| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
The new certificates are more representative of the real world. The old
certificates use weak algorithms and expire in the very near future. Most
of our regress has already been switched over, this changes the remainder.
Thanks to Bernhard M. Wiedemann for reminding us of the upcoming expiry.
ok tb@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Their time has long since past, and they should not be used.
This change restricts ssl to versions 1.2 and 1.3, and changes
the regression tests to understand we no longer speak the legacy
protocols.
For the moment the magical "golden" byte for byte comparison
tests of raw handshake values are disabled util jsing fixes them.
ok jsing@ tb@
|
|
|
This currently exercises various combinations of TLS versions and their
associated key exchange mechanisms. Note that this currently fails for
TLSv1.0/TLSv1.1 with RSA KEX (to be fixed shortly).
Over time all of the ssl regress should be moved into the dtls and tls
regress tests.
|
