Add tests for empty CA list in CertificateRequest, TLS 1.0 & 1.1

This commit is contained in:
Hanno Becker 2018-08-17 09:54:10 +01:00
parent eb2b15accd
commit d26bb2090f

View file

@ -801,6 +801,22 @@ run_test "RC4: both enabled" \
-S "SSL - None of the common ciphersuites is usable" \
-S "SSL - The server has no ciphersuites in common"
# Test empty CA list in CertificateRequest in TLS 1.1 and earlier
requires_gnutls
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
run_test "CertificateRequest with empty CA list, TLS 1.1 (GnuTLS server)" \
"$G_SRV"\
"$P_CLI force_version=tls1_1" \
0
requires_gnutls
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1
run_test "CertificateRequest with empty CA list, TLS 1.0 (GnuTLS server)" \
"$G_SRV"\
"$P_CLI force_version=tls1" \
0
# Tests for SHA-1 support
requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES