X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/83e2f8a2515d1cd787ac68b052f6e4539dd48752..bc9a5bcb2bfcf0d1ee282aae8a4574501634d70d:/test/runtest

diff --git a/test/runtest b/test/runtest
index 53516d00a..84bdc04dc 100755
--- a/test/runtest
+++ b/test/runtest
@@ -23,7 +23,7 @@ use Time::Local;
 
 # Start by initializing some global variables
 
-$testversion = "4.78 (08-May-12)";
+$testversion = "4.80 (08-May-12)";
 
 # This gets embedded in the D-H params filename, and the value comes
 # from asking GnuTLS for "normal", but there appears to be no way to
@@ -484,6 +484,7 @@ RESET_AFTER_EXTRA_LINE_READ:
   # So far, have seen:
   #   TLSv1:AES256-SHA:256
   #   TLSv1.2:AES256-GCM-SHA384:256
+  #   TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128
   # We also need to handle the ciphersuite without the TLS part present, for
   # client-ssl's output.  We also see some older forced ciphersuites, but
   # negotiating TLS 1.2 instead of 1.0.
@@ -493,6 +494,22 @@ RESET_AFTER_EXTRA_LINE_READ:
   s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1\.2:/$1TLSv1:/xg;
   s/\bAES256-GCM-SHA384\b/AES256-SHA/g;
 
+  # GnuTLS have seen:
+  #   TLS1.2:RSA_AES_256_CBC_SHA1:256 (canonical)
+  #   TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128
+  #
+  #   X=TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256
+  #   X=TLS1.2:RSA_AES_256_CBC_SHA1:256
+  #   X=TLS1.1:RSA_AES_256_CBC_SHA1:256
+  #   X=TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256
+  # and as stand-alone cipher:
+  #   DHE-RSA-AES256-SHA256
+  #   DHE-RSA-AES256-SHA
+  # picking latter as canonical simply because regex easier that way.
+  s/\bDHE_RSA_AES_128_CBC_SHA1:128/RSA_AES_256_CBC_SHA1:256/g;
+  s/TLS1.[012]:(DHE_)?RSA_AES_256_CBC_SHA(1|256):256/TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256/g;
+  s/\bDHE-RSA-AES256-SHA256\b/DHE-RSA-AES256-SHA/g;
+
 
   # ======== Caller's login, uid, gid, home, gecos ========