diff options
Diffstat (limited to 'tests/set_x509_ocsp_multi_unknown.c')
-rw-r--r-- | tests/set_x509_ocsp_multi_unknown.c | 118 |
1 files changed, 83 insertions, 35 deletions
diff --git a/tests/set_x509_ocsp_multi_unknown.c b/tests/set_x509_ocsp_multi_unknown.c index 882edf1ee3..ddff1128aa 100644 --- a/tests/set_x509_ocsp_multi_unknown.c +++ b/tests/set_x509_ocsp_multi_unknown.c @@ -20,7 +20,7 @@ */ #ifdef HAVE_CONFIG_H -#include <config.h> +# include <config.h> #endif #include <stdio.h> @@ -31,9 +31,9 @@ #ifdef ENABLE_OCSP -#include "cert-common.h" -#include "ocsp-common.h" -#include "utils.h" +# include "cert-common.h" +# include "ocsp-common.h" +# include "utils.h" /* Tests whether setting an OCSP response to a server with multiple * certificate sets, is working as expected */ @@ -64,7 +64,8 @@ static void check_response(gnutls_session_t session, void *priv) fail("not expected response, but received one\n"); } - if (resp.size != exp_resp->size || memcmp(resp.data, exp_resp->data, resp.size) != 0) { + if (resp.size != exp_resp->size + || memcmp(resp.data, exp_resp->data, resp.size) != 0) { fail("did not receive the expected response\n"); } @@ -75,7 +76,9 @@ static void check_response(gnutls_session_t session, void *priv) fail("no intermediate response was received\n"); } - if (resp.size != ocsp_subca3_unknown.size || memcmp(resp.data, ocsp_subca3_unknown.data, resp.size) != 0) { + if (resp.size != ocsp_subca3_unknown.size + || memcmp(resp.data, ocsp_subca3_unknown.data, + resp.size) != 0) { fail("did not receive the expected intermediate response\n"); } } @@ -100,7 +103,7 @@ void doit(void) char certname2[TMPNAME_SIZE], ocspname2[TMPNAME_SIZE]; char ocspname3[TMPNAME_SIZE]; FILE *fp; - unsigned index1, index2; /* indexes of certs */ + unsigned index1, index2; /* indexes of certs */ global_init(); gnutls_global_set_time_function(mytime); @@ -120,12 +123,17 @@ void doit(void) fp = fopen(certfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite(server_localhost_ca3_cert_chain_pem, 1, strlen(server_localhost_ca3_cert_chain_pem), fp)>0); - assert(fwrite(server_ca3_key_pem, 1, strlen((char*)server_ca3_key_pem), fp)>0); + assert(fwrite + (server_localhost_ca3_cert_chain_pem, 1, + strlen(server_localhost_ca3_cert_chain_pem), fp) > 0); + assert(fwrite + (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); ret = gnutls_certificate_set_x509_key_file2(xcred, certfile1, certfile1, - GNUTLS_X509_FMT_PEM, NULL, 0); + GNUTLS_X509_FMT_PEM, NULL, + 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index1 = ret; @@ -136,26 +144,34 @@ void doit(void) fp = fopen(certfile2, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite(server_localhost6_ca3_cert_chain_pem, 1, strlen(server_localhost6_ca3_cert_chain_pem), fp)>0); - assert(fwrite(server_ca3_key_pem, 1, strlen((char*)server_ca3_key_pem), fp)>0); + assert(fwrite + (server_localhost6_ca3_cert_chain_pem, 1, + strlen(server_localhost6_ca3_cert_chain_pem), fp) > 0); + assert(fwrite + (server_ca3_key_pem, 1, strlen((char *)server_ca3_key_pem), + fp) > 0); fclose(fp); ret = gnutls_certificate_set_x509_key_file2(xcred, certfile2, certfile2, - GNUTLS_X509_FMT_PEM, NULL, 0); + GNUTLS_X509_FMT_PEM, NULL, + 0); if (ret < 0) fail("set_x509_key_file failed: %s\n", gnutls_strerror(ret)); index2 = ret; - /* set OCSP response1 */ ocspfile1 = get_tmpname(ocspname1); fp = fopen(ocspfile1, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite(ocsp_ca3_localhost_unknown.data, 1, ocsp_ca3_localhost_unknown.size, fp)>0); + assert(fwrite + (ocsp_ca3_localhost_unknown.data, 1, + ocsp_ca3_localhost_unknown.size, fp) > 0); fclose(fp); - ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, index1); + ret = + gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, + index1); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); @@ -164,10 +180,14 @@ void doit(void) fp = fopen(ocspfile2, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite(ocsp_ca3_localhost6_unknown.data, 1, ocsp_ca3_localhost6_unknown.size, fp)>0); + assert(fwrite + (ocsp_ca3_localhost6_unknown.data, 1, + ocsp_ca3_localhost6_unknown.size, fp) > 0); fclose(fp); - ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile2, index2); + ret = + gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile2, + index2); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); @@ -176,19 +196,29 @@ void doit(void) fp = fopen(ocspfile3, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite(ocsp_ca3_localhost_unknown_sha1.data, 1, ocsp_ca3_localhost_unknown_sha1.size, fp)>0); + assert(fwrite + (ocsp_ca3_localhost_unknown_sha1.data, 1, + ocsp_ca3_localhost_unknown_sha1.size, fp) > 0); fclose(fp); - ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, index1); + ret = + gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, + index1); if (ret != 0) - fail("setting duplicate didn't succeed as expected: %s\n", gnutls_strerror(ret)); + fail("setting duplicate didn't succeed as expected: %s\n", + gnutls_strerror(ret)); - ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, index2); + ret = + gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, + index2); if (ret != GNUTLS_E_OCSP_MISMATCH_WITH_CERTS) - fail("setting invalid didn't fail as expected: %s\n", gnutls_strerror(ret)); + fail("setting invalid didn't fail as expected: %s\n", + gnutls_strerror(ret)); - /* re-set the previous duplicate set for index1 to the expected*/ - ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, index1); + /* re-set the previous duplicate set for index1 to the expected */ + ret = + gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile1, + index1); if (ret < 0) fail("ocsp file set failed: %s\n", gnutls_strerror(ret)); @@ -196,28 +226,46 @@ void doit(void) fp = fopen(ocspfile3, "wb"); if (fp == NULL) fail("error in fopen\n"); - assert(fwrite(ocsp_subca3_unknown.data, 1, ocsp_subca3_unknown.size, fp)>0); + assert(fwrite(ocsp_subca3_unknown.data, 1, ocsp_subca3_unknown.size, fp) + > 0); fclose(fp); - ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, index1); + ret = + gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, + index1); if (ret < 0) fail("setting subCA failed: %s\n", gnutls_strerror(ret)); - ret = gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, index2); + ret = + gnutls_certificate_set_ocsp_status_request_file(xcred, ocspfile3, + index2); if (ret < 0) fail("setting subCA failed: %s\n", gnutls_strerror(ret)); - - ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, GNUTLS_X509_FMT_PEM); + ret = + gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in setting trust cert: %s\n", gnutls_strerror(ret)); } - test_cli_serv(xcred, clicred, "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", "localhost", &ocsp_ca3_localhost_unknown, check_response, NULL); - test_cli_serv(xcred, clicred, "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", "localhost6", &ocsp_ca3_localhost6_unknown, check_response, NULL); - - test_cli_serv(xcred, clicred, "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", "localhost", &ocsp_ca3_localhost_unknown, check_response, NULL); - test_cli_serv(xcred, clicred, "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", "localhost6", &ocsp_ca3_localhost6_unknown, check_response, NULL); + test_cli_serv(xcred, clicred, + "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", + "localhost", &ocsp_ca3_localhost_unknown, check_response, + NULL); + test_cli_serv(xcred, clicred, + "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.2", + "localhost6", &ocsp_ca3_localhost6_unknown, + check_response, NULL); + + test_cli_serv(xcred, clicred, + "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", + "localhost", &ocsp_ca3_localhost_unknown, check_response, + NULL); + test_cli_serv(xcred, clicred, + "NORMAL:-ECDHE-ECDSA:-VERS-TLS-ALL:+VERS-TLS1.3", + "localhost6", &ocsp_ca3_localhost6_unknown, + check_response, NULL); gnutls_certificate_free_credentials(xcred); gnutls_certificate_free_credentials(clicred); |