from endpoint handshake test for OpenSSL 1.0.2 (#3038

) * Remove failing endpoint * Remove twitter.com only for OpenSsl 1.0.2 * Removing twitter for all
aws · Sep 10, 2021 · 01b3c46 · 01b3c46
1 parent 8c52f6a
commit 01b3c46
Showing 1 changed file with 9 additions and 6 deletions.
diff --git a/tests/integration/s2n_client_endpoint_handshake_test.py b/tests/integration/s2n_client_endpoint_handshake_test.py
@@ -13,15 +13,13 @@
 # permissions and limitations under the License.
 #
 
+import argparse
 import os
+import subprocess
 import sys
 import time
-import socket
-import subprocess
-import itertools
-import argparse
-from s2n_test_constants import *
 
+from s2n_test_constants import *
 
 # If a cipher_preference_version is specified, we will use it while attempting the handshake;
 # otherwise, s2n will use the default. If an expected_cipher is specified, the test will pass
@@ -32,7 +30,12 @@
     {"endpoint": "facebook.com"},
     {"endpoint": "google.com"},
     {"endpoint": "s3.amazonaws.com"},
-    {"endpoint": "twitter.com"},
+    # twitter.com offers RSA certificates even when the client does not include RSA PSS
+    # in the the Signature Schemes extension. Disabling twitter for now since this prevents
+    # s2n from negotiating a handshake if the libcrypto does not support RSA PSS signature
+    # algorithms with RSA Certificates
+    # See https://github.com/aws/s2n-tls/pull/3030
+    # {"endpoint": "twitter.com"},
     {"endpoint": "wikipedia.org"},
     {"endpoint": "yahoo.com"},
 ]