Import OpenSSL 1.1.0h

test/ssltestlib.c

@@ -1,5 +1,5 @@
 /*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -524,6 +524,7 @@ static int mempacket_test_puts(BIO *bio, const char *str)
 }
 
 int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm,
+                        int min_proto_version, int max_proto_version,
                         SSL_CTX **sctx, SSL_CTX **cctx, char *certfile,
                         char *privkeyfile)
 {
@@ -538,6 +539,30 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm,
         goto err;
     }
 
+    if (min_proto_version > 0
+        && !SSL_CTX_set_min_proto_version(serverctx, min_proto_version)) {
+        printf("Unable to set server min protocol versions\n");
+        goto err;
+    }
+    if (max_proto_version > 0
+        && !SSL_CTX_set_max_proto_version(serverctx, max_proto_version)) {
+        printf("Unable to set server max protocol versions\n");
+        goto err;
+    }
+
+    if (clientctx != NULL) {
+        if (min_proto_version > 0
+            && !SSL_CTX_set_max_proto_version(clientctx, max_proto_version)) {
+            printf("Unable to set client max protocol versions\n");
+            goto err;
+        }
+        if (max_proto_version > 0
+            && !SSL_CTX_set_min_proto_version(clientctx, min_proto_version)) {
+            printf("Unable to set client min protocol versions\n");
+            goto err;
+        }
+    }
+
     if (SSL_CTX_use_certificate_file(serverctx, certfile,
                                      SSL_FILETYPE_PEM) <= 0) {
         printf("Failed to load server certificate\n");