From f7747015d8dc0d362fa3fb2cc7670d5a690edef8 Mon Sep 17 00:00:00 2001
From: "Evgeny Grin (Karlson2k)" <k2k@narod.ru>
Date: Tue, 4 Oct 2022 18:57:06 +0300
Subject: testcurl/https: do not enforce TLSv1

Usage of concrete TLS version is not future-proof. Relay on default
version setting by libcurl/TLS lib.
---
 src/testcurl/https/test_empty_response.c             | 2 +-
 src/testcurl/https/test_https_get.c                  | 2 +-
 src/testcurl/https/test_https_get_iovec.c            | 2 +-
 src/testcurl/https/test_https_get_parallel.c         | 8 ++++----
 src/testcurl/https/test_https_get_parallel_threads.c | 4 ++--
 src/testcurl/https/test_https_get_select.c           | 2 +-
 src/testcurl/https/test_https_multi_daemon.c         | 2 +-
 src/testcurl/https/test_tls_authentication.c         | 2 +-
 8 files changed, 12 insertions(+), 12 deletions(-)

(limited to 'src')

diff --git a/src/testcurl/https/test_empty_response.c b/src/testcurl/https/test_empty_response.c
index c1e58245..92dbaec7 100644
--- a/src/testcurl/https/test_empty_response.c
+++ b/src/testcurl/https/test_empty_response.c
@@ -111,7 +111,7 @@ testInternalSelectGet (void)
   curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, &copyBuffer);
   curl_easy_setopt (c, CURLOPT_WRITEDATA, &cbc);
   /* TLS options */
-  curl_easy_setopt (c, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
+  curl_easy_setopt (c, CURLOPT_SSLVERSION, CURL_SSLVERSION_DEFAULT);
   curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0L);
   curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0L);
   curl_easy_setopt (c, CURLOPT_FAILONERROR, 1L);
diff --git a/src/testcurl/https/test_https_get.c b/src/testcurl/https/test_https_get.c
index f7569f43..7eebfd4c 100644
--- a/src/testcurl/https/test_https_get.c
+++ b/src/testcurl/https/test_https_get.c
@@ -249,7 +249,7 @@ main (int argc, char *const *argv)
     return 77;
   }
   errorCount +=
-    test_secure_get (NULL, NULL, CURL_SSLVERSION_TLSv1);
+    test_secure_get (NULL, NULL, CURL_SSLVERSION_DEFAULT);
   errorCount += testEmptyGet (0);
   curl_global_cleanup ();
 
diff --git a/src/testcurl/https/test_https_get_iovec.c b/src/testcurl/https/test_https_get_iovec.c
index 7b99ff68..c5ff7cb4 100644
--- a/src/testcurl/https/test_https_get_iovec.c
+++ b/src/testcurl/https/test_https_get_iovec.c
@@ -408,7 +408,7 @@ main (int argc, char *const *argv)
   }
 
   errorCount +=
-    test_secure_get (NULL, NULL, CURL_SSLVERSION_TLSv1);
+    test_secure_get (NULL, NULL, CURL_SSLVERSION_DEFAULT);
   errorCount += testEmptyGet (0);
   curl_global_cleanup ();
 
diff --git a/src/testcurl/https/test_https_get_parallel.c b/src/testcurl/https/test_https_get_parallel.c
index 55725e3f..4e83bbf2 100644
--- a/src/testcurl/https/test_https_get_parallel.c
+++ b/src/testcurl/https/test_https_get_parallel.c
@@ -161,7 +161,7 @@ main (int argc, char *const *argv)
                NULL, port,
                MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS
                | MHD_USE_ERROR_LOG | MHD_USE_EPOLL,
-               NULL, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
+               NULL, CURL_SSLVERSION_DEFAULT, MHD_OPTION_HTTPS_MEM_KEY,
                srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT,
                srv_self_signed_cert_pem, MHD_OPTION_END);
 #endif
@@ -170,7 +170,7 @@ main (int argc, char *const *argv)
                NULL, port,
                MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS
                | MHD_USE_ERROR_LOG,
-               NULL, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
+               NULL, CURL_SSLVERSION_DEFAULT, MHD_OPTION_HTTPS_MEM_KEY,
                srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT,
                srv_self_signed_cert_pem, MHD_OPTION_END);
 #ifdef EPOLL_SUPPORT
@@ -179,7 +179,7 @@ main (int argc, char *const *argv)
                &test_parallel_clients, NULL, port,
                MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS
                | MHD_USE_ERROR_LOG | MHD_USE_EPOLL,
-               NULL, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
+               NULL, CURL_SSLVERSION_DEFAULT, MHD_OPTION_HTTPS_MEM_KEY,
                srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT,
                srv_self_signed_cert_pem, MHD_OPTION_END);
 #endif
@@ -188,7 +188,7 @@ main (int argc, char *const *argv)
                &test_parallel_clients, NULL, port,
                MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS
                | MHD_USE_ERROR_LOG,
-               NULL, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
+               NULL, CURL_SSLVERSION_DEFAULT, MHD_OPTION_HTTPS_MEM_KEY,
                srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT,
                srv_self_signed_cert_pem, MHD_OPTION_END);
 
diff --git a/src/testcurl/https/test_https_get_parallel_threads.c b/src/testcurl/https/test_https_get_parallel_threads.c
index afbd793d..4ff57044 100644
--- a/src/testcurl/https/test_https_get_parallel_threads.c
+++ b/src/testcurl/https/test_https_get_parallel_threads.c
@@ -176,7 +176,7 @@ main (int argc, char *const *argv)
                NULL, port,
                MHD_USE_TLS | MHD_USE_ERROR_LOG | MHD_USE_THREAD_PER_CONNECTION
                | MHD_USE_INTERNAL_POLLING_THREAD,
-               NULL, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
+               NULL, CURL_SSLVERSION_DEFAULT, MHD_OPTION_HTTPS_MEM_KEY,
                srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT,
                srv_self_signed_cert_pem, MHD_OPTION_END);
 
@@ -185,7 +185,7 @@ main (int argc, char *const *argv)
                &test_parallel_clients, NULL, port,
                MHD_USE_TLS | MHD_USE_ERROR_LOG | MHD_USE_THREAD_PER_CONNECTION
                | MHD_USE_INTERNAL_POLLING_THREAD,
-               NULL, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
+               NULL, CURL_SSLVERSION_DEFAULT, MHD_OPTION_HTTPS_MEM_KEY,
                srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT,
                srv_self_signed_cert_pem, MHD_OPTION_END);
 
diff --git a/src/testcurl/https/test_https_get_select.c b/src/testcurl/https/test_https_get_select.c
index 7149caf7..13145390 100644
--- a/src/testcurl/https/test_https_get_select.c
+++ b/src/testcurl/https/test_https_get_select.c
@@ -127,7 +127,7 @@ testExternalGet (unsigned int flags)
   curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, &copyBuffer);
   curl_easy_setopt (c, CURLOPT_WRITEDATA, &cbc);
   /* TLS options */
-  curl_easy_setopt (c, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
+  curl_easy_setopt (c, CURLOPT_SSLVERSION, CURL_SSLVERSION_DEFAULT);
   curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0L);
   curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0L);
   curl_easy_setopt (c, CURLOPT_FAILONERROR, 1L);
diff --git a/src/testcurl/https/test_https_multi_daemon.c b/src/testcurl/https/test_https_multi_daemon.c
index be7f65a2..7d99940c 100644
--- a/src/testcurl/https/test_https_multi_daemon.c
+++ b/src/testcurl/https/test_https_multi_daemon.c
@@ -149,7 +149,7 @@ main (int argc, char *const *argv)
   }
 
   errorCount +=
-    test_concurent_daemon_pair (NULL, NULL, CURL_SSLVERSION_TLSv1);
+    test_concurent_daemon_pair (NULL, NULL, CURL_SSLVERSION_DEFAULT);
 
   print_test_result (errorCount, "concurent_daemon_pair");
 
diff --git a/src/testcurl/https/test_tls_authentication.c b/src/testcurl/https/test_tls_authentication.c
index 1fa2f795..fb6e5615 100644
--- a/src/testcurl/https/test_tls_authentication.c
+++ b/src/testcurl/https/test_tls_authentication.c
@@ -105,7 +105,7 @@ main (int argc, char *const *argv)
   }
 
   errorCount +=
-    test_secure_get (NULL, NULL, CURL_SSLVERSION_TLSv1);
+    test_secure_get (NULL, NULL, CURL_SSLVERSION_DEFAULT);
 
   print_test_result (errorCount, argv[0]);
 
-- 
cgit v1.2.3