From: Jean-Marc Pigeon (Delson) <jmp@safe.ca>
Date: Sat, 19 Jul 2025 20:11:16 +0000 (-0400)
Subject: Checking behavier using only TLS1_3_VERSION
X-Git-Tag: tag-0.14~39
X-Git-Url: https://jmp-git.ovh.safe.ca/?a=commitdiff_plain;h=d15c9d0ee677e9360e82b4f72c62e4d7b11b9279;p=jmp%2Fmailleur

Checking behavier using only TLS1_3_VERSION
---

diff --git a/Makefile b/Makefile
index f28a26d..4efc070 100644
--- a/Makefile
+++ b/Makefile
@@ -148,7 +148,7 @@ tlsref:
 			-cert certs/localhost-cert.pem			\
 			-key certs/localhost-key.pem			\
 			-starttls smtp					\
-			-connect tar1.osukiss.org:25
+			-connect $(TESTSRV):$(TESTPORT)	
 
 #			-connect mx2.free.fr:25
 #			-connect mailprod1.safe.ca:587
diff --git a/lib/unitls.c b/lib/unitls.c
index f61ac64..3d4b46a 100644
--- a/lib/unitls.c
+++ b/lib/unitls.c
@@ -295,6 +295,7 @@ while (proceed==true) {
       (void) SSL_CTX_set_purpose(tls->ctx,X509_PURPOSE_ANY);
       (void) SSL_CTX_set_verify_depth(tls->ctx,7);
       (void) SSL_CTX_set_options(tls->ctx,SSL_OP_ALL);
+      (void) SSL_CTX_set_min_proto_version(tls->ctx,TLS1_3_VERSION);
       (void) SSL_CTX_set_security_level(tls->ctx,seclevel);
       if (SSL_CTX_set_cipher_list(tls->ctx,cipher_list)==0) {
         (void) showtlserror(tls,0,"No cipher list");