Bug #5170 - make pkey_eq testable, introduce test_tortls.c

2 files changed, 8 insertions, 3 deletions

diff --git a/src/common/tortls.c b/src/common/tortls.c
index fd0a4107d1..c0e36034d2 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -980,8 +980,8 @@ tor_tls_cert_get_key(tor_cert_t *cert)
 }
 
 /** Return true iff <b>a</b> and <b>b</b> represent the same public key. */
-static int
-pkey_eq(EVP_PKEY *a, EVP_PKEY *b)
+int
+tor_tls_evp_pkey_eq(EVP_PKEY *a, EVP_PKEY *b)
 {
   /* We'd like to do this, but openssl 0.9.7 doesn't have it:
      return EVP_PKEY_cmp(a,b) == 1;
@@ -1017,7 +1017,7 @@ tor_tls_cert_matches_key(const tor_tls_t *tls, const tor_cert_t *cert)
   link_key = X509_get_pubkey(peercert);
   cert_key = X509_get_pubkey(cert->cert);
 
-  result = link_key && cert_key && pkey_eq(cert_key, link_key);
+  result = link_key && cert_key && tor_tls_evp_pkey_eq(cert_key, link_key);
 
   X509_free(peercert);
   if (link_key)
diff --git a/src/common/tortls.h b/src/common/tortls.h
index 49c488b365..c71ed573f2 100644
--- a/src/common/tortls.h
+++ b/src/common/tortls.h
@@ -138,5 +138,10 @@ int tor_tls_cert_is_valid(int severity,
                           int check_rsa_1024);
 const char *tor_tls_get_ciphersuite_name(tor_tls_t *tls);
 
+#ifdef TORTLS_PRIVATE
+/* Prototypes for private functions only used by the unit tests. */
+int tor_tls_evp_pkey_eq(EVP_PKEY *a, EVP_PKEY *b);
+#endif
+
 #endif