]> git.saurik.com Git - apple/security.git/blobdiff - OSX/libsecurity_ssl/regressions/ssl-44-crashes.c
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-58286.260.20.tar.gz
[apple/security.git] / OSX / libsecurity_ssl / regressions / ssl-44-crashes.c
diff --git a/OSX/libsecurity_ssl/regressions/ssl-44-crashes.c b/OSX/libsecurity_ssl/regressions/ssl-44-crashes.c
index dda31178e5f38a4576817cec188fe35fd489711c..03e1fe9549bdef1f3d184d98474a1f37bc871deb 100644 (file)
--- a/OSX/libsecurity_ssl/regressions/ssl-44-crashes.c
+++ b/OSX/libsecurity_ssl/regressions/ssl-44-crashes.c
@@ -206,7 +206,7 @@ static void *securetransport_ssl_thread(void *arg)
     unsigned char ibuf[8], obuf[8];
     size_t len;
     if (ssl->is_server) {
     unsigned char ibuf[8], obuf[8];
     size_t len;
     if (ssl->is_server) {
-        SecRandomCopyBytes(kSecRandomDefault, sizeof(obuf), obuf);
+        require_action_quiet(errSecSuccess==SecRandomCopyBytes(kSecRandomDefault, sizeof(obuf), obuf), out, ortn = -1);
         require_noerr_quiet(ortn = SSLWrite(ctx, obuf, sizeof(obuf), &len), out);
         require_action_quiet(len == sizeof(obuf), out, ortn = -1);
     } else {
         require_noerr_quiet(ortn = SSLWrite(ctx, obuf, sizeof(obuf), &len), out);
         require_action_quiet(len == sizeof(obuf), out, ortn = -1);
     } else {
@@ -292,21 +292,13 @@ tests(void)
         pthread_create(&client_thread, NULL, securetransport_ssl_thread, client);
         pthread_create(&server_thread, NULL, securetransport_ssl_thread, server);
 
         pthread_create(&client_thread, NULL, securetransport_ssl_thread, client);
         pthread_create(&server_thread, NULL, securetransport_ssl_thread, server);
 
-        int server_err, client_err;
+        intptr_t server_err, client_err;
         pthread_join(client_thread, (void*)&client_err);
         pthread_join(server_thread, (void*)&server_err);
 
         pthread_join(client_thread, (void*)&client_err);
         pthread_join(server_thread, (void*)&server_err);
 
-        // errors expected for TARGET_OS_IPHONE implementation
-        int expected_client_error3 = errSSLBadCert;
-        int expected_server_error3 = errSSLClosedGraceful;
-
-        // allow OS X errors if we are not yet using unified SecTrust
-        if (server_err == errSSLProtocol) { expected_server_error3 = errSSLProtocol; }
-        if (client_err == errSSLIllegalParam) { expected_client_error3 = errSSLIllegalParam; }
-
-        ok(server_err==((i==3)?expected_server_error3:0), "Server error = %d (i=%d)", server_err, i);
-        /* tests 0/1 should cause errSSLClosedAbort, 2 should cause errSSLBadRecordMac, 3 should cause errSSLBadCert */
-        ok(client_err==((i==3)?expected_client_error3:(i==2)?errSSLBadRecordMac:errSSLClosedAbort), "Client error = %d (i=%d)", client_err, i);
+        ok(server_err==((i==3)?errSSLPeerCertUnknown:0), "Server error = %zu (i=%d)", server_err, i);
+        /* tests 0/1 should cause errSSLClosedAbort, 2 should cause errSSLBadRecordMac, 3 should cause errSSLXCertChainInvalid */
+        ok(client_err==((i==3)?errSSLXCertChainInvalid:(i==2)?errSSLBadRecordMac:errSSLClosedAbort), "Client error = %zu (i=%d)", client_err, i);
 
 out:
         free(client);
 
 out:
         free(client);
mirror of Security