From patchwork Wed Jul 27 12:18:30 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Selva Nair <selva.nair@gmail.com>
X-Patchwork-Id: 2607
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director8.mail.ord1d.rsapps.net ([172.31.255.6])
	by backend30.mail.ord1d.rsapps.net with LMTP
	id 6H1EFA664WLNQgAAIUCqbw
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Wed, 27 Jul 2022 18:19:58 -0400
Received: from proxy5.mail.iad3b.rsapps.net ([172.31.255.6])
	by director8.mail.ord1d.rsapps.net with LMTP
	id QMhRFA664WJvUwAAfY0hYg
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Wed, 27 Jul 2022 18:19:58 -0400
Received: from smtp18.gate.iad3b ([172.31.255.6])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by proxy5.mail.iad3b.rsapps.net with LMTPS
	id SC+3DQ664WKRKQAA13hMnw
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Wed, 27 Jul 2022 18:19:58 -0400
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.105.38.7]
Authentication-Results: smtp18.gate.iad3b.rsapps.net;
 iprev=pass policy.iprev="216.105.38.7";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net;
 dkim=fail (signature verification failed) header.d=gmail.com;
 dmarc=fail (p=none; dis=none) header.from=gmail.com
X-Suspicious-Flag: YES
X-Classification-ID: 3f4440e0-0dfa-11ed-aeb0-5254009ad1d4-1-1
Received: from [216.105.38.7] ([216.105.38.7:33522]
 helo=lists.sourceforge.net)
	by smtp18.gate.iad3b.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384)
	id 97/7C-11246-D0AB1E26; Wed, 27 Jul 2022 18:19:58 -0400
Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com)
	by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.94.2)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1oGpMh-0006Sy-O1; Wed, 27 Jul 2022 22:18:50 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2)
 (envelope-from <selva.nair@gmail.com>) id 1oGpMg-0006Ss-3h
 for openvpn-devel@lists.sourceforge.net; Wed, 27 Jul 2022 22:18:48 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
 In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=vidu75Xn5qHp28dlhyaQvo5TDI/bPc4AL4K8OeEXd40=; b=HafNIVP4ux1R4ggNMMPWXXUQVW
 iWoYC1DFImQARfOUoSz7cwVnLlNbZjBgbTkM/PMrmIosajRiAO+eB0fzwmRPYDSU5pj1q90PU+Ur1
 ApbY5ZuS8CBOHwDEeypvnZy2X1gD1seY5g1d6IeuMGbtkCZck7bU+A3YyPapY0nkYjr8=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id:
 Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=vidu75Xn5qHp28dlhyaQvo5TDI/bPc4AL4K8OeEXd40=; b=cQhsyu+413yDDpJyinSaDa1XGx
 Nh5PJnE4EnXxBoqX+GKhmVnsMgLbo4Ci1K2/n02te2KIBzsJk9wtcxKgMJeNMev7iY2Um0SL4GdtD
 9+pbyOSvZQM/LoSgrAkIcSqe8heYZrUVhqm41THCyALEb/pt3AwxFUq0H+J782uKu4pY=;
Received: from mail-io1-f46.google.com ([209.85.166.46])
 by sfi-mx-1.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.94.2)
 id 1oGpMY-00CLZa-OW
 for openvpn-devel@lists.sourceforge.net; Wed, 27 Jul 2022 22:18:48 +0000
Received: by mail-io1-f46.google.com with SMTP id r70so157430iod.10
 for <openvpn-devel@lists.sourceforge.net>;
 Wed, 27 Jul 2022 15:18:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
 h=from:to:cc:subject:date:message-id:in-reply-to:references
 :mime-version:content-transfer-encoding;
 bh=vidu75Xn5qHp28dlhyaQvo5TDI/bPc4AL4K8OeEXd40=;
 b=nWSHMxwzWX8a4EuGGo28AapocFEgwuMryS/0BWOOT0QGyzRg2V4UBjmoT5i6rgITIb
 P8/PxWBIqySQAMDkdG9+KNl8mQTGGpAQTprpjv1IXlfGzuKqPV80vezkkMh4BtfBNTEM
 UD2ZgKabUxM7BPorMV3POWQUuqdHxF8av3wKLg6bOnREdT94Cj8BVayM2nup6bchFDN8
 GiA2GYmnMdcmI5SqA7jGPlMNYHKKE+vOs5FaR0sd4dY8SB5seKDJxlSsugU8Kju0zGPE
 wmSxx6VLj5xHy2jOD4hduP9kLqKxVYu1ipxi3oGP5Xaff+op9FaZKsqo8BYgWdpWXroJ
 A68g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=vidu75Xn5qHp28dlhyaQvo5TDI/bPc4AL4K8OeEXd40=;
 b=t9sGH5Qn+HlST8sDIrLOzLSmcaA/cdF4MRu1nBoOrg4F6+o4ZGWTd2NdIw29cugpIF
 tg5VPmsQGD4Mx6+iAffbNcABjHlRQyZBCbDY4t/Y48fB3xwReQB9+gcU6KY5pb8qfAQY
 JuBS63oppHyoSGdFKY1fEvTI9HnXb5LROShfzoIR7DVjq1Dl86mTLx8GBVK7ecun3e1S
 Z6ZpeOUQ9I49nBZ9Q43Zqc5m4wDKYmIZuUc8m2cLJptc+xPgherkSaMLI+m0kqf+ZVGh
 BnKKGlIOQXDKyUfs5WNiPaB9kR0ElAGkDSWauSLO/fbLtsLyn/inZI/2osrIOfZcMBt/
 ZCbg==
X-Gm-Message-State: AJIora8LbuScXs2d3vYXKiMsZvcmIfRuUUJuFsfN3U6icCyYv78wct3h
 ZgFyjkD5nJUePdI3uwzIJvWYifNAhk8=
X-Google-Smtp-Source: 
 AGRyM1tGD5xeb4bP0bx15qG4htBEg+Qable4NiDlfUbsowLNkqgQ6w5Nv7GeCDqwBFcAPt8zH6oC5g==
X-Received: by 2002:a02:b697:0:b0:341:5553:ae49 with SMTP id
 i23-20020a02b697000000b003415553ae49mr9351980jam.109.1658960316669;
 Wed, 27 Jul 2022 15:18:36 -0700 (PDT)
Received: from uranus.home.sansel.ca
 (bras-vprn-tnhlon4053w-lp130-02-70-51-223-135.dsl.bell.ca. [70.51.223.135])
 by smtp.gmail.com with ESMTPSA id
 o18-20020a056e02093200b002dd4cfe6321sm3627607ilt.87.2022.07.27.15.18.35
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 27 Jul 2022 15:18:36 -0700 (PDT)
From: selva.nair@gmail.com
To: openvpn-devel@lists.sourceforge.net
Date: Wed, 27 Jul 2022 18:18:30 -0400
Message-Id: <20220727221830.31861-1-selva.nair@gmail.com>
X-Mailer: git-send-email 2.30.2
In-Reply-To: <20220726115100.31449-1-selva.nair@gmail.com>
References: <20220726115100.31449-1-selva.nair@gmail.com>
MIME-Version: 1.0
X-Spam-Report: Spam detection software,
 running on the system "util-spamd-1.v13.lw.sourceforge.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: From: Selva Nair v2: also fix building test_provider -
 ifdefs
 in test_provider.c - include integer.h for min_int as manage.h may not always
 pull it in Too many ifdefs, unfortunately..
 Content analysis details:   (-0.2 points, 6.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
 provider [selva.nair[at]gmail.com]
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
 no trust [209.85.166.46 listed in list.dnswl.org]
 -0.0 RCVD_IN_MSPIKE_H2      RBL: Average reputation (+2)
 [209.85.166.46 listed in wl.mailspike.net]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
 envelope-from domain
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily
 valid
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
 author's domain
X-Headers-End: 1oGpMY-00CLZa-OW
Subject: [Openvpn-devel] [PATCH v2] xkey_provider: fix building with
 --disable-management
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox

From: Selva Nair <selva.nair@gmail.com>

v2: also fix building test_provider
 - ifdefs in test_provider.c
 - include integer.h for min_int as manage.h
   may not always pull it in

Too many ifdefs, unfortunately..

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-By: Frank Lichtenheld <frank@lichtenheld.com>
---
 src/openvpn/xkey_helper.c                | 4 ++++
 tests/unit_tests/openvpn/test_provider.c | 7 +++++++
 2 files changed, 11 insertions(+)

diff --git a/src/openvpn/xkey_helper.c b/src/openvpn/xkey_helper.c
index 81dd71dc..27e87d79 100644
--- a/src/openvpn/xkey_helper.c
+++ b/src/openvpn/xkey_helper.c
@@ -85,6 +85,7 @@ xkey_digest(const unsigned char *src, size_t srclen, unsigned char *buf,
     return 1;
 }
 
+#ifdef ENABLE_MANAGEMENT
 /**
  * Load external key for signing via management interface.
  * The public key must be passed in by the caller as we may not
@@ -107,6 +108,7 @@ xkey_load_management_key(OSSL_LIB_CTX *libctx, EVP_PKEY *pubkey)
 
     return xkey_load_generic_key(libctx, dummy, pubkey, sign_op, NULL);
 }
+#endif
 
 /**
  * Load a generic key into the xkey provider.
@@ -147,6 +149,7 @@ xkey_load_generic_key(OSSL_LIB_CTX *libctx, void *handle, EVP_PKEY *pubkey,
     return pkey;
 }
 
+#ifdef ENABLE_MANAGEMENT
 /**
  * Signature callback for xkey_provider with management-external-key
  *
@@ -277,6 +280,7 @@ xkey_management_sign(void *unused, unsigned char *sig, size_t *siglen,
 
     return (*siglen > 0);
 }
+#endif /* ENABLE MANAGEMENT */
 
 /**
  * Add PKCS1 DigestInfo to tbs and return the result in *enc.
diff --git a/tests/unit_tests/openvpn/test_provider.c b/tests/unit_tests/openvpn/test_provider.c
index 47e7e395..d146af62 100644
--- a/tests/unit_tests/openvpn/test_provider.c
+++ b/tests/unit_tests/openvpn/test_provider.c
@@ -30,6 +30,7 @@
 
 #include "syshead.h"
 #include "manage.h"
+#include "integer.h"
 #include "xkey_common.h"
 
 #ifdef HAVE_XKEY_PROVIDER
@@ -127,7 +128,9 @@ init_test()
     /* set default propq matching what we use in ssl_openssl.c */
     EVP_set_default_properties(NULL, "?provider!=ovpn.xkey");
 
+#ifdef ENABLE_MANAGEMENT
     management = test_calloc(sizeof(*management), 1);
+#endif
 }
 
 static void
@@ -272,6 +275,7 @@ done:
     return sig;
 }
 
+#ifdef ENABLE_MANAGEMENT
 /* Check loading of management external key and have sign callback exercised
  * for RSA and EC keys with and without digest support in management client.
  * Sha256 digest used for both cases with pss padding for RSA.
@@ -310,6 +314,7 @@ again:
         EVP_PKEY_free(privkey);
     }
 }
+#endif
 
 /* helpers for testing generic key load and sign */
 static int xkey_free_called;
@@ -409,7 +414,9 @@ main(void)
 
     const struct CMUnitTest tests[] = {
         cmocka_unit_test(xkey_provider_test_fetch),
+#ifdef ENABLE_MANAGEMENT
         cmocka_unit_test(xkey_provider_test_mgmt_sign_cb),
+#endif
         cmocka_unit_test(xkey_provider_test_generic_sign_cb),
     };