diff options
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_ssl.py | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/tests/test_ssl.py b/tests/test_ssl.py index e79d9fa..e604164 100644 --- a/tests/test_ssl.py +++ b/tests/test_ssl.py @@ -53,6 +53,7 @@ from OpenSSL.SSL import ( SSLEAY_VERSION, SSLEAY_CFLAGS, TLS_METHOD, + TLS1_3_VERSION, TLS1_2_VERSION, TLS1_1_VERSION, ) @@ -136,6 +137,11 @@ try: except ImportError: SSL_ST_INIT = SSL_ST_BEFORE = SSL_ST_OK = SSL_ST_RENEGOTIATE = None +try: + from OpenSSL.SSL import OP_NO_TLSv1_3 +except ImportError: + OP_NO_TLSv1_3 = None + from .util import WARNING_TYPE_EXPECTED, NON_ASCII, is_consistent_type from .test_crypto import ( client_cert_pem, @@ -1047,6 +1053,13 @@ class TestContext(object): assert all(b"CLIENT_RANDOM" in line for conn, line in called) def test_set_proto_version(self): + if OP_NO_TLSv1_3 is None: + high_version = TLS1_2_VERSION + low_version = TLS1_1_VERSION + else: + high_version = TLS1_3_VERSION + low_version = TLS1_2_VERSION + server_context = Context(TLS_METHOD) server_context.use_certificate( load_certificate(FILETYPE_PEM, root_cert_pem) @@ -1054,10 +1067,10 @@ class TestContext(object): server_context.use_privatekey( load_privatekey(FILETYPE_PEM, root_key_pem) ) - server_context.set_min_proto_version(TLS1_2_VERSION) + server_context.set_min_proto_version(high_version) client_context = Context(TLS_METHOD) - client_context.set_max_proto_version(TLS1_1_VERSION) + client_context.set_max_proto_version(low_version) with pytest.raises(Error, match="unsupported protocol"): self._handshake_test(server_context, client_context) |