diff options
author | Tomas Mraz <tomas@openssl.org> | 2024-05-02 15:58:11 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-05-09 09:20:58 +0200 |
commit | 3e191f487907a474b6bd6e497043d1560972e7d7 (patch) | |
tree | 0946aa3bd87fc26fd5b7f8272ca7d89249ac7287 /test/recipes | |
parent | 64bfdebdc049ee2ad5ca6456b87abbd67e6d5479 (diff) |
Add tests for conf_diagnostics
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24275)
Diffstat (limited to 'test/recipes')
-rw-r--r-- | test/recipes/90-test_sysdefault.t | 14 | ||||
-rw-r--r-- | test/recipes/90-test_sysdefault_data/sysdefault-bad.cnf | 23 | ||||
-rw-r--r-- | test/recipes/90-test_sysdefault_data/sysdefault-ignore.cnf | 23 | ||||
-rw-r--r-- | test/recipes/90-test_sysdefault_data/sysdefault.cnf | 23 |
4 files changed, 80 insertions, 3 deletions
diff --git a/test/recipes/90-test_sysdefault.t b/test/recipes/90-test_sysdefault.t index 308a592aba..6984bc1067 100644 --- a/test/recipes/90-test_sysdefault.t +++ b/test/recipes/90-test_sysdefault.t @@ -8,7 +8,7 @@ use OpenSSL::Test::Utils; -use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test qw/:DEFAULT data_file/; my $test_name = "test_sysdefault"; setup($test_name); @@ -16,8 +16,16 @@ setup($test_name); plan skip_all => "$test_name is not supported in this build" if disabled("tls1_2") || disabled("rsa"); -plan tests => 1; +plan tests => 3; -$ENV{OPENSSL_CONF} = srctop_file("test", "sysdefault.cnf"); +$ENV{OPENSSL_CONF} = data_file("sysdefault.cnf"); + +ok(run(test(["sysdefaulttest"])), "sysdefaulttest"); + +$ENV{OPENSSL_CONF} = data_file("sysdefault-bad.cnf"); + +ok(!run(test(["sysdefaulttest"])), "sysdefaulttest"); + +$ENV{OPENSSL_CONF} = data_file("sysdefault-ignore.cnf"); ok(run(test(["sysdefaulttest"])), "sysdefaulttest"); diff --git a/test/recipes/90-test_sysdefault_data/sysdefault-bad.cnf b/test/recipes/90-test_sysdefault_data/sysdefault-bad.cnf new file mode 100644 index 0000000000..1c8915074a --- /dev/null +++ b/test/recipes/90-test_sysdefault_data/sysdefault-bad.cnf @@ -0,0 +1,23 @@ +# Configuration file to test system default SSL configuration + +# Comment out the next line to ignore configuration errors +config_diagnostics = 1 + +openssl_conf = default_conf + +[ default_conf ] + +ssl_conf = ssl_sect +oid_section = oid_sect + +[oid_sect] +new-sig-oid = 1.1.1.1.1.1.1.1.1.1.1.1.1.1 + +[ssl_sect] + +system_default = ssl_default_sect + +[ssl_default_sect] +SignatureAlgorithms = RSA+SHA256:nonex +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 diff --git a/test/recipes/90-test_sysdefault_data/sysdefault-ignore.cnf b/test/recipes/90-test_sysdefault_data/sysdefault-ignore.cnf new file mode 100644 index 0000000000..2b04caf83f --- /dev/null +++ b/test/recipes/90-test_sysdefault_data/sysdefault-ignore.cnf @@ -0,0 +1,23 @@ +# Configuration file to test system default SSL configuration + +# We ignore configuration errors with config_diagnostics unset +# config_diagnostics = 1 + +openssl_conf = default_conf + +[ default_conf ] + +ssl_conf = ssl_sect +oid_section = oid_sect + +[oid_sect] +new-sig-oid = 1.1.1.1.1.1.1.1.1.1.1.1.1.1 + +[ssl_sect] + +system_default = ssl_default_sect + +[ssl_default_sect] +SignatureAlgorithms = RSA+SHA256:nonex +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 diff --git a/test/recipes/90-test_sysdefault_data/sysdefault.cnf b/test/recipes/90-test_sysdefault_data/sysdefault.cnf new file mode 100644 index 0000000000..f2cfa10f55 --- /dev/null +++ b/test/recipes/90-test_sysdefault_data/sysdefault.cnf @@ -0,0 +1,23 @@ +# Configuration file to test system default SSL configuration + +# Comment out the next line to ignore configuration errors +config_diagnostics = 1 + +openssl_conf = default_conf + +[ default_conf ] + +ssl_conf = ssl_sect +oid_section = oid_sect + +[oid_sect] +new-sig-oid = 1.1.1.1.1.1.1.1.1.1.1.1.1.1 + +[ssl_sect] + +system_default = ssl_default_sect + +[ssl_default_sect] +SignatureAlgorithms = RSA+SHA256:?nonex +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 |