diff options
author | Benjamin Kaduk <bkaduk@akamai.com> | 2019-06-13 12:02:03 -0700 |
---|---|---|
committer | Benjamin Kaduk <kaduk@mit.edu> | 2019-06-26 12:20:55 -0500 |
commit | 7cb8fb07e8b71dc1fdcb0de10af7fed4347f6ea4 (patch) | |
tree | 6260813f79044b648ebab872d47637b4dbe885bd /ssl | |
parent | b11327929294cf825e4759d97af6f174bd6b081c (diff) |
Add regression test for #9099
Augment the cert_cb sslapitest to include a run that uses
SSL_check_chain() to inspect the certificate prior to installing
it on the SSL object. If the check shows the certificate as not
valid in that context, we do not install a certificate at all, so
the handshake will fail later on in processing (tls_choose_sigalg()),
exposing the indicated regression.
Currently it fails, since we have not yet set the shared sigalgs
by the time the cert_cb runs.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9157)
Diffstat (limited to 'ssl')
0 files changed, 0 insertions, 0 deletions