Skip to content

Commit

Permalink
spec/tls_spec: make sure TLS 1.3 isn't used in banned ciphers test
Browse files Browse the repository at this point in the history
  • Loading branch information
@daurnimator
daurnimator committed Jun 19, 2021
1 parent 3c3ed07 commit 169c1a7
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions spec/tls_spec.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,15 @@ describe("http.tls module", function()
local s, c = ca.assert(cs.pair())
local cq = cqueues.new()
cq:wrap(function()
local ctx = openssl_ctx.new("TLSv1", false)
local ctx = openssl_ctx.new("TLS", false)
assert(c:starttls(ctx))
local ssl = assert(s:checktls())
local cipher = ssl:getCipherInfo()
assert(tls.banned_ciphers[cipher.name])
end)
cq:wrap(function()
local ctx = openssl_ctx.new("TLSv1", true)
local ctx = openssl_ctx.new("TLS", true)
ctx:setOptions(openssl_ctx.OP_NO_TLSv1_3)
ctx:setCipherList(banned_cipher_list)
ctx:setEphemeralKey(openssl_pkey.new{ type = "EC", curve = "prime256v1" })
local crt = openssl_x509.new()
Expand Down

0 comments on commit 169c1a7

Please sign in to comment.