summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/regress/lib/libssl/dtls/dtlstest.c8
-rw-r--r--src/regress/lib/libssl/tlsext/tlsexttest.c102
-rw-r--r--src/regress/lib/libssl/unit/cipher_list.c4
-rw-r--r--src/regress/lib/libssl/unit/ssl_versions.c10
-rw-r--r--src/regress/lib/libssl/unit/tls_ext_alpn.c10
5 files changed, 66 insertions, 68 deletions
diff --git a/src/regress/lib/libssl/dtls/dtlstest.c b/src/regress/lib/libssl/dtls/dtlstest.c
index 18df9952b2..3819039f82 100644
--- a/src/regress/lib/libssl/dtls/dtlstest.c
+++ b/src/regress/lib/libssl/dtls/dtlstest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dtlstest.c,v 1.15 2022/01/07 09:07:00 tb Exp $ */ 1/* $OpenBSD: dtlstest.c,v 1.16 2022/10/02 16:38:23 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -972,10 +972,8 @@ dtlstest(const struct dtls_test *dt)
972 if ((server = dtls_server(server_sock, dt->ssl_options, dt->mtu)) == NULL) 972 if ((server = dtls_server(server_sock, dt->ssl_options, dt->mtu)) == NULL)
973 goto failure; 973 goto failure;
974 974
975 tls12_record_layer_set_initial_epoch(client->internal->rl, 975 tls12_record_layer_set_initial_epoch(client->rl, dt->initial_epoch);
976 dt->initial_epoch); 976 tls12_record_layer_set_initial_epoch(server->rl, dt->initial_epoch);
977 tls12_record_layer_set_initial_epoch(server->internal->rl,
978 dt->initial_epoch);
979 977
980 if (dt->client_bbio_off) 978 if (dt->client_bbio_off)
981 SSL_set_info_callback(client, dtls_info_callback); 979 SSL_set_info_callback(client, dtls_info_callback);
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c
index c6f9240853..331d554c0e 100644
--- a/src/regress/lib/libssl/tlsext/tlsexttest.c
+++ b/src/regress/lib/libssl/tlsext/tlsexttest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tlsexttest.c,v 1.75 2022/08/21 19:46:19 jsing Exp $ */ 1/* $OpenBSD: tlsexttest.c,v 1.76 2022/10/02 16:38:23 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> 4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -187,7 +187,7 @@ test_tlsext_alpn_client(void)
187 187
188 /* 188 /*
189 * Prereqs: 189 * Prereqs:
190 * 1) Set s->internal->alpn_client_proto_list 190 * 1) Set s->alpn_client_proto_list
191 * - Using SSL_set_alpn_protos() 191 * - Using SSL_set_alpn_protos()
192 * 2) We have not finished or renegotiated. 192 * 2) We have not finished or renegotiated.
193 * - s->s3->tmp.finish_md_len == 0 193 * - s->s3->tmp.finish_md_len == 0
@@ -245,18 +245,18 @@ test_tlsext_alpn_client(void)
245 goto err; 245 goto err;
246 } 246 }
247 247
248 if (ssl->internal->alpn_client_proto_list_len != 248 if (ssl->alpn_client_proto_list_len !=
249 sizeof(tlsext_alpn_single_proto_val)) { 249 sizeof(tlsext_alpn_single_proto_val)) {
250 FAIL("got client ALPN with length %zu, " 250 FAIL("got client ALPN with length %zu, "
251 "want length %zu\n", dlen, 251 "want length %zu\n", dlen,
252 sizeof(tlsext_alpn_single_proto_val)); 252 sizeof(tlsext_alpn_single_proto_val));
253 compare_data(ssl->internal->alpn_client_proto_list, 253 compare_data(ssl->alpn_client_proto_list,
254 ssl->internal->alpn_client_proto_list_len, 254 ssl->alpn_client_proto_list_len,
255 tlsext_alpn_single_proto_val, 255 tlsext_alpn_single_proto_val,
256 sizeof(tlsext_alpn_single_proto_val)); 256 sizeof(tlsext_alpn_single_proto_val));
257 goto err; 257 goto err;
258 } 258 }
259 if (memcmp(ssl->internal->alpn_client_proto_list, 259 if (memcmp(ssl->alpn_client_proto_list,
260 tlsext_alpn_single_proto_val, 260 tlsext_alpn_single_proto_val,
261 sizeof(tlsext_alpn_single_proto_val)) != 0) { 261 sizeof(tlsext_alpn_single_proto_val)) != 0) {
262 FAIL("client ALPN differs:\n"); 262 FAIL("client ALPN differs:\n");
@@ -312,18 +312,18 @@ test_tlsext_alpn_client(void)
312 goto err; 312 goto err;
313 } 313 }
314 314
315 if (ssl->internal->alpn_client_proto_list_len != 315 if (ssl->alpn_client_proto_list_len !=
316 sizeof(tlsext_alpn_multiple_protos_val)) { 316 sizeof(tlsext_alpn_multiple_protos_val)) {
317 FAIL("got client ALPN with length %zu, " 317 FAIL("got client ALPN with length %zu, "
318 "want length %zu\n", dlen, 318 "want length %zu\n", dlen,
319 sizeof(tlsext_alpn_multiple_protos_val)); 319 sizeof(tlsext_alpn_multiple_protos_val));
320 compare_data(ssl->internal->alpn_client_proto_list, 320 compare_data(ssl->alpn_client_proto_list,
321 ssl->internal->alpn_client_proto_list_len, 321 ssl->alpn_client_proto_list_len,
322 tlsext_alpn_multiple_protos_val, 322 tlsext_alpn_multiple_protos_val,
323 sizeof(tlsext_alpn_multiple_protos_val)); 323 sizeof(tlsext_alpn_multiple_protos_val));
324 goto err; 324 goto err;
325 } 325 }
326 if (memcmp(ssl->internal->alpn_client_proto_list, 326 if (memcmp(ssl->alpn_client_proto_list,
327 tlsext_alpn_multiple_protos_val, 327 tlsext_alpn_multiple_protos_val,
328 sizeof(tlsext_alpn_multiple_protos_val)) != 0) { 328 sizeof(tlsext_alpn_multiple_protos_val)) != 0) {
329 FAIL("client ALPN differs:\n"); 329 FAIL("client ALPN differs:\n");
@@ -334,9 +334,9 @@ test_tlsext_alpn_client(void)
334 334
335 /* Make sure we can remove the list and avoid ALPN */ 335 /* Make sure we can remove the list and avoid ALPN */
336 336
337 free(ssl->internal->alpn_client_proto_list); 337 free(ssl->alpn_client_proto_list);
338 ssl->internal->alpn_client_proto_list = NULL; 338 ssl->alpn_client_proto_list = NULL;
339 ssl->internal->alpn_client_proto_list_len = 0; 339 ssl->alpn_client_proto_list_len = 0;
340 340
341 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) { 341 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
342 FAIL("client should need ALPN by default\n"); 342 FAIL("client should need ALPN by default\n");
@@ -703,17 +703,17 @@ test_tlsext_supportedgroups_client(void)
703 if ((ssl->session = SSL_SESSION_new()) == NULL) 703 if ((ssl->session = SSL_SESSION_new()) == NULL)
704 errx(1, "failed to create session"); 704 errx(1, "failed to create session");
705 705
706 if ((ssl->internal->tlsext_supportedgroups = malloc(sizeof(uint16_t) * 2)) == NULL) { 706 if ((ssl->tlsext_supportedgroups = malloc(sizeof(uint16_t) * 2)) == NULL) {
707 FAIL("client could not malloc\n"); 707 FAIL("client could not malloc\n");
708 goto err; 708 goto err;
709 } 709 }
710 if (!tls1_ec_nid2group_id(NID_X9_62_prime192v1, 710 if (!tls1_ec_nid2group_id(NID_X9_62_prime192v1,
711 &ssl->internal->tlsext_supportedgroups[0])) 711 &ssl->tlsext_supportedgroups[0]))
712 goto err; 712 goto err;
713 if (!tls1_ec_nid2group_id(NID_secp224r1, 713 if (!tls1_ec_nid2group_id(NID_secp224r1,
714 &ssl->internal->tlsext_supportedgroups[1])) 714 &ssl->tlsext_supportedgroups[1]))
715 goto err; 715 goto err;
716 ssl->internal->tlsext_supportedgroups_length = 2; 716 ssl->tlsext_supportedgroups_length = 2;
717 717
718 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) { 718 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
719 FAIL("client should need Ellipticcurves\n"); 719 FAIL("client should need Ellipticcurves\n");
@@ -764,9 +764,9 @@ test_tlsext_supportedgroups_client(void)
764 errx(1, "failed to create session"); 764 errx(1, "failed to create session");
765 765
766 /* Reset back to the default list. */ 766 /* Reset back to the default list. */
767 free(ssl->internal->tlsext_supportedgroups); 767 free(ssl->tlsext_supportedgroups);
768 ssl->internal->tlsext_supportedgroups = NULL; 768 ssl->tlsext_supportedgroups = NULL;
769 ssl->internal->tlsext_supportedgroups_length = 0; 769 ssl->tlsext_supportedgroups_length = 0;
770 770
771 CBS_init(&cbs, tlsext_supportedgroups_client_nistp192and224, 771 CBS_init(&cbs, tlsext_supportedgroups_client_nistp192and224,
772 sizeof(tlsext_supportedgroups_client_nistp192and224)); 772 sizeof(tlsext_supportedgroups_client_nistp192and224));
@@ -1025,14 +1025,14 @@ test_tlsext_ecpf_client(void)
1025 if ((ssl->session = SSL_SESSION_new()) == NULL) 1025 if ((ssl->session = SSL_SESSION_new()) == NULL)
1026 errx(1, "failed to create session"); 1026 errx(1, "failed to create session");
1027 1027
1028 if ((ssl->internal->tlsext_ecpointformatlist = malloc(sizeof(uint8_t) * 3)) == NULL) { 1028 if ((ssl->tlsext_ecpointformatlist = malloc(sizeof(uint8_t) * 3)) == NULL) {
1029 FAIL("client could not malloc\n"); 1029 FAIL("client could not malloc\n");
1030 goto err; 1030 goto err;
1031 } 1031 }
1032 ssl->internal->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime; 1032 ssl->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
1033 ssl->internal->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_uncompressed; 1033 ssl->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_uncompressed;
1034 ssl->internal->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2; 1034 ssl->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
1035 ssl->internal->tlsext_ecpointformatlist_length = 3; 1035 ssl->tlsext_ecpointformatlist_length = 3;
1036 1036
1037 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) { 1037 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1038 FAIL("client should need ECPointFormats with a custom " 1038 FAIL("client should need ECPointFormats with a custom "
@@ -1078,9 +1078,9 @@ test_tlsext_ecpf_client(void)
1078 errx(1, "failed to create session"); 1078 errx(1, "failed to create session");
1079 1079
1080 /* Reset the custom list so we go back to the default uncompressed. */ 1080 /* Reset the custom list so we go back to the default uncompressed. */
1081 free(ssl->internal->tlsext_ecpointformatlist); 1081 free(ssl->tlsext_ecpointformatlist);
1082 ssl->internal->tlsext_ecpointformatlist = NULL; 1082 ssl->tlsext_ecpointformatlist = NULL;
1083 ssl->internal->tlsext_ecpointformatlist_length = 0; 1083 ssl->tlsext_ecpointformatlist_length = 0;
1084 1084
1085 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order, 1085 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order,
1086 sizeof(tlsext_ecpf_hello_prefer_order)); 1086 sizeof(tlsext_ecpf_hello_prefer_order));
@@ -1244,14 +1244,14 @@ test_tlsext_ecpf_server(void)
1244 ssl->session->tlsext_ecpointformatlist_length = 1; 1244 ssl->session->tlsext_ecpointformatlist_length = 1;
1245 1245
1246 /* Replace the default list with a custom one. */ 1246 /* Replace the default list with a custom one. */
1247 if ((ssl->internal->tlsext_ecpointformatlist = malloc(sizeof(uint8_t) * 3)) == NULL) { 1247 if ((ssl->tlsext_ecpointformatlist = malloc(sizeof(uint8_t) * 3)) == NULL) {
1248 FAIL("server could not malloc\n"); 1248 FAIL("server could not malloc\n");
1249 goto err; 1249 goto err;
1250 } 1250 }
1251 ssl->internal->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime; 1251 ssl->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
1252 ssl->internal->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_uncompressed; 1252 ssl->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_uncompressed;
1253 ssl->internal->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2; 1253 ssl->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
1254 ssl->internal->tlsext_ecpointformatlist_length = 3; 1254 ssl->tlsext_ecpointformatlist_length = 3;
1255 1255
1256 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) { 1256 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1257 FAIL("server should need ECPointFormats\n"); 1257 FAIL("server should need ECPointFormats\n");
@@ -1296,9 +1296,9 @@ test_tlsext_ecpf_server(void)
1296 errx(1, "failed to create session"); 1296 errx(1, "failed to create session");
1297 1297
1298 /* Reset back to the default (uncompressed) */ 1298 /* Reset back to the default (uncompressed) */
1299 free(ssl->internal->tlsext_ecpointformatlist); 1299 free(ssl->tlsext_ecpointformatlist);
1300 ssl->internal->tlsext_ecpointformatlist = NULL; 1300 ssl->tlsext_ecpointformatlist = NULL;
1301 ssl->internal->tlsext_ecpointformatlist_length = 0; 1301 ssl->tlsext_ecpointformatlist_length = 0;
1302 1302
1303 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order, 1303 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order,
1304 sizeof(tlsext_ecpf_hello_prefer_order)); 1304 sizeof(tlsext_ecpf_hello_prefer_order));
@@ -1862,7 +1862,7 @@ test_tlsext_sni_client(void)
1862 goto err; 1862 goto err;
1863 } 1863 }
1864 1864
1865 ssl->internal->hit = 0; 1865 ssl->hit = 0;
1866 1866
1867 CBS_init(&cbs, tlsext_sni_client, sizeof(tlsext_sni_client)); 1867 CBS_init(&cbs, tlsext_sni_client, sizeof(tlsext_sni_client));
1868 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { 1868 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
@@ -1887,7 +1887,7 @@ test_tlsext_sni_client(void)
1887 goto err; 1887 goto err;
1888 } 1888 }
1889 1889
1890 ssl->internal->hit = 1; 1890 ssl->hit = 1;
1891 1891
1892 free(ssl->session->tlsext_hostname); 1892 free(ssl->session->tlsext_hostname);
1893 if ((ssl->session->tlsext_hostname = strdup("notthesame.libressl.org")) == 1893 if ((ssl->session->tlsext_hostname = strdup("notthesame.libressl.org")) ==
@@ -2413,7 +2413,7 @@ test_tlsext_ocsp_server(void)
2413 goto err; 2413 goto err;
2414 } 2414 }
2415 2415
2416 ssl->internal->tlsext_status_expected = 1; 2416 ssl->tlsext_status_expected = 1;
2417 2417
2418 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) { 2418 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2419 FAIL("server should need TLSEXT_TYPE_status_request\n"); 2419 FAIL("server should need TLSEXT_TYPE_status_request\n");
@@ -2616,8 +2616,8 @@ test_tlsext_sessionticket_client(void)
2616 * If you want to remove the tlsext_session_ticket behavior, you have 2616 * If you want to remove the tlsext_session_ticket behavior, you have
2617 * to do it manually. 2617 * to do it manually.
2618 */ 2618 */
2619 free(ssl->internal->tlsext_session_ticket); 2619 free(ssl->tlsext_session_ticket);
2620 ssl->internal->tlsext_session_ticket = NULL; 2620 ssl->tlsext_session_ticket = NULL;
2621 2621
2622 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) { 2622 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2623 FAIL("Should need a session ticket again when the custom one is removed\n"); 2623 FAIL("Should need a session ticket again when the custom one is removed\n");
@@ -2724,7 +2724,7 @@ test_tlsext_sessionticket_server(void)
2724 } 2724 }
2725 2725
2726 /* Set expected to require it. */ 2726 /* Set expected to require it. */
2727 ssl->internal->tlsext_ticket_expected = 1; 2727 ssl->tlsext_ticket_expected = 1;
2728 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) { 2728 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2729 FAIL("server should now be required for SessionTicket\n"); 2729 FAIL("server should now be required for SessionTicket\n");
2730 goto err; 2730 goto err;
@@ -2951,7 +2951,7 @@ test_tlsext_srtp_client(void)
2951 2951
2952 /* Make sure we can parse multiple profiles (selects server preferred) */ 2952 /* Make sure we can parse multiple profiles (selects server preferred) */
2953 2953
2954 ssl->internal->srtp_profile = NULL; 2954 ssl->srtp_profile = NULL;
2955 2955
2956 CBS_init(&cbs, tlsext_srtp_multiple, 2956 CBS_init(&cbs, tlsext_srtp_multiple,
2957 sizeof(tlsext_srtp_multiple)); 2957 sizeof(tlsext_srtp_multiple));
@@ -2982,7 +2982,7 @@ test_tlsext_srtp_client(void)
2982 * Make sure we can parse the clienthello with multiple entries 2982 * Make sure we can parse the clienthello with multiple entries
2983 * where one is unknown. 2983 * where one is unknown.
2984 */ 2984 */
2985 ssl->internal->srtp_profile = NULL; 2985 ssl->srtp_profile = NULL;
2986 2986
2987 CBS_init(&cbs, tlsext_srtp_multiple_one_valid, 2987 CBS_init(&cbs, tlsext_srtp_multiple_one_valid,
2988 sizeof(tlsext_srtp_multiple_one_valid)); 2988 sizeof(tlsext_srtp_multiple_one_valid));
@@ -3011,7 +3011,7 @@ test_tlsext_srtp_client(void)
3011 3011
3012 /* Make sure we fall back to negotiated when none work. */ 3012 /* Make sure we fall back to negotiated when none work. */
3013 3013
3014 ssl->internal->srtp_profile = NULL; 3014 ssl->srtp_profile = NULL;
3015 3015
3016 CBS_init(&cbs, tlsext_srtp_multiple_invalid, 3016 CBS_init(&cbs, tlsext_srtp_multiple_invalid,
3017 sizeof(tlsext_srtp_multiple_invalid)); 3017 sizeof(tlsext_srtp_multiple_invalid));
@@ -3085,7 +3085,7 @@ test_tlsext_srtp_server(void)
3085 FAIL("should be able to find the given profile\n"); 3085 FAIL("should be able to find the given profile\n");
3086 goto err; 3086 goto err;
3087 } 3087 }
3088 ssl->internal->srtp_profile = prof; 3088 ssl->srtp_profile = prof;
3089 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) { 3089 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3090 FAIL("server should need SRTP by now\n"); 3090 FAIL("server should need SRTP by now\n");
3091 goto err; 3091 goto err;
@@ -3122,7 +3122,7 @@ test_tlsext_srtp_server(void)
3122 data = NULL; 3122 data = NULL;
3123 3123
3124 /* Make sure we can parse the single profile. */ 3124 /* Make sure we can parse the single profile. */
3125 ssl->internal->srtp_profile = NULL; 3125 ssl->srtp_profile = NULL;
3126 3126
3127 if (SSL_get_selected_srtp_profile(ssl) != NULL) { 3127 if (SSL_get_selected_srtp_profile(ssl) != NULL) {
3128 FAIL("SRTP profile should not be set yet\n"); 3128 FAIL("SRTP profile should not be set yet\n");
@@ -3155,7 +3155,7 @@ test_tlsext_srtp_server(void)
3155 } 3155 }
3156 3156
3157 /* Make sure we cannot parse multiple profiles */ 3157 /* Make sure we cannot parse multiple profiles */
3158 ssl->internal->srtp_profile = NULL; 3158 ssl->srtp_profile = NULL;
3159 3159
3160 CBS_init(&cbs, tlsext_srtp_multiple, 3160 CBS_init(&cbs, tlsext_srtp_multiple,
3161 sizeof(tlsext_srtp_multiple)); 3161 sizeof(tlsext_srtp_multiple));
@@ -3165,7 +3165,7 @@ test_tlsext_srtp_server(void)
3165 } 3165 }
3166 3166
3167 /* Make sure we cannot parse a server with unknown profile */ 3167 /* Make sure we cannot parse a server with unknown profile */
3168 ssl->internal->srtp_profile = NULL; 3168 ssl->srtp_profile = NULL;
3169 3169
3170 CBS_init(&cbs, tlsext_srtp_single_invalid, 3170 CBS_init(&cbs, tlsext_srtp_single_invalid,
3171 sizeof(tlsext_srtp_single_invalid)); 3171 sizeof(tlsext_srtp_single_invalid));
@@ -3385,8 +3385,8 @@ test_tlsext_serverhello_build(void)
3385 ssl->s3->send_connection_binding = 1; 3385 ssl->s3->send_connection_binding = 1;
3386 ssl->s3->hs.cipher = 3386 ssl->s3->hs.cipher =
3387 ssl3_get_cipher_by_id(TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256); 3387 ssl3_get_cipher_by_id(TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256);
3388 ssl->internal->tlsext_status_expected = 1; 3388 ssl->tlsext_status_expected = 1;
3389 ssl->internal->tlsext_ticket_expected = 1; 3389 ssl->tlsext_ticket_expected = 1;
3390 if ((ssl->session->tlsext_ecpointformatlist = malloc(1)) == NULL) { 3390 if ((ssl->session->tlsext_ecpointformatlist = malloc(1)) == NULL) {
3391 FAIL("malloc failed"); 3391 FAIL("malloc failed");
3392 goto err; 3392 goto err;
diff --git a/src/regress/lib/libssl/unit/cipher_list.c b/src/regress/lib/libssl/unit/cipher_list.c
index 0623dd69eb..543db41c24 100644
--- a/src/regress/lib/libssl/unit/cipher_list.c
+++ b/src/regress/lib/libssl/unit/cipher_list.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cipher_list.c,v 1.11 2022/07/07 13:11:45 tb Exp $ */ 1/* $OpenBSD: cipher_list.c,v 1.12 2022/10/02 16:38:23 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org> 3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org> 4 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
@@ -129,7 +129,7 @@ ssl_list_to_bytes_no_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
129 buf[buflen - 1] = 0xab; 129 buf[buflen - 1] = 0xab;
130 130
131 /* Set renegotiate so it doesn't add SCSV */ 131 /* Set renegotiate so it doesn't add SCSV */
132 s->internal->renegotiate = 1; 132 s->renegotiate = 1;
133 133
134 CHECK(CBB_init_fixed(&cbb, buf, buflen)); 134 CHECK(CBB_init_fixed(&cbb, buf, buflen));
135 CHECK(ssl_cipher_list_to_bytes(s, *ciphers, &cbb)); 135 CHECK(ssl_cipher_list_to_bytes(s, *ciphers, &cbb));
diff --git a/src/regress/lib/libssl/unit/ssl_versions.c b/src/regress/lib/libssl/unit/ssl_versions.c
index 8a6360557f..e9bcecafe5 100644
--- a/src/regress/lib/libssl/unit/ssl_versions.c
+++ b/src/regress/lib/libssl/unit/ssl_versions.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_versions.c,v 1.17 2022/02/08 19:06:56 tb Exp $ */ 1/* $OpenBSD: ssl_versions.c,v 1.18 2022/10/02 16:38:23 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -214,8 +214,8 @@ test_ssl_enabled_version_range(void)
214 SSL_set_options(ssl, vrt->options); 214 SSL_set_options(ssl, vrt->options);
215 215
216 minver = maxver = 0xffff; 216 minver = maxver = 0xffff;
217 ssl->internal->min_tls_version = vrt->minver; 217 ssl->min_tls_version = vrt->minver;
218 ssl->internal->max_tls_version = vrt->maxver; 218 ssl->max_tls_version = vrt->maxver;
219 219
220 if (ssl_enabled_tls_version_range(ssl, &minver, &maxver) != 1) { 220 if (ssl_enabled_tls_version_range(ssl, &minver, &maxver) != 1) {
221 if (vrt->want_minver != 0 || vrt->want_maxver != 0) { 221 if (vrt->want_minver != 0 || vrt->want_maxver != 0) {
@@ -516,8 +516,8 @@ test_ssl_max_shared_version(void)
516 SSL_set_options(ssl, svt->options); 516 SSL_set_options(ssl, svt->options);
517 517
518 maxver = 0; 518 maxver = 0;
519 ssl->internal->min_tls_version = svt->minver; 519 ssl->min_tls_version = svt->minver;
520 ssl->internal->max_tls_version = svt->maxver; 520 ssl->max_tls_version = svt->maxver;
521 521
522 if (!ssl_max_shared_version(ssl, svt->peerver, &maxver)) { 522 if (!ssl_max_shared_version(ssl, svt->peerver, &maxver)) {
523 if (svt->want_maxver != 0) { 523 if (svt->want_maxver != 0) {
diff --git a/src/regress/lib/libssl/unit/tls_ext_alpn.c b/src/regress/lib/libssl/unit/tls_ext_alpn.c
index 378929aa5b..f0e4894557 100644
--- a/src/regress/lib/libssl/unit/tls_ext_alpn.c
+++ b/src/regress/lib/libssl/unit/tls_ext_alpn.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls_ext_alpn.c,v 1.7 2020/07/03 04:14:10 tb Exp $ */ 1/* $OpenBSD: tls_ext_alpn.c,v 1.8 2022/10/02 16:38:23 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org> 3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 * 4 *
@@ -344,8 +344,8 @@ check_valid_alpn(SSL *s)
344 SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL); 344 SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL);
345 345
346 /* Prerequisites to test these. */ 346 /* Prerequisites to test these. */
347 CHECK(s->internal->alpn_client_proto_list != NULL); 347 CHECK(s->alpn_client_proto_list != NULL);
348 CHECK(s->ctx->internal->alpn_select_cb != NULL); 348 CHECK(s->ctx->alpn_select_cb != NULL);
349 //CHECK(s->s3->tmp.finish_md_len == 0); 349 //CHECK(s->s3->tmp.finish_md_len == 0);
350 350
351 CHECK_BOTH(1, 1, proto_single); 351 CHECK_BOTH(1, 1, proto_single);
@@ -376,8 +376,8 @@ check_invalid_alpn(SSL *s)
376 SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL); 376 SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL);
377 377
378 /* Prerequisites to test these. */ 378 /* Prerequisites to test these. */
379 CHECK(s->internal->alpn_client_proto_list != NULL); 379 CHECK(s->alpn_client_proto_list != NULL);
380 CHECK(s->ctx->internal->alpn_select_cb != NULL); 380 CHECK(s->ctx->alpn_select_cb != NULL);
381 //CHECK(s->s3->tmp.finish_md_len == 0); 381 //CHECK(s->s3->tmp.finish_md_len == 0);
382 382
383 /* None of these are valid for client or server */ 383 /* None of these are valid for client or server */
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 06:29:33 +0000