From 7d7f6834e542e53f604b46a72d57fad773d4b2bc Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 19 Mar 2018 09:08:06 +0100 Subject: Enhance ssltestlib's create_ssl_ctx_pair to take min and max proto version Have all test programs using that function specify those versions. Additionally, have the remaining test programs that use SSL_CTX_new directly specify at least the maximum protocol version. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/5663) --- test/ssltestlib.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'test/ssltestlib.c') diff --git a/test/ssltestlib.c b/test/ssltestlib.c index 4473c670d7..f7dc65f734 100644 --- a/test/ssltestlib.c +++ b/test/ssltestlib.c @@ -511,6 +511,7 @@ static int mempacket_test_puts(BIO *bio, const char *str) } int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, + int min_proto_version, int max_proto_version, SSL_CTX **sctx, SSL_CTX **cctx, char *certfile, char *privkeyfile) { @@ -521,6 +522,22 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, || (cctx != NULL && !TEST_ptr(clientctx = SSL_CTX_new(cm)))) goto err; + if ((min_proto_version > 0 + && !TEST_true(SSL_CTX_set_min_proto_version(serverctx, + min_proto_version))) + || (max_proto_version > 0 + && !TEST_true(SSL_CTX_set_max_proto_version(serverctx, + max_proto_version)))) + goto err; + if (clientctx != NULL + && ((min_proto_version > 0 + && !TEST_true(SSL_CTX_set_min_proto_version(serverctx, + min_proto_version))) + || (max_proto_version > 0 + && !TEST_true(SSL_CTX_set_max_proto_version(serverctx, + max_proto_version))))) + goto err; + if (!TEST_int_eq(SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM), 1) || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(serverctx, privkeyfile, -- cgit v1.2.3