From: Matt Caswell <matt@openssl.org>
Date: Wed, 23 Feb 2022 11:16:07 +0000 (+0000)
Subject: Fix a failure in sslapitest
X-Git-Tag: openssl-3.2.0-alpha1~2917
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7e1eda483ec9ead36c05066b45ecad618475544c;p=thirdparty%2Fopenssl.git

Fix a failure in sslapitest

The SNI test in test_cert_cb_int() was always failing because it used
SSL_CTX_new() instead of SSL_CTX_new_ex() and was therefore not using the
correct libctx. PR #17739 amended the test to check the return value from
SSL_CTX_new() which made the failure obvious.

Fixes #17757

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17758)
---

diff --git a/test/sslapitest.c b/test/sslapitest.c
index 8ba5d8125c8..0c6a5e14c1d 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -8091,7 +8091,7 @@ static int test_cert_cb_int(int prot, int tst)
         cert_cb_cnt = 0;
 
     if (tst == 2) {
-        snictx = SSL_CTX_new(TLS_server_method());
+        snictx = SSL_CTX_new_ex(libctx, NULL, TLS_server_method());
         if (!TEST_ptr(snictx))
             goto end;
     }