From ffd5201b790390adaf50eebc7668794d58513a97 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Thu, 7 Jul 2022 13:10:22 +0000
Subject: Make the ssltest security level aware.

From beck
---
 src/regress/lib/libssl/ssl/ssltest.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/regress/lib/libssl/ssl/ssltest.c b/src/regress/lib/libssl/ssl/ssltest.c
index 0deac3e736..ff5a584d6c 100644
--- a/src/regress/lib/libssl/ssl/ssltest.c
+++ b/src/regress/lib/libssl/ssl/ssltest.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ssltest.c,v 1.34 2022/07/07 11:40:17 tb Exp $ */
+/*	$OpenBSD: ssltest.c,v 1.35 2022/07/07 13:10:22 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -434,6 +434,7 @@ main(int argc, char *argv[])
 	const SSL_METHOD *meth = NULL;
 	SSL *c_ssl, *s_ssl;
 	int number = 1, reuse = 0;
+	int seclevel = 0;
 	long bytes = 256L;
 	DH *dh;
 	int dhe1024dsa = 0;
@@ -494,6 +495,10 @@ main(int argc, char *argv[])
 			number = atoi(*(++argv));
 			if (number == 0)
 				number = 1;
+		} else if (strncmp(*argv, "-seclevel", 9) == 0) {
+			if (--argc < 1)
+				goto bad;
+			seclevel = atoi(*(++argv));
 		} else if (strcmp(*argv, "-bytes") == 0) {
 			if (--argc < 1)
 				goto bad;
@@ -620,6 +625,9 @@ bad:
 		goto end;
 	}
 
+	SSL_CTX_set_security_level(c_ctx, seclevel);
+	SSL_CTX_set_security_level(s_ctx, seclevel);
+
 	if (cipher != NULL) {
 		SSL_CTX_set_cipher_list(c_ctx, cipher);
 		SSL_CTX_set_cipher_list(s_ctx, cipher);
-- 
cgit v1.2.3-55-g6feb