Add test to make sure we don't get a segfault on a problem config file

Now the token should fail to initialize and p11tool should say so

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

3 files changed, 11 insertions, 1 deletions

diff --git a/.gitignore b/.gitignore
index f0141da..218d3bd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -23,3 +23,4 @@ tmp.*
 *.key
 *.crt
 op.conf
+stderr
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 0d57e70..446718e 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -14,7 +14,7 @@ AM_TESTS_ENVIRONMENT = OPENSSL_PKCS11_CONF=$(abs_srcdir)/op.conf; \
 	export OPENSSL_PKCS11_CONF srcdir OPENSSL_CONF;
 TEST_EXTENSIONS = .sh
 
-CLEANFILES = key-*.* op.conf *.msg *.txt
+CLEANFILES = key-*.* op.conf *.msg *.txt stderr
 
 check_LTLIBRARIES = testengine.la
 
diff --git a/tests/p11tool_checks.sh b/tests/p11tool_checks.sh
index d0a6ff0..ec4e3ef 100755
--- a/tests/p11tool_checks.sh
+++ b/tests/p11tool_checks.sh
@@ -26,3 +26,12 @@ export GNUTLS_PIN=Passw0rd
 ##
 ${CERTTOOL} --generate-self-signed --load-privkey 'pkcs11:manufacturer=openssl-pkcs11-export;token=key-pass;object=key-pass' --template=tmp.tmpl > tmp.crt || exit 1
 certtool --verify --infile tmp.crt --load-ca-cert tmp.crt || exit 1
+
+##
+# test operation with no config file (must always be last in the file)
+##
+OPENSSL_PKCS11_CONF=/random/nonexistent/config/file
+# make sure p11tool returns an error
+${P11TOOL} --list-all 2> stderr && exit 1
+# and that the error says the provider failed to initialize
+grep -q  'pkcs11_add_provider: PKCS #11 error' stderr || exit 1