From: Matt Caswell <matt@openssl.org>
Date: Fri, 27 Apr 2018 11:09:08 +0000 (+0100)
Subject: Fix a bug in create_ssl_ctx_pair()
X-Git-Tag: OpenSSL_1_1_1-pre7~110
X-Git-Url: http://git.ipfire.org/?p=thirdparty%2Fopenssl.git;a=commitdiff_plain;h=6021d8ec5affe07116cdae81fa3db81d67996aac

Fix a bug in create_ssl_ctx_pair()

The max protocol version was only being set on the server side. It should
have been done on both the client and the server.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6113)
---

diff --git a/test/ssltestlib.c b/test/ssltestlib.c
index ebd87cc7f0..959e3296a8 100644
--- a/test/ssltestlib.c
+++ b/test/ssltestlib.c
@@ -531,10 +531,10 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm,
         goto err;
     if (clientctx != NULL
         && ((min_proto_version > 0
-             && !TEST_true(SSL_CTX_set_min_proto_version(serverctx,
+             && !TEST_true(SSL_CTX_set_min_proto_version(clientctx,
                                                          min_proto_version)))
             || (max_proto_version > 0
-                && !TEST_true(SSL_CTX_set_max_proto_version(serverctx,
+                && !TEST_true(SSL_CTX_set_max_proto_version(clientctx,
                                                             max_proto_version)))))
         goto err;