From 0e2c7b3ee374bb78785095589a4b0c33bca4b9c3 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Thu, 2 Feb 2017 12:34:22 +0000
Subject: [PATCH] Add missing MinProtocol/MaxProtocol

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2339)
---
 test/ssl-tests/20-cert-select.conf    |  2 ++
 test/ssl-tests/20-cert-select.conf.in | 13 ++++++++++---
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/test/ssl-tests/20-cert-select.conf b/test/ssl-tests/20-cert-select.conf
index 01afac393f..72ce42574b 100644
--- a/test/ssl-tests/20-cert-select.conf
+++ b/test/ssl-tests/20-cert-select.conf
@@ -78,6 +78,7 @@ client = 2-ECDSA CipherString Selection, no ECDSA certificate-client
 [2-ECDSA CipherString Selection, no ECDSA certificate-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [2-ECDSA CipherString Selection, no ECDSA certificate-client]
@@ -161,6 +162,7 @@ client = 5-ECDSA Signature Algorithm Selection, no ECDSA certificate-client
 [5-ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [5-ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
diff --git a/test/ssl-tests/20-cert-select.conf.in b/test/ssl-tests/20-cert-select.conf.in
index 7767aca0f8..2036d2c9a3 100644
--- a/test/ssl-tests/20-cert-select.conf.in
+++ b/test/ssl-tests/20-cert-select.conf.in
@@ -44,7 +44,9 @@ our @tests = (
     },
     {
         name => "ECDSA CipherString Selection, no ECDSA certificate",
-        server => { },
+        server => {
+            "MaxProtocol" => "TLSv1.2"
+        },
         client => {
             "CipherString" => "aECDSA"
         },
@@ -80,7 +82,9 @@ our @tests = (
     },
     {
         name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
-        server => { },
+        server => {
+             "MaxProtocol" => "TLSv1.2"
+        },
         client => {
             "SignatureAlgorithms" => "ECDSA+SHA256",
         },
@@ -166,7 +170,10 @@ my @tests_tls_1_3 = (
     },
     {
         name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
-        server => { },
+        server => {
+            "MinProtocol" => "TLSv1.3",
+            "MaxProtocol" => "TLSv1.3"
+        },
         client => {
             "SignatureAlgorithms" => "ECDSA+SHA256",
         },