use OpenSSL::Test::Utils qw/anydisabled alldisabled/;
setup("no_test_here");
-my @tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2");
+my @tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3");
# undef stands for "no limit".
-my @min_tls_protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2");
-my @max_tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", undef);
+my @min_tls_protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3");
+my @max_tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3", undef);
-my @is_tls_disabled = anydisabled("ssl3", "tls1", "tls1_1", "tls1_2");
+my @is_tls_disabled = anydisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3");
my $min_tls_enabled; my $max_tls_enabled;
sub no_tests {
my ($dtls) = @_;
return $dtls ? alldisabled("dtls1", "dtls1_2") :
- alldisabled("ssl3", "tls1", "tls1_1", "tls1_2");
+ alldisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3");
}
sub generate_version_tests {
# Server doesn't support the client range.
return ("ServerFail", undef);
} elsif ($c_min > $s_max) {
- # Server will try with a version that is lower than the lowest
- # supported client version.
- return ("ClientFail", undef);
+ my @prots = @$protocols;
+ if ($prots[$c_min] eq "TLSv1.3") {
+ # Client won't have sent any ciphersuite the server recognises
+ return ("ServerFail", undef);
+ } else {
+ # Server will try with a version that is lower than the lowest
+ # supported client version.
+ return ("ClientFail", undef);
+ }
} else {
# Server and client ranges overlap.
my $max_common = $s_max < $c_max ? $s_max : $c_max;