diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2023-02-01 15:50:54 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2023-04-18 09:09:27 +0200 |
commit | 154625e1090b18c8c306a6b7a6970dbab185c49d (patch) | |
tree | cda58717402e29705f8d0c9ca0bea6e66c5f23f5 /apps | |
parent | 7439661627b8009f69b13c57b7372286e85a2805 (diff) |
cmp_client_test.c: add tests for errors reported by server on subsequent requests in a transaction
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20257)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/cmp.c | 2 | ||||
-rw-r--r-- | apps/include/cmp_mock_srv.h | 2 | ||||
-rw-r--r-- | apps/lib/cmp_mock_srv.c | 28 |
3 files changed, 20 insertions, 12 deletions
diff --git a/apps/cmp.c b/apps/cmp.c index a184361ac7..11999ecaf5 100644 --- a/apps/cmp.c +++ b/apps/cmp.c @@ -1133,7 +1133,7 @@ static OSSL_CMP_SRV_CTX *setup_srv_ctx(ENGINE *engine) goto err; if (opt_send_error) - (void)ossl_cmp_mock_srv_set_send_error(srv_ctx, 1); + (void)ossl_cmp_mock_srv_set_sendError(srv_ctx, 1); if (opt_send_unprotected) (void)OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_UNPROTECTED_SEND, 1); diff --git a/apps/include/cmp_mock_srv.h b/apps/include/cmp_mock_srv.h index 6beba14735..9288181ad3 100644 --- a/apps/include/cmp_mock_srv.h +++ b/apps/include/cmp_mock_srv.h @@ -27,7 +27,7 @@ int ossl_cmp_mock_srv_set1_caPubsOut(OSSL_CMP_SRV_CTX *srv_ctx, STACK_OF(X509) *caPubs); int ossl_cmp_mock_srv_set_statusInfo(OSSL_CMP_SRV_CTX *srv_ctx, int status, int fail_info, const char *text); -int ossl_cmp_mock_srv_set_send_error(OSSL_CMP_SRV_CTX *srv_ctx, int val); +int ossl_cmp_mock_srv_set_sendError(OSSL_CMP_SRV_CTX *srv_ctx, int bodytype); int ossl_cmp_mock_srv_set_pollCount(OSSL_CMP_SRV_CTX *srv_ctx, int count); int ossl_cmp_mock_srv_set_checkAfterTime(OSSL_CMP_SRV_CTX *srv_ctx, int sec); diff --git a/apps/lib/cmp_mock_srv.c b/apps/lib/cmp_mock_srv.c index b7f8ae439e..e0fa4c5491 100644 --- a/apps/lib/cmp_mock_srv.c +++ b/apps/lib/cmp_mock_srv.c @@ -14,7 +14,7 @@ #include <openssl/cmp.h> #include <openssl/err.h> #include <openssl/cmperr.h> - + /* the context for the CMP mock server */ typedef struct { @@ -22,7 +22,7 @@ typedef struct STACK_OF(X509) *chainOut; /* chain of certOut to add to extraCerts field */ STACK_OF(X509) *caPubsOut; /* certs to return in caPubs field of ip msg */ OSSL_CMP_PKISI *statusOut; /* status for ip/cp/kup/rp msg unless polling */ - int sendError; /* send error response also on valid requests */ + int sendError; /* send error response on given request type */ OSSL_CMP_MSG *certReq; /* ir/cr/p10cr/kur remembered while polling */ int pollCount; /* number of polls before actual cert response */ int curr_pollCount; /* number of polls so far for current request */ @@ -53,7 +53,7 @@ static mock_srv_ctx *mock_srv_ctx_new(void) if ((ctx->statusOut = OSSL_CMP_PKISI_new()) == NULL) goto err; - ctx->sendError = 0; + ctx->sendError = -1; /* all other elements are initialized to 0 or NULL, respectively */ return ctx; @@ -129,7 +129,7 @@ int ossl_cmp_mock_srv_set_statusInfo(OSSL_CMP_SRV_CTX *srv_ctx, int status, return 1; } -int ossl_cmp_mock_srv_set_send_error(OSSL_CMP_SRV_CTX *srv_ctx, int val) +int ossl_cmp_mock_srv_set_sendError(OSSL_CMP_SRV_CTX *srv_ctx, int bodytype) { mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx); @@ -137,7 +137,8 @@ int ossl_cmp_mock_srv_set_send_error(OSSL_CMP_SRV_CTX *srv_ctx, int val) ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } - ctx->sendError = val != 0; + /* might check bodytype, but this would require exporting all body types */ + ctx->sendError = bodytype; return 1; } @@ -186,7 +187,8 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx, ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } - if (ctx->sendError) { + if (ctx->sendError == 1 + || ctx->sendError == OSSL_CMP_MSG_get_bodytype(cert_req)) { ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE); return NULL; } @@ -268,7 +270,8 @@ static OSSL_CMP_PKISI *process_rr(OSSL_CMP_SRV_CTX *srv_ctx, ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return NULL; } - if (ctx->sendError || ctx->certOut == NULL) { + if (ctx->certOut == NULL || ctx->sendError == 1 + || ctx->sendError == OSSL_CMP_MSG_get_bodytype(rr)) { ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE); return NULL; } @@ -299,7 +302,9 @@ static int process_genm(OSSL_CMP_SRV_CTX *srv_ctx, ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } - if (sk_OSSL_CMP_ITAV_num(in) > 1 || ctx->sendError) { + if (ctx->sendError == 1 + || ctx->sendError == OSSL_CMP_MSG_get_bodytype(genm) + || sk_OSSL_CMP_ITAV_num(in) > 1) { ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE); return 0; } @@ -368,7 +373,9 @@ static int process_certConf(OSSL_CMP_SRV_CTX *srv_ctx, ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } - if (ctx->sendError || ctx->certOut == NULL) { + if (ctx->sendError == 1 + || ctx->sendError == OSSL_CMP_MSG_get_bodytype(certConf) + || ctx->certOut == NULL) { ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE); return 0; } @@ -396,7 +403,8 @@ static int process_pollReq(OSSL_CMP_SRV_CTX *srv_ctx, ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); return 0; } - if (ctx->sendError) { + if (ctx->sendError == 1 + || ctx->sendError == OSSL_CMP_MSG_get_bodytype(pollReq)) { *certReq = NULL; ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE); return 0; |