/*
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(),
DTLS_client_method(),
- DTLS1_VERSION, DTLS_MAX_VERSION,
+ DTLS1_VERSION, 0,
&sctx, &cctx, cert, privkey)))
return 0;
/*
* Inject a dummy record from the next epoch. In test 0, this should never
* get used because the message sequence number is too big. In test 1 we set
- * the record sequence number to be way off in the future. This should not
- * have an impact on the record replay protection because the record should
- * be dropped before it is marked as arrived
+ * the record sequence number to be way off in the future.
*/
c_to_s_mempacket = SSL_get_wbio(clientssl1);
c_to_s_mempacket = BIO_next(c_to_s_mempacket);
mempacket_test_inject(c_to_s_mempacket, (char *)certstatus,
sizeof(certstatus), 1, INJECT_PACKET_IGNORE_REC_SEQ);
- if (!TEST_true(create_ssl_connection(serverssl1, clientssl1,
- SSL_ERROR_NONE)))
+ /*
+ * Create the connection. We use "create_bare_ssl_connection" here so that
+ * we can force the connection to not do "SSL_read" once partly conencted.
+ * We don't want to accidentally read the dummy records we injected because
+ * they will fail to decrypt.
+ */
+ if (!TEST_true(create_bare_ssl_connection(serverssl1, clientssl1,
+ SSL_ERROR_NONE, 0)))
goto end;
if (timer_cb_count == 0) {
if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(),
DTLS_client_method(),
- DTLS1_VERSION, DTLS_MAX_VERSION,
+ DTLS1_VERSION, 0,
&sctx, &cctx, cert, privkey)))
return 0;
if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(),
DTLS_client_method(),
- DTLS1_VERSION, DTLS_MAX_VERSION,
+ DTLS1_VERSION, 0,
&sctx, &cctx, cert, privkey)))
return 0;
if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(),
DTLS_client_method(),
- DTLS1_VERSION, DTLS_MAX_VERSION,
+ DTLS1_VERSION, 0,
&sctx, &cctx, cert, privkey)))
return 0;
return testresult;
}
+OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
+
int setup_tests(void)
{
if (!TEST_ptr(cert = test_get_argument(0))