Add a test for setting initial SNI in CH but not using it with early_data

Test for the bug where early_data is not accepted by the server when it does not have an SNI callback set up, but the client sent a servername in the initial ClientHello establishing the session. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4519)
author: Matt Caswell <matt@openssl.org> 2017-10-11 14:42:25 +0100
committer: Matt Caswell <matt@openssl.org> 2017-10-12 15:19:49 +0100
commit: 141e470947327e0c4e8ef3c299b42d01064c484c (patch)
tree: 4ac25de0372680d6a2244bb3a1ba1c3b6e6d5b90
parent: 9fb6cb810b769abbd60f11ef6e936a4e4456b19d (diff)
download: openssl-141e470947327e0c4e8ef3c299b42d01064c484c.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/test/sslapitest.c b/test/sslapitest.c
index 5299d5794b..c1137b08a5 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -1507,6 +1507,16 @@ static int setupearly_data_test(SSL_CTX **cctx, SSL_CTX **sctx, SSL **clientssl,
                                       NULL, NULL)))
         return 0;
 
+    /*
+     * For one of the run throughs (doesn't matter which one), we'll try sending
+     * some SNI data in the initial ClientHello. This will be ignored (because
+     * there is no SNI cb set up by the server), so it should not impact
+     * early_data.
+     */
+    if (idx == 1
+            && !TEST_true(SSL_set_tlsext_host_name(*clientssl, "localhost")))
+        return 0;
+
     if (idx == 2) {
         /* Create the PSK */
         const SSL_CIPHER *cipher = NULL;
author	Matt Caswell <matt@openssl.org>	2017-10-11 14:42:25 +0100
committer	Matt Caswell <matt@openssl.org>	2017-10-12 15:19:49 +0100
commit	141e470947327e0c4e8ef3c299b42d01064c484c (patch)
tree	4ac25de0372680d6a2244bb3a1ba1c3b6e6d5b90
parent	9fb6cb810b769abbd60f11ef6e936a4e4456b19d (diff)
download	openssl-141e470947327e0c4e8ef3c299b42d01064c484c.tar.gz