mosquitto workflow update

wolfSSL · Jul 16, 2024 · 1112751 · 1112751
1 parent 4d247a3
commit 1112751
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 12 deletions.
diff --git a/.github/workflows/mosquitto.yml b/.github/workflows/mosquitto.yml
@@ -24,7 +24,7 @@ jobs:
  uses: wolfSSL/actions-build-autotools-project@v1
  with:
  path: wolfssl
- configure: --enable-mosquitto
+ configure: --enable-mosquitto CFLAGS="-DALLOW_INVALID_CERTSIGN"
  install: true
 
  - name: Upload built lib
@@ -75,9 +75,9 @@ jobs:
  run: |
  cd $GITHUB_WORKSPACE/mosquitto/
  patch -p1 < $GITHUB_WORKSPACE/osp/mosquitto/${{ matrix.ref }}.patch
- make WITH_TLS=wolfssl WITH_CJSON=no WITH_DOCS=no WOLFSSLDIR=$GITHUB_WORKSPACE/build-dir -j
+ make WITH_TLS=wolfssl WITH_CJSON=no WITH_DOCS=no WOLFSSLDIR=$GITHUB_WORKSPACE/build-dir
 
- - name: Run mosquitto tests, skipping ignored tests
+ - name: Run mosquitto tests
  working-directory: ./mosquitto
  run: |
- make WITH_TLS=wolfssl WITH_CJSON=no WITH_DOCS=no WOLFSSLDIR=$GITHUB_WORKSPACE/build-dir ptest -j
+ make WITH_TLS=wolfssl WITH_CJSON=no WITH_DOCS=no WOLFSSLDIR=$GITHUB_WORKSPACE/build-dir ptest
diff --git a/tests/api.c b/tests/api.c
@@ -3709,6 +3709,7 @@ static int test_wolfSSL_CertManagerCRL(void)
  wolfSSL_CertManagerLoadCRL(cm, crl2, WOLFSSL_FILETYPE_PEM, 0));
  wolfSSL_CertManagerFreeCRL(cm);
 
+#ifndef WOLFSSL_CRL_ALLOW_MISSING_CDP
  ExpectIntEQ(WOLFSSL_SUCCESS,
  wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0));
  ExpectIntEQ(WOLFSSL_SUCCESS,
@@ -3717,6 +3718,7 @@ static int test_wolfSSL_CertManagerCRL(void)
  sizeof_server_cert_der_2048), CRL_MISSING);
  ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, server_cert_der_2048,
  sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1), CRL_MISSING);
+#endif /* !WOLFSSL_CRL_ALLOW_MISSING_CDP */
 
  ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, crl_buff, sizeof(crl_buff),
  WOLFSSL_FILETYPE_ASN1), 1);
@@ -48722,13 +48724,15 @@ static int test_wolfSSL_X509_STORE(void)
 
 #ifdef HAVE_CRL
  X509_STORE_CTX *storeCtx = NULL;
- X509_CRL *crl = NULL;
  X509 *ca = NULL;
  X509 *cert = NULL;
- const char crlPem[] = "./certs/crl/crl.revoked";
  const char srvCert[] = "./certs/server-revoked-cert.pem";
  const char caCert[] = "./certs/ca-cert.pem";
+#ifndef WOLFSSL_CRL_ALLOW_MISSING_CDP
+ X509_CRL *crl = NULL;
+ const char crlPem[] = "./certs/crl/crl.revoked";
  XFILE fp = XBADFILE;
+#endif /* !WOLFSSL_CRL_ALLOW_MISSING_CDP */
 
  ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
  ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
@@ -48748,6 +48752,7 @@ static int test_wolfSSL_X509_STORE(void)
  X509_free(ca);
  ca = NULL;
 
+#ifndef WOLFSSL_CRL_ALLOW_MISSING_CDP
  /* should fail to verify now after adding in CRL */
  ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
  ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
@@ -48777,6 +48782,7 @@ static int test_wolfSSL_X509_STORE(void)
  cert = NULL;
  X509_free(ca);
  ca = NULL;
+#endif /* !WOLFSSL_CRL_ALLOW_MISSING_CDP */
 #endif /* HAVE_CRL */
 
 
@@ -66996,7 +67002,8 @@ static int test_wolfSSL_X509_load_crl_file(void)
 {
  EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && !defined(NO_FILESYSTEM) && \
- !defined(NO_STDIO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_BIO)
+ !defined(NO_STDIO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_BIO) && \
+ !defined(WOLFSSL_CRL_ALLOW_MISSING_CDP)
  int i;
  char pem[][100] = {
  "./certs/crl/crl.pem",
@@ -73682,7 +73689,8 @@ static int test_wolfSSL_CTX_LoadCRL(void)
  return EXPECT_RESULT();
 }
 
-#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_CRL)
+#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_CRL) && \
+ !defined(WOLFSSL_CRL_ALLOW_MISSING_CDP)
 static int test_multiple_crls_same_issuer_ctx_ready(WOLFSSL_CTX* ctx)
 {
  EXPECT_DECLS;
@@ -73696,7 +73704,8 @@ static int test_multiple_crls_same_issuer_ctx_ready(WOLFSSL_CTX* ctx)
 static int test_multiple_crls_same_issuer(void)
 {
  EXPECT_DECLS;
-#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_CRL)
+#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_CRL) && \
+ !defined(WOLFSSL_CRL_ALLOW_MISSING_CDP)
  test_ssl_cbf client_cbs, server_cbs;
  struct {
  const char* server_cert;
@@ -81299,7 +81308,8 @@ static int test_certreq_sighash_algos(void)
  return EXPECT_RESULT();
 }
 
-#if defined(HAVE_CRL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+#if defined(HAVE_CRL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
+ !defined(WOLFSSL_CRL_ALLOW_MISSING_CDP)
 static int test_revoked_loaded_int_cert_ctx_ready1(WOLFSSL_CTX* ctx)
 {
  EXPECT_DECLS;
@@ -81349,7 +81359,8 @@ static int test_revoked_loaded_int_cert_ctx_ready2(WOLFSSL_CTX* ctx)
 static int test_revoked_loaded_int_cert(void)
 {
  EXPECT_DECLS;
-#if defined(HAVE_CRL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+#if defined(HAVE_CRL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
+ !defined(WOLFSSL_CRL_ALLOW_MISSING_CDP)
  test_ssl_cbf client_cbf;
  test_ssl_cbf server_cbf;
  struct {
@@ -81389,7 +81400,6 @@ static int test_revoked_loaded_int_cert(void)
  break;
  printf("\t%s passed\n", test_params[i].certPemFile);
  }
-
 #endif
  return EXPECT_RESULT();
 }