summaryrefslogtreecommitdiff
path: root/regress/usr.sbin
diff options
context:
space:
mode:
authorClaudio Jeker <claudio@cvs.openbsd.org>2021-10-07 10:34:40 +0000
committerClaudio Jeker <claudio@cvs.openbsd.org>2021-10-07 10:34:40 +0000
commit596f7cd361e65fadf762a049221d1728ae8001ee (patch)
tree61310cf442a01245964ad927156a9364694120fa /regress/usr.sbin
parenta35c1d3c45b30b6e9468b52c31fd4eb2fd203c91 (diff)
Replace the ugly openssl11 hack for the missing ASN1_time_parse() and
ASN1_time_tm_cmp() functions with another hack that is considerably more horrible but also less intrusive.
Diffstat (limited to 'regress/usr.sbin')
-rw-r--r--regress/usr.sbin/rpki-client/Makefile.inc36
-rw-r--r--regress/usr.sbin/rpki-client/openssl11/Makefile11
-rw-r--r--regress/usr.sbin/rpki-client/openssl11/unistd.h13
-rw-r--r--regress/usr.sbin/rpki-client/test-cert.c5
-rw-r--r--regress/usr.sbin/rpki-client/test-mft.c10
-rw-r--r--regress/usr.sbin/rpki-client/test-roa.c14
6 files changed, 38 insertions, 51 deletions
diff --git a/regress/usr.sbin/rpki-client/Makefile.inc b/regress/usr.sbin/rpki-client/Makefile.inc
index 7261c3b8b03..cb6d1e07398 100644
--- a/regress/usr.sbin/rpki-client/Makefile.inc
+++ b/regress/usr.sbin/rpki-client/Makefile.inc
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile.inc,v 1.12 2021/10/05 11:23:16 job Exp $
+# $OpenBSD: Makefile.inc,v 1.13 2021/10/07 10:34:39 claudio Exp $
.PATH: ${.CURDIR}/../../../../usr.sbin/rpki-client
@@ -26,50 +26,30 @@ TALARGS += ta/AfriNIC.cer tal/afrinic.tal
TALARGS += ta/apnic-rpki-root-iana-origin.cer tal/apnic.tal
TALARGS += ta/ripe-ncc-ta.cer tal/ripe.tal
-SRCS_test-cert= test-cert.c cert.c cms.c x509.c ip.c as.c io.c log.c tal.c \
- validate.c encoding.c
+SRCS_test-cert+= test-cert.c cert.c cms.c x509.c ip.c as.c io.c \
+ log.c tal.c validate.c encoding.c
run-regress-test-cert: test-cert
./test-cert -v ${.CURDIR}/../cer/*.cer
./test-cert -vt ${TALARGS:S,,${.CURDIR}/../&,}
-SRCS_test-bgpsec= test-bgpsec.c cert.c cms.c x509.c ip.c as.c io.c \
+SRCS_test-bgpsec+= test-bgpsec.c cert.c cms.c x509.c ip.c as.c io.c \
log.c tal.c validate.c encoding.c
run-regress-test-bgpsec: test-bgpsec
./test-bgpsec -v ${.CURDIR}/../bgpsec/*.cer
-# Provide missing prototypes for OpenSSL
-mft_gen.c: mft.c
- echo '#include <openssl/asn1.h>\n' > $@.tmp
- echo 'int ASN1_time_parse(const char *, size_t, struct tm *, int);' \
- >> $@.tmp
- echo 'int ASN1_time_tm_cmp(struct tm *, struct tm *);' >> $@.tmp
- cat $> >> $@.tmp
- mv -f $@.tmp $@
-
-# Provide missing prototypes for OpenSSL
-roa_gen.c: roa.c
- echo '#include <openssl/asn1.h>\n' > $@.tmp
- echo 'int ASN1_time_parse(const char *, size_t, struct tm *, int);' \
- >> $@.tmp
- echo 'int ASN1_time_tm_cmp(struct tm *, struct tm *);' >> $@.tmp
- cat $> >> $@.tmp
- mv -f $@.tmp $@
-
-CLEANFILES += mft_gen.c mft_gen.c.tmp roa_gen.c roa_gen.c.tmp
-
-SRCS_test-mft+= test-mft.c mft_gen.c cms.c x509.c io.c log.c validate.c \
+SRCS_test-mft+= test-mft.c mft.c cms.c x509.c io.c log.c validate.c \
encoding.c dummy.c
run-regress-test-mft: test-mft
./test-mft -v ${.CURDIR}/../mft/*.mft
-SRCS_test-roa+= test-roa.c roa_gen.c cms.c x509.c ip.c as.c io.c log.c encoding.c
+SRCS_test-roa+= test-roa.c roa.c cms.c x509.c ip.c as.c io.c log.c encoding.c
run-regress-test-roa: test-roa
./test-roa -v ${.CURDIR}/../roa/*.roa
-SRCS_test-gbr= test-gbr.c gbr.c cms.c x509.c io.c log.c encoding.c
+SRCS_test-gbr+= test-gbr.c gbr.c cms.c x509.c io.c log.c encoding.c
run-regress-test-gbr: test-gbr
./test-gbr -v ${.CURDIR}/../gbr/*.gbr
-SRCS_test-tal= test-tal.c tal.c io.c log.c validate.c encoding.c dummy.c
+SRCS_test-tal+= test-tal.c tal.c io.c log.c validate.c encoding.c dummy.c
run-regress-test-tal: test-tal
./test-tal -v ${.CURDIR}/../tal/*.tal
diff --git a/regress/usr.sbin/rpki-client/openssl11/Makefile b/regress/usr.sbin/rpki-client/openssl11/Makefile
index 87b83348323..a84809d855f 100644
--- a/regress/usr.sbin/rpki-client/openssl11/Makefile
+++ b/regress/usr.sbin/rpki-client/openssl11/Makefile
@@ -1,19 +1,22 @@
LDADD += -Wl,-rpath,/usr/local/lib/eopenssl11 -L/usr/local/lib/eopenssl11
-CFLAGS += -I/usr/local/include/eopenssl11/
+CFLAGS += -I${.CURDIR}/ -I/usr/local/include/eopenssl11/
# For mft.c we need ASN1_time_parse() and ASN1_time_tm_cmp() from LibreSSL
# Provide a missing prototype
a_time_tm_gen.c: a_time_tm.c
echo '#include <openssl/asn1.h>\n' > $@.tmp
- echo 'void ASN1error(int);' >> $@.tmp
+ echo '#define ASN1error(err) ASN1err(0, (err));' >> $@.tmp
cat $> >> $@.tmp
mv -f $@.tmp $@
CLEANFILES += a_time_tm_gen.c a_time_tm_gen.c.tmp
-SRCS_test-mft = a_time_tm_gen.c o_time.c
-SRCS_test-roa = a_time_tm_gen.c o_time.c
+SRCS_test-mft = a_time_tm_gen.c o_time.c
+SRCS_test-roa = a_time_tm_gen.c o_time.c
+SRCS_test-cert = a_time_tm_gen.c o_time.c
+SRCS_test-gbr = a_time_tm_gen.c o_time.c
+SRCS_test-bgpsec = a_time_tm_gen.c o_time.c
CFLAGS += -I${.CURDIR}/../../../../lib/libcrypto/
.PATH: ${.CURDIR}/..
diff --git a/regress/usr.sbin/rpki-client/openssl11/unistd.h b/regress/usr.sbin/rpki-client/openssl11/unistd.h
new file mode 100644
index 00000000000..ec672f84364
--- /dev/null
+++ b/regress/usr.sbin/rpki-client/openssl11/unistd.h
@@ -0,0 +1,13 @@
+/*
+ * Public domain
+ * compatibility shim for openssl11
+ * overloading unistd.h is a ugly guly hack for this issue but works here
+ */
+
+#include_next <unistd.h>
+
+#include <openssl/asn1.h>
+
+int ASN1_time_parse(const char *, size_t, struct tm *, int);
+int ASN1_time_tm_cmp(struct tm *, struct tm *);
+
diff --git a/regress/usr.sbin/rpki-client/test-cert.c b/regress/usr.sbin/rpki-client/test-cert.c
index 681a13538f4..3fa2e69386e 100644
--- a/regress/usr.sbin/rpki-client/test-cert.c
+++ b/regress/usr.sbin/rpki-client/test-cert.c
@@ -1,4 +1,4 @@
-/* $Id: test-cert.c,v 1.10 2021/03/29 15:47:34 claudio Exp $ */
+/* $Id: test-cert.c,v 1.11 2021/10/07 10:34:39 claudio Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
@@ -42,6 +42,7 @@ cert_print(const struct cert *p)
size_t i;
char buf1[64], buf2[64];
int sockt;
+ char tbuf[21];
assert(p != NULL);
@@ -56,6 +57,8 @@ cert_print(const struct cert *p)
printf("Authority key identifier: %s\n", pretty_key_id(p->aki));
if (p->aia != NULL)
printf("Authority info access: %s\n", p->aia);
+ strftime(tbuf, sizeof(tbuf), "%FT%TZ", gmtime(&p->expires));
+ printf("CA valid until: %s\n", tbuf);
for (i = 0; i < p->asz; i++)
switch (p->as[i].type) {
diff --git a/regress/usr.sbin/rpki-client/test-mft.c b/regress/usr.sbin/rpki-client/test-mft.c
index 0f17bcf10f3..0f6252842a1 100644
--- a/regress/usr.sbin/rpki-client/test-mft.c
+++ b/regress/usr.sbin/rpki-client/test-mft.c
@@ -1,4 +1,4 @@
-/* $Id: test-mft.c,v 1.13 2021/03/29 15:47:34 claudio Exp $ */
+/* $Id: test-mft.c,v 1.14 2021/10/07 10:34:39 claudio Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
@@ -36,14 +36,6 @@
#include "test-common.c"
-#ifndef ASN1error
-void
-ASN1error(int err)
-{
- ASN1err(0, err);
-}
-#endif
-
int verbose;
static void
diff --git a/regress/usr.sbin/rpki-client/test-roa.c b/regress/usr.sbin/rpki-client/test-roa.c
index da22e4b8b4d..e079e6426e1 100644
--- a/regress/usr.sbin/rpki-client/test-roa.c
+++ b/regress/usr.sbin/rpki-client/test-roa.c
@@ -1,4 +1,4 @@
-/* $Id: test-roa.c,v 1.11 2021/05/06 17:03:57 job Exp $ */
+/* $Id: test-roa.c,v 1.12 2021/10/07 10:34:39 claudio Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
@@ -32,14 +32,6 @@
#include "test-common.c"
-#ifndef ASN1error
-void
-ASN1error(int err)
-{
- ASN1err(0, err);
-}
-#endif
-
int verbose;
static void
@@ -47,12 +39,16 @@ roa_print(const struct roa *p)
{
char buf[128];
size_t i;
+ char tbuf[21];
assert(p != NULL);
printf("Subject key identifier: %s\n", pretty_key_id(p->ski));
printf("Authority key identifier: %s\n", pretty_key_id(p->aki));
printf("Authority info access: %s\n", p->aia);
+ strftime(tbuf, sizeof(tbuf), "%FT%TZ", gmtime(&p->expires));
+ printf("ROA valid until: %s\n", tbuf);
+
printf("asID: %" PRIu32 "\n", p->asid);
for (i = 0; i < p->ipsz; i++) {
ip_addr_print(&p->ips[i].addr,