diff options
author | Matt Caswell <matt@openssl.org> | 2018-05-10 12:33:51 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-05-11 13:47:13 +0100 |
commit | 0d8da77908df1aa3186b00113aab1b338cba9b07 (patch) | |
tree | 4b5f34ae3b2114bc4d2de1b67d5197a15ed691a2 /test/ssltestlib.c | |
parent | 9e064bc1701599a15d0111a252b70fe45f2d2da8 (diff) | |
download | openssl-0d8da77908df1aa3186b00113aab1b338cba9b07.zip openssl-0d8da77908df1aa3186b00113aab1b338cba9b07.tar.gz openssl-0d8da77908df1aa3186b00113aab1b338cba9b07.tar.bz2 |
Test an old style PSK callback with no cert will prefer SHA-256
If using an old style PSK callback and no certificate is configured for
the server, we should prefer ciphersuites based on SHA-256, because that
is the default hash for those callbacks as specified in the TLSv1.3 spec.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6215)
Diffstat (limited to 'test/ssltestlib.c')
-rw-r--r-- | test/ssltestlib.c | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/test/ssltestlib.c b/test/ssltestlib.c index 041ae26..c768963 100644 --- a/test/ssltestlib.c +++ b/test/ssltestlib.c @@ -594,12 +594,15 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, max_proto_version))))) goto err; - if (!TEST_int_eq(SSL_CTX_use_certificate_file(serverctx, certfile, - SSL_FILETYPE_PEM), 1) - || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(serverctx, privkeyfile, - SSL_FILETYPE_PEM), 1) - || !TEST_int_eq(SSL_CTX_check_private_key(serverctx), 1)) - goto err; + if (certfile != NULL && privkeyfile != NULL) { + if (!TEST_int_eq(SSL_CTX_use_certificate_file(serverctx, certfile, + SSL_FILETYPE_PEM), 1) + || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(serverctx, + privkeyfile, + SSL_FILETYPE_PEM), 1) + || !TEST_int_eq(SSL_CTX_check_private_key(serverctx), 1)) + goto err; + } #ifndef OPENSSL_NO_DH SSL_CTX_set_dh_auto(serverctx, 1); |