aboutsummaryrefslogtreecommitdiffstats
path: root/tests/tls-rsa+ecdsa/t
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@debian.org>2021-01-01 12:44:17 +0100
committerGuilhem Moulin <guilhem@debian.org>2021-01-01 12:44:17 +0100
commitd782c12d603fcbcc8bcf7b18860e9a16a27f4b1b (patch)
tree789fa2c3e7d08b08e82b6e5fa999ac7584fe3416 /tests/tls-rsa+ecdsa/t
parent2ce885e19f4a5f18da30c35dc7da7a204e2ceb58 (diff)
parent3d818bf7e24f0757bcd13f30118d229e5a6b5448 (diff)
Merge tag 'debian/0.5.5-1' into debian/buster-backports
interimap Debian release 0.5.5-1
Diffstat (limited to 'tests/tls-rsa+ecdsa/t')
-rw-r--r--tests/tls-rsa+ecdsa/t6
1 files changed, 4 insertions, 2 deletions
diff --git a/tests/tls-rsa+ecdsa/t b/tests/tls-rsa+ecdsa/t
index 2adf930..c9f5b96 100644
--- a/tests/tls-rsa+ecdsa/t
+++ b/tests/tls-rsa+ecdsa/t
@@ -36,9 +36,11 @@ grep -Fx -e "remote: Peer certificate matches pinned SPKI digest sha256\$$PKEY_S
-e "remote: Peer certificate matches pinned SPKI digest sha256\$$PKEY_ALT_SHA256" \
<"$STDERR" || error
-# force RSA (XXX do we really have to force TLSv1.2 here?)
+# force RSA
+# XXX we also have to force TLS <=1.2 here as the TLSv1.3 ciphersuites
+# don't specify the certificate type (nor key exchange)
cat >>"$XDG_CONFIG_HOME/interimap/config" <<-EOF
- SSL_protocols = TLSv1.2
+ SSL_protocol_max = TLSv1.2
SSL_cipherlist = EECDH+AESGCM+aRSA
EOF
interimap --debug || error