diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-07-11 18:55:12 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <dev@ddvo.net> | 2022-08-18 09:28:57 +0200 |
| commit | 2c05607cd91fc5aab6d61f0324104d63a091d705 (patch) | |
| tree | 088718f20789819f524aa73257711bb4f4af157c /test/cmp_ctx_test.c | |
| parent | 42a0817d5ff7771ff1d9c8cc9b89553b6ddf1126 (diff) | |
| download | openssl-new-2c05607cd91fc5aab6d61f0324104d63a091d705.tar.gz | |
Fix ossl_x509v3_cache_extensions(): EXFLAG_NO_FINGERPRINT should not be an error
This allows reverting the recent workaround on cmp_ctx_test regarding X509_new()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/16043)
Diffstat (limited to 'test/cmp_ctx_test.c')
| -rw-r--r-- | test/cmp_ctx_test.c | 21 |
1 files changed, 6 insertions, 15 deletions
diff --git a/test/cmp_ctx_test.c b/test/cmp_ctx_test.c index e4f80d93fc..b18a83c60f 100644 --- a/test/cmp_ctx_test.c +++ b/test/cmp_ctx_test.c @@ -13,11 +13,6 @@ #include <openssl/x509_vfy.h> -static X509 *test_cert; - -/* Avoid using X509_new() via the generic macros below. */ -#define X509_new() X509_dup(test_cert) - typedef struct test_fixture { const char *test_case_name; OSSL_CMP_CTX *ctx; @@ -47,7 +42,7 @@ static OSSL_CMP_CTX_TEST_FIXTURE *set_up(const char *const test_case_name) static STACK_OF(X509) *sk_X509_new_1(void) { STACK_OF(X509) *sk = sk_X509_new_null(); - X509 *x = X509_dup(test_cert); + X509 *x = X509_new(); if (x == NULL || !sk_X509_push(sk, x)) { sk_X509_free(sk); @@ -67,18 +62,19 @@ static int execute_CTX_reinit_test(OSSL_CMP_CTX_TEST_FIXTURE *fixture) OSSL_CMP_CTX *ctx = fixture->ctx; ASN1_OCTET_STRING *bytes = NULL; STACK_OF(X509) *certs = NULL; + X509 *cert = X509_new(); int res = 0; /* set non-default values in all relevant fields */ ctx->status = 1; ctx->failInfoCode = 1; if (!ossl_cmp_ctx_set0_statusString(ctx, sk_ASN1_UTF8STRING_new_null()) - || !ossl_cmp_ctx_set0_newCert(ctx, X509_dup(test_cert)) + || !ossl_cmp_ctx_set0_newCert(ctx, X509_new()) || !TEST_ptr(certs = sk_X509_new_1()) || !ossl_cmp_ctx_set1_newChain(ctx, certs) || !ossl_cmp_ctx_set1_caPubs(ctx, certs) || !ossl_cmp_ctx_set1_extraCertsIn(ctx, certs) - || !ossl_cmp_ctx_set1_validatedSrvCert(ctx, test_cert) + || !ossl_cmp_ctx_set1_validatedSrvCert(ctx, cert) || !TEST_ptr(bytes = ASN1_OCTET_STRING_new()) || !OSSL_CMP_CTX_set1_transactionID(ctx, bytes) || !OSSL_CMP_CTX_set1_senderNonce(ctx, bytes) @@ -106,6 +102,7 @@ static int execute_CTX_reinit_test(OSSL_CMP_CTX_TEST_FIXTURE *fixture) res = 1; err: + X509_free(cert); sk_X509_pop_X509_free(certs); ASN1_OCTET_STRING_free(bytes); return res; @@ -671,7 +668,7 @@ static int execute_CTX_##PUSHN##_##ELEM(OSSL_CMP_CTX_TEST_FIXTURE *fixture) \ } \ \ if (!(*push_fn)(ctx, val2)) { \ - TEST_error("pushting second value failed"); \ + TEST_error("pushing second value failed"); \ res = 0; \ } \ if (PUSHN == 0) \ @@ -792,17 +789,11 @@ DEFINE_SET_TEST(ossl_cmp, ctx, 1, 1, recipNonce, ASN1_OCTET_STRING) int setup_tests(void) { - char *cert_file; - if (!test_skip_common_options()) { TEST_error("Error parsing test options\n"); return 0; } - if (!TEST_ptr(cert_file = test_get_argument(0)) - || !TEST_ptr(test_cert = load_cert_pem(cert_file, NULL))) - return 0; - /* OSSL_CMP_CTX_new() is tested by set_up() */ /* OSSL_CMP_CTX_free() is tested by tear_down() */ ADD_TEST(test_CTX_reinit); |