9 files changed, 459 insertions, 201 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 4c043a784d..5f18e4c7e0 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -63,7 +63,7 @@ endif
 
 noinst_LTLIBRARIES = libutils.la
 pkglib_LTLIBRARIES = 
-libutils_la_SOURCES = utils.h utils.c seccomp.c
+libutils_la_SOURCES = utils.h utils.c seccomp.c utils-adv.c
 libutils_la_LIBADD = ../lib/libgnutls.la
 
 ctests = mini-record-2 simple gc set_pkcs12_cred certder certuniqueid	\
diff --git a/tests/cert-common.h b/tests/cert-common.h
index 0b51e22e8f..d18bebe64e 100644
--- a/tests/cert-common.h
+++ b/tests/cert-common.h
@@ -384,25 +384,28 @@ const gnutls_datum_t dsa_key = { (void*)dsa_key_pem,
 
 static char ca3_cert_pem[] =
 	"-----BEGIN CERTIFICATE-----\n"
-	"MIIDYDCCAcigAwIBAgIBADANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRDQS0w\n"
-	"MCIYDzIwMTQwNDA0MTk1OTA1WhgPOTk5OTEyMzEyMzU5NTlaMA8xDTALBgNVBAMT\n"
-	"BENBLTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD46JAPKrTsNTHl\n"
-	"zD06eIYBF/8Z+TR0wukp9Cdh8Sw77dODLjy/QrVKiDgDZZdyUc8Agsdr86i95O0p\n"
-	"w19Np3a0wja0VC9uwppZrpuHsrWukwxIBXoViyBc20Y6Ce8j0scCbR10SP565qXC\n"
-	"i8vr86S4xmQMRZMtwohP/GWQzt45jqkHPYHjdKzwo2b2XI7joDq0dvbr3MSONkGs\n"
-	"z7A/1Bl3iH5keDTWjqpJRWqXE79IhGOhELy+gG4VLJDGHWCr2mq24b9Kirp+TTxl\n"
-	"lUwJRbchqUqerlFdt1NgDoGaJyd73Sh0qcZzmEiOI2hGvBtG86tdQ6veC9dl05et\n"
-	"pM+6RMABAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcE\n"
-	"ADAdBgNVHQ4EFgQUGD0RYr2H7kfjQUcBMxSTCDQnhu0wDQYJKoZIhvcNAQELBQAD\n"
-	"ggGBABHQqbXJVHxXAlfq0wOoy/11B4fhXJOxBQy1uvC8PSsZaGUJLH1P/8f+gyn0\n"
-	"oweedIG+CBMvDTlGnnDrUPZbN8K5HqPpsST9jIDsqAiFKEdi9AuN4/zAjrQq2NjN\n"
-	"ZtWIacIIRq2k7Qpk5nJn29HBKVabj/SJWuTNN8ume79IqanrMzmuou87QHr1vVOC\n"
-	"wlSvQ6osHLFBF2QJ6tbT5ZSIy4VJyjyrMt0nOQ5Gl+fLUpcpcymI3MGbEh/WJONV\n"
-	"CbvFIWdIuUb3T9EVFivMTeNJo6QxLI6vasnJJ0Jgs3yOtRZPVRx6F206EbzLiNfj\n"
-	"ozEI0j1HdJy8niNwEW0tCzVi/CS5QC/nk1/qXCffxDcGihEBzM3pFxXKQ5YJpSe2\n"
-	"GVoXfD0uDOccHcYaYbomGi2T63FJ4rG9eKPyYngjKD6aVJcOvldEeUwfYzNKbkFK\n"
-	"fsI5r+CO25C2qpVomnv7xZBomenu7F8c6RFIjYSIYTGTsgGCe20K7YrLjVErkeLG\n"
-	"1vDaOg==\n"
+	"MIID+jCCAmKgAwIBAgIIVzGgXgSsTYwwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n"
+	"AxMEQ0EtMzAgFw0xNjA1MTAwODQ4MzBaGA85OTk5MTIzMTIzNTk1OVowDzENMAsG\n"
+	"A1UEAxMEQ0EtMzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALbdxniG\n"
+	"+2wP/ONeZfvR7AJakVo5deFKIHVTiiBWwhg+HSjd4nfDa+vyTt/wIdldP1PriD1R\n"
+	"igc8z68+RxPpGfAc197pKlKpO08I0L1RDKnjBWr4fGdCzE6uZ/ZsKVifoIZpdC8M\n"
+	"2IYpAIMajEtnH53XZ1hTEviXTsneuiCTtap73OeSkL71SrIMkgBmAX17gfX3SxFj\n"
+	"QUzOs6QMMOa3+8GW7RI+E/SyS1QkOO860dj9XYgOnTL20ibGcWF2XmTiQASI+KmH\n"
+	"vYJCNJF/8pvmyJRyBHGZO830aBY0+DcS2bLKcyMiWfOJw7WnpaO7zSEC5WFgo4jd\n"
+	"qroUBQdjQNCSSdrt1yYrAl1Sj2PMxYFX4H545Pr2sMpwC9AnPk9+uucT1Inj9615\n"
+	"qbuXgFwhkgpK5pnPjzKaHp7ESlJj4/dIPTmhlt5BV+CLh7tSLzVLrddGU+os8Jin\n"
+	"T42radJ5V51Hn0C1CHIaFAuBCd5XRHXtrKb7WcnwCOxlcvux9h5/847F4wIDAQAB\n"
+	"o1gwVjAPBgNVHRMBAf8EBTADAQH/MBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GA1Ud\n"
+	"DwEB/wQFAwMHBgAwHQYDVR0OBBYEFPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqG\n"
+	"SIb3DQEBCwUAA4IBgQBhBi8dXQMtXH2oqcuHuEj9JkxraAsaJvc1WAoxbiqVcJKc\n"
+	"VSC0gvoCY3q+NQvuePzw5dzd5JBfkoIsP5U6ATWAUPPqCP+/jRnFqDQlH626mhDG\n"
+	"VS8W7Ee8z1KWqnKWGv5nkrZ6r3y9bVaNUmY7rytzuct1bI9YkX1kM66vgnU2xeMI\n"
+	"jDe36/wTtBRVFPSPpE3KL9hxCg3KgPSeSmmIhmQxJ1M6xe00314/GX3lTDt55UdM\n"
+	"gmldl2LHV+0i1NPCgnuOEFVOiz2nHAnw2LNmvHEDDpPauz2Meeh9aaDeefIh2u/w\n"
+	"g39WRPhU1mYvmxvYZqA/jwSctiEhuKEBBZSOHxeTjplH1THlIziVnYyVW4sPMiGU\n"
+	"ajXhTi47H219hx87+bldruOtirbDIslL9RGWqWAkMeGP+hUl1R2zvDukaqIKqIN8\n"
+	"1/A/EeMoI6/IHb1BpgY2rGs/I/QTb3VTKqQUYv09Hi+itPCdKqamSm8dZMKKaPA0\n"
+	"fD9yskUMFPBhfj8BvXg=\n"
 	"-----END CERTIFICATE-----\n";
 
 static char ca3_key_pem[] =
@@ -456,8 +459,8 @@ const gnutls_datum_t ca3_cert = { (void*)ca3_cert_pem,
 
 static char cli_ca3_cert_pem[] =
 	"-----BEGIN CERTIFICATE-----\n"
-	"MIIEHzCCAoegAwIBAgIIVyG4kiR7VLIwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n"
-	"AxMEQ0EtMDAgFw0xNjA0MjgwNzE1MzFaGA85OTk5MTIzMTIzNTk1OVowFjEUMBIG\n"
+	"MIIEPzCCAqegAwIBAgIIVzGiRh5+VCgwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n"
+	"AxMEQ0EtMzAgFw0xNjA1MTAwODU2MzlaGA85OTk5MTIzMTIzNTk1OVowFjEUMBIG\n"
 	"A1UEAxMLVGVzdCBjbGllbnQwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB\n"
 	"gQDhAB7O8se421OVNBKfW81pgGtnn4LNLz+0HYvkb7BbLdiqqqHWQH6BxY30W2q/\n"
 	"bUHVaBFa2OufitMmDGX6iAuIuAshnqIb9h7U84UrHFVhjE9cjuykBhoJbr/5CNL/\n"
@@ -467,18 +470,18 @@ static char cli_ca3_cert_pem[] =
 	"GpSNznLe9se1rZeDn/PHRf8UHr2PYpmyBSaSVhUUb217tS1JUODPdTr153XoBQvE\n"
 	"2oAXYsaG4gQjn7g+KRdv5DFo7H+HDUG0SozMsxs2mEgtI8FEj42lNnY8JJ50axDP\n"
 	"GyCez+JosHurUAisotRCVWnL4k19q5irO+Uw1fAxqg1BkN/2g6gWR1M/k/y3+AaT\n"
-	"auUCAwEAAaN2MHQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcDAjAP\n"
-	"BgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBRdXorh31ji3Vx07Tm7u9jZMbKBajAf\n"
-	"BgNVHSMEGDAWgBQYPRFivYfuR+NBRwEzFJMINCeG7TANBgkqhkiG9w0BAQsFAAOC\n"
-	"AYEATOwassPHaWyIHVwSVfRjqivtgC5ZDZOllmPCl11j3ml2u4X2E5bsILXI/Tb3\n"
-	"i2Kd1G/NXI+ITSzAot7jY2HC1Q8i8bjZFJaks7Dk+R4/Ozh0ZWw70hLFCcbnC/8/\n"
-	"WCeOxQYKhoZIrN3I6Yl3Ls2+yRnUyOgF67rq5tj7a+FOO2RMjoP1WrtzHG0pQwzb\n"
-	"yuF6LztHh7ZE7y2fBkWOvSiMgTyd0I4UjaS8WSbWIAj6N4CKFkSwUdc0DU6QqEbA\n"
-	"gIU0JpnM3rMumSxDLa2BInW/8iY1YEl5MAGWzrb0RNEDxEkrAR1t+QVhBK2nzJkh\n"
-	"4KUaKOqR1kD2ROSipndXz/lmlNteCBKwHSgmCJNJDXwDyyHGh4HA/FMb35f+1Yfa\n"
-	"8EUwTIsYEartB+dWn7Wl1sSAbrbz1pCejxI4Z27r154Blho1G31e8XdJM+XJmV3C\n"
-	"dc0NdLNVapvVCuCIaefQf3KFeeFXAZv62HSoKHNRaGVt6PnGOjEq3qdbQlceIyZF\n"
-	"N6A1\n"
+	"auUCAwEAAaOBlTCBkjAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMC\n"
+	"MBwGA1UdEQQVMBOBEWhlbGxvQGV4YW1wbGUub3JnMA8GA1UdDwEB/wQFAwMHgAAw\n"
+	"HQYDVR0OBBYEFF1eiuHfWOLdXHTtObu72NkxsoFqMB8GA1UdIwQYMBaAFPmohhlj\n"
+	"tqQUE2B2DwGaNTbv8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQA/eaenR+0i8lTpzQlJ\n"
+	"djl5CZfeY11oH3WH7rM6dDaBaZjz7VIG1ETBByMy/B+2hXOlBGGkbGwtKO01sAH8\n"
+	"B91UOXvPkxIyofrhEBuGOQ3oN3eyAO48JxT9v6LSgzd82LPhtGErMbFkm/pFBjl4\n"
+	"F0bBKdMEoPsV/hHnIswkLpefaZ9po5eOrihC3oYPoHhuizSfIn0kzmvyPElduBBN\n"
+	"OcMPY26XF9tPSa3LKXA0UJo4mhpiVrWh9jbKLquaD+n/qKKV3mS++oytn4d2gdB6\n"
+	"dcrQTNY74U7bUXutRqDNNlrAxIQ7Qh+stAiZ7CCm143GQBESRiqqKFpxdvVhpwDL\n"
+	"H/buEo9I6ikYpwPAyIPfL9iMg13M/6NHg0s7C9psv0lInDCS2nFJG8L1Qp0Z6/Wt\n"
+	"9yEjTuCSyfEdk/1Ar/jaAkKcdXRFptQuLtqFHYaBmXrWPqK4b6H0vKhvOUhXliZc\n"
+	"0b7e0ldn20vEIdN3Qnoxf+7QVayrzKd7irovD8Xdg+R/E3s=\n"
 	"-----END CERTIFICATE-----\n";
 
 static char cli_ca3_key_pem[] =
@@ -530,33 +533,6 @@ const gnutls_datum_t cli_ca3_cert = { (void*)cli_ca3_cert_pem,
 	sizeof(cli_ca3_cert_pem)
 };
 
-static char server_ca3_cert_pem[] =
-	"-----BEGIN CERTIFICATE-----\n"
-	"MIIEHzCCAoegAwIBAgIIVyG5MAKg0A4wDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n"
-	"AxMEQ0EtMDAgFw0xNjA0MjgwNzE4MDhaGA85OTk5MTIzMTIzNTk1OVowFjEUMBIG\n"
-	"A1UEAxMLVGVzdCBzZXJ2ZXIwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIB\n"
-	"gQDZPXiZqiz3wLuz+B4ZnJuCphLEX7k15NcpamL3+9ea4gXyfeFSHbSaihPauBUc\n"
-	"DMVbL/wfkhxYiJRCX7wqHIkJK4En5aEzSDDa6pI/CI5lSbiXdNDGbFLh5b8Guvhf\n"
-	"zyy8lDjFNNy3abkfU270tnzFY5mkYwYgjuN/RgPqh0b8McT+xUeN9x4PuSXXmMC1\n"
-	"r3v7y4JuMxE8ZzGDhW2aQK5Is6QYv0WELS5hVvB8GdP5XQwTJw4HH5i/YES7TENV\n"
-	"2RByzRY8hFQ9SbK5YHHGoszVJIlIuxm5v8N2Ig1cW6t7t3HnuZbDYRDCERMiEigB\n"
-	"z8vEZZyFsMLg5Z7JiNKSG/f+ER9CzDJXHgxBctV9EEc2KmRT1P9JeI/xZUOl9lKl\n"
-	"jc+t8m0Um3Asx5duWm4tcZm7FecnaJiTXD/tEG64qTKWtDuoI7+X9MjHe5lvf2gI\n"
-	"JT3CoKW24Rn6O1fc9oCCnVAi0V6FLM4XaG50X9NC666RVEFkXih8THA1gC9m9NJM\n"
-	"rD0CAwEAAaN2MHQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAP\n"
-	"BgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBQzneEn04vV/OsF/LXHgWlPXjvZ1jAf\n"
-	"BgNVHSMEGDAWgBQYPRFivYfuR+NBRwEzFJMINCeG7TANBgkqhkiG9w0BAQsFAAOC\n"
-	"AYEAFCY8NhmFgy7wWKlaU06i9CcP37BOM43c3F23wOuQ2cwxVLXCToYo92lwNMuW\n"
-	"B+nN6TDgAahB7dh9Hpkz1swWDzcflm4Ckcd5EVP7mJZx07rWwl7InSsYZ5sUtVuZ\n"
-	"Pkoum8bNaqfHZ6wnO3hyvp/68lhnwSc12c1ZjdFwDArbQY4jvwnAXNPWiV6XmHIe\n"
-	"fUH8m9oacKHDGVY0PpZy+0ehO3KSzrBdv6zRSSiI+gdyRzjDI6vjbj3z+afddnWT\n"
-	"asdnr8RLwpUaidB7MYAf3Ajnuacez/pZ9TVhNnMoN9DqHgY70kULC5sjK0joYj1d\n"
-	"5YqmNJF4F5zcff3i0Jo4Dpmj0NTMAHz1HlftTjGrQf17CQdev4QxVQSoSaASf4XO\n"
-	"nZHnn1YseYvmVV/FGLJ4/wgyl6Kqla+Dwy0+jB3GsVNL0CfdBQtPDoYYhffb238R\n"
-	"AqnDX/ymatC2YqqY7sq4LXd37gh0Us/Wxr5wN3RETo6/qPN9HiBVN/1vYGvhTpUL\n"
-	"PBwN\n"
-	"-----END CERTIFICATE-----\n";
-
 static char server_ca3_key_pem[] =
 	"-----BEGIN RSA PRIVATE KEY-----\n"
 	"MIIG5AIBAAKCAYEA2T14maos98C7s/geGZybgqYSxF+5NeTXKWpi9/vXmuIF8n3h\n"
@@ -602,10 +578,70 @@ const gnutls_datum_t server_ca3_key = { (void*)server_ca3_key_pem,
 	sizeof(server_ca3_key_pem)
 };
 
-const gnutls_datum_t server_ca3_cert = { (void*)server_ca3_cert_pem,
-	sizeof(server_ca3_cert_pem)
+/* shares server_ca3 key */
+static char server_localhost6_ca3_cert_pem[] =
+	"-----BEGIN CERTIFICATE-----\n"
+	"MIIEMDCCApigAwIBAgIIVzGhKhP99McwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n"
+	"AxMEQ0EtMzAgFw0xNjA1MTAwODUxNTVaGA85OTk5MTIzMTIzNTk1OVowADCCAaIw\n"
+	"DQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmqLPfAu7P4Hhmcm4KmEsRf\n"
+	"uTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+SHFiIlEJfvCociQkrgSfl\n"
+	"oTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU03LdpuR9TbvS2fMVjmaRj\n"
+	"BiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4zETxnMYOFbZpArkizpBi/\n"
+	"RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyEVD1JsrlgccaizNUkiUi7\n"
+	"Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWwwuDlnsmI0pIb9/4RH0LM\n"
+	"MlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSbcCzHl25abi1xmbsV5ydo\n"
+	"mJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbhGfo7V9z2gIKdUCLRXoUs\n"
+	"zhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQABo4GcMIGZMAwGA1UdEwEB\n"
+	"/wQCMAAwIwYDVR0RBBwwGoIKbG9jYWxob3N0NoIMd3d3Lm5vbmUub3JnMBMGA1Ud\n"
+	"JQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFDOd4SfT\n"
+	"i9X86wX8tceBaU9eO9nWMB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv8bSv\n"
+	"MA0GCSqGSIb3DQEBCwUAA4IBgQBeG1Mj+13pX+4qcbZIlcLqsrRjCFeF/3XpbL7f\n"
+	"bUNaa+DYOOKy8d8/PHpS5uZHxwYOOK13+YOGr8hFBbXiGtl4uKbCmPd23kMfUzbI\n"
+	"iTuu0DvuENtl6zjY44bjuXxhg9vBC3b2CygF8IWOHuXSVCgNMLzMDEA71uOzpgAT\n"
+	"OQv+oDAURkWwMZWsGyb30YdoYb2QCqRLdMtVdoGkWq9CniE8rgHmrggSxkdCSOSY\n"
+	"rPwjCCwCxXQqtZMvZYUws+vrXvPOvZHauQFhvuw6EHV62lQnY9JD8nqtimwuskWw\n"
+	"hgcyhy4hgvmx7MRF1E+dc/lWSvNSHS6u8n4cTsHeHv2IOPl87y2jXR5lEoMItjZf\n"
+	"D9B6K0w488yvj1+aheV0mbQDMgR0pzWOVH0oJ6RCM1AFgNU+7/d9ztqBusYJhuL7\n"
+	"/MT4qYlyaZ3OzkIcD2kfmPLfX6FV5FCfVfNvKeCwvctisKsuJZ1/CIsjpoYJk7uu\n"
+	"YeI3wIhmivXBor8p5hUzrWqT2y0=\n"
+	"-----END CERTIFICATE-----\n";
+
+const gnutls_datum_t server_ca3_localhost6_cert = { (void*)server_localhost6_ca3_cert_pem,
+	sizeof(server_localhost6_ca3_cert_pem)-1
 };
 
+/* shares server_ca3 key */
+static char server_localhost_ca3_cert_pem[] =
+	"-----BEGIN CERTIFICATE-----\n"
+	"MIIEITCCAomgAwIBAgIIVzGhBTuLU+swDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n"
+	"AxMEQ0EtMzAgFw0xNjA1MTAwODUxMThaGA85OTk5MTIzMTIzNTk1OVowADCCAaIw\n"
+	"DQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANk9eJmqLPfAu7P4Hhmcm4KmEsRf\n"
+	"uTXk1ylqYvf715riBfJ94VIdtJqKE9q4FRwMxVsv/B+SHFiIlEJfvCociQkrgSfl\n"
+	"oTNIMNrqkj8IjmVJuJd00MZsUuHlvwa6+F/PLLyUOMU03LdpuR9TbvS2fMVjmaRj\n"
+	"BiCO439GA+qHRvwxxP7FR433Hg+5JdeYwLWve/vLgm4zETxnMYOFbZpArkizpBi/\n"
+	"RYQtLmFW8HwZ0/ldDBMnDgcfmL9gRLtMQ1XZEHLNFjyEVD1JsrlgccaizNUkiUi7\n"
+	"Gbm/w3YiDVxbq3u3cee5lsNhEMIREyISKAHPy8RlnIWwwuDlnsmI0pIb9/4RH0LM\n"
+	"MlceDEFy1X0QRzYqZFPU/0l4j/FlQ6X2UqWNz63ybRSbcCzHl25abi1xmbsV5ydo\n"
+	"mJNcP+0QbripMpa0O6gjv5f0yMd7mW9/aAglPcKgpbbhGfo7V9z2gIKdUCLRXoUs\n"
+	"zhdobnRf00LrrpFUQWReKHxMcDWAL2b00kysPQIDAQABo4GNMIGKMAwGA1UdEwEB\n"
+	"/wQCMAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMB\n"
+	"MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFDOd4SfTi9X86wX8tceBaU9eO9nW\n"
+	"MB8GA1UdIwQYMBaAFPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqGSIb3DQEBCwUA\n"
+	"A4IBgQAAS3T2uhrGl99HErgOFyGLX6c/+moBjJDtMckBW8T3ajxOHzw7XI6I821a\n"
+	"MPVXaXXHmnTUFhAHZrjpn5UYIwEJUaimtCviumHcK0h/yWnHdbxs+aglu66aJ5V0\n"
+	"uvPdtLNBtS1y3SryTtskbZ3RPjHiON+brrVH0KcoT+t92T3CDtv0r37k92QKZlRK\n"
+	"K/wnqTOBUEhvpSztFai5vPy8QWv/RSHb2vFZeJkdiXybcedmLLmp56rWbzzCvfzj\n"
+	"mfOAFD0oGD8BTDTz55IrAfMvth7OYVqF0Se530c1GRxZwqYrEcfDJAc8QqfnYzkR\n"
+	"6KRXCVCbJ5CKi3grTzqcAJYsy9sxE2afaa/hh/XnMwYtHgIE1xfrcDnnBuNyYWHZ\n"
+	"GJaVdRTPtaRXUAJZtGLpy6SBEWGMP7wyhoFdbA3IWYbfypyM/t/LpQHtLzM3N7s8\n"
+	"oXG/Pucnsyp8fJ3LEJW0STMsWBoPPdfJFdTxK5i+bcmKq3OFPIGfXgw1Jf5vGfgM\n"
+	"MTK0U84=\n"
+	"-----END CERTIFICATE-----\n";
+
+#define server_ca3_cert server_ca3_localhost_cert
+const gnutls_datum_t server_ca3_localhost_cert = { (void*)server_localhost_ca3_cert_pem,
+	sizeof(server_localhost_ca3_cert_pem)-1};
+
 static char unknown_ca_cert_pem[] =
 	"-----BEGIN CERTIFICATE-----\n"
 	"MIID4DCCAkigAwIBAgIIVyG62RARjncwDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE\n"
@@ -637,96 +673,76 @@ const gnutls_datum_t unknown_ca_cert = { (void*)unknown_ca_cert_pem,
 
 static const char server_ca3_pkcs12_pem[] =
 	"-----BEGIN PKCS12-----\n"
-	"MIIQvwIBAzCCEIcGCSqGSIb3DQEHAaCCEHgEghB0MIIQcDCCBOcGCSqGSIb3DQEH\n"
-	"BqCCBNgwggTUAgEAMIIEzQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIGlbZ\n"
-	"V1qak5wCAhTsgIIEoLClLTWuG7yxoUp9Jw34KHHgK5jun/kkUN8RcUDDCOWUsuJG\n"
-	"HPV9TPAG2LpS39Leg+Uo4NpTTUp8RVnbo2I+jR9Bl/cL6zqG0Y+bpaGKsFwZqYQu\n"
-	"wbKctXL/yJhPKJ13paJB2W6kvU05KbC/6Zq69zYxfMkm0fPGnruGBenMUYbP/BKM\n"
-	"6xXmqztGCMHrh9dGyGsGTWN9rJgmNkA/Hh77uIkBdliJHFoS1Rbw7uNbV+3vQcoN\n"
-	"i66aaZa7SftoudwOOGCLCAY9wz34d2Ni8xLfO9PasqtjkXTAllXqEmh0IzK6E63W\n"
-	"VUIp/Ea2312LZQ4kkUKm4MzpRpDoOJf2tAUHHbpsSLLBzPUGP8pOZKp73OzQR+PW\n"
-	"eJhY7sbRcI11qfRD9hteEMEOHU1gJ2dBka7HHvg2bMMArKbtZ3C8Dw6iU42b37xv\n"
-	"+tKtZrZNYILE4sVTy2bwhupraMkScv90Z4fIfuCZEdzlIaP73CTjp6pe2AqEBKBR\n"
-	"h+zf/VhonEsoaCSrQ2Ew5BWk1JjBAyHj2WS8vuhrGvqP/k0k0f5Ji0xoqOW9yM6q\n"
-	"clsfVswsaWR8FuYxKfsuD3styPxW1nHPKET2tWVwSX7WQEwyfSjNAj4EqQGcukpr\n"
-	"3+bgLJciZxLCmNbXAouZKSO05tH5aLPENclXoeuT4ODn5Hzfjd/xT3wnXPNZN+3+\n"
-	"+a87CClzqOG892q2mGGOpTmcuDwy20XHiM47hpxIavOn/jKBYH+zJ5GpYV8B4AkD\n"
-	"WfwnAlPFFZ3Af9Xrc+TpYJ2TE7FRG9Y5XWymhGGkvpyxif8n+QyZAn31lPIiGNPH\n"
-	"1qcWUmF446wQv9jpbuQswAjQNX4vzTGezPVLLZg/n1dDzzCvG4pDGFqyU7iwjCuh\n"
-	"vLH+Zuk/3fGMyvXgNj89xZQIqfclWT2AvFOTclTqylz6Toe/zj45rixZ3bFG8hME\n"
-	"UuEVs3Bz2qRz+JdMSu33qQ4SRUNIePqSMRD8q5aVbZmenNXQtciszBTofSvd8qsu\n"
-	"S7LaiX3M+VVOxyQaB9c6Ely9hrFNT24iarHFEk5ZYgpUToBTLUDEBqfWr0AhZHCB\n"
-	"RwTdP4WFmAaOC2/ZINSQE0bxGqo79lyPP0Ysp2dpPxjlAYX0myccuqnBo0rLtV/7\n"
-	"Sl/9xNj1I7T9qhWzC/WvAjnrlxp4QYgcCLiRe6TaDO1qP47khRyAaxIbLPwYQ6cJ\n"
-	"TDDu1x9iYTCntmRu5pbzokcpajMIepHVzI7FbpLh2BK/fVFTgHKp5XmemLyN5A47\n"
-	"itZvz89gxp6304nqW2z8JpKZ/RDCHyA/6H+PwgvnrAmS+hDKJ58OksfRESlyN619\n"
-	"k9rHtzBoYIlwkhf29pYCaWZ6KWJlgsTG6FKXej6fC7Q94hPkXJRez8Pd8MJR6X+x\n"
-	"XdYbmGVOSEEujg8Ak4Zf+caQ8iawuHTeMr7h2WNr7xH06Ddw12J4t0LdRKDECMJS\n"
-	"C9Jb/tICcjJVxKt4QBlXmy2s2R9i2BUkcyPwUNdE6VORBazQ5sXzOGOcl2ef0OHF\n"
-	"PpE0P9esuXUs9MOqfEe3FnsgFiNjUdPKH5q8mrDDTDGs46RcnJOCwtv6YFrqMIID\n"
-	"3wYJKoZIhvcNAQcGoIID0DCCA8wCAQAwggPFBgkqhkiG9w0BBwEwHAYKKoZIhvcN\n"
-	"AQwBAzAOBAis+k2GAXZlEQICFLWAggOYF7BBapV1GKPSkJeC9dgjEL6AdreDBCyh\n"
-	"LOHoMUKf9AVH4XzgkAtsa1FAomHQscfQKGe3G6vaSi2ugZ0qduasoPlQjldBy+ml\n"
-	"m7QcBh/0p72XcsC6t6se7UcmWvrnp3Nk3rwAQdeOCMVJvljFq0a+83XcZ8a6XuH2\n"
-	"7O0EjUQVWfo1cn6ZFo8l6dBuNNPc32XLwdcIXuPTnScGsxZawufbAprbK/yEf3Dn\n"
-	"IN4POP5KlNdTcv6ko7eGfr2fsOLkDwXWdy42D+oMVc3dj6XTH74FgYv5z8GyELFT\n"
-	"r8mcSKUsbSHVXcUigv9KMDJ+bMzM9feNhiTzEr45OfGDLgBHLsqCcbhpJeN/rpv5\n"
-	"1/KKHIRJmO9GU5Qvk97+1MZr3+PDCqJK4qhiIJhvOKfnYAf9ToSat7lHVdFa6ToH\n"
-	"JK2E7YaFXaMUNii/ZeDZ1n4WcPSkvLJscVk8AhG3emXja96EmJs5aWkKzcJ0ihLX\n"
-	"vDehuZ7JFBNesHrKcC0IM1KhHCkSd/ijcAG+LOmbdl5KMx0KOepJHIkDrpFfiwwq\n"
-	"GkANh9u9FIhqvXjDCtmUkp8mI38FBcAtN1X6cQjy1BzPfyecazA5vkzt6CGKalK6\n"
-	"lTEQjmEftu782r+WhpRw/a7fBM5BDN7QVrvequOtbWRgwFg9xjsSGGw8syO90DxU\n"
-	"aundXXXfgCvqIIWxciQZ57Cvno88TWPpQCrBZ3XZD/Ajr4PTI+Spe6olJlnskOFW\n"
-	"MYRrcHQuuH1N/NUVZCxBqOwh7A53TCGoTnCOeU9l4UHTIP1MOsf29G8dCo9RGcrU\n"
-	"sRx2vgkifOkomUY3+qfjwwipyqWZbuH64ewCbpprPqI7/PVVS+tKqLpLvFJqFrEp\n"
-	"wPlm+7QlbNUnQSaJ6wIav1Z2VKeeu5BewW9BbHjyadrxYOz893ttBZc3ExewX5Uh\n"
-	"lPJXj5CXV5tojUJdvDnXNLsFMn+0ksY3i8xAQpeQJsnrYao0k14w14UGhCgylusl\n"
-	"Z+ogDuWySxyknp/lUN/gE1DbRfZs5o+meg5sMD1DNxeJHPrweB8jT4xKqI0MBYy/\n"
-	"7zkA/BcN6XYhxMXRSwA7f5NUxmUMrOvbLA9GyGj+Mx0/8YFdKr3WbugzD+c1A1kD\n"
-	"hzNgkuM2Qgy13MiEmPp0XAPwr0F3bqjgzL13zgfl1XnR0/U5I0kVnAnw1aa6Cckj\n"
-	"UM2wnEmBYkRhnqA3avOXngrOHuVVJV3lj1Kqu2MaXfYwggeeBgkqhkiG9w0BBwGg\n"
-	"ggePBIIHizCCB4cwggeDBgsqhkiG9w0BDAoBAqCCBy4wggcqMBwGCiqGSIb3DQEM\n"
-	"AQMwDgQIQjy2fTdgBPACAhQkBIIHCIB73qFkUGPoMG34/S4Vm/MdLEOwZDDdeOZJ\n"
-	"Nr8xTnWWAg1Txjxo67TTzx2p/knFsMdqcJBXfKOBu0aK8+wy/EbTtXNB545fuDxD\n"
-	"a8lPJWIVU1zYR69DE2AGJibatwPLO35u1mQ6+NMclCpM838CqFfFdQVdqtrlBFdM\n"
-	"Yxwzxt4rJ/uSxhi7dnjU6UH2w25/feLrcCLLbnLMo68HSqmwyg6hoTc5bmUu02j2\n"
-	"eSvy9cFR2M9kZluli7SFiHysbjlHQD2ahBJM0KEICjIdKkH2D4Qn2mWs+myzCLwA\n"
-	"9yfBxEnRYosBFYLcBc41thruTNKjj+GoZpqfkfNX4gqxBjMjl6+eIW/fVOxSDVTO\n"
-	"U1BVb58kdKOQnxVovXrd3LCYQIHxMfHu3MxzG9jc/5p89qZV7UJLsC2yNxlnq4+L\n"
-	"gXPjEdMhSxr7dteWcqSXlZLZj29KRplo04ZoTVyrfIxi8gEBkuql5uMJrf9TPeNA\n"
-	"f/Lfasfm95IiujD4RQPlxacUAZSAkKtKG85gvopoiAPiAT6+8igVD6WS1jdKTuY8\n"
-	"+Zo4N4s/uK6Ey5ck+EpOF+pCrHkIQdGhqLN/CFRxYTogpDBwdmgbv4IBeKEOE5jZ\n"
-	"jxd9RZvenwumYM5VZjj+SnJ4OoRVO8ZqdbIFWJ71bvuk4e1OnnyDqnsDPkG0Y/zc\n"
-	"drrMWL6MjfrbefanOE8idnyXwqeEuEhktYkW1Pqn57/ckR+ugx1VLhUmOkKYakbo\n"
-	"HGdWibIjY/MxsD+83y/x+QT0avN168GpaSd2mNyktUlpH+wuaUj1jZJIl4/mEnpq\n"
-	"NNkZrDtwwla7iUcwUApVvQli3FAiNYq1ieqpxmz/YPB2Ge9OEVSW4liHro+bPpmZ\n"
-	"h+S2mzkAesDM/nYAWzRFxsK6C0du2wOHh2IgRjwl1w1aoxrKaw8NYUJwFuFRyiIf\n"
-	"7/cxfQW9PlIQwwkZ/gBM0q6rDZEbPnO0vuwisV01HUnJ8eeVbunlwRTZDE0BZpCx\n"
-	"yY7ZG24n0nogQnFsIADT86KhxyOsS6+UKYbYeyQ44ZIakkMTVA1zdb7wMEWT0v93\n"
-	"KVXQ3oYyoLrdgAWHVAVjVshuNyL0w7toOa6IbuM3FUZQG94A6HQs5mNQUXoBncA7\n"
-	"F8iVTB16YHyhWRLZrpUVNhOmx9+sZ6mK4Ll2+XJ0sZhCdCNtDtnrb7KPMHeWK3We\n"
-	"jsdUB48/Wc6WN2tX9CquUXFqHBgY/pHxFG8gNw5+OEpM3OXdPFdMjTFfcUzz5sbs\n"
-	"iNC9AWgCsINv+MV7qg3m/prNNgrwrMkOtsxHYKwJAZqlc3Y9XVzKfGlNIK9KfbKA\n"
-	"3VoQenbNV1dst1Nrxl4vuNvbm5II8XDl8bkHWuS1snbxELRLFOSZlYsIw3Yw4sbZ\n"
-	"V/qqJix11yhpWRrW3/TdxEvEp5MZVuciJp6CS8rNpdAvzSenDQ8XfA2mLXNY5NgM\n"
-	"NOvBc/XBi9QqGJo20DCeKrOtYXbo7dsVDJrJqRdZT4ftoQQvK22uBW6CmO5cUGkE\n"
-	"8fP/9Ym5yJEFrHNROsbUqfp+KPPaoVuUNsJDor3evcdAHKOSDldPfbmBLV7sFNEP\n"
-	"33p5ejwvszAaJEWRf48Y2fRKzfbkyDPYO+5we9XaKhcRvbp6NR0EQl1JLFw2/1nn\n"
-	"lmDVMc/XJGL6VE7rmM79vTxq4C7YSzWcD+2FM9nWrzweYEKtleHOPdjl2vOziNu0\n"
-	"f396VtmEho8BHV80A06j+GYlENzodfjsTtcFycCGS3j1dvnBJitD//jqX0p56YsL\n"
-	"vCjCnn0Isl9WXvooC63ntf2jdcP0xwbQbKEYB0v4ai17AM99WFbzMnw4Hk79MvcE\n"
-	"85THHdQSceJhFGXhku6MUuWIU1CjTByiiaBZirtBS0da3s2RfyChHlAnMW1vQXRl\n"
-	"2388E8B3+VCLzfOYqflW983xCzCQONBn6pPQkTIE4y7LyQphZVIWOklqV4HDqSM9\n"
-	"Nd8u6Lgub6vrEH8qN3ExsmA/zb8uKr82PaXq+TB0KIOixy3ynjWRdVPAvF+ASmR+\n"
-	"whTJxkfH5mRO1/0/kgtSH/J37HtkAQC7OAUMycdrEC8r2+TKk/CMV00UIEzfCEo1\n"
-	"kfdSiRB+oBDStE1TJ8X6l0slr7BUNjuinU3Waq5FtybC2cI6MkGq0Dj+1qQflqs6\n"
-	"eT2SM8MN2v/9ktqDqGqWGuIByxMHJTRcithOhdClCfj2VYWQsp4L6lWtE5EDgEbG\n"
-	"d3UjaRGUPH58peE3vOziC1sruMN9hEbQU1JYRWerQlBYjt2RAHuSzQhSbu3GKJNV\n"
-	"1KVDTxVxIpuTcdqKenGTJvA79TPnM/fCVbwgW18DAUhFruqgfCTU8EVMLgqDecnR\n"
-	"v4YzX3weMpYuhnPqhcOkgImvRJv7C0b/yjV/0ctW0uQxtTD8nAN0wmQyCfY4RTFC\n"
-	"MBsGCSqGSIb3DQEJFDEOHgwAcwBlAHIAdgBlAHIwIwYJKoZIhvcNAQkVMRYEFDOd\n"
-	"4SfTi9X86wX8tceBaU9eO9nWMC8wHzAHBgUrDgMCGgQUSrnTiqr47JA4mCEpQDQX\n"
-	"JMU7QdMECJJR3+yAuOeDAgIoAA==\n"
+	"MIINAAIBAzCCDMgGCSqGSIb3DQEHAaCCDLkEggy1MIIMsTCCBPcGCSqGSIb3DQEH\n"
+	"BqCCBOgwggTkAgEAMIIE3QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIZf8h\n"
+	"dWt3jYQCAhR5gIIEsDYZE567naoZuAymtn/M3ML4kR817j0chfbqja51b8BdXnk+\n"
+	"ZXjSEqgO0LWUuwlJNtyCe8bWxl8Tx6FUKKh+ul0elVzn12vko4sfJT48YjCrDm03\n"
+	"rYYl2sd5vKGRCegDpQtT2nCJYn0NPrlZggsewmP4uDHrSPV+VZu4pL4GM3nKyg7V\n"
+	"cA3xG68blXUXKuil9woL+Yd3TFI66XKaRFRi+k6xXeAn9mOMYhUE9/tLRKOVPdOy\n"
+	"OITn3dhBqXr/zcywUHVkrWLeFd9ODJ2qZmkEp/yJznoshne+hbjU3qt+4pUwCAnb\n"
+	"k8SAqcn4cOl2FM29Wk6LmcBLqDGvYXO6zeeXd2Ln+0iseyWRWt0xWo9KiqbZYEN0\n"
+	"7Eq2J8QG030a4JplVI2dgw907/pWcNNdz9LgnYF1wH7+GcpGPSPBzFM4n+dn3hRz\n"
+	"WFQMhpOjdcfJhA8f1A52SmAA6xgR+XCcqqSdcUAosv+z1nIVfDnnnxMmXq4uoVDj\n"
+	"44vf9pCsOKN+AL+DW2OAdDT7yxHk/aIWElmf7/iJzyihzky+8+GTCY6DQ7chbrVw\n"
+	"/sQ4F2OhZLMe1RggEmnEpwDz07mfR/qzySF4ssosY0K3rlO4qKEwQ9Jy6igQ+BMC\n"
+	"erbrN1yFskDK50BmvI3gv59z4ZTf+xL2Vx2Z0ZXmOKbfbYTITxOtyS/aYR9PaUXz\n"
+	"Y7Lgp0MeOx7BhooheASLasEnSsZEj/3HX/LJEJ4UHFQQ3mRn4wqD9duRJo/2sQJ5\n"
+	"9J6Fv6oWkgQ0KU5snZMVHi9OvGY5GUaMoDhL/ZsbhM9U1mW8v6QYOPf1ZQGxXSSv\n"
+	"Ehpkr2B5+/0JIYCaGwnBDw9Ggmtw5qbYXa37hAtas0eNDXndnqfr/3scjU0SIxjs\n"
+	"Ot027t2nSvls3NZ41Rmh381NF2LsoPWt1NWIZLaX1OBj8xuTh7QNWmgHbA6UWwhA\n"
+	"oxKUVC0Lbg0eYXC8nejaswNSclk9yIQJuT+P7Aj1dU42lsBOvTAUTQc4GHZtzO4J\n"
+	"ewy88nZLPgvO9W5KhcBTX8dfmWO/ItSl0ze0fxXOtfMMgF2QH1IoSz84gUG2Kjkf\n"
+	"hS1EOCeQ4meHciI4/v5S5aA2ZYdwTwgHyz6Z7a/6MgK9Nuh3doX7cdOqYCJVxbKa\n"
+	"ro/Zp8jVldSBRTfdgu6zmwVQJGtsur5SM+I+wVeFw+9+g6GkYGWqkNPeFAGHHX0H\n"
+	"gcGxloS5t4rbnC5g9Q3EEU6XpEVwPYQSrtV2U2uu/9ijYPmU60VciFfx26wLnQiw\n"
+	"gXJQkG7U584jWaX4mbx7nk/XKeQkNi3jX31xa/xx8VTP3NfE+44lNsn+ArLZtqAn\n"
+	"Zml54SnHTfPfYTsApDbcji+RyXj/L5IDP99kLTSHF8gAUkqAl3vkzI5jRPzZ8BuN\n"
+	"l529NDLhPZ57SBO4OJP9AuMJG62qiahMg3l34zej/2q/MsLlP8JXbjn8nDa0j8HB\n"
+	"Jgdz6QNj3fklJEvGaZ7HLKsbCxk4f2Qb02pIgEMN0+VUphmU8LUR7T7cej0mKXeT\n"
+	"JNBtQK3LE5riVgW7rPHGkcO8CD3PIshmaDt9CeUQMwo6SNVJcpFfKixwR9uHhNk4\n"
+	"1PGUD5Dk3S9JYy0C2jCCB7IGCSqGSIb3DQEHAaCCB6MEggefMIIHmzCCB5cGCyqG\n"
+	"SIb3DQEMCgECoIIHLjCCByowHAYKKoZIhvcNAQwBAzAOBAhIMXotmNiA5QICFPkE\n"
+	"ggcIsF73w/XBwRjSD6+0aYpzcEpgkIfACXekV/3S83CygZlXgqyxrWw0MR+ZfYC9\n"
+	"66AkSW26XdSjXnmdAyGgVjPxsmb8v5GT9ZwTLuKbUGUOweGTUvZlxwie0Pkry2vX\n"
+	"XXep5apVxBICituydeFkZLaGgeISgOqoCd9sCL2qKDo+bWD/WUc8feNJtBqrmXhO\n"
+	"N0R0tP7GF8q5j4oily5jbR9bZtorL6w2xlfXEzydAndrxclHZ4IlND56WDYvNTpN\n"
+	"EpUNddshpR5Opm8ED9KEaNVcdgVUQzP9epNczEvnb4NVyQrKfp9bcCDoscmNVNsc\n"
+	"WF8jYeZmz3S3iRhL6wkEihkLnMy7AXVgUEGRyvumM+qw8BlQlb7jyZpHw8wwZPAv\n"
+	"xCzgpMfJ6Ec17tJ6FoyY+pgx1xFntFv/S9Za1xcTtcKZx7m3VGneElK9uAV9oAbW\n"
+	"Otx+OliKbcCGit2vjXv3ev/K4T8NyQ2RDZL5A7/JarczHsX9Ju0JLta1+Nmf8Ayc\n"
+	"figqPF3LTrGewI94wLvqw3l7oFK2m2BmG4Sp1dHGjNdNsnZ3wkDG+jqPX7O2zJlt\n"
+	"i35x9xlzAvUAWk/MC1hZpuP48N/hOYMryIcM9Xs0TW+JcfpgmszEKTVNlx3zOP+Z\n"
+	"mtCKFH5ZoUTmBslUeWbwP8t3KMUPfj/B+T9gm/UV1yx9wy1/d4iPeixHO2dbs/KV\n"
+	"34i8X5++HHOyoksWkYhoSVPg1WaD7kQPj3uuCl7Y7zRCCu24fTiNupJwsTt6gjwA\n"
+	"uDedwk9KUaNx2AsmcwJOHENEr7ecXFlL00ULuTvS8haqSX7sbzIlpbqTPHL5oxmB\n"
+	"WAswCPHJg5NHnMc2yGhgGb/2WZEjQ47CCumYKiqkur9GtVfEeIJbUyNk2klwEKSl\n"
+	"qS452GHVBlsHjTzSkyzb+igqU6uy0S75sf1tYPMLP/FZ+xnqnNMAoBpWg1AKHDdj\n"
+	"JC3FbzLNNtmqQ1c9YNgllgRp9qu2z+XCRBLdChRfjm2E/CywwmchahrFv2LeeDSW\n"
+	"eUlJsNAvW0EO2xM0jGETwUhRIkGTxnjGwY8GvL4v7/lj23Tcrw4aZiw8XEDnKXMV\n"
+	"nHeOE9d/kJXru/bhGl90VbHCFJbyIwV32tl8NiClx0P5z4uAm5w9NiQ4gqVLyHem\n"
+	"nYeUF1r0nlHkTR2CubXe4OnczD80r3AEYRJjFfC+GmYIzflcctayzuwWoda8Hrcd\n"
+	"aT4arrzHe43/I6WajAcL+9oV5owdP9bksvZSwqgEFJuF9+zDttoncQHeS4MhHogc\n"
+	"HxqoTkMGlddogUQWim+ujY94b08Ov8mIEjzXbOm2Ts2LwFzAm/E+duBBX9E3E9g9\n"
+	"TBDYvY2NsnQsRlLNs8+g+sDa9LZTppqtKo7JED9atgTITiKYpkoqmipObE2vAl83\n"
+	"Nc2JarRzeYkt4iyyZN3pkmEKQa4KvWL+bCpZ6Vueb+uts8HCIHAuExGD8rC3GMwg\n"
+	"KCbULQ2R4gQK5HSvoFb4dGoFiouv810mvbY3RLlDEWlmvZ8IIVZ955ureae62si1\n"
+	"cgsVlqswrmlD5gdDyNNKW+A5saTDJ1eMuyS7+2TEXNXlJo88W5qb2CR4C5dG7thE\n"
+	"Kbrr1KuEq61ipq86sLnZkV1VveRodf9B5NOsTOOEmIBk0gfRd3jGWxCfFDyOnq1M\n"
+	"win67CkpkodFvwyjes8yiTHtHkpp63FocuJJflwi9JOWh8eAzLlHTQP+2qV72KIX\n"
+	"vDPJz6pCo6Houen71MfpSoAEJ7ITREyFZrdH0iebW5nheMJn7r0zlKBqyqivkjCh\n"
+	"CUQj4c+CJiG3SXU0Rb1kAllhyeW65+Mw1wXszLuVZjFjLP+pV/w3vvQQQ+vR87vK\n"
+	"2W4np13fSZUaqBl3aLtzoyZMEivudtGkSzmZ2s+wxqozh1hkjowMH7PPkpTufila\n"
+	"68OD5csm4cV0Sa2WWD1chZ+qRrbrThZ5aSN9C4ixHA1NE+8OGYCPutHOO/jeg5Dx\n"
+	"ygjRowOHuuh666LYjUj9ZGslsJPLrS8UCpBnCvkGVshP3pf8DwrZd5ixS515DlyL\n"
+	"CFfsl0sIVrKC/RLbj8GDuGNi2EppDs3WusfDVB0UM3fI7BaZtsBTLISaYfJtc970\n"
+	"2+lmOgZQfalECCXeNRo5eAfO+QVEiuGBIQP5k+ityKXsuHqN5aming2/3X1QR7Gr\n"
+	"kHNepPIqf+4CwhTE5Gn88dpP2RLvS1Cj0XHsLYxZkDcOXC4DmMgH2OqLi7N/Mrnm\n"
+	"51o64JEbpNTQKSjOkQd9ew6bouSM+ehgnV4Hi75SZZ/oa5/EJYn6v2fEcAxd4/9X\n"
+	"3XWlLsMQktQzaXiWm6Aj6iH0xspgqaJsSkV+pDq/VLDIF9E6Sh3yH3P1GZVZIuwJ\n"
+	"6TfJ5DQnIja2UqrU90xBgDBiqrKgHZPQVo+ZMVYwIwYJKoZIhvcNAQkVMRYEFDOd\n"
+	"4SfTi9X86wX8tceBaU9eO9nWMC8GCSqGSIb3DQEJFDEiHiAAcwBlAHIAdgBlAHIA\n"
+	"LQBsAG8AYwBhAGwAaABvAHMAdDAvMB8wBwYFKw4DAhoEFNkQm49TDWC2lR1GyKaU\n"
+	"wVWVn1UTBAjIzPZeicMLMAICKAA=\n"
 	"-----END PKCS12-----\n";
 
 const gnutls_datum_t server_ca3_pkcs12 = { (void*)server_ca3_pkcs12_pem,
diff --git a/tests/set_x509_key.c b/tests/set_x509_key.c
index 7af5e5eae3..2b6dbdb23b 100644
--- a/tests/set_x509_key.c
+++ b/tests/set_x509_key.c
@@ -38,6 +38,7 @@
 #endif
 #include <unistd.h>
 #include <assert.h>
+#include <time.h>
 #include <gnutls/gnutls.h>
 #include <gnutls/abstract.h>
 #include <gnutls/x509.h>
@@ -54,7 +55,16 @@ static void tls_log_func(int level, const char *str)
 	fprintf(stderr, "<%d>| %s", level, str);
 }
 
-void doit(void)
+static time_t mytime(time_t * t)
+{
+	time_t then = 1461671166;
+	if (t)
+		*t = then;
+
+	return then;
+}
+
+static void basic(void)
 {
 	gnutls_certificate_credentials_t x509_cred;
 	gnutls_pcert_st pcert_list[16];
@@ -68,6 +78,8 @@ void doit(void)
 	 */
 	global_init();
 
+	gnutls_global_set_time_function(mytime);
+
 	gnutls_global_set_log_function(tls_log_func);
 	if (debug)
 		gnutls_global_set_log_level(6);
@@ -117,6 +129,8 @@ void doit(void)
 		exit(1);
 	}
 
+	test_cli_serv(x509_cred, "NORMAL", &ca_cert, "localhost");
+
 	gnutls_certificate_free_credentials(x509_cred);
 
 	gnutls_global_deinit();
@@ -124,3 +138,85 @@ void doit(void)
 	if (debug)
 		success("success");
 }
+
+static void auto_parse(void)
+{
+	gnutls_certificate_credentials_t x509_cred;
+	gnutls_pcert_st pcert_list[16];
+	gnutls_privkey_t key;
+	gnutls_pcert_st second_pcert;
+	gnutls_privkey_t second_key;
+	unsigned pcert_list_size;
+	int ret;
+
+	/* this must be called once in the program
+	 */
+	global_init();
+
+	gnutls_global_set_time_function(time);
+
+	gnutls_global_set_log_function(tls_log_func);
+	if (debug)
+		gnutls_global_set_log_level(6);
+
+	assert(gnutls_certificate_allocate_credentials(&x509_cred)>=0);
+	assert(gnutls_privkey_init(&key)>=0);
+
+	pcert_list_size = sizeof(pcert_list)/sizeof(pcert_list[0]);
+	ret = gnutls_pcert_list_import_x509_raw(pcert_list, &pcert_list_size,
+		&server_ca3_localhost_cert, GNUTLS_X509_FMT_PEM, 0);
+	if (ret < 0) {
+		fail("error in gnutls_pcert_list_import_x509_raw: %s\n", gnutls_strerror(ret));
+	}
+
+	ret = gnutls_privkey_import_x509_raw(key, &server_ca3_key, GNUTLS_X509_FMT_PEM, NULL, 0);
+	if (ret < 0) {
+		fail("error in key import: %s\n", gnutls_strerror(ret));
+	}
+
+	ret = gnutls_certificate_set_key(x509_cred, NULL, 0, pcert_list,
+				pcert_list_size, key);
+	if (ret < 0) {
+		fail("error in gnutls_certificate_set_key: %s\n", gnutls_strerror(ret));
+		exit(1);
+	}
+
+	/* set the ECC key */
+	assert(gnutls_privkey_init(&second_key)>=0);
+
+	pcert_list_size = 1;
+	ret = gnutls_pcert_list_import_x509_raw(&second_pcert, &pcert_list_size,
+		&server_ca3_localhost6_cert, GNUTLS_X509_FMT_PEM, 0);
+	if (ret < 0) {
+		fail("error in gnutls_pcert_list_import_x509_raw: %s\n", gnutls_strerror(ret));
+	}
+
+	ret = gnutls_privkey_import_x509_raw(second_key, &server_ca3_key, GNUTLS_X509_FMT_PEM, NULL, 0);
+	if (ret < 0) {
+		fail("error in key import: %s\n", gnutls_strerror(ret));
+	}
+
+	ret = gnutls_certificate_set_key(x509_cred, NULL, 0, &second_pcert,
+				1, second_key);
+	if (ret < 0) {
+		fail("error in gnutls_certificate_set_key: %s\n", gnutls_strerror(ret));
+		exit(1);
+	}
+
+	test_cli_serv(x509_cred, "NORMAL", &ca3_cert, "localhost"); /* the DNS name of the first cert */
+	test_cli_serv(x509_cred, "NORMAL", &ca3_cert, "localhost6"); /* the DNS name of ECC cert */
+	test_cli_serv(x509_cred, "NORMAL", &ca3_cert, "www.none.org"); /* the DNS name of ECC cert */
+
+	gnutls_certificate_free_credentials(x509_cred);
+
+	gnutls_global_deinit();
+
+	if (debug)
+		success("success");
+}
+
+void doit(void)
+{
+	basic();
+	auto_parse();
+}
diff --git a/tests/set_x509_key_file.c b/tests/set_x509_key_file.c
index 3661da5eb9..35affc480d 100644
--- a/tests/set_x509_key_file.c
+++ b/tests/set_x509_key_file.c
@@ -34,6 +34,15 @@
 #include "cert-common.h"
 #include "utils.h"
 
+static time_t mytime(time_t * t)
+{
+	time_t then = 1461671166;
+	if (t)
+		*t = then;
+
+	return then;
+}
+
 static void compare(const gnutls_datum_t *der, const void *ipem)
 {
 	gnutls_datum_t pem = {(void*)ipem, strlen((char*)ipem)};
@@ -64,6 +73,7 @@ void doit(void)
 
 	global_init();
 	assert(gnutls_certificate_allocate_credentials(&xcred) >= 0);
+	gnutls_global_set_time_function(mytime);
 
 	/* this will fail */
 	ret = gnutls_certificate_set_x509_key_file2(xcred, certfile, keyfile,
@@ -107,6 +117,8 @@ void doit(void)
 
 	remove(certfile);
 
+	test_cli_serv(xcred, "NORMAL", &ca_cert, "localhost"); /* the DNS name of the first cert */
+
 	gnutls_certificate_free_credentials(xcred);
 	gnutls_global_deinit();
 }
diff --git a/tests/set_x509_key_file_der.c b/tests/set_x509_key_file_der.c
index 454ca4beec..c4d28fa2ef 100644
--- a/tests/set_x509_key_file_der.c
+++ b/tests/set_x509_key_file_der.c
@@ -92,8 +92,8 @@ void doit(void)
 	assert(get_tmpname(certfile)!=NULL);
 	assert(get_tmpname(keyfile)!=NULL);
 
-	write_der(certfile, "CERTIFICATE", (char*)server_cert_pem);
-	write_der(keyfile, "RSA PRIVATE KEY", (char*)server_key_pem);
+	write_der(certfile, "CERTIFICATE", (char*)server_localhost_ca3_cert_pem);
+	write_der(keyfile, "RSA PRIVATE KEY", (char*)server_ca3_key_pem);
 
 	ret = gnutls_certificate_set_x509_key_file2(xcred, certfile, keyfile,
 						    GNUTLS_X509_FMT_DER, NULL, 0);
@@ -107,11 +107,13 @@ void doit(void)
 		exit(1);
 	}
 
-	compare(&tcert, server_cert_pem);
+	compare(&tcert, server_localhost_ca3_cert_pem);
 
 	remove(certfile);
 	remove(keyfile);
 
+	test_cli_serv(xcred, "NORMAL", &ca3_cert, "localhost"); /* the DNS name of the first cert */
+
 	gnutls_certificate_free_credentials(xcred);
 	gnutls_global_deinit();
 }
diff --git a/tests/set_x509_key_mem.c b/tests/set_x509_key_mem.c
index 672ac0f325..32df0a4ef8 100644
--- a/tests/set_x509_key_mem.c
+++ b/tests/set_x509_key_mem.c
@@ -41,6 +41,7 @@
 #include <gnutls/x509.h>
 
 #include "utils.h"
+#include "cert-common.h"
 
 /* Test for memory allocations in a non-matching key-cert pair loading.
  *
@@ -51,43 +52,6 @@ static void tls_log_func(int level, const char *str)
 	fprintf(stderr, "<%d>| %s", level, str);
 }
 
-static unsigned char cert_pem[] =
-    "-----BEGIN CERTIFICATE-----\n"
-    "MIICHjCCAYmgAwIBAgIERiYdNzALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n"
-    "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTI3WhcNMDgwNDE3MTMyOTI3WjAdMRsw\n"
-    "GQYDVQQDExJHbnVUTFMgdGVzdCBjbGllbnQwgZwwCwYJKoZIhvcNAQEBA4GMADCB\n"
-    "iAKBgLtmQ/Xyxde2jMzF3/WIO7HJS2oOoa0gUEAIgKFPXKPQ+GzP5jz37AR2ExeL\n"
-    "ZIkiW8DdU3w77XwEu4C5KL6Om8aOoKUSy/VXHqLnu7czSZ/ju0quak1o/8kR4jKN\n"
-    "zj2AC41179gAgY8oBAOgIo1hBAf6tjd9IQdJ0glhaZiQo1ipAgMBAAGjdjB0MAwG\n"
-    "A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg\n"
-    "ADAdBgNVHQ4EFgQUTLkKm/odNON+3svSBxX+odrLaJEwHwYDVR0jBBgwFoAU6Twc\n"
-    "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n"
-    "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n"
-    "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n"
-    "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n";
-const gnutls_datum_t cert = { cert_pem, sizeof(cert_pem) - 1};
-
-static unsigned char key_pem[] =
-    "-----BEGIN RSA PRIVATE KEY-----\n"
-    "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n"
-    "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n"
-    "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n"
-    "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n"
-    "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n"
-    "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n"
-    "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n"
-    "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n"
-    "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n"
-    "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n"
-    "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n"
-    "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n"
-    "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n"
-    "-----END RSA PRIVATE KEY-----\n";
-
-const gnutls_datum_t key = { key_pem,
-	sizeof(key_pem) - 1
-};
-
 void doit(void)
 {
 	gnutls_certificate_credentials_t x509_cred;
@@ -103,8 +67,8 @@ void doit(void)
 
 	gnutls_certificate_allocate_credentials(&x509_cred);
 
-	ret = gnutls_certificate_set_x509_key_mem(x509_cred, &cert,
-					    &key,
+	ret = gnutls_certificate_set_x509_key_mem(x509_cred, &cli_cert,
+					    &server_key,
 					    GNUTLS_X509_FMT_PEM);
 	if (ret != GNUTLS_E_CERTIFICATE_KEY_MISMATCH) {
 		fail("error in error code\n");
@@ -117,14 +81,25 @@ void doit(void)
 	gnutls_certificate_allocate_credentials(&x509_cred);
 	gnutls_certificate_set_flags(x509_cred, GNUTLS_CERTIFICATE_SKIP_KEY_CERT_MATCH);
 
-	ret = gnutls_certificate_set_x509_key_mem(x509_cred, &cert,
-					    &key,
+	ret = gnutls_certificate_set_x509_key_mem(x509_cred, &server_ca3_localhost6_cert,
+					    &server_ca3_key,
+					    GNUTLS_X509_FMT_PEM);
+	if (ret < 0) {
+		fail("error in error code\n");
+		exit(1);
+	}
+
+	ret = gnutls_certificate_set_x509_key_mem(x509_cred, &server_ca3_localhost_cert,
+					    &server_ca3_key,
 					    GNUTLS_X509_FMT_PEM);
 	if (ret < 0) {
 		fail("error in error code\n");
 		exit(1);
 	}
 
+	test_cli_serv(x509_cred, "NORMAL", &ca3_cert, "localhost");
+	test_cli_serv(x509_cred, "NORMAL", &ca3_cert, "localhost6");
+
 	gnutls_certificate_free_credentials(x509_cred);
 
 	gnutls_global_deinit();
diff --git a/tests/set_x509_pkcs12_key.c b/tests/set_x509_pkcs12_key.c
index 794d0e628d..4ef8239503 100644
--- a/tests/set_x509_pkcs12_key.c
+++ b/tests/set_x509_pkcs12_key.c
@@ -95,10 +95,12 @@ void doit(void)
 		exit(1);
 	}
 
-	compare(&tcert, server_ca3_cert_pem);
+	compare(&tcert, server_localhost_ca3_cert_pem);
 
 	remove(certfile);
 
+	test_cli_serv(xcred, "NORMAL", &ca3_cert, "localhost"); /* the DNS name of the first cert */
+
 	gnutls_certificate_free_credentials(xcred);
 	gnutls_global_deinit();
 }
diff --git a/tests/utils-adv.c b/tests/utils-adv.c
new file mode 100644
index 0000000000..5e8ccb9896
--- /dev/null
+++ b/tests/utils-adv.c
@@ -0,0 +1,151 @@
+/*
+ * Copyright (C) 2008-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Author: Simon Josefsson, Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * GnuTLS is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuTLS is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GnuTLS; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+#include <gnutls/gnutls.h>
+#include "utils.h"
+#include "eagain-common.h"
+
+const char *side = NULL;
+
+void
+test_cli_serv(gnutls_certificate_credentials_t server_cred, const char *prio,
+              const gnutls_datum_t *ca_cert, const char *host)
+{
+	int exit_code = EXIT_SUCCESS;
+	int ret;
+	/* Server stuff. */
+	gnutls_session_t server;
+	int sret = GNUTLS_E_AGAIN;
+	/* Client stuff. */
+	gnutls_certificate_credentials_t clientx509cred;
+	gnutls_session_t client;
+	int cret = GNUTLS_E_AGAIN;
+
+	/* General init. */
+	reset_buffers();
+
+	/* Init server */
+
+	gnutls_init(&server, GNUTLS_SERVER);
+	gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE,
+			       server_cred);
+	gnutls_priority_set_direct(server, prio, NULL);
+	gnutls_transport_set_push_function(server, server_push);
+	gnutls_transport_set_pull_function(server, server_pull);
+	gnutls_transport_set_ptr(server, server);
+
+	/* Init client */
+	ret = gnutls_certificate_allocate_credentials(&clientx509cred);
+	if (ret < 0)
+		exit(1);
+
+	ret = gnutls_certificate_set_x509_trust_mem(clientx509cred, ca_cert, GNUTLS_X509_FMT_PEM);
+	if (ret < 0)
+		exit(1);
+
+	ret = gnutls_init(&client, GNUTLS_CLIENT);
+	if (ret < 0)
+		exit(1);
+
+
+	assert(gnutls_server_name_set(client, GNUTLS_NAME_DNS, host, strlen(host))>=0);
+
+	ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE,
+			       clientx509cred);
+	if (ret < 0)
+		exit(1);
+
+	gnutls_priority_set_direct(client, prio, NULL);
+	gnutls_transport_set_push_function(client, client_push);
+	gnutls_transport_set_pull_function(client, client_pull);
+	gnutls_transport_set_ptr(client, client);
+
+	HANDSHAKE(client, server);
+
+	/* check the number of certificates received and verify */
+	{
+		gnutls_typed_vdata_st data[2];
+		unsigned status;
+
+		memset(data, 0, sizeof(data));
+
+		data[0].type = GNUTLS_DT_DNS_HOSTNAME;
+		data[0].data = (void*)host;
+
+		data[1].type = GNUTLS_DT_KEY_PURPOSE_OID;
+		data[1].data = (void*)GNUTLS_KP_TLS_WWW_SERVER;
+
+		ret = gnutls_certificate_verify_peers(client, data, 2, &status);
+		if (ret < 0) {
+			fail("could not verify certificate: %s\n", gnutls_strerror(ret));
+			exit(1);
+		}
+
+		if (status != 0) {
+			gnutls_datum_t t;
+			assert(gnutls_certificate_verification_status_print(status, GNUTLS_CRT_X509, &t, 0)>=0);
+			fail("could not verify certificate for '%s': %.4x: %s\n", host, status, t.data);
+			gnutls_free(t.data);
+			exit(1);
+		}
+
+		/* check gnutls_certificate_verify_peers3 */
+		ret = gnutls_certificate_verify_peers3(client, host, &status);
+		if (ret < 0) {
+			fail("could not verify certificate: %s\n", gnutls_strerror(ret));
+			exit(1);
+		}
+
+		if (status != 0) {
+			gnutls_datum_t t;
+			assert(gnutls_certificate_verification_status_print(status, GNUTLS_CRT_X509, &t, 0)>=0);
+			fail("could not verify certificate3: %.4x: %s\n", status, t.data);
+			gnutls_free(t.data);
+			exit(1);
+		}
+	}
+
+	gnutls_bye(client, GNUTLS_SHUT_RDWR);
+	gnutls_bye(server, GNUTLS_SHUT_RDWR);
+
+	gnutls_deinit(client);
+	gnutls_deinit(server);
+
+	gnutls_certificate_free_credentials(clientx509cred);
+
+	if (debug > 0) {
+		if (exit_code == 0)
+			puts("Self-test successful");
+		else
+			puts("Self-test failed");
+	}
+}
diff --git a/tests/utils.h b/tests/utils.h
index 227a445ee1..dd576e4363 100644
--- a/tests/utils.h
+++ b/tests/utils.h
@@ -1,7 +1,8 @@
 /*
- * Copyright (C) 2004-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2004-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat, Inc.
  *
- * Author: Simon Josefsson
+ * Author: Simon Josefsson, Nikos Mavrogiannopoulos
  *
  * This file is part of GnuTLS.
  *
@@ -68,6 +69,9 @@ extern void binprint(const void *str, size_t len);
 int disable_system_calls(void);
 void sec_sleep(int sec);
 
+void test_cli_serv(gnutls_certificate_credentials_t server_cred, const char *prio,
+              const gnutls_datum_t *ca_cert, const char *host);
+
 #define TMPNAME_SIZE 128
 char *get_tmpname(char s[TMPNAME_SIZE]);