Update DTLS version tests

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22275)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 0e133bddedebea9163eddf1210d788df3b1a75ec..3c3b6a29046cae0337dbe5a7cbf2573e57ed5afa 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -472,7 +472,7 @@ static int ssl_check_allowed_versions(int min_version, int max_version)
             /* Ignore DTLS1_BAD_VER */
             min_version = DTLS1_VERSION;
         if (max_version == 0)
-            max_version = DTLS1_2_VERSION;
+            max_version = DTLS1_3_VERSION;
 #ifdef OPENSSL_NO_DTLS1_2
         if (max_version == DTLS1_2_VERSION)
             max_version = DTLS1_VERSION;

diff --git a/test/ssl_ctx_test.c b/test/ssl_ctx_test.c
index 16da838dea106bd87bf4b15d10a1dffc19110392..6390de6a0bc95f89ebcfa715af01e08767069f62 100644 (file)
--- a/test/ssl_ctx_test.c
+++ b/test/ssl_ctx_test.c
@@ -47,6 +47,9 @@ static const version_test version_testdata[] = {
     {PROTO_TLS,  7,                      42,                     0, 0, 0,                  0},
     {PROTO_DTLS, 0,                      0,                      1, 1, 0,                  0},
     {PROTO_DTLS, DTLS1_VERSION,          DTLS1_2_VERSION,        1, 1, DTLS1_VERSION,      DTLS1_2_VERSION},
+    {PROTO_DTLS, DTLS1_VERSION,          DTLS1_3_VERSION,        1, 1, DTLS1_VERSION,      DTLS1_3_VERSION},
+    {PROTO_DTLS, DTLS1_2_VERSION,        DTLS1_3_VERSION,        1, 1, DTLS1_2_VERSION,    DTLS1_3_VERSION},
+    {PROTO_DTLS, DTLS1_3_VERSION,        DTLS1_3_VERSION,        1, 1, DTLS1_3_VERSION,    DTLS1_3_VERSION},
 #ifndef OPENSSL_NO_DTLS1_2
     {PROTO_DTLS, DTLS1_2_VERSION,        DTLS1_2_VERSION,        1, 1, DTLS1_2_VERSION,    DTLS1_2_VERSION},
 #endif
@@ -56,8 +59,8 @@ static const version_test version_testdata[] = {
 #if !defined(OPENSSL_NO_DTLS1) && !defined(OPENSSL_NO_DTLS1_2)
     {PROTO_DTLS, DTLS1_2_VERSION,        DTLS1_VERSION,          1, 1, DTLS1_2_VERSION,    DTLS1_VERSION},
 #endif
-    {PROTO_DTLS, DTLS1_VERSION + 1,      DTLS1_2_VERSION,        0, 1, 0,                  DTLS1_2_VERSION},
-    {PROTO_DTLS, DTLS1_VERSION,          DTLS1_2_VERSION - 1,    1, 0, DTLS1_VERSION,      0},
+    {PROTO_DTLS, DTLS1_VERSION + 1,      DTLS1_3_VERSION,        0, 1, 0,                  DTLS1_3_VERSION},
+    {PROTO_DTLS, DTLS1_VERSION,          DTLS1_3_VERSION - 1,    1, 0, DTLS1_VERSION,      0},
     {PROTO_DTLS, TLS1_VERSION,           TLS1_3_VERSION,         1, 1, 0,                  0},
     {PROTO_DTLS, OSSL_QUIC1_VERSION,     OSSL_QUIC1_VERSION,     0, 0, 0,                  0},
     /* These functions never have an effect when called on a QUIC object */
@@ -66,7 +69,7 @@ static const version_test version_testdata[] = {
     {PROTO_QUIC, OSSL_QUIC1_VERSION,     OSSL_QUIC1_VERSION + 1, 0, 0, 0,                  0},
     {PROTO_QUIC, TLS1_VERSION,           TLS1_3_VERSION,         1, 1, 0,                  0},
 #ifndef OPENSSL_NO_DTLS
-    {PROTO_QUIC, DTLS1_VERSION,          DTLS1_2_VERSION,        1, 1, 0,                  0},
+    {PROTO_QUIC, DTLS1_VERSION,          DTLS1_3_VERSION,        1, 1, 0,                  0},
 #endif
 };