From e8fd63bae3556bc7cf4fcf6588407f165a475655 Mon Sep 17 00:00:00 2001
From: Steven Fackler <sfackler@gmail.com>
Date: Wed, 14 Feb 2018 19:36:11 -0800
Subject: Fix tests for TLS 1.3

Google yells at you when using TLS 1.3 without SNI by sending a bogus
self-signed cert!
---
 openssl/src/ssl/test.rs | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'openssl/src')

diff --git a/openssl/src/ssl/test.rs b/openssl/src/ssl/test.rs
index 938b6f32..765d3044 100644
--- a/openssl/src/ssl/test.rs
+++ b/openssl/src/ssl/test.rs
@@ -763,8 +763,11 @@ fn default_verify_paths() {
     let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
     ctx.set_default_verify_paths().unwrap();
     ctx.set_verify(SslVerifyMode::PEER);
+    let ctx = ctx.build();
     let s = TcpStream::connect("google.com:443").unwrap();
-    let mut socket = Ssl::new(&ctx.build()).unwrap().connect(s).unwrap();
+    let mut ssl = Ssl::new(&ctx).unwrap();
+    ssl.set_hostname("google.com").unwrap();
+    let mut socket = ssl.connect(s).unwrap();
 
     socket.write_all(b"GET / HTTP/1.0\r\n\r\n").unwrap();
     let mut result = vec![];
@@ -794,6 +797,7 @@ fn verify_valid_hostname() {
     ssl.param_mut()
         .set_hostflags(X509CheckFlags::NO_PARTIAL_WILDCARDS);
     ssl.param_mut().set_host("google.com").unwrap();
+    ssl.set_hostname("google.com").unwrap();
 
     let s = TcpStream::connect("google.com:443").unwrap();
     let mut socket = ssl.connect(s).unwrap();
@@ -855,7 +859,6 @@ fn connector_invalid_no_hostname_verification() {
     connector
         .configure()
         .unwrap()
-        .use_server_name_indication(false)
         .verify_hostname(false)
         .connect("foobar.com", s)
         .unwrap();
-- 
cgit v1.2.3