Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

See if Test::Net::SSLeay could handle security changes done in OpenSSL 3.0 alpha 5 #289

Open
h-vn opened this issue Sep 3, 2021 · 0 comments
Open

See if Test::Net::SSLeay could handle security changes done in OpenSSL 3.0 alpha 5 #289

h-vn opened this issue Sep 3, 2021 · 0 comments

Comments

@h-vn
Copy link
Contributor

h-vn commented Sep 3, 2021

Changes in #288 described in #287 added calls to two test files to set security level to 0 with OpenSSL 3.0.0 and later.

The affected tests require using TLSv1 and TLSv1.1, but our Test::Net::SSLeay did not detect that these versions were not usable. Apparently the reason is that while the TLS versions are permitted on security level 1, the usability test did not go far enough to discover that the ciphersuites are now too weak to actually connect anywhere.

Should Test::Net::SSLeay be updated or are the changes in tests good enough. Note that the tests should really run as long as the TLS versions < 1.2 are supported, even if this requires setting security level to 0.
@h-vn h-vn changed the title See if Test::Net::SSLeay could 3.0 alpha 5 security level changes See if Test::Net::SSLeay could handle 3.0 alpha 5 security level changes Sep 3, 2021
@h-vn h-vn changed the title See if Test::Net::SSLeay could handle 3.0 alpha 5 security level changes See if Test::Net::SSLeay could handle security changes done in OpenSSL 3.0 alpha 5 Sep 3, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@h-vn