diff options
| author | Steven Fackler <[email protected]> | 2018-02-14 19:36:11 -0800 |
|---|---|---|
| committer | Steven Fackler <[email protected]> | 2018-02-14 19:36:11 -0800 |
| commit | e8fd63bae3556bc7cf4fcf6588407f165a475655 (patch) | |
| tree | fe09e408edb9041148de47c0ccf1399d3da875bc /openssl/src | |
| parent | OpenSSL 1.1.1 support (diff) | |
| download | rust-openssl-e8fd63bae3556bc7cf4fcf6588407f165a475655.tar.xz rust-openssl-e8fd63bae3556bc7cf4fcf6588407f165a475655.zip | |
Fix tests for TLS 1.3
Google yells at you when using TLS 1.3 without SNI by sending a bogus
self-signed cert!
Diffstat (limited to 'openssl/src')
| -rw-r--r-- | openssl/src/ssl/test.rs | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/openssl/src/ssl/test.rs b/openssl/src/ssl/test.rs index 938b6f32..765d3044 100644 --- a/openssl/src/ssl/test.rs +++ b/openssl/src/ssl/test.rs @@ -763,8 +763,11 @@ fn default_verify_paths() { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); ctx.set_default_verify_paths().unwrap(); ctx.set_verify(SslVerifyMode::PEER); + let ctx = ctx.build(); let s = TcpStream::connect("google.com:443").unwrap(); - let mut socket = Ssl::new(&ctx.build()).unwrap().connect(s).unwrap(); + let mut ssl = Ssl::new(&ctx).unwrap(); + ssl.set_hostname("google.com").unwrap(); + let mut socket = ssl.connect(s).unwrap(); socket.write_all(b"GET / HTTP/1.0\r\n\r\n").unwrap(); let mut result = vec![]; @@ -794,6 +797,7 @@ fn verify_valid_hostname() { ssl.param_mut() .set_hostflags(X509CheckFlags::NO_PARTIAL_WILDCARDS); ssl.param_mut().set_host("google.com").unwrap(); + ssl.set_hostname("google.com").unwrap(); let s = TcpStream::connect("google.com:443").unwrap(); let mut socket = ssl.connect(s).unwrap(); @@ -855,7 +859,6 @@ fn connector_invalid_no_hostname_verification() { connector .configure() .unwrap() - .use_server_name_indication(false) .verify_hostname(false) .connect("foobar.com", s) .unwrap(); |