diff options
author | Ben Kaduk <kaduk@mit.edu> | 2020-03-16 11:02:14 -0700 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-03-17 10:00:35 +0000 |
commit | 19599138463e910a9ee4cfa122e941752491ffc3 (patch) | |
tree | cd0158111d98939ae0daa4dc9c3d32487f31a267 /test | |
parent | 2f0dab7e59cc50c89b6d54962b81cf96c30fe725 (diff) |
sslapitest: don't leak the SSL_CTX pair
We have no need for a new set of SSL_CTXs in test_ccs_change_cipher(), so
just keep using the original ones. Also, fix a typo in a comment.
[extended tests]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11336)
(cherry picked from commit b3e6d666e351d45e93d29fe3813245b92a0f5815)
Diffstat (limited to 'test')
-rw-r--r-- | test/sslapitest.c | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/test/sslapitest.c b/test/sslapitest.c index f109563325..21773aa934 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -596,7 +596,7 @@ end: * Very focused test to exercise a single case in the server-side state * machine, when the ChangeCipherState message needs to actually change * from one cipher to a different cipher (i.e., not changing from null - * encryption to reall encryption). + * encryption to real encryption). */ static int test_ccs_change_cipher(void) { @@ -651,12 +651,8 @@ static int test_ccs_change_cipher(void) * Now create a fresh connection and try to renegotiate a different * cipher on it. */ - if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), - TLS_client_method(), - TLS1_VERSION, TLS1_2_VERSION, - &sctx, &cctx, cert, privkey)) - || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, - NULL, NULL)) + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) || !TEST_true(SSL_set_cipher_list(clientssl, "AES128-GCM-SHA256")) || !TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) |