min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ssl/test: fix UT expectations accordingly with boringssl change 

- boringssl fix:
https://boringssl.googlesource.com/boringssl/+/c02c19e0d842f54d903a9b62316476f4b9c4e3f0

- Now ALPN validation with SSL_TLSEXT_ERR_ALERT_FATAL makes the server
abort the handshake with an alarm. UT now correctly asserts
connection error on both client and server side.
This commit is contained in:
BiagioFesta 2022-04-28 15:49:23 +02:00 committed by Joshua Nelson
parent e141e834f1
commit 863b72b3a8
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
boring/src/ssl/test/mod.rs
View File

@ -444,17 +444,23 @@ fn test_alpn_server_advertise_multiple() {
#[test]
fn test_alpn_server_select_none_fatal() {
let mut server = Server::builder();
// NOTE: in Boring all alpn errors are treated as SSL_TLSEXT_ERR_NOACK
server.ctx().set_alpn_select_callback(|_, client| {
ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client)
.ok_or(ssl::AlpnError::ALERT_FATAL)
});
#[cfg(not(feature = "fips"))]
server.should_error();
let server = server.build();
let mut client = server.client();
client.ctx().set_alpn_protos(b"\x06http/2").unwrap();
if cfg!(feature = "fips") {
let s = client.connect();
assert_eq!(None, s.ssl().selected_alpn_protocol());
} else {
client.connect_err();
}
}
#[test]