Add cert callback retry test.

(cherry picked from commit 3323314fc1c6d18e650a2de97f7cf9892ac92a60)
2014-01-26 00:51:09 +00:00 · 2014-01-26 00:51:09 +00:00 · 285f7fb0f9
commit 285f7fb0f9
parent ede90b1121
2 changed files with 19 additions and 0 deletions
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@ -1264,6 +1264,16 @@ static int set_cert_cb(SSL *ssl, void *arg)
 	{
 	int i, rv;
 	SSL_EXCERT *exc = arg;
+#ifdef CERT_CB_TEST_RETRY
+	static int retry_cnt;
+	if (retry_cnt < 5)
+		{
+		retry_cnt++;
+		fprintf(stderr, "Certificate callback retry test: count %d\n",
+								retry_cnt);
+		return -1;
+		}
+#endif
 	SSL_certs_clear(ssl);

 	if (!exc)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@ -2610,6 +2610,15 @@ static int init_ssl_connection(SSL *con)


 	i=SSL_accept(con);
+#ifdef CERT_CB_TEST_RETRY
+	{
+	while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP && SSL_state(con) == SSL3_ST_SR_CLNT_HELLO_C) 
+		{
+		fprintf(stderr, "LOOKUP from certificate callback during accept\n");
+		i=SSL_accept(con);
+		}
+	}
+#endif
 #ifndef OPENSSL_NO_SRP
 	while (i <= 0 &&  SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 
 		{