From e36906f9abcc8f5f9cd4b5a52dae2ddd0aef8e9d Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Tue, 28 Sep 2021 17:49:04 +0900
Subject: [PATCH] [ruby/openssl] test/openssl/test_ssl: use TLS 1.2 for
 finished_messages on LibreSSL

LibreSSL 2.2.x has a bug in the Finished message handling with TLS 1.3.
This is fixed by LibreSSL 3.3.2.

https://github.com/ruby/openssl/commit/0bea59d245
---
 test/openssl/test_ssl.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
index 0337205c45..2a52f2724b 100644
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@@ -526,6 +526,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
     }) { |port|
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      ctx.max_version = :TLS1_2 if libressl?(3, 2, 0) && !libressl?(3, 3, 0)
       server_connect(port, ctx) { |ssl|
         ssl.puts "abc"; ssl.gets