aboutsummaryrefslogtreecommitdiffstats
path: root/tests/tls-protocols
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2020-12-17 13:47:09 +0100
committerGuilhem Moulin <guilhem@fripost.org>2020-12-17 13:47:09 +0100
commit30c2bc3c362a4eb6b35560cff0bd95404360fe22 (patch)
tree564434ee28afd75f642937a1ec3dd734c6c76a2c /tests/tls-protocols
parent43516b78b6b626bb6df522e4f1c5166989d79eb5 (diff)
test suite: use stock OpenSSL config except for tests/tls-protocols.
It's best to use a stock (clean) environment when possible. We only need to test TLS protocol version <1.2 for tests/tls-protocols.
Diffstat (limited to 'tests/tls-protocols')
-rw-r--r--tests/tls-protocols/openssl.cnf14
-rw-r--r--tests/tls-protocols/t3
2 files changed, 17 insertions, 0 deletions
diff --git a/tests/tls-protocols/openssl.cnf b/tests/tls-protocols/openssl.cnf
new file mode 100644
index 0000000..980097d
--- /dev/null
+++ b/tests/tls-protocols/openssl.cnf
@@ -0,0 +1,14 @@
+# as we want to test TLSv1 we need to set MinProtocol=None, see
+# see /usr/share/doc/libssl1.1/NEWS.Debian.gz
+
+openssl_conf = default_conf
+
+[default_conf]
+ssl_conf = ssl_sect
+
+[ssl_sect]
+system_default = system_default_sect
+
+[system_default_sect]
+MinProtocol = None
+CipherString = DEFAULT
diff --git a/tests/tls-protocols/t b/tests/tls-protocols/t
index c302731..72f7db2 100644
--- a/tests/tls-protocols/t
+++ b/tests/tls-protocols/t
@@ -5,6 +5,9 @@ interimap --debug || error
! grep -E "^remote: Maximum SSL/TLS protocol version: " <"$STDERR" || error
grep -E "^remote: SSL protocol: TLSv" <"$STDERR" || error
+# load custom OpenSSL configuration to allow TLS protocol version <=1.1
+export OPENSSL_CONF="$TESTDIR/openssl.cnf"
+
# backup config
install -m0600 "$XDG_CONFIG_HOME/interimap/config" "$XDG_CONFIG_HOME/interimap/config~"
with_remote_tls_protocols() {