commit b575b54cb9fc211b5fc03bff36d62fa138ca9d98
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Oct 24 15:12:31 2014 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Nov 05 16:00:50 2014 +0100
tree 887e3efefdc52a2cf670e5376e022a6183af114c
parent dd4592774b9f40e8068f5620ca4a801840307e00

Forbid extended master secret with SSLv3

tests/ssl-opt.sh

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index eeac11b..38bc89b 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -475,6 +475,28 @@
             -C "using extended master secret" \
             -S "using extended master secret"
 
+run_test    "Extended Master Secret: client SSLv3, server enabled" \
+            "$P_SRV debug_level=3" \
+            "$P_CLI debug_level=3 force_version=ssl3" \
+            0 \
+            -C "client hello, adding extended_master_secret extension" \
+            -S "found extended master secret extension" \
+            -S "server hello, adding extended master secret extension" \
+            -C "found extended_master_secret extension" \
+            -C "using extended master secret" \
+            -S "using extended master secret"
+
+run_test    "Extended Master Secret: client enabled, server SSLv3" \
+            "$P_SRV debug_level=3 force_version=ssl3" \
+            "$P_CLI debug_level=3" \
+            0 \
+            -c "client hello, adding extended_master_secret extension" \
+            -s "found extended master secret extension" \
+            -S "server hello, adding extended master secret extension" \
+            -C "found extended_master_secret extension" \
+            -C "using extended master secret" \
+            -S "using extended master secret"
+
 # Tests for FALLBACK_SCSV
 
 run_test    "Fallback SCSV: default" \