wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2014 from JacobBarthelmeh/Testing

Browse Source 
add ocsp stapling test and initialize values
This commit is contained in:
toddouska
2019-01-09 10:41:56 -08:00
committed by GitHub
parent 656c7951cd 26ae39a217
commit e1fd7b86f7
2 changed files with 32 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
scripts/ocsp-stapling.test
View File

@ -178,6 +178,33 @@ if [ ! -z "$size" ]; then
printf 'OK\n' printf 'OK\n'
fi fi
# test interop fail case
ready_file=`pwd`/wolf_ocsp_readyF$$
printf '%s\n' "ready file: $ready_file"
./examples/server/server -o -R $ready_file &
wolf_pid=$!
wait_for_readyFile $ready_file
if [ ! -f $ready_file ]; then
printf '%s\n' "Failed to create ready file: \"$ready_file\""
exit 1
else
# should fail if ocspstapling is also enabled
RPORTSELECTED=`cat $ready_file`
echo "hi" | openssl s_client -status -connect 127.0.0.1:${RPORTSELECTED} -cert ./certs/client-cert.pem -key ./certs/client-key.pem -CAfile ./certs/ocsp/root-ca-cert.pem
if [ $? -eq 0 ]; then
printf '%s\n' "Succeeded when should have failed"
remove_single_rF $ready_file
exit 1
fi
remove_single_rF $ready_file
wait $wolf_pid
if [ $? -ne 1 ]; then
printf '%s\n' "wolfSSL server unexpected fail value"
exit 1
fi
fi
# create a port 0 port to use with openssl ocsp responder # create a port 0 port to use with openssl ocsp responder
./examples/server/server -R $ready_file -p $resume_port & ./examples/server/server -R $ready_file -p $resume_port &
wait_for_readyFile $ready_file wait_for_readyFile $ready_file

6
src/internal.c
View File

@ -14168,6 +14168,9 @@ static int CreateOcspRequest(WOLFSSL* ssl, OcspRequest* request,
{ {
int ret; int ret;
if (request != NULL)
XMEMSET(request, 0, sizeof(OcspRequest));
InitDecodedCert(cert, certData, length, ssl->heap); InitDecodedCert(cert, certData, length, ssl->heap);
/* TODO: Setup async support here */ /* TODO: Setup async support here */
ret = ParseCertRelative(cert, CERT_TYPE, VERIFY, ssl->ctx->cm); ret = ParseCertRelative(cert, CERT_TYPE, VERIFY, ssl->ctx->cm);
@ -23591,7 +23594,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ret = TLSX_AddEmptyRenegotiationInfo(&ssl->extensions); ret = TLSX_AddEmptyRenegotiationInfo(&ssl->extensions);
if (ret != WOLFSSL_SUCCESS) if (ret != WOLFSSL_SUCCESS)
return ret; return ret;
ssl->secure_renegotiation->enabled = 1; if (ssl->secure_renegotiation)
ssl->secure_renegotiation->enabled = 1;
} }
#endif /* HAVE_SERVER_RENEGOTIATION_INFO */ #endif /* HAVE_SERVER_RENEGOTIATION_INFO */