mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-10 19:50:49 +02:00
tests: keep test_wolfSSL_X509V3_EXT OPENSSL_ALL-only
PRB-generic-config-parser failed in test_wolfSSL_X509V3_EXT under an
OPENSSL_EXTRA (non-OPENSSL_ALL) config:
test_ossl_x509_ext.c:1519 ExpectIntEQ(actual, 0) /* got -5 */
The function walks the OCSP root CA's extensions by hardcoded index (i=0 basic
constraints, i=1 subject key id, i=2 authority key id, ...) and asserts fixed
values. The strcmp result -5 is exactly '2'-'7': the i=1 i2s produced the
authority-key-id value ("27:8E:...") instead of the subject-key-id
("73:B0:..."), i.e. the stored-extension order differs in OPENSSL_EXTRA-only
builds, so the index assumption breaks.
On master this test is gated on OPENSSL_ALL; the MC/DC campaign commit
(bc92090b3) over-widened it to (OPENSSL_EXTRA || OPENSSL_ALL) when splitting
api.c. Revert just this function's guard to OPENSSL_ALL. The by-NID
test_wolfSSL_X509V3_EXT_aia above keeps its OPENSSL_EXTRA widening (that is the
one the AIA leak fix needed, and it looks extensions up by NID so it is
order-independent).
Verified: skipped under --enable-opensslextra (no longer runs/fails there),
runs and passes under --enable-all.
This commit is contained in:
@@ -1415,8 +1415,14 @@ int test_wolfSSL_X509V3_EXT_aia(void)
|
||||
int test_wolfSSL_X509V3_EXT(void)
|
||||
{
|
||||
EXPECT_DECLS;
|
||||
#if !defined(NO_FILESYSTEM) && \
|
||||
(defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && !defined(NO_RSA)
|
||||
/* This test walks the OCSP root CA's extensions by hardcoded index (i=0 basic
|
||||
* constraints, i=1 subject key id, i=2 authority key id, ...) and asserts fixed
|
||||
* values. That ordering/index assumption only holds for OPENSSL_ALL builds; in
|
||||
* OPENSSL_EXTRA-only configs the stored-extension order can differ, so the SKID
|
||||
* i2s check reads the AKID instead and fails. Keep this test OPENSSL_ALL-only
|
||||
* (its state on master); the by-NID AIA test above is the one that needed
|
||||
* widening to OPENSSL_EXTRA. */
|
||||
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
|
||||
XFILE f = XBADFILE;
|
||||
int numOfExt = 0, nid = 0, i = 0, expected, actual = 0;
|
||||
char* str = NULL;
|
||||
|
||||
Reference in New Issue
Block a user