提交 b93bd78e 编写于 作者: D Daniel P. Berrange

Change data passed into TLS test cases

Currently a 'struct testTLSCertReq' instance is passed into
the TLS test cases. This is not flexible enough to cope with
certificate chains, where one file now corresponds to multiple
certificates. Change the test cases so that we pass in filenames
instead.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
上级 90811c59
...@@ -42,8 +42,8 @@ ...@@ -42,8 +42,8 @@
struct testTLSContextData { struct testTLSContextData {
bool isServer; bool isServer;
struct testTLSCertReq careq; const char *cacrt;
struct testTLSCertReq certreq; const char *crt;
bool expectFail; bool expectFail;
}; };
...@@ -63,17 +63,17 @@ static int testTLSContextInit(const void *opaque) ...@@ -63,17 +63,17 @@ static int testTLSContextInit(const void *opaque)
int ret = -1; int ret = -1;
if (data->isServer) { if (data->isServer) {
ctxt = virNetTLSContextNewServer(data->careq.filename, ctxt = virNetTLSContextNewServer(data->cacrt,
NULL, NULL,
data->certreq.filename, data->crt,
keyfile, keyfile,
NULL, NULL,
true, true,
true); true);
} else { } else {
ctxt = virNetTLSContextNewClient(data->careq.filename, ctxt = virNetTLSContextNewClient(data->cacrt,
NULL, NULL,
data->certreq.filename, data->crt,
keyfile, keyfile,
true, true,
true); true);
...@@ -82,14 +82,14 @@ static int testTLSContextInit(const void *opaque) ...@@ -82,14 +82,14 @@ static int testTLSContextInit(const void *opaque)
if (ctxt) { if (ctxt) {
if (data->expectFail) { if (data->expectFail) {
VIR_WARN("Expected failure %s against %s", VIR_WARN("Expected failure %s against %s",
data->careq.filename, data->certreq.filename); data->cacrt, data->crt);
goto cleanup; goto cleanup;
} }
} else { } else {
virErrorPtr err = virGetLastError(); virErrorPtr err = virGetLastError();
if (!data->expectFail) { if (!data->expectFail) {
VIR_WARN("Unexpected failure %s against %s", VIR_WARN("Unexpected failure %s against %s",
data->careq.filename, data->certreq.filename); data->cacrt, data->crt);
goto cleanup; goto cleanup;
} }
VIR_DEBUG("Got error %s", err ? err->message : "<unknown>"); VIR_DEBUG("Got error %s", err ? err->message : "<unknown>");
...@@ -111,14 +111,14 @@ mymain(void) ...@@ -111,14 +111,14 @@ mymain(void)
testTLSInit(); testTLSInit();
# define DO_CTX_TEST(_isServer, _caReq, _certReq, _expectFail) \ # define DO_CTX_TEST(_isServer, _caCrt, _crt, _expectFail) \
do { \ do { \
static struct testTLSContextData data; \ static struct testTLSContextData data; \
data.isServer = _isServer; \ data.isServer = _isServer; \
data.careq = _caReq; \ data.cacrt = _caCrt; \
data.certreq = _certReq; \ data.crt = _crt; \
data.expectFail = _expectFail; \ data.expectFail = _expectFail; \
if (virtTestRun("TLS Context " #_caReq " + " #_certReq, 1, \ if (virtTestRun("TLS Context " #_caCrt " + " #_crt, 1, \
testTLSContextInit, &data) < 0) \ testTLSContextInit, &data) < 0) \
ret = -1; \ ret = -1; \
} while (0) } while (0)
...@@ -127,7 +127,7 @@ mymain(void) ...@@ -127,7 +127,7 @@ mymain(void)
co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \ co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \
kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo) \ kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo) \
static struct testTLSCertReq varname = { \ static struct testTLSCertReq varname = { \
NULL, #varname ".pem", \ NULL, #varname "-ctx.pem", \
co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \ co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \
kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo \ kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo \
}; \ }; \
...@@ -137,7 +137,7 @@ mymain(void) ...@@ -137,7 +137,7 @@ mymain(void)
co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \ co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \
kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo) \ kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo) \
static struct testTLSCertReq varname = { \ static struct testTLSCertReq varname = { \
NULL, #varname ".pem", \ NULL, #varname "-ctx.pem", \
co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \ co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \
kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo \ kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo \
}; \ }; \
...@@ -167,8 +167,8 @@ mymain(void) ...@@ -167,8 +167,8 @@ mymain(void)
true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL, true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL,
0, 0); 0, 0);
DO_CTX_TEST(true, cacertreq, servercertreq, false); DO_CTX_TEST(true, cacertreq.filename, servercertreq.filename, false);
DO_CTX_TEST(false, cacertreq, clientcertreq, false); DO_CTX_TEST(false, cacertreq.filename, clientcertreq.filename, false);
/* Some other CAs which are good */ /* Some other CAs which are good */
...@@ -215,9 +215,9 @@ mymain(void) ...@@ -215,9 +215,9 @@ mymain(void)
true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL, true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
0, 0); 0, 0);
DO_CTX_TEST(true, cacert1req, servercert1req, false); DO_CTX_TEST(true, cacert1req.filename, servercert1req.filename, false);
DO_CTX_TEST(true, cacert2req, servercert2req, false); DO_CTX_TEST(true, cacert2req.filename, servercert2req.filename, false);
DO_CTX_TEST(true, cacert3req, servercert3req, false); DO_CTX_TEST(true, cacert3req.filename, servercert3req.filename, false);
/* Now some bad certs */ /* Now some bad certs */
...@@ -266,9 +266,9 @@ mymain(void) ...@@ -266,9 +266,9 @@ mymain(void)
* be rejected. GNUTLS < 3 does not reject it and * be rejected. GNUTLS < 3 does not reject it and
* we don't anticipate them changing this behaviour * we don't anticipate them changing this behaviour
*/ */
DO_CTX_TEST(true, cacert4req, servercert4req, GNUTLS_VERSION_MAJOR >= 3); DO_CTX_TEST(true, cacert4req.filename, servercert4req.filename, GNUTLS_VERSION_MAJOR >= 3);
DO_CTX_TEST(true, cacert5req, servercert5req, true); DO_CTX_TEST(true, cacert5req.filename, servercert5req.filename, true);
DO_CTX_TEST(true, cacert6req, servercert6req, true); DO_CTX_TEST(true, cacert6req.filename, servercert6req.filename, true);
/* Various good servers */ /* Various good servers */
...@@ -322,13 +322,13 @@ mymain(void) ...@@ -322,13 +322,13 @@ mymain(void)
true, false, GNUTLS_KP_TLS_WWW_CLIENT, GNUTLS_KP_TLS_WWW_SERVER, true, false, GNUTLS_KP_TLS_WWW_CLIENT, GNUTLS_KP_TLS_WWW_SERVER,
0, 0); 0, 0);
DO_CTX_TEST(true, cacertreq, servercert7req, false); DO_CTX_TEST(true, cacertreq.filename, servercert7req.filename, false);
DO_CTX_TEST(true, cacertreq, servercert8req, false); DO_CTX_TEST(true, cacertreq.filename, servercert8req.filename, false);
DO_CTX_TEST(true, cacertreq, servercert9req, false); DO_CTX_TEST(true, cacertreq.filename, servercert9req.filename, false);
DO_CTX_TEST(true, cacertreq, servercert10req, false); DO_CTX_TEST(true, cacertreq.filename, servercert10req.filename, false);
DO_CTX_TEST(true, cacertreq, servercert11req, false); DO_CTX_TEST(true, cacertreq.filename, servercert11req.filename, false);
DO_CTX_TEST(true, cacertreq, servercert12req, false); DO_CTX_TEST(true, cacertreq.filename, servercert12req.filename, false);
DO_CTX_TEST(true, cacertreq, servercert13req, false); DO_CTX_TEST(true, cacertreq.filename, servercert13req.filename, false);
/* Bad servers */ /* Bad servers */
/* usage:cert-sign:critical */ /* usage:cert-sign:critical */
...@@ -353,9 +353,9 @@ mymain(void) ...@@ -353,9 +353,9 @@ mymain(void)
false, false, NULL, NULL, false, false, NULL, NULL,
0, 0); 0, 0);
DO_CTX_TEST(true, cacertreq, servercert14req, true); DO_CTX_TEST(true, cacertreq.filename, servercert14req.filename, true);
DO_CTX_TEST(true, cacertreq, servercert15req, true); DO_CTX_TEST(true, cacertreq.filename, servercert15req.filename, true);
DO_CTX_TEST(true, cacertreq, servercert16req, true); DO_CTX_TEST(true, cacertreq.filename, servercert16req.filename, true);
...@@ -410,13 +410,13 @@ mymain(void) ...@@ -410,13 +410,13 @@ mymain(void)
true, false, GNUTLS_KP_TLS_WWW_CLIENT, GNUTLS_KP_TLS_WWW_SERVER, true, false, GNUTLS_KP_TLS_WWW_CLIENT, GNUTLS_KP_TLS_WWW_SERVER,
0, 0); 0, 0);
DO_CTX_TEST(false, cacertreq, clientcert1req, false); DO_CTX_TEST(false, cacertreq.filename, clientcert1req.filename, false);
DO_CTX_TEST(false, cacertreq, clientcert2req, false); DO_CTX_TEST(false, cacertreq.filename, clientcert2req.filename, false);
DO_CTX_TEST(false, cacertreq, clientcert3req, false); DO_CTX_TEST(false, cacertreq.filename, clientcert3req.filename, false);
DO_CTX_TEST(false, cacertreq, clientcert4req, false); DO_CTX_TEST(false, cacertreq.filename, clientcert4req.filename, false);
DO_CTX_TEST(false, cacertreq, clientcert5req, false); DO_CTX_TEST(false, cacertreq.filename, clientcert5req.filename, false);
DO_CTX_TEST(false, cacertreq, clientcert6req, false); DO_CTX_TEST(false, cacertreq.filename, clientcert6req.filename, false);
DO_CTX_TEST(false, cacertreq, clientcert7req, false); DO_CTX_TEST(false, cacertreq.filename, clientcert7req.filename, false);
/* Bad clients */ /* Bad clients */
/* usage:cert-sign:critical */ /* usage:cert-sign:critical */
...@@ -441,9 +441,9 @@ mymain(void) ...@@ -441,9 +441,9 @@ mymain(void)
false, false, NULL, NULL, false, false, NULL, NULL,
0, 0); 0, 0);
DO_CTX_TEST(false, cacertreq, clientcert8req, true); DO_CTX_TEST(false, cacertreq.filename, clientcert8req.filename, true);
DO_CTX_TEST(false, cacertreq, clientcert9req, true); DO_CTX_TEST(false, cacertreq.filename, clientcert9req.filename, true);
DO_CTX_TEST(false, cacertreq, clientcert10req, true); DO_CTX_TEST(false, cacertreq.filename, clientcert10req.filename, true);
...@@ -474,9 +474,9 @@ mymain(void) ...@@ -474,9 +474,9 @@ mymain(void)
true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL, true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL,
0, -1); 0, -1);
DO_CTX_TEST(true, cacertexpreq, servercertexpreq, true); DO_CTX_TEST(true, cacertexpreq.filename, servercertexpreq.filename, true);
DO_CTX_TEST(true, cacertreq, servercertexp1req, true); DO_CTX_TEST(true, cacertreq.filename, servercertexp1req.filename, true);
DO_CTX_TEST(false, cacertreq, clientcertexp1req, true); DO_CTX_TEST(false, cacertreq.filename, clientcertexp1req.filename, true);
/* Not activated stuff */ /* Not activated stuff */
...@@ -506,9 +506,9 @@ mymain(void) ...@@ -506,9 +506,9 @@ mymain(void)
true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL, true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL,
1, 2); 1, 2);
DO_CTX_TEST(true, cacertnewreq, servercertnewreq, true); DO_CTX_TEST(true, cacertnewreq.filename, servercertnewreq.filename, true);
DO_CTX_TEST(true, cacertreq, servercertnew1req, true); DO_CTX_TEST(true, cacertreq.filename, servercertnew1req.filename, true);
DO_CTX_TEST(false, cacertreq, clientcertnew1req, true); DO_CTX_TEST(false, cacertreq.filename, clientcertnew1req.filename, true);
testTLSDiscardCert(&cacertreq); testTLSDiscardCert(&cacertreq);
testTLSDiscardCert(&cacert1req); testTLSDiscardCert(&cacert1req);
......
...@@ -39,10 +39,10 @@ ...@@ -39,10 +39,10 @@
# define VIR_FROM_THIS VIR_FROM_RPC # define VIR_FROM_THIS VIR_FROM_RPC
struct testTLSSessionData { struct testTLSSessionData {
struct testTLSCertReq careq; const char *servercacrt;
struct testTLSCertReq othercareq; const char *clientcacrt;
struct testTLSCertReq serverreq; const char *servercrt;
struct testTLSCertReq clientreq; const char *clientcrt;
bool expectServerFail; bool expectServerFail;
bool expectClientFail; bool expectClientFail;
const char *hostname; const char *hostname;
...@@ -104,32 +104,29 @@ static int testTLSSessionInit(const void *opaque) ...@@ -104,32 +104,29 @@ static int testTLSSessionInit(const void *opaque)
* want to make sure that problems are being * want to make sure that problems are being
* detected at the TLS session validation stage * detected at the TLS session validation stage
*/ */
serverCtxt = virNetTLSContextNewServer(data->careq.filename, serverCtxt = virNetTLSContextNewServer(data->servercacrt,
NULL, NULL,
data->serverreq.filename, data->servercrt,
keyfile, keyfile,
data->wildcards, data->wildcards,
false, false,
true); true);
clientCtxt = virNetTLSContextNewClient(data->othercareq.filename ? clientCtxt = virNetTLSContextNewClient(data->clientcacrt,
data->othercareq.filename :
data->careq.filename,
NULL, NULL,
data->clientreq.filename, data->clientcrt,
keyfile, keyfile,
false, false,
true); true);
if (!serverCtxt) { if (!serverCtxt) {
VIR_WARN("Unexpected failure loading %s against %s", VIR_WARN("Unexpected failure loading %s against %s",
data->careq.filename, data->serverreq.filename); data->servercacrt, data->servercrt);
goto cleanup; goto cleanup;
} }
if (!clientCtxt) { if (!clientCtxt) {
VIR_WARN("Unexpected failure loading %s against %s", VIR_WARN("Unexpected failure loading %s against %s",
data->othercareq.filename ? data->othercareq.filename : data->clientcacrt, data->clientcrt);
data->careq.filename, data->clientreq.filename);
goto cleanup; goto cleanup;
} }
...@@ -140,13 +137,12 @@ static int testTLSSessionInit(const void *opaque) ...@@ -140,13 +137,12 @@ static int testTLSSessionInit(const void *opaque)
if (!serverSess) { if (!serverSess) {
VIR_WARN("Unexpected failure using %s against %s", VIR_WARN("Unexpected failure using %s against %s",
data->careq.filename, data->serverreq.filename); data->servercacrt, data->servercrt);
goto cleanup; goto cleanup;
} }
if (!clientSess) { if (!clientSess) {
VIR_WARN("Unexpected failure using %s against %s", VIR_WARN("Unexpected failure using %s against %s",
data->othercareq.filename ? data->othercareq.filename : data->clientcacrt, data->clientcrt);
data->careq.filename, data->clientreq.filename);
goto cleanup; goto cleanup;
} }
...@@ -242,38 +238,37 @@ mymain(void) ...@@ -242,38 +238,37 @@ mymain(void)
testTLSInit(); testTLSInit();
# define DO_SESS_TEST(_caReq, _serverReq, _clientReq, _expectServerFail,\ # define DO_SESS_TEST(_caCrt, _serverCrt, _clientCrt, _expectServerFail, \
_expectClientFail, _hostname, _wildcards) \ _expectClientFail, _hostname, _wildcards) \
do { \ do { \
static struct testTLSSessionData data; \ static struct testTLSSessionData data; \
static struct testTLSCertReq other; \ data.servercacrt = _caCrt; \
data.careq = _caReq; \ data.clientcacrt = _caCrt; \
data.othercareq = other; \ data.servercrt = _serverCrt; \
data.serverreq = _serverReq; \ data.clientcrt = _clientCrt; \
data.clientreq = _clientReq; \
data.expectServerFail = _expectServerFail; \ data.expectServerFail = _expectServerFail; \
data.expectClientFail = _expectClientFail; \ data.expectClientFail = _expectClientFail; \
data.hostname = _hostname; \ data.hostname = _hostname; \
data.wildcards = _wildcards; \ data.wildcards = _wildcards; \
if (virtTestRun("TLS Session " #_serverReq " + " #_clientReq, \ if (virtTestRun("TLS Session " #_serverCrt " + " #_clientCrt, \
1, testTLSSessionInit, &data) < 0) \ 1, testTLSSessionInit, &data) < 0) \
ret = -1; \ ret = -1; \
} while (0) } while (0)
# define DO_SESS_TEST_EXT(_caReq, _othercaReq, _serverReq, _clientReq, \ # define DO_SESS_TEST_EXT(_serverCaCrt, _clientCaCrt, _serverCrt, _clientCrt, \
_expectServerFail, _expectClientFail, \ _expectServerFail, _expectClientFail, \
_hostname, _wildcards) \ _hostname, _wildcards) \
do { \ do { \
static struct testTLSSessionData data; \ static struct testTLSSessionData data; \
data.careq = _caReq; \ data.servercacrt = _serverCaCrt; \
data.othercareq = _othercaReq; \ data.clientcacrt = _clientCaCrt; \
data.serverreq = _serverReq; \ data.servercrt = _serverCrt; \
data.clientreq = _clientReq; \ data.clientcrt = _clientCrt; \
data.expectServerFail = _expectServerFail; \ data.expectServerFail = _expectServerFail; \
data.expectClientFail = _expectClientFail; \ data.expectClientFail = _expectClientFail; \
data.hostname = _hostname; \ data.hostname = _hostname; \
data.wildcards = _wildcards; \ data.wildcards = _wildcards; \
if (virtTestRun("TLS Session " #_serverReq " + " #_clientReq, \ if (virtTestRun("TLS Session " #_serverCrt " + " #_clientCrt, \
1, testTLSSessionInit, &data) < 0) \ 1, testTLSSessionInit, &data) < 0) \
ret = -1; \ ret = -1; \
} while (0) } while (0)
...@@ -282,7 +277,7 @@ mymain(void) ...@@ -282,7 +277,7 @@ mymain(void)
co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \ co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \
kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo) \ kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo) \
static struct testTLSCertReq varname = { \ static struct testTLSCertReq varname = { \
NULL, #varname ".pem", \ NULL, #varname "-sess.pem", \
co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \ co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \
kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, so \ kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, so \
}; \ }; \
...@@ -292,7 +287,7 @@ mymain(void) ...@@ -292,7 +287,7 @@ mymain(void)
co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \ co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \
kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo) \ kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo) \
static struct testTLSCertReq varname = { \ static struct testTLSCertReq varname = { \
NULL, #varname ".pem", \ NULL, #varname "-sess.pem", \
co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \ co, cn, an1, an2, ia1, ia2, bce, bcc, bci, \
kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, so \ kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, so \
}; \ }; \
...@@ -335,8 +330,10 @@ mymain(void) ...@@ -335,8 +330,10 @@ mymain(void)
true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL, true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL,
0, 0); 0, 0);
DO_SESS_TEST(cacertreq, servercertreq, clientcertreq, false, false, "libvirt.org", NULL); DO_SESS_TEST(cacertreq.filename, servercertreq.filename, clientcertreq.filename,
DO_SESS_TEST_EXT(cacertreq, altcacertreq, servercertreq, clientcertaltreq, true, true, "libvirt.org", NULL); false, false, "libvirt.org", NULL);
DO_SESS_TEST_EXT(cacertreq.filename, altcacertreq.filename, servercertreq.filename,
clientcertaltreq.filename, true, true, "libvirt.org", NULL);
/* When an altname is set, the CN is ignored, so it must be duplicated /* When an altname is set, the CN is ignored, so it must be duplicated
...@@ -355,13 +352,19 @@ mymain(void) ...@@ -355,13 +352,19 @@ mymain(void)
true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL, true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
0, 0); 0, 0);
DO_SESS_TEST(cacertreq, servercertalt1req, clientcertreq, false, false, "libvirt.org", NULL); DO_SESS_TEST(cacertreq.filename, servercertalt1req.filename, clientcertreq.filename,
DO_SESS_TEST(cacertreq, servercertalt1req, clientcertreq, false, false, "www.libvirt.org", NULL); false, false, "libvirt.org", NULL);
DO_SESS_TEST(cacertreq, servercertalt1req, clientcertreq, false, true, "wiki.libvirt.org", NULL); DO_SESS_TEST(cacertreq.filename, servercertalt1req.filename, clientcertreq.filename,
false, false, "www.libvirt.org", NULL);
DO_SESS_TEST(cacertreq.filename, servercertalt1req.filename, clientcertreq.filename,
false, true, "wiki.libvirt.org", NULL);
DO_SESS_TEST(cacertreq, servercertalt2req, clientcertreq, false, true, "libvirt.org", NULL); DO_SESS_TEST(cacertreq.filename, servercertalt2req.filename, clientcertreq.filename,
DO_SESS_TEST(cacertreq, servercertalt2req, clientcertreq, false, false, "www.libvirt.org", NULL); false, true, "libvirt.org", NULL);
DO_SESS_TEST(cacertreq, servercertalt2req, clientcertreq, false, false, "wiki.libvirt.org", NULL); DO_SESS_TEST(cacertreq.filename, servercertalt2req.filename, clientcertreq.filename,
false, false, "www.libvirt.org", NULL);
DO_SESS_TEST(cacertreq.filename, servercertalt2req.filename, clientcertreq.filename,
false, false, "wiki.libvirt.org", NULL);
const char *const wildcards1[] = { const char *const wildcards1[] = {
"C=UK,CN=dogfood", "C=UK,CN=dogfood",
...@@ -389,12 +392,18 @@ mymain(void) ...@@ -389,12 +392,18 @@ mymain(void)
NULL, NULL,
}; };
DO_SESS_TEST(cacertreq, servercertreq, clientcertreq, true, false, "libvirt.org", wildcards1); DO_SESS_TEST(cacertreq.filename, servercertreq.filename, clientcertreq.filename,
DO_SESS_TEST(cacertreq, servercertreq, clientcertreq, false, false, "libvirt.org", wildcards2); true, false, "libvirt.org", wildcards1);
DO_SESS_TEST(cacertreq, servercertreq, clientcertreq, false, false, "libvirt.org", wildcards3); DO_SESS_TEST(cacertreq.filename, servercertreq.filename, clientcertreq.filename,
DO_SESS_TEST(cacertreq, servercertreq, clientcertreq, true, false, "libvirt.org", wildcards4); false, false, "libvirt.org", wildcards2);
DO_SESS_TEST(cacertreq, servercertreq, clientcertreq, false, false, "libvirt.org", wildcards5); DO_SESS_TEST(cacertreq.filename, servercertreq.filename, clientcertreq.filename,
DO_SESS_TEST(cacertreq, servercertreq, clientcertreq, false, false, "libvirt.org", wildcards6); false, false, "libvirt.org", wildcards3);
DO_SESS_TEST(cacertreq.filename, servercertreq.filename, clientcertreq.filename,
true, false, "libvirt.org", wildcards4);
DO_SESS_TEST(cacertreq.filename, servercertreq.filename, clientcertreq.filename,
false, false, "libvirt.org", wildcards5);
DO_SESS_TEST(cacertreq.filename, servercertreq.filename, clientcertreq.filename,
false, false, "libvirt.org", wildcards6);
testTLSDiscardCert(&clientcertreq); testTLSDiscardCert(&clientcertreq);
testTLSDiscardCert(&clientcertaltreq); testTLSDiscardCert(&clientcertaltreq);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册