From: Matt Caswell Date: Mon, 22 Jun 2020 15:02:12 +0000 (+0100) Subject: Ensure the sslcorrupttest checks all errors on the queue X-Git-Tag: openssl-3.0.0-alpha5~71 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=09ce6e0854b9dee49a25662e1aaaa869b2afc2a1;p=thirdparty%2Fopenssl.git Ensure the sslcorrupttest checks all errors on the queue sslcorrupttest was looking for a "decryption failed or bad record mac" error in the queue. However if there were multiple errors on the queue then it would fail to find it. We modify the test to check all errors. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/12288) --- diff --git a/test/sslcorrupttest.c b/test/sslcorrupttest.c index 476a1758adb..641ecf331de 100644 --- a/test/sslcorrupttest.c +++ b/test/sslcorrupttest.c @@ -190,9 +190,12 @@ static int test_ssl_corrupt(int testidx) int testresult = 0; STACK_OF(SSL_CIPHER) *ciphers; const SSL_CIPHER *currcipher; + int err; docorrupt = 0; + ERR_clear_error(); + TEST_info("Starting #%d, %s", testidx, cipher_list[testidx]); if (!TEST_true(create_ssl_ctx_pair(NULL, TLS_server_method(), @@ -234,9 +237,14 @@ static int test_ssl_corrupt(int testidx) if (!TEST_int_lt(SSL_read(server, junk, sizeof(junk)), 0)) goto end; - if (!TEST_int_eq(ERR_GET_REASON(ERR_peek_error()), - SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC)) - goto end; + do { + err = ERR_get_error(); + + if (err == 0) { + TEST_error("Decryption failed or bad record MAC not seen"); + goto end; + } + } while (ERR_GET_REASON(err) != SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC); testresult = 1; end: