Restore SSLv3 fuzzer coverage.

So long as the code is there, it should be fuzzed.

Bug: 104
Change-Id: Iffaa832cc50c2d3c064eb511ba3a133d7f5758f2
Reviewed-on: https://boringssl-review.googlesource.com/17533
Reviewed-by: David Benjamin <davidben@google.com>

fuzz/client.cc

@@ -112,6 +112,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
 
   SSL_set_renegotiate_mode(client.get(), ssl_renegotiate_freely);
   SSL_set_max_proto_version(client.get(), TLS1_3_VERSION);
+  SSL_set_min_proto_version(client.get(), SSL3_VERSION);
   SSL_enable_ocsp_stapling(client.get());
   SSL_enable_signed_cert_timestamps(client.get());
   SSL_set_tlsext_host_name(client.get(), "hostname");

fuzz/server.cc

@@ -109,6 +109,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) {
   }
 
   SSL_set_max_proto_version(server.get(), TLS1_3_VERSION);
+  SSL_set_min_proto_version(server.get(), SSL3_VERSION);
   SSL_set_tls_channel_id_enabled(server.get(), 1);
 
   // Enable ciphers that are off by default.