OpenSSL: tidy DH and ECDH param setup

[exim.git] / test / runtest

diff --git a/test/runtest b/test/runtest
index 6f142c5406d78421516fa1e599a6614ea8e7978f..0f883e8fc1bff48d247d06f54c958b9ffa8b8ebd 100755 (executable)
--- a/test/runtest
+++ b/test/runtest
@@ -908,6 +908,9 @@ RESET_AFTER_EXTRA_LINE_READ:
   s/(TLS error on connection from .* \(SSL_\w+\): error:)(.*)/$1 <<detail omitted>>/;
   next if /SSL verify error: depth=0 error=certificate not trusted/;
 
+  # OpenSSL 3.0.0
+  s/TLS error \(D-H param setting .* error:\K.*dh key too small/xxxxxxxx:SSL routines::dh key too small/;
+
   # ======== Maildir things ========
   # timestamp output in maildir processing
   s/(timestamp=|\(timestamp_only\): )\d+/$1ddddddd/g;
@@ -1096,6 +1099,10 @@ RESET_AFTER_EXTRA_LINE_READ:
     next if /^GnuTLS<2>: added \d+ protocols, \d+ ciphersuites, \d+ sig algos and \d+ groups into priority list$/;
     next if /^GnuTLS<2>: (Disabling X.509 extensions|signing structure using RSA-SHA256)/;
     next if /^GnuTLS.*(wrap_nettle_mpi_print|gnutls_subject_alt_names_get|get_alt_name)/;
+    next if /^GnuTLS<[23]>: (p11|ASSERT: pkcs11.c|Initializing needed PKCS #11 modules)/;
+    next if /^GnuTLS<2>: Intel (AES|GCM) accelerator was detected/;
+    next if /^Added \d{3} certificate authorities/;
+    next if /^TLS: not preloading CRL for server/;
 
     # only kevent platforms (FreeBSD, OpenBSD) say this
     next if /^watch dir/;