From 2e21539b2b57df9926d165243efb60480f546ba7 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 15 Mar 2017 16:07:07 +0000
Subject: Add ExpectedClientCANames

Add ExpectedClientCANames: for client auth this checks to see if the
list of certificate authorities supplied by the server matches the
expected value.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2969)
---
 test/README.ssltest.md | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'test/README.ssltest.md')

diff --git a/test/README.ssltest.md b/test/README.ssltest.md
index a32696723d..0d6f4660cb 100644
--- a/test/README.ssltest.md
+++ b/test/README.ssltest.md
@@ -98,6 +98,10 @@ handshake.
 * ExpectedServerSignType, ExpectedClientSignType - the expected
   signature type used by server or client when signing messages
 
+* ExpectedClientCANames - for client auth list of CA names the server must
+  send. If this is "empty" the list is expected to be empty otherwise it
+  is a file of certificates whose subject names form the list.
+
 ## Configuring the client and server
 
 The client and server configurations can be any valid `SSL_CTX`
-- 
cgit v1.2.3