From f15b50c4cb6a5d36a3789863035d8b795378280c Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 31 Mar 2017 22:35:28 +0100 Subject: Add ExpectedServerCANames Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3015) --- test/handshake_helper.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'test/handshake_helper.c') diff --git a/test/handshake_helper.c b/test/handshake_helper.c index 4bccac1d4e..47af3fe396 100644 --- a/test/handshake_helper.c +++ b/test/handshake_helper.c @@ -34,6 +34,7 @@ void HANDSHAKE_RESULT_free(HANDSHAKE_RESULT *result) OPENSSL_free(result->server_npn_negotiated); OPENSSL_free(result->client_alpn_negotiated); OPENSSL_free(result->server_alpn_negotiated); + sk_X509_NAME_pop_free(result->server_ca_names, X509_NAME_free); sk_X509_NAME_pop_free(result->client_ca_names, X509_NAME_free); OPENSSL_free(result); } @@ -1123,7 +1124,7 @@ static HANDSHAKE_RESULT *do_handshake_internal( /* API dictates unsigned int rather than size_t. */ unsigned int proto_len = 0; EVP_PKEY *tmp_key; - STACK_OF(X509_NAME) *names; + const STACK_OF(X509_NAME) *names; memset(&server_ctx_data, 0, sizeof(server_ctx_data)); memset(&server2_ctx_data, 0, sizeof(server2_ctx_data)); @@ -1297,12 +1298,18 @@ static HANDSHAKE_RESULT *do_handshake_internal( SSL_get_peer_signature_type_nid(client.ssl, &ret->server_sign_type); SSL_get_peer_signature_type_nid(server.ssl, &ret->client_sign_type); - names = SSL_get_client_CA_list(client.ssl); + names = SSL_get0_peer_CA_list(client.ssl); if (names == NULL) ret->client_ca_names = NULL; else ret->client_ca_names = SSL_dup_CA_list(names); + names = SSL_get0_peer_CA_list(server.ssl); + if (names == NULL) + ret->server_ca_names = NULL; + else + ret->server_ca_names = SSL_dup_CA_list(names); + ret->server_cert_type = peer_pkey_type(client.ssl); ret->client_cert_type = peer_pkey_type(server.ssl); -- cgit v1.2.3