diff options
| author | Matt Caswell <matt@openssl.org> | 2017-10-11 15:42:25 +0200 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2017-10-12 16:19:49 +0200 |
| commit | 141e470947327e0c4e8ef3c299b42d01064c484c (patch) | |
| tree | 4ac25de0372680d6a2244bb3a1ba1c3b6e6d5b90 /test/sslapitest.c | |
| parent | Fix bug where early_data does not work if no SNI callback is present (diff) | |
| download | openssl-141e470947327e0c4e8ef3c299b42d01064c484c.tar.xz openssl-141e470947327e0c4e8ef3c299b42d01064c484c.zip | |
Add a test for setting initial SNI in CH but not using it with early_data
Test for the bug where early_data is not accepted by the server when it
does not have an SNI callback set up, but the client sent a servername in
the initial ClientHello establishing the session.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4519)
Diffstat (limited to '')
| -rw-r--r-- | test/sslapitest.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/test/sslapitest.c b/test/sslapitest.c index 5299d5794b..c1137b08a5 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -1507,6 +1507,16 @@ static int setupearly_data_test(SSL_CTX **cctx, SSL_CTX **sctx, SSL **clientssl, NULL, NULL))) return 0; + /* + * For one of the run throughs (doesn't matter which one), we'll try sending + * some SNI data in the initial ClientHello. This will be ignored (because + * there is no SNI cb set up by the server), so it should not impact + * early_data. + */ + if (idx == 1 + && !TEST_true(SSL_set_tlsext_host_name(*clientssl, "localhost"))) + return 0; + if (idx == 2) { /* Create the PSK */ const SSL_CIPHER *cipher = NULL; |