return 1;
}
+static int ServerNameCallback(SSL *ssl, int *out_alert, void *arg) {
+ // SNI must be accessible from the SNI callback.
+ const TestConfig *config = GetTestConfig(ssl);
+ const char *server_name = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
+ if (server_name == nullptr ||
+ std::string(server_name) != config->expected_server_name) {
+ fprintf(stderr, "servername mismatch (got %s; want %s)\n", server_name,
+ config->expected_server_name.c_str());
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
+ }
+
+ return SSL_TLSEXT_ERR_OK;
+}
+
// Connect returns a new socket connected to localhost on |port| or -1 on
// error.
static int Connect(uint16_t port) {
sizeof(sess_id_ctx) - 1))
return nullptr;
+ if (!config->expected_server_name.empty()) {
+ SSL_CTX_set_tlsext_servername_callback(ssl_ctx.get(), ServerNameCallback);
+ }
+
return ssl_ctx;
}
if (!config->expected_server_name.empty()) {
const char *server_name =
SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
- if (server_name != config->expected_server_name) {
+ if (server_name == nullptr ||
+ std::string(server_name) != config->expected_server_name) {
fprintf(stderr, "servername mismatch (got %s; want %s)\n",
server_name, config->expected_server_name.c_str());
return false;
projects / oweals / openssl.git / commitdiff