set_min_proto_version() does not validate that min <= max

[tiran]

The setter combination SSL_CTX_set_min_proto_version() and SSL_CTX_set_max_proto_version() as well as SSL_set_min_proto_version() and SSL_set_max_proto_version() accept invalid combinations of min and max protocol. For example it is possible to set a minimum version of TLS 1.2 but a maximum version of TLS 1.0. The helper function ssl_check_allowed_versions should prevent min_version > max_version.

[kaduk]

Discussion on #5128 indicates that this is not an issue, or rather, that valid combinations of setting min and max proto versions may validly progress through a state with the configured min > the configured max, so we cannot safely assert that that relation holds when setting either the min or max version.
So, closing (but leaving the pull request open for the added tests).