Update create_ssl_connection() to make sure its gets a session

In TLSv1.3 the connection will be created before the session is
established. In OpenSSL we send the NewSessionTicket message immediately
after the client finished has been received. Therefore we change
create_ssl_connection() to attempt a read of application data after the
handshake has completed. We expect this to fail but it will force the
reading of the NewSessionTicket and the session to be set up.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2259)

diff --git a/test/ssltestlib.c b/test/ssltestlib.c
index 57039e77a99e2cb9ce5fa5838ef272a6a39b6248..1981cb5696714f80cea3495f200e6246614a5997 100644 (file)
--- a/test/ssltestlib.c
+++ b/test/ssltestlib.c
@@ -645,6 +645,8 @@ int create_ssl_connection(SSL *serverssl, SSL *clientssl)
 {
     int retc = -1, rets = -1, err, abortctr = 0;
     int clienterr = 0, servererr = 0;
+    unsigned char buf;
+    size_t readbytes;
 
     do {
         err = SSL_ERROR_WANT_WRITE;
@@ -678,5 +680,20 @@ int create_ssl_connection(SSL *serverssl, SSL *clientssl)
         }
     } while (retc <=0 || rets <= 0);
 
+    /*
+     * We attempt to read some data on the client side which we expect to fail.
+     * This will ensure we have received the NewSessionTicket in TLSv1.3 where
+     * appropriate.
+     */
+    if (SSL_read_ex(clientssl, &buf, sizeof(buf), &readbytes) > 0) {
+        if (readbytes != 0) {
+            printf("Unexpected success reading data %"OSSLzu"\n", readbytes);
+            return 0;
+        }
+    } else if (SSL_get_error(clientssl, 0) != SSL_ERROR_WANT_READ) {
+        printf("SSL_read_ex() failed\n");
+        return 0;
+    }
+
     return 1;
 }