From 59db06f160e1572a633ca3325fa4dc0dba80f2f1 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 19 Jan 2017 16:00:19 +0000 Subject: [PATCH] Update create_ssl_connection() to make sure its gets a session In TLSv1.3 the connection will be created before the session is established. In OpenSSL we send the NewSessionTicket message immediately after the client finished has been received. Therefore we change create_ssl_connection() to attempt a read of application data after the handshake has completed. We expect this to fail but it will force the reading of the NewSessionTicket and the session to be set up. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2259) --- test/ssltestlib.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/test/ssltestlib.c b/test/ssltestlib.c index 57039e77a9..1981cb5696 100644 --- a/test/ssltestlib.c +++ b/test/ssltestlib.c @@ -645,6 +645,8 @@ int create_ssl_connection(SSL *serverssl, SSL *clientssl) { int retc = -1, rets = -1, err, abortctr = 0; int clienterr = 0, servererr = 0; + unsigned char buf; + size_t readbytes; do { err = SSL_ERROR_WANT_WRITE; @@ -678,5 +680,20 @@ int create_ssl_connection(SSL *serverssl, SSL *clientssl) } } while (retc <=0 || rets <= 0); + /* + * We attempt to read some data on the client side which we expect to fail. + * This will ensure we have received the NewSessionTicket in TLSv1.3 where + * appropriate. + */ + if (SSL_read_ex(clientssl, &buf, sizeof(buf), &readbytes) > 0) { + if (readbytes != 0) { + printf("Unexpected success reading data %"OSSLzu"\n", readbytes); + return 0; + } + } else if (SSL_get_error(clientssl, 0) != SSL_ERROR_WANT_READ) { + printf("SSL_read_ex() failed\n"); + return 0; + } + return 1; }