diff options
author | Kevin Kuehler <kevin@segfault.fun> | 2020-12-10 16:08:26 -0800 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2021-11-30 23:00:21 +0100 |
commit | 0351cbb9e4812fcad694f506800fbadc5182b3f8 (patch) | |
tree | c67b9309d93fdcf1b6429cb6ba4dba27e6733997 /src/resolve/test-dnssec.c | |
parent | 667dac6ed6674d4ab737580d0f9063e1f7359687 (diff) | |
download | systemd-0351cbb9e4812fcad694f506800fbadc5182b3f8.tar.gz |
resolve: Port dnssec verify from gcrypt to openssl^gcrypt
Co-authored-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Diffstat (limited to 'src/resolve/test-dnssec.c')
-rw-r--r-- | src/resolve/test-dnssec.c | 18 |
1 files changed, 6 insertions, 12 deletions
diff --git a/src/resolve/test-dnssec.c b/src/resolve/test-dnssec.c index ed46853eeb..3263095360 100644 --- a/src/resolve/test-dnssec.c +++ b/src/resolve/test-dnssec.c @@ -1,20 +1,19 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ #include <arpa/inet.h> -#if HAVE_GCRYPT -#include <gcrypt.h> -#endif #include <netinet/in.h> #include <sys/socket.h> +#if HAVE_GCRYPT +# include <gcrypt.h> +#endif + #include "alloc-util.h" #include "resolved-dns-dnssec.h" #include "resolved-dns-rr.h" #include "string-util.h" #include "hexdecoct.h" -#if HAVE_GCRYPT - static void test_dnssec_verify_dns_key(void) { static const uint8_t ds1_fprint[] = { @@ -174,7 +173,7 @@ static void test_dnssec_verify_rfc8080_ed25519_example1(void) { assert_se(dnssec_verify_rrset(answer, mx->key, rrsig, dnskey, rrsig->rrsig.inception * USEC_PER_SEC, &result) >= 0); -#if GCRYPT_VERSION_NUMBER >= 0x010600 +#if PREFER_OPENSSL || GCRYPT_VERSION_NUMBER >= 0x010600 assert_se(result == DNSSEC_VALIDATED); #else assert_se(result == DNSSEC_UNSUPPORTED_ALGORITHM); @@ -266,7 +265,7 @@ static void test_dnssec_verify_rfc8080_ed25519_example2(void) { assert_se(dnssec_verify_rrset(answer, mx->key, rrsig, dnskey, rrsig->rrsig.inception * USEC_PER_SEC, &result) >= 0); -#if GCRYPT_VERSION_NUMBER >= 0x010600 +#if PREFER_OPENSSL || GCRYPT_VERSION_NUMBER >= 0x010600 assert_se(result == DNSSEC_VALIDATED); #else assert_se(result == DNSSEC_UNSUPPORTED_ALGORITHM); @@ -788,11 +787,7 @@ static void test_dnssec_nsec3_hash(void) { assert_se(strcasecmp(b, "PJ8S08RR45VIQDAQGE7EN3VHKNROTBMM") == 0); } -#endif - int main(int argc, char *argv[]) { - -#if HAVE_GCRYPT test_dnssec_verify_dns_key(); test_dnssec_verify_rfc8080_ed25519_example1(); test_dnssec_verify_rfc8080_ed25519_example2(); @@ -802,7 +797,6 @@ int main(int argc, char *argv[]) { test_dnssec_verify_rrset2(); test_dnssec_verify_rrset3(); test_dnssec_nsec3_hash(); -#endif return 0; } |