X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=test%2Fverify_extra_test.c;h=bfbe5c02f15ff0a1d7eab307361e8d094af923cd;hp=08509f0131945264b81c8d00b365b68719744057;hb=d734582275aa29ef839af2130ae84af20b84425e;hpb=593e9c638c58e1a510c519db0d024527113330f3 diff --git a/test/verify_extra_test.c b/test/verify_extra_test.c index 08509f0131..bfbe5c02f1 100644 --- a/test/verify_extra_test.c +++ b/test/verify_extra_test.c @@ -1,58 +1,10 @@ /* - * Written by Matt Caswell for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include @@ -130,7 +82,9 @@ static STACK_OF(X509) *load_certs_from_file(const char *filename) * CA=FALSE, and will therefore incorrectly verify bad * */ -static int test_alt_chains_cert_forgery(void) +static int test_alt_chains_cert_forgery(const char *roots_f, + const char *untrusted_f, + const char *bad_f) { int ret = 0; int i; @@ -148,15 +102,15 @@ static int test_alt_chains_cert_forgery(void) lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()); if (lookup == NULL) goto err; - if(!X509_LOOKUP_load_file(lookup, "certs/roots.pem", X509_FILETYPE_PEM)) + if (!X509_LOOKUP_load_file(lookup, roots_f, X509_FILETYPE_PEM)) goto err; - untrusted = load_certs_from_file("certs/untrusted.pem"); + untrusted = load_certs_from_file(untrusted_f); - if ((bio = BIO_new_file("certs/bad.pem", "r")) == NULL) + if ((bio = BIO_new_file(bad_f, "r")) == NULL) goto err; - if((x = PEM_read_bio_X509(bio, NULL, 0, NULL)) == NULL) + if ((x = PEM_read_bio_X509(bio, NULL, 0, NULL)) == NULL) goto err; sctx = X509_STORE_CTX_new(); @@ -168,7 +122,7 @@ static int test_alt_chains_cert_forgery(void) i = X509_verify_cert(sctx); - if(i == 0 && X509_STORE_CTX_get_error(sctx) == X509_V_ERR_INVALID_CA) { + if (i == 0 && X509_STORE_CTX_get_error(sctx) == X509_V_ERR_INVALID_CA) { /* This is the result we were expecting: Test passed */ ret = 1; } @@ -183,25 +137,25 @@ static int test_alt_chains_cert_forgery(void) return ret; } -int main(void) +int main(int argc, char **argv) { - CRYPTO_malloc_debug_init(); - CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); + CRYPTO_set_mem_debug(1); CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - ERR_load_crypto_strings(); - OpenSSL_add_all_digests(); + if (argc != 4) { + fprintf(stderr, "usage: verify_extra_test roots.pem untrusted.pem bad.pem\n"); + return 1; + } - if (!test_alt_chains_cert_forgery()) { + if (!test_alt_chains_cert_forgery(argv[1], argv[2], argv[3])) { fprintf(stderr, "Test alt chains cert forgery failed\n"); return 1; } - EVP_cleanup(); - CRYPTO_cleanup_all_ex_data(); - ERR_remove_thread_state(NULL); - ERR_free_strings(); - CRYPTO_mem_leaks_fp(stderr); +#ifndef OPENSSL_NO_CRYPTO_MDEBUG + if (CRYPTO_mem_leaks_fp(stderr) <= 0) + return 1; +#endif printf("PASS\n"); return 0;