summaryrefslogtreecommitdiff
path: root/test/src
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2017-11-07 16:09:28 +0000
committerJeremy Harris <jgh146exb@wizmail.org>2017-11-07 16:09:28 +0000
commitba86e143c7aeb0d70ea4c9d73a617a98f06f6baa (patch)
tree13d8b028088d6aec1b1436dcf3ad48addaf516fd /test/src
parentea792dac9f89e1a0b396e6c8982ff04afafe91be (diff)
TLS: support multiple certificate files in server. Bug 2092
Diffstat (limited to 'test/src')
-rw-r--r--test/src/client.c37
1 files changed, 31 insertions, 6 deletions
diff --git a/test/src/client.c b/test/src/client.c
index 4ac130df2..be8b1cc0d 100644
--- a/test/src/client.c
+++ b/test/src/client.c
@@ -103,7 +103,7 @@ static int ssl_session_timeout = 200;
/* Priorities for TLS algorithms to use. */
-#if GNUTLS_VERSION_NUMBER < 0x030400
+# if GNUTLS_VERSION_NUMBER < 0x030400
static const int protocol_priority[16] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
static const int kx_priority[16] = {
@@ -125,7 +125,7 @@ static const int mac_priority[16] = {
0 };
static const int comp_priority[16] = { GNUTLS_COMP_NULL, 0 };
-#endif
+# endif
#endif /*HAVE_GNUTLS*/
@@ -133,6 +133,7 @@ static const int comp_priority[16] = { GNUTLS_COMP_NULL, 0 };
#ifdef HAVE_TLS
char * ocsp_stapling = NULL;
+char * pri_string = NULL;
#endif
@@ -454,7 +455,7 @@ gnutls_session_t session;
gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_NO_EXTENSIONS);
-#if GNUTLS_VERSION_NUMBER < 0x030400
+# if GNUTLS_VERSION_NUMBER < 0x030400
gnutls_cipher_set_priority(session, default_cipher_priority);
gnutls_compression_set_priority(session, comp_priority);
gnutls_kx_set_priority(session, kx_priority);
@@ -462,10 +463,19 @@ gnutls_protocol_set_priority(session, protocol_priority);
gnutls_mac_set_priority(session, mac_priority);
gnutls_cred_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred);
-#else
-gnutls_set_default_priority(session);
+# else
+if (pri_string)
+ {
+ gnutls_priority_t priority_cache;
+ const char * errpos;
+
+ gnutls_priority_init(&priority_cache, pri_string, &errpos);
+ gnutls_priority_set(session, priority_cache);
+ }
+else
+ gnutls_set_default_priority(session);
gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred);
-#endif
+# endif
gnutls_dh_set_prime_bits(session, DH_BITS);
gnutls_db_set_cache_expiration(session, ssl_session_timeout);
@@ -836,6 +846,10 @@ Usage: client\n"
"\
[-tls-on-connect]\n\
[-ocsp]\n"
+# ifdef HAVE_GNUTLS
+"\
+ [-p priority-string]\n"
+# endif
#endif
"\
[-tn] n seconds timeout\n\
@@ -901,6 +915,17 @@ while (argc >= argi + 1 && argv[argi][0] == '-')
}
ocsp_stapling = argv[argi++];
}
+# ifdef HAVE_GNUTLS
+ else if (strcmp(argv[argi], "-p") == 0)
+ {
+ if (argc < ++argi + 1)
+ {
+ fprintf(stderr, "Missing priority string\n");
+ exit(96);
+ }
+ pri_string = argv[argi++];
+ }
+#endif
#endif
else if (argv[argi][1] == 't' && isdigit(argv[argi][2]))