Add a ciphersuite config sanity check for servers Ensure that there are ciphersuites enabled for the maximum supported version we will accept in a ClientHello. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3316)

commit: 38a7315060ec4ca49799b2a7ea83e8678e3acd20 [log] [tgz]
author: Matt Caswell <matt@openssl.org> Wed Apr 26 11:28:20 2017 +0100
committer: Matt Caswell <matt@openssl.org> Wed Apr 26 14:31:00 2017 +0100
tree: 00e5267d01e6b52e247769b3d613f077b3b65899
parent: aafec89c63efeade20f1bdc8023d2bb611e419b8 [diff] [blame]
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 5007f7e..0e1a97e 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -1013,7 +1013,7 @@
     s->s3->tmp.mask_a = 0;
     s->s3->tmp.mask_k = 0;
     ssl_set_sig_mask(&s->s3->tmp.mask_a, s, SSL_SECOP_SIGALG_MASK);
-    ssl_get_client_min_max_version(s, &s->s3->tmp.min_ver, &s->s3->tmp.max_ver);
+    ssl_get_min_max_version(s, &s->s3->tmp.min_ver, &s->s3->tmp.max_ver);
 #ifndef OPENSSL_NO_PSK
     /* with PSK there must be client callback set */
     if (!s->psk_client_callback) {
commit	38a7315060ec4ca49799b2a7ea83e8678e3acd20	[log] [tgz]
author	Matt Caswell <matt@openssl.org>	Wed Apr 26 11:28:20 2017 +0100
committer	Matt Caswell <matt@openssl.org>	Wed Apr 26 14:31:00 2017 +0100
tree	00e5267d01e6b52e247769b3d613f077b3b65899
parent	aafec89c63efeade20f1bdc8023d2bb611e419b8 [diff] [blame]