Commit 141e4709 authored by Matt Caswell's avatar Matt Caswell
Browse files

Add a test for setting initial SNI in CH but not using it with early_data 



Test for the bug where early_data is not accepted by the server when it
does not have an SNI callback set up, but the client sent a servername in
the initial ClientHello establishing the session.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
Reviewed-by: default avatarBen Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4519)
parent 9fb6cb81

test/sslapitest.c

+10 −0
Original line number Diff line number Diff line
@@ -1507,6 +1507,16 @@ static int setupearly_data_test(SSL_CTX **cctx, SSL_CTX **sctx, SSL **clientssl, 
                                      NULL, NULL)))

        return 0;



    /*

     * For one of the run throughs (doesn't matter which one), we'll try sending

     * some SNI data in the initial ClientHello. This will be ignored (because

     * there is no SNI cb set up by the server), so it should not impact

     * early_data.

     */

    if (idx == 1

            && !TEST_true(SSL_set_tlsext_host_name(*clientssl, "localhost")))

        return 0;



    if (idx == 2) {

        /* Create the PSK */

        const SSL_CIPHER *cipher = NULL;