Add server extension parsing
Only accept EC J-PAKE ciphersuite if extension was present and OK (single flag
for both), and ignore extension if we have no password.
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 20ee6bc..8051aed 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -2507,6 +2507,8 @@
0 \
-C "add ciphersuite: c0ff" \
-C "adding ecjpake_kkpp extension" \
+ -S "found ecjpake kkpp extension" \
+ -S "skip ecjpake kkpp extension" \
-S "ciphersuite mismatch: ecjpake not configured" \
-S "None of the common ciphersuites is usable"
@@ -2517,9 +2519,23 @@
1 \
-c "add ciphersuite: c0ff" \
-c "adding ecjpake_kkpp extension" \
+ -s "found ecjpake kkpp extension" \
+ -s "skip ecjpake kkpp extension" \
-s "ciphersuite mismatch: ecjpake not configured" \
-s "None of the common ciphersuites is usable"
+run_test "ECJPAKE: working, TLS" \
+ "$P_SRV debug_level=3 ecjpake_pw=bla" \
+ "$P_CLI debug_level=3 ecjpake_pw=bla \
+ force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
+ 1 \
+ -c "add ciphersuite: c0ff" \
+ -c "adding ecjpake_kkpp extension" \
+ -s "found ecjpake kkpp extension" \
+ -S "skip ecjpake kkpp extension" \
+ -S "ciphersuite mismatch: ecjpake not configured" \
+ -S "None of the common ciphersuites is usable"
+
# Tests for ciphersuites per version
run_test "Per-version suites: SSL3" \