diff options
author | Alois Klink <alois@aloisklink.com> | 2023-05-02 21:59:45 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-05-04 15:01:11 +0200 |
commit | 42a6a25ba4ddb40333e92e6e2fc57625d9567090 (patch) | |
tree | 85816ba685721e674d17a963f3e12cebb7be7eab /test | |
parent | c154f537c34c80e42915f32e97c6ba90d9fd4037 (diff) | |
download | openssl-new-42a6a25ba4ddb40333e92e6e2fc57625d9567090.tar.gz |
25-test_x509.t: test dots in CA file path
Test whether dots in the CA file path breaks the default CA serial
number file path.
Tests for:
- https://github.com/openssl/openssl/issues/6203
- https://github.com/openssl/openssl/issues/6489
- https://github.com/openssl/openssl/pull/6566
- https://github.com/openssl/openssl/issues/10442
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20873)
Diffstat (limited to 'test')
-rw-r--r-- | test/recipes/25-test_x509.t | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/test/recipes/25-test_x509.t b/test/recipes/25-test_x509.t index 01f5086404..df49ce2750 100644 --- a/test/recipes/25-test_x509.t +++ b/test/recipes/25-test_x509.t @@ -16,7 +16,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_x509"); -plan tests => 33; +plan tests => 37; # Prevent MSys2 filename munging for arguments that look like file paths but # aren't @@ -214,6 +214,19 @@ has_version($b_cert, 3); has_SKID($b_cert, 1); has_AKID($b_cert, 1); +# Tests for https://github.com/openssl/openssl/issues/10442 (fixed in 1.1.1a) +# (incorrect default `-CAcreateserial` if `-CA` path has a dot in it) +my $folder_with_dot = "test_x509.folder"; +ok(mkdir $folder_with_dot); +my $ca_cert_dot_in_dir = File::Spec->catfile($folder_with_dot, "ca-cert.pem"); +ok(copy($ca_cert,$ca_cert_dot_in_dir)); +my $ca_serial_dot_in_dir = File::Spec->catfile($folder_with_dot, "ca-cert.srl"); + +ok(run(app(["openssl", "x509", "-req", "-text", "-CAcreateserial", + "-CA", $ca_cert_dot_in_dir, "-CAkey", $ca_key, + "-in", $b_csr]))); +ok(-e $ca_serial_dot_in_dir); + SKIP: { skip "EC is not supported by this OpenSSL build", 1 if disabled("ec"); |