From: Dr. Stephen Henson Date: Sun, 26 Jan 2014 00:51:09 +0000 (+0000) Subject: Add cert callback retry test. X-Git-Tag: OpenSSL_1_0_2-beta1~91 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=285f7fb0f95e11c5d29af59462c58b8d0b2b9716;p=oweals%2Fopenssl.git Add cert callback retry test. (cherry picked from commit 3323314fc1c6d18e650a2de97f7cf9892ac92a60) --- diff --git a/apps/s_cb.c b/apps/s_cb.c index 22506a6805..78f1d93c6c 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -1264,6 +1264,16 @@ static int set_cert_cb(SSL *ssl, void *arg) { int i, rv; SSL_EXCERT *exc = arg; +#ifdef CERT_CB_TEST_RETRY + static int retry_cnt; + if (retry_cnt < 5) + { + retry_cnt++; + fprintf(stderr, "Certificate callback retry test: count %d\n", + retry_cnt); + return -1; + } +#endif SSL_certs_clear(ssl); if (!exc) diff --git a/apps/s_server.c b/apps/s_server.c index 8fbe9c5113..6aa4161b64 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -2610,6 +2610,15 @@ static int init_ssl_connection(SSL *con) i=SSL_accept(con); +#ifdef CERT_CB_TEST_RETRY + { + while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP && SSL_state(con) == SSL3_ST_SR_CLNT_HELLO_C) + { + fprintf(stderr, "LOOKUP from certificate callback during accept\n"); + i=SSL_accept(con); + } + } +#endif #ifndef OPENSSL_NO_SRP while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) {