SNI + SSL async callback: make all keys async

When testing async callbacks with SNI, make all the keys async, not
just the first one. Otherwise the test is fragile with respect to
whether a key is used directly or through the async callbacks.
This commit is contained in:
Gilles Peskine 2018-06-13 18:06:51 +02:00
parent 3cde2fca53
commit 157f6d8f74

View file

@ -897,7 +897,7 @@ typedef enum {
typedef struct typedef struct
{ {
ssl_async_key_slot_t slots[3]; /* key, key2, sni */ ssl_async_key_slot_t slots[4]; /* key, key2, sni1, sni2 */
size_t slots_used; size_t slots_used;
ssl_async_inject_error_t inject_error; ssl_async_inject_error_t inject_error;
int (*f_rng)(void *, unsigned char *, size_t); int (*f_rng)(void *, unsigned char *, size_t);
@ -2386,9 +2386,12 @@ int main( int argc, char *argv[] )
mbedtls_ssl_conf_sni( &conf, sni_callback, sni_info ); mbedtls_ssl_conf_sni( &conf, sni_callback, sni_info );
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) #if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
if( opt.async_private_delay2 >= 0 ) if( opt.async_private_delay2 >= 0 )
{
sni_entry *cur;
for( cur = sni_info; cur != NULL; cur = cur->next )
{ {
ret = ssl_async_set_key( &ssl_async_keys, ret = ssl_async_set_key( &ssl_async_keys,
sni_info->cert, sni_info->key, cur->cert, cur->key,
opt.async_private_delay2 ); opt.async_private_delay2 );
if( ret < 0 ) if( ret < 0 )
{ {
@ -2396,7 +2399,8 @@ int main( int argc, char *argv[] )
ret ); ret );
goto exit; goto exit;
} }
sni_info->key = NULL; cur->key = NULL;
}
} }
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
} }