diff options
| author | Emilia Kasper <emilia@openssl.org> | 2016-06-20 17:20:25 +0200 |
|---|---|---|
| committer | Emilia Kasper <emilia@openssl.org> | 2016-06-28 17:26:24 +0200 |
| commit | d2b23cd2b077de8507c49f632e20dfcdb653a35b (patch) | |
| tree | 3a8a980e199c680d7e296468439c6f53d05fa1a0 /test/ssl_test_ctx_test.c | |
| parent | 2cdce3e32f0f70470d676352410557b626bc9d01 (diff) | |
SSL test framework: port SNI tests
Observe that the old tests were partly ill-defined:
setting sn_server1 but not sn_server2 in ssltest_old.c does not enable
the SNI callback.
Fix this, and also explicitly test both flavours of SNI mismatch (ignore
/ fatal alert). Tests still pass.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'test/ssl_test_ctx_test.c')
| -rw-r--r-- | test/ssl_test_ctx_test.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/test/ssl_test_ctx_test.c b/test/ssl_test_ctx_test.c index 9824d66956..3818ba5de8 100644 --- a/test/ssl_test_ctx_test.c +++ b/test/ssl_test_ctx_test.c @@ -70,6 +70,18 @@ static int SSL_TEST_CTX_equal(SSL_TEST_CTX *ctx, SSL_TEST_CTX *ctx2) ssl_servername_name(ctx2->servername)); return 0; } + if (ctx->expected_servername != ctx2->expected_servername) { + fprintf(stderr, "ExpectedServerName mismatch: %s vs %s.\n", + ssl_servername_name(ctx->expected_servername), + ssl_servername_name(ctx2->expected_servername)); + return 0; + } + if (ctx->servername_callback != ctx2->servername_callback) { + fprintf(stderr, "ServerNameCallback mismatch: %s vs %s.\n", + ssl_servername_callback_name(ctx->servername_callback), + ssl_servername_callback_name(ctx2->servername_callback)); + return 0; + } if (ctx->session_ticket_expected != ctx2->session_ticket_expected) { fprintf(stderr, "SessionTicketExpected mismatch: %s vs %s.\n", ssl_session_ticket_name(ctx->session_ticket_expected), @@ -155,6 +167,9 @@ static int test_good_configuration() fixture.expected_ctx->protocol = TLS1_1_VERSION; fixture.expected_ctx->client_verify_callback = SSL_TEST_VERIFY_REJECT_ALL; fixture.expected_ctx->servername = SSL_TEST_SERVERNAME_SERVER2; + fixture.expected_ctx->expected_servername = SSL_TEST_SERVERNAME_SERVER2; + fixture.expected_ctx->servername_callback = + SSL_TEST_SERVERNAME_IGNORE_MISMATCH; fixture.expected_ctx->session_ticket_expected = SSL_TEST_SESSION_TICKET_YES; fixture.expected_ctx->method = SSL_TEST_METHOD_DTLS; EXECUTE_SSL_TEST_CTX_TEST(); @@ -167,6 +182,7 @@ static const char *bad_configurations[] = { "ssltest_unknown_protocol", "ssltest_unknown_verify_callback", "ssltest_unknown_servername", + "ssltest_unknown_servername_callback", "ssltest_unknown_session_ticket_expected", "ssltest_unknown_method", }; |