summaryrefslogtreecommitdiffstats
path: root/test/recipes/80-test_ocsp.t
AgeCommit message (Collapse)Author
2022-05-03Update copyright yearMatt Caswell
Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
2022-05-03Test ocsp with invalid responses and the "-no_cert_checks" optionMatt Caswell
The "-no_cert_checks" option causes the flag OCSP_NOCHECKS to be set. The bug fixed in the previous commit will cause the ocsp app to respond with a success result in the case when the OCSP response signing certificate fails to verify and -no_cert_checks is used - so we test that it fails in this case. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
2021-07-29Update copyright yearMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16176)
2021-06-19test: replace tabs with spaces in test recipesPauli
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15824)
2020-06-23TEST: Pass -no-CAstore in 80-test_ocsp.tSebastian Andrzej Siewior
Without passing -no-CAstore the default CAstore will be used and the testsuite will fail the system has certificates installed. Fixes: #11645 Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12171)
2020-04-23Update copyright yearMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
2020-02-18TEST: Modify test/recipes/80-test_ocsp.t to leave artifacts behindRichard Levitte
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11080)
2018-12-06Following the license change, modify the boilerplates in test/Richard Levitte
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7767)
2017-11-11Add OCSP API test executableBenjamin Kaduk
Some of the OCSP APIs (such as the recently added OCSP_resp_get0_signer) do not really merit inclusion in the ocsp(1) utility, but we should still have unit tests for them. For now, only test OCSP_resp_get0_signer(), but it should be easy to add more tests in the future. Provide an X509 cert and private key in the test's data directory to use for signing responses, since constructing those on the fly is more effort than is needed. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4573)
2017-08-16Fix OCSP_basic_verify() cert chain construction in case bs->certs is NULLDavid von Oheimb
Now the certs arg is not any more neglected when building the signer cert chain. Added case to test/recipes/80-test_ocsp.t proving fix for 3-level CA hierarchy. See also http://rt.openssl.org/Ticket/Display.html?id=4620 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4124)
2016-04-22Unified copyright for test recipesRich Salz
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-06Fix no-ocspMatt Caswell
Misc fixes for no-ocsp Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-09unified build scheme: adjust test framework for out of source build treeRichard Levitte
To be able to run tests when we've built in a directory other than the source tree, the testing framework needs a few adjustments. test/testlib/OpenSSL/Test.pm needs to know where it can find shlib_wrap.sh, and a number of other tests need to be told a different place to find engines than what they may be able to figure out on their own. Relying to $TOP is not enough, $SRCTOP and $BLDTOP can be used as an alternative. As part of this change, top_file and top_dir are removed and srctop_file, bldtop_file, srctop_dir and bldtop_dir take their place. Reviewed-by: Ben Laurie <ben@openssl.org>
2016-01-13Pipes on VMS do not work well with binary data, use an intermediary fileRichard Levitte
VMS being a record oriented operating system, it's uncertain how the 'pipe' passes binary data from one process to another. Experience shows that we get in trouble, and it's probably due to the pipe in itself being opened in text mode (variable length records). It's safer to pass data via an intermediary file instead. Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-25Fix the OCSP test on WindowsMatt Caswell
The windows test uses the pseudo file "nul" to indicate no file for the -CApath option. This does not work on all versions of Windows. Instead use the new -no-CApath option. Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-09-07Change OpenSSL::Test to be an extension of Test::MoreRichard Levitte
It became tedious as well as error prone to have all recipes use Test::More as well as OpenSSL::Test. The easier way is to make OpenSSL::Test an extension of Test::More, thereby having all version checks as well as future checks firmly there. Additionally, that allows us to extend existing Test::More functions if the need would arise. Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-07Add version numbers on some modules we use.Richard Levitte
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-07Add recipes for the larger protocolsRichard Levitte
This covers the certificate authority commands, the cms and smime commands, OCSP, SSL and TSA. Reviewed-by: Rich Salz <rsalz@openssl.org>
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-08 15:32:04 +0000