gnutls-cli-debug: fix EtM and extended master secret discovery

In particular do not set the GNUTLS_NO_EXTENSIONS flag by default,
and only enable block ciphers for the EtM check.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2 files changed, 2 insertions, 3 deletions

diff --git a/src/cli-debug.c b/src/cli-debug.c
index 26937269b7..a23fb9a189 100644
--- a/src/cli-debug.c
+++ b/src/cli-debug.c
@@ -190,7 +190,7 @@ const char *ip;
 gnutls_session_t init_tls_session(const char *host)
 {
 	gnutls_session_t state = NULL;
-	gnutls_init(&state, GNUTLS_CLIENT | GNUTLS_NO_EXTENSIONS);
+	gnutls_init(&state, GNUTLS_CLIENT);
 
 	set_read_funcs(state);
 	if (host && is_ip(host) == 0)
diff --git a/src/tests.c b/src/tests.c
index b51045f365..a38ec41789 100644
--- a/src/tests.c
+++ b/src/tests.c
@@ -87,7 +87,6 @@ static int do_handshake(gnutls_session_t session)
 
 	if (ret < 0)
 		return TEST_FAILED;
-
 	gnutls_session_get_data(session, NULL, &session_data_size);
 
 	if (sfree != 0) {
@@ -412,7 +411,7 @@ test_code_t test_etm(gnutls_session_t session)
 		return TEST_IGNORE;
 
 	sprintf(prio_str, INIT_STR
-		ALL_CIPHERS ":" ALL_COMP ":%s:" ALL_MACS
+		"+AES-128-CBC:+AES-256-CBC:" ALL_COMP ":%s:" ALL_MACS
 		":%s:" ALL_KX, rest, protocol_str);
 	_gnutls_priority_set_direct(session, prio_str);