@@ -23,11 +23,11 @@
 
 # One of these should == 1, depending on what type of ssl library
 # tls was compiled against. (RSA BSAFE SSL-C or OpenSSL).
 #
 set ::tcltest::testConstraints(rsabsafe) 0
-set ::tcltest::testConstraints(openssl) 1
+set ::tcltest::testConstraints(openssl) [string match "OpenSSL*" [tls::version]]
 
 set ::EXPECTEDCIPHERS(rsabsafe) {
     EDH-DSS-RC4-SHA
     EDH-RSA-DES-CBC3-SHA
     EDH-DSS-DES-CBC3-SHA
@@ -75,10 +75,41 @@
     EXP1024-RC4-SHA
     IDEA-CBC-SHA
     RC4-MD5
     RC4-SHA
 }
+
+set ::EXPECTEDCIPHERS(openssl0.9.8) {
+    DHE-RSA-AES256-SHA
+    DHE-DSS-AES256-SHA
+    AES256-SHA
+    EDH-RSA-DES-CBC3-SHA
+    EDH-DSS-DES-CBC3-SHA
+    DES-CBC3-SHA
+    DHE-RSA-AES128-SHA
+    DHE-DSS-AES128-SHA
+    AES128-SHA
+    IDEA-CBC-SHA
+    RC4-SHA
+    RC4-MD5
+    EDH-RSA-DES-CBC-SHA
+    EDH-DSS-DES-CBC-SHA
+    DES-CBC-SHA
+    EXP-EDH-RSA-DES-CBC-SHA
+    EXP-EDH-DSS-DES-CBC-SHA
+    EXP-DES-CBC-SHA
+    EXP-RC2-CBC-MD5
+    EXP-RC4-MD5
+}
+
+set version ""
+if {[string match "OpenSSL*" [tls::version]]} {
+   regexp {OpenSSL ([\d\.]+)} [tls::version] -> version
+}
+if {![info exists ::EXPECTEDCIPHERS(openssl$version)]} {
+    set version ""
+}
 
 proc listcompare {wants haves} {
     array set want {}
     array set have {}
     foreach item $wants { set want($item) 1 }
@@ -107,22 +138,22 @@
 
 test ciphers-1.3 {Tls::ciphers for ssl3} {openssl} {
     # This will fail if you compiled against RSA bsafe or with a
     # different set of defines than the default.
     # Change the constraint setting above.
-    listcompare $::EXPECTEDCIPHERS(openssl) [tls::ciphers ssl3]
+    listcompare $::EXPECTEDCIPHERS(openssl$version) [tls::ciphers ssl3]
 } {}
 
 # This version of the test is correct for OpenSSL only.
 # An equivalent test for the RSA BSAFE SSL-C is earlier in this file.
 
 test ciphers-1.4 {Tls::ciphers for tls1} {openssl} {
     # This will fail if you compiled against RSA bsafe or with a
     # different set of defines than the default.
     # Change the constraint setting in all.tcl
-    listcompare $::EXPECTEDCIPHERS(openssl) [tls::ciphers tls1]
+    listcompare $::EXPECTEDCIPHERS(openssl$version) [tls::ciphers tls1]
 } {}
 
 
 # cleanup
 ::tcltest::cleanupTests
 return