From 02b2b8724bbd999e01f85ef375fb6611f378d302 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Tue, 14 Jul 2020 18:13:22 +0000
Subject: Force TLSv1.2 when testing SSLv3/TLSv1.2 cipher suites.

Otherwise we end up switching to TLSv1.3 and using a TLSv1.3 cipher suite.
---
 src/regress/lib/libssl/ssl/testssl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/regress/lib/libssl/ssl/testssl b/src/regress/lib/libssl/ssl/testssl
index b6f7d200a0..fe633e8797 100644
--- a/src/regress/lib/libssl/ssl/testssl
+++ b/src/regress/lib/libssl/ssl/testssl
@@ -58,7 +58,7 @@ for protocol in SSLv3 TLSv1.2; do
   for cipher in `$openssl ciphers -v "$protocol+aRSA" |
     awk "/ $protocol / { print \\$1 }"`; do
     echo "Testing $cipher"
-    $ssltest -cipher $cipher
+    $ssltest -cipher $cipher -tls1_2
     if [ $? -ne 0 ] ; then
       echo "Failed $cipher"
       exit 1
-- 
cgit v1.2.3-55-g6feb