A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_7_4 2023-07-02T17:21:33+00:00 2023-07-02T17:21:33+00:00 beck 2023-07-02T17:21:33+00:00 urn:sha1:4edd92a57f3a74829fe519f35b5c7c79e03ce0b0 Their time has long since past, and they should not be used. This change restricts ssl to versions 1.2 and 1.3, and changes the regression tests to understand we no longer speak the legacy protocols. For the moment the magical "golden" byte for byte comparison tests of raw handshake values are disabled util jsing fixes them. ok jsing@ tb@ 2021-10-23T14:34:10+00:00 jsing 2021-10-23T14:34:10+00:00 urn:sha1:8df330f8ab4894190007c25d1efe71e7f5c58383 This currently exercises various combinations of TLS versions and their associated key exchange mechanisms. Note that this currently fails for TLSv1.0/TLSv1.1 with RSA KEX (to be fixed shortly). Over time all of the ssl regress should be moved into the dtls and tls regress tests.