aboutsummaryrefslogtreecommitdiffstats
path: root/tests/tls-rsa+ecdsa/t
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@debian.org>2020-12-11 11:46:57 +0100
committerGuilhem Moulin <guilhem@debian.org>2020-12-11 11:46:57 +0100
commitf2b70e9691adc09f6191751c2009f411199ec35d (patch)
tree9e7787f245396ffe380839e56df26e7d418c2f90 /tests/tls-rsa+ecdsa/t
parentbcb88ae0cdfa3548e3c650fd489fc49779e7235a (diff)
parenta51f2efacebbf941585809853d1adbfddc165ac2 (diff)
Merge tag 'v0.5.4' into debian/latest
Release version 0.5.4
Diffstat (limited to 'tests/tls-rsa+ecdsa/t')
-rw-r--r--tests/tls-rsa+ecdsa/t7
1 files changed, 6 insertions, 1 deletions
diff --git a/tests/tls-rsa+ecdsa/t b/tests/tls-rsa+ecdsa/t
index 29352e9..2adf930 100644
--- a/tests/tls-rsa+ecdsa/t
+++ b/tests/tls-rsa+ecdsa/t
@@ -32,6 +32,9 @@ interimap --debug || error
grep -Fx -e "remote: Peer certificate fingerprint: sha256\$$X509_SHA256" \
-e "remote: Peer certificate fingerprint: sha256\$$X509_ALT_SHA256" \
<"$STDERR" || error
+grep -Fx -e "remote: Peer certificate matches pinned SPKI digest sha256\$$PKEY_SHA256" \
+ -e "remote: Peer certificate matches pinned SPKI digest sha256\$$PKEY_ALT_SHA256" \
+ <"$STDERR" || error
# force RSA (XXX do we really have to force TLSv1.2 here?)
cat >>"$XDG_CONFIG_HOME/interimap/config" <<-EOF
@@ -40,10 +43,12 @@ cat >>"$XDG_CONFIG_HOME/interimap/config" <<-EOF
EOF
interimap --debug || error
grep -Fx "remote: Peer certificate fingerprint: sha256\$$X509_SHA256" <"$STDERR" || error
+grep -Fx "remote: Peer certificate matches pinned SPKI digest sha256\$$PKEY_SHA256" <"$STDERR" || error
# force ECDSA
-sed -i "s/^SSL_cipherlist\\s*=.*/SSL_cipherlist = EECDH+AESGCM+aECDSA/" "$XDG_CONFIG_HOME/interimap/config"
+sed -i "s/^SSL_cipherlist\\s*=.*/SSL_cipherlist = EECDH+AESGCM+aECDSA/" -- "$XDG_CONFIG_HOME/interimap/config"
interimap --debug || error
grep -Fx "remote: Peer certificate fingerprint: sha256\$$X509_ALT_SHA256" <"$STDERR" || error
+grep -Fx "remote: Peer certificate matches pinned SPKI digest sha256\$$PKEY_ALT_SHA256" <"$STDERR" || error
# vim: set filetype=sh :