summaryrefslogtreecommitdiffstats
path: root/test
diff options
context:
space:
mode:
authorMatt Caswell <matt@openssl.org>2020-04-03 16:40:00 +0200
committerMatt Caswell <matt@openssl.org>2020-04-20 12:25:56 +0200
commitfea4e2bd36584cebb79f45680c6da0c14fde3d1e (patch)
tree4a3225bbc0aace1da756638ce77b5fcd0506c86f /test
parentUpdate comment on crls_http_cb() as it does support non-blocking I/O since #1... (diff)
downloadopenssl-fea4e2bd36584cebb79f45680c6da0c14fde3d1e.tar.xz
openssl-fea4e2bd36584cebb79f45680c6da0c14fde3d1e.zip
Run ssl_test_new with a non-default library context
We also prepare the way for a future commit to run ssl_test_new with just the FIPS provider loaded. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11511)
Diffstat (limited to 'test')
-rw-r--r--test/recipes/80-test_ssl_new.t3
-rw-r--r--test/ssl_test.c47
2 files changed, 39 insertions, 11 deletions
diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t
index 3b1857cc79..5ee872557d 100644
--- a/test/recipes/80-test_ssl_new.t
+++ b/test/recipes/80-test_ssl_new.t
@@ -145,7 +145,8 @@ sub test_conf {
skip "No tests available; skipping tests", 1 if $skip;
skip "Stale sources; skipping tests", 1 if !$run_test;
- ok(run(test(["ssl_test", $output_file])), "running ssl_test $conf");
+ ok(run(test(["ssl_test", $output_file, "default"])),
+ "running ssl_test $conf");
}
}
diff --git a/test/ssl_test.c b/test/ssl_test.c
index e6ce9a6741..6715cd69d5 100644
--- a/test/ssl_test.c
+++ b/test/ssl_test.c
@@ -13,12 +13,15 @@
#include <openssl/conf.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
+#include <openssl/provider.h>
#include "handshake_helper.h"
#include "ssl_test_ctx.h"
#include "testutil.h"
static CONF *conf = NULL;
+static OSSL_PROVIDER *defctxnull = NULL, *thisprov = NULL;
+static OPENSSL_CTX *libctx = NULL;
/* Currently the section names are of the form test-<number>, e.g. test-15. */
#define MAX_TESTCASE_NAME_LENGTH 100
@@ -405,22 +408,26 @@ static int test_handshake(int idx)
#ifndef OPENSSL_NO_DTLS
if (test_ctx->method == SSL_TEST_METHOD_DTLS) {
- server_ctx = SSL_CTX_new(DTLS_server_method());
+ server_ctx = SSL_CTX_new_with_libctx(libctx, NULL, DTLS_server_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0)))
goto err;
if (test_ctx->extra.server.servername_callback !=
SSL_TEST_SERVERNAME_CB_NONE) {
- if (!TEST_ptr(server2_ctx = SSL_CTX_new(DTLS_server_method())))
+ if (!TEST_ptr(server2_ctx =
+ SSL_CTX_new_with_libctx(libctx, NULL,
+ DTLS_server_method())))
goto err;
}
- client_ctx = SSL_CTX_new(DTLS_client_method());
+ client_ctx = SSL_CTX_new_with_libctx(libctx, NULL, DTLS_client_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0)))
goto err;
if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) {
- resume_server_ctx = SSL_CTX_new(DTLS_server_method());
+ resume_server_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
+ DTLS_server_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0)))
goto err;
- resume_client_ctx = SSL_CTX_new(DTLS_client_method());
+ resume_client_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
+ DTLS_client_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0)))
goto err;
if (!TEST_ptr(resume_server_ctx)
@@ -430,26 +437,30 @@ static int test_handshake(int idx)
}
#endif
if (test_ctx->method == SSL_TEST_METHOD_TLS) {
- server_ctx = SSL_CTX_new(TLS_server_method());
+ server_ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_server_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0)))
goto err;
/* SNI on resumption isn't supported/tested yet. */
if (test_ctx->extra.server.servername_callback !=
SSL_TEST_SERVERNAME_CB_NONE) {
- if (!TEST_ptr(server2_ctx = SSL_CTX_new(TLS_server_method())))
+ if (!TEST_ptr(server2_ctx =
+ SSL_CTX_new_with_libctx(libctx, NULL,
+ TLS_server_method())))
goto err;
if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx, 0)))
goto err;
}
- client_ctx = SSL_CTX_new(TLS_client_method());
+ client_ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_client_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0)))
goto err;
if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) {
- resume_server_ctx = SSL_CTX_new(TLS_server_method());
+ resume_server_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
+ TLS_server_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0)))
goto err;
- resume_client_ctx = SSL_CTX_new(TLS_client_method());
+ resume_client_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
+ TLS_client_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0)))
goto err;
if (!TEST_ptr(resume_server_ctx)
@@ -505,6 +516,7 @@ OPT_TEST_DECLARE_USAGE("conf_file\n")
int setup_tests(void)
{
long num_tests;
+ const char *modulename;
if (!test_skip_common_options()) {
TEST_error("Error parsing test options\n");
@@ -518,6 +530,18 @@ int setup_tests(void)
&num_tests), 0))
return 0;
+ if (!TEST_ptr(modulename = test_get_argument(1)))
+ return 0;
+
+ defctxnull = OSSL_PROVIDER_load(NULL, "null");
+ libctx = OPENSSL_CTX_new();
+ if (!TEST_ptr(libctx))
+ return 0;
+
+ thisprov = OSSL_PROVIDER_load(libctx, modulename);
+ if (!TEST_ptr(thisprov))
+ return 0;
+
ADD_ALL_TESTS(test_handshake, (int)num_tests);
return 1;
}
@@ -525,4 +549,7 @@ int setup_tests(void)
void cleanup_tests(void)
{
NCONF_free(conf);
+ OSSL_PROVIDER_unload(defctxnull);
+ OSSL_PROVIDER_unload(thisprov);
+ OPENSSL_CTX_free(libctx);
}