Disable TLS 1.0 and TLS 1.1 in libssl

Their time has long since past, and they should not be used. This change restricts ssl to versions 1.2 and 1.3, and changes the regression tests to understand we no longer speak the legacy protocols. For the moment the magical "golden" byte for byte comparison tests of raw handshake values are disabled util jsing fixes them. ok jsing@ tb@
author: beck <> 2023-07-02 17:21:33 +0000
committer: beck <> 2023-07-02 17:21:33 +0000
commit: 4edd92a57f3a74829fe519f35b5c7c79e03ce0b0 (patch)
tree: 33bb9f6c1c9fd44a8c7064445713f67f9fe0b371 /src/regress/lib/libssl/interop
parent: 4536f2834a091e2b67ca99b59dc364c7ccc30a4b (diff)
download: openbsd-4edd92a57f3a74829fe519f35b5c7c79e03ce0b0.tar.gz
openbsd-4edd92a57f3a74829fe519f35b5c7c79e03ce0b0.tar.bz2
openbsd-4edd92a57f3a74829fe519f35b5c7c79e03ce0b0.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/regress/lib/libssl/interop/version/Makefile b/src/regress/lib/libssl/interop/version/Makefile
index 9d0ae418ba..c4f7705d63 100644
--- a/src/regress/lib/libssl/interop/version/Makefile
+++ b/src/regress/lib/libssl/interop/version/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.6 2023/04/19 15:34:23 tb Exp $
+# $OpenBSD: Makefile,v 1.7 2023/07/02 17:21:32 beck Exp $
 # Connect a client to a server.  Both can be current libressl, or
 # openssl 1.1 or openssl 3.0.  Pin client or server to a fixed TLS
@@ -14,7 +14,7 @@ LIBRARIES +=		openssl11
 LIBRARIES +=            openssl30
 .endif
-VERSIONS =      any TLS1 TLS1_1 TLS1_2 TLS1_3
+VERSIONS =      any TLS1_2 TLS1_3
 .for cver in ${VERSIONS}
 .for sver in ${VERSIONS}
author	beck <>	2023-07-02 17:21:33 +0000
committer	beck <>	2023-07-02 17:21:33 +0000
commit	4edd92a57f3a74829fe519f35b5c7c79e03ce0b0 (patch)
tree	33bb9f6c1c9fd44a8c7064445713f67f9fe0b371 /src/regress/lib/libssl/interop
parent	4536f2834a091e2b67ca99b59dc364c7ccc30a4b (diff)
download	openbsd-4edd92a57f3a74829fe519f35b5c7c79e03ce0b0.tar.gz openbsd-4edd92a57f3a74829fe519f35b5c7c79e03ce0b0.tar.bz2 openbsd-4edd92a57f3a74829fe519f35b5c7c79e03ce0b0.zip

diff --git a/src/regress/lib/libssl/interop/version/Makefile b/src/regress/lib/libssl/interop/version/Makefile index 9d0ae418ba..c4f7705d63 100644 --- a/src/regress/lib/libssl/interop/version/Makefile +++ b/src/regress/lib/libssl/interop/version/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.6 2023/04/19 15:34:23 tb Exp $	1	# $OpenBSD: Makefile,v 1.7 2023/07/02 17:21:32 beck Exp $
2		2
3	# Connect a client to a server. Both can be current libressl, or	3	# Connect a client to a server. Both can be current libressl, or
4	# openssl 1.1 or openssl 3.0. Pin client or server to a fixed TLS	4	# openssl 1.1 or openssl 3.0. Pin client or server to a fixed TLS
@@ -14,7 +14,7 @@ LIBRARIES += openssl11
14	LIBRARIES += openssl30	14	LIBRARIES += openssl30
15	.endif	15	.endif
16		16
17	VERSIONS = any TLS1 TLS1_1 TLS1_2 TLS1_3	17	VERSIONS = any TLS1_2 TLS1_3
18		18
19	.for cver in ${VERSIONS}	19	.for cver in ${VERSIONS}
20	.for sver in ${VERSIONS}	20	.for sver in ${VERSIONS}