source: mod_gnutls/debian/patches/0001-Fix-test-16-view-status-by-changing-priority-string.patch @ 5a0744e

debian/master
Last change on this file since 5a0744e was 5a0744e, checked in by Daniel Kahn Gillmor <dkg@…>, 21 months ago

Avoid deprecated ciphersuites in test suite (Closes: #907008)

  • Property mode set to 100644
File size: 1.7 KB
RevLine 
[5a0744e]1From: Sunil Mohan Adapa <sunil@medhas.org>
2Date: Tue, 18 Sep 2018 09:41:47 -0700
3Subject: Fix test 16-view-status by changing priority string
4
5From gnutls 3.5.19 release notes:
6
7"The ciphers utilizing HMAC-SHA384 and SHA256 have been removed from the default
8priority strings. They are not necessary for compatibility or other purpose and
9provide no advantage over their SHA1 counter-parts, as they all depend on the
10legacy TLS CBC block mode."
11
12Pick a new priority string such that the cipher suite matches the default
13negotiated by gnutls 3.5.19 server and client without explicitly setting a
14priority string.
15---
16 test/tests/16_view-status/gnutls-cli.args | 2 +-
17 test/tests/16_view-status/output          | 2 +-
18 2 files changed, 2 insertions(+), 2 deletions(-)
19
20diff --git a/test/tests/16_view-status/gnutls-cli.args b/test/tests/16_view-status/gnutls-cli.args
21index aca8ac0..470925b 100644
22--- a/test/tests/16_view-status/gnutls-cli.args
23+++ b/test/tests/16_view-status/gnutls-cli.args
24@@ -1,2 +1,2 @@
25 --x509cafile=authority/x509.pem
26---priority=NONE:+VERS-TLS1.2:+AES-128-CBC:+SHA256:+RSA:+COMP-NULL:+SIGN-RSA-SHA256
27+--priority=NONE:+VERS-TLS1.2:+ECDHE-RSA:+CURVE-SECP256R1:+AES-256-GCM:+AEAD:+COMP-NULL:+SIGN-RSA-SHA1
28diff --git a/test/tests/16_view-status/output b/test/tests/16_view-status/output
29index 7786244..8bfb45a 100644
30--- a/test/tests/16_view-status/output
31+++ b/test/tests/16_view-status/output
32@@ -1,5 +1,5 @@
33 <dt>Using TLS:</dt><dd>yes</dd>
34-<dt>Current TLS session:</dt><dd>(TLS1.2)-(RSA)-(AES-128-CBC)-(SHA256)</dd>
35+<dt>Current TLS session:</dt><dd>(TLS1.2)-(ECDHE-RSA-SECP256R1)-(AES-256-GCM)</dd>
36 </dl>
37 </body></html>
38 - Peer has closed the GnuTLS connection
Note: See TracBrowser for help on using the repository browser.