--- a/tests/test-patchbomb-tls.t Fri Jul 01 17:42:55 2016 +0200
+++ b/tests/test-patchbomb-tls.t Fri Jul 01 19:27:34 2016 -0700
@@ -43,7 +43,7 @@
Our test cert is not signed by a trusted CA. It should fail to verify if
we are able to load CA certs:
-#if defaultcacerts
+#if sslcontext defaultcacerts no-defaultcacertsloaded
$ try
this patch series consists of 1 patches.
@@ -53,6 +53,35 @@
[255]
#endif
+#if no-sslcontext defaultcacerts
+ $ try
+ this patch series consists of 1 patches.
+
+
+ (?i)abort: .*?certificate.verify.failed.* (re)
+ [255]
+#endif
+
+#if defaultcacertsloaded
+ $ try
+ this patch series consists of 1 patches.
+
+
+ (?i)abort: .*?certificate.verify.failed.* (re)
+ [255]
+
+#endif
+
+#if no-defaultcacerts
+ $ try
+ this patch series consists of 1 patches.
+
+
+ abort: localhost certificate error: no certificate received
+ (set hostsecurity.localhost:certfingerprints=sha256:62:09:97:2f:97:60:e3:65:8f:12:5d:78:9e:35:a1:36:7a:65:4b:0e:9f:ac:db:c3:bc:6e:b6:a3:c0:16:e0:30 config setting or use --insecure to connect insecurely)
+ [255]
+#endif
+
$ DISABLECACERTS="--config devel.disableloaddefaultcerts=true"
Without certificates: