diff options
author | Tomas Mraz <tomas@openssl.org> | 2024-05-02 15:58:11 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-05-09 09:20:58 +0200 |
commit | 3e191f487907a474b6bd6e497043d1560972e7d7 (patch) | |
tree | 0946aa3bd87fc26fd5b7f8272ca7d89249ac7287 /test | |
parent | 64bfdebdc049ee2ad5ca6456b87abbd67e6d5479 (diff) | |
download | openssl-3e191f487907a474b6bd6e497043d1560972e7d7.zip openssl-3e191f487907a474b6bd6e497043d1560972e7d7.tar.gz openssl-3e191f487907a474b6bd6e497043d1560972e7d7.tar.bz2 |
Add tests for conf_diagnostics
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24275)
Diffstat (limited to 'test')
-rw-r--r-- | test/context_internal_test.c | 28 | ||||
-rw-r--r-- | test/recipes/90-test_sysdefault.t | 14 | ||||
-rw-r--r-- | test/recipes/90-test_sysdefault_data/sysdefault-bad.cnf (renamed from test/sysdefault.cnf) | 0 | ||||
-rw-r--r-- | test/recipes/90-test_sysdefault_data/sysdefault-ignore.cnf | 23 | ||||
-rw-r--r-- | test/recipes/90-test_sysdefault_data/sysdefault.cnf | 23 |
5 files changed, 85 insertions, 3 deletions
diff --git a/test/context_internal_test.c b/test/context_internal_test.c index 8fea53f..c829d81 100644 --- a/test/context_internal_test.c +++ b/test/context_internal_test.c @@ -48,8 +48,36 @@ static int test_set0_default(void) return testresult; } +static int test_set_get_conf_diagnostics(void) +{ + OSSL_LIB_CTX *ctx = OSSL_LIB_CTX_new(); + int res = 0; + + if (!TEST_ptr(ctx)) + goto err; + + if (!TEST_false(OSSL_LIB_CTX_get_conf_diagnostics(ctx))) + goto err; + + OSSL_LIB_CTX_set_conf_diagnostics(ctx, 1); + + if (!TEST_true(OSSL_LIB_CTX_get_conf_diagnostics(ctx))) + goto err; + + OSSL_LIB_CTX_set_conf_diagnostics(ctx, 0); + + if (!TEST_false(OSSL_LIB_CTX_get_conf_diagnostics(ctx))) + goto err; + + res = 1; + err: + OSSL_LIB_CTX_free(ctx); + return res; +} + int setup_tests(void) { ADD_TEST(test_set0_default); + ADD_TEST(test_set_get_conf_diagnostics); return 1; } diff --git a/test/recipes/90-test_sysdefault.t b/test/recipes/90-test_sysdefault.t index 308a592..6984bc1 100644 --- a/test/recipes/90-test_sysdefault.t +++ b/test/recipes/90-test_sysdefault.t @@ -8,7 +8,7 @@ use OpenSSL::Test::Utils; -use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test qw/:DEFAULT data_file/; my $test_name = "test_sysdefault"; setup($test_name); @@ -16,8 +16,16 @@ setup($test_name); plan skip_all => "$test_name is not supported in this build" if disabled("tls1_2") || disabled("rsa"); -plan tests => 1; +plan tests => 3; -$ENV{OPENSSL_CONF} = srctop_file("test", "sysdefault.cnf"); +$ENV{OPENSSL_CONF} = data_file("sysdefault.cnf"); + +ok(run(test(["sysdefaulttest"])), "sysdefaulttest"); + +$ENV{OPENSSL_CONF} = data_file("sysdefault-bad.cnf"); + +ok(!run(test(["sysdefaulttest"])), "sysdefaulttest"); + +$ENV{OPENSSL_CONF} = data_file("sysdefault-ignore.cnf"); ok(run(test(["sysdefaulttest"])), "sysdefaulttest"); diff --git a/test/sysdefault.cnf b/test/recipes/90-test_sysdefault_data/sysdefault-bad.cnf index 1c89150..1c89150 100644 --- a/test/sysdefault.cnf +++ b/test/recipes/90-test_sysdefault_data/sysdefault-bad.cnf diff --git a/test/recipes/90-test_sysdefault_data/sysdefault-ignore.cnf b/test/recipes/90-test_sysdefault_data/sysdefault-ignore.cnf new file mode 100644 index 0000000..2b04caf --- /dev/null +++ b/test/recipes/90-test_sysdefault_data/sysdefault-ignore.cnf @@ -0,0 +1,23 @@ +# Configuration file to test system default SSL configuration + +# We ignore configuration errors with config_diagnostics unset +# config_diagnostics = 1 + +openssl_conf = default_conf + +[ default_conf ] + +ssl_conf = ssl_sect +oid_section = oid_sect + +[oid_sect] +new-sig-oid = 1.1.1.1.1.1.1.1.1.1.1.1.1.1 + +[ssl_sect] + +system_default = ssl_default_sect + +[ssl_default_sect] +SignatureAlgorithms = RSA+SHA256:nonex +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 diff --git a/test/recipes/90-test_sysdefault_data/sysdefault.cnf b/test/recipes/90-test_sysdefault_data/sysdefault.cnf new file mode 100644 index 0000000..f2cfa10 --- /dev/null +++ b/test/recipes/90-test_sysdefault_data/sysdefault.cnf @@ -0,0 +1,23 @@ +# Configuration file to test system default SSL configuration + +# Comment out the next line to ignore configuration errors +config_diagnostics = 1 + +openssl_conf = default_conf + +[ default_conf ] + +ssl_conf = ssl_sect +oid_section = oid_sect + +[oid_sect] +new-sig-oid = 1.1.1.1.1.1.1.1.1.1.1.1.1.1 + +[ssl_sect] + +system_default = ssl_default_sect + +[ssl_default_sect] +SignatureAlgorithms = RSA+SHA256:?nonex +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 |