[gnutls-devel] GnuTLS | testcompat-openssl: improve testing against secured OpenSSL versions. (!1168)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Thu Jan 23 08:45:36 CET 2020

Dimitri John Ledkov commented:

@lumag @nmav So, reverting to 1k DSA results in testsuite failures of testcompat-openssl.sh against 1.1.1d, but since that is running test case in parallel, it's hard to tell which ones are failing.

Let me re-run that in serial to understand which test cases fail. I fear that 1.1.1d rejects 1k DSA keys even at SECLEVEL=0 and there is no way to go even lower than that, unless one overrides and provides a custom security callback function.

I think 1k DSA should only be tested against openssl 1.0.2 series.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/1168#note_275725419
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200123/80a79ece/attachment.html>

More information about the Gnutls-devel mailing list