Merge pull request #877 from tlsfuzzer/dsa-test-fixes

dsa-in-certificate-verify: make the 'md5+dsa forced' reliable

scripts/test-dsa-in-certificate-verify.py

@@ -12,7 +12,8 @@
 from tlsfuzzer.messages import Connect, ClientHelloGenerator, \
         ClientKeyExchangeGenerator, ChangeCipherSpecGenerator, \
         FinishedGenerator, ApplicationDataGenerator, AlertGenerator, \
-        CertificateGenerator, CertificateVerifyGenerator
+        CertificateGenerator, CertificateVerifyGenerator, TCPBufferingEnable, \
+        TCPBufferingFlush, TCPBufferingDisable
 from tlsfuzzer.expect import ExpectServerHello, ExpectCertificate, \
         ExpectServerHelloDone, ExpectChangeCipherSpec, ExpectFinished, \
         ExpectAlert, ExpectApplicationData, ExpectClose, \
@@ -30,7 +31,7 @@
 from tlsfuzzer.helpers import SIG_ALL, AutoEmptyExtension
 
 
-version = 1
+version = 2
 
 
 def help_msg():
@@ -235,13 +236,16 @@ def main():
         node = node.add_child(ExpectServerKeyExchange())
     node = node.add_child(ExpectCertificateRequest())
     node = node.add_child(ExpectServerHelloDone())
+    node = node.add_child(TCPBufferingEnable())
     node = node.add_child(CertificateGenerator(X509CertChain([cert])))
     node = node.add_child(ClientKeyExchangeGenerator())
     sig_type = (HashAlgorithm.md5, SignatureAlgorithm.dsa)
     node = node.add_child(CertificateVerifyGenerator(private_key,
                                                      msg_alg=sig_type))
     node = node.add_child(ChangeCipherSpecGenerator())
     node = node.add_child(FinishedGenerator())
+    node = node.add_child(TCPBufferingDisable())
+    node = node.add_child(TCPBufferingFlush())
     node = node.add_child(ExpectAlert())
     node.add_child(ExpectClose())
     conversations["md5+dsa forced"] = conversation