diff options
| author | beck <> | 2021-08-30 06:51:36 +0000 |
|---|---|---|
| committer | beck <> | 2021-08-30 06:51:36 +0000 |
| commit | e0c2d897b0129c94326b52a6000f35dc5458eee7 (patch) | |
| tree | 4c24dae3f380d35eec3fa93d5f2b791bd195edac /src/regress | |
| parent | b107f33a109e9b33061c906a9df402295f24b822 (diff) | |
| download | openbsd-e0c2d897b0129c94326b52a6000f35dc5458eee7.tar.gz openbsd-e0c2d897b0129c94326b52a6000f35dc5458eee7.tar.bz2 openbsd-e0c2d897b0129c94326b52a6000f35dc5458eee7.zip | |
Fix Jan's regress in openssl/x509 to do what it says it does,
then fix the only thing it still has complaints about which
is that we don't return the leaf version of the error code
when we can't verify the leaf (as opposed to the rest of the chain)
ok jan@ tb@
Diffstat (limited to 'src/regress')
| -rw-r--r-- | src/regress/usr.bin/openssl/x509/Makefile | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/src/regress/usr.bin/openssl/x509/Makefile b/src/regress/usr.bin/openssl/x509/Makefile index e091b7b0d5..b022974dcb 100644 --- a/src/regress/usr.bin/openssl/x509/Makefile +++ b/src/regress/usr.bin/openssl/x509/Makefile | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: Makefile,v 1.7 2021/08/29 15:52:47 tb Exp $ | 1 | # $OpenBSD: Makefile,v 1.8 2021/08/30 06:51:36 beck Exp $ |
| 2 | 2 | ||
| 3 | # Copyright (c) 2021 Jan Klemkow <j.klemkow@wemelug.de> | 3 | # Copyright (c) 2021 Jan Klemkow <j.klemkow@wemelug.de> |
| 4 | # | 4 | # |
| @@ -42,10 +42,6 @@ REGRESS_TARGETS += test-alternative-chain | |||
| 42 | REGRESS_CLEANUP = cleanup-ssl | 42 | REGRESS_CLEANUP = cleanup-ssl |
| 43 | REGRESS_SETUP_ONCE = create-libressl-test-certs | 43 | REGRESS_SETUP_ONCE = create-libressl-test-certs |
| 44 | 44 | ||
| 45 | REGRESS_EXPECTED_FAILURES += test-inlabel-wildcard-cert-no-CA-client | ||
| 46 | REGRESS_EXPECTED_FAILURES += test-unusual-wildcard-cert-no-CA-client | ||
| 47 | REGRESS_EXPECTED_FAILURES += test-common-wildcard-cert-no-CA-client | ||
| 48 | REGRESS_EXPECTED_FAILURES += test-common-wildcard-cert-CA-client | ||
| 49 | 45 | ||
| 50 | create-libressl-test-certs: create-libressl-test-certs.pl | 46 | create-libressl-test-certs: create-libressl-test-certs.pl |
| 51 | ${PERL} ${.CURDIR}/$@.pl | 47 | ${PERL} ${.CURDIR}/$@.pl |
| @@ -92,14 +88,14 @@ test-common-wildcard-cert-no-CA-client: | |||
| 92 | test-common-wildcard-cert-CA-client: | 88 | test-common-wildcard-cert-CA-client: |
| 93 | # common wildcard cert, CA given to client | 89 | # common wildcard cert, CA given to client |
| 94 | # start server | 90 | # start server |
| 95 | ${OPENSSL} s_server -quiet -naccept 1 -cert server-unusual-wildcard.pem \ | 91 | ${OPENSSL} s_server -quiet -naccept 1 -cert server-common-wildcard.pem \ |
| 96 | -key server-unusual-wildcard.pem & \ | 92 | -key server-common-wildcard.pem & \ |
| 97 | timeout=$$(($$(date +%s) + 5)); \ | 93 | timeout=$$(($$(date +%s) + 5)); \ |
| 98 | while fstat -p $$! | ! grep -q 'tcp .* \*:4433$$'; \ | 94 | while fstat -p $$! | ! grep -q 'tcp .* \*:4433$$'; \ |
| 99 | do test $$(date +%s) -lt $$timeout || exit 1; done | 95 | do test $$(date +%s) -lt $$timeout || exit 1; done |
| 100 | # start client | 96 | # start client |
| 101 | echo Q | ${OPENSSL} s_client -CAfile caR.pem \ | 97 | echo Q | ${OPENSSL} s_client -CAfile caR.pem \ |
| 102 | | grep "Verify return code: 21" | 98 | | grep "Verify return code: 0" |
| 103 | 99 | ||
| 104 | test-verify-unusual-wildcard-cert: | 100 | test-verify-unusual-wildcard-cert: |
| 105 | # openssl verify, unusual wildcard cert | 101 | # openssl verify, unusual wildcard cert |