From dc4ab0a186edc8b270c8fa486104fabc567d25e7 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Thu, 8 Oct 2020 13:30:41 +0100 Subject: FreeBSD: TLS: preload configuration items --- test/confs/1103 | 1 + test/runtest | 10 +++++++--- 2 files changed, 8 insertions(+), 3 deletions(-) (limited to 'test') diff --git a/test/confs/1103 b/test/confs/1103 index b937ee99c..52f471b79 100644 --- a/test/confs/1103 +++ b/test/confs/1103 @@ -36,6 +36,7 @@ smtp: hosts = 127.0.0.1 allow_localhost port = PORT_D + hosts_try_fastopen = : tls_certificate = DIR/aux-fixed/cert2 tls_verify_certificates = DIR/aux-fixed/cert1 tls_verify_cert_hostnames = : diff --git a/test/runtest b/test/runtest index 8a1e46edd..84227b9d3 100755 --- a/test/runtest +++ b/test/runtest @@ -1072,12 +1072,12 @@ RESET_AFTER_EXTRA_LINE_READ: # TLS preload # only OpenSSL speaks of these - next if /^TLS: preloading DH params for server/; + next if /^TLS: preloading (DH params|ECDH curve|CA bundle) for server/; next if /^Diffie-Hellman initialized from default/; - next if /^TLS: preloading ECDH curve for server/; next if /^ECDH OpenSSL [< ]?[\d.+]+ temp key parameter settings:/; next if /^ECDH: .'*prime256v1'/; - next if /^watch dir/; + next if /^tls_verify_certificates: system$/; + next if /^tls_set_watch: .*\/cert.pem/; # TLS preload # only GnuTLS speaks of these @@ -1087,6 +1087,10 @@ RESET_AFTER_EXTRA_LINE_READ: s/^GnuTLS using default session cipher\/priority "NORMAL"$/TLS: not preloading cipher list for server/; next if /^GnuTLS<2>: added \d+ protocols, \d+ ciphersuites, \d+ sig algos and \d+ groups into priority list$/; + # only kevent platforms (FreeBSD) say this + next if /^watch dir/; + next if /^watch file .*\/usr\/local/; + # TLS preload # there happen in different orders for OpenSSL/GnuTLS/noTLS next if /^TLS: not preloading (CA bundle|cipher list) for server$/; -- cgit v1.2.3