X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..07691282a056c4efea71e1e505527601e8cc166b:/OSX/libsecurity_ssl/regressions/ssl-44-crashes.c

diff --git a/OSX/libsecurity_ssl/regressions/ssl-44-crashes.c b/OSX/libsecurity_ssl/regressions/ssl-44-crashes.c
index dda31178..03e1fe95 100644
--- a/OSX/libsecurity_ssl/regressions/ssl-44-crashes.c
+++ b/OSX/libsecurity_ssl/regressions/ssl-44-crashes.c
@@ -206,7 +206,7 @@ static void *securetransport_ssl_thread(void *arg)
     unsigned char ibuf[8], obuf[8];
     size_t len;
     if (ssl->is_server) {
-        SecRandomCopyBytes(kSecRandomDefault, sizeof(obuf), obuf);
+        require_action_quiet(errSecSuccess==SecRandomCopyBytes(kSecRandomDefault, sizeof(obuf), obuf), out, ortn = -1);
         require_noerr_quiet(ortn = SSLWrite(ctx, obuf, sizeof(obuf), &len), out);
         require_action_quiet(len == sizeof(obuf), out, ortn = -1);
     } else {
@@ -292,21 +292,13 @@ tests(void)
         pthread_create(&client_thread, NULL, securetransport_ssl_thread, client);
         pthread_create(&server_thread, NULL, securetransport_ssl_thread, server);
 
-        int server_err, client_err;
+        intptr_t server_err, client_err;
         pthread_join(client_thread, (void*)&client_err);
         pthread_join(server_thread, (void*)&server_err);
 
-        // errors expected for TARGET_OS_IPHONE implementation
-        int expected_client_error3 = errSSLBadCert;
-        int expected_server_error3 = errSSLClosedGraceful;
-
-        // allow OS X errors if we are not yet using unified SecTrust
-        if (server_err == errSSLProtocol) { expected_server_error3 = errSSLProtocol; }
-        if (client_err == errSSLIllegalParam) { expected_client_error3 = errSSLIllegalParam; }
-
-        ok(server_err==((i==3)?expected_server_error3:0), "Server error = %d (i=%d)", server_err, i);
-        /* tests 0/1 should cause errSSLClosedAbort, 2 should cause errSSLBadRecordMac, 3 should cause errSSLBadCert */
-        ok(client_err==((i==3)?expected_client_error3:(i==2)?errSSLBadRecordMac:errSSLClosedAbort), "Client error = %d (i=%d)", client_err, i);
+        ok(server_err==((i==3)?errSSLPeerCertUnknown:0), "Server error = %zu (i=%d)", server_err, i);
+        /* tests 0/1 should cause errSSLClosedAbort, 2 should cause errSSLBadRecordMac, 3 should cause errSSLXCertChainInvalid */
+        ok(client_err==((i==3)?errSSLXCertChainInvalid:(i==2)?errSSLBadRecordMac:errSSLClosedAbort), "Client error = %zu (i=%d)", client_err, i);
 
 out:
         free(client);