diff options
author | Phil Pennock <pdp@exim.org> | 2012-05-17 11:17:20 -0400 |
---|---|---|
committer | Phil Pennock <pdp@exim.org> | 2012-05-17 11:17:20 -0400 |
commit | 83e2f8a2515d1cd787ac68b052f6e4539dd48752 (patch) | |
tree | 99e0b97b9a1403d3669151bdf67c5a724f7aed1d /test/runtest | |
parent | 6bf5d8f2ca7524fd63f803032cada89e54544cf3 (diff) |
Handle absent tls_require_ciphers correctly.
Fix test-suite certs to not use MD5.
Document that we do not support MD5 certs any longer.
Make test-suite generate probably-correct gnutls-params filename for us.
Diffstat (limited to 'test/runtest')
-rwxr-xr-x | test/runtest | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/test/runtest b/test/runtest index 51658b878..53516d00a 100755 --- a/test/runtest +++ b/test/runtest @@ -25,6 +25,13 @@ use Time::Local; $testversion = "4.78 (08-May-12)"; +# This gets embedded in the D-H params filename, and the value comes +# from asking GnuTLS for "normal", but there appears to be no way to +# use certtool/... to ask what that value currently is. *sigh* +# This value is correct as of GnuTLS 2.12.18. +# +$gnutls_dh_bits_normal = 2432; + $cf = "bin/cf -exact"; $cr = "\r"; $debug = 0; @@ -1578,9 +1585,10 @@ if (/^eximstats\s+(.*)/) if (/^gnutls/) { - run_system "sudo cp -p aux-fixed/gnutls-params spool/gnutls-params;" . - "sudo chown $parm_eximuser:$parm_eximgroup spool/gnutls-params;" . - "sudo chmod 0400 spool/gnutls-params"; + my $gen_fn = "spool/gnutls-params-$gnutls_dh_bits_normal"; + run_system "sudo cp -p aux-fixed/gnutls-params $gen_fn;" . + "sudo chown $parm_eximuser:$parm_eximgroup $gen_fn;" . + "sudo chmod 0400 $gen_fn"; return 1; } |