[openssl-commits] [openssl] master update

Richard Levitte levitte at openssl.org
Sat Sep 5 23:28:48 UTC 2015


The branch master has been updated
       via  e9daa8150abc8d96dd1e4dcd764355851f06ef2b (commit)
      from  551a2f26aa54f0a9210128f3b4c1c4a7e8a85e41 (commit)


- Log -----------------------------------------------------------------
commit e9daa8150abc8d96dd1e4dcd764355851f06ef2b
Author: Richard Levitte <levitte at openssl.org>
Date:   Fri Sep 4 17:04:33 2015 +0200

    Make the verify_extra test location agnostic
    
    Depending on platform, verify_extra_test may fail because it relies on
    test/ being the current working directory.  Make it get all the required
    files on the command line instead to solve that issue.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 test/Makefile            |  3 ++-
 test/verify_extra_test.c | 19 +++++++++++++------
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/test/Makefile b/test/Makefile
index c85e8d8..0900a92 100644
--- a/test/Makefile
+++ b/test/Makefile
@@ -432,7 +432,8 @@ test_constant_time: $(CONSTTIMETEST)$(EXE_EXT)
 
 test_verify_extra: $(VERIFYEXTRATEST)$(EXE_EXT)
 	@echo $(START) $@
-	../util/shlib_wrap.sh ./$(VERIFYEXTRATEST)
+	../util/shlib_wrap.sh ./$(VERIFYEXTRATEST) \
+                certs/roots.pem certs/untrusted.pem certs/bad.pem
 
 test_clienthello: $(CLIENTHELLOTEST)$(EXE_EXT)
 	@echo $(START) $@
diff --git a/test/verify_extra_test.c b/test/verify_extra_test.c
index 08509f0..7cc6739 100644
--- a/test/verify_extra_test.c
+++ b/test/verify_extra_test.c
@@ -130,7 +130,9 @@ static STACK_OF(X509) *load_certs_from_file(const char *filename)
  * CA=FALSE, and will therefore incorrectly verify bad
  *
  */
-static int test_alt_chains_cert_forgery(void)
+static int test_alt_chains_cert_forgery(const char *roots_f,
+                                        const char *untrusted_f,
+                                        const char *bad_f)
 {
     int ret = 0;
     int i;
@@ -148,12 +150,12 @@ static int test_alt_chains_cert_forgery(void)
     lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
     if (lookup == NULL)
         goto err;
-    if(!X509_LOOKUP_load_file(lookup, "certs/roots.pem", X509_FILETYPE_PEM))
+    if(!X509_LOOKUP_load_file(lookup, roots_f, X509_FILETYPE_PEM))
         goto err;
 
-    untrusted = load_certs_from_file("certs/untrusted.pem");
+    untrusted = load_certs_from_file(untrusted_f);
 
-    if ((bio = BIO_new_file("certs/bad.pem", "r")) == NULL)
+    if ((bio = BIO_new_file(bad_f, "r")) == NULL)
         goto err;
 
     if((x = PEM_read_bio_X509(bio, NULL, 0, NULL)) == NULL)
@@ -183,7 +185,7 @@ static int test_alt_chains_cert_forgery(void)
     return ret;
 }
 
-int main(void)
+int main(int argc, char **argv)
 {
     CRYPTO_malloc_debug_init();
     CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
@@ -192,7 +194,12 @@ int main(void)
     ERR_load_crypto_strings();
     OpenSSL_add_all_digests();
 
-    if (!test_alt_chains_cert_forgery()) {
+    if (argc != 4) {
+        fprintf(stderr, "usage: verify_extra_test roots.pem untrusted.pem bad.pem\n");
+        return 1;
+    }
+
+    if (!test_alt_chains_cert_forgery(argv[1], argv[2], argv[3])) {
         fprintf(stderr, "Test alt chains cert forgery failed\n");
         return 1;
     }


More information about the openssl-commits mailing list