From 8fbbbdd5fcfeca62d339d1db11887da2a298ee8e Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Mon, 18 Jun 2018 13:00:40 +0100
Subject: [PATCH] Fix no-ssl3-method in 1.0.2

Fixes #5322

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6510)
---
 test/testssl | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/test/testssl b/test/testssl
index 21bc4d8140..8bea40a4ce 100644
--- a/test/testssl
+++ b/test/testssl
@@ -172,14 +172,18 @@ for protocol in TLSv1.2 SSLv3; do
       test_cipher $cipher $protocol
     done
     echo "testing connection with weak DH, expecting failure"
-    if [ $protocol = "SSLv3" ] ; then
-      $ssltest -cipher EDH -dhe512 -ssl3
+    if [ $protocol = "SSLv3" ] && ../util/shlib_wrap.sh ../apps/openssl no-ssl3; then
+      echo "skipping weak DH test for disabled protocol"
     else
-      $ssltest -cipher EDH -dhe512
-    fi
-    if [ $? -eq 0 ]; then
-      echo "FAIL: connection with weak DH succeeded"
-      exit 1
+      if [ $protocol = "SSLv3" ] ; then
+        $ssltest -cipher EDH -dhe512 -ssl3
+      else
+        $ssltest -cipher EDH -dhe512
+      fi
+      if [ $? -eq 0 ]; then
+        echo "FAIL: connection with weak DH succeeded"
+        exit 1
+      fi
     fi
   fi
   if ../util/shlib_wrap.sh ../apps/openssl no-ec; then
-- 
2.25.1