diff options
author | Matt Caswell <matt@openssl.org> | 2017-04-26 10:38:32 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-04-26 14:31:00 +0100 |
commit | aafec89c63efeade20f1bdc8023d2bb611e419b8 (patch) | |
tree | 039547d33afe19126454203836f5fc3176f63530 /test/ssl-tests/17-renegotiate.conf | |
parent | bf846a6d47a0f94b9771ead5ce52786045e58f49 (diff) | |
download | openssl-aafec89c63efeade20f1bdc8023d2bb611e419b8.tar.gz |
Add a ciphersuite config sanity check for clients
Ensure that there are ciphersuites enabled for the maximum supported
version we are claiming in the ClientHello.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3316)
Diffstat (limited to 'test/ssl-tests/17-renegotiate.conf')
-rw-r--r-- | test/ssl-tests/17-renegotiate.conf | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/test/ssl-tests/17-renegotiate.conf b/test/ssl-tests/17-renegotiate.conf index 8376eeaf89..3f3769ff02 100644 --- a/test/ssl-tests/17-renegotiate.conf +++ b/test/ssl-tests/17-renegotiate.conf @@ -198,12 +198,12 @@ client = 6-renegotiate-aead-to-non-aead-client [6-renegotiate-aead-to-non-aead-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 Options = NoResumptionOnRenegotiation PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-renegotiate-aead-to-non-aead-client] CipherString = AES128-GCM-SHA256 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -230,12 +230,12 @@ client = 7-renegotiate-non-aead-to-aead-client [7-renegotiate-non-aead-to-aead-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 Options = NoResumptionOnRenegotiation PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-renegotiate-non-aead-to-aead-client] CipherString = AES128-SHA +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -262,12 +262,12 @@ client = 8-renegotiate-non-aead-to-non-aead-client [8-renegotiate-non-aead-to-non-aead-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 Options = NoResumptionOnRenegotiation PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [8-renegotiate-non-aead-to-non-aead-client] CipherString = AES128-SHA +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -294,12 +294,12 @@ client = 9-renegotiate-aead-to-aead-client [9-renegotiate-aead-to-aead-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 Options = NoResumptionOnRenegotiation PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [9-renegotiate-aead-to-aead-client] CipherString = AES128-GCM-SHA256 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer |