func TestVersion(t *testing.T) {
serverConfig := &Config{
Certificates: testConfig.Certificates,
- MaxVersion: VersionTLS11,
+ MaxVersion: VersionTLS13,
}
clientConfig := &Config{
InsecureSkipVerify: true,
- MinVersion: VersionTLS10,
+ MinVersion: VersionTLS12,
}
state, _, err := testHandshake(t, clientConfig, serverConfig)
if err != nil {
t.Fatalf("handshake failed: %s", err)
}
- if state.Version != VersionTLS11 {
+ if state.Version != VersionTLS13 {
t.Fatalf("incorrect version %x, should be %x", state.Version, VersionTLS11)
}
clientConfig.MinVersion = 0
+ serverConfig.MaxVersion = VersionTLS11
_, _, err = testHandshake(t, clientConfig, serverConfig)
if err == nil {
t.Fatalf("expected failure to connect with TLS 1.0/1.1")
InsecureSkipVerify: true,
ClientSessionCache: NewLRUClientSessionCache(1),
ServerName: "servername",
- MinVersion: VersionTLS10,
+ MinVersion: VersionTLS12,
}
- // Establish a session at TLS 1.1.
- clientConfig.MaxVersion = VersionTLS11
+ // Establish a session at TLS 1.3.
+ clientConfig.MaxVersion = VersionTLS13
_, _, err := testHandshake(t, clientConfig, serverConfig)
if err != nil {
t.Fatalf("handshake failed: %s", err)
}
- // The client session cache now contains a TLS 1.1 session.
+ // The client session cache now contains a TLS 1.3 session.
state, _, err := testHandshake(t, clientConfig, serverConfig)
if err != nil {
t.Fatalf("handshake failed: %s", err)
}
// Test that the server will decline to resume at a lower version.
- clientConfig.MaxVersion = VersionTLS10
+ clientConfig.MaxVersion = VersionTLS12
state, _, err = testHandshake(t, clientConfig, serverConfig)
if err != nil {
t.Fatalf("handshake failed: %s", err)
t.Fatalf("handshake resumed at a lower version")
}
- // The client session cache now contains a TLS 1.0 session.
+ // The client session cache now contains a TLS 1.2 session.
state, _, err = testHandshake(t, clientConfig, serverConfig)
if err != nil {
t.Fatalf("handshake failed: %s", err)
}
// Test that the server will decline to resume at a higher version.
- clientConfig.MaxVersion = VersionTLS11
+ clientConfig.MaxVersion = VersionTLS13
state, _, err = testHandshake(t, clientConfig, serverConfig)
if err != nil {
t.Fatalf("handshake failed: %s", err)
func TestFallbackSCSV(t *testing.T) {
serverConfig := Config{
Certificates: testConfig.Certificates,
+ MinVersion: VersionTLS11,
}
test := &serverTest{
name: "FallbackSCSV",