Add ExpectedClientCANames

Add ExpectedClientCANames: for client auth this checks to see if the list of certificate authorities supplied by the server matches the expected value. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2969)
author: Dr. Stephen Henson <steve@openssl.org> 2017-03-15 16:07:07 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2017-03-16 18:07:19 +0000
commit: 2e21539b2b57df9926d165243efb60480f546ba7 (patch)
tree: 83a2e1fab84479ce9020147b72f70e70cec3ca63 /test/README.ssltest.md
parent: f8f16d8ea48fd331d384dad3027a925e7dc90f0b (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/test/README.ssltest.md b/test/README.ssltest.md
index a32696723d..0d6f4660cb 100644
--- a/test/README.ssltest.md
+++ b/test/README.ssltest.md
@@ -98,6 +98,10 @@ handshake.
 * ExpectedServerSignType, ExpectedClientSignType - the expected
   signature type used by server or client when signing messages
 
+* ExpectedClientCANames - for client auth list of CA names the server must
+  send. If this is "empty" the list is expected to be empty otherwise it
+  is a file of certificates whose subject names form the list.
+
 ## Configuring the client and server
 
 The client and server configurations can be any valid `SSL_CTX`
author	Dr. Stephen Henson <steve@openssl.org>	2017-03-15 16:07:07 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2017-03-16 18:07:19 +0000
commit	2e21539b2b57df9926d165243efb60480f546ba7 (patch)
tree	83a2e1fab84479ce9020147b72f70e70cec3ca63 /test/README.ssltest.md
parent	f8f16d8ea48fd331d384dad3027a925e7dc90f0b (diff)