From 4be35545aea9f76e3704fe88bb8f3fc135ceb4c8 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Tue, 1 Dec 2020 15:34:24 +0000
Subject: [PATCH] Fix no-dtls

Ensure we correctly detect if DTLS has been disabled in the client auth
test_ssl_new tests.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13587)
---
 test/ssl-tests/04-client_auth.cnf.in | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/test/ssl-tests/04-client_auth.cnf.in b/test/ssl-tests/04-client_auth.cnf.in
index 5c748cb515b..ad0ae7ae187 100644
--- a/test/ssl-tests/04-client_auth.cnf.in
+++ b/test/ssl-tests/04-client_auth.cnf.in
@@ -15,13 +15,14 @@ our $fips_mode;
 
 my @protocols;
 my @is_disabled = (0);
-push @is_disabled, anydisabled("ssl3", "tls1", "tls1_1", "tls1_2", "dtls1", "dtls1_2");
 
 # We test version-flexible negotiation (undef) and each protocol version.
 if ($fips_mode) {
     @protocols = (undef, "TLSv1.2", "DTLSv1.2");
+    push @is_disabled, anydisabled("tls1_2", "dtls1_2");
 } else {
     @protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "DTLSv1", "DTLSv1.2");
+    push @is_disabled, anydisabled("ssl3", "tls1", "tls1_1", "tls1_2", "dtls1", "dtls1_2");
 }
 
 our @tests = ();
-- 
2.47.3