diff options
author | Daiki Ueno <ueno@gnu.org> | 2021-11-29 14:20:48 +0000 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2021-11-29 14:20:48 +0000 |
commit | d8be349fb196d569309f90f5070d7f3958128bce (patch) | |
tree | 01e4cc019a6b7520d59499b31226beabeb54f57c /tests/system-override-hash-allowlist.sh | |
parent | 155926489c0950e40355523043773a782a8d986a (diff) | |
parent | 0ecce7191dfd78387f2994253d37ed1df50d563d (diff) | |
download | gnutls-d8be349fb196d569309f90f5070d7f3958128bce.tar.gz |
Merge branch 'wip/dueno/config-allowlisting' into 'master'
priority: support allowlisting in configuration file
Closes #1172
See merge request gnutls/gnutls!1427
Diffstat (limited to 'tests/system-override-hash-allowlist.sh')
-rwxr-xr-x | tests/system-override-hash-allowlist.sh | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/tests/system-override-hash-allowlist.sh b/tests/system-override-hash-allowlist.sh new file mode 100755 index 0000000000..651a596461 --- /dev/null +++ b/tests/system-override-hash-allowlist.sh @@ -0,0 +1,41 @@ +#!/bin/sh + +# Copyright (C) 2019 Nikos Mavrogiannopoulos +# +# Author: Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +: ${builddir=.} +TMPFILE=c.$$.tmp +export GNUTLS_SYSTEM_PRIORITY_FAIL_ON_INVALID=1 + +cat <<_EOF_ > ${TMPFILE} +[global] +override-mode = allowlist + +[overrides] +secure-hash = sha384 +secure-sig = rsa-pss-sha384 +_EOF_ + +export GNUTLS_SYSTEM_PRIORITY_FILE="${TMPFILE}" + +"${builddir}/system-override-hash" +rc=$? +rm ${TMPFILE} +exit $rc |