From 556f02ce636e11e898ed5608b3b130ce4e7c6ba6 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Mon, 21 Feb 2022 13:05:44 +0100
Subject: Tests: TLS ciphers/protocols: Downgrade security level to 0.

This is required to test TLS version <1.2 on systems with higher
security levels, see SSL_CTX_set_security_level(3ssl).  Addapted from a
patch from <xnox> for Unbuntu.
---
 tests/tls-protocols/openssl.cnf | 2 +-
 tests/tls-protocols/remote.conf | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)
 mode change 120000 => 100644 tests/tls-protocols/remote.conf

diff --git a/tests/tls-protocols/openssl.cnf b/tests/tls-protocols/openssl.cnf
index 980097d..3d9769d 100644
--- a/tests/tls-protocols/openssl.cnf
+++ b/tests/tls-protocols/openssl.cnf
@@ -11,4 +11,4 @@ system_default = system_default_sect
 
 [system_default_sect]
 MinProtocol = None
-CipherString = DEFAULT
+CipherString = DEFAULT@SECLEVEL=0
diff --git a/tests/tls-protocols/remote.conf b/tests/tls-protocols/remote.conf
deleted file mode 120000
index 6029749..0000000
--- a/tests/tls-protocols/remote.conf
+++ /dev/null
@@ -1 +0,0 @@
-../tls/remote.conf
\ No newline at end of file
diff --git a/tests/tls-protocols/remote.conf b/tests/tls-protocols/remote.conf
new file mode 100644
index 0000000..96b3713
--- /dev/null
+++ b/tests/tls-protocols/remote.conf
@@ -0,0 +1,4 @@
+!include conf.d/imapd.conf
+!include conf.d/ssl.conf
+ssl_min_protocol = TLSv1
+ssl_cipher_list = DEFAULT@SECLEVEL=0
-- 
cgit v1.2.3