Commit 6021d8ec authored by Matt Caswell's avatar Matt Caswell
Browse files

Fix a bug in create_ssl_ctx_pair() 



The max protocol version was only being set on the server side. It should
have been done on both the client and the server.

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6113)
parent 3bfa4756

test/ssltestlib.c

+2 −2
Original line number Diff line number Diff line
@@ -531,10 +531,10 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, 
        goto err;

    if (clientctx != NULL

        && ((min_proto_version > 0

             && !TEST_true(SSL_CTX_set_min_proto_version(serverctx,

             && !TEST_true(SSL_CTX_set_min_proto_version(clientctx,

                                                         min_proto_version)))

            || (max_proto_version > 0

                && !TEST_true(SSL_CTX_set_max_proto_version(serverctx,

                && !TEST_true(SSL_CTX_set_max_proto_version(clientctx,

                                                            max_proto_version)))))

        goto err;