commit f15b50c4cb6a5d36a3789863035d8b795378280c
author Dr. Stephen Henson <steve@openssl.org> Fri Mar 31 22:35:28 2017 +0100
committer Dr. Stephen Henson <steve@openssl.org> Mon Apr 03 23:47:22 2017 +0100
tree a447642f184a7e491daa14bd464673f3949b808b
parent 86135bedd52124aa8410847169f7a25c055b3bec

Add ExpectedServerCANames

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3015)

test/handshake_helper.c

diff --git a/test/handshake_helper.c b/test/handshake_helper.c
index 4bccac1..47af3fe 100644
--- a/test/handshake_helper.c
+++ b/test/handshake_helper.c
@@ -34,6 +34,7 @@
     OPENSSL_free(result->server_npn_negotiated);
     OPENSSL_free(result->client_alpn_negotiated);
     OPENSSL_free(result->server_alpn_negotiated);
+    sk_X509_NAME_pop_free(result->server_ca_names, X509_NAME_free);
     sk_X509_NAME_pop_free(result->client_ca_names, X509_NAME_free);
     OPENSSL_free(result);
 }
@@ -1123,7 +1124,7 @@
     /* API dictates unsigned int rather than size_t. */
     unsigned int proto_len = 0;
     EVP_PKEY *tmp_key;
-    STACK_OF(X509_NAME) *names;
+    const STACK_OF(X509_NAME) *names;
 
     memset(&server_ctx_data, 0, sizeof(server_ctx_data));
     memset(&server2_ctx_data, 0, sizeof(server2_ctx_data));
@@ -1297,12 +1298,18 @@
     SSL_get_peer_signature_type_nid(client.ssl, &ret->server_sign_type);
     SSL_get_peer_signature_type_nid(server.ssl, &ret->client_sign_type);
 
-    names = SSL_get_client_CA_list(client.ssl);
+    names = SSL_get0_peer_CA_list(client.ssl);
     if (names == NULL)
         ret->client_ca_names = NULL;
     else
         ret->client_ca_names = SSL_dup_CA_list(names);
 
+    names = SSL_get0_peer_CA_list(server.ssl);
+    if (names == NULL)
+        ret->server_ca_names = NULL;
+    else
+        ret->server_ca_names = SSL_dup_CA_list(names);
+
     ret->server_cert_type = peer_pkey_type(client.ssl);
     ret->client_cert_type = peer_pkey_type(server.ssl);