From 89d445a5a503beda345065513396b7b9caca88bb Mon Sep 17 00:00:00 2001
From: Brett <brett.r.nicholas.15@dartmouth.edu>
Date: Mon, 23 Oct 2023 09:47:35 -0600
Subject: [PATCH] added --sys-ca-certs client connection to external test

---
 scripts/external.test | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/scripts/external.test b/scripts/external.test
index 39b88e996..671f6f9a3 100755
--- a/scripts/external.test
+++ b/scripts/external.test
@@ -45,4 +45,15 @@ RESULT=$?
 RESULT=$?
 [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
 
+# test again, but using system CA certs to verify the server if support is enabled.
+# We don't want to use --sys-ca-certs with static memory, as we don't know how
+# much memory will be required to store an unbounded number of certs
+BUILD_FLAGS="$(./examples/client/client '-#')"
+if echo "$BUILD_FLAGS" | grep -q "WOLFSSL_SYS_CA_CERTS" && ! echo "$BUILD_FLAGS" | grep -q "WOLFSSL_STATIC_MEMORY"; then
+    echo -e "\nConnecting using WOLFSSL_SYS_CA_CERTS..."
+    ./examples/client/client -X -C -h $server -p 443 -g --sys-ca-certs
+    RESULT=$?
+    [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed when using WOLFSSL_SYS_CA_CERTS" && exit 1
+fi
+
 exit 0