Merge pull request #5461 from gilles-peskine-arm/ssl-opt-self-signed-positive-2.28

Backport 2.28: Add positive test case with self-signed certificates
This commit is contained in:
Manuel Pégourié-Gonnard 2022-02-03 11:33:59 +01:00 committed by GitHub
commit 349a059f5f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -4329,6 +4329,21 @@ run_test "Authentication: client badcert, server required" \
# detect that its write end of the connection is closed and abort
# before reading the alert message.
run_test "Authentication: client cert self-signed and trusted, server required" \
"$P_SRV debug_level=3 auth_mode=required ca_file=data_files/server5-selfsigned.crt" \
"$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
key_file=data_files/server5.key" \
0 \
-S "skip write certificate request" \
-C "skip parse certificate request" \
-c "got a certificate request" \
-C "skip write certificate" \
-C "skip write certificate verify" \
-S "skip parse certificate verify" \
-S "x509_verify_cert() returned" \
-S "! The certificate is not correctly signed" \
-S "X509 - Certificate verification failed"
run_test "Authentication: client cert not trusted, server required" \
"$P_SRV debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \