From 10c0338a1b882005f5fa4ab1d62b1b0dadd30309 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Wed, 6 Nov 2024 09:59:46 +0000
Subject: [PATCH] Add a test for setting TLSv1.2 ciphersuites on a QUIC object

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25886)

(cherry picked from commit b10cfd93fd58cc1e9c876be159253b5389dc11a5)
---
 test/quicapitest.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/test/quicapitest.c b/test/quicapitest.c
index d8e65dc4e5b0c..5607349526077 100644
--- a/test/quicapitest.c
+++ b/test/quicapitest.c
@@ -285,7 +285,7 @@ static int test_fin_only_blocking(void)
 static int test_ciphersuites(void)
 {
     SSL_CTX *ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_client_method());
-    SSL *ssl;
+    SSL *ssl = NULL;
     int testresult = 0;
     const STACK_OF(SSL_CIPHER) *ciphers = NULL;
     const SSL_CIPHER *cipher;
@@ -302,10 +302,20 @@ static int test_ciphersuites(void)
     if (!TEST_ptr(ctx))
         return 0;
 
+    /*
+     * Attempting to set TLSv1.2 ciphersuites should succeed, even though they
+     * aren't used in QUIC.
+     */
+    if (!TEST_true(SSL_CTX_set_cipher_list(ctx, "DEFAULT")))
+        goto err;
+
     ssl = SSL_new(ctx);
     if (!TEST_ptr(ssl))
         goto err;
 
+    if (!TEST_true(SSL_set_cipher_list(ssl, "DEFAULT")))
+        goto err;
+
     ciphers = SSL_get_ciphers(ssl);
 
     for (i = 0, j = 0; i < OSSL_NELEM(cipherids); i++) {