diff options
author | Pauli <pauli@openssl.org> | 2022-05-04 13:01:35 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2022-05-08 16:58:00 +1000 |
commit | 7bf2e4d7f0c7ae19b7a8c416910886a7171e9820 (patch) | |
tree | 0a1e1a9b8a7603bf2d4f2fef7a805a80feb6e29e /test/bad_dtls_test.c | |
parent | ac23650c1e53658227436aecc8de03a7ac3d1b9a (diff) |
tls: ban SSL3, TLS1, TLS1.1 and DTLS1.0 at security level one and above
This is in line with the NEWS entry (erroneously) announcing such for 3.0.
Fixes #18194
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18236)
Diffstat (limited to 'test/bad_dtls_test.c')
-rw-r--r-- | test/bad_dtls_test.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/test/bad_dtls_test.c b/test/bad_dtls_test.c index f8c6b142d8..8849269173 100644 --- a/test/bad_dtls_test.c +++ b/test/bad_dtls_test.c @@ -499,6 +499,7 @@ static int test_bad_dtls(void) || !TEST_true(SSL_CTX_set_cipher_list(ctx, "AES128-SHA"))) goto end; + SSL_CTX_set_security_level(ctx, 0); con = SSL_new(ctx); if (!TEST_ptr(con) || !TEST_true(SSL_set_session(con, sess))) |