Extend ciphersuite test coverage.

    if [ $2 = "SSLv3" ] ; then

      prot="-ssl3"

    fi

    $ssltest -cipher $_cipher $prot

    _exarg=$3

    $ssltest $_exarg -cipher $_cipher $prot

    if [ $? -ne 0 ] ; then

	  echo "Failed $_cipher"

	  exit 1

}

echo "Testing ciphersuites"

exkeys=""

ciphers="-EXP:-PSK:-SRP:-kDH:-kECDHe"

if ../util/shlib_wrap.sh ../apps/openssl no-dhparam >/dev/null; then

  echo "skipping DHE tests"

  ciphers="$ciphers:-kDHE"

fi

if ../util/shlib_wrap.sh ../apps/openssl no-dsa >/dev/null; then

  echo "skipping DSA tests"

  ciphers="$ciphers:-aDSA"

else

  exkeys="$exkeys -s_cert certD.ss -s_key keyD.ss"

fi

if ../util/shlib_wrap.sh ../apps/openssl no-ec >/dev/null; then

  echo "skipping EC tests"

  ciphers="$ciphers:!aECDSA:!kECDH"

else

  exkeys="$exkeys -s_cert certE.ss -s_key keyE.ss"

fi

for protocol in TLSv1.2 SSLv3; do

  echo "Testing ciphersuites for $protocol"

  for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do

    test_cipher $cipher $protocol

  done

  if ../util/shlib_wrap.sh ../apps/openssl no-dhparam; then

    echo "skipping RSA+DHE tests"

  else

    for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do

      test_cipher $cipher $protocol

  for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "$protocol:$ciphers" | tr ':' ' '`; do

    test_cipher $cipher $protocol "$exkeys"

  done

    echo "testing connection with weak DH, expecting failure"

    if [ $protocol = "SSLv3" ] ; then

      echo "FAIL: connection with weak DH succeeded"

      exit 1

    fi

  fi

  if ../util/shlib_wrap.sh ../apps/openssl no-ec; then

    echo "skipping RSA+ECDHE tests"

  else

    for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EECDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do

      test_cipher $cipher $protocol

    done

  fi

done

#############################################################################