From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Wed, 4 Aug 2021 07:58:38 +0000 (+0200)
Subject: - In unit test use openssl set security level to allow keys in test.
X-Git-Tag: release-1.13.2rc1~11
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f5d53928a34ff2a5a3f50d3e9c4b5aa7ded32511;p=thirdparty%2Funbound.git

- In unit test use openssl set security level to allow keys in test.
---

diff --git a/doc/Changelog b/doc/Changelog
index 15a2b00b7..ad229cbe4 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+4 August 2021: Wouter
+	- In unit test use openssl set security level to allow keys in test.
+
 3 August 2021: George
 	- Listen to read or write events after the SSL handshake.
 	  Sticky events on windows would stick on read when write was needed.
diff --git a/testcode/petal.c b/testcode/petal.c
index 123684aab..a1a376155 100644
--- a/testcode/petal.c
+++ b/testcode/petal.c
@@ -238,6 +238,9 @@ setup_ctx(char* key, char* cert)
 	(void)SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
 #endif
 	(void)SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3);
+#ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL
+	SSL_CTX_set_security_level(ctx, 0); /* for keys in tests */
+#endif
 	if(!SSL_CTX_use_certificate_chain_file(ctx, cert))
 		print_exit("cannot read cert");
 	if(!SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM))