summaryrefslogtreecommitdiff
path: root/cpp/test/IceSSL/configuration/AllTests.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'cpp/test/IceSSL/configuration/AllTests.cpp')
-rw-r--r--cpp/test/IceSSL/configuration/AllTests.cpp30
1 files changed, 27 insertions, 3 deletions
diff --git a/cpp/test/IceSSL/configuration/AllTests.cpp b/cpp/test/IceSSL/configuration/AllTests.cpp
index a2155a1ea2d..7fa5b5fe97c 100644
--- a/cpp/test/IceSSL/configuration/AllTests.cpp
+++ b/cpp/test/IceSSL/configuration/AllTests.cpp
@@ -578,6 +578,10 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12)
initData.properties = createClientProps(defaultProps, defaultDir, defaultHost, p12);
initData.properties->setProperty("Ice.InitPlugins", "0");
# ifdef ICE_USE_OPENSSL
+ //
+ // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers
+ //
+ initData.properties->setProperty("IceSSL.SecurityLevel", "0");
initData.properties->setProperty("IceSSL.Ciphers", "ADH");
# else
initData.properties->setProperty("IceSSL.Ciphers", "DH_anon_WITH_AES_256_CBC_SHA");
@@ -591,6 +595,10 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12)
Test::ServerFactoryPrxPtr fact = ICE_CHECKED_CAST(Test::ServerFactoryPrx, obj);
Test::Properties d = createServerProps(defaultProps, defaultDir, defaultHost, p12);
# ifdef ICE_USE_OPENSSL
+ //
+ // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers
+ //
+ d["IceSSL.SecurityLevel"] = "0";
d["IceSSL.Ciphers"] = "ADH";
# else
d["IceSSL.Ciphers"] = "DH_anon_WITH_AES_256_CBC_SHA";
@@ -1308,6 +1316,10 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12)
InitializationData initData;
initData.properties = createClientProps(defaultProps, defaultDir, defaultHost, p12);
# ifdef ICE_USE_OPENSSL
+ //
+ // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers
+ //
+ initData.properties->setProperty("IceSSL.SecurityLevel", "0");
initData.properties->setProperty("IceSSL.Ciphers", "ADH");
# else
initData.properties->setProperty("IceSSL.Ciphers", "(DH_anon*)");
@@ -1323,7 +1335,11 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12)
test(fact);
Test::Properties d = createServerProps(defaultProps, defaultDir, defaultHost, p12);
# ifdef ICE_USE_OPENSSL
+ //
+ // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers
+ //
string cipherSub = "ADH-";
+ d["IceSSL.SecurityLevel"] = "0";
d["IceSSL.Ciphers"] = "ADH";
# else
string cipherSub = "DH_anon";
@@ -1918,6 +1934,10 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12)
InitializationData initData;
initData.properties = createClientProps(defaultProps, defaultDir, defaultHost, p12);
# ifdef ICE_USE_OPENSSL
+ //
+ // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers
+ //
+ initData.properties->setProperty("IceSSL.SecurityLevel", "0");
initData.properties->setProperty("IceSSL.Ciphers", "ADH");
# else
initData.properties->setProperty("IceSSL.Ciphers", "(DH_anon*)");
@@ -1927,6 +1947,10 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12)
test(fact);
Test::Properties d = createServerProps(defaultProps, defaultDir, defaultHost, p12, "s_rsa_ca1", "cacert1");
# ifdef ICE_USE_OPENSSL
+ //
+ // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers
+ //
+ d["IceSSL.SecurityLevel"] = "0";
string cipherSub = "ADH-";
d["IceSSL.Ciphers"] = "RSA:ADH";
# else
@@ -2166,13 +2190,14 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12)
//
InitializationData initData;
initData.properties = createClientProps(defaultProps, defaultDir, defaultHost, p12, "c_dsa_ca1", "cacert1");
- initData.properties->setProperty("IceSSL.Ciphers", "DEFAULT:DSS");
+ initData.properties->setProperty("IceSSL.Ciphers", "DHE:DSS");
CommunicatorPtr comm = initialize(initData);
Test::ServerFactoryPrxPtr fact = ICE_CHECKED_CAST(Test::ServerFactoryPrx, comm->stringToProxy(factoryRef));
test(fact);
Test::Properties d = createServerProps(defaultProps, defaultDir, defaultHost, p12, "s_dsa_ca1", "cacert1");
- d["IceSSL.Ciphers"] = "DEFAULT:DSS";
+ d["IceSSL.Ciphers"] = "DHE:DSS";
d["IceSSL.VerifyPeer"] = "1";
+
Test::ServerPrxPtr server = fact->createServer(d);
try
{
@@ -2184,7 +2209,6 @@ allTests(const CommunicatorPtr& communicator, const string& testDir, bool p12)
}
fact->destroyServer(server);
comm->destroy();
-
//
// Next try a client with an RSA certificate.
//
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-04 01:32:46 +0000