summaryrefslogtreecommitdiffstats
path: root/test/ssl_test_ctx.c
diff options
context:
space:
mode:
authorEmilia Kasper <emilia@openssl.org>2016-04-07 19:07:50 +0200
committerEmilia Kasper <emilia@openssl.org>2016-05-12 19:02:42 +0200
commita263f320ebdb32ccc058ef02a617edbfe4a63e7f (patch)
treeaa0e8b9d93f591a7752cc312053d9333caecae33 /test/ssl_test_ctx.c
parentAppease ubsan (diff)
downloadopenssl-a263f320ebdb32ccc058ef02a617edbfe4a63e7f.tar.xz
openssl-a263f320ebdb32ccc058ef02a617edbfe4a63e7f.zip
Remove proxy tests. Add verify callback tests.
The old proxy tests test the implementation of an application proxy policy callback defined in the test itself, which is not particularly useful. It is, however, useful to test cert verify overrides in general. Therefore, replace these tests with tests for cert verify callback behaviour. Also glob the ssl test inputs on the .in files to catch missing generated files. Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'test/ssl_test_ctx.c')
-rw-r--r--test/ssl_test_ctx.c33
1 files changed, 31 insertions, 2 deletions
diff --git a/test/ssl_test_ctx.c b/test/ssl_test_ctx.c
index 0c1bbbde9e..5db7bd45ce 100644
--- a/test/ssl_test_ctx.c
+++ b/test/ssl_test_ctx.c
@@ -71,7 +71,7 @@ __owur static int parse_expected_result(SSL_TEST_CTX *test_ctx, const char *valu
return 1;
}
-const char *ssl_test_result_t_name(ssl_test_result_t result)
+const char *ssl_test_result_name(ssl_test_result_t result)
{
return enum_name(ssl_test_results, OSSL_NELEM(ssl_test_results), result);
}
@@ -82,6 +82,7 @@ const char *ssl_test_result_t_name(ssl_test_result_t result)
static const test_enum ssl_alerts[] = {
{"UnknownCA", SSL_AD_UNKNOWN_CA},
+ {"HandshakeFailure", SSL_AD_HANDSHAKE_FAILURE},
};
__owur static int parse_alert(int *alert, const char *value)
@@ -126,6 +127,34 @@ const char *ssl_protocol_name(int protocol)
return enum_name(ssl_protocols, OSSL_NELEM(ssl_protocols), protocol);
}
+/***********************/
+/* CertVerifyCallback. */
+/***********************/
+
+static const test_enum ssl_verify_callbacks[] = {
+ {"None", SSL_TEST_VERIFY_NONE},
+ {"AcceptAll", SSL_TEST_VERIFY_ACCEPT_ALL},
+ {"RejectAll", SSL_TEST_VERIFY_REJECT_ALL},
+};
+
+__owur static int parse_client_verify_callback(SSL_TEST_CTX *test_ctx,
+ const char *value)
+{
+ int ret_value;
+ if (!parse_enum(ssl_verify_callbacks, OSSL_NELEM(ssl_verify_callbacks),
+ &ret_value, value)) {
+ return 0;
+ }
+ test_ctx->client_verify_callback = ret_value;
+ return 1;
+}
+
+const char *ssl_verify_callback_name(ssl_verify_callback_t callback)
+{
+ return enum_name(ssl_verify_callbacks, OSSL_NELEM(ssl_verify_callbacks),
+ callback);
+}
+
/*************************************************************/
/* Known test options and their corresponding parse methods. */
@@ -141,6 +170,7 @@ static const ssl_test_ctx_option ssl_test_ctx_options[] = {
{ "ClientAlert", &parse_client_alert },
{ "ServerAlert", &parse_server_alert },
{ "Protocol", &parse_protocol },
+ { "ClientVerifyCallback", &parse_client_verify_callback },
};
@@ -153,7 +183,6 @@ SSL_TEST_CTX *SSL_TEST_CTX_new()
SSL_TEST_CTX *ret;
ret = OPENSSL_zalloc(sizeof(*ret));
OPENSSL_assert(ret != NULL);
- ret->expected_result = SSL_TEST_SUCCESS;
return ret;
}