From 169c1a7586d39be1bf0d98b69934e8e8b08a87cd Mon Sep 17 00:00:00 2001
From: daurnimator <quae@daurnimator.com>
Date: Sun, 20 Jun 2021 01:03:26 +1000
Subject: [PATCH] spec/tls_spec: make sure TLS 1.3 isn't used in banned ciphers
 test

---
 spec/tls_spec.lua | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/spec/tls_spec.lua b/spec/tls_spec.lua
index 73982fa..014b5dc 100644
--- a/spec/tls_spec.lua
+++ b/spec/tls_spec.lua
@@ -17,14 +17,15 @@ describe("http.tls module", function()
 		local s, c = ca.assert(cs.pair())
 		local cq = cqueues.new()
 		cq:wrap(function()
-			local ctx = openssl_ctx.new("TLSv1", false)
+			local ctx = openssl_ctx.new("TLS", false)
 			assert(c:starttls(ctx))
 			local ssl = assert(s:checktls())
 			local cipher = ssl:getCipherInfo()
 			assert(tls.banned_ciphers[cipher.name])
 		end)
 		cq:wrap(function()
-			local ctx = openssl_ctx.new("TLSv1", true)
+			local ctx = openssl_ctx.new("TLS", true)
+			ctx:setOptions(openssl_ctx.OP_NO_TLSv1_3)
 			ctx:setCipherList(banned_cipher_list)
 			ctx:setEphemeralKey(openssl_pkey.new{ type = "EC", curve = "prime256v1" })
 			local crt = openssl_x509.new()