| Commit message (Collapse) | Author | Age | Files |
| |
|
|
|
|
|
|
| |
This is required to test TLS version <1.2 on systems with higher
security levels, see SSL_CTX_set_security_level(3ssl). Addapted from a
patch from <xnox> for Unbuntu.
|
|
|
|
|
| |
It's best to use a stock (clean) environment when possible. We only
need to test TLS protocol version <1.2 for tests/tls-protocols.
|
| |
|
|
|
|
|
|
| |
handshake is aborted.
(Unless STARTTLS is used to upgrade the connection.)
|
|
|
|
|
|
|
|
| |
Using the libssl interface simplifies our protocol black/whitelist
greatly; this only allows simple min/max bounds, but holes are arguably
not very useful here.
Using the new settings bumps the required libssl version to 1.1.0.
|
|
|
|
|
|
|
|
| |
Namely, use the system default instead of "!SSLv2 !SSLv3 !TLSv1 !TLSv1.1".
As of Debian Buster (OpenSSL 1.1.1) this does not make a difference,
however using the system default provides better compatibility with
future libssl versions.
|
|
SSL connections are accepted on TCP port 10993. Also, fix STARTTLS
directive, broken since fba1c36…
|