Kurt Roeckx
aba03ae571
Reduce the security bits for MD5 and SHA1 based signatures in TLS
...
This has as effect that SHA1 and MD5+SHA1 are no longer supported at
security level 1, and that TLS < 1.2 is no longer supported at the
default security level of 1, and that you need to set the security
level to 0 to use TLS < 1.2.
Reviewed-by: Tim Hudson <tjh@openssl.org>
GH: #10787
2020-06-27 08:41:40 +02:00
Richard Levitte
909f1a2e51
Following the license change, modify the boilerplates in test/
...
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7767 )
2018-12-06 14:19:22 +01:00
Matt Caswell
5627f9f217
Don't detect a downgrade where the server has a protocol version hole
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7013 )
2018-08-22 15:15:19 +01:00
Matt Caswell
3e7cb13dff
Test that a client protocol "hole" doesn't get detected as a downgrade
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7013 )
2018-08-22 15:15:19 +01:00
Matt Caswell
9f22c52723
Turn on TLSv1.3 downgrade protection by default
...
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6741 )
2018-08-15 12:33:30 +01:00
Matt Caswell
9b287d53db
Add a test for TLSv1.3 fallback
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6894 )
2018-08-09 10:53:09 +01:00
Matt Caswell
6738bf1417
Update copyright year
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2018-02-13 13:59:25 +00:00
Richard Levitte
c5856878f7
Enable TLSProxy tests on Windows
...
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5094 )
2018-01-20 09:22:20 +01:00
Matt Caswell
b9647e34ff
Add a test for the TLSv1.3 downgrade mechanism
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3022 )
2017-03-24 14:07:11 +00:00