Merge tag 'debian/0.5.5-1' into debian/buster-backports

interimap Debian release 0.5.5-1
author: Guilhem Moulin <guilhem@debian.org> 2021-01-01 12:44:17 +0100
committer: Guilhem Moulin <guilhem@debian.org> 2021-01-01 12:44:17 +0100
commit: d782c12d603fcbcc8bcf7b18860e9a16a27f4b1b (patch)
tree: 789fa2c3e7d08b08e82b6e5fa999ac7584fe3416 /tests/tls-rsa+ecdsa/t
parent: 2ce885e19f4a5f18da30c35dc7da7a204e2ceb58 (diff)
parent: 3d818bf7e24f0757bcd13f30118d229e5a6b5448 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/tests/tls-rsa+ecdsa/t b/tests/tls-rsa+ecdsa/t
index 2adf930..c9f5b96 100644
--- a/tests/tls-rsa+ecdsa/t
+++ b/tests/tls-rsa+ecdsa/t
@@ -36,9 +36,11 @@ grep -Fx -e "remote: Peer certificate matches pinned SPKI digest sha256\$$PKEY_S
          -e "remote: Peer certificate matches pinned SPKI digest sha256\$$PKEY_ALT_SHA256" \
          <"$STDERR" || error
 
-# force RSA (XXX do we really have to force TLSv1.2 here?)
+# force RSA
+# XXX we also have to force TLS <=1.2 here as the TLSv1.3 ciphersuites
+# don't specify the certificate type (nor key exchange)
 cat >>"$XDG_CONFIG_HOME/interimap/config" <<-EOF
-	SSL_protocols = TLSv1.2
+	SSL_protocol_max = TLSv1.2
 	SSL_cipherlist = EECDH+AESGCM+aRSA
 EOF
 interimap --debug || error
author	Guilhem Moulin <guilhem@debian.org>	2021-01-01 12:44:17 +0100
committer	Guilhem Moulin <guilhem@debian.org>	2021-01-01 12:44:17 +0100
commit	d782c12d603fcbcc8bcf7b18860e9a16a27f4b1b (patch)
tree	789fa2c3e7d08b08e82b6e5fa999ac7584fe3416 /tests/tls-rsa+ecdsa/t
parent	2ce885e19f4a5f18da30c35dc7da7a204e2ceb58 (diff)
parent	3d818bf7e24f0757bcd13f30118d229e5a6b5448 (diff)