On Thu, 2020-02-13 at 19:18 +0100, Arne Schwabe wrote: > Am 10.02.18 um 23:50 schrieb James Bottomley: > > Testing engines is problematic, so one of the prerequisites built > > for the tests is a simple openssl engine that reads a non-standard > > PEM guarded key. The test is simply can we run a client/server > > configuration with the usual sample key replaced by an engine key. > > The trivial engine prints out some operations and we check for > > these in the log to make sure the engine was used to load the key > > and that it correctly got the password. > > This tests the openssl engine functionality in a sensible way. But I > think it is not fully ready to be commited. To get it working I > needed to do following changes on my Mac:
That could be ... I only have a linux box to try this out on. > commit afa697cec15b4e54e720efe9de39c9b20b13c5c8 (HEAD -> > review/enginekeys) > Author: Arne Schwabe <a...@rfc2549.org> > Date: Thu Feb 13 18:13:34 2020 +0100 > > foo > > diff --git a/tests/unit_tests/engine-key/Makefile.am > b/tests/unit_tests/engine-key/Makefile.am > index 73921965..6d7fc9c5 100644 > --- a/tests/unit_tests/engine-key/Makefile.am > +++ b/tests/unit_tests/engine-key/Makefile.am > @@ -10,4 +10,6 @@ TESTS_ENVIRONMENT = srcdir="$(abs_srcdir)"; \ > TESTS = check_engine_keys.sh > > libtestengine_la_SOURCES = libtestengine.c > -libtestengine_la_LDFLAGS = -rpath /lib -avoid-version > +libtestengine_la_LDFLAGS = @TEST_LDFLAGS@ -rpath /lib > +libtestengine_la_CFLAGS = @TEST_CFLAGS@ -I$(openvpn_srcdir) > -I$(compat_srcdir) > + > diff --git a/tests/unit_tests/engine-key/libtestengine.c > b/tests/unit_tests/engine-key/libtestengine.c > index fa7f5de1..46ec1e33 100644 > --- a/tests/unit_tests/engine-key/libtestengine.c > +++ b/tests/unit_tests/engine-key/libtestengine.c > @@ -30,7 +30,6 @@ static EVP_PKEY *engine_load_key(ENGINE *e, const > char > *key_id, > PKCS8_PRIV_KEY_INFO *p8inf; > UI *ui; > char auth[256]; > - int len; the variable is certainly unused and can go. > fprintf(stderr, "ENGINE: engine_load_key called\n"); > > diff --git a/tests/unit_tests/engine-key/openssl.cnf > b/tests/unit_tests/engine-key/openssl.cnf > index 53200c46..e9513a92 100644 > --- a/tests/unit_tests/engine-key/openssl.cnf > +++ b/tests/unit_tests/engine-key/openssl.cnf > @@ -9,4 +9,4 @@ engines = engines_section > testengine = testengine_section > > [testengine_section] > -dynamic_path = $ENV::srcdir/.libs/libtestengine.so > +dynamic_path = $ENV::srcdir/.libs/libtestengine.dylib This can't really be done though: the .dylib extension won't work on Linux because shared objects are .so files. There is a way to generate and use .so files on a MAC as well, according to the openssl people (half the mac engines seem to have a .so extension and the other half a .dylib one), I'll see if I can figure out what it is. James
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
