diff options
| -rw-r--r-- | src/cli.c | 1 | ||||
| -rw-r--r-- | src/tests.c | 15 | ||||
| -rw-r--r-- | src/tests.h | 1 | ||||
| -rw-r--r-- | src/tls_test.c | 5 |
4 files changed, 20 insertions, 2 deletions
@@ -157,6 +157,7 @@ int main(int argc, char **argv) fprintf(stderr, "memory error\n"); exit(1); } + ret = gnutls_certificate_set_x509_trust_file(xcred, CAFILE, CRLFILE); if (ret < 0) { diff --git a/src/tests.c b/src/tests.c index 4555f53cbf..7f77fb70a3 100644 --- a/src/tests.c +++ b/src/tests.c @@ -302,6 +302,21 @@ int ret; return FAILED; } +int test_hello_extension( GNUTLS_STATE state) { +int ret; + ADD_ALL_CIPHERS(state); + ADD_ALL_COMP(state); + ADD_ALL_CERTTYPES(state); + ADD_ALL_PROTOCOLS(state); + ADD_ALL_MACS(state); + ADD_ALL_KX(state); + gnutls_cred_set(state, GNUTLS_CRD_CERTIFICATE, xcred); + gnutls_record_set_max_size( state, 512); + + ret = do_handshake( state); + return ret; +} + int test_version_rollback( GNUTLS_STATE state) { int ret; diff --git a/src/tests.h b/src/tests.h index 282cee3a60..938fb6d8e1 100644 --- a/src/tests.h +++ b/src/tests.h @@ -5,6 +5,7 @@ #define UNSURE -1 int test_srp( GNUTLS_STATE state); +int test_hello_extension( GNUTLS_STATE state); int test_dhe( GNUTLS_STATE state); int test_ssl3( GNUTLS_STATE state); int test_aes( GNUTLS_STATE state); diff --git a/src/tls_test.c b/src/tls_test.c index 704909e3bb..58fd834c87 100644 --- a/src/tls_test.c +++ b/src/tls_test.c @@ -83,15 +83,16 @@ static const TLS_TEST tls_tests[] = { /* this test will disable TLS 1.0 if the server is * buggy */ { "whether we need disable TLS 1.0", test_tls1_2, "no", "yes", "dunno" }, + { "whether the server can accept Hello Extensions", test_hello_extension, "yes", "no", "dunno"}, { "for anonymous authentication support", test_anonymous, "yes", "no", "dunno"}, { "for ephemeral Diffie Hellman support", test_dhe, "yes", "no", "dunno" }, - { "for SRP authentication support", test_srp, "yes", "no", "dunno" }, - { "for TLS extension - max record size", test_max_record_size, "yes", "no", "dunno" }, { "for AES cipher support", test_aes, "yes", "no", "dunno"}, { "for 3DES cipher support", test_3des, "yes", "no", "dunno"}, { "for ARCFOUR cipher support", test_arcfour, "yes", "no", "dunno"}, { "for MD5 MAC support", test_md5, "yes", "no", "dunno"}, { "for SHA1 MAC support", test_sha, "yes", "no", "dunno"}, + { "for max record size TLS extension", test_max_record_size, "yes", "no", "dunno" }, + { "for SRP authentication support (gnutls extension)", test_srp, "yes", "no", "dunno" }, { NULL } }; |