diff options
author | Richard Levitte <levitte@openssl.org> | 2018-03-19 09:08:06 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2018-03-19 18:24:30 +0100 |
commit | 7d7f6834e542e53f604b46a72d57fad773d4b2bc (patch) | |
tree | 4b126c6099d838deea5c740751141291807037bc /test/ssltestlib.c | |
parent | 2e2faa8c4802f2fcecea699ddda246929b2ca329 (diff) | |
download | openssl-7d7f6834e542e53f604b46a72d57fad773d4b2bc.tar.gz |
Enhance ssltestlib's create_ssl_ctx_pair to take min and max proto version
Have all test programs using that function specify those versions.
Additionally, have the remaining test programs that use SSL_CTX_new
directly specify at least the maximum protocol version.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5663)
Diffstat (limited to 'test/ssltestlib.c')
-rw-r--r-- | test/ssltestlib.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/test/ssltestlib.c b/test/ssltestlib.c index 4473c670d7..f7dc65f734 100644 --- a/test/ssltestlib.c +++ b/test/ssltestlib.c @@ -511,6 +511,7 @@ static int mempacket_test_puts(BIO *bio, const char *str) } int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, + int min_proto_version, int max_proto_version, SSL_CTX **sctx, SSL_CTX **cctx, char *certfile, char *privkeyfile) { @@ -521,6 +522,22 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, || (cctx != NULL && !TEST_ptr(clientctx = SSL_CTX_new(cm)))) goto err; + if ((min_proto_version > 0 + && !TEST_true(SSL_CTX_set_min_proto_version(serverctx, + min_proto_version))) + || (max_proto_version > 0 + && !TEST_true(SSL_CTX_set_max_proto_version(serverctx, + max_proto_version)))) + goto err; + if (clientctx != NULL + && ((min_proto_version > 0 + && !TEST_true(SSL_CTX_set_min_proto_version(serverctx, + min_proto_version))) + || (max_proto_version > 0 + && !TEST_true(SSL_CTX_set_max_proto_version(serverctx, + max_proto_version))))) + goto err; + if (!TEST_int_eq(SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM), 1) || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(serverctx, privkeyfile, |