summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2015-08-05 16:01:50 +0100
committerJeremy Harris <jgh146exb@wizmail.org>2015-08-05 16:14:36 +0100
commit0886a95e57e47c507ad3a52e3c9d3581ee7b6ddc (patch)
tree2a87213e60de78a5f00fecd1acc6ee6142e41665
parentb9f2a22f51ad7cd95e9c345d904920e351786db2 (diff)
Testsuite: Avoid requesting TLS cert-status requests from GnuTLS test utility unless wanted
-rwxr-xr-xtest/runtest3
-rw-r--r--test/scripts/5650-OCSP-GnuTLS/56503
-rw-r--r--test/src/client.c5
3 files changed, 5 insertions, 6 deletions
diff --git a/test/runtest b/test/runtest
index 1cf6aadfa..fcc7a972e 100755
--- a/test/runtest
+++ b/test/runtest
@@ -773,9 +773,6 @@ RESET_AFTER_EXTRA_LINE_READ:
s/(TLS error on connection (?:from .* )?\(SSL_\w+\): error:)(.*)/$1 <<detail omitted>>/;
- # ======== GnuTLS problems ========
- next if /OCSP unusable with this GnuTLS library version/;
-
# ======== Maildir things ========
# timestamp output in maildir processing
s/(timestamp=|\(timestamp_only\): )\d+/$1ddddddd/g;
diff --git a/test/scripts/5650-OCSP-GnuTLS/5650 b/test/scripts/5650-OCSP-GnuTLS/5650
index 9ebafb3e2..343d6af2f 100644
--- a/test/scripts/5650-OCSP-GnuTLS/5650
+++ b/test/scripts/5650-OCSP-GnuTLS/5650
@@ -94,8 +94,7 @@ exim -bd -oX PORT_D -DSERVER=server \
# Temporarily (I hope) use OpenSSL-based client, as GnuTLS is buggy and always requests (and understands)
# stapling
#
-#client-gnutls \
-client-ssl \
+client-gnutls \
HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
??? 220
ehlo rhu.barb
diff --git a/test/src/client.c b/test/src/client.c
index 251f58696..dd7df5bd6 100644
--- a/test/src/client.c
+++ b/test/src/client.c
@@ -84,6 +84,9 @@ latter needs a whole pile of tables. */
# if GNUTLS_VERSION_NUMBER >= 0x030103
# define HAVE_OCSP
# include <gnutls/ocsp.h>
+# ifndef GNUTLS_NO_EXTENSIONS
+# define GNUTLS_NO_EXTENSIONS 0
+# endif
# endif
# define DH_BITS 768
@@ -451,7 +454,7 @@ tls_session_init(void)
{
gnutls_session session;
-gnutls_init(&session, GNUTLS_CLIENT);
+gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_NO_EXTENSIONS);
gnutls_cipher_set_priority(session, default_cipher_priority);
gnutls_compression_set_priority(session, comp_priority);