[tor-commits] [tor/release-0.4.2] Merge branch 'maint-0.3.5' into maint-0.4.2

Thu Jul 9 13:29:01 UTC 2020

commit 283ce30c536568129f0a2b531d4c195c93c7ff52
Merge: b81e24cda 7142f3e43
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu Jul 9 09:28:53 2020 -0400

    Merge branch 'maint-0.3.5' into maint-0.4.2

 changes/bug33119               |  4 +++
 src/lib/tls/tortls_nss.c       | 47 +++++++++++++++++++++++----
 src/test/test_tortls.c         | 73 ++++++++++++++++++++++++++++++++++++++++++
 src/test/test_tortls_openssl.c | 70 ----------------------------------------
 4 files changed, 118 insertions(+), 76 deletions(-)

diff --cc src/test/test_tortls_openssl.c
index 81e2d3aa4,f039980a2..93135d0b1

--- a/src/test/test_tortls_openssl.c
+++ b/src/test/test_tortls_openssl.c
@@@ -477,77 -477,8 +477,8 @@@ fake_x509_free(X509 *cert
      tor_free(cert);
    }
  }
 -#endif
 +#endif /* !defined(OPENSSL_OPAQUE) */
  
- static tor_x509_cert_t *fixed_x509_cert = NULL;
- static tor_x509_cert_t *
- get_peer_cert_mock_return_fixed(tor_tls_t *tls)
- {
-   (void)tls;
-   if (fixed_x509_cert)
-     return tor_x509_cert_dup(fixed_x509_cert);
-   else
-     return NULL;
- }
- 
- static void
- test_tortls_cert_matches_key(void *ignored)
- {
-   (void)ignored;
- 
-   X509 *cert1 = NULL, *cert2 = NULL, *cert3 = NULL, *cert4 = NULL;
-   tor_x509_cert_t *c1 = NULL, *c2 = NULL, *c3 = NULL, *c4 = NULL;
-   crypto_pk_t *k1 = NULL, *k2 = NULL, *k3 = NULL;
- 
-   k1 = pk_generate(1);
-   k2 = pk_generate(2);
-   k3 = pk_generate(3);
- 
-   cert1 = tor_tls_create_certificate(k1, k2, "A", "B", 1000);
-   cert2 = tor_tls_create_certificate(k1, k3, "C", "D", 1000);
-   cert3 = tor_tls_create_certificate(k2, k3, "C", "D", 1000);
-   cert4 = tor_tls_create_certificate(k3, k2, "E", "F", 1000);
- 
-   tt_assert(cert1 && cert2 && cert3 && cert4);
- 
-   c1 = tor_x509_cert_new(cert1); cert1 = NULL;
-   c2 = tor_x509_cert_new(cert2); cert2 = NULL;
-   c3 = tor_x509_cert_new(cert3); cert3 = NULL;
-   c4 = tor_x509_cert_new(cert4); cert4 = NULL;
- 
-   tt_assert(c1 && c2 && c3 && c4);
- 
-   MOCK(tor_tls_get_peer_cert, get_peer_cert_mock_return_fixed);
- 
-   fixed_x509_cert = NULL;
-   /* If the peer has no certificate, it shouldn't match anything. */
-   tt_assert(! tor_tls_cert_matches_key(NULL, c1));
-   tt_assert(! tor_tls_cert_matches_key(NULL, c2));
-   tt_assert(! tor_tls_cert_matches_key(NULL, c3));
-   tt_assert(! tor_tls_cert_matches_key(NULL, c4));
-   fixed_x509_cert = c1;
-   /* If the peer has a certificate, it should match every cert with the same
-    * subject key. */
-   tt_assert(tor_tls_cert_matches_key(NULL, c1));
-   tt_assert(tor_tls_cert_matches_key(NULL, c2));
-   tt_assert(! tor_tls_cert_matches_key(NULL, c3));
-   tt_assert(! tor_tls_cert_matches_key(NULL, c4));
- 
-  done:
-   tor_x509_cert_free(c1);
-   tor_x509_cert_free(c2);
-   tor_x509_cert_free(c3);
-   tor_x509_cert_free(c4);
-   if (cert1) X509_free(cert1);
-   if (cert2) X509_free(cert2);
-   if (cert3) X509_free(cert3);
-   if (cert4) X509_free(cert4);
-   crypto_pk_free(k1);
-   crypto_pk_free(k2);
-   crypto_pk_free(k3);
-   UNMOCK(tor_tls_get_peer_cert);
- }
- 
  #ifndef OPENSSL_OPAQUE
  static void
  test_tortls_cert_get_key(void *ignored)



