diff options
author | Nikolay Morozov <nmorozoff77@yandex.ru> | 2020-05-02 12:22:43 +0300 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2020-05-07 16:14:47 +0300 |
commit | 90fc2c26df23811be080093772b2161850385863 (patch) | |
tree | a372be0919b9ba64d7606b50a1297b8dabbc5371 /test | |
parent | 2b5e12f5096e1fba7dd91a682f4c34759469c34b (diff) |
SSL_OP_DISABLE_TLSEXT_CA_NAMES option implementation
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11709)
Diffstat (limited to 'test')
-rw-r--r-- | test/sslapitest.c | 34 |
1 files changed, 27 insertions, 7 deletions
diff --git a/test/sslapitest.c b/test/sslapitest.c index 6889607662..ea86b13f80 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -1481,7 +1481,7 @@ static SSL_SESSION *get_session_cb(SSL *ssl, const unsigned char *id, int len, } static int execute_test_session(int maxprot, int use_int_cache, - int use_ext_cache) + int use_ext_cache, long s_options) { SSL_CTX *sctx = NULL, *cctx = NULL; SSL *serverssl1 = NULL, *clientssl1 = NULL; @@ -1524,6 +1524,10 @@ static int execute_test_session(int maxprot, int use_int_cache, | SSL_SESS_CACHE_NO_INTERNAL_STORE); } + if (s_options) { + SSL_CTX_set_options(sctx, s_options); + } + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl1, &clientssl1, NULL, NULL)) || !TEST_true(create_ssl_connection(serverssl1, clientssl1, @@ -1768,12 +1772,12 @@ static int execute_test_session(int maxprot, int use_int_cache, static int test_session_with_only_int_cache(void) { #ifndef OPENSSL_NO_TLS1_3 - if (!execute_test_session(TLS1_3_VERSION, 1, 0)) + if (!execute_test_session(TLS1_3_VERSION, 1, 0, 0)) return 0; #endif #ifndef OPENSSL_NO_TLS1_2 - return execute_test_session(TLS1_2_VERSION, 1, 0); + return execute_test_session(TLS1_2_VERSION, 1, 0, 0); #else return 1; #endif @@ -1782,12 +1786,12 @@ static int test_session_with_only_int_cache(void) static int test_session_with_only_ext_cache(void) { #ifndef OPENSSL_NO_TLS1_3 - if (!execute_test_session(TLS1_3_VERSION, 0, 1)) + if (!execute_test_session(TLS1_3_VERSION, 0, 1, 0)) return 0; #endif #ifndef OPENSSL_NO_TLS1_2 - return execute_test_session(TLS1_2_VERSION, 0, 1); + return execute_test_session(TLS1_2_VERSION, 0, 1, 0); #else return 1; #endif @@ -1796,17 +1800,32 @@ static int test_session_with_only_ext_cache(void) static int test_session_with_both_cache(void) { #ifndef OPENSSL_NO_TLS1_3 - if (!execute_test_session(TLS1_3_VERSION, 1, 1)) + if (!execute_test_session(TLS1_3_VERSION, 1, 1, 0)) + return 0; +#endif + +#ifndef OPENSSL_NO_TLS1_2 + return execute_test_session(TLS1_2_VERSION, 1, 1, 0); +#else + return 1; +#endif +} + +static int test_session_wo_ca_names(void) +{ +#ifndef OPENSSL_NO_TLS1_3 + if (!execute_test_session(TLS1_3_VERSION, 1, 0, SSL_OP_DISABLE_TLSEXT_CA_NAMES)) return 0; #endif #ifndef OPENSSL_NO_TLS1_2 - return execute_test_session(TLS1_2_VERSION, 1, 1); + return execute_test_session(TLS1_2_VERSION, 1, 0, SSL_OP_DISABLE_TLSEXT_CA_NAMES); #else return 1; #endif } + #ifndef OPENSSL_NO_TLS1_3 static SSL_SESSION *sesscache[6]; static int do_cache; @@ -7585,6 +7604,7 @@ int setup_tests(void) ADD_TEST(test_session_with_only_int_cache); ADD_TEST(test_session_with_only_ext_cache); ADD_TEST(test_session_with_both_cache); + ADD_TEST(test_session_wo_ca_names); #ifndef OPENSSL_NO_TLS1_3 ADD_ALL_TESTS(test_stateful_tickets, 3); ADD_ALL_TESTS(test_stateless_tickets, 3); |