Don't offer or accept ciphersuites that we can't support

[openssl.git] / test / verify_extra_test.c

diff --git a/test/verify_extra_test.c b/test/verify_extra_test.c
index d1da7303b72cef5437ed7ebf7e4e431b2f0519cd..6cce626026ff07bd67de226deafbcb7c2d694df8 100644 (file)
--- a/test/verify_extra_test.c
+++ b/test/verify_extra_test.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -16,6 +16,8 @@
 #include <openssl/err.h>
 #include "testutil.h"
 
+DEFINE_STACK_OF(X509)
+
 static const char *roots_f;
 static const char *untrusted_f;
 static const char *bad_f;
@@ -179,15 +181,13 @@ static int test_store_ctx(void)
 
 OPT_TEST_DECLARE_USAGE("roots.pem untrusted.pem bad.pem\n")
 
-#ifndef OPENSSL_NO_SM2
-static int test_sm2_id(void)
+static int test_distinguishing_id(void)
 {
-    /* we only need an X509 structure, no matter if it's a real SM2 cert */
     X509 *x = NULL;
     BIO *bio = NULL;
     int ret = 0;
     ASN1_OCTET_STRING *v = NULL, *v2 = NULL;
-    char *sm2id = "this is an ID";
+    char *distid = "this is an ID";
 
     bio = BIO_new_file(bad_f, "r");
     if (bio == NULL)
@@ -201,14 +201,15 @@ static int test_sm2_id(void)
     if (v == NULL)
         goto err;
 
-    if (!ASN1_OCTET_STRING_set(v, (unsigned char *)sm2id, (int)strlen(sm2id))) {
+    if (!ASN1_OCTET_STRING_set(v, (unsigned char *)distid,
+                               (int)strlen(distid))) {
         ASN1_OCTET_STRING_free(v);
         goto err;
     }
 
-    X509_set0_sm2_id(x, v);
+    X509_set0_distinguishing_id(x, v);
 
-    v2 = X509_get0_sm2_id(x);
+    v2 = X509_get0_distinguishing_id(x);
     if (!TEST_ptr(v2)
             || !TEST_int_eq(ASN1_OCTET_STRING_cmp(v, v2), 0))
         goto err;
@@ -220,14 +221,13 @@ static int test_sm2_id(void)
     return ret;
 }
 
-static int test_req_sm2_id(void)
+static int test_req_distinguishing_id(void)
 {
-    /* we only need an X509_REQ structure, no matter if it's a real SM2 cert */
     X509_REQ *x = NULL;
     BIO *bio = NULL;
     int ret = 0;
     ASN1_OCTET_STRING *v = NULL, *v2 = NULL;
-    char *sm2id = "this is an ID";
+    char *distid = "this is an ID";
 
     bio = BIO_new_file(req_f, "r");
     if (bio == NULL)
@@ -241,14 +241,15 @@ static int test_req_sm2_id(void)
     if (v == NULL)
         goto err;
 
-    if (!ASN1_OCTET_STRING_set(v, (unsigned char *)sm2id, (int)strlen(sm2id))) {
+    if (!ASN1_OCTET_STRING_set(v, (unsigned char *)distid,
+                               (int)strlen(distid))) {
         ASN1_OCTET_STRING_free(v);
         goto err;
     }
 
-    X509_REQ_set0_sm2_id(x, v);
+    X509_REQ_set0_distinguishing_id(x, v);
 
-    v2 = X509_REQ_get0_sm2_id(x);
+    v2 = X509_REQ_get0_distinguishing_id(x);
     if (!TEST_ptr(v2)
             || !TEST_int_eq(ASN1_OCTET_STRING_cmp(v, v2), 0))
         goto err;
@@ -259,10 +260,14 @@ static int test_req_sm2_id(void)
     BIO_free(bio);
     return ret;
 }
-#endif
 
 int setup_tests(void)
 {
+    if (!test_skip_common_options()) {
+        TEST_error("Error parsing test options\n");
+        return 0;
+    }
+
     if (!TEST_ptr(roots_f = test_get_argument(0))
             || !TEST_ptr(untrusted_f = test_get_argument(1))
             || !TEST_ptr(bad_f = test_get_argument(2))
@@ -271,9 +276,7 @@ int setup_tests(void)
 
     ADD_TEST(test_alt_chains_cert_forgery);
     ADD_TEST(test_store_ctx);
-#ifndef OPENSSL_NO_SM2
-    ADD_TEST(test_sm2_id);
-    ADD_TEST(test_req_sm2_id);
-#endif
+    ADD_TEST(test_distinguishing_id);
+    ADD_TEST(test_req_distinguishing_id);
     return 1;
 }