diff options
author | Benjamin Kaduk <bkaduk@akamai.com> | 2019-06-13 12:02:03 -0700 |
---|---|---|
committer | Benjamin Kaduk <kaduk@mit.edu> | 2019-06-26 12:59:03 -0500 |
commit | 9863b41989968fd88d1b772ac7e20e3cdaea8beb (patch) | |
tree | 64db41c3405fdf1b32c3e5c77f723bc8b4525c1c /test/drbg_cavs_test.c | |
parent | 2a5f63c9a61be7582620c4b5da202bb3fd7e4138 (diff) |
Add regression test for #9099
Augment the cert_cb sslapitest to include a run that uses
SSL_check_chain() to inspect the certificate prior to installing
it on the SSL object. If the check shows the certificate as not
valid in that context, we do not install a certificate at all, so
the handshake will fail later on in processing (tls_choose_sigalg()),
exposing the indicated regression.
Currently it fails, since we have not yet set the shared sigalgs
by the time the cert_cb runs.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9157)
(cherry picked from commit 7cb8fb07e8b71dc1fdcb0de10af7fed4347f6ea4)
Diffstat (limited to 'test/drbg_cavs_test.c')
0 files changed, 0 insertions, 0 deletions