diff options
author | Matt Caswell <matt@openssl.org> | 2018-03-12 11:42:00 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-03-12 15:08:15 +0000 |
commit | aaaa6ac11bdffb02eda132973c9740b4a45a3242 (patch) | |
tree | 91d4fdd3f0550f7f37ea2117fd6ff8c1a65e7412 /test/ossl_shim | |
parent | df0fed9aab239e2e9a269d06637a6442051dee3b (diff) |
Don't negotiate TLSv1.3 with the ossl_shim
The ossl_shim doesn't know about TLSv1.3 so we should disable that
protocol version for all tests for now.
This fixes the current Travis failures.
[extended tests]
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5593)
Diffstat (limited to 'test/ossl_shim')
-rw-r--r-- | test/ossl_shim/ossl_shim.cc | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/test/ossl_shim/ossl_shim.cc b/test/ossl_shim/ossl_shim.cc index fd6fa06a1f..739d1bd167 100644 --- a/test/ossl_shim/ossl_shim.cc +++ b/test/ossl_shim/ossl_shim.cc @@ -533,6 +533,12 @@ static bssl::UniquePtr<SSL_CTX> SetupCtx(const TestConfig *config) { !SSL_CTX_set_max_proto_version(ssl_ctx.get(), TLS1_3_VERSION)) { return nullptr; } +#else + /* Ensure we don't negotiate TLSv1.3 until we can handle it */ + if (!config->is_dtls && + !SSL_CTX_set_max_proto_version(ssl_ctx.get(), TLS1_2_VERSION)) { + return nullptr; + } #endif std::string cipher_list = "ALL"; |