[openssl-dev] [openssl.org #4434] Gentoo 13, x86_64: 4 failed self tests

Wed, 01 Jun 2016 15:21:07 -0700 

Hi Jeff

Please could you try the attached patch?

Thanks

Matt

-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4434
Please log in as guest with password guest if prompted


>From 199bf71fb68a26a9d7ff52af7233bd0b52d0f824 Mon Sep 17 00:00:00 2001
From: Matt Caswell <m...@openssl.org>
Date: Wed, 1 Jun 2016 23:15:12 +0100
Subject: [PATCH] Handle inability to create AFALG socket

Some Linux platforms have a suitably recent kernel to support AFALG, but
apparently you still can't actually create an afalg socket. This extends
the afalg_chk_platform() function to additionally check whether we can
create an AFALG socket. We also amend the afalgtest to not report a
failure to load the engine as a test failure. A failure to load is almost
certainly due to platform environmental issues, and not an OpenSSL problem.
---
 engines/afalg/e_afalg.c | 9 +++++++++
 test/afalgtest.c        | 9 +++++++--
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/engines/afalg/e_afalg.c b/engines/afalg/e_afalg.c
index ec2a57e..84f00a0 100644
--- a/engines/afalg/e_afalg.c
+++ b/engines/afalg/e_afalg.c
@@ -731,6 +731,7 @@ static int afalg_chk_platform(void)
     int ret;
     int i;
     int kver[3] = { -1, -1, -1 };
+    int sock;
     char *str;
     struct utsname ut;
 
@@ -758,6 +759,14 @@ static int afalg_chk_platform(void)
         return 0;
     }
 
+    /* Test if we can actually create an AF_ALG socket */
+    sock = socket(AF_ALG, SOCK_SEQPACKET, 0);
+    if (sock == -1) {
+        AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, AFALG_R_SOCKET_CREATE_FAILED);
+        return 0;
+    }
+    close(sock);
+
     return 1;
 }
 
diff --git a/test/afalgtest.c b/test/afalgtest.c
index 3baced7..7fc03ba 100644
--- a/test/afalgtest.c
+++ b/test/afalgtest.c
@@ -102,8 +102,13 @@ int main(int argc, char **argv)
 
     e = ENGINE_by_id("afalg");
     if (e == NULL) {
-        fprintf(stderr, "AFALG Test: Failed to load AFALG Engine\n");
-        return 1;
+        /*
+         * A failure to load is probably a platform environment problem so we
+         * don't treat this as an OpenSSL test failure, i.e. we return 0
+         */
+        fprintf(stderr,
+                "AFALG Test: Failed to load AFALG Engine - skipping test\n");
+        return 0;
     }
 
     if (test_afalg_aes_128_cbc(e) == 0) {
-- 
2.7.4


-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to