- Peter Sylvester made the HTTPS test server use specific certificates for
each test, so that the test suite can now be used to actually test the verification of cert names etc. This made an error show up in the OpenSSL- specific code where it would attempt to match the CN field even if a subjectAltName exists that doesn't match. This is now fixed and verified in test 311.
This commit is contained in:
Daniel Stenberg
38
tests/data/test311
Normal file
38
tests/data/test311
Normal file
@@ -0,0 +1,38 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTPS
|
||||
HTTP GET
|
||||
</keywords>
|
||||
</info>
|
||||
|
||||
#
|
||||
# Server-side
|
||||
<reply>
|
||||
</reply>
|
||||
|
||||
#
|
||||
# Client-side
|
||||
<client>
|
||||
<features>
|
||||
SSL
|
||||
</features>
|
||||
<server>
|
||||
https Server-localhost0h-sv.pem
|
||||
</server>
|
||||
<name>
|
||||
HTTPS wrong subjectAltName but right CN
|
||||
</name>
|
||||
<command>
|
||||
--cacert certs/EdelCurlRoot-ca.crt https://localhost:%HTTPSPORT/311
|
||||
</command>
|
||||
</client>
|
||||
|
||||
#
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<errorcode>
|
||||
51
|
||||
</errorcode>
|
||||
</verify>
|
||||
</testcase>
|
||||
Reference in New Issue
Block a user