Set security level to zero is ssltest
authorDr. Stephen Henson <steve@openssl.org>
Sun, 16 Feb 2014 12:50:18 +0000 (12:50 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 28 Mar 2014 14:56:43 +0000 (14:56 +0000)
Since ssltest needs to test low security ciphersuites and keys
set security level to zero so they aren't rejected.

ssl/ssltest.c

index 64c6743..31a033b 100644 (file)
@@ -1507,6 +1507,11 @@ bad:
                ERR_print_errors(bio_err);
                goto end;
                }
+       /* Since we will use low security ciphersuites and keys for
+        * testing set security level to zero.
+        */
+       SSL_CTX_set_security_level(c_ctx, 0);
+       SSL_CTX_set_security_level(s_ctx, 0);
 
        if (cipher != NULL)
                {