aboutsummaryrefslogtreecommitdiffstats
path: root/tests/tls-verify-peer
Commit message (Collapse)AuthorAgeFiles
* libinterimap: make SSL_verify check the hostname as well.Guilhem Moulin2020-12-112
| | | | | | | | | | More precisely, ensure that the certificate Subject Alternative Name (SAN) or Subject CommonName (CN) matches the hostname or IP literal specified by the 'host' option. Previously it was only verifying the chain of trust. This bumps the minimum Net::SSLeay version to 1.83 and OpenSSL version 1.0.2.
* test suite: always generate new certificates on `make test`.Guilhem Moulin2020-12-111
| | | | | In addition, sign test certificates with the same root CA. Hence running `make test` now requires OpenSSL 1.1.1 or later.
* libinterimap: show the matching pinned SPKI in --debug mode.Guilhem Moulin2020-12-111
|
* test suite: use a RSA certificate rather than ECDSA.Guilhem Moulin2020-12-091
| | | | | | | | | It's arguably the most common use-case. Generated with $ openssl genpkey -algorithm RSA -out tests/snippets/dovecot/dovecot.rsa.key $ openssl req -x509 -days 3650 -subj "/CN=InterIMAP test suite" \ -key tests/snippets/dovecot/dovecot.rsa.key \ -out tests/snippets/dovecot/dovecot.rsa.crt
* Test suite: add new tests for SSL/TLS.Guilhem Moulin2019-11-133
SSL connections are accepted on TCP port 10993. Also, fix STARTTLS directive, broken since fba1c36…