The source project of this merge request has been removed.
As far as I can tell, SSL 3.0 as described in RFC6101 does not require any support for TLS extensions.
This MR modifies gnutls-cli-debug to test servers for SSL 3.0 without extensions, and without including any newer-than-SSL 3.0 ciphersuites, before testing with extensions enabled, and with newer-than-SSL 3.0 ciphersuites enabled.
This prevents gnutls-cli-debug from incorrectly reporting a lack of SSL 3.0 support in some very old, but seemingly standards-compliant, servers. (See #958 (closed) for an example.)
Checklist
-
Commits have Signed-off-by:with name/author being identical to the commit author -
Code modified for feature -
Test suite updated with functionality tests -
Test suite updated with negative tests -
Documentation updated / NEWS entry present (for non-trivial changes) -
CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)
Reviewer's checklist:
-
Any issues marked for closing are addressed -
There is a test suite reasonably covering new functionality or modifications -
Function naming, parameters, return values, types, etc., are consistent and according to CONTRIBUTION.md -
This feature/change has adequate documentation added -
No obvious mistakes in the code