Gitweb:
https://git.exim.org/exim.git/commitdiff/cdf0cd2e8fc4273a8c13bb2810a0fe2da16a003c
Commit: cdf0cd2e8fc4273a8c13bb2810a0fe2da16a003c
Parent: 90e30e3140041b39cb9ffb891c3b3c7e8f77f625
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Thu Nov 29 20:46:46 2018 +0000
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Thu Nov 29 20:46:46 2018 +0000
Testsuite: handle change in GnuTLS cert preference
---
test/scripts/2000-GnuTLS/2002 | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/test/scripts/2000-GnuTLS/2002 b/test/scripts/2000-GnuTLS/2002
index 4ecbf22..f15b24d 100644
--- a/test/scripts/2000-GnuTLS/2002
+++ b/test/scripts/2000-GnuTLS/2002
@@ -2,7 +2,8 @@
gnutls
exim -DSERVER=server -bd -oX PORT_D
****
-client-gnutls 127.0.0.1 PORT_D
+# Have the client prefer RSA (but support ECDSA as well). That should get us RSA on both older and newer GnuTLS.
+client-gnutls -p NONE:+SIGN-RSA-SHA256:+SIGN-ECDSA-SHA512:+VERS-TLS-ALL:+ECDHE-RSA:+DHE-RSA:+RSA:+CIPHER-ALL:+MAC-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509 127.0.0.1 PORT_D
??? 220
ehlo rhu.barb
??? 250-
@@ -25,7 +26,7 @@ This is a test encrypted message.
quit
??? 221
****
-client-gnutls 127.0.0.1 PORT_D
+client-gnutls -p NONE:+SIGN-RSA-SHA256:+SIGN-ECDSA-SHA512:+VERS-TLS-ALL:+ECDHE-RSA:+DHE-RSA:+RSA:+CIPHER-ALL:+MAC-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509 127.0.0.1 PORT_D
??? 220
ehlo rhu.barb
??? 250-
@@ -48,7 +49,7 @@ This is a test encrypted message.
quit
??? 221
****
-client-gnutls HOSTIPV4 PORT_D
+client-gnutls -p NONE:+SIGN-RSA-SHA256:+SIGN-ECDSA-SHA512:+VERS-TLS-ALL:+ECDHE-RSA:+DHE-RSA:+RSA:+CIPHER-ALL:+MAC-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509 HOSTIPV4 PORT_D
??? 220
ehlo rhu.barb
??? 250-
@@ -60,7 +61,7 @@ ehlo rhu.barb
starttls
??? 220
****
-client-gnutls HOSTIPV4 PORT_D DIR/aux-fixed/exim-ca/example.com/server2.example.com/server2.example.com.pem DIR/aux-fixed/exim-ca/example.com/server2.example.com/server2.example.com.unlocked.key
+client-gnutls -p NONE:+SIGN-RSA-SHA256:+SIGN-ECDSA-SHA512:+VERS-TLS-ALL:+ECDHE-RSA:+DHE-RSA:+RSA:+CIPHER-ALL:+MAC-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509 HOSTIPV4 PORT_D DIR/aux-fixed/exim-ca/example.com/server2.example.com/server2.example.com.pem DIR/aux-fixed/exim-ca/example.com/server2.example.com/server2.example.com.unlocked.key
??? 220
ehlo rhu.barb
??? 250-
@@ -116,7 +117,7 @@ quit
****
#
#
-# Make ECDSA authentication preferred (normally RSA is, it seems).
+# Make ECDSA authentication preferred (Older GnuTLS prefers RSA, it seems, Newer, ECDSA).
client-gnutls -p NONE:+SIGN-ECDSA-SHA512:+VERS-TLS-ALL:+KX-ALL:+CIPHER-ALL:+MAC-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509 127.0.0.1 PORT_D
??? 220
ehlo rhu.barb