tests: Test that hostnames must be matched exactly.

[tlsproxy/tlsproxy.git] / tests / tests-normal.sh

diff --git a/tests/tests-normal.sh b/tests/tests-normal.sh
index 056780fd2ca2f5711e763ebe365b1c1735cf2edb..843b246585152e8bd0381f3db411e5f3c1247da9 100755 (executable)
--- a/tests/tests-normal.sh
+++ b/tests/tests-normal.sh
@@ -54,9 +54,9 @@ test_proxy_successful
 test_invalid_certificate
 
 echo missing proxy certificate
-mv certificate-localhost-proxy.pem .pem
+mv certificate-localhost-proxy.pem certificate-www.localhost-proxy.pem
 client localhost 4712 invalid || abort 'client localhost 4712 invalid'
-mv .pem certificate-localhost-proxy.pem
+mv certificate-www.localhost-proxy.pem certificate-localhost-proxy.pem
 test_proxy_successful
 test_invalid_certificate
 
@@ -70,6 +70,7 @@ test_no_invalid_certificate
 # Stop server and try a "MITM" with a bad certificate.
 echo
 kill $pid_server || echo 'failed to kill gnutls-serv'
+sleep 3 # necessary on some systems like OpenBSD
 server_background --x509certfile "$srcdir/server-bad.pem" \
                   --x509keyfile "$srcdir/server-key.pem"
 wait_for_ports 4712
@@ -90,16 +91,16 @@ test_invalid_certificate
 tlsproxy_add localhost server.pem
 
 echo mitm missing server certificate
-mv certificate-localhost-server.pem .pem
+mv certificate-localhost-server.pem certificate-www.localhost-server.pem
 client localhost 4712 invalid || abort 'client localhost 4712 invalid'
-mv .pem certificate-localhost-server.pem
+mv certificate-www.localhost-server.pem certificate-localhost-server.pem
 test_proxy_successful
 test_invalid_certificate
 
 echo mitm missing proxy certificate
-mv certificate-localhost-proxy.pem .pem
+mv certificate-localhost-proxy.pem certificate-www.localhost-proxy.pem
 client localhost 4712 invalid || abort 'client localhost 4712 invalid'
-mv .pem certificate-localhost-proxy.pem
+mv certificate-www.localhost-proxy.pem certificate-localhost-proxy.pem
 test_proxy_successful
 test_invalid_certificate