From: Dr. Stephen Henson <steve@openssl.org>
Date: Thu, 2 Feb 2017 12:34:22 +0000 (+0000)
Subject: Add missing MinProtocol/MaxProtocol
X-Git-Tag: OpenSSL_1_1_1-pre1~2486
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0e2c7b3ee374bb78785095589a4b0c33bca4b9c3;p=openssl

Add missing MinProtocol/MaxProtocol

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2339)
---

diff --git a/test/ssl-tests/20-cert-select.conf b/test/ssl-tests/20-cert-select.conf
index 01afac393f..72ce42574b 100644
--- a/test/ssl-tests/20-cert-select.conf
+++ b/test/ssl-tests/20-cert-select.conf
@@ -78,6 +78,7 @@ client = 2-ECDSA CipherString Selection, no ECDSA certificate-client
 [2-ECDSA CipherString Selection, no ECDSA certificate-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [2-ECDSA CipherString Selection, no ECDSA certificate-client]
@@ -161,6 +162,7 @@ client = 5-ECDSA Signature Algorithm Selection, no ECDSA certificate-client
 [5-ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [5-ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
diff --git a/test/ssl-tests/20-cert-select.conf.in b/test/ssl-tests/20-cert-select.conf.in
index 7767aca0f8..2036d2c9a3 100644
--- a/test/ssl-tests/20-cert-select.conf.in
+++ b/test/ssl-tests/20-cert-select.conf.in
@@ -44,7 +44,9 @@ our @tests = (
     },
     {
         name => "ECDSA CipherString Selection, no ECDSA certificate",
-        server => { },
+        server => {
+            "MaxProtocol" => "TLSv1.2"
+        },
         client => {
             "CipherString" => "aECDSA"
         },
@@ -80,7 +82,9 @@ our @tests = (
     },
     {
         name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
-        server => { },
+        server => {
+             "MaxProtocol" => "TLSv1.2"
+        },
         client => {
             "SignatureAlgorithms" => "ECDSA+SHA256",
         },
@@ -166,7 +170,10 @@ my @tests_tls_1_3 = (
     },
     {
         name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
-        server => { },
+        server => {
+            "MinProtocol" => "TLSv1.3",
+            "MaxProtocol" => "TLSv1.3"
+        },
         client => {
             "SignatureAlgorithms" => "ECDSA+SHA256",
         },