diff options
| author | Matt Caswell <matt@openssl.org> | 2016-10-31 18:12:33 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-11-09 16:03:08 +0000 |
| commit | 7b21c00e1c8841a1efe654e0488d4fc9af47db4c (patch) | |
| tree | 7d7982776894e18c8131c226ca72f0a698a70cf1 /test/ssl-tests | |
| parent | bf85ef1b60d03c76e85ec06be3999ead4533f092 (diff) | |
Look at the supported_versions extension even if the server <TLS1.3
If supported_versions is present it takes precedence.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'test/ssl-tests')
| -rw-r--r-- | test/ssl-tests/protocol_version.pm | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/test/ssl-tests/protocol_version.pm b/test/ssl-tests/protocol_version.pm index 9abcaae5e2..cc39c757c4 100644 --- a/test/ssl-tests/protocol_version.pm +++ b/test/ssl-tests/protocol_version.pm @@ -236,9 +236,10 @@ sub expected_result { return ("ServerFail", undef); } elsif ($c_min > $s_max) { my @prots = @$protocols; - if ($prots[$c_min] eq "TLSv1.3") { - # Client won't have sent any ciphersuite the server recognises - return ("ServerFail", undef); + if ($prots[$c_max] eq "TLSv1.3") { + # Client will have sent supported_versions, so server will know + # that there are no overlapping versions. + return ("ServerFail", undef); } else { # Server will try with a version that is lower than the lowest # supported client version. |