diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2022-11-25 10:43:12 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2023-01-23 10:54:29 +0100 |
commit | b908ec0f217da0a23f9d81442f81d44c94c98f23 (patch) | |
tree | f41831e2c1fef85c95e2b629d6b575ba5e044385 /crypto | |
parent | 5acd4007a0646ef1f9d0015ce438b891d1b24a62 (diff) |
cmp_client_test.c: add tests for end_time being initialized for RR/GENM
To this end, tweak the internal handling of ctx->total_timeout.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19391)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/cmp/cmp_client.c | 10 | ||||
-rw-r--r-- | crypto/cmp/cmp_ctx.c | 4 |
2 files changed, 9 insertions, 5 deletions
diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c index 800f22316c..8f89f4a5f8 100644 --- a/crypto/cmp/cmp_client.c +++ b/crypto/cmp/cmp_client.c @@ -139,7 +139,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req, *rep = NULL; msg_timeout = ctx->msg_timeout; /* backup original value */ - if (is_enrollment && ctx->total_timeout > 0 /* timeout is not infinite */) { + if (is_enrollment && ctx->total_timeout != 0 /* timeout not infinite */) { if (now >= ctx->end_time) { ERR_raise(ERR_LIB_CMP, CMP_R_TOTAL_TIMEOUT); return 0; @@ -164,7 +164,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req, if (*rep == NULL) { ERR_raise_data(ERR_LIB_CMP, - ctx->total_timeout > 0 && time(NULL) >= ctx->end_time ? + ctx->total_timeout != 0 && time(NULL) >= ctx->end_time ? CMP_R_TOTAL_TIMEOUT : CMP_R_TRANSFER_ERROR, "request sent: %s, expected response: %s", req_type_str, expected_type_str); @@ -236,7 +236,7 @@ static int send_receive_check(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *req, * On receiving a pollRep, which includes a checkAfter value, it return this * value if sleep == 0, else it sleeps as long as indicated and retries. * - * A transaction timeout is enabled if ctx->total_timeout is > 0. + * A transaction timeout is enabled if ctx->total_timeout is != 0. * In this case polling will continue until the timeout is reached and then * polling is done a last time even if this is before the "checkAfter" time. * @@ -308,7 +308,7 @@ static int poll_for_response(OSSL_CMP_CTX *ctx, int sleep, int rid, "received polling response%s; checkAfter = %ld seconds", str, check_after); - if (ctx->total_timeout > 0) { /* timeout is not infinite */ + if (ctx->total_timeout != 0) { /* timeout is not infinite */ const int exp = 5; /* expected max time per msg round trip */ int64_t time_left = (int64_t)(ctx->end_time - exp - time(NULL)); @@ -646,7 +646,7 @@ static int initial_certreq(OSSL_CMP_CTX *ctx, if (!ossl_cmp_ctx_set0_newCert(ctx, NULL)) return 0; - if (ctx->total_timeout > 0) /* else ctx->end_time is not used */ + if (ctx->total_timeout != 0) /* else ctx->end_time is not used */ ctx->end_time = time(NULL) + ctx->total_timeout; /* also checks if all necessary options are set */ diff --git a/crypto/cmp/cmp_ctx.c b/crypto/cmp/cmp_ctx.c index dcad9c8941..d01be8ebc7 100644 --- a/crypto/cmp/cmp_ctx.c +++ b/crypto/cmp/cmp_ctx.c @@ -919,9 +919,13 @@ int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val) ctx->keep_alive = val; break; case OSSL_CMP_OPT_MSG_TIMEOUT: + if (val < 0) + val = 0; ctx->msg_timeout = val; break; case OSSL_CMP_OPT_TOTAL_TIMEOUT: + if (val < 0) + val = 0; ctx->total_timeout = val; break; case OSSL_CMP_OPT_PERMIT_TA_IN_EXTRACERTS_FOR_IR: |