Add a ciphersuite config sanity check for clients

Ensure that there are ciphersuites enabled for the maximum supported version we are claiming in the ClientHello. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3334)
author: Matt Caswell <matt@openssl.org> 2017-04-26 10:38:32 +0100
committer: Matt Caswell <matt@openssl.org> 2017-05-04 11:49:19 +0100
commit: 5d62fd7cb2d7e1abc8c9a09cbc05744a7d346775 (patch)
tree: e7fe01f024f7144cdfcd3810b653b24349afb6fd /test/ssl-tests/20-cert-select.conf.in
parent: 05a2feb6841c786b24a104943b2765ef8bc7a61f (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/test/ssl-tests/20-cert-select.conf.in b/test/ssl-tests/20-cert-select.conf.in
index 3d50f0220d..d333d5de63 100644
--- a/test/ssl-tests/20-cert-select.conf.in
+++ b/test/ssl-tests/20-cert-select.conf.in
@@ -21,6 +21,7 @@ our @tests = (
         server => $server,
         client => {
             "CipherString" => "aECDSA",
+            "MaxProtocol" => "TLSv1.2",
         },
         test   => {
             "ExpectedServerCertType" =>, "P-256",
@@ -33,6 +34,7 @@ our @tests = (
         server => $server,
         client => {
             "CipherString" => "aRSA",
+            "MaxProtocol" => "TLSv1.2",
         },
         test   => {
             "ExpectedServerCertType" =>, "RSA",
@@ -46,7 +48,8 @@ our @tests = (
             "MaxProtocol" => "TLSv1.2"
         },
         client => {
-            "CipherString" => "aECDSA"
+            "CipherString" => "aECDSA",
+            "MaxProtocol" => "TLSv1.2"
         },
         test   => {
             "ExpectedResult" => "ServerFail"
author	Matt Caswell <matt@openssl.org>	2017-04-26 10:38:32 +0100
committer	Matt Caswell <matt@openssl.org>	2017-05-04 11:49:19 +0100
commit	5d62fd7cb2d7e1abc8c9a09cbc05744a7d346775 (patch)
tree	e7fe01f024f7144cdfcd3810b653b24349afb6fd /test/ssl-tests/20-cert-select.conf.in
parent	05a2feb6841c786b24a104943b2765ef8bc7a61f (diff)