security: Throw exception when loading on orphaned ValidationPolicyConfig
ValidationPolicyConfig must be assigned to a Validator instance prior to
loading and it is an API violation to load configuration otherwise.
Change-Id: Ib372cd3b6ab7c7ce1e37039f25b97e1d2f1511f9
Refs: #4758
diff --git a/tests/unit-tests/security/v2/validation-policy-config.t.cpp b/tests/unit-tests/security/v2/validation-policy-config.t.cpp
index 31cba27..cca3e7a 100644
--- a/tests/unit-tests/security/v2/validation-policy-config.t.cpp
+++ b/tests/unit-tests/security/v2/validation-policy-config.t.cpp
@@ -505,6 +505,29 @@
VALIDATE_FAILURE(packet, "Should fail, as the trust anchor should no longer exist");
}
+BOOST_FIXTURE_TEST_CASE(OrphanedPolicyLoad, HierarchicalValidatorFixture<ValidationPolicyConfig>) // Bug #4758
+{
+ ValidationPolicyConfig policy1;
+ BOOST_CHECK_THROW(policy1.load("trust-anchor { type any }", "test-config"), Error);
+
+ // Reloading would have triggered a segfault
+ BOOST_CHECK_THROW(policy1.load("trust-anchor { type any }", "test-config"), Error);
+
+ ValidationPolicyConfig policy2;
+
+ std::string config = R"CONF(
+ trust-anchor
+ {
+ type dir
+ dir keys
+ refresh 1h
+ }
+ )CONF";
+
+ // Inserting trust anchor would have triggered a segfault
+ BOOST_CHECK_THROW(policy2.load(config, "test-config"), Error);
+}
+
BOOST_AUTO_TEST_SUITE_END() // TestValidationPolicyConfig
BOOST_AUTO_TEST_SUITE_END() // V2
BOOST_AUTO_TEST_SUITE_END() // Security