rpms/bind
7
0
Fork 1
Code Issues Pull Requests Releases Activity
ec6f94669a
bind/bind-9.11-kyua-pkcs11.patch
Petr Menšík ad7b3b8f12 Update to 9.11.5 
Bump to higher version, update sources.

More fixes to rebased BIND. Many patches are affected by stdbool change.
Update libraries so versions.
2018-11-05 18:12:29 +01:00

207 lines
7.3 KiB
Diff
Raw Blame History

From 3474d13bbf08c441783bd72afbc8cec8857baf46 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Tue, 2 Jan 2018 18:13:07 +0100
Subject: [PATCH] Fix pkcs11 variants atf tests
Add dns-pkcs11 tests Makefile to configure
Add pkcs11 Kyuafile, fix dh_test to pass in pkcs11 mode
---
configure.in | 1 +
lib/Atffile | 2 ++
lib/Kyuafile | 2 ++
lib/dns-pkcs11/tests/Makefile.in | 10 +++++-----
lib/dns-pkcs11/tests/dh_test.c | 3 ++-
lib/isc-pkcs11/tests/Makefile.in | 6 +++---
lib/isc-pkcs11/tests/hash_test.c | 32 +++++++++++++++++++++++++-------
7 files changed, 40 insertions(+), 16 deletions(-)
diff --git a/configure.in b/configure.in
index 1edafd1..5466de1 100644
--- a/configure.in
+++ b/configure.in
@@ -5489,6 +5489,7 @@ AC_CONFIG_FILES([
lib/dns-pkcs11/include/Makefile
lib/dns-pkcs11/include/dns/Makefile
lib/dns-pkcs11/include/dst/Makefile
+ lib/dns-pkcs11/tests/Makefile
lib/irs/Makefile
lib/irs/include/Makefile
lib/irs/include/irs/Makefile
diff --git a/lib/Atffile b/lib/Atffile
index 93bbb01..4db3dce 100644
--- a/lib/Atffile
+++ b/lib/Atffile
@@ -3,7 +3,9 @@ Content-Type: application/X-atf-atffile; version="1"
prop: test-suite = bind9
tp: dns
+tp: dns-pkcs11
tp: irs
tp: isc
+tp: isc-pkcs11
tp: isccfg
tp: lwres
diff --git a/lib/Kyuafile b/lib/Kyuafile
index ff9fc56..eaaf0dc 100644
--- a/lib/Kyuafile
+++ b/lib/Kyuafile
@@ -2,7 +2,9 @@ syntax(2)
test_suite('bind9')
include('dns/Kyuafile')
+include('dns-pkcs11/Kyuafile')
include('irs/Kyuafile')
include('isc/Kyuafile')
+include('isc-pkcs11/Kyuafile')
include('isccfg/Kyuafile')
include('lwres/Kyuafile')
diff --git a/lib/dns-pkcs11/tests/Makefile.in b/lib/dns-pkcs11/tests/Makefile.in
index 625e809..6fd4e36 100644
--- a/lib/dns-pkcs11/tests/Makefile.in
+++ b/lib/dns-pkcs11/tests/Makefile.in
@@ -21,12 +21,12 @@ VERSION=@BIND9_VERSION@
CINCLUDES = -I. -Iinclude ${DNS_INCLUDES} ${ISC_INCLUDES} \
@DST_OPENSSL_INC@
-CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/dns/tests/\""
+CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/dns-pkcs11/tests/\""
-ISCLIBS = ../../isc/libisc.@A@
-ISCDEPLIBS = ../../isc/libisc.@A@
-DNSLIBS = ../libdns.@A@ @DNS_CRYPTO_LIBS@
-DNSDEPLIBS = ../libdns.@A@
+ISCLIBS = ../../isc-pkcs11/libisc-pkcs11.@A@
+ISCDEPLIBS = ../../isc-pkcs11/libisc-pkcs11.@A@
+DNSLIBS = ../libdns-pkcs11.@A@ @DNS_CRYPTO_LIBS@
+DNSDEPLIBS = ../libdns-pkcs11.@A@
LIBS = @LIBS@ @ATFLIBS@
diff --git a/lib/dns-pkcs11/tests/dh_test.c b/lib/dns-pkcs11/tests/dh_test.c
index 6216b4e..dd74e58 100644
--- a/lib/dns-pkcs11/tests/dh_test.c
+++ b/lib/dns-pkcs11/tests/dh_test.c
@@ -64,7 +64,8 @@ ATF_TC_BODY(isc_dh_computesecret, tc) {
ret = dst_key_computesecret(key, key, &buf);
ATF_REQUIRE_EQ(ret, DST_R_NOTPRIVATEKEY);
ret = key->func->computesecret(key, key, &buf);
- ATF_REQUIRE_EQ(ret, DST_R_COMPUTESECRETFAILURE);
+ /* PKCS11 variant gives different result, accept both */
+ ATF_REQUIRE(ret == DST_R_COMPUTESECRETFAILURE || ret == DST_R_INVALIDPRIVATEKEY);
dst_key_free(&key);
dns_test_end();
diff --git a/lib/isc-pkcs11/tests/Makefile.in b/lib/isc-pkcs11/tests/Makefile.in
index add8068..a928dcf 100644
--- a/lib/isc-pkcs11/tests/Makefile.in
+++ b/lib/isc-pkcs11/tests/Makefile.in
@@ -20,10 +20,10 @@ VERSION=@BIND9_VERSION@
@BIND9_MAKE_INCLUDES@
CINCLUDES = -I. -Iinclude ${ISC_INCLUDES} @ISC_OPENSSL_INC@
-CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/isc/tests/\""
+CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/isc-pkcs11/tests/\""
-ISCLIBS = ../libisc.@A@ @ISC_OPENSSL_LIBS@
-ISCDEPLIBS = ../libisc.@A@
+ISCLIBS = ../libisc-pkcs11.@A@ @ISC_OPENSSL_LIBS@
+ISCDEPLIBS = ../libisc-pkcs11.@A@
LIBS = @LIBS@ @ATFLIBS@
diff --git a/lib/isc-pkcs11/tests/hash_test.c b/lib/isc-pkcs11/tests/hash_test.c
index 7eb1552..048ae9d 100644
--- a/lib/isc-pkcs11/tests/hash_test.c
+++ b/lib/isc-pkcs11/tests/hash_test.c
@@ -78,7 +78,7 @@ typedef struct hash_testcase {
typedef struct hash_test_key {
const char *key;
- const int len;
+ const unsigned len;
} hash_test_key_t;
/* non-hmac tests */
@@ -961,8 +961,11 @@ ATF_TC_BODY(isc_hmacsha1, tc) {
hash_test_key_t *test_key = test_keys;
while (testcase->input != NULL && testcase->result != NULL) {
+ int len = ISC_MAX(test_key->len, ISC_SHA1_DIGESTLENGTH);
+
+ memset(buffer, 0, ISC_SHA1_DIGESTLENGTH);
memmove(buffer, test_key->key, test_key->len);
- isc_hmacsha1_init(&hmacsha1, buffer, test_key->len);
+ isc_hmacsha1_init(&hmacsha1, buffer, len);
isc_hmacsha1_update(&hmacsha1,
(const uint8_t *) testcase->input,
testcase->input_len);
@@ -1124,8 +1127,11 @@ ATF_TC_BODY(isc_hmacsha224, tc) {
hash_test_key_t *test_key = test_keys;
while (testcase->input != NULL && testcase->result != NULL) {
+ int len = ISC_MAX(test_key->len, ISC_SHA224_DIGESTLENGTH);
+
+ memset(buffer, 0, ISC_SHA224_DIGESTLENGTH);
memmove(buffer, test_key->key, test_key->len);
- isc_hmacsha224_init(&hmacsha224, buffer, test_key->len);
+ isc_hmacsha224_init(&hmacsha224, buffer, len);
isc_hmacsha224_update(&hmacsha224,
(const uint8_t *) testcase->input,
testcase->input_len);
@@ -1287,8 +1293,11 @@ ATF_TC_BODY(isc_hmacsha256, tc) {
hash_test_key_t *test_key = test_keys;
while (testcase->input != NULL && testcase->result != NULL) {
+ int len = ISC_MAX(test_key->len, ISC_SHA256_DIGESTLENGTH);
+
+ memset(buffer, 0, ISC_SHA256_DIGESTLENGTH);
memmove(buffer, test_key->key, test_key->len);
- isc_hmacsha256_init(&hmacsha256, buffer, test_key->len);
+ isc_hmacsha256_init(&hmacsha256, buffer, len);
isc_hmacsha256_update(&hmacsha256,
(const uint8_t *) testcase->input,
testcase->input_len);
@@ -1456,8 +1465,11 @@ ATF_TC_BODY(isc_hmacsha384, tc) {
hash_test_key_t *test_key = test_keys;
while (testcase->input != NULL && testcase->result != NULL) {
+ int len = ISC_MAX(test_key->len, ISC_SHA384_DIGESTLENGTH);
+
+ memset(buffer, 0, ISC_SHA384_DIGESTLENGTH);
memmove(buffer, test_key->key, test_key->len);
- isc_hmacsha384_init(&hmacsha384, buffer, test_key->len);
+ isc_hmacsha384_init(&hmacsha384, buffer, len);
isc_hmacsha384_update(&hmacsha384,
(const uint8_t *) testcase->input,
testcase->input_len);
@@ -1625,8 +1637,11 @@ ATF_TC_BODY(isc_hmacsha512, tc) {
hash_test_key_t *test_key = test_keys;
while (testcase->input != NULL && testcase->result != NULL) {
+ int len = ISC_MAX(test_key->len, ISC_SHA512_DIGESTLENGTH);
+
+ memset(buffer, 0, ISC_SHA512_DIGESTLENGTH);
memmove(buffer, test_key->key, test_key->len);
- isc_hmacsha512_init(&hmacsha512, buffer, test_key->len);
+ isc_hmacsha512_init(&hmacsha512, buffer, len);
isc_hmacsha512_update(&hmacsha512,
(const uint8_t *) testcase->input,
testcase->input_len);
@@ -1769,8 +1784,11 @@ ATF_TC_BODY(isc_hmacmd5, tc) {
hash_test_key_t *test_key = test_keys;
while (testcase->input != NULL && testcase->result != NULL) {
+ int len = ISC_MAX(test_key->len, ISC_MD5_DIGESTLENGTH);
+
+ memset(buffer, 0, ISC_MD5_DIGESTLENGTH);
memmove(buffer, test_key->key, test_key->len);
- isc_hmacmd5_init(&hmacmd5, buffer, test_key->len);
+ isc_hmacmd5_init(&hmacmd5, buffer, len);
isc_hmacmd5_update(&hmacmd5,
(const uint8_t *) testcase->input,
testcase->input_len);
--
2.14.4
Reference in New Issue View Git Blame Copy Permalink