diff options
author | Emilia Kasper <emilia@openssl.org> | 2016-06-10 00:39:22 +0200 |
---|---|---|
committer | Emilia Kasper <emilia@openssl.org> | 2016-06-13 16:03:06 +0200 |
commit | 81fc33c951b645f31727dc811e02200bde4a0982 (patch) | |
tree | 7b14f860635eb488254815300aecdf1792f46584 /test/ssl_test.c | |
parent | a7be5759cf9d8e2bf7c1ecd0efa2d53aae9ab706 (diff) |
Clean up following new SNI tests
- Only send SNI in SNI tests. This allows us to test handshakes without
the SNI extension as well.
- Move all handshake-specific machinery to handshake_helper.c
- Use enum types to represent the enum everywhere
(Resorting to plain ints can end in sign mismatch when the enum is
represented by an unsigned type.)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'test/ssl_test.c')
-rw-r--r-- | test/ssl_test.c | 40 |
1 files changed, 7 insertions, 33 deletions
diff --git a/test/ssl_test.c b/test/ssl_test.c index 56dcef5510..0062c51a4d 100644 --- a/test/ssl_test.c +++ b/test/ssl_test.c @@ -125,7 +125,8 @@ static int check_protocol(HANDSHAKE_RESULT result, SSL_TEST_CTX *test_ctx) static int check_servername(HANDSHAKE_RESULT result, SSL_TEST_CTX *test_ctx) { - if (result.servername != test_ctx->servername) { + if (test_ctx->servername != SSL_TEST_SERVERNAME_NONE + && result.servername != test_ctx->servername) { fprintf(stderr, "Client ServerName mismatch, expected %s, got %s\n.", ssl_servername_name(test_ctx->servername), ssl_servername_name(result.servername)); @@ -134,7 +135,7 @@ static int check_servername(HANDSHAKE_RESULT result, SSL_TEST_CTX *test_ctx) return 1; } -static int check_session_ticket_expected(HANDSHAKE_RESULT result, SSL_TEST_CTX *test_ctx) +static int check_session_ticket(HANDSHAKE_RESULT result, SSL_TEST_CTX *test_ctx) { if (test_ctx->session_ticket_expected == SSL_TEST_SESSION_TICKET_IGNORE) return 1; @@ -143,8 +144,8 @@ static int check_session_ticket_expected(HANDSHAKE_RESULT result, SSL_TEST_CTX * return 1; if (result.session_ticket != test_ctx->session_ticket_expected) { fprintf(stderr, "Client SessionTicketExpected mismatch, expected %s, got %s\n.", - ssl_session_ticket_expected_name(test_ctx->session_ticket_expected), - ssl_session_ticket_expected_name(result.session_ticket)); + ssl_session_ticket_name(test_ctx->session_ticket_expected), + ssl_session_ticket_name(result.session_ticket)); return 0; } return 1; @@ -163,29 +164,12 @@ static int check_test(HANDSHAKE_RESULT result, SSL_TEST_CTX *test_ctx) if (result.result == SSL_TEST_SUCCESS) { ret &= check_protocol(result, test_ctx); ret &= check_servername(result, test_ctx); - ret &= check_session_ticket_expected(result, test_ctx); + ret &= check_session_ticket(result, test_ctx); ret &= (result.session_ticket_do_not_call == 0); } return ret; } -static int servername_callback(SSL *s, int *ad, void *arg) -{ - const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); - if (servername != NULL && !strcmp(servername, "server2")) { - SSL_CTX *new_ctx = (SSL_CTX*)arg; - SSL_set_SSL_CTX(s, new_ctx); - /* - * Copy over all the SSL_CTX options - reasonable behavior - * allows testing of cases where the options between two - * contexts differ/conflict - */ - SSL_clear_options(s, 0xFFFFFFFFL); - SSL_set_options(s, SSL_CTX_get_options(new_ctx)); - } - return SSL_TLSEXT_ERR_OK; -} - static int execute_test(SSL_TEST_FIXTURE fixture) { int ret = 0; @@ -206,21 +190,11 @@ static int execute_test(SSL_TEST_FIXTURE fixture) goto err; } - /* link the two contexts for SNI purposes */ - SSL_CTX_set_tlsext_servername_callback(server_ctx, servername_callback); - SSL_CTX_set_tlsext_servername_arg(server_ctx, server2_ctx); - /* - * The initial_ctx/session_ctx always handles the encrypt/decrypt of the - * session ticket. This ticket_key callback is assigned to the second - * session (assigned via SNI), and should never be invoked - */ - SSL_CTX_set_tlsext_ticket_key_cb(server2_ctx, do_not_call_session_ticket_callback); - test_ctx = SSL_TEST_CTX_create(conf, fixture.test_app); if (test_ctx == NULL) goto err; - result = do_handshake(server_ctx, client_ctx, test_ctx); + result = do_handshake(server_ctx, server2_ctx, client_ctx, test_ctx); ret = check_test(result, test_ctx); |