From b4ea929d51c6d0ec0aab78072b81f39289b6de84 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 19 Mar 2018 08:06:22 +0100 Subject: [PATCH] In TLSProxy::Proxy, specify TLSv1.2 as maximum allowable protocol Partially fixes #5661 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/5662) --- util/perl/TLSProxy/Proxy.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/util/perl/TLSProxy/Proxy.pm b/util/perl/TLSProxy/Proxy.pm index 88b048ecc3..7d9cb37f77 100644 --- a/util/perl/TLSProxy/Proxy.pm +++ b/util/perl/TLSProxy/Proxy.pm @@ -178,7 +178,7 @@ sub start $pid = fork(); if ($pid == 0) { my $execcmd = $self->execute - ." s_server -no_comp -rev -engine ossltest -accept " + ." s_server -max_protocol TLSv1.2 -no_comp -rev -engine ossltest -accept " .($self->server_port) ." -cert ".$self->cert." -naccept ".$self->serverconnects; unless ($self->supports_IPv6) { @@ -215,7 +215,7 @@ sub clientstart $echostr = "test"; } my $execcmd = "echo ".$echostr." | ".$self->execute - ." s_client -engine ossltest -connect " + ." s_client -max_protocol TLSv1.2 -engine ossltest -connect " .($self->proxy_addr).":".($self->proxy_port); unless ($self->supports_IPv6) { $execcmd .= " -4"; -- 2.25.1