crypto/tls: fix client certificates support for legacy servers

signatureSchemesForCertificate was written to be used with TLS 1.3, but
ended up used for TLS 1.2 client certificates in a refactor. Since it
only supported TLS 1.3 signature algorithms, it would lead to no RSA
client certificates being sent to servers that didn't support RSA-PSS.

TestHandshakeClientCertRSAPKCS1v15 was testing *specifically* for this,
but alas the OpenSSL flag -verify accepts an empty certificates list as
valid, as opposed to -Verify...

Fixes #28925

Change-Id: I61afc02ca501d3d64ab4ad77bbb4cf10931e6f93
Reviewed-on: https://go-review.googlesource.com/c/151660
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>

src/crypto/tls/handshake_server_test.go

@@ -608,7 +608,6 @@ func (test *serverTest) connFromCommand() (conn *recordingConn, child *exec.Cmd,
 		}
 		tcpConn = connOrError.(net.Conn)
 	case <-time.After(2 * time.Second):
-		output.WriteTo(os.Stdout)
 		return nil, nil, errors.New("timed out waiting for connection from child process")
 	}
 
@@ -646,6 +645,11 @@ func (test *serverTest) run(t *testing.T, write bool) {
 			t.Fatalf("Failed to start subcommand: %s", err)
 		}
 		serverConn = recordingConn
+		defer func() {
+			if t.Failed() {
+				t.Logf("OpenSSL output:\n\n%s", childProcess.Stdout)
+			}
+		}()
 	} else {
 		clientConn, serverConn = localPipe(t)
 	}
@@ -725,13 +729,12 @@ func (test *serverTest) run(t *testing.T, write bool) {
 		defer out.Close()
 		recordingConn.Close()
 		if len(recordingConn.flows) < 3 {
-			childProcess.Stdout.(*bytes.Buffer).WriteTo(os.Stdout)
 			if len(test.expectHandshakeErrorIncluding) == 0 {
 				t.Fatalf("Handshake failed")
 			}
 		}
 		recordingConn.WriteTo(out)
-		fmt.Printf("Wrote %s\n", path)
+		t.Logf("Wrote %s\n", path)
 		childProcess.Wait()
 	}
 }