Ignore cipher suites when setting cipher list

set_cipher_list() sets TLSv1.2 (and below) ciphers, and its success or failure should not depend on whether set_ciphersuites() has been used to setup TLSv1.3 ciphers. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7759)
author: Sam Roberts <rsam@ca.ibm.com> 2018-11-26 13:58:52 -0800
committer: Matt Caswell <matt@openssl.org> 2019-02-14 13:54:56 +0000
commit: 3c83c5ba4f6502c708b7a5f55c98a10e312668da (patch)
tree: ca6386b1af5c76a460a3489ce7504d6747568b00 /test/clienthellotest.c
parent: f11ffa505f8a9345145a26a05bf77b012b6941bd (diff)
download: openssl-new-3c83c5ba4f6502c708b7a5f55c98a10e312668da.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/test/clienthellotest.c b/test/clienthellotest.c
index 2c1110b13f..7fdb5bc6fe 100644
--- a/test/clienthellotest.c
+++ b/test/clienthellotest.c
@@ -99,8 +99,9 @@ static int test_client_hello(int currtest)
          * ClientHello is already going to be quite long. To avoid getting one
          * that is too long for this test we use a restricted ciphersuite list
          */
-        if (!TEST_true(SSL_CTX_set_cipher_list(ctx, "")))
+        if (!TEST_false(SSL_CTX_set_cipher_list(ctx, "")))
             goto end;
+        ERR_clear_error();
          /* Fall through */
     case TEST_ADD_PADDING:
     case TEST_PADDING_NOT_NEEDED:
author	Sam Roberts <rsam@ca.ibm.com>	2018-11-26 13:58:52 -0800
committer	Matt Caswell <matt@openssl.org>	2019-02-14 13:54:56 +0000
commit	3c83c5ba4f6502c708b7a5f55c98a10e312668da (patch)
tree	ca6386b1af5c76a460a3489ce7504d6747568b00 /test/clienthellotest.c
parent	f11ffa505f8a9345145a26a05bf77b012b6941bd (diff)
download	openssl-new-3c83c5ba4f6502c708b7a5f55c98a10e312668da.tar.gz