Allow SHA-1 in test scripts

This commit is contained in:
Gilles Peskine 2017-05-10 10:13:59 +02:00 committed by Manuel Pégourié-Gonnard
parent bc70a1836b
commit 62469d95e2
2 changed files with 14 additions and 0 deletions

View file

@ -824,6 +824,11 @@ setup_arguments()
else
M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=none key_file=none"
fi
# Allow SHA-1. It's disabled by default for security reasons but
# our tests still use certificates signed with it.
M_SERVER_ARGS="$M_SERVER_ARGS allow_sha1=1"
M_CLIENT_ARGS="$M_CLIENT_ARGS allow_sha1=1"
;;
"PSK")
@ -836,6 +841,11 @@ setup_arguments()
M_CLIENT_ARGS="$M_CLIENT_ARGS psk=6162636465666768696a6b6c6d6e6f70 crt_file=none key_file=none"
O_CLIENT_ARGS="$O_CLIENT_ARGS -psk 6162636465666768696a6b6c6d6e6f70"
G_CLIENT_ARGS="$G_CLIENT_ARGS --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70"
# Allow SHA-1. It's disabled by default for security reasons but
# our tests still use certificates signed with it.
M_SERVER_ARGS="$M_SERVER_ARGS allow_sha1=1"
M_CLIENT_ARGS="$M_CLIENT_ARGS allow_sha1=1"
;;
esac
}

View file

@ -628,6 +628,10 @@ O_CLI="$O_CLI -connect localhost:+SRV_PORT"
G_SRV="$G_SRV -p $SRV_PORT"
G_CLI="$G_CLI -p +SRV_PORT localhost"
# Allow SHA-1, because many of our test certificates use it
P_SRV="$P_SRV allow_sha1=1"
P_CLI="$P_CLI allow_sha1=1"
# Also pick a unique name for intermediate files
SRV_OUT="srv_out.$$"
CLI_OUT="cli_out.$$"