Fix no-dtls1_2

dtlstest.c needs some adjusting to handle no-dtls1_2 since commit 7bf2e4d7f0c banned DTLSv1 at the default security level - causing the test to fail. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18848) (cherry picked from commit a6843e6ae8ae0551aae8555783f06dab7951f112)
author: Matt Caswell <matt@openssl.org> 2022-07-22 11:12:52 +0100
committer: Tomas Mraz <tomas@openssl.org> 2022-11-21 10:49:52 +0100
commit: 6f6f413312934e5ab8250741e2535293e1d7b237 (patch)
tree: f437a02f076e2b485fa9418ae936736afbf98754
parent: ba86c086c72d168353434531db7954681e20ac0b (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/test/dtlstest.c b/test/dtlstest.c
index 35c616cabd..e32b03b454 100644
--- a/test/dtlstest.c
+++ b/test/dtlstest.c
@@ -425,6 +425,12 @@ static int test_just_finished(void)
                                        &sctx, NULL, cert, privkey)))
         return 0;
 
+#ifdef OPENSSL_NO_DTLS1_2
+    /* DTLSv1 is not allowed at the default security level */
+    if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "DEFAULT:@SECLEVEL=0")))
+        goto end;
+#endif
+
     serverssl = SSL_new(sctx);
     rbio = BIO_new(BIO_s_mem());
     wbio = BIO_new(BIO_s_mem());
author	Matt Caswell <matt@openssl.org>	2022-07-22 11:12:52 +0100
committer	Tomas Mraz <tomas@openssl.org>	2022-11-21 10:49:52 +0100
commit	6f6f413312934e5ab8250741e2535293e1d7b237 (patch)
tree	f437a02f076e2b485fa9418ae936736afbf98754
parent	ba86c086c72d168353434531db7954681e20ac0b (diff)