In TLSProxy::Proxy, specify TLSv1.3 as maximum allowable protocol
authorRichard Levitte <levitte@openssl.org>
Mon, 19 Mar 2018 07:44:04 +0000 (08:44 +0100)
committerRichard Levitte <levitte@openssl.org>
Mon, 19 Mar 2018 17:24:30 +0000 (18:24 +0100)
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5663)

util/perl/TLSProxy/Proxy.pm

index db7b19c4a4f3dd8636d72efc032ce2277e103855..7b4ad052de273ea3fd703a5f2b4b0c8da0aefdc2 100644 (file)
@@ -192,7 +192,7 @@ sub start
     $pid = fork();
     if ($pid == 0) {
         my $execcmd = $self->execute
-            ." s_server -no_comp -rev -engine ossltest -accept "
+            ." s_server -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -accept "
             .($self->server_port)
             ." -cert ".$self->cert." -cert2 ".$self->cert
             ." -naccept ".$self->serverconnects;
@@ -233,7 +233,7 @@ sub clientstart
                 $echostr = "test";
             }
             my $execcmd = "echo ".$echostr." | ".$self->execute
-                 ." s_client -engine ossltest -connect "
+                 ." s_client -max_protocol TLSv1.3 -engine ossltest -connect "
                  .($self->proxy_addr).":".($self->proxy_port);
             unless ($self->supports_IPv6) {
                 $execcmd .= " -4";