+#Test 2: Asking for TLS1.3 with that disabled should succeed and negotiate
+#the highest configured TLS version below that.
+$client_version = TLSProxy::Record::VERS_TLS_1_3;
+$previous_version = tls_version_below($client_version);
+SKIP: {
+ skip "There are too few protocols enabled for test 2", 1
+ unless defined $previous_version;
+
+ $proxy->clear();
+ $proxy->clientflags("-no_tls1_3");
+ $proxy->start();
+ my $record = pop @{$proxy->record_list};
+ ok((note("Record version received: ".$record->version()),
+ TLSProxy::Message->success())
+ && $record->version() == $previous_version,
+ "Version tolerance test, max version but not TLS 1.3");
+}
+
+#Test 3: Testing something below SSLv3 should fail. We must disable TLS 1.3
+#to avoid having the 'supported_versions' extension kick in and override our
+#desires.