[glib-networking/rufferson/openssl/tests/other: 1/7] Enable parsing error for GTlsFileDatabase-GnuTLS
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking/rufferson/openssl/tests/other: 1/7] Enable parsing error for GTlsFileDatabase-GnuTLS
- Date: Mon, 6 Jul 2020 11:57:18 +0000 (UTC)
commit 6883e63521a9f5053574b27273591496e320094e
Author: Ruslan N. Marchenko <me ruff mobi>
Date: Fri Jun 19 19:08:28 2020 +0200
Enable parsing error for GTlsFileDatabase-GnuTLS
Current backend implementation expects the parsing errors to be
suppressed while GTlsFileDatabase is created, OpenSSL was returning
parsing error which failed the test. This will handle parsing error
in GnuTLS backend and populate error. Test is also updated to expect
this outcome from both backends.
tls/gnutls/gtlsfiledatabase-gnutls.c | 16 +++++++++++++---
tls/openssl/gtlsfiledatabase-openssl.c | 3 ++-
tls/tests/connection.c | 12 +++++-------
3 files changed, 20 insertions(+), 11 deletions(-)
---
diff --git a/tls/gnutls/gtlsfiledatabase-gnutls.c b/tls/gnutls/gtlsfiledatabase-gnutls.c
index 6ab18d9..d9a22f5 100644
--- a/tls/gnutls/gtlsfiledatabase-gnutls.c
+++ b/tls/gnutls/gtlsfiledatabase-gnutls.c
@@ -30,6 +30,7 @@
#include "gtlsfiledatabase-gnutls.h"
#include <gio/gio.h>
+#include <glib/gi18n-lib.h>
#include "gtlscertificate-gnutls.h"
@@ -142,9 +143,18 @@ g_tls_file_database_gnutls_populate_trust_list (GTlsDatabaseGnutls *self,
gnutls_x509_trust_list_t trust_list,
GError **error)
{
- gnutls_x509_trust_list_add_trust_file (trust_list,
- G_TLS_FILE_DATABASE_GNUTLS (self)->anchor_filename,
- NULL, GNUTLS_X509_FMT_PEM, 0, 0);
+ int ret = gnutls_x509_trust_list_add_trust_file (trust_list,
+ G_TLS_FILE_DATABASE_GNUTLS (self)->anchor_filename,
+ NULL, GNUTLS_X509_FMT_PEM, 0, 0);
+
+ if (ret < 0)
+ {
+ g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_MISC,
+ _("Failed to populate trust list from %s: %s"),
+ G_TLS_FILE_DATABASE_GNUTLS (self)->anchor_filename, gnutls_strerror (ret));
+ return FALSE;
+ }
+
return TRUE;
}
diff --git a/tls/openssl/gtlsfiledatabase-openssl.c b/tls/openssl/gtlsfiledatabase-openssl.c
index a65cbfd..87879b5 100644
--- a/tls/openssl/gtlsfiledatabase-openssl.c
+++ b/tls/openssl/gtlsfiledatabase-openssl.c
@@ -451,7 +451,8 @@ g_tls_file_database_openssl_populate_trust_list (GTlsDatabaseOpenssl *self,
if (!X509_STORE_load_locations (store, file_database->anchor_filename, NULL))
{
g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_MISC,
- _("Failed to load file path: %s"),
+ _("Failed to populate trust list from %s: %s"),
+ file_database->anchor_filename,
ERR_error_string (ERR_get_error (), NULL));
return FALSE;
}
diff --git a/tls/tests/connection.c b/tls/tests/connection.c
index 70450d8..6230358 100644
--- a/tls/tests/connection.c
+++ b/tls/tests/connection.c
@@ -2182,14 +2182,10 @@ test_garbage_database (TestConnection *test,
GIOStream *connection;
GError *error = NULL;
-#ifdef BACKEND_IS_OPENSSL
- g_test_skip ("this is not yet passing with openssl");
- return;
-#endif
-
test->database = g_tls_file_database_new (tls_test_file_path ("garbage.pem"), &error);
- g_assert_no_error (error);
- g_assert_nonnull (test->database);
+ g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_MISC);
+ g_assert_null (test->database);
+ g_clear_error (&error);
connection = start_async_server_and_connect_to_it (test, G_TLS_AUTHENTICATION_NONE);
test->client_connection = g_tls_client_connection_new (connection, test->identity, &error);
@@ -2211,7 +2207,9 @@ test_garbage_database (TestConnection *test,
* no valid certificates.
*/
g_assert_error (test->read_error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE);
+#ifdef BACKEND_IS_GNUTLS
g_assert_error (test->server_error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS);
+#endif
}
static void
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
