diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2020-12-17 13:47:09 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2020-12-17 13:47:09 +0100 |
commit | 30c2bc3c362a4eb6b35560cff0bd95404360fe22 (patch) | |
tree | 564434ee28afd75f642937a1ec3dd734c6c76a2c /tests/tls-protocols | |
parent | 43516b78b6b626bb6df522e4f1c5166989d79eb5 (diff) |
test suite: use stock OpenSSL config except for tests/tls-protocols.
It's best to use a stock (clean) environment when possible. We only
need to test TLS protocol version <1.2 for tests/tls-protocols.
Diffstat (limited to 'tests/tls-protocols')
-rw-r--r-- | tests/tls-protocols/openssl.cnf | 14 | ||||
-rw-r--r-- | tests/tls-protocols/t | 3 |
2 files changed, 17 insertions, 0 deletions
diff --git a/tests/tls-protocols/openssl.cnf b/tests/tls-protocols/openssl.cnf new file mode 100644 index 0000000..980097d --- /dev/null +++ b/tests/tls-protocols/openssl.cnf @@ -0,0 +1,14 @@ +# as we want to test TLSv1 we need to set MinProtocol=None, see +# see /usr/share/doc/libssl1.1/NEWS.Debian.gz + +openssl_conf = default_conf + +[default_conf] +ssl_conf = ssl_sect + +[ssl_sect] +system_default = system_default_sect + +[system_default_sect] +MinProtocol = None +CipherString = DEFAULT diff --git a/tests/tls-protocols/t b/tests/tls-protocols/t index c302731..72f7db2 100644 --- a/tests/tls-protocols/t +++ b/tests/tls-protocols/t @@ -5,6 +5,9 @@ interimap --debug || error ! grep -E "^remote: Maximum SSL/TLS protocol version: " <"$STDERR" || error grep -E "^remote: SSL protocol: TLSv" <"$STDERR" || error +# load custom OpenSSL configuration to allow TLS protocol version <=1.1 +export OPENSSL_CONF="$TESTDIR/openssl.cnf" + # backup config install -m0600 "$XDG_CONFIG_HOME/interimap/config" "$XDG_CONFIG_HOME/interimap/config~" with_remote_tls_protocols() { |