Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/testing/btest/scripts/policy/protocols/ssl/validate-ocsp.zeek
Arne Welzel b76a75d86e Merge remote-tracking branch 'origin/topic/awelzel/4035-btest-openssl-sha1-certs' 
* origin/topic/awelzel/4035-btest-openssl-sha1-certs:
  external/subdir-btest.cfg: Set OPENSSL_ENABLE_SHA1_SIGNATURES=1
  btest/x509_verify: Drop OpenSSL 1.0 hack
  testing/btest: Use OPENSSL_ENABLE_SHA1_SIGNATURES

(cherry picked from commit 280e7acc6e)
2025-05-19 11:18:20 -07:00

12 lines
1,008 B
Text
Raw Blame History

# Fedora/RedHat have SHA1 disabled for certificate verification, re-enable it for testing by setting OPENSSL_ENABLE_SHA1_SIGNATURES=1
#
# @TEST-EXEC: OPENSSL_ENABLE_SHA1_SIGNATURES=1 zeek -b $SCRIPTS/external-ca-list.zeek -C -r $TRACES/tls/ocsp-stapling.trace %INPUT
# @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-x509-names | $SCRIPTS/diff-remove-timestamps" btest-diff ssl.log
# @TEST-EXEC: OPENSSL_ENABLE_SHA1_SIGNATURES=1 zeek -b $SCRIPTS/external-ca-list.zeek -C -r $TRACES/tls/ocsp-stapling-twimg.trace %INPUT
# @TEST-EXEC: mv ssl.log ssl-twimg.log
# @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-x509-names | $SCRIPTS/diff-remove-timestamps" btest-diff ssl-twimg.log
# @TEST-EXEC: zeek -b $SCRIPTS/external-ca-list.zeek -C -r $TRACES/tls/ocsp-stapling-digicert.trace %INPUT
# @TEST-EXEC: mv ssl.log ssl-digicert.log
# @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-x509-names | $SCRIPTS/diff-remove-timestamps" btest-diff ssl-digicert.log
@load protocols/ssl/validate-ocsp
Reference in a new issue View git blame Copy permalink