From 0bea59d245dc1ec31f2c72f6103a1c4e3d798f71 Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Tue, 28 Sep 2021 17:49:04 +0900
Subject: [PATCH] test/openssl/test_ssl: use TLS 1.2 for finished_messages on
 LibreSSL

LibreSSL 2.2.x has a bug in the Finished message handling with TLS 1.3.
This is fixed by LibreSSL 3.3.2.
---
 test/openssl/test_ssl.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
index b8cde49ee..2d9ee7bc7 100644
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@@ -486,6 +486,7 @@ def test_finished_messages
     }) { |port|
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      ctx.max_version = :TLS1_2 if libressl?(3, 2, 0) && !libressl?(3, 3, 0)
       server_connect(port, ctx) { |ssl|
         ssl.puts "abc"; ssl.gets