mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
bb2e20d353
This reverts the call to update-crypto-policies in the Fedora 41 image and instead sets OPENSSL_ENABLE_SHA1_SIGNATURES in the individual tests. This allows RHEL 10 or Fedora 41 users to run the tests in question without needing to fiddle with system settings. Fixes #4035
9 lines
614 B
Text
9 lines
614 B
Text
# Fedora/RedHat have SHA1 disabled for certificate verification, re-enable it for testing by setting OPENSSL_ENABLE_SHA1_SIGNATURES=1
|
|
#
|
|
# @TEST-EXEC: OPENSSL_ENABLE_SHA1_SIGNATURES=1 zeek -b -r $TRACES/tls/tls-expired-cert.trace $SCRIPTS/external-ca-list.zeek %INPUT
|
|
# @TEST-EXEC: cat ssl.log > ssl-all.log
|
|
# @TEST-EXEC: zeek -b -C -r $TRACES/tls/missing-intermediate.pcap $SCRIPTS/external-ca-list.zeek %INPUT
|
|
# @TEST-EXEC: cat ssl.log >> ssl-all.log
|
|
# @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-x509-names | $SCRIPTS/diff-remove-timestamps" btest-diff ssl-all.log
|
|
|
|
@load protocols/ssl/validate-certs
|