From d1aebd3c24eb5da337d1713d41bdf58a501156d1 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Fri, 29 Sep 2017 11:07:43 +0200
Subject: [PATCH] Don't test hostname auth without support in libssl

---
 .../290-transports.tpkg/290-transports.dsc    |  2 +-
 .../290-transports.tpkg/290-transports.test   | 47 +++++++++++++------
 2 files changed, 34 insertions(+), 15 deletions(-)

diff --git a/src/test/tpkg/290-transports.tpkg/290-transports.dsc b/src/test/tpkg/290-transports.tpkg/290-transports.dsc
index 8508f07a..acc5f398 100644
--- a/src/test/tpkg/290-transports.tpkg/290-transports.dsc
+++ b/src/test/tpkg/290-transports.tpkg/290-transports.dsc
@@ -6,7 +6,7 @@ Maintainer: Hoda Rohani
 Category: 
 Component:
 CmdDepends: 
-Depends: 110-link.tpkg
+Depends: 210-stub-only-link.tpkg
 Help:
 Pre: 
 Post: 
diff --git a/src/test/tpkg/290-transports.tpkg/290-transports.test b/src/test/tpkg/290-transports.tpkg/290-transports.test
index 701dd461..ce3730e2 100644
--- a/src/test/tpkg/290-transports.tpkg/290-transports.test
+++ b/src/test/tpkg/290-transports.tpkg/290-transports.test
@@ -4,6 +4,12 @@
 # use .tpkg.var.test for in test variable passing
 [ -f .tpkg.var.test ] && source .tpkg.var.test
 
+if grep -q '^#define HAVE_SSL_HN_AUTH 1' "${BUILDDIR}/build-stub-only/src/config.h"
+then
+	HAVE_SSL_HN_AUTH=1
+else
+	HAVE_SSL_HN_AUTH=0
+fi
 SERVER_IP="8.8.8.8"
 SERVER_IPv6="2001:4860:4860::8888"
 
@@ -126,17 +132,30 @@ for (( ii = 0; ii < 1; ii++)); do
 	SERVER_IP_TSIG_WRONG_NAME=`echo ${SERVER_IP_TSIG}${TSIG_ALG}":"${TSIG_NAME::${#TSIG_NAME}-1}":"${TSIG_SECRET}`
 	SERVER_IP_TSIG_WRONG_SECRET=`echo ${SERVER_IP_TSIG}${TSIG_ALG}":"${TSIG_NAME}":"${TSIG_SECRET::${#TSIG_SECRET}-1}`
 
-	NUM_GOOD_QUERIES=9
-	GOOD_QUERIES=(
-	"-s -A  getdnsapi.net -l U        @${SERVER_IP} +edns_cookies"              "U" "-"
-	"-s -A  getdnsapi.net -l T        @${SERVER_IP}"              "T" "-"
-	"-s -A  getdnsapi.net -l U        @${SERVER_IP_TSIG}${TSIG_ALG}:${TSIG_NAME}:${TSIG_SECRET}" "U" "-"
-	"-s -A  getdnsapi.net -l U        @${SERVER_IP_TSIG}${TSIG_NAME}:${TSIG_SECRET}" "U" "-"
-	"-s -A  getdnsapi.net -l L        @${TLS_SERVER_IP_NO_NAME}"  "L" "N"
-	"-s -A  getdnsapi.net -l L -m     @${TLS_SERVER_IP}"          "L" "S"
-	"-s -A  getdnsapi.net -l L -m     @${TLS_SERVER_IP_NO_NAME} -K pin-sha256=\"${TLS_SERVER_KEY}\"" "L" "S"
-	"-s -A  getdnsapi.net -l L -m     @${TLS_SERVER_IP} -K pin-sha256=\"${TLS_SERVER_KEY}\"" "L" "S"
-	"-s -G DNSKEY getdnsapi.net -l U  @${SERVER_IP} -b 512 -D" "U" "-")
+	if [[ $HAVE_SSL_HN_AUTH = 1 ]]
+	then
+		NUM_GOOD_QUERIES=9
+		GOOD_QUERIES=(
+		"-s -A  getdnsapi.net -l U        @${SERVER_IP} +edns_cookies"              "U" "-"
+		"-s -A  getdnsapi.net -l T        @${SERVER_IP}"              "T" "-"
+		"-s -A  getdnsapi.net -l U        @${SERVER_IP_TSIG}${TSIG_ALG}:${TSIG_NAME}:${TSIG_SECRET}" "U" "-"
+		"-s -A  getdnsapi.net -l U        @${SERVER_IP_TSIG}${TSIG_NAME}:${TSIG_SECRET}" "U" "-"
+		"-s -A  getdnsapi.net -l L        @${TLS_SERVER_IP_NO_NAME}"  "L" "N"
+		"-s -A  getdnsapi.net -l L -m     @${TLS_SERVER_IP}"          "L" "S"
+		"-s -A  getdnsapi.net -l L -m     @${TLS_SERVER_IP_NO_NAME} -K pin-sha256=\"${TLS_SERVER_KEY}\"" "L" "S"
+		"-s -A  getdnsapi.net -l L -m     @${TLS_SERVER_IP} -K pin-sha256=\"${TLS_SERVER_KEY}\"" "L" "S"
+		"-s -G DNSKEY getdnsapi.net -l U  @${SERVER_IP} -b 512 -D" "U" "-")
+	else
+		NUM_GOOD_QUERIES=7
+		GOOD_QUERIES=(
+		"-s -A  getdnsapi.net -l U        @${SERVER_IP} +edns_cookies"              "U" "-"
+		"-s -A  getdnsapi.net -l T        @${SERVER_IP}"              "T" "-"
+		"-s -A  getdnsapi.net -l U        @${SERVER_IP_TSIG}${TSIG_ALG}:${TSIG_NAME}:${TSIG_SECRET}" "U" "-"
+		"-s -A  getdnsapi.net -l U        @${SERVER_IP_TSIG}${TSIG_NAME}:${TSIG_SECRET}" "U" "-"
+		"-s -A  getdnsapi.net -l L        @${TLS_SERVER_IP_NO_NAME}"  "L" "N"
+		"-s -A  getdnsapi.net -l L -m     @${TLS_SERVER_IP_NO_NAME} -K pin-sha256=\"${TLS_SERVER_KEY}\"" "L" "S"
+		"-s -G DNSKEY getdnsapi.net -l U  @${SERVER_IP} -b 512 -D" "U" "-")
+	fi
 #"-s -A  getdnsapi.net -l L -m     @${TLS_SERVER_SS_IP_NO_NAME} -K pin-sha256=\"${TLS_SERVER_SS_KEY}\"" "L" "S"
 
 	NUM_GOOD_FB_QUERIES=6
@@ -173,21 +192,21 @@ for (( ii = 0; ii < 1; ii++)); do
 		fi
 		echo "*Success cases:"
 		for (( j = 0; j < $NUM_GOOD_QUERIES; j+=1 )); do
-		  check_good "`"${GETDNS_QUERY}" -V +return_call_reporting $SYNC_MODE ${GOOD_QUERIES[$j*$NUM_ARGS]} `" ${GOOD_QUERIES[$((j*NUM_ARGS))+1]} ${GOOD_QUERIES[$((j*NUM_ARGS))+2]}
+		  check_good "`"${GETDNS_STUB_QUERY}" -V +return_call_reporting $SYNC_MODE ${GOOD_QUERIES[$j*$NUM_ARGS]} `" ${GOOD_QUERIES[$((j*NUM_ARGS))+1]} ${GOOD_QUERIES[$((j*NUM_ARGS))+2]}
 		  echo "getdns_query $SYNC_MODE ${GOOD_QUERIES[$j*$NUM_ARGS]}"
 		  (( COUNT++ ))
 		done
 		
 		echo "*Success fallback cases:"
 		for (( j = 0; j < $NUM_GOOD_FB_QUERIES; j+=1 )); do
-		    check_good "`"${GETDNS_QUERY}" -V +return_call_reporting $SYNC_MODE ${GOOD_FALLBACK_QUERIES[$j*$NUM_ARGS]} 2>/dev/null`" ${GOOD_FALLBACK_QUERIES[$((j*NUM_ARGS))+1]} ${GOOD_FALLBACK_QUERIES[$((j*NUM_ARGS))+2]}
+		    check_good "`"${GETDNS_STUB_QUERY}" -V +return_call_reporting $SYNC_MODE ${GOOD_FALLBACK_QUERIES[$j*$NUM_ARGS]} 2>/dev/null`" ${GOOD_FALLBACK_QUERIES[$((j*NUM_ARGS))+1]} ${GOOD_FALLBACK_QUERIES[$((j*NUM_ARGS))+2]}
 		    echo "getdns_query $SYNC_MODE ${GOOD_FALLBACK_QUERIES[$j*$NUM_ARGS]}  TESTS: ${GOOD_FALLBACK_QUERIES[$((j*NUM_ARGS))+1]} ${GOOD_FALLBACK_QUERIES[$((j*NUM_ARGS))+2]}"
 		    (( COUNT++ ))
 		done
 		
 		echo "*Transport not available cases:"
 		for (( j = 0; j < ${#NOT_AVAILABLE_QUERIES[@]}; j+=1 )); do
-			check_bad "`"${GETDNS_QUERY}" -V $SYNC_MODE ${NOT_AVAILABLE_QUERIES[${j}]} 2>&1`"
+			check_bad "`"${GETDNS_STUB_QUERY}" -V $SYNC_MODE ${NOT_AVAILABLE_QUERIES[${j}]} 2>&1`"
 			echo "getdns_query $SYNC_MODE ${NOT_AVAILABLE_QUERIES[${j}]}"
 			(( COUNT++ ))
 		done