diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/regress/lib/libcrypto/x509/bettertls/verify.c | 23 |
1 files changed, 11 insertions, 12 deletions
diff --git a/src/regress/lib/libcrypto/x509/bettertls/verify.c b/src/regress/lib/libcrypto/x509/bettertls/verify.c index 430fef75b3..ba76cc20fd 100644 --- a/src/regress/lib/libcrypto/x509/bettertls/verify.c +++ b/src/regress/lib/libcrypto/x509/bettertls/verify.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: verify.c,v 1.5 2020/10/02 07:53:58 tb Exp $ */ | 1 | /* $OpenBSD: verify.c,v 1.6 2020/10/03 15:19:47 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| @@ -83,8 +83,7 @@ verify_cert_cb(int ok, X509_STORE_CTX *xsc) | |||
| 83 | current_cert = X509_STORE_CTX_get_current_cert(xsc); | 83 | current_cert = X509_STORE_CTX_get_current_cert(xsc); |
| 84 | if (current_cert != NULL) { | 84 | if (current_cert != NULL) { |
| 85 | X509_NAME_print_ex_fp(stderr, | 85 | X509_NAME_print_ex_fp(stderr, |
| 86 | X509_get_subject_name(current_cert), 0, | 86 | X509_get_subject_name(current_cert), 0, XN_FLAG_ONELINE); |
| 87 | XN_FLAG_ONELINE); | ||
| 88 | fprintf(stderr, "\n"); | 87 | fprintf(stderr, "\n"); |
| 89 | } | 88 | } |
| 90 | 89 | ||
| @@ -123,10 +122,10 @@ verify_cert(const char *roots_file, const char *bundle_file, | |||
| 123 | errx(1, "no certs in cert bundle %s", cert_file); | 122 | errx(1, "no certs in cert bundle %s", cert_file); |
| 124 | leaf = sk_X509_shift(cert); | 123 | leaf = sk_X509_shift(cert); |
| 125 | 124 | ||
| 126 | if ((xsc = X509_STORE_CTX_new()) == NULL) | 125 | if ((xsc = X509_STORE_CTX_new()) == NULL) |
| 127 | errx(1, "X509_STORE_CTX"); | 126 | errx(1, "X509_STORE_CTX"); |
| 128 | 127 | ||
| 129 | if ((store = X509_STORE_new()) == NULL) | 128 | if ((store = X509_STORE_new()) == NULL) |
| 130 | errx(1, "X509_STORE"); | 129 | errx(1, "X509_STORE"); |
| 131 | 130 | ||
| 132 | if (!X509_STORE_CTX_init(xsc, store, leaf, bundle)) { | 131 | if (!X509_STORE_CTX_init(xsc, store, leaf, bundle)) { |
| @@ -154,10 +153,10 @@ verify_cert(const char *roots_file, const char *bundle_file, | |||
| 154 | if (X509_verify_cert(xsc) == 1) | 153 | if (X509_verify_cert(xsc) == 1) |
| 155 | *dns = 1; | 154 | *dns = 1; |
| 156 | 155 | ||
| 157 | if ((xscip = X509_STORE_CTX_new()) == NULL) | 156 | if ((xscip = X509_STORE_CTX_new()) == NULL) |
| 158 | errx(1, "X509_STORE_CTX"); | 157 | errx(1, "X509_STORE_CTX"); |
| 159 | 158 | ||
| 160 | if ((storeip = X509_STORE_new()) == NULL) | 159 | if ((storeip = X509_STORE_new()) == NULL) |
| 161 | errx(1, "X509_STORE"); | 160 | errx(1, "X509_STORE"); |
| 162 | 161 | ||
| 163 | if (!X509_STORE_CTX_init(xscip, storeip, leaf, bundle)) { | 162 | if (!X509_STORE_CTX_init(xscip, storeip, leaf, bundle)) { |
| @@ -184,7 +183,7 @@ verify_cert(const char *roots_file, const char *bundle_file, | |||
| 184 | if (X509_verify_cert(xscip) == 1) | 183 | if (X509_verify_cert(xscip) == 1) |
| 185 | *ip = 1; | 184 | *ip = 1; |
| 186 | 185 | ||
| 187 | sk_X509_pop_free(roots, X509_free); | 186 | sk_X509_pop_free(roots, X509_free); |
| 188 | sk_X509_pop_free(bundle, X509_free); | 187 | sk_X509_pop_free(bundle, X509_free); |
| 189 | sk_X509_pop_free(cert, X509_free); | 188 | sk_X509_pop_free(cert, X509_free); |
| 190 | X509_STORE_free(store); | 189 | X509_STORE_free(store); |
| @@ -204,11 +203,11 @@ bettertls_cert_test(const char *certs_path) | |||
| 204 | if (asprintf(&roots_file, "%s/root.crt", certs_path) == -1) | 203 | if (asprintf(&roots_file, "%s/root.crt", certs_path) == -1) |
| 205 | errx(1, "asprintf"); | 204 | errx(1, "asprintf"); |
| 206 | 205 | ||
| 207 | for(i = 1;;i++) { | 206 | for(i = 1;; i++) { |
| 208 | int ip, dns; | 207 | int ip, dns; |
| 209 | struct stat sb; | 208 | struct stat sb; |
| 210 | if (asprintf(&cert_file, "%s/%d.crt", certs_path, i) == -1) | 209 | if (asprintf(&cert_file, "%s/%d.crt", certs_path, i) == -1) |
| 211 | errx(1, "asprintf"); | 210 | errx(1, "asprintf"); |
| 212 | if (asprintf(&bundle_file, "%s/%d.chain", certs_path, i) == -1) | 211 | if (asprintf(&bundle_file, "%s/%d.chain", certs_path, i) == -1) |
| 213 | errx(1, "asprintf"); | 212 | errx(1, "asprintf"); |
| 214 | if (stat(cert_file, &sb) == -1) | 213 | if (stat(cert_file, &sb) == -1) |
| @@ -243,10 +242,10 @@ main(int argc, char **argv) | |||
| 243 | fprintf(stdout, "{\"testVersion\":1,\"date\":%lld,\"userAgent\"" | 242 | fprintf(stdout, "{\"testVersion\":1,\"date\":%lld,\"userAgent\"" |
| 244 | ":\"LibreSSL OpenBSD 6.8\\n\",\"results\":[", time(NULL)); | 243 | ":\"LibreSSL OpenBSD 6.8\\n\",\"results\":[", time(NULL)); |
| 245 | 244 | ||
| 246 | bettertls_cert_test(argv[1]); | 245 | bettertls_cert_test(argv[1]); |
| 247 | 246 | ||
| 248 | if (json) | 247 | if (json) |
| 249 | fprintf(stdout, "],\"osVersion\":\"OpenBSD 6.7\\n\"}\n"); | 248 | fprintf(stdout, "],\"osVersion\":\"OpenBSD 6.7\\n\"}\n"); |
| 250 | 249 | ||
| 251 | return 0; | 250 | return 0; |
| 252 | } | 251 | } |