git.openssl.org Git - openssl.git/commit

Support disabling any or all TLS or DTLS versions

Some users want to disable SSL 3.0/TLS 1.0/TLS 1.1, and enable just
TLS 1.2. In the future they might want to disable TLS 1.2 and
enable just TLS 1.3, ...

This commit makes it possible to disable any or all of the TLS or
DTLS protocols. It also considerably simplifies the SSL/TLS tests,
by auto-generating the min/max version tests based on the set of
supported protocols (425 explicitly written out tests got replaced
by two loops that generate all 425 tests if all protocols are
enabled, fewer otherwise).

Reviewed-by: Richard Levitte <levitte@openssl.org>

author	Viktor Dukhovni <openssl-users@dukhovni.org>
	Mon, 18 Jan 2016 18:10:21 +0000 (13:10 -0500)
committer	Viktor Dukhovni <openssl-users@dukhovni.org>
	Tue, 19 Jan 2016 14:57:15 +0000 (09:57 -0500)
commit	6b01bed206156dbcb1ab150f618c8b24c01fb0d0
tree	667ea072f731ab8904a121f5b57adb01e40df4af	tree \| snapshot
parent	6ada465fb258ae2c29668c59f3ec9b69dc38f8b3	commit \| diff

Configure		diff \| blob \| history
apps/ciphers.c		diff \| blob \| history
apps/openssl.c		diff \| blob \| history
apps/s_client.c		diff \| blob \| history
apps/s_server.c		diff \| blob \| history
ssl/methods.c		diff \| blob \| history
ssl/statem/statem_lib.c		diff \| blob \| history
test/recipes/80-test_ssl.t		diff \| blob \| history
test/ssltest.c		diff \| blob \| history