From patchwork Tue Jan 10 17:02:57 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Frank Lichtenheld <frank@lichtenheld.com>
X-Patchwork-Id: 2991
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp3771075dyk;
        Tue, 10 Jan 2023 09:03:37 -0800 (PST)
X-Google-Smtp-Source: 
 AMrXdXtYzVMEVbQqMpXQ3bMDFzuUHbqLf0fwlQZh4XSW+q8XbbSG/dSoAn7GZmicpRjIX/zY8r3I
X-Received: by 2002:a5d:8b45:0:b0:6e6:3314:7b0c with SMTP id
 c5-20020a5d8b45000000b006e633147b0cmr55700978iot.1.1673370217642;
        Tue, 10 Jan 2023 09:03:37 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1673370217; cv=none;
        d=google.com; s=arc-20160816;
        b=VrNIb+iHiuPcF9o+7xuwx7p/5TreckIIHpnfj10w/v49eDHhvXJ3K5S6ByLR13nmsm
         iqDtypDfVz+JdgTQWr99niCv88xmdNwUgD8whU48FoDirJ9L79LY+c2QveshMwkpqGSS
         g/Do+KpG4zYOlj5LAZY8AaEcfUDlMsGPo0Zt0hynEbIcNCUbu82UUKPICcCj+cpcOU/u
         h4+R9Na08Dk48kOWo10KxbxzstLY5vgUaxy+d5twjj1Hc9ETFzLYO9L5tT1woPrzqqzE
         UkgYAffpYUUaJXCrTzoOFclbOI9JjQ7YwKql0PfEVSdGjIsDyalxdCdQpOFhOAgcVTon
         ezZA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=errors-to:content-transfer-encoding:list-subscribe:list-help
         :list-post:list-archive:list-unsubscribe:list-id:precedence:subject
         :mime-version:message-id:date:to:from:dkim-signature:dkim-signature;
        bh=bcHU36yUSRkCOX7EiOCmDa/Ku+3CYnwtCpdwFSQgns0=;
        b=UI3ExzMc1cDg/4FOdo5uzgW2v9ruwW4TrHA2BC510wTZUtCv+1U/FWPvM7inbKEDGx
         JsRWIGJahM71243ImLPPY3RUimtBAHM6MDSYvDLld8mZbEmuXpzx8G+kl8Bed5euczMP
         ES5nUMnXvnUrdMqC/2WM71HOAjr5o1CIk+3Zx07cAehjgIt28eUkqdQbjevqcuUeUPFJ
         UyqtNQge/RzudueuuRNRaBwE8RZk6U5gTHv35R2FZqv1jlk/6flrXQrz5V+BqVyciwOr
         lnQ8uKZPLijtPcau4F0MicZLQxjW0newlIaQahNvZb9hErK02fos3btxfzYOZZWCadX5
         Ms/Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=MMT2vwAr;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=BdcaHlfl;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
        by mx.google.com with ESMTPS id
 h5-20020a056602154500b006ea37d6e298si13163445iow.95.2023.01.10.09.03.37
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 10 Jan 2023 09:03:37 -0800 (PST)
Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=MMT2vwAr;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=BdcaHlfl;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
	by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1pFI1r-0000p2-TE;
	Tue, 10 Jan 2023 17:03:15 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <frank@lichtenheld.com>) id 1pFI1p-0000or-Jk
 for openvpn-devel@lists.sourceforge.net;
 Tue, 10 Jan 2023 17:03:12 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id:
 Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=E2UfU6ICVmhT4ORHGkTiDf9HOydPgq55SW9W4C18VLk=; b=MMT2vwArOTpCvzz4JvlSjk4/z8
 9QWyRv6wUOHw656GHZmt/oawbX6nvBedRCANx4iLwtz7dOQk0RHQohrUVFIjkZ8EwGHrtbAna1wNm
 ZLfK4wIIVjRVygEDzK66Iu/uCus/srkbf4wLq2AqgC/uIT1BRrSSI+N0XHM+PYJrJJKU=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:To:From:
 Sender:Reply-To:Cc:Content-Type:Content-ID:Content-Description:Resent-Date:
 Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:
 References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:
 List-Owner:List-Archive; bh=E2UfU6ICVmhT4ORHGkTiDf9HOydPgq55SW9W4C18VLk=; b=B
 dcaHlfl+i9mWd/MBdwtQeCZhUxzm3qdXzlD8b6WjMcP8GQGh5C4DJVOvPHgkDF8pMcu48LSANnnU7
 7RzffI+qG3r9DQOOdpT0DXBQNJrxNFytNBzYkUNnLPvpMxqbOWjIQEitrGtHWajEneUe0O8vTVXiz
 2OUUJoZjRsTVWwXM=;
Received: from mout-p-201.mailbox.org ([80.241.56.171])
 by sfi-mx-2.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95)
 id 1pFI1k-00053G-U4 for openvpn-devel@lists.sourceforge.net;
 Tue, 10 Jan 2023 17:03:12 +0000
Received: from smtp202.mailbox.org (smtp202.mailbox.org [10.196.197.202])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest
 SHA256) (No client certificate requested)
 by mout-p-201.mailbox.org (Postfix) with ESMTPS id 4Nrxvk5S81z9sGX
 for <openvpn-devel@lists.sourceforge.net>;
 Tue, 10 Jan 2023 18:02:58 +0100 (CET)
From: Frank Lichtenheld <frank@lichtenheld.com>
To: openvpn-devel@lists.sourceforge.net
Date: Tue, 10 Jan 2023 18:02:57 +0100
Message-Id: <20230110170257.113527-1-frank@lichtenheld.com>
MIME-Version: 1.0
X-Spam-Score: -0.7 (/)
X-Spam-Report: Spam detection software,
 running on the system "util-spamd-1.v13.lw.sourceforge.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  Not enabled by default with OpenSSL 3, so we don't see this
 in our builds. While here add missing entries to .gitignore (which is what
 made me look at engine-key test in the first place). Signed-off-by: Frank
 Lichtenheld <frank@lichtenheld.com> --- .gitignore | 4 ++++
 tests/unit_tests/engine-key/check_engine_keys.sh
 | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-)
 Content analysis details:   (-0.7 points, 6.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -0.7 RCVD_IN_DNSWL_LOW      RBL: Sender listed at https://www.dnswl.org/,
 low trust [80.241.56.171 listed in list.dnswl.org]
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 0.0 SPF_NONE               SPF: sender does not publish an SPF Record
X-Headers-End: 1pFI1k-00053G-U4
Subject: [Openvpn-devel] [PATCH] check_engine_keys: make pass with OpenSSL 3
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1754655849263201552?=
X-GMAIL-MSGID: =?utf-8?q?1754655849263201552?=

Not enabled by default with OpenSSL 3, so we don't
see this in our builds.
While here add missing entries to .gitignore (which
is what made me look at engine-key test in the first
place).

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
---
 .gitignore                                       | 4 ++++
 tests/unit_tests/engine-key/check_engine_keys.sh | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index 7335154f..813413fe 100644
--- a/.gitignore
+++ b/.gitignore
@@ -68,6 +68,10 @@ tests/t_client-*-20??????-??????/
 t_client.rc
 t_client_ips.rc
 tests/unit_tests/**/*_testdriver
+tests/unit_tests/engine-key/client.key
+tests/unit_tests/engine-key/log.txt
+tests/unit_tests/engine-key/openssl.cnf
+tests/unit_tests/engine-key/passwd
 
 src/openvpn/openvpn
 include/openvpn-plugin.h
diff --git a/tests/unit_tests/engine-key/check_engine_keys.sh b/tests/unit_tests/engine-key/check_engine_keys.sh
index 7e9a0e80..12dd2301 100755
--- a/tests/unit_tests/engine-key/check_engine_keys.sh
+++ b/tests/unit_tests/engine-key/check_engine_keys.sh
@@ -27,7 +27,7 @@ ${top_builddir}/src/openvpn/openvpn --cd ${top_srcdir}/sample --config sample-co
 # first off check we died because of a key mismatch.  If this doesn't
 # pass, suspect openssl of returning different messages and update the
 # test accordingly
-loggrep '(X509_check_private_key:key values mismatch|func\(128\):reason\(116\))' log.txt || { echo "Key mismatch not detected"; exit 1; }
+loggrep '(x509 certificate routines:(X509_check_private_key)?:key values mismatch|func\(128\):reason\(116\))' log.txt || { echo "Key mismatch not detected"; exit 1; }
 
 # now look for the engine prints (these are under our control)
 loggrep 'ENGINE: engine_init called' || { echo "Engine initialization not detected"; exit 1; }