diff options
author | Kevin Jacobs <kjacobs@mozilla.com> | 2020-06-11 19:40:35 +0000 |
---|---|---|
committer | Kevin Jacobs <kjacobs@mozilla.com> | 2020-06-11 19:40:35 +0000 |
commit | c516c28ba9ef0f4ff9c0cb46694c7e268d448f55 (patch) | |
tree | 0d3ba185305413c59bce6b8683a281aa240fe140 | |
parent | 6bd9c7b86e88e13cac6086c62e93ffaade158751 (diff) | |
download | nss-hg-c516c28ba9ef0f4ff9c0cb46694c7e268d448f55.tar.gz |
Bug 1644774 - Use ClearServerCache instead of SSLInt_ClearSelfEncryptKey for ticket invalidation. r=mt
Differential Revision: https://phabricator.services.mozilla.com/D79156
-rw-r--r-- | gtests/ssl_gtest/libssl_internals.c | 2 | ||||
-rw-r--r-- | gtests/ssl_gtest/ssl_resumption_unittest.cc | 6 |
2 files changed, 5 insertions, 3 deletions
diff --git a/gtests/ssl_gtest/libssl_internals.c b/gtests/ssl_gtest/libssl_internals.c index 9018f4df8..30b169edd 100644 --- a/gtests/ssl_gtest/libssl_internals.c +++ b/gtests/ssl_gtest/libssl_internals.c @@ -145,6 +145,8 @@ PRBool SSLInt_ExtensionNegotiated(PRFileDesc *fd, PRUint16 ext) { return (PRBool)(ss && ssl3_ExtensionNegotiated(ss, ext)); } +// Tests should not use this function directly, because the keys may +// still be in cache. Instead, use TlsConnectTestBase::ClearServerCache. void SSLInt_ClearSelfEncryptKey() { ssl_ResetSelfEncryptKeys(); } sslSelfEncryptKeys *ssl_GetSelfEncryptKeysInt(); diff --git a/gtests/ssl_gtest/ssl_resumption_unittest.cc b/gtests/ssl_gtest/ssl_resumption_unittest.cc index a94fed17f..c41240d8e 100644 --- a/gtests/ssl_gtest/ssl_resumption_unittest.cc +++ b/gtests/ssl_gtest/ssl_resumption_unittest.cc @@ -837,7 +837,7 @@ TEST_F(TlsConnectTest, TestTls13ResumptionDuplicateNST) { Connect(); // Clear the session ticket keys to invalidate the old ticket. - SSLInt_ClearSelfEncryptKey(); + ClearServerCache(); EXPECT_EQ(SECSuccess, SSL_SendSessionTicket(server_->ssl_fd(), NULL, 0)); SendReceive(); // Need to read so that we absorb the session tickets. @@ -885,7 +885,7 @@ TEST_F(TlsConnectTest, TestTls13ResumptionDuplicateNSTWithToken) { Connect(); // Clear the session ticket keys to invalidate the old ticket. - SSLInt_ClearSelfEncryptKey(); + ClearServerCache(); nst_capture->Reset(); uint8_t token[] = {0x20, 0x20, 0xff, 0x00}; EXPECT_EQ(SECSuccess, @@ -967,7 +967,7 @@ TEST_F(TlsConnectTest, SendTicketAfterResumption) { nst_capture->EnableDecryption(); Connect(); - SSLInt_ClearSelfEncryptKey(); + ClearServerCache(); EXPECT_EQ(SECSuccess, SSL_SendSessionTicket(server_->ssl_fd(), NULL, 0)); SendReceive(); |