탐색 도움말
로그인
OWEALs
/
openssl
의 미러 git://git.openssl.org/openssl.git
2
0
포크 0
파일 이슈 1 위키
트리: 269ad8d571
브랜치 태그
openssl
/
test
/
recipes
/
80-test_ca_internals.t

80-test_ca_internals.t 4.5 KB
히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165 
  1. #! /usr/bin/env perl
    2. 

  2. # Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3. #
    4. 

  4. # Licensed under the Apache License 2.0 (the "License").  You may not use
    5. 

  5. # this file except in compliance with the License.  You can obtain a copy
    6. 

  6. # in the file LICENSE in the source distribution or at
    7. 

  7. # https://www.openssl.org/source/license.html
    8. 

  8. 

  9. use strict;
    10. 

  10. use warnings;
    11. 

  11. 

  12. use POSIX;
    13. 

  13. use OpenSSL::Test qw/:DEFAULT data_file/;
    14. 

  14. use File::Copy;
    15. 

  15. 

  16. setup('test_ca_internals');
    17. 

  17. 

  18. my @updatedb_tests = (
    19. 

  19.     {
    20. 

  20.         description => 'updatedb called before the first certificate expires',
    21. 

  21.         filename => 'index.txt',
    22. 

  22.         copydb => 1,
    23. 

  23.         testdate => '990101000000Z',
    24. 

  24.         need64bit => 0,
    25. 

  25.         expirelist => [ ]
    26. 

  26.     },
    27. 

  27.     {
    28. 

  28.         description => 'updatedb called before Y2k',
    29. 

  29.         filename => 'index.txt',
    30. 

  30.         copydb => 0,
    31. 

  31.         testdate => '991201000000Z',
    32. 

  32.         need64bit => 0,
    33. 

  33.         expirelist => [ '1000' ]
    34. 

  34.     },
    35. 

  35.     {
    36. 

  36.         description => 'updatedb called after year 2020',
    37. 

  37.         filename => 'index.txt',
    38. 

  38.         copydb => 0,
    39. 

  39.         testdate => '211201000000Z',
    40. 

  40.         need64bit => 0,
    41. 

  41.         expirelist => [ '1001' ]
    42. 

  42.     },
    43. 

  43.     {
    44. 

  44.         description => 'updatedb called in year 2049 (last year with 2 digits)',
    45. 

  45.         filename => 'index.txt',
    46. 

  46.         copydb => 0,
    47. 

  47.         testdate => '491201000000Z',
    48. 

  48.         need64bit => 1,
    49. 

  49.         expirelist => [ '1002' ]
    50. 

  50.     },
    51. 

  51.     {
    52. 

  52.         description => 'updatedb called in year 2050 (first year with 4 digits) before the last certificate expires',
    53. 

  53.         filename => 'index.txt',
    54. 

  54.         copydb => 0,
    55. 

  55.         testdate => '20500101000000Z',
    56. 

  56.         need64bit => 1,
    57. 

  57.         expirelist => [ ]
    58. 

  58.     },
    59. 

  59.     {
    60. 

  60.         description => 'updatedb called after the last certificate expired',
    61. 

  61.         filename => 'index.txt',
    62. 

  62.         copydb => 0,
    63. 

  63.         testdate => '20501201000000Z',
    64. 

  64.         need64bit => 1,
    65. 

  65.         expirelist => [ '1003' ]
    66. 

  66.     },
    67. 

  67.     {
    68. 

  68.         description => 'updatedb called for the first time after the last certificate expired',
    69. 

  69.         filename => 'index.txt',
    70. 

  70.         copydb => 1,
    71. 

  71.         testdate => '20501201000000Z',
    72. 

  72.         need64bit => 1,
    73. 

  73.         expirelist => [ '1000',
    74. 

  74.                         '1001',
    75. 

  75.                         '1002',
    76. 

  76.                         '1003' ]
    77. 

  77.     }
    78. 

  78. );
    79. 

  79. 

  80. my @unsupported_commands = (
    81. 

  81.     {
    82. 

  82.         command => 'unsupported'
    83. 

  83.     }
    84. 

  84. );
    85. 

  85. 

  86. # every "test_updatedb" makes 3 checks
    87. 

  87. plan tests => 3 * scalar(@updatedb_tests) +
    88. 

  88.               1 * scalar(@unsupported_commands);
    89. 

  89. 

  90. 

  91. foreach my $test (@updatedb_tests) {
    92. 

  92.     test_updatedb($test);
    93. 

  93. }
    94. 

  94. foreach my $test (@unsupported_commands) {
    95. 

  95.     test_unsupported_commands($test);
    96. 

  96. }
    97. 

  97. 

  98. 

  99. ################### subs to do tests per supported command ################
    100. 

  100. 

  101. sub test_unsupported_commands {
    102. 

  102.     my ($opts) = @_;
    103. 

  103. 

  104.     run(
    105. 

  105.         test(['ca_internals_test',
    106. 

  106.                 $opts->{command}
    107. 

  107.         ]),
    108. 

  108.         capture => 0,
    109. 

  109.         statusvar => \my $exit
    110. 

  110.     );
    111. 

  111. 

  112.     is($exit, 0, "command '".$opts->{command}."' completed without an error");
    113. 

  113. }
    114. 

  114. 

  115. sub test_updatedb {
    116. 

  116.     my ($opts) = @_;
    117. 

  117.     my $amtexpectedexpired = scalar(@{$opts->{expirelist}});
    118. 

  118.     my @output;
    119. 

  119.     my $expirelistcorrect = 1;
    120. 

  120.     my $cert;
    121. 

  121.     my $amtexpired = 0;
    122. 

  122.     my $skipped = 0;
    123. 

  123. 

  124.     if ($opts->{copydb}) {
    125. 

  125.         copy(data_file('index.txt'), 'index.txt');
    126. 

  126.     }
    127. 

  127. 

  128.     @output = run(
    129. 

  129.         test(['ca_internals_test',
    130. 

  130.             "do_updatedb",
    131. 

  131.             $opts->{filename},
    132. 

  132.             $opts->{testdate},
    133. 

  133.             $opts->{need64bit}
    134. 

  134.         ]),
    135. 

  135.         capture => 1,
    136. 

  136.         statusvar => \my $exit
    137. 

  137.     );
    138. 

  138. 

  139.     foreach my $tmp (@output) {
    140. 

  140.         ($cert) = $tmp =~ /^[\x20\x23]*[^0-9A-Fa-f]*([0-9A-Fa-f]+)=Expired/;
    141. 

  141.         if ($tmp =~ /^[\x20\x23]*skipping test/) {
    142. 

  142.             $skipped = 1;
    143. 

  143.         }
    144. 

  144.         if (defined($cert) && (length($cert) > 0)) {
    145. 

  145.             $amtexpired++;
    146. 

  146.             my $expirefound = 0;
    147. 

  147.             foreach my $expire (@{$opts->{expirelist}}) {
    148. 

  148.                 if ($expire eq $cert) {
    149. 

  149.                     $expirefound = 1;
    150. 

  150.                 }
    151. 

  151.             }
    152. 

  152.             if ($expirefound != 1) {
    153. 

  153.                 $expirelistcorrect = 0;
    154. 

  154.             }
    155. 

  155.         }
    156. 

  156.     }
    157. 

  157. 

  158.     if ($skipped) {
    159. 

  159.         $amtexpired = $amtexpectedexpired;
    160. 

  160.         $expirelistcorrect = 1;
    161. 

  161.     }
    162. 

  162.     is($exit, 1, "ca_internals_test: returned EXIT_FAILURE (".$opts->{description}.")");
    163. 

  163.     is($amtexpired, $amtexpectedexpired, "ca_internals_test: amount of expired certificates differs from expected amount (".$opts->{description}.")");
    164. 

  164.     is($expirelistcorrect, 1, "ca_internals_test: list of expired certificates differs from expected list (".$opts->{description}.")");
    165. 

  165. }
    166.