Add cert callback retry test.

3323314f · Dr. Stephen Henson · 46ab9bbd · 3323314f · 3323314f
隐藏空白更改
内联并排

Showing with 19 addition and 0 deletion

apps/s_cb.c apps/s_cb.c +10 -0

apps/s_server.c apps/s_server.c +9 -0

未找到文件。
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -1272,6 +1272,16 @@ static int set_cert_cb(SSL *ssl, void *arg)
 	{
 	int i, rv;
 	SSL_EXCERT *exc = arg;
+#ifdef CERT_CB_TEST_RETRY
+	static int retry_cnt;
+	if (retry_cnt < 5)
+		{
+		retry_cnt++;
+		fprintf(stderr, "Certificate callback retry test: count %d\n",
+								retry_cnt);
+		return -1;
+		}
+#endif
 	SSL_certs_clear(ssl);

 	if (!exc)

--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2668,6 +2668,15 @@ static int init_ssl_connection(SSL *con)


 	i=SSL_accept(con);
+#ifdef CERT_CB_TEST_RETRY
+	{
+	while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP && SSL_state(con) == SSL3_ST_SR_CLNT_HELLO_C) 
+		{
+		fprintf(stderr, "LOOKUP from certificate callback during accept\n");
+		i=SSL_accept(con);
+		}
+	}
+#endif
 #ifndef OPENSSL_NO_SRP
 	while (i <= 0 &&  SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 
 		{