From f1be21cf0b8b97a64dfe17f2ca05bb4b9efe8d32 Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Sun, 3 Feb 2019 22:12:48 +0000
Subject: TLS: add variables for the IETF standard name for the connection
 ciphersuite

(cherry picked from commit ffc3d145e3819e1a3762caa1bbe8b07e723fbaf2)
---
 test/runtest | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'test/runtest')

diff --git a/test/runtest b/test/runtest
index e94180414..729f88a66 100755
--- a/test/runtest
+++ b/test/runtest
@@ -544,6 +544,15 @@ RESET_AFTER_EXTRA_LINE_READ:
   s/(could not connect to .*: Connection) reset by peer$/$1 refused/;
 
   # ======== TLS certificate algorithms ========
+  #
+  # In Received: headers, convert RFC 8314 style ciphersuite to
+  # the older (comment) style, keeping only the Auth element
+  # (discarding kex, cipher, mac).  For TLS 1.3 there is no kex
+  # element (and no _WITH); insert a spurious "RSA".
+
+  s/^\s+by .+ with .+ \K tls TLS_.*?([^_]+)_WITH.+$/(TLS1.x:ke-\1-AES256-SHAnnn:xxx)/;
+  s/^\s+by .+ with .+ \K tls TLS_.+$/(TLS1.x:ke-RSA-AES256-SHAnnn:xxx)/;
+
   # Test machines might have various different TLS library versions supporting
   # different protocols; can't rely upon TLS 1.2's AES256-GCM-SHA384, so we
   # treat the standard algorithms the same.
@@ -1630,7 +1639,9 @@ $munges =
 		      s! DN="[^,"]*\K,!/!;
 		     ',
       'rejectlog' => 's/ X=TLS\S+ / X=TLS_proto_and_cipher /',
-      'mail'      => 's/ \(TLS[^)]*\)/ (TLS_proto_and_cipher)/',
+      'mail'      => 's/^\s+by .+ with .+ \K tls TLS_.+$/(TLS_proto_and_cipher)/;
+		      s/ \(TLS[^)]*\)/ (TLS_proto_and_cipher)/;
+		     ',
     },
 
     'debug_pid' =>
-- 
cgit v1.2.3