Updated test command line parsing to support commmon commands
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6975)
This commit is contained in:
parent
9d5560331d
commit
a43ce58f55
46 changed files with 1401 additions and 875 deletions
270
apps/apps.c
270
apps/apps.c
|
@ -54,9 +54,6 @@ typedef struct {
|
||||||
unsigned long mask;
|
unsigned long mask;
|
||||||
} NAME_EX_TBL;
|
} NAME_EX_TBL;
|
||||||
|
|
||||||
static UI_METHOD *ui_method = NULL;
|
|
||||||
static const UI_METHOD *ui_fallback_method = NULL;
|
|
||||||
|
|
||||||
static int set_table_opts(unsigned long *flags, const char *arg,
|
static int set_table_opts(unsigned long *flags, const char *arg,
|
||||||
const NAME_EX_TBL * in_tbl);
|
const NAME_EX_TBL * in_tbl);
|
||||||
static int set_multi_opts(unsigned long *flags, const char *arg,
|
static int set_multi_opts(unsigned long *flags, const char *arg,
|
||||||
|
@ -173,179 +170,12 @@ int dump_cert_text(BIO *out, X509 *x)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ui_open(UI *ui)
|
|
||||||
{
|
|
||||||
int (*opener)(UI *ui) = UI_method_get_opener(ui_fallback_method);
|
|
||||||
|
|
||||||
if (opener)
|
|
||||||
return opener(ui);
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int ui_read(UI *ui, UI_STRING *uis)
|
|
||||||
{
|
|
||||||
int (*reader)(UI *ui, UI_STRING *uis) = NULL;
|
|
||||||
|
|
||||||
if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
|
|
||||||
&& UI_get0_user_data(ui)) {
|
|
||||||
switch (UI_get_string_type(uis)) {
|
|
||||||
case UIT_PROMPT:
|
|
||||||
case UIT_VERIFY:
|
|
||||||
{
|
|
||||||
const char *password =
|
|
||||||
((PW_CB_DATA *)UI_get0_user_data(ui))->password;
|
|
||||||
if (password && password[0] != '\0') {
|
|
||||||
UI_set_result(ui, uis, password);
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
case UIT_NONE:
|
|
||||||
case UIT_BOOLEAN:
|
|
||||||
case UIT_INFO:
|
|
||||||
case UIT_ERROR:
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
reader = UI_method_get_reader(ui_fallback_method);
|
|
||||||
if (reader)
|
|
||||||
return reader(ui, uis);
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int ui_write(UI *ui, UI_STRING *uis)
|
|
||||||
{
|
|
||||||
int (*writer)(UI *ui, UI_STRING *uis) = NULL;
|
|
||||||
|
|
||||||
if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
|
|
||||||
&& UI_get0_user_data(ui)) {
|
|
||||||
switch (UI_get_string_type(uis)) {
|
|
||||||
case UIT_PROMPT:
|
|
||||||
case UIT_VERIFY:
|
|
||||||
{
|
|
||||||
const char *password =
|
|
||||||
((PW_CB_DATA *)UI_get0_user_data(ui))->password;
|
|
||||||
if (password && password[0] != '\0')
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
case UIT_NONE:
|
|
||||||
case UIT_BOOLEAN:
|
|
||||||
case UIT_INFO:
|
|
||||||
case UIT_ERROR:
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
writer = UI_method_get_writer(ui_fallback_method);
|
|
||||||
if (writer)
|
|
||||||
return writer(ui, uis);
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int ui_close(UI *ui)
|
|
||||||
{
|
|
||||||
int (*closer)(UI *ui) = UI_method_get_closer(ui_fallback_method);
|
|
||||||
|
|
||||||
if (closer)
|
|
||||||
return closer(ui);
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
int setup_ui_method(void)
|
|
||||||
{
|
|
||||||
ui_fallback_method = UI_null();
|
|
||||||
#ifndef OPENSSL_NO_UI_CONSOLE
|
|
||||||
ui_fallback_method = UI_OpenSSL();
|
|
||||||
#endif
|
|
||||||
ui_method = UI_create_method("OpenSSL application user interface");
|
|
||||||
UI_method_set_opener(ui_method, ui_open);
|
|
||||||
UI_method_set_reader(ui_method, ui_read);
|
|
||||||
UI_method_set_writer(ui_method, ui_write);
|
|
||||||
UI_method_set_closer(ui_method, ui_close);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
void destroy_ui_method(void)
|
|
||||||
{
|
|
||||||
if (ui_method) {
|
|
||||||
UI_destroy_method(ui_method);
|
|
||||||
ui_method = NULL;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
const UI_METHOD *get_ui_method(void)
|
|
||||||
{
|
|
||||||
return ui_method;
|
|
||||||
}
|
|
||||||
|
|
||||||
int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_data)
|
|
||||||
{
|
|
||||||
int res = 0;
|
|
||||||
UI *ui;
|
|
||||||
int ok = 0;
|
|
||||||
char *buff = NULL;
|
|
||||||
int ui_flags = 0;
|
|
||||||
const char *prompt_info = NULL;
|
|
||||||
char *prompt;
|
|
||||||
|
|
||||||
if ((ui = UI_new_method(ui_method)) == NULL)
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
if (cb_data != NULL && cb_data->prompt_info != NULL)
|
|
||||||
prompt_info = cb_data->prompt_info;
|
|
||||||
prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
|
|
||||||
if (prompt == NULL) {
|
|
||||||
BIO_printf(bio_err, "Out of memory\n");
|
|
||||||
UI_free(ui);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;
|
|
||||||
UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
|
|
||||||
|
|
||||||
/* We know that there is no previous user data to return to us */
|
|
||||||
(void)UI_add_user_data(ui, cb_data);
|
|
||||||
|
|
||||||
ok = UI_add_input_string(ui, prompt, ui_flags, buf,
|
|
||||||
PW_MIN_LENGTH, bufsiz - 1);
|
|
||||||
|
|
||||||
if (ok >= 0 && verify) {
|
|
||||||
buff = app_malloc(bufsiz, "password buffer");
|
|
||||||
ok = UI_add_verify_string(ui, prompt, ui_flags, buff,
|
|
||||||
PW_MIN_LENGTH, bufsiz - 1, buf);
|
|
||||||
}
|
|
||||||
if (ok >= 0)
|
|
||||||
do {
|
|
||||||
ok = UI_process(ui);
|
|
||||||
} while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
|
|
||||||
|
|
||||||
OPENSSL_clear_free(buff, (unsigned int)bufsiz);
|
|
||||||
|
|
||||||
if (ok >= 0)
|
|
||||||
res = strlen(buf);
|
|
||||||
if (ok == -1) {
|
|
||||||
BIO_printf(bio_err, "User interface error\n");
|
|
||||||
ERR_print_errors(bio_err);
|
|
||||||
OPENSSL_cleanse(buf, (unsigned int)bufsiz);
|
|
||||||
res = 0;
|
|
||||||
}
|
|
||||||
if (ok == -2) {
|
|
||||||
BIO_printf(bio_err, "aborted!\n");
|
|
||||||
OPENSSL_cleanse(buf, (unsigned int)bufsiz);
|
|
||||||
res = 0;
|
|
||||||
}
|
|
||||||
UI_free(ui);
|
|
||||||
OPENSSL_free(prompt);
|
|
||||||
return res;
|
|
||||||
}
|
|
||||||
|
|
||||||
int wrap_password_callback(char *buf, int bufsiz, int verify, void *userdata)
|
int wrap_password_callback(char *buf, int bufsiz, int verify, void *userdata)
|
||||||
{
|
{
|
||||||
return password_callback(buf, bufsiz, verify, (PW_CB_DATA *)userdata);
|
return password_callback(buf, bufsiz, verify, (PW_CB_DATA *)userdata);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static char *app_get_pass(const char *arg, int keepbio);
|
static char *app_get_pass(const char *arg, int keepbio);
|
||||||
|
|
||||||
int app_passwd(const char *arg1, const char *arg2, char **pass1, char **pass2)
|
int app_passwd(const char *arg1, const char *arg2, char **pass1, char **pass2)
|
||||||
|
@ -725,7 +555,9 @@ EVP_PKEY *load_key(const char *file, int format, int maybe_stdin,
|
||||||
} else {
|
} else {
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
if (ENGINE_init(e)) {
|
if (ENGINE_init(e)) {
|
||||||
pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data);
|
pkey = ENGINE_load_private_key(e, file,
|
||||||
|
(UI_METHOD *)get_ui_method(),
|
||||||
|
&cb_data);
|
||||||
ENGINE_finish(e);
|
ENGINE_finish(e);
|
||||||
}
|
}
|
||||||
if (pkey == NULL) {
|
if (pkey == NULL) {
|
||||||
|
@ -792,7 +624,8 @@ EVP_PKEY *load_pubkey(const char *file, int format, int maybe_stdin,
|
||||||
BIO_printf(bio_err, "no engine specified\n");
|
BIO_printf(bio_err, "no engine specified\n");
|
||||||
} else {
|
} else {
|
||||||
#ifndef OPENSSL_NO_ENGINE
|
#ifndef OPENSSL_NO_ENGINE
|
||||||
pkey = ENGINE_load_public_key(e, file, ui_method, &cb_data);
|
pkey = ENGINE_load_public_key(e, file, (UI_METHOD *)get_ui_method(),
|
||||||
|
&cb_data);
|
||||||
if (pkey == NULL) {
|
if (pkey == NULL) {
|
||||||
BIO_printf(bio_err, "cannot load %s from engine\n", key_descrip);
|
BIO_printf(bio_err, "cannot load %s from engine\n", key_descrip);
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
|
@ -1295,7 +1128,8 @@ ENGINE *setup_engine(const char *engine, int debug)
|
||||||
if (debug) {
|
if (debug) {
|
||||||
ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM, 0, bio_err, 0);
|
ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM, 0, bio_err, 0);
|
||||||
}
|
}
|
||||||
ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, ui_method, 0, 1);
|
ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, (void *)get_ui_method(),
|
||||||
|
0, 1);
|
||||||
if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
|
if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
|
||||||
BIO_printf(bio_err, "can't use that engine\n");
|
BIO_printf(bio_err, "can't use that engine\n");
|
||||||
ERR_print_errors(bio_err);
|
ERR_print_errors(bio_err);
|
||||||
|
@ -2321,56 +2155,10 @@ int app_access(const char* name, int flag)
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
/* app_isdir section */
|
|
||||||
#ifdef _WIN32
|
|
||||||
int app_isdir(const char *name)
|
int app_isdir(const char *name)
|
||||||
{
|
{
|
||||||
DWORD attr;
|
return opt_isdir(name);
|
||||||
# if defined(UNICODE) || defined(_UNICODE)
|
|
||||||
size_t i, len_0 = strlen(name) + 1;
|
|
||||||
WCHAR tempname[MAX_PATH];
|
|
||||||
|
|
||||||
if (len_0 > MAX_PATH)
|
|
||||||
return -1;
|
|
||||||
|
|
||||||
# if !defined(_WIN32_WCE) || _WIN32_WCE>=101
|
|
||||||
if (!MultiByteToWideChar(CP_ACP, 0, name, len_0, tempname, MAX_PATH))
|
|
||||||
# endif
|
|
||||||
for (i = 0; i < len_0; i++)
|
|
||||||
tempname[i] = (WCHAR)name[i];
|
|
||||||
|
|
||||||
attr = GetFileAttributes(tempname);
|
|
||||||
# else
|
|
||||||
attr = GetFileAttributes(name);
|
|
||||||
# endif
|
|
||||||
if (attr == INVALID_FILE_ATTRIBUTES)
|
|
||||||
return -1;
|
|
||||||
return ((attr & FILE_ATTRIBUTE_DIRECTORY) != 0);
|
|
||||||
}
|
}
|
||||||
#else
|
|
||||||
# include <sys/stat.h>
|
|
||||||
# ifndef S_ISDIR
|
|
||||||
# if defined(_S_IFMT) && defined(_S_IFDIR)
|
|
||||||
# define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR)
|
|
||||||
# else
|
|
||||||
# define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
|
|
||||||
int app_isdir(const char *name)
|
|
||||||
{
|
|
||||||
# if defined(S_ISDIR)
|
|
||||||
struct stat st;
|
|
||||||
|
|
||||||
if (stat(name, &st) == 0)
|
|
||||||
return S_ISDIR(st.st_mode);
|
|
||||||
else
|
|
||||||
return -1;
|
|
||||||
# else
|
|
||||||
return -1;
|
|
||||||
# endif
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* raw_read|write section */
|
/* raw_read|write section */
|
||||||
#if defined(__VMS)
|
#if defined(__VMS)
|
||||||
|
@ -2443,21 +2231,16 @@ int raw_write_stdout(const void *buf, int siz)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Centralized handling if input and output files with format specification
|
* Centralized handling of input and output files with format specification
|
||||||
* The format is meant to show what the input and output is supposed to be,
|
* The format is meant to show what the input and output is supposed to be,
|
||||||
* and is therefore a show of intent more than anything else. However, it
|
* and is therefore a show of intent more than anything else. However, it
|
||||||
* does impact behavior on some platform, such as differentiating between
|
* does impact behavior on some platforms, such as differentiating between
|
||||||
* text and binary input/output on non-Unix platforms
|
* text and binary input/output on non-Unix platforms
|
||||||
*/
|
*/
|
||||||
static int istext(int format)
|
|
||||||
{
|
|
||||||
return (format & B_FORMAT_TEXT) == B_FORMAT_TEXT;
|
|
||||||
}
|
|
||||||
|
|
||||||
BIO *dup_bio_in(int format)
|
BIO *dup_bio_in(int format)
|
||||||
{
|
{
|
||||||
return BIO_new_fp(stdin,
|
return BIO_new_fp(stdin,
|
||||||
BIO_NOCLOSE | (istext(format) ? BIO_FP_TEXT : 0));
|
BIO_NOCLOSE | (FMT_istext(format) ? BIO_FP_TEXT : 0));
|
||||||
}
|
}
|
||||||
|
|
||||||
static BIO_METHOD *prefix_method = NULL;
|
static BIO_METHOD *prefix_method = NULL;
|
||||||
|
@ -2465,15 +2248,15 @@ static BIO_METHOD *prefix_method = NULL;
|
||||||
BIO *dup_bio_out(int format)
|
BIO *dup_bio_out(int format)
|
||||||
{
|
{
|
||||||
BIO *b = BIO_new_fp(stdout,
|
BIO *b = BIO_new_fp(stdout,
|
||||||
BIO_NOCLOSE | (istext(format) ? BIO_FP_TEXT : 0));
|
BIO_NOCLOSE | (FMT_istext(format) ? BIO_FP_TEXT : 0));
|
||||||
void *prefix = NULL;
|
void *prefix = NULL;
|
||||||
|
|
||||||
#ifdef OPENSSL_SYS_VMS
|
#ifdef OPENSSL_SYS_VMS
|
||||||
if (istext(format))
|
if (FMT_istext(format))
|
||||||
b = BIO_push(BIO_new(BIO_f_linebuffer()), b);
|
b = BIO_push(BIO_new(BIO_f_linebuffer()), b);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (istext(format) && (prefix = getenv("HARNESS_OSSL_PREFIX")) != NULL) {
|
if (FMT_istext(format) && (prefix = getenv("HARNESS_OSSL_PREFIX")) != NULL) {
|
||||||
if (prefix_method == NULL)
|
if (prefix_method == NULL)
|
||||||
prefix_method = apps_bf_prefix();
|
prefix_method = apps_bf_prefix();
|
||||||
b = BIO_push(BIO_new(prefix_method), b);
|
b = BIO_push(BIO_new(prefix_method), b);
|
||||||
|
@ -2486,9 +2269,9 @@ BIO *dup_bio_out(int format)
|
||||||
BIO *dup_bio_err(int format)
|
BIO *dup_bio_err(int format)
|
||||||
{
|
{
|
||||||
BIO *b = BIO_new_fp(stderr,
|
BIO *b = BIO_new_fp(stderr,
|
||||||
BIO_NOCLOSE | (istext(format) ? BIO_FP_TEXT : 0));
|
BIO_NOCLOSE | (FMT_istext(format) ? BIO_FP_TEXT : 0));
|
||||||
#ifdef OPENSSL_SYS_VMS
|
#ifdef OPENSSL_SYS_VMS
|
||||||
if (istext(format))
|
if (FMT_istext(format))
|
||||||
b = BIO_push(BIO_new(BIO_f_linebuffer()), b);
|
b = BIO_push(BIO_new(BIO_f_linebuffer()), b);
|
||||||
#endif
|
#endif
|
||||||
return b;
|
return b;
|
||||||
|
@ -2525,11 +2308,11 @@ static const char *modestr(char mode, int format)
|
||||||
|
|
||||||
switch (mode) {
|
switch (mode) {
|
||||||
case 'a':
|
case 'a':
|
||||||
return istext(format) ? "a" : "ab";
|
return FMT_istext(format) ? "a" : "ab";
|
||||||
case 'r':
|
case 'r':
|
||||||
return istext(format) ? "r" : "rb";
|
return FMT_istext(format) ? "r" : "rb";
|
||||||
case 'w':
|
case 'w':
|
||||||
return istext(format) ? "w" : "wb";
|
return FMT_istext(format) ? "w" : "wb";
|
||||||
}
|
}
|
||||||
/* The assert above should make sure we never reach this point */
|
/* The assert above should make sure we never reach this point */
|
||||||
return NULL;
|
return NULL;
|
||||||
|
@ -2567,7 +2350,7 @@ BIO *bio_open_owner(const char *filename, int format, int private)
|
||||||
#ifdef O_TRUNC
|
#ifdef O_TRUNC
|
||||||
mode |= O_TRUNC;
|
mode |= O_TRUNC;
|
||||||
#endif
|
#endif
|
||||||
textmode = istext(format);
|
textmode = FMT_istext(format);
|
||||||
if (!textmode) {
|
if (!textmode) {
|
||||||
#ifdef O_BINARY
|
#ifdef O_BINARY
|
||||||
mode |= O_BINARY;
|
mode |= O_BINARY;
|
||||||
|
@ -2746,3 +2529,14 @@ void make_uppercase(char *string)
|
||||||
for (i = 0; string[i] != '\0'; i++)
|
for (i = 0; string[i] != '\0'; i++)
|
||||||
string[i] = toupper((unsigned char)string[i]);
|
string[i] = toupper((unsigned char)string[i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int opt_printf_stderr(const char *fmt, ...)
|
||||||
|
{
|
||||||
|
va_list ap;
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
va_start(ap, fmt);
|
||||||
|
ret = BIO_vprintf(bio_err, fmt, ap);
|
||||||
|
va_end(ap);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
362
apps/apps.h
362
apps/apps.h
|
@ -29,6 +29,9 @@
|
||||||
# include <openssl/engine.h>
|
# include <openssl/engine.h>
|
||||||
# include <openssl/ocsp.h>
|
# include <openssl/ocsp.h>
|
||||||
# include <signal.h>
|
# include <signal.h>
|
||||||
|
# include "apps_ui.h"
|
||||||
|
# include "opt.h"
|
||||||
|
# include "fmt.h"
|
||||||
|
|
||||||
# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINCE)
|
# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINCE)
|
||||||
# define openssl_fdset(a,b) FD_SET((unsigned int)a, b)
|
# define openssl_fdset(a,b) FD_SET((unsigned int)a, b)
|
||||||
|
@ -88,330 +91,6 @@ void corrupt_signature(const ASN1_STRING *signature);
|
||||||
int set_cert_times(X509 *x, const char *startdate, const char *enddate,
|
int set_cert_times(X509 *x, const char *startdate, const char *enddate,
|
||||||
int days);
|
int days);
|
||||||
|
|
||||||
/*
|
|
||||||
* Common verification options.
|
|
||||||
*/
|
|
||||||
# define OPT_V_ENUM \
|
|
||||||
OPT_V__FIRST=2000, \
|
|
||||||
OPT_V_POLICY, OPT_V_PURPOSE, OPT_V_VERIFY_NAME, OPT_V_VERIFY_DEPTH, \
|
|
||||||
OPT_V_ATTIME, OPT_V_VERIFY_HOSTNAME, OPT_V_VERIFY_EMAIL, \
|
|
||||||
OPT_V_VERIFY_IP, OPT_V_IGNORE_CRITICAL, OPT_V_ISSUER_CHECKS, \
|
|
||||||
OPT_V_CRL_CHECK, OPT_V_CRL_CHECK_ALL, OPT_V_POLICY_CHECK, \
|
|
||||||
OPT_V_EXPLICIT_POLICY, OPT_V_INHIBIT_ANY, OPT_V_INHIBIT_MAP, \
|
|
||||||
OPT_V_X509_STRICT, OPT_V_EXTENDED_CRL, OPT_V_USE_DELTAS, \
|
|
||||||
OPT_V_POLICY_PRINT, OPT_V_CHECK_SS_SIG, OPT_V_TRUSTED_FIRST, \
|
|
||||||
OPT_V_SUITEB_128_ONLY, OPT_V_SUITEB_128, OPT_V_SUITEB_192, \
|
|
||||||
OPT_V_PARTIAL_CHAIN, OPT_V_NO_ALT_CHAINS, OPT_V_NO_CHECK_TIME, \
|
|
||||||
OPT_V_VERIFY_AUTH_LEVEL, OPT_V_ALLOW_PROXY_CERTS, \
|
|
||||||
OPT_V__LAST
|
|
||||||
|
|
||||||
# define OPT_V_OPTIONS \
|
|
||||||
{ "policy", OPT_V_POLICY, 's', "adds policy to the acceptable policy set"}, \
|
|
||||||
{ "purpose", OPT_V_PURPOSE, 's', \
|
|
||||||
"certificate chain purpose"}, \
|
|
||||||
{ "verify_name", OPT_V_VERIFY_NAME, 's', "verification policy name"}, \
|
|
||||||
{ "verify_depth", OPT_V_VERIFY_DEPTH, 'n', \
|
|
||||||
"chain depth limit" }, \
|
|
||||||
{ "auth_level", OPT_V_VERIFY_AUTH_LEVEL, 'n', \
|
|
||||||
"chain authentication security level" }, \
|
|
||||||
{ "attime", OPT_V_ATTIME, 'M', "verification epoch time" }, \
|
|
||||||
{ "verify_hostname", OPT_V_VERIFY_HOSTNAME, 's', \
|
|
||||||
"expected peer hostname" }, \
|
|
||||||
{ "verify_email", OPT_V_VERIFY_EMAIL, 's', \
|
|
||||||
"expected peer email" }, \
|
|
||||||
{ "verify_ip", OPT_V_VERIFY_IP, 's', \
|
|
||||||
"expected peer IP address" }, \
|
|
||||||
{ "ignore_critical", OPT_V_IGNORE_CRITICAL, '-', \
|
|
||||||
"permit unhandled critical extensions"}, \
|
|
||||||
{ "issuer_checks", OPT_V_ISSUER_CHECKS, '-', "(deprecated)"}, \
|
|
||||||
{ "crl_check", OPT_V_CRL_CHECK, '-', "check leaf certificate revocation" }, \
|
|
||||||
{ "crl_check_all", OPT_V_CRL_CHECK_ALL, '-', "check full chain revocation" }, \
|
|
||||||
{ "policy_check", OPT_V_POLICY_CHECK, '-', "perform rfc5280 policy checks"}, \
|
|
||||||
{ "explicit_policy", OPT_V_EXPLICIT_POLICY, '-', \
|
|
||||||
"set policy variable require-explicit-policy"}, \
|
|
||||||
{ "inhibit_any", OPT_V_INHIBIT_ANY, '-', \
|
|
||||||
"set policy variable inhibit-any-policy"}, \
|
|
||||||
{ "inhibit_map", OPT_V_INHIBIT_MAP, '-', \
|
|
||||||
"set policy variable inhibit-policy-mapping"}, \
|
|
||||||
{ "x509_strict", OPT_V_X509_STRICT, '-', \
|
|
||||||
"disable certificate compatibility work-arounds"}, \
|
|
||||||
{ "extended_crl", OPT_V_EXTENDED_CRL, '-', \
|
|
||||||
"enable extended CRL features"}, \
|
|
||||||
{ "use_deltas", OPT_V_USE_DELTAS, '-', \
|
|
||||||
"use delta CRLs"}, \
|
|
||||||
{ "policy_print", OPT_V_POLICY_PRINT, '-', \
|
|
||||||
"print policy processing diagnostics"}, \
|
|
||||||
{ "check_ss_sig", OPT_V_CHECK_SS_SIG, '-', \
|
|
||||||
"check root CA self-signatures"}, \
|
|
||||||
{ "trusted_first", OPT_V_TRUSTED_FIRST, '-', \
|
|
||||||
"search trust store first (default)" }, \
|
|
||||||
{ "suiteB_128_only", OPT_V_SUITEB_128_ONLY, '-', "Suite B 128-bit-only mode"}, \
|
|
||||||
{ "suiteB_128", OPT_V_SUITEB_128, '-', \
|
|
||||||
"Suite B 128-bit mode allowing 192-bit algorithms"}, \
|
|
||||||
{ "suiteB_192", OPT_V_SUITEB_192, '-', "Suite B 192-bit-only mode" }, \
|
|
||||||
{ "partial_chain", OPT_V_PARTIAL_CHAIN, '-', \
|
|
||||||
"accept chains anchored by intermediate trust-store CAs"}, \
|
|
||||||
{ "no_alt_chains", OPT_V_NO_ALT_CHAINS, '-', "(deprecated)" }, \
|
|
||||||
{ "no_check_time", OPT_V_NO_CHECK_TIME, '-', "ignore certificate validity time" }, \
|
|
||||||
{ "allow_proxy_certs", OPT_V_ALLOW_PROXY_CERTS, '-', "allow the use of proxy certificates" }
|
|
||||||
|
|
||||||
# define OPT_V_CASES \
|
|
||||||
OPT_V__FIRST: case OPT_V__LAST: break; \
|
|
||||||
case OPT_V_POLICY: \
|
|
||||||
case OPT_V_PURPOSE: \
|
|
||||||
case OPT_V_VERIFY_NAME: \
|
|
||||||
case OPT_V_VERIFY_DEPTH: \
|
|
||||||
case OPT_V_VERIFY_AUTH_LEVEL: \
|
|
||||||
case OPT_V_ATTIME: \
|
|
||||||
case OPT_V_VERIFY_HOSTNAME: \
|
|
||||||
case OPT_V_VERIFY_EMAIL: \
|
|
||||||
case OPT_V_VERIFY_IP: \
|
|
||||||
case OPT_V_IGNORE_CRITICAL: \
|
|
||||||
case OPT_V_ISSUER_CHECKS: \
|
|
||||||
case OPT_V_CRL_CHECK: \
|
|
||||||
case OPT_V_CRL_CHECK_ALL: \
|
|
||||||
case OPT_V_POLICY_CHECK: \
|
|
||||||
case OPT_V_EXPLICIT_POLICY: \
|
|
||||||
case OPT_V_INHIBIT_ANY: \
|
|
||||||
case OPT_V_INHIBIT_MAP: \
|
|
||||||
case OPT_V_X509_STRICT: \
|
|
||||||
case OPT_V_EXTENDED_CRL: \
|
|
||||||
case OPT_V_USE_DELTAS: \
|
|
||||||
case OPT_V_POLICY_PRINT: \
|
|
||||||
case OPT_V_CHECK_SS_SIG: \
|
|
||||||
case OPT_V_TRUSTED_FIRST: \
|
|
||||||
case OPT_V_SUITEB_128_ONLY: \
|
|
||||||
case OPT_V_SUITEB_128: \
|
|
||||||
case OPT_V_SUITEB_192: \
|
|
||||||
case OPT_V_PARTIAL_CHAIN: \
|
|
||||||
case OPT_V_NO_ALT_CHAINS: \
|
|
||||||
case OPT_V_NO_CHECK_TIME: \
|
|
||||||
case OPT_V_ALLOW_PROXY_CERTS
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Common "extended validation" options.
|
|
||||||
*/
|
|
||||||
# define OPT_X_ENUM \
|
|
||||||
OPT_X__FIRST=1000, \
|
|
||||||
OPT_X_KEY, OPT_X_CERT, OPT_X_CHAIN, OPT_X_CHAIN_BUILD, \
|
|
||||||
OPT_X_CERTFORM, OPT_X_KEYFORM, \
|
|
||||||
OPT_X__LAST
|
|
||||||
|
|
||||||
# define OPT_X_OPTIONS \
|
|
||||||
{ "xkey", OPT_X_KEY, '<', "key for Extended certificates"}, \
|
|
||||||
{ "xcert", OPT_X_CERT, '<', "cert for Extended certificates"}, \
|
|
||||||
{ "xchain", OPT_X_CHAIN, '<', "chain for Extended certificates"}, \
|
|
||||||
{ "xchain_build", OPT_X_CHAIN_BUILD, '-', \
|
|
||||||
"build certificate chain for the extended certificates"}, \
|
|
||||||
{ "xcertform", OPT_X_CERTFORM, 'F', \
|
|
||||||
"format of Extended certificate (PEM or DER) PEM default " }, \
|
|
||||||
{ "xkeyform", OPT_X_KEYFORM, 'F', \
|
|
||||||
"format of Extended certificate's key (PEM or DER) PEM default"}
|
|
||||||
|
|
||||||
# define OPT_X_CASES \
|
|
||||||
OPT_X__FIRST: case OPT_X__LAST: break; \
|
|
||||||
case OPT_X_KEY: \
|
|
||||||
case OPT_X_CERT: \
|
|
||||||
case OPT_X_CHAIN: \
|
|
||||||
case OPT_X_CHAIN_BUILD: \
|
|
||||||
case OPT_X_CERTFORM: \
|
|
||||||
case OPT_X_KEYFORM
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Common SSL options.
|
|
||||||
* Any changes here must be coordinated with ../ssl/ssl_conf.c
|
|
||||||
*/
|
|
||||||
# define OPT_S_ENUM \
|
|
||||||
OPT_S__FIRST=3000, \
|
|
||||||
OPT_S_NOSSL3, OPT_S_NOTLS1, OPT_S_NOTLS1_1, OPT_S_NOTLS1_2, \
|
|
||||||
OPT_S_NOTLS1_3, OPT_S_BUGS, OPT_S_NO_COMP, OPT_S_NOTICKET, \
|
|
||||||
OPT_S_SERVERPREF, OPT_S_LEGACYRENEG, OPT_S_LEGACYCONN, \
|
|
||||||
OPT_S_ONRESUMP, OPT_S_NOLEGACYCONN, OPT_S_ALLOW_NO_DHE_KEX, \
|
|
||||||
OPT_S_PRIORITIZE_CHACHA, \
|
|
||||||
OPT_S_STRICT, OPT_S_SIGALGS, OPT_S_CLIENTSIGALGS, OPT_S_GROUPS, \
|
|
||||||
OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, OPT_S_CIPHERSUITES, \
|
|
||||||
OPT_S_RECORD_PADDING, OPT_S_DEBUGBROKE, OPT_S_COMP, \
|
|
||||||
OPT_S_MINPROTO, OPT_S_MAXPROTO, \
|
|
||||||
OPT_S_NO_RENEGOTIATION, OPT_S_NO_MIDDLEBOX, OPT_S__LAST
|
|
||||||
|
|
||||||
# define OPT_S_OPTIONS \
|
|
||||||
{"no_ssl3", OPT_S_NOSSL3, '-',"Just disable SSLv3" }, \
|
|
||||||
{"no_tls1", OPT_S_NOTLS1, '-', "Just disable TLSv1"}, \
|
|
||||||
{"no_tls1_1", OPT_S_NOTLS1_1, '-', "Just disable TLSv1.1" }, \
|
|
||||||
{"no_tls1_2", OPT_S_NOTLS1_2, '-', "Just disable TLSv1.2"}, \
|
|
||||||
{"no_tls1_3", OPT_S_NOTLS1_3, '-', "Just disable TLSv1.3"}, \
|
|
||||||
{"bugs", OPT_S_BUGS, '-', "Turn on SSL bug compatibility"}, \
|
|
||||||
{"no_comp", OPT_S_NO_COMP, '-', "Disable SSL/TLS compression (default)" }, \
|
|
||||||
{"comp", OPT_S_COMP, '-', "Use SSL/TLS-level compression" }, \
|
|
||||||
{"no_ticket", OPT_S_NOTICKET, '-', \
|
|
||||||
"Disable use of TLS session tickets"}, \
|
|
||||||
{"serverpref", OPT_S_SERVERPREF, '-', "Use server's cipher preferences"}, \
|
|
||||||
{"legacy_renegotiation", OPT_S_LEGACYRENEG, '-', \
|
|
||||||
"Enable use of legacy renegotiation (dangerous)"}, \
|
|
||||||
{"no_renegotiation", OPT_S_NO_RENEGOTIATION, '-', \
|
|
||||||
"Disable all renegotiation."}, \
|
|
||||||
{"legacy_server_connect", OPT_S_LEGACYCONN, '-', \
|
|
||||||
"Allow initial connection to servers that don't support RI"}, \
|
|
||||||
{"no_resumption_on_reneg", OPT_S_ONRESUMP, '-', \
|
|
||||||
"Disallow session resumption on renegotiation"}, \
|
|
||||||
{"no_legacy_server_connect", OPT_S_NOLEGACYCONN, '-', \
|
|
||||||
"Disallow initial connection to servers that don't support RI"}, \
|
|
||||||
{"allow_no_dhe_kex", OPT_S_ALLOW_NO_DHE_KEX, '-', \
|
|
||||||
"In TLSv1.3 allow non-(ec)dhe based key exchange on resumption"}, \
|
|
||||||
{"prioritize_chacha", OPT_S_PRIORITIZE_CHACHA, '-', \
|
|
||||||
"Prioritize ChaCha ciphers when preferred by clients"}, \
|
|
||||||
{"strict", OPT_S_STRICT, '-', \
|
|
||||||
"Enforce strict certificate checks as per TLS standard"}, \
|
|
||||||
{"sigalgs", OPT_S_SIGALGS, 's', \
|
|
||||||
"Signature algorithms to support (colon-separated list)" }, \
|
|
||||||
{"client_sigalgs", OPT_S_CLIENTSIGALGS, 's', \
|
|
||||||
"Signature algorithms to support for client certificate" \
|
|
||||||
" authentication (colon-separated list)" }, \
|
|
||||||
{"groups", OPT_S_GROUPS, 's', \
|
|
||||||
"Groups to advertise (colon-separated list)" }, \
|
|
||||||
{"curves", OPT_S_CURVES, 's', \
|
|
||||||
"Groups to advertise (colon-separated list)" }, \
|
|
||||||
{"named_curve", OPT_S_NAMEDCURVE, 's', \
|
|
||||||
"Elliptic curve used for ECDHE (server-side only)" }, \
|
|
||||||
{"cipher", OPT_S_CIPHER, 's', "Specify TLSv1.2 and below cipher list to be used"}, \
|
|
||||||
{"ciphersuites", OPT_S_CIPHERSUITES, 's', "Specify TLSv1.3 ciphersuites to be used"}, \
|
|
||||||
{"min_protocol", OPT_S_MINPROTO, 's', "Specify the minimum protocol version to be used"}, \
|
|
||||||
{"max_protocol", OPT_S_MAXPROTO, 's', "Specify the maximum protocol version to be used"}, \
|
|
||||||
{"record_padding", OPT_S_RECORD_PADDING, 's', \
|
|
||||||
"Block size to pad TLS 1.3 records to."}, \
|
|
||||||
{"debug_broken_protocol", OPT_S_DEBUGBROKE, '-', \
|
|
||||||
"Perform all sorts of protocol violations for testing purposes"}, \
|
|
||||||
{"no_middlebox", OPT_S_NO_MIDDLEBOX, '-', \
|
|
||||||
"Disable TLSv1.3 middlebox compat mode" }
|
|
||||||
|
|
||||||
# define OPT_S_CASES \
|
|
||||||
OPT_S__FIRST: case OPT_S__LAST: break; \
|
|
||||||
case OPT_S_NOSSL3: \
|
|
||||||
case OPT_S_NOTLS1: \
|
|
||||||
case OPT_S_NOTLS1_1: \
|
|
||||||
case OPT_S_NOTLS1_2: \
|
|
||||||
case OPT_S_NOTLS1_3: \
|
|
||||||
case OPT_S_BUGS: \
|
|
||||||
case OPT_S_NO_COMP: \
|
|
||||||
case OPT_S_COMP: \
|
|
||||||
case OPT_S_NOTICKET: \
|
|
||||||
case OPT_S_SERVERPREF: \
|
|
||||||
case OPT_S_LEGACYRENEG: \
|
|
||||||
case OPT_S_LEGACYCONN: \
|
|
||||||
case OPT_S_ONRESUMP: \
|
|
||||||
case OPT_S_NOLEGACYCONN: \
|
|
||||||
case OPT_S_ALLOW_NO_DHE_KEX: \
|
|
||||||
case OPT_S_PRIORITIZE_CHACHA: \
|
|
||||||
case OPT_S_STRICT: \
|
|
||||||
case OPT_S_SIGALGS: \
|
|
||||||
case OPT_S_CLIENTSIGALGS: \
|
|
||||||
case OPT_S_GROUPS: \
|
|
||||||
case OPT_S_CURVES: \
|
|
||||||
case OPT_S_NAMEDCURVE: \
|
|
||||||
case OPT_S_CIPHER: \
|
|
||||||
case OPT_S_CIPHERSUITES: \
|
|
||||||
case OPT_S_RECORD_PADDING: \
|
|
||||||
case OPT_S_NO_RENEGOTIATION: \
|
|
||||||
case OPT_S_MINPROTO: \
|
|
||||||
case OPT_S_MAXPROTO: \
|
|
||||||
case OPT_S_DEBUGBROKE: \
|
|
||||||
case OPT_S_NO_MIDDLEBOX
|
|
||||||
|
|
||||||
#define IS_NO_PROT_FLAG(o) \
|
|
||||||
(o == OPT_S_NOSSL3 || o == OPT_S_NOTLS1 || o == OPT_S_NOTLS1_1 \
|
|
||||||
|| o == OPT_S_NOTLS1_2 || o == OPT_S_NOTLS1_3)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Random state options.
|
|
||||||
*/
|
|
||||||
# define OPT_R_ENUM \
|
|
||||||
OPT_R__FIRST=1500, OPT_R_RAND, OPT_R_WRITERAND, OPT_R__LAST
|
|
||||||
|
|
||||||
# define OPT_R_OPTIONS \
|
|
||||||
{"rand", OPT_R_RAND, 's', "Load the file(s) into the random number generator"}, \
|
|
||||||
{"writerand", OPT_R_WRITERAND, '>', "Write random data to the specified file"}
|
|
||||||
|
|
||||||
# define OPT_R_CASES \
|
|
||||||
OPT_R__FIRST: case OPT_R__LAST: break; \
|
|
||||||
case OPT_R_RAND: case OPT_R_WRITERAND
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Option parsing.
|
|
||||||
*/
|
|
||||||
extern const char OPT_HELP_STR[];
|
|
||||||
extern const char OPT_MORE_STR[];
|
|
||||||
typedef struct options_st {
|
|
||||||
const char *name;
|
|
||||||
int retval;
|
|
||||||
/*
|
|
||||||
* value type: - no value (also the value zero), n number, p positive
|
|
||||||
* number, u unsigned, l long, s string, < input file, > output file,
|
|
||||||
* f any format, F der/pem format, E der/pem/engine format identifier.
|
|
||||||
* l, n and u include zero; p does not.
|
|
||||||
*/
|
|
||||||
int valtype;
|
|
||||||
const char *helpstr;
|
|
||||||
} OPTIONS;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* A string/int pairing; widely use for option value lookup, hence the
|
|
||||||
* name OPT_PAIR. But that name is misleading in s_cb.c, so we also use
|
|
||||||
* the "generic" name STRINT_PAIR.
|
|
||||||
*/
|
|
||||||
typedef struct string_int_pair_st {
|
|
||||||
const char *name;
|
|
||||||
int retval;
|
|
||||||
} OPT_PAIR, STRINT_PAIR;
|
|
||||||
|
|
||||||
/* Flags to pass into opt_format; see FORMAT_xxx, below. */
|
|
||||||
# define OPT_FMT_PEMDER (1L << 1)
|
|
||||||
# define OPT_FMT_PKCS12 (1L << 2)
|
|
||||||
# define OPT_FMT_SMIME (1L << 3)
|
|
||||||
# define OPT_FMT_ENGINE (1L << 4)
|
|
||||||
# define OPT_FMT_MSBLOB (1L << 5)
|
|
||||||
/* (1L << 6) was OPT_FMT_NETSCAPE, but wasn't used */
|
|
||||||
# define OPT_FMT_NSS (1L << 7)
|
|
||||||
# define OPT_FMT_TEXT (1L << 8)
|
|
||||||
# define OPT_FMT_HTTP (1L << 9)
|
|
||||||
# define OPT_FMT_PVK (1L << 10)
|
|
||||||
# define OPT_FMT_PDE (OPT_FMT_PEMDER | OPT_FMT_ENGINE)
|
|
||||||
# define OPT_FMT_PDS (OPT_FMT_PEMDER | OPT_FMT_SMIME)
|
|
||||||
# define OPT_FMT_ANY ( \
|
|
||||||
OPT_FMT_PEMDER | OPT_FMT_PKCS12 | OPT_FMT_SMIME | \
|
|
||||||
OPT_FMT_ENGINE | OPT_FMT_MSBLOB | OPT_FMT_NSS | \
|
|
||||||
OPT_FMT_TEXT | OPT_FMT_HTTP | OPT_FMT_PVK)
|
|
||||||
|
|
||||||
char *opt_progname(const char *argv0);
|
|
||||||
char *opt_getprog(void);
|
|
||||||
char *opt_init(int ac, char **av, const OPTIONS * o);
|
|
||||||
int opt_next(void);
|
|
||||||
int opt_format(const char *s, unsigned long flags, int *result);
|
|
||||||
int opt_int(const char *arg, int *result);
|
|
||||||
int opt_ulong(const char *arg, unsigned long *result);
|
|
||||||
int opt_long(const char *arg, long *result);
|
|
||||||
#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L && \
|
|
||||||
defined(INTMAX_MAX) && defined(UINTMAX_MAX)
|
|
||||||
int opt_imax(const char *arg, intmax_t *result);
|
|
||||||
int opt_umax(const char *arg, uintmax_t *result);
|
|
||||||
#else
|
|
||||||
# define opt_imax opt_long
|
|
||||||
# define opt_umax opt_ulong
|
|
||||||
# define intmax_t long
|
|
||||||
# define uintmax_t unsigned long
|
|
||||||
#endif
|
|
||||||
int opt_pair(const char *arg, const OPT_PAIR * pairs, int *result);
|
|
||||||
int opt_cipher(const char *name, const EVP_CIPHER **cipherp);
|
|
||||||
int opt_md(const char *name, const EVP_MD **mdp);
|
|
||||||
char *opt_arg(void);
|
|
||||||
char *opt_flag(void);
|
|
||||||
char *opt_unknown(void);
|
|
||||||
char **opt_rest(void);
|
|
||||||
int opt_num_rest(void);
|
|
||||||
int opt_verify(int i, X509_VERIFY_PARAM *vpm);
|
|
||||||
int opt_rand(int i);
|
|
||||||
void opt_help(const OPTIONS * list);
|
|
||||||
int opt_format_error(const char *s, unsigned long flags);
|
|
||||||
|
|
||||||
typedef struct args_st {
|
typedef struct args_st {
|
||||||
int size;
|
int size;
|
||||||
int argc;
|
int argc;
|
||||||
|
@ -430,20 +109,8 @@ char **copy_argv(int *argc, char *argv[]);
|
||||||
*/
|
*/
|
||||||
void win32_utf8argv(int *argc, char **argv[]);
|
void win32_utf8argv(int *argc, char **argv[]);
|
||||||
|
|
||||||
|
|
||||||
# define PW_MIN_LENGTH 4
|
|
||||||
typedef struct pw_cb_data {
|
|
||||||
const void *password;
|
|
||||||
const char *prompt_info;
|
|
||||||
} PW_CB_DATA;
|
|
||||||
|
|
||||||
/* We need both wrap and the "real" function because libcrypto uses both. */
|
/* We need both wrap and the "real" function because libcrypto uses both. */
|
||||||
int wrap_password_callback(char *buf, int bufsiz, int verify, void *cb_data);
|
int wrap_password_callback(char *buf, int bufsiz, int verify, void *cb_data);
|
||||||
int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_data);
|
|
||||||
|
|
||||||
int setup_ui_method(void);
|
|
||||||
void destroy_ui_method(void);
|
|
||||||
const UI_METHOD *get_ui_method(void);
|
|
||||||
|
|
||||||
int chopup_args(ARGS *arg, char *buf);
|
int chopup_args(ARGS *arg, char *buf);
|
||||||
# ifdef HEADER_X509_H
|
# ifdef HEADER_X509_H
|
||||||
|
@ -573,29 +240,6 @@ void print_cert_checks(BIO *bio, X509 *x,
|
||||||
|
|
||||||
void store_setup_crl_download(X509_STORE *st);
|
void store_setup_crl_download(X509_STORE *st);
|
||||||
|
|
||||||
/* See OPT_FMT_xxx, above. */
|
|
||||||
/* On some platforms, it's important to distinguish between text and binary
|
|
||||||
* files. On some, there might even be specific file formats for different
|
|
||||||
* contents. The FORMAT_xxx macros are meant to express an intent with the
|
|
||||||
* file being read or created.
|
|
||||||
*/
|
|
||||||
# define B_FORMAT_TEXT 0x8000
|
|
||||||
# define FORMAT_UNDEF 0
|
|
||||||
# define FORMAT_TEXT (1 | B_FORMAT_TEXT) /* Generic text */
|
|
||||||
# define FORMAT_BINARY 2 /* Generic binary */
|
|
||||||
# define FORMAT_BASE64 (3 | B_FORMAT_TEXT) /* Base64 */
|
|
||||||
# define FORMAT_ASN1 4 /* ASN.1/DER */
|
|
||||||
# define FORMAT_PEM (5 | B_FORMAT_TEXT)
|
|
||||||
# define FORMAT_PKCS12 6
|
|
||||||
# define FORMAT_SMIME (7 | B_FORMAT_TEXT)
|
|
||||||
# define FORMAT_ENGINE 8 /* Not really a file format */
|
|
||||||
# define FORMAT_PEMRSA (9 | B_FORMAT_TEXT) /* PEM RSAPubicKey format */
|
|
||||||
# define FORMAT_ASN1RSA 10 /* DER RSAPubicKey format */
|
|
||||||
# define FORMAT_MSBLOB 11 /* MS Key blob format */
|
|
||||||
# define FORMAT_PVK 12 /* MS PVK file format */
|
|
||||||
# define FORMAT_HTTP 13 /* Download using HTTP */
|
|
||||||
# define FORMAT_NSS 14 /* NSS keylog format */
|
|
||||||
|
|
||||||
# define EXT_COPY_NONE 0
|
# define EXT_COPY_NONE 0
|
||||||
# define EXT_COPY_ADD 1
|
# define EXT_COPY_ADD 1
|
||||||
# define EXT_COPY_ALL 2
|
# define EXT_COPY_ALL 2
|
||||||
|
|
197
apps/apps_ui.c
Normal file
197
apps/apps_ui.c
Normal file
|
@ -0,0 +1,197 @@
|
||||||
|
/*
|
||||||
|
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
*
|
||||||
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
* in the file LICENSE in the source distribution or at
|
||||||
|
* https://www.openssl.org/source/license.html
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <string.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
|
#include <openssl/ui.h>
|
||||||
|
#include "apps_ui.h"
|
||||||
|
|
||||||
|
static UI_METHOD *ui_method = NULL;
|
||||||
|
static const UI_METHOD *ui_fallback_method = NULL;
|
||||||
|
|
||||||
|
|
||||||
|
static int ui_open(UI *ui)
|
||||||
|
{
|
||||||
|
int (*opener)(UI *ui) = UI_method_get_opener(ui_fallback_method);
|
||||||
|
|
||||||
|
if (opener)
|
||||||
|
return opener(ui);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int ui_read(UI *ui, UI_STRING *uis)
|
||||||
|
{
|
||||||
|
int (*reader)(UI *ui, UI_STRING *uis) = NULL;
|
||||||
|
|
||||||
|
if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
|
||||||
|
&& UI_get0_user_data(ui)) {
|
||||||
|
switch (UI_get_string_type(uis)) {
|
||||||
|
case UIT_PROMPT:
|
||||||
|
case UIT_VERIFY:
|
||||||
|
{
|
||||||
|
const char *password =
|
||||||
|
((PW_CB_DATA *)UI_get0_user_data(ui))->password;
|
||||||
|
if (password && password[0] != '\0') {
|
||||||
|
UI_set_result(ui, uis, password);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case UIT_NONE:
|
||||||
|
case UIT_BOOLEAN:
|
||||||
|
case UIT_INFO:
|
||||||
|
case UIT_ERROR:
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
reader = UI_method_get_reader(ui_fallback_method);
|
||||||
|
if (reader)
|
||||||
|
return reader(ui, uis);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int ui_write(UI *ui, UI_STRING *uis)
|
||||||
|
{
|
||||||
|
int (*writer)(UI *ui, UI_STRING *uis) = NULL;
|
||||||
|
|
||||||
|
if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
|
||||||
|
&& UI_get0_user_data(ui)) {
|
||||||
|
switch (UI_get_string_type(uis)) {
|
||||||
|
case UIT_PROMPT:
|
||||||
|
case UIT_VERIFY:
|
||||||
|
{
|
||||||
|
const char *password =
|
||||||
|
((PW_CB_DATA *)UI_get0_user_data(ui))->password;
|
||||||
|
if (password && password[0] != '\0')
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case UIT_NONE:
|
||||||
|
case UIT_BOOLEAN:
|
||||||
|
case UIT_INFO:
|
||||||
|
case UIT_ERROR:
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
writer = UI_method_get_writer(ui_fallback_method);
|
||||||
|
if (writer)
|
||||||
|
return writer(ui, uis);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int ui_close(UI *ui)
|
||||||
|
{
|
||||||
|
int (*closer)(UI *ui) = UI_method_get_closer(ui_fallback_method);
|
||||||
|
|
||||||
|
if (closer)
|
||||||
|
return closer(ui);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
int setup_ui_method(void)
|
||||||
|
{
|
||||||
|
ui_fallback_method = UI_null();
|
||||||
|
#ifndef OPENSSL_NO_UI_CONSOLE
|
||||||
|
ui_fallback_method = UI_OpenSSL();
|
||||||
|
#endif
|
||||||
|
ui_method = UI_create_method("OpenSSL application user interface");
|
||||||
|
UI_method_set_opener(ui_method, ui_open);
|
||||||
|
UI_method_set_reader(ui_method, ui_read);
|
||||||
|
UI_method_set_writer(ui_method, ui_write);
|
||||||
|
UI_method_set_closer(ui_method, ui_close);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
void destroy_ui_method(void)
|
||||||
|
{
|
||||||
|
if (ui_method) {
|
||||||
|
UI_destroy_method(ui_method);
|
||||||
|
ui_method = NULL;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
const UI_METHOD *get_ui_method(void)
|
||||||
|
{
|
||||||
|
return ui_method;
|
||||||
|
}
|
||||||
|
|
||||||
|
static void *ui_malloc(int sz, const char *what)
|
||||||
|
{
|
||||||
|
void *vp = OPENSSL_malloc(sz);
|
||||||
|
|
||||||
|
if (vp == NULL) {
|
||||||
|
BIO_printf(bio_err, "Could not allocate %d bytes for %s\n", sz, what);
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
return vp;
|
||||||
|
}
|
||||||
|
|
||||||
|
int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_data)
|
||||||
|
{
|
||||||
|
int res = 0;
|
||||||
|
UI *ui;
|
||||||
|
int ok = 0;
|
||||||
|
char *buff = NULL;
|
||||||
|
int ui_flags = 0;
|
||||||
|
const char *prompt_info = NULL;
|
||||||
|
char *prompt;
|
||||||
|
|
||||||
|
if ((ui = UI_new_method(ui_method)) == NULL)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
if (cb_data != NULL && cb_data->prompt_info != NULL)
|
||||||
|
prompt_info = cb_data->prompt_info;
|
||||||
|
prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
|
||||||
|
if (prompt == NULL) {
|
||||||
|
BIO_printf(bio_err, "Out of memory\n");
|
||||||
|
UI_free(ui);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;
|
||||||
|
UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
|
||||||
|
|
||||||
|
/* We know that there is no previous user data to return to us */
|
||||||
|
(void)UI_add_user_data(ui, cb_data);
|
||||||
|
|
||||||
|
ok = UI_add_input_string(ui, prompt, ui_flags, buf,
|
||||||
|
PW_MIN_LENGTH, bufsiz - 1);
|
||||||
|
|
||||||
|
if (ok >= 0 && verify) {
|
||||||
|
buff = ui_malloc(bufsiz, "password buffer");
|
||||||
|
ok = UI_add_verify_string(ui, prompt, ui_flags, buff,
|
||||||
|
PW_MIN_LENGTH, bufsiz - 1, buf);
|
||||||
|
}
|
||||||
|
if (ok >= 0)
|
||||||
|
do {
|
||||||
|
ok = UI_process(ui);
|
||||||
|
} while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
|
||||||
|
|
||||||
|
OPENSSL_clear_free(buff, (unsigned int)bufsiz);
|
||||||
|
|
||||||
|
if (ok >= 0)
|
||||||
|
res = strlen(buf);
|
||||||
|
if (ok == -1) {
|
||||||
|
BIO_printf(bio_err, "User interface error\n");
|
||||||
|
ERR_print_errors(bio_err);
|
||||||
|
OPENSSL_cleanse(buf, (unsigned int)bufsiz);
|
||||||
|
res = 0;
|
||||||
|
}
|
||||||
|
if (ok == -2) {
|
||||||
|
BIO_printf(bio_err, "aborted!\n");
|
||||||
|
OPENSSL_cleanse(buf, (unsigned int)bufsiz);
|
||||||
|
res = 0;
|
||||||
|
}
|
||||||
|
UI_free(ui);
|
||||||
|
OPENSSL_free(prompt);
|
||||||
|
return res;
|
||||||
|
}
|
28
apps/apps_ui.h
Normal file
28
apps/apps_ui.h
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
*
|
||||||
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
* in the file LICENSE in the source distribution or at
|
||||||
|
* https://www.openssl.org/source/license.html
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_APPS_UI_H
|
||||||
|
# define HEADER_APPS_UI_H
|
||||||
|
|
||||||
|
|
||||||
|
# define PW_MIN_LENGTH 4
|
||||||
|
typedef struct pw_cb_data {
|
||||||
|
const void *password;
|
||||||
|
const char *prompt_info;
|
||||||
|
} PW_CB_DATA;
|
||||||
|
|
||||||
|
int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_data);
|
||||||
|
|
||||||
|
int setup_ui_method(void);
|
||||||
|
void destroy_ui_method(void);
|
||||||
|
const UI_METHOD *get_ui_method(void);
|
||||||
|
|
||||||
|
extern BIO *bio_err;
|
||||||
|
|
||||||
|
#endif
|
|
@ -7,7 +7,8 @@
|
||||||
s_client.c s_server.c s_time.c sess_id.c smime.c speed.c spkac.c
|
s_client.c s_server.c s_time.c sess_id.c smime.c speed.c spkac.c
|
||||||
srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c);
|
srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c);
|
||||||
our @apps_lib_src =
|
our @apps_lib_src =
|
||||||
( qw(apps.c opt.c s_cb.c s_socket.c app_rand.c bf_prefix.c),
|
( qw(apps.c apps_ui.c opt.c fmt.c s_cb.c s_socket.c app_rand.c
|
||||||
|
bf_prefix.c),
|
||||||
split(/\s+/, $target{apps_aux_src}) );
|
split(/\s+/, $target{apps_aux_src}) );
|
||||||
our @apps_init_src = split(/\s+/, $target{apps_init_src});
|
our @apps_init_src = split(/\s+/, $target{apps_init_src});
|
||||||
"" -}
|
"" -}
|
||||||
|
|
15
apps/fmt.c
Normal file
15
apps/fmt.c
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
*
|
||||||
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
* in the file LICENSE in the source distribution or at
|
||||||
|
* https://www.openssl.org/source/license.html
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "fmt.h"
|
||||||
|
|
||||||
|
int FMT_istext(int format)
|
||||||
|
{
|
||||||
|
return (format & B_FORMAT_TEXT) == B_FORMAT_TEXT;
|
||||||
|
}
|
44
apps/fmt.h
Normal file
44
apps/fmt.h
Normal file
|
@ -0,0 +1,44 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
*
|
||||||
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
* in the file LICENSE in the source distribution or at
|
||||||
|
* https://www.openssl.org/source/license.html
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Options are shared by apps (see apps.h) and the test system
|
||||||
|
* (see test/testutil.h').
|
||||||
|
* In order to remove the dependency between apps and options, the following
|
||||||
|
* shared fields have been moved into this file.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_FMT_H
|
||||||
|
#define HEADER_FMT_H
|
||||||
|
|
||||||
|
/* On some platforms, it's important to distinguish between text and binary
|
||||||
|
* files. On some, there might even be specific file formats for different
|
||||||
|
* contents. The FORMAT_xxx macros are meant to express an intent with the
|
||||||
|
* file being read or created.
|
||||||
|
*/
|
||||||
|
# define B_FORMAT_TEXT 0x8000
|
||||||
|
# define FORMAT_UNDEF 0
|
||||||
|
# define FORMAT_TEXT (1 | B_FORMAT_TEXT) /* Generic text */
|
||||||
|
# define FORMAT_BINARY 2 /* Generic binary */
|
||||||
|
# define FORMAT_BASE64 (3 | B_FORMAT_TEXT) /* Base64 */
|
||||||
|
# define FORMAT_ASN1 4 /* ASN.1/DER */
|
||||||
|
# define FORMAT_PEM (5 | B_FORMAT_TEXT)
|
||||||
|
# define FORMAT_PKCS12 6
|
||||||
|
# define FORMAT_SMIME (7 | B_FORMAT_TEXT)
|
||||||
|
# define FORMAT_ENGINE 8 /* Not really a file format */
|
||||||
|
# define FORMAT_PEMRSA (9 | B_FORMAT_TEXT) /* PEM RSAPubicKey format */
|
||||||
|
# define FORMAT_ASN1RSA 10 /* DER RSAPubicKey format */
|
||||||
|
# define FORMAT_MSBLOB 11 /* MS Key blob format */
|
||||||
|
# define FORMAT_PVK 12 /* MS PVK file format */
|
||||||
|
# define FORMAT_HTTP 13 /* Download using HTTP */
|
||||||
|
# define FORMAT_NSS 14 /* NSS keylog format */
|
||||||
|
|
||||||
|
int FMT_istext(int format);
|
||||||
|
|
||||||
|
#endif /* HEADER_FMT_H_ */
|
164
apps/opt.c
164
apps/opt.c
|
@ -6,7 +6,13 @@
|
||||||
* in the file LICENSE in the source distribution or at
|
* in the file LICENSE in the source distribution or at
|
||||||
* https://www.openssl.org/source/license.html
|
* https://www.openssl.org/source/license.html
|
||||||
*/
|
*/
|
||||||
#include "apps.h"
|
|
||||||
|
/*
|
||||||
|
* This file is also used by the test suite. Do not #include "apps.h".
|
||||||
|
*/
|
||||||
|
#include "opt.h"
|
||||||
|
#include "fmt.h"
|
||||||
|
#include "internal/nelem.h"
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#if !defined(OPENSSL_SYS_MSDOS)
|
#if !defined(OPENSSL_SYS_MSDOS)
|
||||||
# include OPENSSL_UNISTD
|
# include OPENSSL_UNISTD
|
||||||
|
@ -116,7 +122,7 @@ char *opt_init(int ac, char **av, const OPTIONS *o)
|
||||||
/* Store state. */
|
/* Store state. */
|
||||||
argc = ac;
|
argc = ac;
|
||||||
argv = av;
|
argv = av;
|
||||||
opt_index = 1;
|
opt_begin();
|
||||||
opts = o;
|
opts = o;
|
||||||
opt_progname(av[0]);
|
opt_progname(av[0]);
|
||||||
unknown = NULL;
|
unknown = NULL;
|
||||||
|
@ -133,15 +139,15 @@ char *opt_init(int ac, char **av, const OPTIONS *o)
|
||||||
i = o->valtype;
|
i = o->valtype;
|
||||||
|
|
||||||
/* Make sure options are legit. */
|
/* Make sure options are legit. */
|
||||||
assert(o->name[0] != '-');
|
OPENSSL_assert(o->name[0] != '-');
|
||||||
assert(o->retval > 0);
|
OPENSSL_assert(o->retval > 0);
|
||||||
switch (i) {
|
switch (i) {
|
||||||
case 0: case '-': case '/': case '<': case '>': case 'E': case 'F':
|
case 0: case '-': case '/': case '<': case '>': case 'E': case 'F':
|
||||||
case 'M': case 'U': case 'f': case 'l': case 'n': case 'p': case 's':
|
case 'M': case 'U': case 'f': case 'l': case 'n': case 'p': case 's':
|
||||||
case 'u': case 'c':
|
case 'u': case 'c':
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
assert(0);
|
OPENSSL_assert(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Make sure there are no duplicates. */
|
/* Make sure there are no duplicates. */
|
||||||
|
@ -150,13 +156,13 @@ char *opt_init(int ac, char **av, const OPTIONS *o)
|
||||||
* Some compilers inline strcmp and the assert string is too long.
|
* Some compilers inline strcmp and the assert string is too long.
|
||||||
*/
|
*/
|
||||||
duplicated = strcmp(o->name, next->name) == 0;
|
duplicated = strcmp(o->name, next->name) == 0;
|
||||||
assert(!duplicated);
|
OPENSSL_assert(!duplicated);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
if (o->name[0] == '\0') {
|
if (o->name[0] == '\0') {
|
||||||
assert(unknown == NULL);
|
OPENSSL_assert(unknown == NULL);
|
||||||
unknown = o;
|
unknown = o;
|
||||||
assert(unknown->valtype == 0 || unknown->valtype == '-');
|
OPENSSL_assert(unknown->valtype == 0 || unknown->valtype == '-');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return prog;
|
return prog;
|
||||||
|
@ -181,14 +187,14 @@ int opt_format_error(const char *s, unsigned long flags)
|
||||||
OPT_PAIR *ap;
|
OPT_PAIR *ap;
|
||||||
|
|
||||||
if (flags == OPT_FMT_PEMDER) {
|
if (flags == OPT_FMT_PEMDER) {
|
||||||
BIO_printf(bio_err, "%s: Bad format \"%s\"; must be pem or der\n",
|
opt_printf_stderr("%s: Bad format \"%s\"; must be pem or der\n",
|
||||||
prog, s);
|
prog, s);
|
||||||
} else {
|
} else {
|
||||||
BIO_printf(bio_err, "%s: Bad format \"%s\"; must be one of:\n",
|
opt_printf_stderr("%s: Bad format \"%s\"; must be one of:\n",
|
||||||
prog, s);
|
prog, s);
|
||||||
for (ap = formats; ap->name; ap++)
|
for (ap = formats; ap->name; ap++)
|
||||||
if (flags & ap->retval)
|
if (flags & ap->retval)
|
||||||
BIO_printf(bio_err, " %s\n", ap->name);
|
opt_printf_stderr(" %s\n", ap->name);
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -277,7 +283,7 @@ int opt_cipher(const char *name, const EVP_CIPHER **cipherp)
|
||||||
*cipherp = EVP_get_cipherbyname(name);
|
*cipherp = EVP_get_cipherbyname(name);
|
||||||
if (*cipherp != NULL)
|
if (*cipherp != NULL)
|
||||||
return 1;
|
return 1;
|
||||||
BIO_printf(bio_err, "%s: Unrecognized flag %s\n", prog, name);
|
opt_printf_stderr("%s: Unrecognized flag %s\n", prog, name);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -289,7 +295,7 @@ int opt_md(const char *name, const EVP_MD **mdp)
|
||||||
*mdp = EVP_get_digestbyname(name);
|
*mdp = EVP_get_digestbyname(name);
|
||||||
if (*mdp != NULL)
|
if (*mdp != NULL)
|
||||||
return 1;
|
return 1;
|
||||||
BIO_printf(bio_err, "%s: Unrecognized flag %s\n", prog, name);
|
opt_printf_stderr("%s: Unrecognized flag %s\n", prog, name);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -303,9 +309,9 @@ int opt_pair(const char *name, const OPT_PAIR* pairs, int *result)
|
||||||
*result = pp->retval;
|
*result = pp->retval;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
BIO_printf(bio_err, "%s: Value must be one of:\n", prog);
|
opt_printf_stderr("%s: Value must be one of:\n", prog);
|
||||||
for (pp = pairs; pp->name; pp++)
|
for (pp = pairs; pp->name; pp++)
|
||||||
BIO_printf(bio_err, "\t%s\n", pp->name);
|
opt_printf_stderr("\t%s\n", pp->name);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -318,7 +324,7 @@ int opt_int(const char *value, int *result)
|
||||||
return 0;
|
return 0;
|
||||||
*result = (int)l;
|
*result = (int)l;
|
||||||
if (*result != l) {
|
if (*result != l) {
|
||||||
BIO_printf(bio_err, "%s: Value \"%s\" outside integer range\n",
|
opt_printf_stderr("%s: Value \"%s\" outside integer range\n",
|
||||||
prog, value);
|
prog, value);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -339,13 +345,12 @@ static void opt_number_error(const char *v)
|
||||||
|
|
||||||
for (i = 0; i < OSSL_NELEM(b); i++) {
|
for (i = 0; i < OSSL_NELEM(b); i++) {
|
||||||
if (strncmp(v, b[i].prefix, strlen(b[i].prefix)) == 0) {
|
if (strncmp(v, b[i].prefix, strlen(b[i].prefix)) == 0) {
|
||||||
BIO_printf(bio_err,
|
opt_printf_stderr("%s: Can't parse \"%s\" as %s number\n",
|
||||||
"%s: Can't parse \"%s\" as %s number\n",
|
|
||||||
prog, v, b[i].name);
|
prog, v, b[i].name);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
BIO_printf(bio_err, "%s: Can't parse \"%s\" as a number\n", prog, v);
|
opt_printf_stderr("%s: Can't parse \"%s\" as a number\n", prog, v);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -458,9 +463,9 @@ int opt_verify(int opt, X509_VERIFY_PARAM *vpm)
|
||||||
X509_PURPOSE *xptmp;
|
X509_PURPOSE *xptmp;
|
||||||
const X509_VERIFY_PARAM *vtmp;
|
const X509_VERIFY_PARAM *vtmp;
|
||||||
|
|
||||||
assert(vpm != NULL);
|
OPENSSL_assert(vpm != NULL);
|
||||||
assert(opt > OPT_V__FIRST);
|
OPENSSL_assert(opt > OPT_V__FIRST);
|
||||||
assert(opt < OPT_V__LAST);
|
OPENSSL_assert(opt < OPT_V__LAST);
|
||||||
|
|
||||||
switch ((enum range)opt) {
|
switch ((enum range)opt) {
|
||||||
case OPT_V__FIRST:
|
case OPT_V__FIRST:
|
||||||
|
@ -469,7 +474,7 @@ int opt_verify(int opt, X509_VERIFY_PARAM *vpm)
|
||||||
case OPT_V_POLICY:
|
case OPT_V_POLICY:
|
||||||
otmp = OBJ_txt2obj(opt_arg(), 0);
|
otmp = OBJ_txt2obj(opt_arg(), 0);
|
||||||
if (otmp == NULL) {
|
if (otmp == NULL) {
|
||||||
BIO_printf(bio_err, "%s: Invalid Policy %s\n", prog, opt_arg());
|
opt_printf_stderr("%s: Invalid Policy %s\n", prog, opt_arg());
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
X509_VERIFY_PARAM_add0_policy(vpm, otmp);
|
X509_VERIFY_PARAM_add0_policy(vpm, otmp);
|
||||||
|
@ -478,7 +483,7 @@ int opt_verify(int opt, X509_VERIFY_PARAM *vpm)
|
||||||
/* purpose name -> purpose index */
|
/* purpose name -> purpose index */
|
||||||
i = X509_PURPOSE_get_by_sname(opt_arg());
|
i = X509_PURPOSE_get_by_sname(opt_arg());
|
||||||
if (i < 0) {
|
if (i < 0) {
|
||||||
BIO_printf(bio_err, "%s: Invalid purpose %s\n", prog, opt_arg());
|
opt_printf_stderr("%s: Invalid purpose %s\n", prog, opt_arg());
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -489,8 +494,7 @@ int opt_verify(int opt, X509_VERIFY_PARAM *vpm)
|
||||||
i = X509_PURPOSE_get_id(xptmp);
|
i = X509_PURPOSE_get_id(xptmp);
|
||||||
|
|
||||||
if (!X509_VERIFY_PARAM_set_purpose(vpm, i)) {
|
if (!X509_VERIFY_PARAM_set_purpose(vpm, i)) {
|
||||||
BIO_printf(bio_err,
|
opt_printf_stderr("%s: Internal error setting purpose %s\n",
|
||||||
"%s: Internal error setting purpose %s\n",
|
|
||||||
prog, opt_arg());
|
prog, opt_arg());
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -498,7 +502,7 @@ int opt_verify(int opt, X509_VERIFY_PARAM *vpm)
|
||||||
case OPT_V_VERIFY_NAME:
|
case OPT_V_VERIFY_NAME:
|
||||||
vtmp = X509_VERIFY_PARAM_lookup(opt_arg());
|
vtmp = X509_VERIFY_PARAM_lookup(opt_arg());
|
||||||
if (vtmp == NULL) {
|
if (vtmp == NULL) {
|
||||||
BIO_printf(bio_err, "%s: Invalid verify name %s\n",
|
opt_printf_stderr("%s: Invalid verify name %s\n",
|
||||||
prog, opt_arg());
|
prog, opt_arg());
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -518,7 +522,7 @@ int opt_verify(int opt, X509_VERIFY_PARAM *vpm)
|
||||||
if (!opt_imax(opt_arg(), &t))
|
if (!opt_imax(opt_arg(), &t))
|
||||||
return 0;
|
return 0;
|
||||||
if (t != (time_t)t) {
|
if (t != (time_t)t) {
|
||||||
BIO_printf(bio_err, "%s: epoch time out of range %s\n",
|
opt_printf_stderr("%s: epoch time out of range %s\n",
|
||||||
prog, opt_arg());
|
prog, opt_arg());
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -606,6 +610,13 @@ int opt_verify(int opt, X509_VERIFY_PARAM *vpm)
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void opt_begin(void)
|
||||||
|
{
|
||||||
|
opt_index = 1;
|
||||||
|
arg = NULL;
|
||||||
|
flag = NULL;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Parse the next flag (and value if specified), return 0 if done, -1 on
|
* Parse the next flag (and value if specified), return 0 if done, -1 on
|
||||||
* error, otherwise the flag's retval.
|
* error, otherwise the flag's retval.
|
||||||
|
@ -651,8 +662,8 @@ int opt_next(void)
|
||||||
/* If it doesn't take a value, make sure none was given. */
|
/* If it doesn't take a value, make sure none was given. */
|
||||||
if (o->valtype == 0 || o->valtype == '-') {
|
if (o->valtype == 0 || o->valtype == '-') {
|
||||||
if (arg) {
|
if (arg) {
|
||||||
BIO_printf(bio_err,
|
opt_printf_stderr("%s: Option -%s does not take a value\n",
|
||||||
"%s: Option -%s does not take a value\n", prog, p);
|
prog, p);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
return o->retval;
|
return o->retval;
|
||||||
|
@ -661,8 +672,8 @@ int opt_next(void)
|
||||||
/* Want a value; get the next param if =foo not used. */
|
/* Want a value; get the next param if =foo not used. */
|
||||||
if (arg == NULL) {
|
if (arg == NULL) {
|
||||||
if (argv[opt_index] == NULL) {
|
if (argv[opt_index] == NULL) {
|
||||||
BIO_printf(bio_err,
|
opt_printf_stderr("%s: Option -%s needs a value\n",
|
||||||
"%s: Option -%s needs a value\n", prog, o->name);
|
prog, o->name);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
arg = argv[opt_index++];
|
arg = argv[opt_index++];
|
||||||
|
@ -675,9 +686,9 @@ int opt_next(void)
|
||||||
/* Just a string. */
|
/* Just a string. */
|
||||||
break;
|
break;
|
||||||
case '/':
|
case '/':
|
||||||
if (app_isdir(arg) > 0)
|
if (opt_isdir(arg) > 0)
|
||||||
break;
|
break;
|
||||||
BIO_printf(bio_err, "%s: Not a directory: %s\n", prog, arg);
|
opt_printf_stderr("%s: Not a directory: %s\n", prog, arg);
|
||||||
return -1;
|
return -1;
|
||||||
case '<':
|
case '<':
|
||||||
/* Input file. */
|
/* Input file. */
|
||||||
|
@ -689,40 +700,35 @@ int opt_next(void)
|
||||||
case 'n':
|
case 'n':
|
||||||
if (!opt_int(arg, &ival)
|
if (!opt_int(arg, &ival)
|
||||||
|| (o->valtype == 'p' && ival <= 0)) {
|
|| (o->valtype == 'p' && ival <= 0)) {
|
||||||
BIO_printf(bio_err,
|
opt_printf_stderr("%s: Non-positive number \"%s\" for -%s\n",
|
||||||
"%s: Non-positive number \"%s\" for -%s\n",
|
|
||||||
prog, arg, o->name);
|
prog, arg, o->name);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'M':
|
case 'M':
|
||||||
if (!opt_imax(arg, &imval)) {
|
if (!opt_imax(arg, &imval)) {
|
||||||
BIO_printf(bio_err,
|
opt_printf_stderr("%s: Invalid number \"%s\" for -%s\n",
|
||||||
"%s: Invalid number \"%s\" for -%s\n",
|
|
||||||
prog, arg, o->name);
|
prog, arg, o->name);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'U':
|
case 'U':
|
||||||
if (!opt_umax(arg, &umval)) {
|
if (!opt_umax(arg, &umval)) {
|
||||||
BIO_printf(bio_err,
|
opt_printf_stderr("%s: Invalid number \"%s\" for -%s\n",
|
||||||
"%s: Invalid number \"%s\" for -%s\n",
|
|
||||||
prog, arg, o->name);
|
prog, arg, o->name);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'l':
|
case 'l':
|
||||||
if (!opt_long(arg, &lval)) {
|
if (!opt_long(arg, &lval)) {
|
||||||
BIO_printf(bio_err,
|
opt_printf_stderr("%s: Invalid number \"%s\" for -%s\n",
|
||||||
"%s: Invalid number \"%s\" for -%s\n",
|
|
||||||
prog, arg, o->name);
|
prog, arg, o->name);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'u':
|
case 'u':
|
||||||
if (!opt_ulong(arg, &ulval)) {
|
if (!opt_ulong(arg, &ulval)) {
|
||||||
BIO_printf(bio_err,
|
opt_printf_stderr("%s: Invalid number \"%s\" for -%s\n",
|
||||||
"%s: Invalid number \"%s\" for -%s\n",
|
|
||||||
prog, arg, o->name);
|
prog, arg, o->name);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
@ -737,8 +743,7 @@ int opt_next(void)
|
||||||
o->valtype == 'F' ? OPT_FMT_PEMDER
|
o->valtype == 'F' ? OPT_FMT_PEMDER
|
||||||
: OPT_FMT_ANY, &ival))
|
: OPT_FMT_ANY, &ival))
|
||||||
break;
|
break;
|
||||||
BIO_printf(bio_err,
|
opt_printf_stderr("%s: Invalid format \"%s\" for -%s\n",
|
||||||
"%s: Invalid format \"%s\" for -%s\n",
|
|
||||||
prog, arg, o->name);
|
prog, arg, o->name);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
@ -750,7 +755,7 @@ int opt_next(void)
|
||||||
dunno = p;
|
dunno = p;
|
||||||
return unknown->retval;
|
return unknown->retval;
|
||||||
}
|
}
|
||||||
BIO_printf(bio_err, "%s: Option unknown option -%s\n", prog, p);
|
opt_printf_stderr("%s: Option unknown option -%s\n", prog, p);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -848,18 +853,17 @@ void opt_help(const OPTIONS *list)
|
||||||
i += 1 + strlen(valtype2param(o));
|
i += 1 + strlen(valtype2param(o));
|
||||||
if (i < MAX_OPT_HELP_WIDTH && i > width)
|
if (i < MAX_OPT_HELP_WIDTH && i > width)
|
||||||
width = i;
|
width = i;
|
||||||
assert(i < (int)sizeof(start));
|
OPENSSL_assert(i < (int)sizeof(start));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (standard_prolog)
|
if (standard_prolog)
|
||||||
BIO_printf(bio_err, "Usage: %s [options]\nValid options are:\n",
|
opt_printf_stderr("Usage: %s [options]\nValid options are:\n", prog);
|
||||||
prog);
|
|
||||||
|
|
||||||
/* Now let's print. */
|
/* Now let's print. */
|
||||||
for (o = list; o->name; o++) {
|
for (o = list; o->name; o++) {
|
||||||
help = o->helpstr ? o->helpstr : "(No additional info)";
|
help = o->helpstr ? o->helpstr : "(No additional info)";
|
||||||
if (o->name == OPT_HELP_STR) {
|
if (o->name == OPT_HELP_STR) {
|
||||||
BIO_printf(bio_err, help, prog);
|
opt_printf_stderr(help, prog);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -870,7 +874,7 @@ void opt_help(const OPTIONS *list)
|
||||||
if (o->name == OPT_MORE_STR) {
|
if (o->name == OPT_MORE_STR) {
|
||||||
/* Continuation of previous line; pad and print. */
|
/* Continuation of previous line; pad and print. */
|
||||||
start[width] = '\0';
|
start[width] = '\0';
|
||||||
BIO_printf(bio_err, "%s %s\n", start, help);
|
opt_printf_stderr("%s %s\n", start, help);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -889,10 +893,62 @@ void opt_help(const OPTIONS *list)
|
||||||
*p = ' ';
|
*p = ' ';
|
||||||
if ((int)(p - start) >= MAX_OPT_HELP_WIDTH) {
|
if ((int)(p - start) >= MAX_OPT_HELP_WIDTH) {
|
||||||
*p = '\0';
|
*p = '\0';
|
||||||
BIO_printf(bio_err, "%s\n", start);
|
opt_printf_stderr("%s\n", start);
|
||||||
memset(start, ' ', sizeof(start));
|
memset(start, ' ', sizeof(start));
|
||||||
}
|
}
|
||||||
start[width] = '\0';
|
start[width] = '\0';
|
||||||
BIO_printf(bio_err, "%s %s\n", start, help);
|
opt_printf_stderr("%s %s\n", start, help);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* opt_isdir section */
|
||||||
|
#ifdef _WIN32
|
||||||
|
# include <windows.h>
|
||||||
|
int opt_isdir(const char *name)
|
||||||
|
{
|
||||||
|
DWORD attr;
|
||||||
|
# if defined(UNICODE) || defined(_UNICODE)
|
||||||
|
size_t i, len_0 = strlen(name) + 1;
|
||||||
|
WCHAR tempname[MAX_PATH];
|
||||||
|
|
||||||
|
if (len_0 > MAX_PATH)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
# if !defined(_WIN32_WCE) || _WIN32_WCE>=101
|
||||||
|
if (!MultiByteToWideChar(CP_ACP, 0, name, len_0, tempname, MAX_PATH))
|
||||||
|
# endif
|
||||||
|
for (i = 0; i < len_0; i++)
|
||||||
|
tempname[i] = (WCHAR)name[i];
|
||||||
|
|
||||||
|
attr = GetFileAttributes(tempname);
|
||||||
|
# else
|
||||||
|
attr = GetFileAttributes(name);
|
||||||
|
# endif
|
||||||
|
if (attr == INVALID_FILE_ATTRIBUTES)
|
||||||
|
return -1;
|
||||||
|
return ((attr & FILE_ATTRIBUTE_DIRECTORY) != 0);
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
# include <sys/stat.h>
|
||||||
|
# ifndef S_ISDIR
|
||||||
|
# if defined(_S_IFMT) && defined(_S_IFDIR)
|
||||||
|
# define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR)
|
||||||
|
# else
|
||||||
|
# define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
int opt_isdir(const char *name)
|
||||||
|
{
|
||||||
|
# if defined(S_ISDIR)
|
||||||
|
struct stat st;
|
||||||
|
|
||||||
|
if (stat(name, &st) == 0)
|
||||||
|
return S_ISDIR(st.st_mode);
|
||||||
|
else
|
||||||
|
return -1;
|
||||||
|
# else
|
||||||
|
return -1;
|
||||||
|
# endif
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
344
apps/opt.h
Normal file
344
apps/opt.h
Normal file
|
@ -0,0 +1,344 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
*
|
||||||
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
* in the file LICENSE in the source distribution or at
|
||||||
|
* https://www.openssl.org/source/license.html
|
||||||
|
*/
|
||||||
|
#ifndef HEADER_OPT_H
|
||||||
|
#define HEADER_OPT_H
|
||||||
|
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <openssl/e_os2.h>
|
||||||
|
#include <openssl/ossl_typ.h>
|
||||||
|
#include <stdarg.h>
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Common verification options.
|
||||||
|
*/
|
||||||
|
# define OPT_V_ENUM \
|
||||||
|
OPT_V__FIRST=2000, \
|
||||||
|
OPT_V_POLICY, OPT_V_PURPOSE, OPT_V_VERIFY_NAME, OPT_V_VERIFY_DEPTH, \
|
||||||
|
OPT_V_ATTIME, OPT_V_VERIFY_HOSTNAME, OPT_V_VERIFY_EMAIL, \
|
||||||
|
OPT_V_VERIFY_IP, OPT_V_IGNORE_CRITICAL, OPT_V_ISSUER_CHECKS, \
|
||||||
|
OPT_V_CRL_CHECK, OPT_V_CRL_CHECK_ALL, OPT_V_POLICY_CHECK, \
|
||||||
|
OPT_V_EXPLICIT_POLICY, OPT_V_INHIBIT_ANY, OPT_V_INHIBIT_MAP, \
|
||||||
|
OPT_V_X509_STRICT, OPT_V_EXTENDED_CRL, OPT_V_USE_DELTAS, \
|
||||||
|
OPT_V_POLICY_PRINT, OPT_V_CHECK_SS_SIG, OPT_V_TRUSTED_FIRST, \
|
||||||
|
OPT_V_SUITEB_128_ONLY, OPT_V_SUITEB_128, OPT_V_SUITEB_192, \
|
||||||
|
OPT_V_PARTIAL_CHAIN, OPT_V_NO_ALT_CHAINS, OPT_V_NO_CHECK_TIME, \
|
||||||
|
OPT_V_VERIFY_AUTH_LEVEL, OPT_V_ALLOW_PROXY_CERTS, \
|
||||||
|
OPT_V__LAST
|
||||||
|
|
||||||
|
# define OPT_V_OPTIONS \
|
||||||
|
{ "policy", OPT_V_POLICY, 's', "adds policy to the acceptable policy set"}, \
|
||||||
|
{ "purpose", OPT_V_PURPOSE, 's', \
|
||||||
|
"certificate chain purpose"}, \
|
||||||
|
{ "verify_name", OPT_V_VERIFY_NAME, 's', "verification policy name"}, \
|
||||||
|
{ "verify_depth", OPT_V_VERIFY_DEPTH, 'n', \
|
||||||
|
"chain depth limit" }, \
|
||||||
|
{ "auth_level", OPT_V_VERIFY_AUTH_LEVEL, 'n', \
|
||||||
|
"chain authentication security level" }, \
|
||||||
|
{ "attime", OPT_V_ATTIME, 'M', "verification epoch time" }, \
|
||||||
|
{ "verify_hostname", OPT_V_VERIFY_HOSTNAME, 's', \
|
||||||
|
"expected peer hostname" }, \
|
||||||
|
{ "verify_email", OPT_V_VERIFY_EMAIL, 's', \
|
||||||
|
"expected peer email" }, \
|
||||||
|
{ "verify_ip", OPT_V_VERIFY_IP, 's', \
|
||||||
|
"expected peer IP address" }, \
|
||||||
|
{ "ignore_critical", OPT_V_IGNORE_CRITICAL, '-', \
|
||||||
|
"permit unhandled critical extensions"}, \
|
||||||
|
{ "issuer_checks", OPT_V_ISSUER_CHECKS, '-', "(deprecated)"}, \
|
||||||
|
{ "crl_check", OPT_V_CRL_CHECK, '-', "check leaf certificate revocation" }, \
|
||||||
|
{ "crl_check_all", OPT_V_CRL_CHECK_ALL, '-', "check full chain revocation" }, \
|
||||||
|
{ "policy_check", OPT_V_POLICY_CHECK, '-', "perform rfc5280 policy checks"}, \
|
||||||
|
{ "explicit_policy", OPT_V_EXPLICIT_POLICY, '-', \
|
||||||
|
"set policy variable require-explicit-policy"}, \
|
||||||
|
{ "inhibit_any", OPT_V_INHIBIT_ANY, '-', \
|
||||||
|
"set policy variable inhibit-any-policy"}, \
|
||||||
|
{ "inhibit_map", OPT_V_INHIBIT_MAP, '-', \
|
||||||
|
"set policy variable inhibit-policy-mapping"}, \
|
||||||
|
{ "x509_strict", OPT_V_X509_STRICT, '-', \
|
||||||
|
"disable certificate compatibility work-arounds"}, \
|
||||||
|
{ "extended_crl", OPT_V_EXTENDED_CRL, '-', \
|
||||||
|
"enable extended CRL features"}, \
|
||||||
|
{ "use_deltas", OPT_V_USE_DELTAS, '-', \
|
||||||
|
"use delta CRLs"}, \
|
||||||
|
{ "policy_print", OPT_V_POLICY_PRINT, '-', \
|
||||||
|
"print policy processing diagnostics"}, \
|
||||||
|
{ "check_ss_sig", OPT_V_CHECK_SS_SIG, '-', \
|
||||||
|
"check root CA self-signatures"}, \
|
||||||
|
{ "trusted_first", OPT_V_TRUSTED_FIRST, '-', \
|
||||||
|
"search trust store first (default)" }, \
|
||||||
|
{ "suiteB_128_only", OPT_V_SUITEB_128_ONLY, '-', "Suite B 128-bit-only mode"}, \
|
||||||
|
{ "suiteB_128", OPT_V_SUITEB_128, '-', \
|
||||||
|
"Suite B 128-bit mode allowing 192-bit algorithms"}, \
|
||||||
|
{ "suiteB_192", OPT_V_SUITEB_192, '-', "Suite B 192-bit-only mode" }, \
|
||||||
|
{ "partial_chain", OPT_V_PARTIAL_CHAIN, '-', \
|
||||||
|
"accept chains anchored by intermediate trust-store CAs"}, \
|
||||||
|
{ "no_alt_chains", OPT_V_NO_ALT_CHAINS, '-', "(deprecated)" }, \
|
||||||
|
{ "no_check_time", OPT_V_NO_CHECK_TIME, '-', "ignore certificate validity time" }, \
|
||||||
|
{ "allow_proxy_certs", OPT_V_ALLOW_PROXY_CERTS, '-', "allow the use of proxy certificates" }
|
||||||
|
|
||||||
|
# define OPT_V_CASES \
|
||||||
|
OPT_V__FIRST: case OPT_V__LAST: break; \
|
||||||
|
case OPT_V_POLICY: \
|
||||||
|
case OPT_V_PURPOSE: \
|
||||||
|
case OPT_V_VERIFY_NAME: \
|
||||||
|
case OPT_V_VERIFY_DEPTH: \
|
||||||
|
case OPT_V_VERIFY_AUTH_LEVEL: \
|
||||||
|
case OPT_V_ATTIME: \
|
||||||
|
case OPT_V_VERIFY_HOSTNAME: \
|
||||||
|
case OPT_V_VERIFY_EMAIL: \
|
||||||
|
case OPT_V_VERIFY_IP: \
|
||||||
|
case OPT_V_IGNORE_CRITICAL: \
|
||||||
|
case OPT_V_ISSUER_CHECKS: \
|
||||||
|
case OPT_V_CRL_CHECK: \
|
||||||
|
case OPT_V_CRL_CHECK_ALL: \
|
||||||
|
case OPT_V_POLICY_CHECK: \
|
||||||
|
case OPT_V_EXPLICIT_POLICY: \
|
||||||
|
case OPT_V_INHIBIT_ANY: \
|
||||||
|
case OPT_V_INHIBIT_MAP: \
|
||||||
|
case OPT_V_X509_STRICT: \
|
||||||
|
case OPT_V_EXTENDED_CRL: \
|
||||||
|
case OPT_V_USE_DELTAS: \
|
||||||
|
case OPT_V_POLICY_PRINT: \
|
||||||
|
case OPT_V_CHECK_SS_SIG: \
|
||||||
|
case OPT_V_TRUSTED_FIRST: \
|
||||||
|
case OPT_V_SUITEB_128_ONLY: \
|
||||||
|
case OPT_V_SUITEB_128: \
|
||||||
|
case OPT_V_SUITEB_192: \
|
||||||
|
case OPT_V_PARTIAL_CHAIN: \
|
||||||
|
case OPT_V_NO_ALT_CHAINS: \
|
||||||
|
case OPT_V_NO_CHECK_TIME: \
|
||||||
|
case OPT_V_ALLOW_PROXY_CERTS
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Common "extended validation" options.
|
||||||
|
*/
|
||||||
|
# define OPT_X_ENUM \
|
||||||
|
OPT_X__FIRST=1000, \
|
||||||
|
OPT_X_KEY, OPT_X_CERT, OPT_X_CHAIN, OPT_X_CHAIN_BUILD, \
|
||||||
|
OPT_X_CERTFORM, OPT_X_KEYFORM, \
|
||||||
|
OPT_X__LAST
|
||||||
|
|
||||||
|
# define OPT_X_OPTIONS \
|
||||||
|
{ "xkey", OPT_X_KEY, '<', "key for Extended certificates"}, \
|
||||||
|
{ "xcert", OPT_X_CERT, '<', "cert for Extended certificates"}, \
|
||||||
|
{ "xchain", OPT_X_CHAIN, '<', "chain for Extended certificates"}, \
|
||||||
|
{ "xchain_build", OPT_X_CHAIN_BUILD, '-', \
|
||||||
|
"build certificate chain for the extended certificates"}, \
|
||||||
|
{ "xcertform", OPT_X_CERTFORM, 'F', \
|
||||||
|
"format of Extended certificate (PEM or DER) PEM default " }, \
|
||||||
|
{ "xkeyform", OPT_X_KEYFORM, 'F', \
|
||||||
|
"format of Extended certificate's key (PEM or DER) PEM default"}
|
||||||
|
|
||||||
|
# define OPT_X_CASES \
|
||||||
|
OPT_X__FIRST: case OPT_X__LAST: break; \
|
||||||
|
case OPT_X_KEY: \
|
||||||
|
case OPT_X_CERT: \
|
||||||
|
case OPT_X_CHAIN: \
|
||||||
|
case OPT_X_CHAIN_BUILD: \
|
||||||
|
case OPT_X_CERTFORM: \
|
||||||
|
case OPT_X_KEYFORM
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Common SSL options.
|
||||||
|
* Any changes here must be coordinated with ../ssl/ssl_conf.c
|
||||||
|
*/
|
||||||
|
# define OPT_S_ENUM \
|
||||||
|
OPT_S__FIRST=3000, \
|
||||||
|
OPT_S_NOSSL3, OPT_S_NOTLS1, OPT_S_NOTLS1_1, OPT_S_NOTLS1_2, \
|
||||||
|
OPT_S_NOTLS1_3, OPT_S_BUGS, OPT_S_NO_COMP, OPT_S_NOTICKET, \
|
||||||
|
OPT_S_SERVERPREF, OPT_S_LEGACYRENEG, OPT_S_LEGACYCONN, \
|
||||||
|
OPT_S_ONRESUMP, OPT_S_NOLEGACYCONN, OPT_S_ALLOW_NO_DHE_KEX, \
|
||||||
|
OPT_S_PRIORITIZE_CHACHA, \
|
||||||
|
OPT_S_STRICT, OPT_S_SIGALGS, OPT_S_CLIENTSIGALGS, OPT_S_GROUPS, \
|
||||||
|
OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, OPT_S_CIPHERSUITES, \
|
||||||
|
OPT_S_RECORD_PADDING, OPT_S_DEBUGBROKE, OPT_S_COMP, \
|
||||||
|
OPT_S_MINPROTO, OPT_S_MAXPROTO, \
|
||||||
|
OPT_S_NO_RENEGOTIATION, OPT_S_NO_MIDDLEBOX, OPT_S__LAST
|
||||||
|
|
||||||
|
# define OPT_S_OPTIONS \
|
||||||
|
{"no_ssl3", OPT_S_NOSSL3, '-',"Just disable SSLv3" }, \
|
||||||
|
{"no_tls1", OPT_S_NOTLS1, '-', "Just disable TLSv1"}, \
|
||||||
|
{"no_tls1_1", OPT_S_NOTLS1_1, '-', "Just disable TLSv1.1" }, \
|
||||||
|
{"no_tls1_2", OPT_S_NOTLS1_2, '-', "Just disable TLSv1.2"}, \
|
||||||
|
{"no_tls1_3", OPT_S_NOTLS1_3, '-', "Just disable TLSv1.3"}, \
|
||||||
|
{"bugs", OPT_S_BUGS, '-', "Turn on SSL bug compatibility"}, \
|
||||||
|
{"no_comp", OPT_S_NO_COMP, '-', "Disable SSL/TLS compression (default)" }, \
|
||||||
|
{"comp", OPT_S_COMP, '-', "Use SSL/TLS-level compression" }, \
|
||||||
|
{"no_ticket", OPT_S_NOTICKET, '-', \
|
||||||
|
"Disable use of TLS session tickets"}, \
|
||||||
|
{"serverpref", OPT_S_SERVERPREF, '-', "Use server's cipher preferences"}, \
|
||||||
|
{"legacy_renegotiation", OPT_S_LEGACYRENEG, '-', \
|
||||||
|
"Enable use of legacy renegotiation (dangerous)"}, \
|
||||||
|
{"no_renegotiation", OPT_S_NO_RENEGOTIATION, '-', \
|
||||||
|
"Disable all renegotiation."}, \
|
||||||
|
{"legacy_server_connect", OPT_S_LEGACYCONN, '-', \
|
||||||
|
"Allow initial connection to servers that don't support RI"}, \
|
||||||
|
{"no_resumption_on_reneg", OPT_S_ONRESUMP, '-', \
|
||||||
|
"Disallow session resumption on renegotiation"}, \
|
||||||
|
{"no_legacy_server_connect", OPT_S_NOLEGACYCONN, '-', \
|
||||||
|
"Disallow initial connection to servers that don't support RI"}, \
|
||||||
|
{"allow_no_dhe_kex", OPT_S_ALLOW_NO_DHE_KEX, '-', \
|
||||||
|
"In TLSv1.3 allow non-(ec)dhe based key exchange on resumption"}, \
|
||||||
|
{"prioritize_chacha", OPT_S_PRIORITIZE_CHACHA, '-', \
|
||||||
|
"Prioritize ChaCha ciphers when preferred by clients"}, \
|
||||||
|
{"strict", OPT_S_STRICT, '-', \
|
||||||
|
"Enforce strict certificate checks as per TLS standard"}, \
|
||||||
|
{"sigalgs", OPT_S_SIGALGS, 's', \
|
||||||
|
"Signature algorithms to support (colon-separated list)" }, \
|
||||||
|
{"client_sigalgs", OPT_S_CLIENTSIGALGS, 's', \
|
||||||
|
"Signature algorithms to support for client certificate" \
|
||||||
|
" authentication (colon-separated list)" }, \
|
||||||
|
{"groups", OPT_S_GROUPS, 's', \
|
||||||
|
"Groups to advertise (colon-separated list)" }, \
|
||||||
|
{"curves", OPT_S_CURVES, 's', \
|
||||||
|
"Groups to advertise (colon-separated list)" }, \
|
||||||
|
{"named_curve", OPT_S_NAMEDCURVE, 's', \
|
||||||
|
"Elliptic curve used for ECDHE (server-side only)" }, \
|
||||||
|
{"cipher", OPT_S_CIPHER, 's', "Specify TLSv1.2 and below cipher list to be used"}, \
|
||||||
|
{"ciphersuites", OPT_S_CIPHERSUITES, 's', "Specify TLSv1.3 ciphersuites to be used"}, \
|
||||||
|
{"min_protocol", OPT_S_MINPROTO, 's', "Specify the minimum protocol version to be used"}, \
|
||||||
|
{"max_protocol", OPT_S_MAXPROTO, 's', "Specify the maximum protocol version to be used"}, \
|
||||||
|
{"record_padding", OPT_S_RECORD_PADDING, 's', \
|
||||||
|
"Block size to pad TLS 1.3 records to."}, \
|
||||||
|
{"debug_broken_protocol", OPT_S_DEBUGBROKE, '-', \
|
||||||
|
"Perform all sorts of protocol violations for testing purposes"}, \
|
||||||
|
{"no_middlebox", OPT_S_NO_MIDDLEBOX, '-', \
|
||||||
|
"Disable TLSv1.3 middlebox compat mode" }
|
||||||
|
|
||||||
|
# define OPT_S_CASES \
|
||||||
|
OPT_S__FIRST: case OPT_S__LAST: break; \
|
||||||
|
case OPT_S_NOSSL3: \
|
||||||
|
case OPT_S_NOTLS1: \
|
||||||
|
case OPT_S_NOTLS1_1: \
|
||||||
|
case OPT_S_NOTLS1_2: \
|
||||||
|
case OPT_S_NOTLS1_3: \
|
||||||
|
case OPT_S_BUGS: \
|
||||||
|
case OPT_S_NO_COMP: \
|
||||||
|
case OPT_S_COMP: \
|
||||||
|
case OPT_S_NOTICKET: \
|
||||||
|
case OPT_S_SERVERPREF: \
|
||||||
|
case OPT_S_LEGACYRENEG: \
|
||||||
|
case OPT_S_LEGACYCONN: \
|
||||||
|
case OPT_S_ONRESUMP: \
|
||||||
|
case OPT_S_NOLEGACYCONN: \
|
||||||
|
case OPT_S_ALLOW_NO_DHE_KEX: \
|
||||||
|
case OPT_S_PRIORITIZE_CHACHA: \
|
||||||
|
case OPT_S_STRICT: \
|
||||||
|
case OPT_S_SIGALGS: \
|
||||||
|
case OPT_S_CLIENTSIGALGS: \
|
||||||
|
case OPT_S_GROUPS: \
|
||||||
|
case OPT_S_CURVES: \
|
||||||
|
case OPT_S_NAMEDCURVE: \
|
||||||
|
case OPT_S_CIPHER: \
|
||||||
|
case OPT_S_CIPHERSUITES: \
|
||||||
|
case OPT_S_RECORD_PADDING: \
|
||||||
|
case OPT_S_NO_RENEGOTIATION: \
|
||||||
|
case OPT_S_MINPROTO: \
|
||||||
|
case OPT_S_MAXPROTO: \
|
||||||
|
case OPT_S_DEBUGBROKE: \
|
||||||
|
case OPT_S_NO_MIDDLEBOX
|
||||||
|
|
||||||
|
#define IS_NO_PROT_FLAG(o) \
|
||||||
|
(o == OPT_S_NOSSL3 || o == OPT_S_NOTLS1 || o == OPT_S_NOTLS1_1 \
|
||||||
|
|| o == OPT_S_NOTLS1_2 || o == OPT_S_NOTLS1_3)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Random state options.
|
||||||
|
*/
|
||||||
|
# define OPT_R_ENUM \
|
||||||
|
OPT_R__FIRST=1500, OPT_R_RAND, OPT_R_WRITERAND, OPT_R__LAST
|
||||||
|
|
||||||
|
# define OPT_R_OPTIONS \
|
||||||
|
{"rand", OPT_R_RAND, 's', "Load the file(s) into the random number generator"}, \
|
||||||
|
{"writerand", OPT_R_WRITERAND, '>', "Write random data to the specified file"}
|
||||||
|
|
||||||
|
# define OPT_R_CASES \
|
||||||
|
OPT_R__FIRST: case OPT_R__LAST: break; \
|
||||||
|
case OPT_R_RAND: case OPT_R_WRITERAND
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Option parsing.
|
||||||
|
*/
|
||||||
|
extern const char OPT_HELP_STR[];
|
||||||
|
extern const char OPT_MORE_STR[];
|
||||||
|
typedef struct options_st {
|
||||||
|
const char *name;
|
||||||
|
int retval;
|
||||||
|
/*
|
||||||
|
* value type: - no value (also the value zero), n number, p positive
|
||||||
|
* number, u unsigned, l long, s string, < input file, > output file,
|
||||||
|
* f any format, F der/pem format, E der/pem/engine format identifier.
|
||||||
|
* l, n and u include zero; p does not.
|
||||||
|
*/
|
||||||
|
int valtype;
|
||||||
|
const char *helpstr;
|
||||||
|
} OPTIONS;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* A string/int pairing; widely use for option value lookup, hence the
|
||||||
|
* name OPT_PAIR. But that name is misleading in s_cb.c, so we also use
|
||||||
|
* the "generic" name STRINT_PAIR.
|
||||||
|
*/
|
||||||
|
typedef struct string_int_pair_st {
|
||||||
|
const char *name;
|
||||||
|
int retval;
|
||||||
|
} OPT_PAIR, STRINT_PAIR;
|
||||||
|
|
||||||
|
/* Flags to pass into opt_format; see FORMAT_xxx, below. */
|
||||||
|
# define OPT_FMT_PEMDER (1L << 1)
|
||||||
|
# define OPT_FMT_PKCS12 (1L << 2)
|
||||||
|
# define OPT_FMT_SMIME (1L << 3)
|
||||||
|
# define OPT_FMT_ENGINE (1L << 4)
|
||||||
|
# define OPT_FMT_MSBLOB (1L << 5)
|
||||||
|
/* (1L << 6) was OPT_FMT_NETSCAPE, but wasn't used */
|
||||||
|
# define OPT_FMT_NSS (1L << 7)
|
||||||
|
# define OPT_FMT_TEXT (1L << 8)
|
||||||
|
# define OPT_FMT_HTTP (1L << 9)
|
||||||
|
# define OPT_FMT_PVK (1L << 10)
|
||||||
|
# define OPT_FMT_PDE (OPT_FMT_PEMDER | OPT_FMT_ENGINE)
|
||||||
|
# define OPT_FMT_PDS (OPT_FMT_PEMDER | OPT_FMT_SMIME)
|
||||||
|
# define OPT_FMT_ANY ( \
|
||||||
|
OPT_FMT_PEMDER | OPT_FMT_PKCS12 | OPT_FMT_SMIME | \
|
||||||
|
OPT_FMT_ENGINE | OPT_FMT_MSBLOB | OPT_FMT_NSS | \
|
||||||
|
OPT_FMT_TEXT | OPT_FMT_HTTP | OPT_FMT_PVK)
|
||||||
|
|
||||||
|
char *opt_progname(const char *argv0);
|
||||||
|
char *opt_getprog(void);
|
||||||
|
char *opt_init(int ac, char **av, const OPTIONS * o);
|
||||||
|
int opt_next(void);
|
||||||
|
void opt_begin(void);
|
||||||
|
int opt_format(const char *s, unsigned long flags, int *result);
|
||||||
|
int opt_int(const char *arg, int *result);
|
||||||
|
int opt_ulong(const char *arg, unsigned long *result);
|
||||||
|
int opt_long(const char *arg, long *result);
|
||||||
|
#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L && \
|
||||||
|
defined(INTMAX_MAX) && defined(UINTMAX_MAX)
|
||||||
|
int opt_imax(const char *arg, intmax_t *result);
|
||||||
|
int opt_umax(const char *arg, uintmax_t *result);
|
||||||
|
#else
|
||||||
|
# define opt_imax opt_long
|
||||||
|
# define opt_umax opt_ulong
|
||||||
|
# define intmax_t long
|
||||||
|
# define uintmax_t unsigned long
|
||||||
|
#endif
|
||||||
|
int opt_pair(const char *arg, const OPT_PAIR * pairs, int *result);
|
||||||
|
int opt_cipher(const char *name, const EVP_CIPHER **cipherp);
|
||||||
|
int opt_md(const char *name, const EVP_MD **mdp);
|
||||||
|
char *opt_arg(void);
|
||||||
|
char *opt_flag(void);
|
||||||
|
char *opt_unknown(void);
|
||||||
|
char **opt_rest(void);
|
||||||
|
int opt_num_rest(void);
|
||||||
|
int opt_verify(int i, X509_VERIFY_PARAM *vpm);
|
||||||
|
int opt_rand(int i);
|
||||||
|
void opt_help(const OPTIONS * list);
|
||||||
|
int opt_format_error(const char *s, unsigned long flags);
|
||||||
|
int opt_isdir(const char *name);
|
||||||
|
int opt_printf_stderr(const char *fmt, ...);
|
||||||
|
|
||||||
|
#endif /* HEADER_OPT_H */
|
|
@ -393,6 +393,8 @@ static int test_asyncio(int test)
|
||||||
return testresult;
|
return testresult;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("certname privkey\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(cert = test_get_argument(0))
|
if (!TEST_ptr(cert = test_get_argument(0))
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
@ -434,28 +434,53 @@ static int test_bf_ofb64(void)
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
typedef enum OPTION_choice {
|
||||||
|
OPT_ERR = -1,
|
||||||
|
OPT_EOF = 0,
|
||||||
|
OPT_PRINT,
|
||||||
|
OPT_TEST_ENUM
|
||||||
|
} OPTION_CHOICE;
|
||||||
|
|
||||||
|
const OPTIONS *test_get_options(void)
|
||||||
|
{
|
||||||
|
static const OPTIONS test_options[] = {
|
||||||
|
OPT_TEST_OPTIONS_DEFAULT_USAGE,
|
||||||
|
{ "print", OPT_PRINT, '-', "Output test tables instead of running tests"},
|
||||||
|
{ NULL }
|
||||||
|
};
|
||||||
|
return test_options;
|
||||||
|
}
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
#ifndef OPENSSL_NO_BF
|
#ifndef OPENSSL_NO_BF
|
||||||
|
OPTION_CHOICE o;
|
||||||
# ifdef CHARSET_EBCDIC
|
# ifdef CHARSET_EBCDIC
|
||||||
int n;
|
int n;
|
||||||
|
|
||||||
ebcdic2ascii(cbc_data, cbc_data, strlen(cbc_data));
|
ebcdic2ascii(cbc_data, cbc_data, strlen(cbc_data));
|
||||||
for (n = 0; n < 2; n++) {
|
for (n = 0; n < 2; n++) {
|
||||||
ebcdic2ascii(bf_key[n], bf_key[n], strlen(bf_key[n]));
|
ebcdic2ascii(bf_key[n], bf_key[n], strlen(bf_key[n]));
|
||||||
}
|
}
|
||||||
# endif
|
# endif
|
||||||
|
|
||||||
if (test_get_argument(0) != NULL) {
|
while ((o = opt_next()) != OPT_EOF) {
|
||||||
|
switch(o) {
|
||||||
|
case OPT_PRINT:
|
||||||
print_test_data();
|
print_test_data();
|
||||||
} else {
|
return 1;
|
||||||
|
case OPT_TEST_CASES:
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
ADD_ALL_TESTS(test_bf_ecb_raw, 2);
|
ADD_ALL_TESTS(test_bf_ecb_raw, 2);
|
||||||
ADD_ALL_TESTS(test_bf_ecb, NUM_TESTS);
|
ADD_ALL_TESTS(test_bf_ecb, NUM_TESTS);
|
||||||
ADD_ALL_TESTS(test_bf_set_key, KEY_TEST_NUM-1);
|
ADD_ALL_TESTS(test_bf_set_key, KEY_TEST_NUM-1);
|
||||||
ADD_TEST(test_bf_cbc);
|
ADD_TEST(test_bf_cbc);
|
||||||
ADD_TEST(test_bf_cfb64);
|
ADD_TEST(test_bf_cfb64);
|
||||||
ADD_TEST(test_bf_ofb64);
|
ADD_TEST(test_bf_ofb64);
|
||||||
}
|
|
||||||
#endif
|
#endif
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
@ -252,10 +252,38 @@ static int test_big(void)
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
typedef enum OPTION_choice {
|
||||||
|
OPT_ERR = -1,
|
||||||
|
OPT_EOF = 0,
|
||||||
|
OPT_PRINT,
|
||||||
|
OPT_TEST_ENUM
|
||||||
|
} OPTION_CHOICE;
|
||||||
|
|
||||||
|
const OPTIONS *test_get_options(void)
|
||||||
|
{
|
||||||
|
static const OPTIONS options[] = {
|
||||||
|
OPT_TEST_OPTIONS_DEFAULT_USAGE,
|
||||||
|
{ "expected", OPT_PRINT, '-', "Output values" },
|
||||||
|
{ NULL }
|
||||||
|
};
|
||||||
|
return options;
|
||||||
|
}
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
justprint = test_has_option("-expected");
|
OPTION_CHOICE o;
|
||||||
|
|
||||||
|
while ((o = opt_next()) != OPT_EOF) {
|
||||||
|
switch (o) {
|
||||||
|
case OPT_PRINT:
|
||||||
|
justprint = 1;
|
||||||
|
break;
|
||||||
|
case OPT_TEST_CASES:
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
ADD_TEST(test_big);
|
ADD_TEST(test_big);
|
||||||
ADD_ALL_TESTS(test_fp, nelem(pw_params));
|
ADD_ALL_TESTS(test_fp, nelem(pw_params));
|
||||||
|
@ -300,3 +328,4 @@ int test_flush_stderr(void)
|
||||||
{
|
{
|
||||||
return fflush(stderr);
|
return fflush(stderr);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -2261,6 +2261,17 @@ static int run_file_tests(int i)
|
||||||
return c == 0;
|
return c == 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const OPTIONS *test_get_options(void)
|
||||||
|
{
|
||||||
|
enum { OPT_TEST_ENUM };
|
||||||
|
static const OPTIONS test_options[] = {
|
||||||
|
OPT_TEST_OPTIONS_WITH_EXTRA_USAGE("[file...]\n"),
|
||||||
|
{ OPT_HELP_STR, 1, '-',
|
||||||
|
"file\tFile to run tests on. Normal tests are not run\n" },
|
||||||
|
{ NULL }
|
||||||
|
};
|
||||||
|
return test_options;
|
||||||
|
}
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
|
|
|
@ -13,8 +13,9 @@ IF[{- !$disabled{tests} -}]
|
||||||
SOURCE[libtestutil.a]=testutil/basic_output.c testutil/output_helpers.c \
|
SOURCE[libtestutil.a]=testutil/basic_output.c testutil/output_helpers.c \
|
||||||
testutil/driver.c testutil/tests.c testutil/cb.c testutil/stanza.c \
|
testutil/driver.c testutil/tests.c testutil/cb.c testutil/stanza.c \
|
||||||
testutil/format_output.c testutil/tap_bio.c \
|
testutil/format_output.c testutil/tap_bio.c \
|
||||||
testutil/test_cleanup.c testutil/main.c testutil/init.c
|
testutil/test_cleanup.c testutil/main.c testutil/init.c \
|
||||||
INCLUDE[libtestutil.a]=../include
|
testutil/options.c testutil/test_options.c ../apps/opt.c
|
||||||
|
INCLUDE[libtestutil.a]=../include ..
|
||||||
DEPEND[libtestutil.a]=../libcrypto
|
DEPEND[libtestutil.a]=../libcrypto
|
||||||
|
|
||||||
PROGRAMS{noinst}=\
|
PROGRAMS{noinst}=\
|
||||||
|
@ -398,11 +399,9 @@ IF[{- !$disabled{tests} -}]
|
||||||
DEPEND[cipher_overhead_test]=../libcrypto ../libssl libtestutil.a
|
DEPEND[cipher_overhead_test]=../libcrypto ../libssl libtestutil.a
|
||||||
ENDIF
|
ENDIF
|
||||||
|
|
||||||
SOURCE[uitest]=uitest.c \
|
SOURCE[uitest]=uitest.c ../apps/apps_ui.c
|
||||||
{- rebase_files("../apps",
|
|
||||||
split(/\s+/, $target{apps_init_src})) -}
|
|
||||||
INCLUDE[uitest]=.. ../include ../apps
|
INCLUDE[uitest]=.. ../include ../apps
|
||||||
DEPEND[uitest]=../apps/libapps.a ../libcrypto ../libssl libtestutil.a
|
DEPEND[uitest]=../libcrypto ../libssl libtestutil.a
|
||||||
|
|
||||||
SOURCE[cipherbytes_test]=cipherbytes_test.c
|
SOURCE[cipherbytes_test]=cipherbytes_test.c
|
||||||
INCLUDE[cipherbytes_test]=../include
|
INCLUDE[cipherbytes_test]=../include
|
||||||
|
|
|
@ -240,6 +240,8 @@ end:
|
||||||
return testresult;
|
return testresult;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("sessionfile\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(sessionfile = test_get_argument(0)))
|
if (!TEST_ptr(sessionfile = test_get_argument(0)))
|
||||||
|
|
|
@ -1,3 +1,12 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
*
|
||||||
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
* in the file LICENSE in the source distribution or at
|
||||||
|
* https://www.openssl.org/source/license.html
|
||||||
|
*/
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
#include <openssl/cms.h>
|
#include <openssl/cms.h>
|
||||||
|
@ -49,6 +58,8 @@ static int test_encrypt_decrypt(void)
|
||||||
return testresult;
|
return testresult;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
char *certin = NULL, *privkeyin = NULL;
|
char *certin = NULL, *privkeyin = NULL;
|
||||||
|
|
|
@ -178,26 +178,50 @@ static int test_check_overflow(void)
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
typedef enum OPTION_choice {
|
||||||
|
OPT_ERR = -1,
|
||||||
|
OPT_EOF = 0,
|
||||||
|
OPT_FAIL,
|
||||||
|
OPT_TEST_ENUM
|
||||||
|
} OPTION_CHOICE;
|
||||||
|
|
||||||
|
const OPTIONS *test_get_options(void)
|
||||||
|
{
|
||||||
|
static const OPTIONS test_options[] = {
|
||||||
|
OPT_TEST_OPTIONS_WITH_EXTRA_USAGE("conf_file\n"),
|
||||||
|
{ "f", OPT_FAIL, '-', "A failure is expected" },
|
||||||
|
{ NULL }
|
||||||
|
};
|
||||||
|
return test_options;
|
||||||
|
}
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
const char *conf_file;
|
const char *conf_file;
|
||||||
const char *arg2;
|
OPTION_CHOICE o;
|
||||||
|
|
||||||
if (!TEST_ptr(conf = NCONF_new(NULL)))
|
if (!TEST_ptr(conf = NCONF_new(NULL)))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
conf_file = test_get_argument(0);
|
while ((o = opt_next()) != OPT_EOF) {
|
||||||
|
switch (o) {
|
||||||
|
case OPT_FAIL:
|
||||||
|
expect_failure = 1;
|
||||||
|
break;
|
||||||
|
case OPT_TEST_CASES:
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
conf_file = test_get_argument(0);
|
||||||
if (!TEST_ptr(conf_file)
|
if (!TEST_ptr(conf_file)
|
||||||
|| !TEST_ptr(in = BIO_new_file(conf_file, "r"))) {
|
|| !TEST_ptr(in = BIO_new_file(conf_file, "r"))) {
|
||||||
TEST_note("Unable to open the file argument");
|
TEST_note("Unable to open the file argument");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((arg2 = test_get_argument(1)) != NULL && *arg2 == 'f') {
|
|
||||||
expect_failure = 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* For this test we need to chdir as we use relative
|
* For this test we need to chdir as we use relative
|
||||||
* path names in the config files.
|
* path names in the config files.
|
||||||
|
|
|
@ -682,19 +682,49 @@ static int test_x448(void)
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
typedef enum OPTION_choice {
|
||||||
|
OPT_ERR = -1,
|
||||||
|
OPT_EOF = 0,
|
||||||
|
OPT_PROGRESS,
|
||||||
|
OPT_SLOW,
|
||||||
|
OPT_TEST_ENUM
|
||||||
|
} OPTION_CHOICE;
|
||||||
|
|
||||||
|
const OPTIONS *test_get_options(void)
|
||||||
|
{
|
||||||
|
static const OPTIONS test_options[] = {
|
||||||
|
OPT_TEST_OPTIONS_WITH_EXTRA_USAGE("conf_file\n"),
|
||||||
|
{ "f", OPT_SLOW, '-', "Enables a slow test" },
|
||||||
|
{ "v", OPT_PROGRESS, '-',
|
||||||
|
"Enables verbose mode (prints progress dots)" },
|
||||||
|
{ NULL }
|
||||||
|
};
|
||||||
|
return test_options;
|
||||||
|
}
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
/*
|
OPTION_CHOICE o;
|
||||||
* The test vectors contain one test which takes a very long time to run,
|
|
||||||
* so we don't do that be default. Using the -f option will cause it to be
|
|
||||||
* run.
|
|
||||||
*/
|
|
||||||
if (test_has_option("-f"))
|
|
||||||
max = 1000000;
|
|
||||||
|
|
||||||
/* Print progress dots */
|
while ((o = opt_next()) != OPT_EOF) {
|
||||||
if (test_has_option("-v"))
|
switch (o) {
|
||||||
verbose = 1;
|
case OPT_TEST_CASES:
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
return 0;
|
||||||
|
/*
|
||||||
|
* The test vectors contain one test which takes a very long time to run
|
||||||
|
* so we don't do that be default. Using the -f option will cause it to
|
||||||
|
* be run.
|
||||||
|
*/
|
||||||
|
case OPT_SLOW:
|
||||||
|
max = 1000000;
|
||||||
|
break;
|
||||||
|
case OPT_PROGRESS:
|
||||||
|
verbose = 1; /* Print progress dots */
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
ADD_TEST(test_x448);
|
ADD_TEST(test_x448);
|
||||||
ADD_TEST(test_ed448);
|
ADD_TEST(test_ed448);
|
||||||
|
|
|
@ -106,6 +106,8 @@ static int test_bad_asn1(void)
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("item_name expected_error test_file.der\n")
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Usage: d2i_test <name> <type> <file>, e.g.
|
* Usage: d2i_test <name> <type> <file>, e.g.
|
||||||
* d2i_test generalname bad_generalname.der
|
* d2i_test generalname bad_generalname.der
|
||||||
|
@ -127,10 +129,8 @@ int setup_tests(void)
|
||||||
|
|
||||||
if (!TEST_ptr(test_type_name = test_get_argument(0))
|
if (!TEST_ptr(test_type_name = test_get_argument(0))
|
||||||
|| !TEST_ptr(expected_error_string = test_get_argument(1))
|
|| !TEST_ptr(expected_error_string = test_get_argument(1))
|
||||||
|| !TEST_ptr(test_file = test_get_argument(2))) {
|
|| !TEST_ptr(test_file = test_get_argument(2)))
|
||||||
TEST_note("Usage: d2i_test item_name expected_error file.der");
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
|
||||||
|
|
||||||
item_type = ASN1_ITEM_lookup(test_type_name);
|
item_type = ASN1_ITEM_lookup(test_type_name);
|
||||||
|
|
||||||
|
|
|
@ -409,14 +409,14 @@ end:
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("basedomain CAfile tlsafile\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(basedomain = test_get_argument(0))
|
if (!TEST_ptr(basedomain = test_get_argument(0))
|
||||||
|| !TEST_ptr(CAfile = test_get_argument(1))
|
|| !TEST_ptr(CAfile = test_get_argument(1))
|
||||||
|| !TEST_ptr(tlsafile = test_get_argument(2))) {
|
|| !TEST_ptr(tlsafile = test_get_argument(2)))
|
||||||
TEST_error("Usage error: danetest basedomain CAfile tlsafile");
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
|
||||||
|
|
||||||
ADD_TEST(run_tlsatest);
|
ADD_TEST(run_tlsatest);
|
||||||
return 1;
|
return 1;
|
||||||
|
|
|
@ -328,6 +328,8 @@ static int test_dtls_duplicate_records(void)
|
||||||
return testresult;
|
return testresult;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(cert = test_get_argument(0))
|
if (!TEST_ptr(cert = test_get_argument(0))
|
||||||
|
|
|
@ -18,7 +18,7 @@
|
||||||
|
|
||||||
#define NUM_REPEATS "1000000"
|
#define NUM_REPEATS "1000000"
|
||||||
|
|
||||||
static int64_t num_repeats;
|
static intmax_t num_repeats;
|
||||||
static int print_mode = 0;
|
static int print_mode = 0;
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_EC
|
#ifndef OPENSSL_NO_EC
|
||||||
|
@ -39,10 +39,10 @@ static const char *kP256DefaultResult =
|
||||||
* point multiplication.
|
* point multiplication.
|
||||||
* Returns the X-coordinate of the end result or NULL on error.
|
* Returns the X-coordinate of the end result or NULL on error.
|
||||||
*/
|
*/
|
||||||
static BIGNUM *walk_curve(const EC_GROUP *group, EC_POINT *point, int64_t num)
|
static BIGNUM *walk_curve(const EC_GROUP *group, EC_POINT *point, intmax_t num)
|
||||||
{
|
{
|
||||||
BIGNUM *scalar = NULL;
|
BIGNUM *scalar = NULL;
|
||||||
int64_t i;
|
intmax_t i;
|
||||||
|
|
||||||
if (!TEST_ptr(scalar = BN_new())
|
if (!TEST_ptr(scalar = BN_new())
|
||||||
|| !TEST_true(EC_POINT_get_affine_coordinates(group, point, scalar,
|
|| !TEST_true(EC_POINT_get_affine_coordinates(group, point, scalar,
|
||||||
|
@ -101,20 +101,21 @@ err:
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
static int atoi64(const char *in, int64_t *result)
|
typedef enum OPTION_choice {
|
||||||
|
OPT_ERR = -1,
|
||||||
|
OPT_EOF = 0,
|
||||||
|
OPT_NUM_REPEATS,
|
||||||
|
OPT_TEST_ENUM
|
||||||
|
} OPTION_CHOICE;
|
||||||
|
|
||||||
|
const OPTIONS *test_get_options(void)
|
||||||
{
|
{
|
||||||
int64_t ret = 0;
|
static const OPTIONS test_options[] = {
|
||||||
|
OPT_TEST_OPTIONS_DEFAULT_USAGE,
|
||||||
for ( ; *in != '\0'; in++) {
|
{ "num", OPT_NUM_REPEATS, 'M', "Number of repeats" },
|
||||||
char c = *in;
|
{ NULL }
|
||||||
|
};
|
||||||
if (!isdigit((unsigned char)c))
|
return test_options;
|
||||||
return 0;
|
|
||||||
ret *= 10;
|
|
||||||
ret += (c - '0');
|
|
||||||
}
|
|
||||||
*result = ret;
|
|
||||||
return 1;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -124,22 +125,27 @@ static int atoi64(const char *in, int64_t *result)
|
||||||
*/
|
*/
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
const char *p;
|
OPTION_CHOICE o;
|
||||||
|
|
||||||
if (!atoi64(NUM_REPEATS, &num_repeats)) {
|
if (!opt_imax(NUM_REPEATS, &num_repeats)) {
|
||||||
TEST_error("Cannot parse " NUM_REPEATS);
|
TEST_error("Cannot parse " NUM_REPEATS);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
/*
|
|
||||||
* TODO(openssl-team): code under test/ should be able to reuse the option
|
while ((o = opt_next()) != OPT_EOF) {
|
||||||
* parsing framework currently in apps/.
|
switch (o) {
|
||||||
*/
|
case OPT_NUM_REPEATS:
|
||||||
p = test_get_option_argument("-num");
|
if (!opt_imax(opt_arg(), &num_repeats)
|
||||||
if (p != NULL) {
|
|
||||||
if (!atoi64(p, &num_repeats)
|
|
||||||
|| num_repeats < 0)
|
|| num_repeats < 0)
|
||||||
return 0;
|
return 0;
|
||||||
print_mode = 1;
|
print_mode = 1;
|
||||||
|
break;
|
||||||
|
case OPT_TEST_CASES:
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
case OPT_ERR:
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_EC
|
#ifndef OPENSSL_NO_EC
|
||||||
|
|
|
@ -2901,14 +2901,14 @@ static int run_file_tests(int i)
|
||||||
return c == 0;
|
return c == 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("file...\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
size_t n = test_get_argument_count();
|
size_t n = test_get_argument_count();
|
||||||
|
|
||||||
if (n == 0) {
|
if (n == 0)
|
||||||
TEST_error("Usage: %s file...", test_get_program_name());
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
|
||||||
|
|
||||||
ADD_ALL_TESTS(run_file_tests, n);
|
ADD_ALL_TESTS(run_file_tests, n);
|
||||||
return 1;
|
return 1;
|
||||||
|
|
|
@ -82,6 +82,8 @@ static int test_fatalerr(void)
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(cert = test_get_argument(0))
|
if (!TEST_ptr(cert = test_get_argument(0))
|
||||||
|
|
|
@ -78,6 +78,8 @@ static int test_tls13(int idx)
|
||||||
return testresult;
|
return testresult;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("certfile1 privkeyfile1 certfile2 privkeyfile2\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(cert1 = test_get_argument(0))
|
if (!TEST_ptr(cert1 = test_get_argument(0))
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
@ -133,6 +133,8 @@ static int test_resp_signer(void)
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(certstr = test_get_argument(0))
|
if (!TEST_ptr(certstr = test_get_argument(0))
|
||||||
|
|
|
@ -24,4 +24,4 @@ if ($^O eq "VMS") {
|
||||||
ok(run(test(["conf_include_test", data_file("vms-includes-file.cnf")])),
|
ok(run(test(["conf_include_test", data_file("vms-includes-file.cnf")])),
|
||||||
"test file includes, VMS syntax");
|
"test file includes, VMS syntax");
|
||||||
}
|
}
|
||||||
ok(run(test(["conf_include_test", data_file("includes-broken.cnf"), "f"])), "test broken includes");
|
ok(run(test(["conf_include_test", "-f", data_file("includes-broken.cnf")])), "test broken includes");
|
||||||
|
|
|
@ -181,6 +181,8 @@ static int test_record_overflow(int idx)
|
||||||
return testresult;
|
return testresult;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(cert = test_get_argument(0))
|
if (!TEST_ptr(cert = test_get_argument(0))
|
||||||
|
|
|
@ -500,6 +500,8 @@ err:
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("conf_file\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
long num_tests;
|
long num_tests;
|
||||||
|
|
|
@ -240,15 +240,15 @@ static int test_bad_configuration(int idx)
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("conf_file\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(conf = NCONF_new(NULL)))
|
if (!TEST_ptr(conf = NCONF_new(NULL)))
|
||||||
return 0;
|
return 0;
|
||||||
/* argument should point to test/ssl_test_ctx_test.conf */
|
/* argument should point to test/ssl_test_ctx_test.conf */
|
||||||
if (!TEST_int_gt(NCONF_load(conf, test_get_argument(0), NULL), 0)) {
|
if (!TEST_int_gt(NCONF_load(conf, test_get_argument(0), NULL), 0))
|
||||||
TEST_note("Missing file argument");
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
|
||||||
|
|
||||||
ADD_TEST(test_empty_configuration);
|
ADD_TEST(test_empty_configuration);
|
||||||
ADD_TEST(test_good_configuration);
|
ADD_TEST(test_good_configuration);
|
||||||
|
|
|
@ -6030,6 +6030,9 @@ static int test_ca_names(int tst)
|
||||||
return testresult;
|
return testresult;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("certfile privkeyfile srpvfile tmpfile\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(cert = test_get_argument(0))
|
if (!TEST_ptr(cert = test_get_argument(0))
|
||||||
|
|
|
@ -157,6 +157,8 @@ int global_init(void)
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
char *cert, *pkey;
|
char *cert, *pkey;
|
||||||
|
|
|
@ -244,15 +244,15 @@ static int test_ssl_corrupt(int testidx)
|
||||||
return testresult;
|
return testresult;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
int n;
|
int n;
|
||||||
|
|
||||||
if (!TEST_ptr(cert = test_get_argument(0))
|
if (!TEST_ptr(cert = test_get_argument(0))
|
||||||
|| !TEST_ptr(privkey = test_get_argument(1))) {
|
|| !TEST_ptr(privkey = test_get_argument(1)))
|
||||||
TEST_note("Usage error: require cert and private key files");
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
|
||||||
|
|
||||||
n = setup_cipher_list();
|
n = setup_cipher_list();
|
||||||
if (n > 0)
|
if (n > 0)
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
@ -15,6 +15,7 @@
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include <openssl/e_os2.h>
|
#include <openssl/e_os2.h>
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
#include "../apps/opt.h"
|
||||||
|
|
||||||
/*-
|
/*-
|
||||||
* Simple unit tests should implement setup_tests().
|
* Simple unit tests should implement setup_tests().
|
||||||
|
@ -117,22 +118,80 @@
|
||||||
# define TEST_CASE_NAME __func__
|
# define TEST_CASE_NAME __func__
|
||||||
# endif /* __STDC_VERSION__ */
|
# endif /* __STDC_VERSION__ */
|
||||||
|
|
||||||
|
|
||||||
|
/* The default test enum which should be common to all tests */
|
||||||
|
#define OPT_TEST_ENUM \
|
||||||
|
OPT_TEST_HELP = 500, \
|
||||||
|
OPT_TEST_LIST, \
|
||||||
|
OPT_TEST_SINGLE, \
|
||||||
|
OPT_TEST_ITERATION, \
|
||||||
|
OPT_TEST_INDENT, \
|
||||||
|
OPT_TEST_SEED
|
||||||
|
|
||||||
|
/* The Default test OPTIONS common to all tests (without a usage string) */
|
||||||
|
#define OPT_TEST_OPTIONS \
|
||||||
|
{ OPT_HELP_STR, 1, '-', "Valid options are:\n" }, \
|
||||||
|
{ "help", OPT_TEST_HELP, '-', "Display this summary" }, \
|
||||||
|
{ "list", OPT_TEST_LIST, '-', "Display the list of tests available" }, \
|
||||||
|
{ "test", OPT_TEST_SINGLE, 's', "Run a single test by id or name" }, \
|
||||||
|
{ "iter", OPT_TEST_ITERATION, 'n', "Run a single iteration of a test" }, \
|
||||||
|
{ "indent", OPT_TEST_INDENT,'p', "Number of tabs added to output" }, \
|
||||||
|
{ "seed", OPT_TEST_SEED, 'n', "Seed value to randomize tests with" }
|
||||||
|
|
||||||
|
/* The Default test OPTIONS common to all tests starting with an additional usage string */
|
||||||
|
#define OPT_TEST_OPTIONS_WITH_EXTRA_USAGE(usage) \
|
||||||
|
{ OPT_HELP_STR, 1, '-', "Usage: %s [options] " usage }, \
|
||||||
|
OPT_TEST_OPTIONS
|
||||||
|
|
||||||
|
/* The Default test OPTIONS common to all tests with an default usage string */
|
||||||
|
#define OPT_TEST_OPTIONS_DEFAULT_USAGE \
|
||||||
|
{ OPT_HELP_STR, 1, '-', "Usage: %s [options]\n" }, \
|
||||||
|
OPT_TEST_OPTIONS
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Tests that need access to command line arguments should use the functions:
|
* Optional Cases that need to be ignored by the test app when using opt_next(),
|
||||||
* test_get_argument(int n) to get the nth argument, the first argument is
|
* (that are handled internally).
|
||||||
* argument 0. This function returns NULL on error.
|
*/
|
||||||
* test_get_argument_count() to get the count of the arguments.
|
#define OPT_TEST_CASES \
|
||||||
* test_has_option(const char *) to check if the specified option was passed.
|
OPT_TEST_HELP: \
|
||||||
* test_get_option_argument(const char *) to get an option which includes an
|
case OPT_TEST_LIST: \
|
||||||
* argument. NULL is returns if the option is not found.
|
case OPT_TEST_SINGLE: \
|
||||||
* const char *test_get_program_name(void) returns the name of the test program
|
case OPT_TEST_ITERATION: \
|
||||||
* being executed.
|
case OPT_TEST_INDENT: \
|
||||||
|
case OPT_TEST_SEED
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Tests that use test_get_argument() that dont have any additional options
|
||||||
|
* (i.e- dont use opt_next()) can use this to set the usage string.
|
||||||
|
* It embeds test_get_options() which gives default command line options for
|
||||||
|
* the test system.
|
||||||
|
*
|
||||||
|
* Tests that need to use opt_next() need to specify
|
||||||
|
* (1) test_get_options() containing an options[] (Which should include either
|
||||||
|
* OPT_TEST_OPTIONS_DEFAULT_USAGE OR
|
||||||
|
* OPT_TEST_OPTIONS_WITH_EXTRA_USAGE).
|
||||||
|
* (2) An enum outside the test_get_options() which contains OPT_TEST_ENUM, as
|
||||||
|
* well as the additional options that need to be handled.
|
||||||
|
* (3) case OPT_TEST_CASES: break; inside the opt_next() handling code.
|
||||||
|
*/
|
||||||
|
#define OPT_TEST_DECLARE_USAGE(usage_str) \
|
||||||
|
const OPTIONS *test_get_options(void) \
|
||||||
|
{ \
|
||||||
|
enum { OPT_TEST_ENUM }; \
|
||||||
|
static const OPTIONS options[] = { \
|
||||||
|
OPT_TEST_OPTIONS_WITH_EXTRA_USAGE(usage_str), \
|
||||||
|
{ NULL } \
|
||||||
|
}; \
|
||||||
|
return options; \
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Used to read non optional command line values that follow after the options.
|
||||||
|
* Returns NULL if there is no argument.
|
||||||
*/
|
*/
|
||||||
const char *test_get_program_name(void);
|
|
||||||
char *test_get_argument(size_t n);
|
char *test_get_argument(size_t n);
|
||||||
|
/* Return the number of additional non optional command line arguments */
|
||||||
size_t test_get_argument_count(void);
|
size_t test_get_argument_count(void);
|
||||||
int test_has_option(const char *option);
|
|
||||||
const char *test_get_option_argument(const char *option);
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Internal helpers. Test programs shouldn't use these directly, but should
|
* Internal helpers. Test programs shouldn't use these directly, but should
|
||||||
|
@ -150,6 +209,16 @@ void add_all_tests(const char *test_case_name, int (*test_fn)(int idx), int num,
|
||||||
int global_init(void);
|
int global_init(void);
|
||||||
int setup_tests(void);
|
int setup_tests(void);
|
||||||
void cleanup_tests(void);
|
void cleanup_tests(void);
|
||||||
|
/*
|
||||||
|
* Used to supply test specific command line options,
|
||||||
|
* If non optional parameters are used, then the first entry in the OPTIONS[]
|
||||||
|
* should contain:
|
||||||
|
* { OPT_HELP_STR, 1, '-', "list of non optional commandline params\n"},
|
||||||
|
* The last entry should always be { NULL }.
|
||||||
|
*
|
||||||
|
* Run the test locally using './test/test_name -help' to check the usage.
|
||||||
|
*/
|
||||||
|
const OPTIONS *test_get_options(void);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Test assumption verification helpers.
|
* Test assumption verification helpers.
|
||||||
|
|
|
@ -21,6 +21,7 @@
|
||||||
# define strdup _strdup
|
# define strdup _strdup
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Declares the structures needed to register each test case function.
|
* Declares the structures needed to register each test case function.
|
||||||
*/
|
*/
|
||||||
|
@ -36,14 +37,21 @@ typedef struct test_info {
|
||||||
|
|
||||||
static TEST_INFO all_tests[1024];
|
static TEST_INFO all_tests[1024];
|
||||||
static int num_tests = 0;
|
static int num_tests = 0;
|
||||||
|
static int show_list = 0;
|
||||||
|
static int single_test = -1;
|
||||||
|
static int single_iter = -1;
|
||||||
|
static int level = 0;
|
||||||
static int seed = 0;
|
static int seed = 0;
|
||||||
/*
|
/*
|
||||||
* A parameterised tests runs a loop of test cases.
|
* A parameterised test runs a loop of test cases.
|
||||||
* |num_test_cases| counts the total number of test cases
|
* |num_test_cases| counts the total number of test cases
|
||||||
* across all tests.
|
* across all tests.
|
||||||
*/
|
*/
|
||||||
static int num_test_cases = 0;
|
static int num_test_cases = 0;
|
||||||
|
|
||||||
|
static int process_shared_options(void);
|
||||||
|
|
||||||
|
|
||||||
void add_test(const char *test_case_name, int (*test_fn) (void))
|
void add_test(const char *test_case_name, int (*test_fn) (void))
|
||||||
{
|
{
|
||||||
assert(num_tests != OSSL_NELEM(all_tests));
|
assert(num_tests != OSSL_NELEM(all_tests));
|
||||||
|
@ -66,8 +74,6 @@ void add_all_tests(const char *test_case_name, int(*test_fn)(int idx),
|
||||||
num_test_cases += num;
|
num_test_cases += num;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int level = 0;
|
|
||||||
|
|
||||||
int subtest_level(void)
|
int subtest_level(void)
|
||||||
{
|
{
|
||||||
return level;
|
return level;
|
||||||
|
@ -99,21 +105,26 @@ static int gcd(int a, int b)
|
||||||
return a;
|
return a;
|
||||||
}
|
}
|
||||||
|
|
||||||
void setup_test_framework(void)
|
static void set_seed(int s)
|
||||||
{
|
{
|
||||||
char *TAP_levels = getenv("HARNESS_OSSL_LEVEL");
|
seed = s;
|
||||||
char *test_seed = getenv("OPENSSL_TEST_RAND_ORDER");
|
|
||||||
|
|
||||||
level = TAP_levels != NULL ? 4 * atoi(TAP_levels) : 0;
|
|
||||||
|
|
||||||
if (test_seed != NULL) {
|
|
||||||
seed = atoi(test_seed);
|
|
||||||
if (seed <= 0)
|
if (seed <= 0)
|
||||||
seed = (int)time(NULL);
|
seed = (int)time(NULL);
|
||||||
test_printf_stdout("%*s# RAND SEED %d\n", subtest_level(), "", seed);
|
test_printf_stdout("%*s# RAND SEED %d\n", subtest_level(), "", seed);
|
||||||
test_flush_stdout();
|
test_flush_stdout();
|
||||||
srand(seed);
|
srand(seed);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int setup_test_framework(int argc, char *argv[])
|
||||||
|
{
|
||||||
|
char *test_seed = getenv("OPENSSL_TEST_RAND_ORDER");
|
||||||
|
char *TAP_levels = getenv("HARNESS_OSSL_LEVEL");
|
||||||
|
|
||||||
|
if (TAP_levels != NULL)
|
||||||
|
level = 4 * atoi(TAP_levels);
|
||||||
|
if (test_seed != NULL)
|
||||||
|
set_seed(atoi(test_seed));
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
|
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
|
||||||
if (should_report_leaks()) {
|
if (should_report_leaks()) {
|
||||||
|
@ -121,8 +132,115 @@ void setup_test_framework(void)
|
||||||
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
|
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
if (!opt_init(argc, argv, test_get_options()))
|
||||||
|
return 0;
|
||||||
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This can only be called after setup() has run, since num_tests and
|
||||||
|
* all_tests[] are setup at this point
|
||||||
|
*/
|
||||||
|
static int check_single_test_params(char *name, char *testname, char *itname)
|
||||||
|
{
|
||||||
|
if (name != NULL) {
|
||||||
|
int i;
|
||||||
|
for (i = 0; i < num_tests; ++i) {
|
||||||
|
if (strcmp(name, all_tests[i].test_case_name) == 0) {
|
||||||
|
single_test = 1 + i;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (i >= num_tests)
|
||||||
|
single_test = atoi(name);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* if only iteration is specified, assume we want the first test */
|
||||||
|
if (single_test == -1 && single_iter != -1)
|
||||||
|
single_test = 1;
|
||||||
|
|
||||||
|
if (single_test != -1) {
|
||||||
|
if (single_test < 1 || single_test > num_tests) {
|
||||||
|
test_printf_stderr("Invalid -%s value "
|
||||||
|
"(Value must be a valid test name OR a value between %d..%d)\n",
|
||||||
|
testname, 1, num_tests);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (single_iter != -1) {
|
||||||
|
if (all_tests[single_test - 1].num == -1) {
|
||||||
|
test_printf_stderr("-%s option is not valid for test %d:%s\n",
|
||||||
|
itname,
|
||||||
|
single_test,
|
||||||
|
all_tests[single_test - 1].test_case_name);
|
||||||
|
return 0;
|
||||||
|
} else if (single_iter < 1
|
||||||
|
|| single_iter > all_tests[single_test - 1].num) {
|
||||||
|
test_printf_stderr("Invalid -%s value for test %d:%s\t"
|
||||||
|
"(Value must be in the range %d..%d)\n",
|
||||||
|
itname, single_test,
|
||||||
|
all_tests[single_test - 1].test_case_name,
|
||||||
|
1, all_tests[single_test - 1].num);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int process_shared_options(void)
|
||||||
|
{
|
||||||
|
OPTION_CHOICE_DEFAULT o;
|
||||||
|
int value;
|
||||||
|
int ret = -1;
|
||||||
|
char *flag_test = "";
|
||||||
|
char *flag_iter = "";
|
||||||
|
char *testname = NULL;
|
||||||
|
|
||||||
|
opt_begin();
|
||||||
|
while ((o = opt_next()) != OPT_EOF) {
|
||||||
|
switch (o) {
|
||||||
|
/* Ignore any test options at this level */
|
||||||
|
default:
|
||||||
|
break;
|
||||||
|
case OPT_ERR:
|
||||||
|
return ret;
|
||||||
|
case OPT_TEST_HELP:
|
||||||
|
opt_help(test_get_options());
|
||||||
|
return 0;
|
||||||
|
case OPT_TEST_LIST:
|
||||||
|
show_list = 1;
|
||||||
|
break;
|
||||||
|
case OPT_TEST_SINGLE:
|
||||||
|
flag_test = opt_flag();
|
||||||
|
testname = opt_arg();
|
||||||
|
break;
|
||||||
|
case OPT_TEST_ITERATION:
|
||||||
|
flag_iter = opt_flag();
|
||||||
|
if (!opt_int(opt_arg(), &single_iter))
|
||||||
|
goto end;
|
||||||
|
break;
|
||||||
|
case OPT_TEST_INDENT:
|
||||||
|
if (!opt_int(opt_arg(), &value))
|
||||||
|
goto end;
|
||||||
|
level = 4 * value;
|
||||||
|
break;
|
||||||
|
case OPT_TEST_SEED:
|
||||||
|
if (!opt_int(opt_arg(), &value))
|
||||||
|
goto end;
|
||||||
|
set_seed(value);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (!check_single_test_params(testname, flag_test, flag_iter))
|
||||||
|
goto end;
|
||||||
|
ret = 1;
|
||||||
|
end:
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
int pulldown_test_framework(int ret)
|
int pulldown_test_framework(int ret)
|
||||||
{
|
{
|
||||||
set_test_title(NULL);
|
set_test_title(NULL);
|
||||||
|
@ -131,7 +249,6 @@ int pulldown_test_framework(int ret)
|
||||||
&& CRYPTO_mem_leaks_cb(openssl_error_cb, NULL) <= 0)
|
&& CRYPTO_mem_leaks_cb(openssl_error_cb, NULL) <= 0)
|
||||||
return EXIT_FAILURE;
|
return EXIT_FAILURE;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -176,14 +293,21 @@ int run_tests(const char *test_prog_name)
|
||||||
int ii, i, jj, j, jstep;
|
int ii, i, jj, j, jstep;
|
||||||
int permute[OSSL_NELEM(all_tests)];
|
int permute[OSSL_NELEM(all_tests)];
|
||||||
|
|
||||||
|
i = process_shared_options();
|
||||||
|
if (i == 0)
|
||||||
|
return EXIT_SUCCESS;
|
||||||
|
if (i == -1)
|
||||||
|
return EXIT_FAILURE;
|
||||||
|
|
||||||
if (num_tests < 1) {
|
if (num_tests < 1) {
|
||||||
test_printf_stdout("%*s1..0 # Skipped: %s\n", level, "",
|
test_printf_stdout("%*s1..0 # Skipped: %s\n", level, "",
|
||||||
test_prog_name);
|
test_prog_name);
|
||||||
} else {
|
} else if (show_list == 0 && single_test == -1) {
|
||||||
if (level > 0)
|
if (level > 0)
|
||||||
test_printf_stdout("%*s# Subtest: %s\n", level, "", test_prog_name);
|
test_printf_stdout("%*s# Subtest: %s\n", level, "", test_prog_name);
|
||||||
test_printf_stdout("%*s1..%d\n", level, "", num_tests);
|
test_printf_stdout("%*s1..%d\n", level, "", num_tests);
|
||||||
}
|
}
|
||||||
|
|
||||||
test_flush_stdout();
|
test_flush_stdout();
|
||||||
|
|
||||||
for (i = 0; i < num_tests; i++)
|
for (i = 0; i < num_tests; i++)
|
||||||
|
@ -198,12 +322,25 @@ int run_tests(const char *test_prog_name)
|
||||||
|
|
||||||
for (ii = 0; ii != num_tests; ++ii) {
|
for (ii = 0; ii != num_tests; ++ii) {
|
||||||
i = permute[ii];
|
i = permute[ii];
|
||||||
if (all_tests[i].num == -1) {
|
|
||||||
|
if (single_test != -1 && ((i+1) != single_test)) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
else if (show_list) {
|
||||||
|
if (all_tests[i].num != -1) {
|
||||||
|
test_printf_stdout("%d - %s (%d..%d)\n", ii + 1,
|
||||||
|
all_tests[i].test_case_name, 1,
|
||||||
|
all_tests[i].num);
|
||||||
|
} else {
|
||||||
|
test_printf_stdout("%d - %s\n", ii + 1,
|
||||||
|
all_tests[i].test_case_name);
|
||||||
|
}
|
||||||
|
test_flush_stdout();
|
||||||
|
} else if (all_tests[i].num == -1) {
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
|
||||||
set_test_title(all_tests[i].test_case_name);
|
set_test_title(all_tests[i].test_case_name);
|
||||||
ret = all_tests[i].test_fn();
|
ret = all_tests[i].test_fn();
|
||||||
|
|
||||||
verdict = 1;
|
verdict = 1;
|
||||||
if (!ret) {
|
if (!ret) {
|
||||||
verdict = 0;
|
verdict = 0;
|
||||||
|
@ -215,7 +352,7 @@ int run_tests(const char *test_prog_name)
|
||||||
int num_failed_inner = 0;
|
int num_failed_inner = 0;
|
||||||
|
|
||||||
level += 4;
|
level += 4;
|
||||||
if (all_tests[i].subtest) {
|
if (all_tests[i].subtest && single_iter == -1) {
|
||||||
test_printf_stdout("%*s# Subtest: %s\n", level, "",
|
test_printf_stdout("%*s# Subtest: %s\n", level, "",
|
||||||
all_tests[i].test_case_name);
|
all_tests[i].test_case_name);
|
||||||
test_printf_stdout("%*s%d..%d\n", level, "", 1,
|
test_printf_stdout("%*s%d..%d\n", level, "", 1,
|
||||||
|
@ -235,6 +372,8 @@ int run_tests(const char *test_prog_name)
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
j = (j + jstep) % all_tests[i].num;
|
j = (j + jstep) % all_tests[i].num;
|
||||||
|
if (single_iter != -1 && ((jj + 1) != single_iter))
|
||||||
|
continue;
|
||||||
set_test_title(NULL);
|
set_test_title(NULL);
|
||||||
ret = all_tests[i].param_test_fn(j);
|
ret = all_tests[i].param_test_fn(j);
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
@ -8,28 +8,9 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "../testutil.h"
|
#include "../testutil.h"
|
||||||
#include "internal/nelem.h"
|
|
||||||
#include "output.h"
|
#include "output.h"
|
||||||
#include "tu_local.h"
|
#include "tu_local.h"
|
||||||
|
|
||||||
#include <string.h>
|
|
||||||
|
|
||||||
static size_t arg_count;
|
|
||||||
static char **args;
|
|
||||||
static unsigned char arg_used[1000];
|
|
||||||
|
|
||||||
static void check_arg_usage(void)
|
|
||||||
{
|
|
||||||
size_t i, n = arg_count < OSSL_NELEM(arg_used) ? arg_count
|
|
||||||
: OSSL_NELEM(arg_used);
|
|
||||||
|
|
||||||
for (i = 0; i < n; i++)
|
|
||||||
if (!arg_used[i+1])
|
|
||||||
test_printf_stderr("Warning ignored command-line argument %zu: %s\n",
|
|
||||||
i, args[i+1]);
|
|
||||||
if (i < arg_count)
|
|
||||||
test_printf_stderr("Warning arguments %zu and later unchecked\n", i);
|
|
||||||
}
|
|
||||||
|
|
||||||
int main(int argc, char *argv[])
|
int main(int argc, char *argv[])
|
||||||
{
|
{
|
||||||
|
@ -42,65 +23,18 @@ int main(int argc, char *argv[])
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
arg_count = argc - 1;
|
if (!setup_test_framework(argc, argv))
|
||||||
args = argv;
|
goto end;
|
||||||
|
|
||||||
setup_test_framework();
|
if (setup_tests()) {
|
||||||
|
|
||||||
if (setup_tests())
|
|
||||||
ret = run_tests(argv[0]);
|
ret = run_tests(argv[0]);
|
||||||
cleanup_tests();
|
cleanup_tests();
|
||||||
check_arg_usage();
|
opt_check_usage();
|
||||||
|
} else {
|
||||||
|
opt_help(test_get_options());
|
||||||
|
}
|
||||||
|
end:
|
||||||
ret = pulldown_test_framework(ret);
|
ret = pulldown_test_framework(ret);
|
||||||
test_close_streams();
|
test_close_streams();
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
const char *test_get_program_name(void)
|
|
||||||
{
|
|
||||||
return args[0];
|
|
||||||
}
|
|
||||||
|
|
||||||
char *test_get_argument(size_t n)
|
|
||||||
{
|
|
||||||
if (n > arg_count)
|
|
||||||
return NULL;
|
|
||||||
if (n + 1 < OSSL_NELEM(arg_used))
|
|
||||||
arg_used[n + 1] = 1;
|
|
||||||
return args[n + 1];
|
|
||||||
}
|
|
||||||
|
|
||||||
size_t test_get_argument_count(void)
|
|
||||||
{
|
|
||||||
return arg_count;
|
|
||||||
}
|
|
||||||
|
|
||||||
int test_has_option(const char *option)
|
|
||||||
{
|
|
||||||
size_t i;
|
|
||||||
|
|
||||||
for (i = 1; i <= arg_count; i++)
|
|
||||||
if (strcmp(args[i], option) == 0) {
|
|
||||||
arg_used[i] = 1;
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
const char *test_get_option_argument(const char *option)
|
|
||||||
{
|
|
||||||
size_t i, n = strlen(option);
|
|
||||||
|
|
||||||
for (i = 1; i <= arg_count; i++)
|
|
||||||
if (strncmp(args[i], option, n) == 0) {
|
|
||||||
arg_used[i] = 1;
|
|
||||||
if (args[i][n] == '\0' && i + 1 < arg_count) {
|
|
||||||
arg_used[++i] = 1;
|
|
||||||
return args[i];
|
|
||||||
}
|
|
||||||
return args[i] + n;
|
|
||||||
}
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
64
test/testutil/options.c
Normal file
64
test/testutil/options.c
Normal file
|
@ -0,0 +1,64 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
*
|
||||||
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
* in the file LICENSE in the source distribution or at
|
||||||
|
* https://www.openssl.org/source/license.html
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "../testutil.h"
|
||||||
|
#include "internal/nelem.h"
|
||||||
|
#include "tu_local.h"
|
||||||
|
#include "output.h"
|
||||||
|
|
||||||
|
|
||||||
|
static int used[100] = { 0 };
|
||||||
|
|
||||||
|
|
||||||
|
size_t test_get_argument_count(void)
|
||||||
|
{
|
||||||
|
return opt_num_rest();
|
||||||
|
}
|
||||||
|
|
||||||
|
char *test_get_argument(size_t n)
|
||||||
|
{
|
||||||
|
char **argv = opt_rest();
|
||||||
|
|
||||||
|
OPENSSL_assert(n < sizeof(used));
|
||||||
|
if ((int)n >= opt_num_rest() || argv == NULL)
|
||||||
|
return NULL;
|
||||||
|
used[n] = 1;
|
||||||
|
return argv[n];
|
||||||
|
}
|
||||||
|
|
||||||
|
void opt_check_usage(void)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
char **argv = opt_rest();
|
||||||
|
int n, arg_count = opt_num_rest();
|
||||||
|
|
||||||
|
if (arg_count > (int)OSSL_NELEM(used))
|
||||||
|
n = (int)OSSL_NELEM(used);
|
||||||
|
else
|
||||||
|
n = arg_count;
|
||||||
|
for (i = 0; i < n; i++) {
|
||||||
|
if (used[i] == 0)
|
||||||
|
test_printf_stderr("Warning ignored command-line argument %d: %s\n",
|
||||||
|
i, argv[i]);
|
||||||
|
}
|
||||||
|
if (i < arg_count)
|
||||||
|
test_printf_stderr("Warning arguments %d and later unchecked\n", i);
|
||||||
|
}
|
||||||
|
|
||||||
|
int opt_printf_stderr(const char *fmt, ...)
|
||||||
|
{
|
||||||
|
va_list ap;
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
va_start(ap, fmt);
|
||||||
|
ret = test_vprintf_stderr(fmt, ap);
|
||||||
|
va_end(ap);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
21
test/testutil/test_options.c
Normal file
21
test/testutil/test_options.c
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
|
*
|
||||||
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||||
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
* in the file LICENSE in the source distribution or at
|
||||||
|
* https://www.openssl.org/source/license.html
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "../testutil.h"
|
||||||
|
#include "tu_local.h"
|
||||||
|
|
||||||
|
/* An overridable list of command line options */
|
||||||
|
const OPTIONS *test_get_options(void)
|
||||||
|
{
|
||||||
|
static const OPTIONS default_options[] = {
|
||||||
|
OPT_TEST_OPTIONS_DEFAULT_USAGE,
|
||||||
|
{ NULL }
|
||||||
|
};
|
||||||
|
return default_options;
|
||||||
|
}
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
@ -44,8 +44,16 @@ void test_fail_memory_message(const char *prefix, const char *file,
|
||||||
const unsigned char *m1, size_t l1,
|
const unsigned char *m1, size_t l1,
|
||||||
const unsigned char *m2, size_t l2);
|
const unsigned char *m2, size_t l2);
|
||||||
|
|
||||||
void setup_test_framework(void);
|
__owur int setup_test_framework(int argc, char *argv[]);
|
||||||
__owur int pulldown_test_framework(int ret);
|
__owur int pulldown_test_framework(int ret);
|
||||||
|
|
||||||
__owur int run_tests(const char *test_prog_name);
|
__owur int run_tests(const char *test_prog_name);
|
||||||
void set_test_title(const char *title);
|
void set_test_title(const char *title);
|
||||||
|
|
||||||
|
typedef enum OPTION_choice_default {
|
||||||
|
OPT_ERR = -1,
|
||||||
|
OPT_EOF = 0,
|
||||||
|
OPT_TEST_ENUM
|
||||||
|
} OPTION_CHOICE_DEFAULT;
|
||||||
|
void opt_check_usage(void);
|
||||||
|
|
||||||
|
|
|
@ -481,6 +481,8 @@ static int test_tls13ccs(int tst)
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(cert = test_get_argument(0))
|
if (!TEST_ptr(cert = test_get_argument(0))
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
@ -11,11 +11,9 @@
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <openssl/opensslconf.h>
|
#include <openssl/opensslconf.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include "apps.h"
|
#include "apps_ui.h"
|
||||||
#include "testutil.h"
|
#include "testutil.h"
|
||||||
|
|
||||||
/* apps/apps.c depend on these */
|
|
||||||
char *default_config_file = NULL;
|
|
||||||
|
|
||||||
#include <openssl/ui.h>
|
#include <openssl/ui.h>
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
@ -37,6 +37,8 @@ end:
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("cert.pem\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(infile = test_get_argument(0)))
|
if (!TEST_ptr(infile = test_get_argument(0)))
|
||||||
|
|
|
@ -175,14 +175,14 @@ static int test_store_ctx(void)
|
||||||
return testresult;
|
return testresult;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("roots.pem untrusted.pem bad.pem\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(roots_f = test_get_argument(0))
|
if (!TEST_ptr(roots_f = test_get_argument(0))
|
||||||
|| !TEST_ptr(untrusted_f = test_get_argument(1))
|
|| !TEST_ptr(untrusted_f = test_get_argument(1))
|
||||||
|| !TEST_ptr(bad_f = test_get_argument(2))) {
|
|| !TEST_ptr(bad_f = test_get_argument(2)))
|
||||||
TEST_error("usage: verify_extra_test roots.pem untrusted.pem bad.pem\n");
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
|
||||||
|
|
||||||
ADD_TEST(test_alt_chains_cert_forgery);
|
ADD_TEST(test_alt_chains_cert_forgery);
|
||||||
ADD_TEST(test_store_ctx);
|
ADD_TEST(test_store_ctx);
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
* this file except in compliance with the License. You can obtain a copy
|
* this file except in compliance with the License. You can obtain a copy
|
||||||
|
@ -106,14 +106,25 @@ failed:
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const OPTIONS *test_get_options(void)
|
||||||
|
{
|
||||||
|
enum { OPT_TEST_ENUM };
|
||||||
|
static const OPTIONS test_options[] = {
|
||||||
|
OPT_TEST_OPTIONS_WITH_EXTRA_USAGE("certname key.pem type expected\n"),
|
||||||
|
{ OPT_HELP_STR, 1, '-', "certname\tCertificate filename .pem/.req\n" },
|
||||||
|
{ OPT_HELP_STR, 1, '-', "type\t\tvalue must be 'pem' or 'req'\n" },
|
||||||
|
{ OPT_HELP_STR, 1, '-', "expected\tthe expected return value\n" },
|
||||||
|
{ NULL }
|
||||||
|
};
|
||||||
|
return test_options;
|
||||||
|
}
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
if (!TEST_ptr(c = test_get_argument(0))
|
if (!TEST_ptr(c = test_get_argument(0))
|
||||||
|| !TEST_ptr(k = test_get_argument(1))
|
|| !TEST_ptr(k = test_get_argument(1))
|
||||||
|| !TEST_ptr(t = test_get_argument(2))
|
|| !TEST_ptr(t = test_get_argument(2))
|
||||||
|| !TEST_ptr(e = test_get_argument(3))) {
|
|| !TEST_ptr(e = test_get_argument(3))) {
|
||||||
TEST_note("usage: x509_check_cert_pkey cert.pem|cert.req"
|
|
||||||
" key.pem cert|req <expected>");
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
|
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||||
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||||
|
@ -33,14 +33,14 @@ static int test_509_dup_cert(int n)
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("cert.pem...\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
size_t n = test_get_argument_count();
|
size_t n = test_get_argument_count();
|
||||||
|
|
||||||
if (!TEST_int_gt(n, 0)) {
|
if (!TEST_int_gt(n, 0))
|
||||||
TEST_note("usage: x509_dup_cert_test cert.pem...");
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
|
||||||
|
|
||||||
ADD_ALL_TESTS(test_509_dup_cert, n);
|
ADD_ALL_TESTS(test_509_dup_cert, n);
|
||||||
return 1;
|
return 1;
|
||||||
|
|
|
@ -161,14 +161,13 @@ static int test_certs(int num)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OPT_TEST_DECLARE_USAGE("certfile...\n")
|
||||||
|
|
||||||
int setup_tests(void)
|
int setup_tests(void)
|
||||||
{
|
{
|
||||||
size_t n = test_get_argument_count();
|
size_t n = test_get_argument_count();
|
||||||
|
if (n == 0)
|
||||||
if (n == 0) {
|
|
||||||
TEST_error("usage: %s certfile...", test_get_program_name());
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
|
||||||
|
|
||||||
ADD_ALL_TESTS(test_certs, (int)n);
|
ADD_ALL_TESTS(test_certs, (int)n);
|
||||||
return 1;
|
return 1;
|
||||||
|
|
Loading…
Reference in a new issue