diff options
author | beck <> | 2023-07-02 06:37:27 +0000 |
---|---|---|
committer | beck <> | 2023-07-02 06:37:27 +0000 |
commit | 5fa4afa0f3caaa43f2ba9d4ee6db352737839f89 (patch) | |
tree | 4bacb3a3d0ace64e696059ed29bf6c2df878b8b4 /src/regress/lib/libtls/config | |
parent | 0ded9dcf305231c596837cf0e9a372d5fc79b18b (diff) | |
download | openbsd-5fa4afa0f3caaa43f2ba9d4ee6db352737839f89.tar.gz openbsd-5fa4afa0f3caaa43f2ba9d4ee6db352737839f89.tar.bz2 openbsd-5fa4afa0f3caaa43f2ba9d4ee6db352737839f89.zip |
Remove the ability to do tls 1.0 and 1.1 from libtls.
With this change any requests from configurations to request
versions of tls before tls 1.2 will use tls 1.2. This prepares
us to deprecate tls 1.0 and tls 1.1 support from libssl.
ok tb@
Diffstat (limited to 'src/regress/lib/libtls/config')
-rw-r--r-- | src/regress/lib/libtls/config/configtest.c | 23 |
1 files changed, 9 insertions, 14 deletions
diff --git a/src/regress/lib/libtls/config/configtest.c b/src/regress/lib/libtls/config/configtest.c index 47aa03e826..5af5b56ffd 100644 --- a/src/regress/lib/libtls/config/configtest.c +++ b/src/regress/lib/libtls/config/configtest.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: configtest.c,v 1.2 2020/01/20 08:40:16 jsing Exp $ */ | 1 | /* $OpenBSD: configtest.c,v 1.3 2023/07/02 06:37:27 beck Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> |
4 | * | 4 | * |
@@ -71,30 +71,27 @@ struct parse_protocols_test parse_protocols_tests[] = { | |||
71 | { | 71 | { |
72 | .protostr = "tlsv1.0:tlsv1.1:tlsv1.2:tlsv1.3", | 72 | .protostr = "tlsv1.0:tlsv1.1:tlsv1.2:tlsv1.3", |
73 | .want_return = 0, | 73 | .want_return = 0, |
74 | .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | | 74 | .want_protocols = TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, |
75 | TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, | ||
76 | }, | 75 | }, |
77 | { | 76 | { |
78 | .protostr = "tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3", | 77 | .protostr = "tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3", |
79 | .want_return = 0, | 78 | .want_return = 0, |
80 | .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | | 79 | .want_protocols = TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, |
81 | TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3, | ||
82 | }, | 80 | }, |
83 | { | 81 | { |
84 | .protostr = "tlsv1.1,tlsv1.2,tlsv1.0", | 82 | .protostr = "tlsv1.1,tlsv1.2,tlsv1.0", |
85 | .want_return = 0, | 83 | .want_return = 0, |
86 | .want_protocols = TLS_PROTOCOL_TLSv1_0 | TLS_PROTOCOL_TLSv1_1 | | 84 | .want_protocols = TLS_PROTOCOL_TLSv1_2, |
87 | TLS_PROTOCOL_TLSv1_2, | ||
88 | }, | 85 | }, |
89 | { | 86 | { |
90 | .protostr = "tlsv1.1,tlsv1.2,tlsv1.1", | 87 | .protostr = "tlsv1.1,tlsv1.2,tlsv1.1", |
91 | .want_return = 0, | 88 | .want_return = 0, |
92 | .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2, | 89 | .want_protocols = TLS_PROTOCOL_TLSv1_2, |
93 | }, | 90 | }, |
94 | { | 91 | { |
95 | .protostr = "tlsv1.1,tlsv1.2,!tlsv1.1", | 92 | .protostr = "tlsv1.1,tlsv1.2,!tlsv1.1", |
96 | .want_return = 0, | 93 | .want_return = 0, |
97 | .want_protocols = TLS_PROTOCOL_TLSv1_2, | 94 | .want_protocols = 0, |
98 | }, | 95 | }, |
99 | { | 96 | { |
100 | .protostr = "unknown", | 97 | .protostr = "unknown", |
@@ -114,19 +111,17 @@ struct parse_protocols_test parse_protocols_tests[] = { | |||
114 | { | 111 | { |
115 | .protostr = "all,!tlsv1.0", | 112 | .protostr = "all,!tlsv1.0", |
116 | .want_return = 0, | 113 | .want_return = 0, |
117 | .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | \ | 114 | .want_protocols = TLS_PROTOCOL_TLSv1_3, |
118 | TLS_PROTOCOL_TLSv1_3, | ||
119 | }, | 115 | }, |
120 | { | 116 | { |
121 | .protostr = "!tlsv1.0", | 117 | .protostr = "!tlsv1.0", |
122 | .want_return = 0, | 118 | .want_return = 0, |
123 | .want_protocols = TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | \ | 119 | .want_protocols = TLS_PROTOCOL_TLSv1_3, |
124 | TLS_PROTOCOL_TLSv1_3, | ||
125 | }, | 120 | }, |
126 | { | 121 | { |
127 | .protostr = "!tlsv1.0,!tlsv1.1,!tlsv1.3", | 122 | .protostr = "!tlsv1.0,!tlsv1.1,!tlsv1.3", |
128 | .want_return = 0, | 123 | .want_return = 0, |
129 | .want_protocols = TLS_PROTOCOL_TLSv1_2, | 124 | .want_protocols = 0, |
130 | }, | 125 | }, |
131 | { | 126 | { |
132 | .protostr = "!tlsv1.0,!tlsv1.1,tlsv1.2,!tlsv1.3", | 127 | .protostr = "!tlsv1.0,!tlsv1.1,tlsv1.2,!tlsv1.3", |