extract: Fix regression in --purpose option

The --purpose option would only match certificates that had no
purposes marked on them. Fix it so that it correctly matches
certificates with the given purpose.

https://bugs.freedesktop.org/show_bug.cgi?id=62009

diff --git a/tools/extract-info.c b/tools/extract-info.c
index aa66c83262b366df746ace80973abb9b5541fef1..ee6dbe1b9d7fe364203cef45e7961b5856e1b1b8 100644 (file)
--- a/tools/extract-info.c
+++ b/tools/extract-info.c
@@ -316,9 +316,18 @@ void
 p11_extract_info_limit_purpose (p11_extract_info *ex,
                                 const char *purpose)
 {
-       if (!ex->limit_to_purposes)
+       char *value;
+
+       if (!ex->limit_to_purposes) {
                ex->limit_to_purposes = p11_dict_new (p11_dict_str_hash, p11_dict_str_equal, free, NULL);
-       p11_dict_set (ex->limit_to_purposes, strdup (purpose), NULL);
+               return_if_fail (ex->limit_to_purposes != NULL);
+       }
+
+       value = strdup (purpose);
+       return_if_fail (value != NULL);
+
+       if (!p11_dict_set (ex->limit_to_purposes, value, value))
+               return_if_reached ();
 }
 
 static char *

diff --git a/tools/tests/test-extract.c b/tools/tests/test-extract.c
index 8bdd600a09d5b94b3647174ec612083aed5b2f65..5e2f6fe72f536b8b14690ec1044c8121823de269 100644 (file)
--- a/tools/tests/test-extract.c
+++ b/tools/tests/test-extract.c
@@ -272,6 +272,54 @@ test_info_skip_non_certificate (CuTest *tc)
        teardown (tc);
 }
 
+static void
+test_limit_to_purpose_match (CuTest *tc)
+{
+       CK_RV rv;
+
+       setup (tc);
+
+       mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_authority_attrs);
+       mock_module_add_object (MOCK_SLOT_ONE_ID, extension_eku_server_client);
+
+       p11_extract_info_limit_purpose (&test.ex, P11_OID_SERVER_AUTH_STR);
+       p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL);
+       p11_kit_iter_begin_with (test.iter, &test.module, 0, 0);
+
+       p11_message_quiet ();
+
+       rv = p11_kit_iter_next (test.iter);
+       CuAssertIntEquals (tc, CKR_OK, rv);
+
+       p11_message_loud ();
+
+       teardown (tc);
+}
+
+static void
+test_limit_to_purpose_no_match (CuTest *tc)
+{
+       CK_RV rv;
+
+       setup (tc);
+
+       mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_authority_attrs);
+       mock_module_add_object (MOCK_SLOT_ONE_ID, extension_eku_server_client);
+
+       p11_extract_info_limit_purpose (&test.ex, "3.3.3.3");
+       p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL);
+       p11_kit_iter_begin_with (test.iter, &test.module, 0, 0);
+
+       p11_message_quiet ();
+
+       rv = p11_kit_iter_next (test.iter);
+       CuAssertIntEquals (tc, CKR_CANCEL, rv);
+
+       p11_message_loud ();
+
+       teardown (tc);
+}
+
 int
 main (void)
 {
@@ -290,6 +338,8 @@ main (void)
        SUITE_ADD_TEST (suite, test_info_limit_purposes);
        SUITE_ADD_TEST (suite, test_info_invalid_purposes);
        SUITE_ADD_TEST (suite, test_info_skip_non_certificate);
+       SUITE_ADD_TEST (suite, test_limit_to_purpose_match);
+       SUITE_ADD_TEST (suite, test_limit_to_purpose_no_match);
 
        CuSuiteRun (suite);
        CuSuiteSummary (suite, output);