From 07a9a56fff0ae704b66e2fd29c7e613448d5cd10 Mon Sep 17 00:00:00 2001 From: tb <> Date: Tue, 11 Jul 2023 10:09:47 +0000 Subject: Neuter expected server test failures with SSLv2 This test should either be extended or retired. As it is it is useless. --- src/regress/lib/libssl/server/servertest.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'src/regress/lib/libssl/server/servertest.c') diff --git a/src/regress/lib/libssl/server/servertest.c b/src/regress/lib/libssl/server/servertest.c index 3367836dbd..f13b260103 100644 --- a/src/regress/lib/libssl/server/servertest.c +++ b/src/regress/lib/libssl/server/servertest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servertest.c,v 1.7 2022/06/10 22:00:15 tb Exp $ */ +/* $OpenBSD: servertest.c,v 1.8 2023/07/11 10:09:47 tb Exp $ */ /* * Copyright (c) 2015, 2016, 2017 Joel Sing * @@ -84,6 +84,7 @@ struct server_hello_test { const SSL_METHOD *(*ssl_method)(void); const long ssl_clear_options; const long ssl_set_options; + int accept_fails; }; static struct server_hello_test server_hello_tests[] = { @@ -94,6 +95,7 @@ static struct server_hello_test server_hello_tests[] = { .ssl_method = tls_legacy_method, .ssl_clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1, .ssl_set_options = 0, + .accept_fails = 1, }, { .desc = "TLSv1.2 in SSLv2 record", @@ -102,6 +104,7 @@ static struct server_hello_test server_hello_tests[] = { .ssl_method = tls_legacy_method, .ssl_clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1, .ssl_set_options = 0, + .accept_fails = 1, }, }; @@ -160,6 +163,8 @@ server_hello_test(int testno, struct server_hello_test *sht) SSL_set_bio(ssl, rbio, wbio); if (SSL_accept(ssl) != 0) { + if (sht->accept_fails) + ret = 0; fprintf(stderr, "SSL_accept() returned non-zero\n"); ERR_print_errors_fp(stderr); goto failure; -- cgit v1.2.3-55-g6feb