commit f7747015d8dc0d362fa3fb2cc7670d5a690edef8 parent f069ee365d4cedb9854924ab2f6b96476b64319f Author: Evgeny Grin (Karlson2k) <k2k@narod.ru> Date: Tue, 4 Oct 2022 18:57:06 +0300 testcurl/https: do not enforce TLSv1 Usage of concrete TLS version is not future-proof. Relay on default version setting by libcurl/TLS lib. Diffstat:
8 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/src/testcurl/https/test_empty_response.c b/src/testcurl/https/test_empty_response.c @@ -111,7 +111,7 @@ testInternalSelectGet (void) curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, ©Buffer); curl_easy_setopt (c, CURLOPT_WRITEDATA, &cbc); /* TLS options */ - curl_easy_setopt (c, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1); + curl_easy_setopt (c, CURLOPT_SSLVERSION, CURL_SSLVERSION_DEFAULT); curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0L); curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0L); curl_easy_setopt (c, CURLOPT_FAILONERROR, 1L); diff --git a/src/testcurl/https/test_https_get.c b/src/testcurl/https/test_https_get.c @@ -249,7 +249,7 @@ main (int argc, char *const *argv) return 77; } errorCount += - test_secure_get (NULL, NULL, CURL_SSLVERSION_TLSv1); + test_secure_get (NULL, NULL, CURL_SSLVERSION_DEFAULT); errorCount += testEmptyGet (0); curl_global_cleanup (); diff --git a/src/testcurl/https/test_https_get_iovec.c b/src/testcurl/https/test_https_get_iovec.c @@ -408,7 +408,7 @@ main (int argc, char *const *argv) } errorCount += - test_secure_get (NULL, NULL, CURL_SSLVERSION_TLSv1); + test_secure_get (NULL, NULL, CURL_SSLVERSION_DEFAULT); errorCount += testEmptyGet (0); curl_global_cleanup (); diff --git a/src/testcurl/https/test_https_get_parallel.c b/src/testcurl/https/test_https_get_parallel.c @@ -161,7 +161,7 @@ main (int argc, char *const *argv) NULL, port, MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS | MHD_USE_ERROR_LOG | MHD_USE_EPOLL, - NULL, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, + NULL, CURL_SSLVERSION_DEFAULT, MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, MHD_OPTION_END); #endif @@ -170,7 +170,7 @@ main (int argc, char *const *argv) NULL, port, MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS | MHD_USE_ERROR_LOG, - NULL, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, + NULL, CURL_SSLVERSION_DEFAULT, MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, MHD_OPTION_END); #ifdef EPOLL_SUPPORT @@ -179,7 +179,7 @@ main (int argc, char *const *argv) &test_parallel_clients, NULL, port, MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS | MHD_USE_ERROR_LOG | MHD_USE_EPOLL, - NULL, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, + NULL, CURL_SSLVERSION_DEFAULT, MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, MHD_OPTION_END); #endif @@ -188,7 +188,7 @@ main (int argc, char *const *argv) &test_parallel_clients, NULL, port, MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS | MHD_USE_ERROR_LOG, - NULL, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, + NULL, CURL_SSLVERSION_DEFAULT, MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, MHD_OPTION_END); diff --git a/src/testcurl/https/test_https_get_parallel_threads.c b/src/testcurl/https/test_https_get_parallel_threads.c @@ -176,7 +176,7 @@ main (int argc, char *const *argv) NULL, port, MHD_USE_TLS | MHD_USE_ERROR_LOG | MHD_USE_THREAD_PER_CONNECTION | MHD_USE_INTERNAL_POLLING_THREAD, - NULL, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, + NULL, CURL_SSLVERSION_DEFAULT, MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, MHD_OPTION_END); @@ -185,7 +185,7 @@ main (int argc, char *const *argv) &test_parallel_clients, NULL, port, MHD_USE_TLS | MHD_USE_ERROR_LOG | MHD_USE_THREAD_PER_CONNECTION | MHD_USE_INTERNAL_POLLING_THREAD, - NULL, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, + NULL, CURL_SSLVERSION_DEFAULT, MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, MHD_OPTION_END); diff --git a/src/testcurl/https/test_https_get_select.c b/src/testcurl/https/test_https_get_select.c @@ -127,7 +127,7 @@ testExternalGet (unsigned int flags) curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, ©Buffer); curl_easy_setopt (c, CURLOPT_WRITEDATA, &cbc); /* TLS options */ - curl_easy_setopt (c, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1); + curl_easy_setopt (c, CURLOPT_SSLVERSION, CURL_SSLVERSION_DEFAULT); curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0L); curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0L); curl_easy_setopt (c, CURLOPT_FAILONERROR, 1L); diff --git a/src/testcurl/https/test_https_multi_daemon.c b/src/testcurl/https/test_https_multi_daemon.c @@ -149,7 +149,7 @@ main (int argc, char *const *argv) } errorCount += - test_concurent_daemon_pair (NULL, NULL, CURL_SSLVERSION_TLSv1); + test_concurent_daemon_pair (NULL, NULL, CURL_SSLVERSION_DEFAULT); print_test_result (errorCount, "concurent_daemon_pair"); diff --git a/src/testcurl/https/test_tls_authentication.c b/src/testcurl/https/test_tls_authentication.c @@ -105,7 +105,7 @@ main (int argc, char *const *argv) } errorCount += - test_secure_get (NULL, NULL, CURL_SSLVERSION_TLSv1); + test_secure_get (NULL, NULL, CURL_SSLVERSION_DEFAULT); print_test_result (errorCount, argv[0]);