|
 |
6309f8 |
From 84a3bc6c273977bcd4b709e0d9a3d9fcdd58e36d Mon Sep 17 00:00:00 2001
|
|
|
6309f8 |
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
|
|
|
6309f8 |
Date: Fri, 17 Aug 2018 14:46:33 +0200
|
|
|
6309f8 |
Subject: [PATCH] Do two-way shutdown in t/sni_verify.t
|
|
|
6309f8 |
MIME-Version: 1.0
|
|
|
6309f8 |
Content-Type: text/plain; charset=UTF-8
|
|
|
6309f8 |
Content-Transfer-Encoding: 8bit
|
|
|
6309f8 |
|
|
|
6309f8 |
OpenSSL 1.1.1-pre7 sigipipes TLSv1.3 server if client does not
|
|
|
6309f8 |
shutdown TLS properly.
|
|
|
6309f8 |
<https://github.com/openssl/openssl/issues/6904>
|
|
|
6309f8 |
|
|
|
6309f8 |
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
|
|
6309f8 |
---
|
|
|
6309f8 |
t/sni_verify.t | 10 ++++++++++
|
|
|
6309f8 |
1 file changed, 10 insertions(+)
|
|
|
6309f8 |
|
|
|
6309f8 |
diff --git a/t/sni_verify.t b/t/sni_verify.t
|
|
|
6309f8 |
index b3b299b..b5ac4bd 100644
|
|
|
6309f8 |
--- a/t/sni_verify.t
|
|
|
6309f8 |
+++ b/t/sni_verify.t
|
|
|
6309f8 |
@@ -71,6 +71,13 @@ if ( $pid == 0 ) {
|
|
|
6309f8 |
|
|
|
6309f8 |
$client->verify_hostname($host,'http') or print "not ";
|
|
|
6309f8 |
print "ok # client verify hostname in cert $host\n";
|
|
|
6309f8 |
+
|
|
|
6309f8 |
+ if ($client) {
|
|
|
6309f8 |
+ # Shutdown TLS properly. Otherwise TLSv1.3 server will receive SIGPIPE
|
|
|
6309f8 |
+ # in SSL_accept() and dies.
|
|
|
6309f8 |
+ # <https://github.com/openssl/openssl/issues/6904>.
|
|
|
6309f8 |
+ $client->close('SSL_fast_shutdown' => 0);
|
|
|
6309f8 |
+ }
|
|
|
6309f8 |
}
|
|
|
6309f8 |
exit;
|
|
|
6309f8 |
}
|
|
|
6309f8 |
@@ -81,5 +88,8 @@ for my $host (@tests) {
|
|
|
6309f8 |
my $name = $csock->get_servername;
|
|
|
6309f8 |
print "not " if ! $name or $name ne $host;
|
|
|
6309f8 |
print "ok # server got SNI name $host\n";
|
|
|
6309f8 |
+ if ($csock) {
|
|
|
6309f8 |
+ $csock->close('SSL_fast_shutdown' => 0);
|
|
|
6309f8 |
+ }
|
|
|
6309f8 |
}
|
|
|
6309f8 |
wait;
|
|
|
6309f8 |
--
|
|
|
6309f8 |
2.14.4
|
|
|
6309f8 |
|