diff options
Diffstat (limited to 'nss/cmd/libpkix/pkix/top/test_buildchain_resourcelimits.c')
-rw-r--r-- | nss/cmd/libpkix/pkix/top/test_buildchain_resourcelimits.c | 703 |
1 files changed, 322 insertions, 381 deletions
diff --git a/nss/cmd/libpkix/pkix/top/test_buildchain_resourcelimits.c b/nss/cmd/libpkix/pkix/top/test_buildchain_resourcelimits.c index 065a5f8..1b28435 100644 --- a/nss/cmd/libpkix/pkix/top/test_buildchain_resourcelimits.c +++ b/nss/cmd/libpkix/pkix/top/test_buildchain_resourcelimits.c @@ -11,7 +11,7 @@ #include "testutil.h" #include "testutil_nss.h" -#define PKIX_TESTUSERCHECKER_TYPE (PKIX_NUMTYPES+30) +#define PKIX_TESTUSERCHECKER_TYPE (PKIX_NUMTYPES + 30) static void *plContext = NULL; static PKIX_Boolean usebind = PKIX_FALSE; @@ -19,255 +19,237 @@ static PKIX_Boolean useLDAP = PKIX_FALSE; static char buf[PR_NETDB_BUF_SIZE]; static char *serverName = NULL; -static void printUsage(void) { - (void) printf("\nUSAGE:\ttest_buildchain_resourcelimits [-arenas] " - "[usebind] servername[:port]\\\n\t\t<testName> [ENE|EE]" - " <certStoreDirectory>\\\n\t\t<targetCert>" - " <intermediate Certs...> <trustedCert>\n\n"); - (void) printf - ("Builds a chain of certificates from <targetCert> to <trustedCert>\n" - "using the certs and CRLs in <certStoreDirectory>. " - "servername[:port] gives\n" - "the address of an LDAP server. If port is not" - " specified, port 389 is used.\n\"-\" means no LDAP server.\n\n" - "If ENE is specified, then an Error is Not Expected.\n" - "EE indicates an Error is Expected.\n"); +static void +printUsage(void) +{ + (void)printf("\nUSAGE:\ttest_buildchain_resourcelimits [-arenas] " + "[usebind] servername[:port]\\\n\t\t<testName> [ENE|EE]" + " <certStoreDirectory>\\\n\t\t<targetCert>" + " <intermediate Certs...> <trustedCert>\n\n"); + (void)printf("Builds a chain of certificates from <targetCert> to <trustedCert>\n" + "using the certs and CRLs in <certStoreDirectory>. " + "servername[:port] gives\n" + "the address of an LDAP server. If port is not" + " specified, port 389 is used.\n\"-\" means no LDAP server.\n\n" + "If ENE is specified, then an Error is Not Expected.\n" + "EE indicates an Error is Expected.\n"); } static PKIX_Error * createLdapCertStore( - char *hostname, - PRIntervalTime timeout, - PKIX_CertStore **pLdapCertStore, - void* plContext) + char *hostname, + PRIntervalTime timeout, + PKIX_CertStore **pLdapCertStore, + void *plContext) { - PRIntn backlog = 0; + PRIntn backlog = 0; - char *bindname = ""; - char *auth = ""; + char *bindname = ""; + char *auth = ""; - LDAPBindAPI bindAPI; - LDAPBindAPI *bindPtr = NULL; - PKIX_PL_LdapDefaultClient *ldapClient = NULL; - PKIX_CertStore *ldapCertStore = NULL; + LDAPBindAPI bindAPI; + LDAPBindAPI *bindPtr = NULL; + PKIX_PL_LdapDefaultClient *ldapClient = NULL; + PKIX_CertStore *ldapCertStore = NULL; - PKIX_TEST_STD_VARS(); + PKIX_TEST_STD_VARS(); - if (usebind) { - bindPtr = &bindAPI; - bindAPI.selector = SIMPLE_AUTH; - bindAPI.chooser.simple.bindName = bindname; - bindAPI.chooser.simple.authentication = auth; - } + if (usebind) { + bindPtr = &bindAPI; + bindAPI.selector = SIMPLE_AUTH; + bindAPI.chooser.simple.bindName = bindname; + bindAPI.chooser.simple.authentication = auth; + } - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapDefaultClient_CreateByName - (hostname, timeout, bindPtr, &ldapClient, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapDefaultClient_CreateByName(hostname, timeout, bindPtr, &ldapClient, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapCertStore_Create - ((PKIX_PL_LdapClient *)ldapClient, &ldapCertStore, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapCertStore_Create((PKIX_PL_LdapClient *)ldapClient, &ldapCertStore, plContext)); - *pLdapCertStore = ldapCertStore; + *pLdapCertStore = ldapCertStore; cleanup: - PKIX_TEST_DECREF_AC(ldapClient); - - PKIX_TEST_RETURN(); + PKIX_TEST_DECREF_AC(ldapClient); - return (pkixTestErrorResult); + PKIX_TEST_RETURN(); + return (pkixTestErrorResult); } -static void Test_BuildResult( - PKIX_ProcessingParams *procParams, - PKIX_Boolean testValid, - PKIX_List *expectedCerts, - void *plContext) +static void +Test_BuildResult( + PKIX_ProcessingParams *procParams, + PKIX_Boolean testValid, + PKIX_List *expectedCerts, + void *plContext) { - PKIX_PL_Cert *cert = NULL; - PKIX_List *certs = NULL; - PKIX_PL_String *actualCertsString = NULL; - PKIX_PL_String *expectedCertsString = NULL; - PKIX_BuildResult *buildResult = NULL; - PKIX_Boolean result; - PKIX_Boolean supportForward = PKIX_FALSE; - PKIX_UInt32 numCerts, i; - char *asciiResult = NULL; - char *actualCertsAscii = NULL; - char *expectedCertsAscii = NULL; - void *state = NULL; - PRPollDesc *pollDesc = NULL; - - PKIX_TEST_STD_VARS(); - - pkixTestErrorResult = PKIX_BuildChain - (procParams, - (void **)&pollDesc, - &state, - &buildResult, - NULL, - plContext); - - while (pollDesc != NULL) { - - if (PR_Poll(pollDesc, 1, 0) < 0) { - testError("PR_Poll failed"); - } - - pkixTestErrorResult = PKIX_BuildChain - (procParams, - (void **)&pollDesc, - &state, - &buildResult, - NULL, - plContext); + PKIX_PL_Cert *cert = NULL; + PKIX_List *certs = NULL; + PKIX_PL_String *actualCertsString = NULL; + PKIX_PL_String *expectedCertsString = NULL; + PKIX_BuildResult *buildResult = NULL; + PKIX_Boolean result; + PKIX_Boolean supportForward = PKIX_FALSE; + PKIX_UInt32 numCerts, i; + char *asciiResult = NULL; + char *actualCertsAscii = NULL; + char *expectedCertsAscii = NULL; + void *state = NULL; + PRPollDesc *pollDesc = NULL; + + PKIX_TEST_STD_VARS(); + + pkixTestErrorResult = PKIX_BuildChain(procParams, + (void **)&pollDesc, + &state, + &buildResult, + NULL, + plContext); + + while (pollDesc != NULL) { + + if (PR_Poll(pollDesc, 1, 0) < 0) { + testError("PR_Poll failed"); } - if (pkixTestErrorResult) { - if (testValid == PKIX_FALSE) { /* EE */ - (void) printf("EXPECTED ERROR RECEIVED!\n"); - } else { /* ENE */ - testError("UNEXPECTED ERROR RECEIVED!\n"); - } - PKIX_TEST_DECREF_BC(pkixTestErrorResult); - goto cleanup; + pkixTestErrorResult = PKIX_BuildChain(procParams, + (void **)&pollDesc, + &state, + &buildResult, + NULL, + plContext); + } + + if (pkixTestErrorResult) { + if (testValid == PKIX_FALSE) { /* EE */ + (void)printf("EXPECTED ERROR RECEIVED!\n"); + } else { /* ENE */ + testError("UNEXPECTED ERROR RECEIVED!\n"); } + PKIX_TEST_DECREF_BC(pkixTestErrorResult); + goto cleanup; + } - if (testValid == PKIX_TRUE) { /* ENE */ - (void) printf("EXPECTED NON-ERROR RECEIVED!\n"); - } else { /* EE */ - testError("UNEXPECTED NON-ERROR RECEIVED!\n"); - } + if (testValid == PKIX_TRUE) { /* ENE */ + (void)printf("EXPECTED NON-ERROR RECEIVED!\n"); + } else { /* EE */ + testError("UNEXPECTED NON-ERROR RECEIVED!\n"); + } + + if (buildResult) { + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildResult_GetCertChain(buildResult, &certs, NULL)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(certs, &numCerts, plContext)); + + printf("\n"); + + for (i = 0; i < numCerts; i++) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(certs, + i, + (PKIX_PL_Object **)&cert, + plContext)); + + asciiResult = PKIX_Cert2ASCII(cert); - if (buildResult){ - - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_BuildResult_GetCertChain - (buildResult, &certs, NULL)); - - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_List_GetLength(certs, &numCerts, plContext)); - - printf("\n"); - - for (i = 0; i < numCerts; i++){ - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_List_GetItem - (certs, - i, - (PKIX_PL_Object**)&cert, - plContext)); - - asciiResult = PKIX_Cert2ASCII(cert); - - printf("CERT[%d]:\n%s\n", i, asciiResult); - - /* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */ - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_PL_Free(asciiResult, NULL)); - asciiResult = NULL; - - PKIX_TEST_DECREF_BC(cert); - } - - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_PL_Object_Equals - ((PKIX_PL_Object*)certs, - (PKIX_PL_Object*)expectedCerts, - &result, - plContext)); - - if (!result){ - testError("BUILT CERTCHAIN IS " - "NOT THE ONE THAT WAS EXPECTED"); - - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_PL_Object_ToString - ((PKIX_PL_Object *)certs, - &actualCertsString, - plContext)); - - actualCertsAscii = PKIX_String2ASCII - (actualCertsString, plContext); - if (actualCertsAscii == NULL){ - pkixTestErrorMsg = "PKIX_String2ASCII Failed"; - goto cleanup; - } - - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_PL_Object_ToString - ((PKIX_PL_Object *)expectedCerts, - &expectedCertsString, - plContext)); - - expectedCertsAscii = PKIX_String2ASCII - (expectedCertsString, plContext); - if (expectedCertsAscii == NULL){ - pkixTestErrorMsg = "PKIX_String2ASCII Failed"; - goto cleanup; - } - - (void) printf("Actual value:\t%s\n", actualCertsAscii); - (void) printf("Expected value:\t%s\n", - expectedCertsAscii); - } + printf("CERT[%d]:\n%s\n", i, asciiResult); + /* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(asciiResult, NULL)); + asciiResult = NULL; + + PKIX_TEST_DECREF_BC(cert); } -cleanup: + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals((PKIX_PL_Object *)certs, + (PKIX_PL_Object *)expectedCerts, + &result, + plContext)); + + if (!result) { + testError("BUILT CERTCHAIN IS " + "NOT THE ONE THAT WAS EXPECTED"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)certs, + &actualCertsString, + plContext)); + + actualCertsAscii = PKIX_String2ASCII(actualCertsString, plContext); + if (actualCertsAscii == NULL) { + pkixTestErrorMsg = "PKIX_String2ASCII Failed"; + goto cleanup; + } - PKIX_PL_Free(asciiResult, NULL); - PKIX_PL_Free(actualCertsAscii, plContext); - PKIX_PL_Free(expectedCertsAscii, plContext); - PKIX_TEST_DECREF_AC(state); - PKIX_TEST_DECREF_AC(buildResult); - PKIX_TEST_DECREF_AC(certs); - PKIX_TEST_DECREF_AC(cert); - PKIX_TEST_DECREF_AC(actualCertsString); - PKIX_TEST_DECREF_AC(expectedCertsString); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)expectedCerts, + &expectedCertsString, + plContext)); - PKIX_TEST_RETURN(); + expectedCertsAscii = PKIX_String2ASCII(expectedCertsString, plContext); + if (expectedCertsAscii == NULL) { + pkixTestErrorMsg = "PKIX_String2ASCII Failed"; + goto cleanup; + } + + (void)printf("Actual value:\t%s\n", actualCertsAscii); + (void)printf("Expected value:\t%s\n", + expectedCertsAscii); + } + } + +cleanup: + PKIX_PL_Free(asciiResult, NULL); + PKIX_PL_Free(actualCertsAscii, plContext); + PKIX_PL_Free(expectedCertsAscii, plContext); + PKIX_TEST_DECREF_AC(state); + PKIX_TEST_DECREF_AC(buildResult); + PKIX_TEST_DECREF_AC(certs); + PKIX_TEST_DECREF_AC(cert); + PKIX_TEST_DECREF_AC(actualCertsString); + PKIX_TEST_DECREF_AC(expectedCertsString); + + PKIX_TEST_RETURN(); } -int test_buildchain_resourcelimits(int argc, char *argv[]) +int +test_buildchain_resourcelimits(int argc, char *argv[]) { - PKIX_ComCertSelParams *certSelParams = NULL; - PKIX_CertSelector *certSelector = NULL; - PKIX_TrustAnchor *anchor = NULL; - PKIX_List *anchors = NULL; - PKIX_ProcessingParams *procParams = NULL; - PKIX_CertChainChecker *checker = NULL; - PKIX_ResourceLimits *resourceLimits = NULL; - char *dirName = NULL; - PKIX_PL_String *dirNameString = NULL; - PKIX_PL_Cert *trustedCert = NULL; - PKIX_PL_Cert *targetCert = NULL; - PKIX_PL_Cert *dirCert = NULL; - PKIX_UInt32 actualMinorVersion = 0; - PKIX_UInt32 j = 0; - PKIX_UInt32 k = 0; - PKIX_CertStore *ldapCertStore = NULL; - PRIntervalTime timeout = 0; /* 0 for non-blocking */ - PKIX_CertStore *certStore = NULL; - PKIX_List *certStores = NULL; - PKIX_List *expectedCerts = NULL; - PKIX_Boolean testValid = PKIX_FALSE; - PKIX_Boolean usebind = PKIX_FALSE; - PKIX_Boolean useLDAP = PKIX_FALSE; - - PKIX_TEST_STD_VARS(); - - if (argc < 5){ - printUsage(); - return (0); - } + PKIX_ComCertSelParams *certSelParams = NULL; + PKIX_CertSelector *certSelector = NULL; + PKIX_TrustAnchor *anchor = NULL; + PKIX_List *anchors = NULL; + PKIX_ProcessingParams *procParams = NULL; + PKIX_CertChainChecker *checker = NULL; + PKIX_ResourceLimits *resourceLimits = NULL; + char *dirName = NULL; + PKIX_PL_String *dirNameString = NULL; + PKIX_PL_Cert *trustedCert = NULL; + PKIX_PL_Cert *targetCert = NULL; + PKIX_PL_Cert *dirCert = NULL; + PKIX_UInt32 actualMinorVersion = 0; + PKIX_UInt32 j = 0; + PKIX_UInt32 k = 0; + PKIX_CertStore *ldapCertStore = NULL; + PRIntervalTime timeout = 0; /* 0 for non-blocking */ + PKIX_CertStore *certStore = NULL; + PKIX_List *certStores = NULL; + PKIX_List *expectedCerts = NULL; + PKIX_Boolean testValid = PKIX_FALSE; + PKIX_Boolean usebind = PKIX_FALSE; + PKIX_Boolean useLDAP = PKIX_FALSE; + + PKIX_TEST_STD_VARS(); + + if (argc < 5) { + printUsage(); + return (0); + } - startTests("BuildChain_ResourceLimits"); + startTests("BuildChain_ResourceLimits"); - PKIX_TEST_EXPECT_NO_ERROR( - PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); - /* + /* * arguments: * [optional] -arenas * [optional] usebind @@ -280,218 +262,177 @@ int test_buildchain_resourcelimits(int argc, char *argv[]) * trust anchor */ - /* optional argument "usebind" for Ldap CertStore */ - if (argv[j + 1]) { - if (PORT_Strcmp(argv[j + 1], "usebind") == 0) { - usebind = PKIX_TRUE; - j++; - } - } - - if (PORT_Strcmp(argv[++j], "-") == 0) { - useLDAP = PKIX_FALSE; - } else { - serverName = argv[j]; + /* optional argument "usebind" for Ldap CertStore */ + if (argv[j + 1]) { + if (PORT_Strcmp(argv[j + 1], "usebind") == 0) { + usebind = PKIX_TRUE; + j++; } + } + + if (PORT_Strcmp(argv[++j], "-") == 0) { + useLDAP = PKIX_FALSE; + } else { + serverName = argv[j]; + } + + subTest(argv[++j]); + + /* ENE = expect no error; EE = expect error */ + if (PORT_Strcmp(argv[++j], "ENE") == 0) { + testValid = PKIX_TRUE; + } else if (PORT_Strcmp(argv[j], "EE") == 0) { + testValid = PKIX_FALSE; + } else { + printUsage(); + return (0); + } - subTest(argv[++j]); - - /* ENE = expect no error; EE = expect error */ - if (PORT_Strcmp(argv[++j], "ENE") == 0) { - testValid = PKIX_TRUE; - } else if (PORT_Strcmp(argv[j], "EE") == 0) { - testValid = PKIX_FALSE; - } else { - printUsage(); - return (0); - } - - dirName = argv[++j]; - - PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&expectedCerts, plContext)); + dirName = argv[++j]; - for (k = ++j; k < argc; k++) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&expectedCerts, plContext)); - dirCert = createCert(dirName, argv[k], plContext); + for (k = ++j; k < argc; k++) { - if (k == (argc - 1)) { - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef - ((PKIX_PL_Object *)dirCert, plContext)); - trustedCert = dirCert; - } else { + dirCert = createCert(dirName, argv[k], plContext); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_List_AppendItem - (expectedCerts, - (PKIX_PL_Object *)dirCert, - plContext)); + if (k == (argc - 1)) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef((PKIX_PL_Object *)dirCert, plContext)); + trustedCert = dirCert; + } else { - if (k == j) { - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef - ((PKIX_PL_Object *)dirCert, plContext)); - targetCert = dirCert; - } - } + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(expectedCerts, + (PKIX_PL_Object *)dirCert, + plContext)); - PKIX_TEST_DECREF_BC(dirCert); + if (k == j) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef((PKIX_PL_Object *)dirCert, plContext)); + targetCert = dirCert; + } } - /* create processing params with list of trust anchors */ + PKIX_TEST_DECREF_BC(dirCert); + } + + /* create processing params with list of trust anchors */ - PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert - (trustedCert, &anchor, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext)); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_List_AppendItem - (anchors, (PKIX_PL_Object *)anchor, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create - (anchors, &procParams, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert(trustedCert, &anchor, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(anchors, (PKIX_PL_Object *)anchor, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create(anchors, &procParams, plContext)); - /* create CertSelector with target certificate in params */ + /* create CertSelector with target certificate in params */ - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_ComCertSelParams_Create(&certSelParams, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create(&certSelParams, plContext)); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_ComCertSelParams_SetCertificate - (certSelParams, targetCert, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificate(certSelParams, targetCert, plContext)); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_CertSelector_Create - (NULL, NULL, &certSelector, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(NULL, NULL, &certSelector, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams - (certSelector, certSelParams, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams(certSelector, certSelParams, plContext)); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_ProcessingParams_SetTargetCertConstraints - (procParams, certSelector, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetTargetCertConstraints(procParams, certSelector, plContext)); - /* create CertStores */ + /* create CertStores */ - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create - (PKIX_ESCASCII, - dirName, - 0, - &dirNameString, - plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, + dirName, + 0, + &dirNameString, + plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create - (dirNameString, &certStore, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create(dirNameString, &certStore, plContext)); #if 0 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create (&certStore, plContext)); #endif + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certStores, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certStores, plContext)); + if (useLDAP == PKIX_TRUE) { + PKIX_TEST_EXPECT_NO_ERROR(createLdapCertStore(serverName, timeout, &ldapCertStore, plContext)); - if (useLDAP == PKIX_TRUE) { - PKIX_TEST_EXPECT_NO_ERROR(createLdapCertStore - (serverName, timeout, &ldapCertStore, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certStores, + (PKIX_PL_Object *)ldapCertStore, + plContext)); + } - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_List_AppendItem - (certStores, - (PKIX_PL_Object *)ldapCertStore, - plContext)); - } + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certStores, (PKIX_PL_Object *)certStore, plContext)); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_List_AppendItem - (certStores, (PKIX_PL_Object *)certStore, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores(procParams, certStores, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores - (procParams, certStores, plContext)); + /* set resource limits */ - /* set resource limits */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_Create(&resourceLimits, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_Create - (&resourceLimits, plContext)); + /* need longer time when running dbx for memory leak checking */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime(resourceLimits, 60, plContext)); - /* need longer time when running dbx for memory leak checking */ - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime - (resourceLimits, 60, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout(resourceLimits, 2, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout - (resourceLimits, 2, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth(resourceLimits, 2, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth - (resourceLimits, 2, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetResourceLimits(procParams, resourceLimits, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetResourceLimits - (procParams, resourceLimits, plContext)); + /* build cert chain using processing params and return buildResult */ - /* build cert chain using processing params and return buildResult */ + subTest("Testing ResourceLimits MaxFanout & MaxDepth - <pass>"); + Test_BuildResult(procParams, + testValid, + expectedCerts, + plContext); - subTest("Testing ResourceLimits MaxFanout & MaxDepth - <pass>"); - Test_BuildResult - (procParams, - testValid, - expectedCerts, - plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout(resourceLimits, 1, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout - (resourceLimits, 1, plContext)); + subTest("Testing ResourceLimits MaxFanout - <fail>"); + Test_BuildResult(procParams, + PKIX_FALSE, + expectedCerts, + plContext); - subTest("Testing ResourceLimits MaxFanout - <fail>"); - Test_BuildResult - (procParams, - PKIX_FALSE, - expectedCerts, - plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout(resourceLimits, 2, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth(resourceLimits, 1, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout - (resourceLimits, 2, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth - (resourceLimits, 1, plContext)); + subTest("Testing ResourceLimits MaxDepth - <fail>"); + Test_BuildResult(procParams, + PKIX_FALSE, + expectedCerts, + plContext); - subTest("Testing ResourceLimits MaxDepth - <fail>"); - Test_BuildResult - (procParams, - PKIX_FALSE, - expectedCerts, - plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout(resourceLimits, 0, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth(resourceLimits, 0, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime(resourceLimits, 0, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout - (resourceLimits, 0, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth - (resourceLimits, 0, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime - (resourceLimits, 0, plContext)); - - subTest("Testing ResourceLimits No checking - <pass>"); - Test_BuildResult - (procParams, - testValid, - expectedCerts, - plContext); + subTest("Testing ResourceLimits No checking - <pass>"); + Test_BuildResult(procParams, + testValid, + expectedCerts, + plContext); cleanup: - PKIX_TEST_DECREF_AC(expectedCerts); - PKIX_TEST_DECREF_AC(procParams); - PKIX_TEST_DECREF_AC(procParams); - PKIX_TEST_DECREF_AC(certStores); - PKIX_TEST_DECREF_AC(certStore); - PKIX_TEST_DECREF_AC(ldapCertStore); - PKIX_TEST_DECREF_AC(dirNameString); - PKIX_TEST_DECREF_AC(trustedCert); - PKIX_TEST_DECREF_AC(targetCert); - PKIX_TEST_DECREF_AC(anchors); - PKIX_TEST_DECREF_AC(anchor); - PKIX_TEST_DECREF_AC(certSelParams); - PKIX_TEST_DECREF_AC(certSelector); - PKIX_TEST_DECREF_AC(checker); - PKIX_TEST_DECREF_AC(resourceLimits); - - PKIX_TEST_RETURN(); - - PKIX_Shutdown(plContext); - - endTests("BuildChain_UserChecker"); - - return (0); - + PKIX_TEST_DECREF_AC(expectedCerts); + PKIX_TEST_DECREF_AC(procParams); + PKIX_TEST_DECREF_AC(procParams); + PKIX_TEST_DECREF_AC(certStores); + PKIX_TEST_DECREF_AC(certStore); + PKIX_TEST_DECREF_AC(ldapCertStore); + PKIX_TEST_DECREF_AC(dirNameString); + PKIX_TEST_DECREF_AC(trustedCert); + PKIX_TEST_DECREF_AC(targetCert); + PKIX_TEST_DECREF_AC(anchors); + PKIX_TEST_DECREF_AC(anchor); + PKIX_TEST_DECREF_AC(certSelParams); + PKIX_TEST_DECREF_AC(certSelector); + PKIX_TEST_DECREF_AC(checker); + PKIX_TEST_DECREF_AC(resourceLimits); + + PKIX_TEST_RETURN(); + + PKIX_Shutdown(plContext); + + endTests("BuildChain_UserChecker"); + + return (0); } |