[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Mon Mar 12 15:17:19 UTC 2018
The branch master has been updated
via aaaa6ac11bdffb02eda132973c9740b4a45a3242 (commit)
from df0fed9aab239e2e9a269d06637a6442051dee3b (commit)
- Log -----------------------------------------------------------------
commit aaaa6ac11bdffb02eda132973c9740b4a45a3242
Author: Matt Caswell <matt at openssl.org>
Date: Mon Mar 12 11:42:00 2018 +0000
Don't negotiate TLSv1.3 with the ossl_shim
The ossl_shim doesn't know about TLSv1.3 so we should disable that
protocol version for all tests for now.
This fixes the current Travis failures.
[extended tests]
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5593)
-----------------------------------------------------------------------
Summary of changes:
test/ossl_shim/ossl_shim.cc | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/test/ossl_shim/ossl_shim.cc b/test/ossl_shim/ossl_shim.cc
index fd6fa06..739d1bd 100644
--- a/test/ossl_shim/ossl_shim.cc
+++ b/test/ossl_shim/ossl_shim.cc
@@ -533,6 +533,12 @@ static bssl::UniquePtr<SSL_CTX> SetupCtx(const TestConfig *config) {
!SSL_CTX_set_max_proto_version(ssl_ctx.get(), TLS1_3_VERSION)) {
return nullptr;
}
+#else
+ /* Ensure we don't negotiate TLSv1.3 until we can handle it */
+ if (!config->is_dtls &&
+ !SSL_CTX_set_max_proto_version(ssl_ctx.get(), TLS1_2_VERSION)) {
+ return nullptr;
+ }
#endif
std::string cipher_list = "ALL";
More information about the openssl-commits
mailing list