From cee623ccd7642a1c73ce99110ce82a853cff7630 Mon Sep 17 00:00:00 2001
From: bluhm <bluhm@openbsd.org>
Date: Mon, 19 Apr 2021 10:58:31 +0000
Subject: [PATCH] Fix TLS error message race.  Due to less handshakes in TLS
 1.3 an EPIPE error may be reported instead of a TLS alert.

---
 regress/usr.sbin/syslogd/args-tls-cafile-default.pl | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/regress/usr.sbin/syslogd/args-tls-cafile-default.pl b/regress/usr.sbin/syslogd/args-tls-cafile-default.pl
index 440733185ab..a77977117fe 100644
--- a/regress/usr.sbin/syslogd/args-tls-cafile-default.pl
+++ b/regress/usr.sbin/syslogd/args-tls-cafile-default.pl
@@ -7,8 +7,12 @@
 
 use strict;
 use warnings;
+use Errno ':POSIX';
 use Socket;
 
+my @errors = (EPIPE);
+my $errors = "(". join("|", map { $! = $_ } @errors). ")";
+
 our %args = (
     syslogd => {
 	loghost => '@tls://localhost:$connectport',
@@ -32,8 +36,9 @@ our %args = (
 	exit => 255,
 	loggrep => {
 	    qr/listen sock: (127.0.0.1|::1) \d+/ => 1,
-	    qr/SSL accept attempt failed error:/.
-		qr/.*ST_ACCEPT:tlsv1 alert unknown ca/ => 1,
+	    qr/IO::Socket::SSL socket accept failed: /.
+		qr/.*,SSL accept attempt failed error:.*/.
+		qr/(ST_ACCEPT:tlsv1 alert unknown ca|$errors)/ => 1,
 	    get_testgrep() => 0,
 	},
     },
-- 
2.20.1