From: Matt Caswell <matt@openssl.org>
Date: Thu, 19 Jan 2017 16:00:19 +0000 (+0000)
Subject: Update create_ssl_connection() to make sure its gets a session
X-Git-Tag: OpenSSL_1_1_1-pre1~2559
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=59db06f160e1572a633ca3325fa4dc0dba80f2f1;p=oweals%2Fopenssl.git

Update create_ssl_connection() to make sure its gets a session

In TLSv1.3 the connection will be created before the session is
established. In OpenSSL we send the NewSessionTicket message immediately
after the client finished has been received. Therefore we change
create_ssl_connection() to attempt a read of application data after the
handshake has completed. We expect this to fail but it will force the
reading of the NewSessionTicket and the session to be set up.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2259)
---

diff --git a/test/ssltestlib.c b/test/ssltestlib.c
index 57039e77a9..1981cb5696 100644
--- a/test/ssltestlib.c
+++ b/test/ssltestlib.c
@@ -645,6 +645,8 @@ int create_ssl_connection(SSL *serverssl, SSL *clientssl)
 {
     int retc = -1, rets = -1, err, abortctr = 0;
     int clienterr = 0, servererr = 0;
+    unsigned char buf;
+    size_t readbytes;
 
     do {
         err = SSL_ERROR_WANT_WRITE;
@@ -678,5 +680,20 @@ int create_ssl_connection(SSL *serverssl, SSL *clientssl)
         }
     } while (retc <=0 || rets <= 0);
 
+    /*
+     * We attempt to read some data on the client side which we expect to fail.
+     * This will ensure we have received the NewSessionTicket in TLSv1.3 where
+     * appropriate.
+     */
+    if (SSL_read_ex(clientssl, &buf, sizeof(buf), &readbytes) > 0) {
+        if (readbytes != 0) {
+            printf("Unexpected success reading data %"OSSLzu"\n", readbytes);
+            return 0;
+        }
+    } else if (SSL_get_error(clientssl, 0) != SSL_ERROR_WANT_READ) {
+        printf("SSL_read_ex() failed\n");
+        return 0;
+    }
+
     return 1;
 }