Add a tester of OpenSSL config files and test the current .pragma

test/confdump.c reads an OpenSSL config file and prints out the processed result. This can be used to check that a config file is processed correctly. We add a test recipe and the necessary data to test the dollarid pragma. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8882)
2025-05-05 22:19:40 +00:00 · 2019-08-19 06:35:54 +02:00 · 2019-08-19 06:35:54 +02:00 · 5aaba37618
commit 5aaba37618
parent 0255c1742a
8 changed files with 131 additions and 0 deletions
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@ -456,6 +456,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
                continue;
            } else if (*p != '=') {
                CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_MISSING_EQUAL_SIGN);
+                ERR_add_error_data(2, "HERE-->", p);
                goto err;
            }
            *end = '\0';
--- a/test/build.info
+++ b/test/build.info
@ -28,6 +28,7 @@ IF[{- !$disabled{tests} -}]
  DEPEND[libtestutil.a]=../libcrypto

  PROGRAMS{noinst}=\
+          confdump \
          versions \
          aborttest test_test \
          sanitytest rsa_complex exdatatest bntest \
@ -60,6 +61,10 @@ IF[{- !$disabled{tests} -}]
          context_internal_test aesgcmtest params_test evp_pkey_dparams_test \
          keymgmt_internal_test

+  SOURCE[confdump]=confdump.c
+  INCLUDE[confdump]=../include ../apps/include
+  DEPEND[confdump]=../libcrypto
+
  SOURCE[versions]=versions.c
  INCLUDE[versions]=../include ../apps/include
  DEPEND[versions]=../libcrypto
--- a/test/confdump.c
+++ b/test/confdump.c
@ -0,0 +1,70 @@
+/*
+ * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/bio.h>
+#include <openssl/conf.h>
+#include <openssl/safestack.h>
+#include <openssl/err.h>
+
+static STACK_OF(OPENSSL_CSTRING) *section_names = NULL;
+
+static void collect_section_name(CONF_VALUE *v)
+{
+    /* A section is a CONF_VALUE with name == NULL */
+    if (v->name == NULL)
+        sk_OPENSSL_CSTRING_push(section_names, v->section);
+}
+
+static int section_name_cmp(OPENSSL_CSTRING const *a, OPENSSL_CSTRING const *b)
+{
+    return strcmp(*a, *b);
+}
+
+static void collect_all_sections(const CONF *cnf)
+{
+    section_names = sk_OPENSSL_CSTRING_new(section_name_cmp);
+    lh_CONF_VALUE_doall(cnf->data, collect_section_name);
+    sk_OPENSSL_CSTRING_sort(section_names);
+}
+
+static void dump_section(const char *name, const CONF *cnf)
+{
+    STACK_OF(CONF_VALUE) *sect = NCONF_get_section(cnf, name);
+    int i;
+
+    printf("[ %s ]\n", name);
+    for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
+        CONF_VALUE *cv = sk_CONF_VALUE_value(sect, i);
+
+        printf("%s = %s\n", cv->name, cv->value);
+    }
+}
+
+int main(int argc, char **argv)
+{
+    long eline;
+    CONF *conf;
+
+    if ((conf = NCONF_new(NCONF_default())) != NULL
+        && NCONF_load(conf, argv[1], &eline)) {
+        int i;
+
+        collect_all_sections(conf);
+        for (i = 0; i < sk_OPENSSL_CSTRING_num(section_names); i++) {
+            dump_section(sk_OPENSSL_CSTRING_value(section_names, i), conf);
+        }
+        sk_OPENSSL_CSTRING_free(section_names);
+    } else {
+        ERR_print_errors_fp(stderr);
+        return 1;
+    }
+    return 0;
+}
--- a/test/recipes/04-test_conf.t
+++ b/test/recipes/04-test_conf.t
@ -0,0 +1,37 @@
+#! /usr/bin/env perl
+# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+use warnings;
+
+use OpenSSL::Test qw(:DEFAULT data_file);
+use File::Compare qw(compare_text);
+
+setup('test_conf');
+
+my %input_result = (
+    'dollarid_on.conf'  => 'dollarid_on.txt',
+    'dollarid_off.conf' => 'dollarid_off.txt',
+);
+
+plan tests => 2 * scalar(keys %input_result);
+
+foreach (sort keys %input_result) {
+  SKIP: {
+      my $input_path = data_file($_);
+      my $expected_path = data_file($input_result{$_});
+      my $result_path = "test_conf-$_-stdout";
+
+      skip "Problem dumping $_", 1
+          unless ok(run(test([ 'confdump', $input_path ],
+                             stdout => $result_path)),
+                    "dumping $_");
+      is(compare_text($result_path, $expected_path), 0,
+         "comparing the dump of $_ with $input_result{$_}");
+    }
+}
--- a/test/recipes/04-test_conf_data/dollarid_off.conf
+++ b/test/recipes/04-test_conf_data/dollarid_off.conf
@ -0,0 +1,5 @@
+.pragma dollarid:off
+
+bar = 0
+foo = $bar
+cookie = ${foo}
--- a/test/recipes/04-test_conf_data/dollarid_off.txt
+++ b/test/recipes/04-test_conf_data/dollarid_off.txt
@ -0,0 +1,4 @@
+[ default ]
+bar = 0
+foo = 0
+cookie = 0
--- a/test/recipes/04-test_conf_data/dollarid_on.conf
+++ b/test/recipes/04-test_conf_data/dollarid_on.conf
@ -0,0 +1,5 @@
+.pragma dollarid:on
+
+bar = 0
+foo$bar = 1
+cookie = ${foo$bar}
--- a/test/recipes/04-test_conf_data/dollarid_on.txt
+++ b/test/recipes/04-test_conf_data/dollarid_on.txt
@ -0,0 +1,4 @@
+[ default ]
+bar = 0
+foo$bar = 1
+cookie = 1