diff options
author | Guilhem Moulin <guilhem@debian.org> | 2021-01-01 12:44:17 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@debian.org> | 2021-01-01 12:44:17 +0100 |
commit | d782c12d603fcbcc8bcf7b18860e9a16a27f4b1b (patch) | |
tree | 789fa2c3e7d08b08e82b6e5fa999ac7584fe3416 /tests/tls-rsa+ecdsa | |
parent | 2ce885e19f4a5f18da30c35dc7da7a204e2ceb58 (diff) | |
parent | 3d818bf7e24f0757bcd13f30118d229e5a6b5448 (diff) |
Merge tag 'debian/0.5.5-1' into debian/buster-backports
interimap Debian release 0.5.5-1
Diffstat (limited to 'tests/tls-rsa+ecdsa')
-rw-r--r-- | tests/tls-rsa+ecdsa/t | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/tests/tls-rsa+ecdsa/t b/tests/tls-rsa+ecdsa/t index 2adf930..c9f5b96 100644 --- a/tests/tls-rsa+ecdsa/t +++ b/tests/tls-rsa+ecdsa/t @@ -36,9 +36,11 @@ grep -Fx -e "remote: Peer certificate matches pinned SPKI digest sha256\$$PKEY_S -e "remote: Peer certificate matches pinned SPKI digest sha256\$$PKEY_ALT_SHA256" \ <"$STDERR" || error -# force RSA (XXX do we really have to force TLSv1.2 here?) +# force RSA +# XXX we also have to force TLS <=1.2 here as the TLSv1.3 ciphersuites +# don't specify the certificate type (nor key exchange) cat >>"$XDG_CONFIG_HOME/interimap/config" <<-EOF - SSL_protocols = TLSv1.2 + SSL_protocol_max = TLSv1.2 SSL_cipherlist = EECDH+AESGCM+aRSA EOF interimap --debug || error |