Add regress that calls SSL_set_tlsext_host_name() with a NULL host name.

author jsing <jsing@openbsd.org>

Tue, 2 Nov 2021 14:39:09 +0000 (14:39 +0000)

committer jsing <jsing@openbsd.org>

Tue, 2 Nov 2021 14:39:09 +0000 (14:39 +0000)
author jsing <jsing@openbsd.org>
Tue, 2 Nov 2021 14:39:09 +0000 (14:39 +0000)
committer jsing <jsing@openbsd.org>
Tue, 2 Nov 2021 14:39:09 +0000 (14:39 +0000)
diff --git a/regress/lib/libssl/tlsext/tlsexttest.c b/regress/lib/libssl/tlsext/tlsexttest.c

index 21e096c..9bd438f 100644 (file)
--- a/regress/lib/libssl/tlsext/tlsexttest.c
+++ b/regress/lib/libssl/tlsext/tlsexttest.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tlsexttest.c,v 1.52 2021/11/01 16:39:01 jsing Exp $ */
+/* $OpenBSD: tlsexttest.c,v 1.53 2021/11/02 14:39:09 jsing Exp $ */
  /*
   * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
   * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -1722,6 +1722,20 @@ test_tlsext_sni_client(void)
                 goto err;
         }
  
+       /*
+        * SSL_set_tlsext_host_name() may be called with a NULL host name to
+        * disable SNI.
+        */
+       if (!SSL_set_tlsext_host_name(ssl, NULL)) {
+               FAIL("cannot set host name to NULL");
+               goto err;
+       }
+
+       if (tlsext_sni_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
+               FAIL("client should not need SNI\n");
+               goto err;
+       }
+
         if ((ssl->session = SSL_SESSION_new()) == NULL) {
                 FAIL("failed to create session");
                 goto err;
author	jsing <jsing@openbsd.org>
	Tue, 2 Nov 2021 14:39:09 +0000 (14:39 +0000)
committer	jsing <jsing@openbsd.org>
	Tue, 2 Nov 2021 14:39:09 +0000 (14:39 +0000)