aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2022-02-21 13:05:44 +0100
committerGuilhem Moulin <guilhem@fripost.org>2022-02-21 13:49:30 +0100
commit556f02ce636e11e898ed5608b3b130ce4e7c6ba6 (patch)
tree35bdf56349c0208b68f5bed720bcc1be80b14feb
parent48d35e65472e29d808a4bf604b7f99270496b810 (diff)
Tests: TLS ciphers/protocols: Downgrade security level to 0.
This is required to test TLS version <1.2 on systems with higher security levels, see SSL_CTX_set_security_level(3ssl). Addapted from a patch from <xnox> for Unbuntu.
-rw-r--r--tests/tls-protocols/openssl.cnf2
-rw-r--r--[l---------]tests/tls-protocols/remote.conf5
2 files changed, 5 insertions, 2 deletions
diff --git a/tests/tls-protocols/openssl.cnf b/tests/tls-protocols/openssl.cnf
index 980097d..3d9769d 100644
--- a/tests/tls-protocols/openssl.cnf
+++ b/tests/tls-protocols/openssl.cnf
@@ -11,4 +11,4 @@ system_default = system_default_sect
[system_default_sect]
MinProtocol = None
-CipherString = DEFAULT
+CipherString = DEFAULT@SECLEVEL=0
diff --git a/tests/tls-protocols/remote.conf b/tests/tls-protocols/remote.conf
index 6029749..96b3713 120000..100644
--- a/tests/tls-protocols/remote.conf
+++ b/tests/tls-protocols/remote.conf
@@ -1 +1,4 @@
-../tls/remote.conf \ No newline at end of file
+!include conf.d/imapd.conf
+!include conf.d/ssl.conf
+ssl_min_protocol = TLSv1
+ssl_cipher_list = DEFAULT@SECLEVEL=0