Configure: avoid perl regexp bugs

[openssl.git] / test / sslprovidertest.c

diff --git a/test/sslprovidertest.c b/test/sslprovidertest.c
index 76a6f8f6b25fb01774102b411477aedcecf9bdd5..8bcfd5f94b787b62f0edb19ad50233afa37eac34 100644 (file)
--- a/test/sslprovidertest.c
+++ b/test/sslprovidertest.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -7,6 +7,7 @@
  * https://www.openssl.org/source/license.html
  */
 
+#include <string.h>
 #include <openssl/provider.h>
 
 #include "ssltestlib.h"
@@ -14,9 +15,10 @@
 
 static char *cert = NULL;
 static char *privkey = NULL;
+static char *modulename = NULL;
+static char *configfile = NULL;
 
-/* TODO(3.0): Re-enable this code. See comment in setup_tests() */
-OSSL_PROVIDER *defctxlegacy = NULL;
+static OSSL_PROVIDER *defctxlegacy = NULL;
 
 static int test_different_libctx(void)
 {
@@ -24,25 +26,38 @@ static int test_different_libctx(void)
     SSL *clientssl = NULL, *serverssl = NULL;
     int testresult = 0;
     OPENSSL_CTX *libctx = OPENSSL_CTX_new();
+    OSSL_PROVIDER *prov = NULL;
 
-    /* Verify that the default provider in the default libctx is not available */
-    if (!TEST_false(OSSL_PROVIDER_available(NULL, "default")))
+    /*
+     * Verify that the default and fips providers in the default libctx are not
+     * available
+     */
+    if (!TEST_false(OSSL_PROVIDER_available(NULL, "default"))
+            || !TEST_false(OSSL_PROVIDER_available(NULL, "fips")))
         goto end;
 
-    cctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_client_method());
-    if (!TEST_ptr(cctx))
+    if (!TEST_true(OPENSSL_CTX_load_config(libctx, configfile)))
         goto end;
-    sctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_server_method());
-    if (!TEST_ptr(sctx))
+
+    prov = OSSL_PROVIDER_load(libctx, modulename);
+    if (!TEST_ptr(prov)
+               /* Check we have the provider available */
+            || !TEST_true(OSSL_PROVIDER_available(libctx, modulename)))
         goto end;
+    /* Check the default provider is not available */
+    if (strcmp(modulename, "default") != 0
+            && !TEST_false(OSSL_PROVIDER_available(libctx, "default")))
+        goto end;
+    TEST_note("%s provider loaded", modulename);
 
     /*
      * TODO(3.0): Make this work in TLSv1.3. Currently we can only do RSA key
      * exchange, because we don't have key gen/param gen for EC yet - which
      * implies TLSv1.2 only
      */
-    if (!TEST_true(create_ssl_ctx_pair(NULL,
-                                       NULL,
+    if (!TEST_true(create_ssl_ctx_pair(libctx,
+                                       TLS_server_method(),
+                                       TLS_client_method(),
                                        TLS1_VERSION,
                                        TLS1_2_VERSION,
                                        &sctx, &cctx, cert, privkey)))
@@ -62,10 +77,11 @@ static int test_different_libctx(void)
         goto end;
 
     /*
-     * Verify that the default provider in the default libctx is still not
-     * available
+     * Verify that the default and fips providers in the default libctx are
+     * still not available
      */
-    if (!TEST_false(OSSL_PROVIDER_available(NULL, "default")))
+    if (!TEST_false(OSSL_PROVIDER_available(NULL, "default"))
+            || !TEST_false(OSSL_PROVIDER_available(NULL, "fips")))
         goto end;
 
     testresult = 1;
@@ -76,6 +92,7 @@ static int test_different_libctx(void)
     SSL_CTX_free(sctx);
     SSL_CTX_free(cctx);
 
+    OSSL_PROVIDER_unload(prov);
     OPENSSL_CTX_free(libctx);
 
     return testresult;
@@ -84,17 +101,15 @@ static int test_different_libctx(void)
 int setup_tests(void)
 {
     char *certsdir = NULL;
-    /*
-     * For tests in this file we want to ensure the default ctx does not have
-     * the default provider loaded into the default ctx. So we load "legacy" to
-     * prevent default from being auto-loaded. This tests that there is no
-     * "leakage", i.e. when using SSL_CTX_new_with_libctx() we expect only the
-     * specific libctx to be used - nothing should fall back to the default
-     * libctx
-     */
-    defctxlegacy = OSSL_PROVIDER_load(NULL, "legacy");
 
-    if (!TEST_ptr(certsdir = test_get_argument(0)))
+    if (!test_skip_common_options()) {
+        TEST_error("Error parsing test options\n");
+        return 0;
+    }
+
+    if (!TEST_ptr(certsdir = test_get_argument(0))
+            || !TEST_ptr(modulename = test_get_argument(1))
+            || !TEST_ptr(configfile = test_get_argument(2)))
         return 0;
 
     cert = test_mk_file_path(certsdir, "servercert.pem");
@@ -107,6 +122,16 @@ int setup_tests(void)
         return 0;
     }
 
+    /*
+     * For tests in this file we want to ensure the default ctx does not have
+     * the default provider loaded into the default ctx. So we load "legacy" to
+     * prevent default from being auto-loaded. This tests that there is no
+     * "leakage", i.e. when using SSL_CTX_new_with_libctx() we expect only the
+     * specific libctx to be used - nothing should fall back to the default
+     * libctx
+     */
+    defctxlegacy = OSSL_PROVIDER_load(NULL, "legacy");
+
     ADD_TEST(test_different_libctx);
 
     return 1;
@@ -114,6 +139,5 @@ int setup_tests(void)
 
 void cleanup_tests(void)
 {
-    /* TODO(3.0): Re-enable this code. See comment in setup_tests() */
     OSSL_PROVIDER_unload(defctxlegacy);
 }