TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 4009d8f377e6e5a5455e4602914a044f69ca2ad6^! / . / tests / suites / test_suite_x509parse.function
commit4009d8f377e6e5a5455e4602914a044f69ca2ad6[log] [tgz]
authorTeppo Järvelin <teppo.jarvelin@arm.com>Mon Aug 19 14:48:09 2019 +0300
committerTeppo Järvelin <teppo.jarvelin@arm.com>Tue Aug 27 10:47:08 2019 +0300
treef27087ad245f40fb02c6d4d7da7ff1a8efce13ae
parentf0f01e1f0aa6984aff2deb5991e6fab3b6451cd4 [diff] [blame]
Make function mbedtls_ssl_set_hostname(...) as optional

Now function mbedtls_ssl_set_hostname is compile-time configurable
in config.h with define MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION.
This affects to many x509 API's. See config.h for details.

diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 25b0d7f..b81c1b1 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function

@@ -329,7 +329,11 @@
     cnt_restart = 0;
     do {
         ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL,
-                &mbedtls_x509_crt_profile_default, NULL, &flags,
+                &mbedtls_x509_crt_profile_default,
+#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
+                NULL,
+#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
+                &flags,
                 NULL, NULL, &rs_ctx );
     } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
 
@@ -341,7 +345,11 @@
 
     /* Do we leak memory when aborting? */
     ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL,
-            &mbedtls_x509_crt_profile_default, NULL, &flags,
+            &mbedtls_x509_crt_profile_default,
+#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
+            NULL,
+#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
+            &flags,
             NULL, NULL, &rs_ctx );
     TEST_ASSERT( ret == result || ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
 
@@ -364,15 +372,21 @@
     uint32_t         flags = 0;
     int         res;
     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *) = NULL;
-    char *      cn_name = NULL;
     const mbedtls_x509_crt_profile *profile;
+#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
+    char *      cn_name = NULL;
+#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
 
     mbedtls_x509_crt_init( &crt );
     mbedtls_x509_crt_init( &ca );
     mbedtls_x509_crl_init( &crl );
 
+#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
     if( strcmp( cn_name_str, "NULL" ) != 0 )
         cn_name = cn_name_str;
+#else
+    (void)cn_name_str;
+#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
 
     if( strcmp( profile_str, "" ) == 0 )
         profile = &mbedtls_x509_crt_profile_default;
@@ -400,7 +414,11 @@
     TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 );
     TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 );
 
-    res = mbedtls_x509_crt_verify_with_profile( &crt, &ca, &crl, profile, cn_name, &flags, f_vrfy, NULL );
+    res = mbedtls_x509_crt_verify_with_profile( &crt, &ca, &crl, profile,
+#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
+                                                cn_name,
+#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
+                                                &flags, f_vrfy, NULL );
 
     TEST_ASSERT( res == ( result ) );
     TEST_ASSERT( flags == (uint32_t)( flags_result ) );
@@ -429,13 +447,19 @@
     TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
     TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 );
 
+#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
     if( strcmp( name, "NULL" ) == 0 )
         name = NULL;
+#else
+    (void)name;
+#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
 
     ret = mbedtls_x509_crt_verify_with_profile( &crt, &ca, NULL,
                                                 &compat_profile,
-                                                name, &flags,
-                                                verify_print, &vrfy_ctx );
+#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
+                                                name,
+#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
+                                                &flags, verify_print, &vrfy_ctx );
 
     TEST_ASSERT( ret == exp_ret );
     TEST_ASSERT( strcmp( vrfy_ctx.buf, exp_vrfy_out ) == 0 );
@@ -792,8 +816,11 @@
     TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, file_buf ) == 0 );
 
     /* Try to verify that chain */
-    ret = mbedtls_x509_crt_verify( &chain, &trusted, NULL, NULL, &flags,
-                                   NULL, NULL );
+    ret = mbedtls_x509_crt_verify( &chain, &trusted, NULL,
+#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
+                                   NULL,
+#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
+                                   &flags, NULL, NULL );
     TEST_ASSERT( ret == ret_chk );
     TEST_ASSERT( flags == (uint32_t) flags_chk );
 
@@ -833,7 +860,10 @@
         profile = &profile_sha512;
 
     res = mbedtls_x509_crt_verify_with_profile( &chain, &trusted, NULL, profile,
-            NULL, &flags, verify_fatal, &vrfy_fatal_lvls );
+#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
+            NULL,
+#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
+            &flags, verify_fatal, &vrfy_fatal_lvls );
 
     TEST_ASSERT( res == ( result ) );
     TEST_ASSERT( flags == (uint32_t)( flags_result ) );