diff options
| author | Ingela Anderton Andin <[email protected]> | 2010-08-20 14:21:55 +0200 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2010-08-20 14:22:44 +0200 |
| commit | 2d8c9cdba0109971fe8ae7341385beecda8de7b0 (patch) | |
| tree | 55b7e5a6c7539c8de42d610d43bc929f4ab9a394 /lib/ssl/test/ssl_basic_SUITE.erl | |
| parent | b709d5626e6b7f3df869ecf7aefa5158cbbac70c (diff) | |
| parent | 60b61d948a472fc7c519bba25aefc409b28d08e8 (diff) | |
| download | otp-2d8c9cdba0109971fe8ae7341385beecda8de7b0.tar.gz otp-2d8c9cdba0109971fe8ae7341385beecda8de7b0.tar.bz2 otp-2d8c9cdba0109971fe8ae7341385beecda8de7b0.zip | |
Merge branch 'pg/fix-ssl-handshake-client-certificate' into dev
* pg/fix-ssl-handshake-client-certificate:
Fix bug in ssl handshake protocol related to the choice of cipher suites
OTP-8772
Diffstat (limited to 'lib/ssl/test/ssl_basic_SUITE.erl')
| -rw-r--r-- | lib/ssl/test/ssl_basic_SUITE.erl | 36 |
1 files changed, 35 insertions, 1 deletions
diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl index 8a1b90ed98..c42a88b02f 100644 --- a/lib/ssl/test/ssl_basic_SUITE.erl +++ b/lib/ssl/test/ssl_basic_SUITE.erl @@ -233,7 +233,8 @@ all(suite) -> server_renegotiate_reused_session, client_no_wrap_sequence_number, server_no_wrap_sequence_number, extended_key_usage, validate_extensions_fun, no_authority_key_identifier, - invalid_signature_client, invalid_signature_server, cert_expired + invalid_signature_client, invalid_signature_server, cert_expired, + client_with_cert_cipher_suites_handshake ]. %% Test cases starts here. @@ -2849,6 +2850,39 @@ two_digits_str(N) -> lists:flatten(io_lib:format("~p", [N])). %%-------------------------------------------------------------------- + +client_with_cert_cipher_suites_handshake(doc) -> + ["Test that client with a certificate without keyEncipherment usage " + " extension can connect to a server with restricted cipher suites "]; + +client_with_cert_cipher_suites_handshake(suite) -> + []; + +client_with_cert_cipher_suites_handshake(Config) when is_list(Config) -> + ClientOpts = ?config(client_verification_opts_digital_signature_only, Config), + ServerOpts = ?config(server_verification_opts, Config), + {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), + Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0}, + {from, self()}, + {mfa, {?MODULE, + send_recv_result_active, []}}, + {options, [{active, true}, + {ciphers, ssl_test_lib:rsa_non_signed_suites()} + | ServerOpts]}]), + Port = ssl_test_lib:inet_port(Server), + Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port}, + {host, Hostname}, + {from, self()}, + {mfa, {?MODULE, + send_recv_result_active, []}}, + {options, [{active, true} + | ClientOpts]}]), + + ssl_test_lib:check_result(Server, ok, Client, ok), + ssl_test_lib:close(Server), + ssl_test_lib:close(Client). + +%%-------------------------------------------------------------------- %%% Internal functions %%-------------------------------------------------------------------- send_recv_result(Socket) -> |