aboutsummaryrefslogtreecommitdiffstats
path: root/src/tests/x509_test.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/tests/x509_test.c')
-rw-r--r--src/tests/x509_test.c13
1 files changed, 13 insertions, 0 deletions
diff --git a/src/tests/x509_test.c b/src/tests/x509_test.c
index b6cba575c..bc9032041 100644
--- a/src/tests/x509_test.c
+++ b/src/tests/x509_test.c
@@ -984,6 +984,7 @@ static void x509_validate_chain_fail_okx ( struct x509_test_chain *chn,
*
*/
static void x509_test_exec ( void ) {
+ struct x509_link *link;
/* Parse all certificates */
x509_certificate_ok ( &root_crt );
@@ -1089,6 +1090,18 @@ static void x509_test_exec ( void ) {
x509_validate_chain_fail_ok ( &useless_chain, test_ca_expired,
&empty_store, &test_root );
+ /* Check chain truncation */
+ link = list_last_entry ( &server_chain.chain->links,
+ struct x509_link, list );
+ ok ( link->cert == root_crt.cert );
+ link = list_prev_entry ( link, &server_chain.chain->links, list );
+ ok ( link->cert == intermediate_crt.cert );
+ x509_validate_chain_ok ( &server_chain, test_time,
+ &empty_store, &test_root );
+ x509_truncate ( server_chain.chain, link );
+ x509_validate_chain_fail_ok ( &server_chain, test_time,
+ &empty_store, &test_root );
+
/* Sanity check */
assert ( list_empty ( &empty_store.links ) );
generated by cgit (git 2.34.1) at 2025-02-22 22:34:01 +0000