80-test_cmp_http.t: fix handling of IPv6 server host (localhost '::1')

Fixes 22467

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25010)

diff --git a/test/recipes/80-test_cmp_http.t b/test/recipes/80-test_cmp_http.t
index 62ce1bd169063e227170a30a199e7731f4f7eafa..da4b4ffc2520739010d15d5173979be7cb05750a 100644 (file)
--- a/test/recipes/80-test_cmp_http.t
+++ b/test/recipes/80-test_cmp_http.t
@@ -144,7 +144,7 @@ sub test_cmp_http {
     my $title = shift;
     my $params = shift;
     my $expected_result = shift;
-    $params = [ '-server', "127.0.0.1:$server_port", @$params ]
+    $params = [ '-server', "$server_host:$server_port", @$params ]
         if ($server_name eq "Mock" && !(grep { $_ eq '-server' } @$params));
     my $cmd = app([@app, @$params]);
 
@@ -252,14 +252,15 @@ sub load_tests {
 
         next LOOP if $server_tls == 0 && $line =~ m/,\s*-tls_used\s*,/;
         my $noproxy = $no_proxy;
+        my $server_plain = $server_host =~ m/^\[(.*)\]$/ ? $1 : $server_host;
         if ($line =~ m/,\s*-no_proxy\s*,(.*?)(,|$)/) {
             $noproxy = $1;
-        } elsif ($server_host eq "127.0.0.1") {
+        } elsif ($server_plain eq "127.0.0.1" || $server_plain eq "::1") {
             # do connections to localhost (e.g., mock server) without proxy
-            $line =~ s{-section,,}{-section,,-no_proxy,127.0.0.1,} ;
+            $line =~ s{-section,,}{-section,,-no_proxy,$server_plain,} ;
         }
         if ($line =~ m/,\s*-proxy\s*,/) {
-            next LOOP if $no_proxy && ($noproxy =~ $server_host);
+            next LOOP if $no_proxy && ($noproxy =~ $server_plain);
         } else {
             $line =~ s{-section,,}{-section,,-proxy,$proxy,};
         }
@@ -301,27 +302,32 @@ sub start_server {
 
     if ($server_host eq '*' || $server_port == 0) {
         # Find out the actual server host and port and possibly different PID
+        my ($host, $port);
         $pid = 0;
         while (<$server_fh>) {
             print "$server_name server output: $_";
             next if m/using section/;
             s/\R$//;                # Better chomp
-            ($server_host, $server_port, $pid) = ($1, $2, $3)
+            ($host, $port, $pid) = ($1, $2, $3)
                 if /^ACCEPT\s(.*?):(\d+) PID=(\d+)$/;
             last; # Do not loop further to prevent hangs on server misbehavior
         }
-        $server_host = "[::1]" if $server_host eq "[::]";
-        $server_host = "127.0.0.1" if $server_host eq "0.0.0.0";
+        if ($server_host eq '*' && defined $host) {
+            $server_host = "[::1]"     if $host eq "[::]";
+            $server_host = "127.0.0.1" if $host eq "0.0.0.0";
+        }
+        $server_port = $port if $server_port == 0 && defined $port;
     }
-    unless ($server_port > 0) {
+    if ($server_host eq '*' || $server_port == 0) {
         stop_server($server_name, $pid) if $pid;
-        print "Cannot get expected output from the $server_name server";
+        print "Cannot get expected output from the $server_name server\n";
         return 0;
     }
     $kur_port = $server_port if $kur_port eq "\$server_port";
     $pbm_port = $server_port if $pbm_port eq "\$server_port";
     $server_tls = $server_port if $server_tls;
     return $pid;
+
 }
 
 sub stop_server {

diff --git a/test/recipes/80-test_cmp_http_data/Mock/test.cnf b/test/recipes/80-test_cmp_http_data/Mock/test.cnf
index 50ad8c517769c707b9f842c8157f97ce4cfddc7e..4fbffb69810da8453f13add6ed9ff6ff62948d9a 100644 (file)
--- a/test/recipes/80-test_cmp_http_data/Mock/test.cnf
+++ b/test/recipes/80-test_cmp_http_data/Mock/test.cnf
@@ -17,11 +17,11 @@ policies = certificatePolicies
 
 [Mock] # the built-in OpenSSL CMP mock server
 # no_check_time = 1
-server_host = 127.0.0.1 # localhost
+server_host = * # to be determined by server: 127.0.0.1 or ::1 (localhost)
 server_port = 0 # 0 means that the port is determined by the server
 server_tls = $server_port
 server_cert = server.crt
-server = $server_host:$server_port
+# server = $server_host:$server_port
 server_path = pkix/
 path = $server_path
 ca_dn = /CN=Root CA

diff --git a/test/recipes/80-test_cmp_http_data/test_connection.csv b/test/recipes/80-test_cmp_http_data/test_connection.csv
index d1a4bb96a8249539082088b5a2b2ee6b4e51a883..27932275ccdc23ae0c4e28a63c24a785d2d3e814 100644 (file)
--- a/test/recipes/80-test_cmp_http_data/test_connection.csv
+++ b/test/recipes/80-test_cmp_http_data/test_connection.csv
@@ -2,7 +2,7 @@ expected,description, -section,val, -server,val, -proxy,val, -no_proxy,val, -tls
 ,Message transfer options:,,,,,,,,,,,,,,,,,,
 ,,,,,,,,,,,,,,,,,,,
 1,default config, -section,,,,,,,,BLANK,,,,BLANK,,BLANK,,BLANK,
-disabled as not supported by some host IP configurations,server domain name, -section,, -server,localhost:_SERVER_PORT,,,,,,,,,,,,,,
+disabled as not supported by some host IP configurations,server domain name, -section,, -server,_SERVER_HOST:_SERVER_PORT,,,,,,,,,,,,,,
 ,,,,,,,,,,,,,,,,,,,
 0,wrong server, -section,, -server,xn--rksmrgs-5wao1o.example.com:_SERVER_PORT,,,,,BLANK,,,, -msg_timeout,1,BLANK,,BLANK,
 0,wrong server port, -section,, -server,_SERVER_HOST:99,,,,,BLANK,,,, -msg_timeout,1,BLANK,,BLANK,