Skip to content

Commit

Permalink
80-test_cmp_http.t: fix handling of IPv6 server host (localhost '::1')
Browse files Browse the repository at this point in the history 
Fixes 22467

Reviewed-by: Viktor Dukhovni <[email protected]>
Reviewed-by: Tomas Mraz <[email protected]>
(Merged from openssl#25010)
  • Loading branch information
@DDvO @t8m
DDvO authored and t8m committed Sep 23, 2024
1 parent ac91bd8 commit 1ef3032
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 12 deletions.
24 changes: 15 additions & 9 deletions test/recipes/80-test_cmp_http.t
View file
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ sub test_cmp_http {
my $title = shift;
my $params = shift;
my $expected_result = shift;
$params = [ '-server', "127.0.0.1:$server_port", @$params ]
$params = [ '-server', "$server_host:$server_port", @$params ]
if ($server_name eq "Mock" && !(grep { $_ eq '-server' } @$params));
my $cmd = app([@app, @$params]);

Expand Down Expand Up @@ -252,14 +252,15 @@ sub load_tests {

next LOOP if $server_tls == 0 && $line =~ m/,\s*-tls_used\s*,/;
my $noproxy = $no_proxy;
my $server_plain = $server_host =~ m/^\[(.*)\]$/ ? $1 : $server_host;
if ($line =~ m/,\s*-no_proxy\s*,(.*?)(,|$)/) {
$noproxy = $1;
} elsif ($server_host eq "127.0.0.1") {
} elsif ($server_plain eq "127.0.0.1" || $server_plain eq "::1") {
# do connections to localhost (e.g., mock server) without proxy
$line =~ s{-section,,}{-section,,-no_proxy,127.0.0.1,} ;
$line =~ s{-section,,}{-section,,-no_proxy,$server_plain,} ;
}
if ($line =~ m/,\s*-proxy\s*,/) {
next LOOP if $no_proxy && ($noproxy =~ $server_host);
next LOOP if $no_proxy && ($noproxy =~ $server_plain);
} else {
$line =~ s{-section,,}{-section,,-proxy,$proxy,};
}
Expand Down Expand Up @@ -301,27 +302,32 @@ sub start_server {

if ($server_host eq '*' || $server_port == 0) {
# Find out the actual server host and port and possibly different PID
my ($host, $port);
$pid = 0;
while (<$server_fh>) {
print "$server_name server output: $_";
next if m/using section/;
s/\R$//; # Better chomp
($server_host, $server_port, $pid) = ($1, $2, $3)
($host, $port, $pid) = ($1, $2, $3)
if /^ACCEPT\s(.*?):(\d+) PID=(\d+)$/;
last; # Do not loop further to prevent hangs on server misbehavior
}
$server_host = "[::1]" if $server_host eq "[::]";
$server_host = "127.0.0.1" if $server_host eq "0.0.0.0";
if ($server_host eq '*' && defined $host) {
$server_host = "[::1]" if $host eq "[::]";
$server_host = "127.0.0.1" if $host eq "0.0.0.0";
}
$server_port = $port if $server_port == 0 && defined $port;
}
unless ($server_port > 0) {
if ($server_host eq '*' || $server_port == 0) {
stop_server($server_name, $pid) if $pid;
print "Cannot get expected output from the $server_name server";
print "Cannot get expected output from the $server_name server\n";
return 0;
}
$kur_port = $server_port if $kur_port eq "\$server_port";
$pbm_port = $server_port if $pbm_port eq "\$server_port";
$server_tls = $server_port if $server_tls;
return $pid;

}

sub stop_server {
Expand Down
4 changes: 2 additions & 2 deletions test/recipes/80-test_cmp_http_data/Mock/test.cnf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,11 @@ policies = certificatePolicies

[Mock] # the built-in OpenSSL CMP mock server
# no_check_time = 1
server_host = 127.0.0.1 # localhost
server_host = * # to be determined by server: 127.0.0.1 or ::1 (localhost)
server_port = 0 # 0 means that the port is determined by the server
server_tls = $server_port
server_cert = server.crt
server = $server_host:$server_port
# server = $server_host:$server_port
server_path = pkix/
path = $server_path
ca_dn = /CN=Root CA
Expand Down
2 changes: 1 addition & 1 deletion test/recipes/80-test_cmp_http_data/test_connection.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ expected,description, -section,val, -server,val, -proxy,val, -no_proxy,val, -tls
,Message transfer options:,,,,,,,,,,,,,,,,,,
,,,,,,,,,,,,,,,,,,,
1,default config, -section,,,,,,,,BLANK,,,,BLANK,,BLANK,,BLANK,
disabled as not supported by some host IP configurations,server domain name, -section,, -server,localhost:_SERVER_PORT,,,,,,,,,,,,,,
disabled as not supported by some host IP configurations,server domain name, -section,, -server,_SERVER_HOST:_SERVER_PORT,,,,,,,,,,,,,,
,,,,,,,,,,,,,,,,,,,
0,wrong server, -section,, -server,xn--rksmrgs-5wao1o.example.com:_SERVER_PORT,,,,,BLANK,,,, -msg_timeout,1,BLANK,,BLANK,
0,wrong server port, -section,, -server,_SERVER_HOST:99,,,,,BLANK,,,, -msg_timeout,1,BLANK,,BLANK,
Expand Down

0 comments on commit 1ef3032

Please sign in to comment.