diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2020-10-08 13:30:41 +0100 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2020-10-09 20:29:31 +0100 |
commit | dc4ab0a186edc8b270c8fa486104fabc567d25e7 (patch) | |
tree | 262e427983c15f2ae0b000c42a55a7d17c0d45eb /test | |
parent | 625cd9501315e1010ecbf8718c88c8b79ce09e94 (diff) |
FreeBSD: TLS: preload configuration items
Diffstat (limited to 'test')
-rw-r--r-- | test/confs/1103 | 1 | ||||
-rwxr-xr-x | test/runtest | 10 |
2 files changed, 8 insertions, 3 deletions
diff --git a/test/confs/1103 b/test/confs/1103 index b937ee99c..52f471b79 100644 --- a/test/confs/1103 +++ b/test/confs/1103 @@ -36,6 +36,7 @@ smtp: hosts = 127.0.0.1 allow_localhost port = PORT_D + hosts_try_fastopen = : tls_certificate = DIR/aux-fixed/cert2 tls_verify_certificates = DIR/aux-fixed/cert1 tls_verify_cert_hostnames = : diff --git a/test/runtest b/test/runtest index 8a1e46edd..84227b9d3 100755 --- a/test/runtest +++ b/test/runtest @@ -1072,12 +1072,12 @@ RESET_AFTER_EXTRA_LINE_READ: # TLS preload # only OpenSSL speaks of these - next if /^TLS: preloading DH params for server/; + next if /^TLS: preloading (DH params|ECDH curve|CA bundle) for server/; next if /^Diffie-Hellman initialized from default/; - next if /^TLS: preloading ECDH curve for server/; next if /^ECDH OpenSSL [< ]?[\d.+]+ temp key parameter settings:/; next if /^ECDH: .'*prime256v1'/; - next if /^watch dir/; + next if /^tls_verify_certificates: system$/; + next if /^tls_set_watch: .*\/cert.pem/; # TLS preload # only GnuTLS speaks of these @@ -1087,6 +1087,10 @@ RESET_AFTER_EXTRA_LINE_READ: s/^GnuTLS using default session cipher\/priority "NORMAL"$/TLS: not preloading cipher list for server/; next if /^GnuTLS<2>: added \d+ protocols, \d+ ciphersuites, \d+ sig algos and \d+ groups into priority list$/; + # only kevent platforms (FreeBSD) say this + next if /^watch dir/; + next if /^watch file .*\/usr\/local/; + # TLS preload # there happen in different orders for OpenSSL/GnuTLS/noTLS next if /^TLS: not preloading (CA bundle|cipher list) for server$/; |