*/
#include <stdio.h>
+#include <string.h>
#include <openssl/conf.h>
#include <openssl/err.h>
return 1;
}
+static int check_servername(HANDSHAKE_RESULT result, SSL_TEST_CTX *test_ctx)
+{
+ if (result.servername != test_ctx->expected_servername) {
+ fprintf(stderr, "Client ServerName mismatch, expected %s, got %s\n.",
+ ssl_servername_name(test_ctx->expected_servername),
+ ssl_servername_name(result.servername));
+ return 0;
+ }
+ return 1;
+}
+
+static int check_session_ticket(HANDSHAKE_RESULT result, SSL_TEST_CTX *test_ctx)
+{
+ if (test_ctx->session_ticket_expected == SSL_TEST_SESSION_TICKET_IGNORE)
+ return 1;
+ if (test_ctx->session_ticket_expected == SSL_TEST_SESSION_TICKET_BROKEN &&
+ result.session_ticket == SSL_TEST_SESSION_TICKET_NO)
+ return 1;
+ if (result.session_ticket != test_ctx->session_ticket_expected) {
+ fprintf(stderr, "Client SessionTicketExpected mismatch, expected %s, got %s\n.",
+ ssl_session_ticket_name(test_ctx->session_ticket_expected),
+ ssl_session_ticket_name(result.session_ticket));
+ return 0;
+ }
+ return 1;
+}
+
/*
* This could be further simplified by constructing an expected
* HANDSHAKE_RESULT, and implementing comparison methods for
int ret = 1;
ret &= check_result(result, test_ctx);
ret &= check_alerts(result, test_ctx);
- if (result.result == SSL_TEST_SUCCESS)
+ if (result.result == SSL_TEST_SUCCESS) {
ret &= check_protocol(result, test_ctx);
+ ret &= check_servername(result, test_ctx);
+ ret &= check_session_ticket(result, test_ctx);
+ ret &= (result.session_ticket_do_not_call == 0);
+ }
return ret;
}
static int execute_test(SSL_TEST_FIXTURE fixture)
{
int ret = 0;
- SSL_CTX *server_ctx = NULL, *client_ctx = NULL;
+ SSL_CTX *server_ctx = NULL, *server2_ctx = NULL, *client_ctx = NULL;
SSL_TEST_CTX *test_ctx = NULL;
HANDSHAKE_RESULT result;
- server_ctx = SSL_CTX_new(TLS_server_method());
- client_ctx = SSL_CTX_new(TLS_client_method());
+ test_ctx = SSL_TEST_CTX_create(conf, fixture.test_app);
+ if (test_ctx == NULL)
+ goto err;
+
+#ifndef OPENSSL_NO_DTLS
+ if (test_ctx->method == SSL_TEST_METHOD_DTLS) {
+ server_ctx = SSL_CTX_new(DTLS_server_method());
+ if (test_ctx->servername_callback != SSL_TEST_SERVERNAME_CB_NONE) {
+ server2_ctx = SSL_CTX_new(DTLS_server_method());
+ OPENSSL_assert(server2_ctx != NULL);
+ }
+ client_ctx = SSL_CTX_new(DTLS_client_method());
+ }
+#endif
+ if (test_ctx->method == SSL_TEST_METHOD_TLS) {
+ server_ctx = SSL_CTX_new(TLS_server_method());
+ if (test_ctx->servername_callback != SSL_TEST_SERVERNAME_CB_NONE) {
+ server2_ctx = SSL_CTX_new(TLS_server_method());
+ OPENSSL_assert(server2_ctx != NULL);
+ }
+ client_ctx = SSL_CTX_new(TLS_client_method());
+ }
+
OPENSSL_assert(server_ctx != NULL && client_ctx != NULL);
OPENSSL_assert(CONF_modules_load(conf, fixture.test_app, 0) > 0);
if (!SSL_CTX_config(server_ctx, "server")
- || !SSL_CTX_config(client_ctx, "client")) {
+ || !SSL_CTX_config(client_ctx, "client")) {
goto err;
}
- test_ctx = SSL_TEST_CTX_create(conf, fixture.test_app);
- if (test_ctx == NULL)
+ if (server2_ctx != NULL && !SSL_CTX_config(server2_ctx, "server2"))
goto err;
- result = do_handshake(server_ctx, client_ctx, test_ctx);
+ result = do_handshake(server_ctx, server2_ctx, client_ctx, test_ctx);
ret = check_test(result, test_ctx);
err:
CONF_modules_unload(0);
SSL_CTX_free(server_ctx);
+ SSL_CTX_free(server2_ctx);
SSL_CTX_free(client_ctx);
SSL_TEST_CTX_free(test_ctx);
if (ret != 1)
projects / openssl.git / blobdiff