summaryrefslogtreecommitdiff
path: root/src/regress/lib
diff options
context:
space:
mode:
authortb <>2021-01-11 18:31:03 +0000
committertb <>2021-01-11 18:31:03 +0000
commit2502dd35218a3fbc2d09b1980c8947fa22335f6e (patch)
tree42c5bdbd646630517ee9b831f6e96df7fb297740 /src/regress/lib
parent87e0fa60e183caf837c854be40350ac275e4a7b8 (diff)
downloadopenbsd-2502dd35218a3fbc2d09b1980c8947fa22335f6e.tar.gz
openbsd-2502dd35218a3fbc2d09b1980c8947fa22335f6e.tar.bz2
openbsd-2502dd35218a3fbc2d09b1980c8947fa22335f6e.zip
Shut down the TLS connections properly.
Diffstat (limited to 'src/regress/lib')
-rw-r--r--src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c31
1 files changed, 28 insertions, 3 deletions
diff --git a/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c b/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c
index 306cc6ac23..d6d09cffd7 100644
--- a/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c
+++ b/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_get_shared_ciphers.c,v 1.4 2021/01/11 18:26:25 tb Exp $ */ 1/* $OpenBSD: ssl_get_shared_ciphers.c,v 1.5 2021/01/11 18:31:03 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2021 Theo Buehler <tb@openbsd.org> 3 * Copyright (c) 2021 Theo Buehler <tb@openbsd.org>
4 * 4 *
@@ -304,8 +304,8 @@ push_data_to_peer(SSL *ssl, int *ret, int (*func)(SSL *), const char *func_name,
304 return 1; 304 return 1;
305 305
306 /* 306 /*
307 * Do SSL_connect/SSL_accept once and loop while hitting WANT_WRITE. 307 * Do SSL_connect/SSL_accept/SSL_shutdown once and loop while hitting
308 * If done or on WANT_READ hand off to peer. 308 * WANT_WRITE. If done or on WANT_READ hand off to peer.
309 */ 309 */
310 310
311 do { 311 do {
@@ -313,6 +313,10 @@ push_data_to_peer(SSL *ssl, int *ret, int (*func)(SSL *), const char *func_name,
313 ssl_err = SSL_get_error(ssl, *ret); 313 ssl_err = SSL_get_error(ssl, *ret);
314 } while (*ret <= 0 && ssl_err == SSL_ERROR_WANT_WRITE); 314 } while (*ret <= 0 && ssl_err == SSL_ERROR_WANT_WRITE);
315 315
316 /* Ignore erroneous error - see SSL_shutdown(3)... */
317 if (func == SSL_shutdown && ssl_err == SSL_ERROR_SYSCALL)
318 return 1;
319
316 if (*ret <= 0 && ssl_err != SSL_ERROR_WANT_READ) { 320 if (*ret <= 0 && ssl_err != SSL_ERROR_WANT_READ) {
317 fprintf(stderr, "%s: %s failed\n", description, func_name); 321 fprintf(stderr, "%s: %s failed\n", description, func_name);
318 ERR_print_errors_fp(stderr); 322 ERR_print_errors_fp(stderr);
@@ -346,6 +350,24 @@ handshake(SSL *client_ssl, SSL *server_ssl, const char *description)
346 return client_ret == 1 && server_ret == 1; 350 return client_ret == 1 && server_ret == 1;
347} 351}
348 352
353static int
354shutdown(SSL *client_ssl, SSL *server_ssl, const char *description)
355{
356 int loops = 0, client_ret = 0, server_ret = 0;
357
358 while (loops++ < 10 && (client_ret <= 0 || server_ret <= 0)) {
359 if (!push_data_to_peer(client_ssl, &client_ret, SSL_shutdown,
360 "client shutdown", description))
361 return 0;
362
363 if (!push_data_to_peer(server_ssl, &server_ret, SSL_shutdown,
364 "server shutdown", description))
365 return 0;
366 }
367
368 return client_ret == 1 && server_ret == 1;
369}
370
349/* from ssl_ciph.c */ 371/* from ssl_ciph.c */
350static inline int 372static inline int
351ssl_aes_is_accelerated(void) 373ssl_aes_is_accelerated(void)
@@ -415,6 +437,9 @@ test_get_shared_ciphers(const struct ssl_shared_ciphers_test_data *test)
415 goto err; 437 goto err;
416 } 438 }
417 439
440 if (!shutdown(client_ssl, server_ssl, test->description))
441 goto err;
442
418 failed = check_shared_ciphers(test, buf); 443 failed = check_shared_ciphers(test, buf);
419 444
420 err: 445 err:
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 21:37:49 +0000