diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2022-11-25 10:43:12 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2023-01-23 10:56:58 +0100 |
commit | bf277d54f93df71ee84cf42dc313ad438723223b (patch) | |
tree | 813bb2c97655cd2e32971aba19029021916caa1e /crypto | |
parent | de107d4c94bf1167faf4c723d4b0a7b15ba0a861 (diff) |
cmp_client_test.c: add tests for end_time being initialized for RR/GENM
To this end, tweak the internal handling of ctx->total_timeout.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19391)
(cherry picked from commit b908ec0f217da0a23f9d81442f81d44c94c98f23)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/cmp/cmp_client.c | 10 | ||||
-rw-r--r-- | crypto/cmp/cmp_ctx.c | 4 |
2 files changed, 9 insertions, 5 deletions
diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c index f66381c04a..3fff85d99e 100644 --- a/crypto/cmp/cmp_client.c +++ b/crypto/cmp/cmp_client.c @@ -140,7 +140,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req, *rep = NULL; msg_timeout = ctx->msg_timeout; /* backup original value */ - if (is_enrollment && ctx->total_timeout > 0 /* timeout is not infinite */) { + if (is_enrollment && ctx->total_timeout != 0 /* timeout not infinite */) { if (now >= ctx->end_time) { ERR_raise(ERR_LIB_CMP, CMP_R_TOTAL_TIMEOUT); return 0; @@ -165,7 +165,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req, if (*rep == NULL) { ERR_raise_data(ERR_LIB_CMP, - ctx->total_timeout > 0 && time(NULL) >= ctx->end_time ? + ctx->total_timeout != 0 && time(NULL) >= ctx->end_time ? CMP_R_TOTAL_TIMEOUT : CMP_R_TRANSFER_ERROR, "request sent: %s, expected response: %s", req_type_str, expected_type_str); @@ -237,7 +237,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req, * On receiving a pollRep, which includes a checkAfter value, it return this * value if sleep == 0, else it sleeps as long as indicated and retries. * - * A transaction timeout is enabled if ctx->total_timeout is > 0. + * A transaction timeout is enabled if ctx->total_timeout is != 0. * In this case polling will continue until the timeout is reached and then * polling is done a last time even if this is before the "checkAfter" time. * @@ -309,7 +309,7 @@ static int poll_for_response(OSSL_CMP_CTX *ctx, int sleep, int rid, "received polling response%s; checkAfter = %ld seconds", str, check_after); - if (ctx->total_timeout > 0) { /* timeout is not infinite */ + if (ctx->total_timeout != 0) { /* timeout is not infinite */ const int exp = 5; /* expected max time per msg round trip */ int64_t time_left = (int64_t)(ctx->end_time - exp - time(NULL)); @@ -646,7 +646,7 @@ static int initial_certreq(OSSL_CMP_CTX *ctx, if (!ossl_cmp_ctx_set0_newCert(ctx, NULL)) return 0; - if (ctx->total_timeout > 0) /* else ctx->end_time is not used */ + if (ctx->total_timeout != 0) /* else ctx->end_time is not used */ ctx->end_time = time(NULL) + ctx->total_timeout; /* also checks if all necessary options are set */ diff --git a/crypto/cmp/cmp_ctx.c b/crypto/cmp/cmp_ctx.c index a83f9c68a1..505d227180 100644 --- a/crypto/cmp/cmp_ctx.c +++ b/crypto/cmp/cmp_ctx.c @@ -1077,9 +1077,13 @@ int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val) ctx->keep_alive = val; break; case OSSL_CMP_OPT_MSG_TIMEOUT: + if (val < 0) + val = 0; ctx->msg_timeout = val; break; case OSSL_CMP_OPT_TOTAL_TIMEOUT: + if (val < 0) + val = 0; ctx->total_timeout = val; break; case OSSL_CMP_OPT_PERMIT_TA_IN_EXTRACERTS_FOR_IR: |