Merge pull request #3019 from mpg/fix-ssl-opt-gnutls-no-sha1-2.16

[backport 2.16] Fix ssl-opt.sh for GnuTLS versions rejecting SHA-1
This commit is contained in:
Janos Follath 2020-02-04 11:18:30 +00:00 committed by GitHub
commit 82ebf511e9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -4071,15 +4071,8 @@ run_test "Per-version suites: TLS 1.2" \
# Test for ClientHello without extensions
requires_gnutls
run_test "ClientHello without extensions, SHA-1 allowed" \
"$P_SRV debug_level=3 key_file=data_files/server2.key crt_file=data_files/server2.crt" \
"$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \
0 \
-s "dumping 'client hello extensions' (0 bytes)"
requires_gnutls
run_test "ClientHello without extensions, SHA-1 forbidden in certificates on server" \
"$P_SRV debug_level=3 key_file=data_files/server2.key crt_file=data_files/server2.crt allow_sha1=0" \
run_test "ClientHello without extensions" \
"$P_SRV debug_level=3" \
"$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \
0 \
-s "dumping 'client hello extensions' (0 bytes)"