From c312ee3cde39d9c97d3552b43533a4384321dc9e Mon Sep 17 00:00:00 2001
From: Dan Callaghan <djc@djc.id.au>
Date: Fri, 11 Sep 2020 04:49:08 +1000
Subject: Use TLSv1.2 for fake servers in tests (#8208)

Some Linux distros have begun disabling TLSv1.0 and TLSv1.1 by default
for security reasons, for example in Fedora 33 onwards:

https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2

Use TLSv1.2 for the fake TLS servers created in the test suite, to avoid
failures due to OpenSSL disallowing TLSv1.0:

    <twisted.python.failure.Failure OpenSSL.SSL.Error: [('SSL routines',
    'ssl_choose_client_version', 'unsupported protocol')]>

Signed-off-by: Dan Callaghan <djc@djc.id.au>
---
 changelog.d/8208.misc | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changelog.d/8208.misc

(limited to 'changelog.d')

diff --git a/changelog.d/8208.misc b/changelog.d/8208.misc
new file mode 100644
index 0000000000..e65da88c46
--- /dev/null
+++ b/changelog.d/8208.misc
@@ -0,0 +1 @@
+Fix tests on distros which disable TLSv1.0. Contributed by @danc86.
-- 
cgit 1.4.1