summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortb <>2025-01-15 10:54:17 +0000
committertb <>2025-01-15 10:54:17 +0000
commit5f0eba55ef76d10d214ee6e9720f71139555905b (patch)
treeb4d18eb73941fd86bc3bffedf7d6913942390942
parent85b648c5f8603ca38a5239a92436c6d644c7b87b (diff)
downloadopenbsd-5f0eba55ef76d10d214ee6e9720f71139555905b.tar.gz
openbsd-5f0eba55ef76d10d214ee6e9720f71139555905b.tar.bz2
openbsd-5f0eba55ef76d10d214ee6e9720f71139555905b.zip
Interop tests for openssl 3.3 and 3.4, retire 3.2, 1.1 (and 3.1 remnants)
OpenSSL 1.1 and 3.2 will be removed from the ports tree, so test the two remaining versions. Unfortunately, this requires a lot more manual massaging than there should be.
Diffstat
-rw-r--r--src/regress/lib/libssl/interop/Makefile6
-rw-r--r--src/regress/lib/libssl/interop/botan/Makefile13
-rw-r--r--src/regress/lib/libssl/interop/cert/Makefile15
-rw-r--r--src/regress/lib/libssl/interop/cipher/Makefile25
-rw-r--r--src/regress/lib/libssl/interop/netcat/Makefile13
-rw-r--r--src/regress/lib/libssl/interop/openssl11/Makefile43
-rw-r--r--src/regress/lib/libssl/interop/openssl31/Makefile43
-rw-r--r--src/regress/lib/libssl/interop/openssl32/Makefile44
-rw-r--r--src/regress/lib/libssl/interop/openssl33/Makefile44
-rw-r--r--src/regress/lib/libssl/interop/openssl34/Makefile44
-rw-r--r--src/regress/lib/libssl/interop/session/Makefile18
-rw-r--r--src/regress/lib/libssl/interop/version/Makefile13
12 files changed, 130 insertions, 191 deletions
diff --git a/src/regress/lib/libssl/interop/Makefile b/src/regress/lib/libssl/interop/Makefile
index 21dfce359d..bdc67f627a 100644
--- a/src/regress/lib/libssl/interop/Makefile
+++ b/src/regress/lib/libssl/interop/Makefile
@@ -1,6 +1,6 @@
1# $OpenBSD: Makefile,v 1.20 2024/08/18 10:02:10 tb Exp $ 1# $OpenBSD: Makefile,v 1.21 2025/01/15 10:54:17 tb Exp $
2 2
3SUBDIR = libressl openssl11 openssl31 openssl32 3SUBDIR = libressl openssl33 openssl34
4 4
5# the above binaries must have been built before we can continue 5# the above binaries must have been built before we can continue
6SUBDIR += netcat 6SUBDIR += netcat
@@ -10,7 +10,7 @@ SUBDIR += botan
10# What is below takes a long time. 10# What is below takes a long time.
11# setting REGRESS_SKIP_SLOW to "yes" in mk.conf 11# setting REGRESS_SKIP_SLOW to "yes" in mk.conf
12# will skip the tests that do not test libressl 12# will skip the tests that do not test libressl
13# but do things like test openssl11 to openssl 3 13# but do things like test openssl 3.x to openssl 3.y
14SUBDIR += version 14SUBDIR += version
15SUBDIR += cipher 15SUBDIR += cipher
16# This takes a really long time. 16# This takes a really long time.
diff --git a/src/regress/lib/libssl/interop/botan/Makefile b/src/regress/lib/libssl/interop/botan/Makefile
index e20553012a..85877d4290 100644
--- a/src/regress/lib/libssl/interop/botan/Makefile
+++ b/src/regress/lib/libssl/interop/botan/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.9 2024/08/18 10:02:10 tb Exp $ 1# $OpenBSD: Makefile,v 1.10 2025/01/15 10:54:17 tb Exp $
2 2
3.include <bsd.own.mk> 3.include <bsd.own.mk>
4 4
@@ -20,14 +20,11 @@ CXX = /usr/local/bin/eg++
20.endif 20.endif
21 21
22LIBRARIES = libressl 22LIBRARIES = libressl
23.if exists(/usr/local/bin/eopenssl11) 23.if exists(/usr/local/bin/eopenssl33)
24LIBRARIES += openssl11 24LIBRARIES += openssl33
25.endif 25.endif
26.if exists(/usr/local/bin/eopenssl31) 26.if exists(/usr/local/bin/eopenssl34)
27LIBRARIES += openssl31 27LIBRARIES += openssl34
28.endif
29.if exists(/usr/local/bin/eopenssl32)
30LIBRARIES += openssl32
31.endif 28.endif
32 29
33PROGS = client 30PROGS = client
diff --git a/src/regress/lib/libssl/interop/cert/Makefile b/src/regress/lib/libssl/interop/cert/Makefile
index ab35d03d74..74c63c86a8 100644
--- a/src/regress/lib/libssl/interop/cert/Makefile
+++ b/src/regress/lib/libssl/interop/cert/Makefile
@@ -1,20 +1,17 @@
1# $OpenBSD: Makefile,v 1.13 2024/08/18 10:02:10 tb Exp $ 1# $OpenBSD: Makefile,v 1.14 2025/01/15 10:54:17 tb Exp $
2 2
3# Connect a client to a server. Both can be current libressl, or 3# Connect a client to a server. Both can be current libressl, or
4# openssl 1.1 or 3.0. Create client and server certificates 4# openssl 3.x. Create client and server certificates
5# that are signed by a CA and not signed by a fake CA. Try all 5# that are signed by a CA and not signed by a fake CA. Try all
6# combinations with, without, and with wrong CA for client and server 6# combinations with, without, and with wrong CA for client and server
7# and check the result of certificate verification. 7# and check the result of certificate verification.
8 8
9LIBRARIES = libressl 9LIBRARIES = libressl
10.if exists(/usr/local/bin/eopenssl11) 10.if exists(/usr/local/bin/eopenssl33)
11LIBRARIES += openssl11 11LIBRARIES += openssl33
12.endif 12.endif
13.if exists(/usr/local/bin/eopenssl31) 13.if exists(/usr/local/bin/eopenssl34)
14LIBRARIES += openssl31 14LIBRARIES += openssl34
15.endif
16.if exists(/usr/local/bin/eopenssl32)
17LIBRARIES += openssl32
18.endif 15.endif
19 16
20.for cca in noca ca fakeca 17.for cca in noca ca fakeca
diff --git a/src/regress/lib/libssl/interop/cipher/Makefile b/src/regress/lib/libssl/interop/cipher/Makefile
index bf4a1e28dc..fa7e25f9ee 100644
--- a/src/regress/lib/libssl/interop/cipher/Makefile
+++ b/src/regress/lib/libssl/interop/cipher/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.16 2024/08/18 10:02:10 tb Exp $ 1# $OpenBSD: Makefile,v 1.17 2025/01/15 10:54:17 tb Exp $
2 2
3# Connect a client to a server. Both can be current libressl, or 3# Connect a client to a server. Both can be current libressl, or
4# openssl 1.1 or 3.0. Create lists of supported ciphers 4# openssl 1.1 or 3.0. Create lists of supported ciphers
@@ -7,14 +7,11 @@
7# have used correct cipher by grepping in their session print out. 7# have used correct cipher by grepping in their session print out.
8 8
9LIBRARIES = libressl 9LIBRARIES = libressl
10.if exists(/usr/local/bin/eopenssl11) 10.if exists(/usr/local/bin/eopenssl33)
11LIBRARIES += openssl11 11LIBRARIES += openssl33
12.endif 12.endif
13.if exists(/usr/local/bin/eopenssl31) 13.if exists(/usr/local/bin/eopenssl34)
14LIBRARIES += openssl31 14LIBRARIES += openssl34
15.endif
16.if exists(/usr/local/bin/eopenssl32)
17LIBRARIES += openssl32
18.endif 15.endif
19 16
20CLEANFILES = *.tmp *.ciphers ciphers.mk 17CLEANFILES = *.tmp *.ciphers ciphers.mk
@@ -44,9 +41,8 @@ client-${clib}-server-${slib}.ciphers: \
44 uniq -d <$@.tmp >$@ 41 uniq -d <$@.tmp >$@
45 # we are only interested in ciphers supported by libressl 42 # we are only interested in ciphers supported by libressl
46 sort $@ client-libressl.ciphers >$@.tmp 43 sort $@ client-libressl.ciphers >$@.tmp
47. if "${clib}" == "openssl11" || "${slib}" == "openssl11" || \ 44. if "${clib}" == "openssl33" || "${slib}" == "openssl33" || \
48 "${clib}" == "openssl31" || "${slib}" == "openssl31" || \ 45 "${clib}" == "openssl34" || "${slib}" == "openssl34"
49 "${clib}" == "openssl32" || "${slib}" == "openssl32"
50 # OpenSSL's SSL_CTX_set_cipher_list doesn't accept TLSv1.3 ciphers 46 # OpenSSL's SSL_CTX_set_cipher_list doesn't accept TLSv1.3 ciphers
51 sed -i '/^TLS_/d' $@.tmp 47 sed -i '/^TLS_/d' $@.tmp
52. endif 48. endif
@@ -74,9 +70,8 @@ regress: ciphers.mk
74.endif 70.endif
75 71
76LEVEL_libressl = 72LEVEL_libressl =
77LEVEL_openssl11 = ,@SECLEVEL=0 73LEVEL_openssl33 = ,@SECLEVEL=0
78LEVEL_openssl31 = ,@SECLEVEL=0 74LEVEL_openssl34 = ,@SECLEVEL=0
79LEVEL_openssl32 = ,@SECLEVEL=0
80 75
81.for clib in ${LIBRARIES} 76.for clib in ${LIBRARIES}
82.for slib in ${LIBRARIES} 77.for slib in ${LIBRARIES}
@@ -137,7 +132,7 @@ check-cipher-${cipher}-client-${clib}-server-${slib}: \
137. endif 132. endif
138. if "${clib}" == "libressl" 133. if "${clib}" == "libressl"
139 # libressl client may prefer chacha-poly if aes-ni is not supported 134 # libressl client may prefer chacha-poly if aes-ni is not supported
140. if "${slib}" == "openssl11" || "${slib}" == "openssl31" || "${slib}" == "openssl32" 135. if "${slib}" == "openssl33" || "${slib}" == "openssl34"
141 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out 136 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out
142. else 137. else
143 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out 138 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out
diff --git a/src/regress/lib/libssl/interop/netcat/Makefile b/src/regress/lib/libssl/interop/netcat/Makefile
index ee6fc7e103..3b8e3f95be 100644
--- a/src/regress/lib/libssl/interop/netcat/Makefile
+++ b/src/regress/lib/libssl/interop/netcat/Makefile
@@ -1,14 +1,11 @@
1# $OpenBSD: Makefile,v 1.9 2024/08/18 10:02:10 tb Exp $ 1# $OpenBSD: Makefile,v 1.10 2025/01/15 10:54:17 tb Exp $
2 2
3LIBRARIES = libressl 3LIBRARIES = libressl
4.if exists(/usr/local/bin/eopenssl11) 4.if exists(/usr/local/bin/eopenssl33)
5LIBRARIES += openssl11 5LIBRARIES += openssl33
6.endif 6.endif
7.if exists(/usr/local/bin/eopenssl31) 7.if exists(/usr/local/bin/eopenssl34)
8LIBRARIES += openssl31 8LIBRARIES += openssl34
9.endif
10.if exists(/usr/local/bin/eopenssl32)
11LIBRARIES += openssl32
12.endif 9.endif
13 10
14# run netcat server and connect with test client 11# run netcat server and connect with test client
diff --git a/src/regress/lib/libssl/interop/openssl11/Makefile b/src/regress/lib/libssl/interop/openssl11/Makefile
deleted file mode 100644
index 27e7354925..0000000000
--- a/src/regress/lib/libssl/interop/openssl11/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
1# $OpenBSD: Makefile,v 1.8 2021/12/02 17:10:53 kn Exp $
2
3.if ! exists(/usr/local/bin/eopenssl11)
4regress:
5 # install openssl-1.1 from ports for interop tests
6 @echo 'Run "pkg_add openssl--%1.1" to run tests against OpenSSL 1.1'
7 @echo SKIPPED
8.else
9
10PROGS = client server
11CPPFLAGS = -I /usr/local/include/eopenssl11
12LDFLAGS = -L /usr/local/lib/eopenssl11
13LDADD = -lssl -lcrypto
14DPADD = /usr/local/lib/eopenssl11/libssl.a \
15 /usr/local/lib/eopenssl11/libcrypto.a
16LD_LIBRARY_PATH = /usr/local/lib/eopenssl11
17REGRESS_TARGETS = run-self-client-server
18.for p in ${PROGS}
19REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p
20.endfor
21
22.for p in ${PROGS}
23
24run-ldd-$p: ldd-$p.out
25 # check that $p is linked with OpenSSL 1.1
26 grep -q /usr/local/lib/eopenssl11/libcrypto.so ldd-$p.out
27 grep -q /usr/local/lib/eopenssl11/libssl.so ldd-$p.out
28 # check that $p is not linked with LibreSSL
29 ! grep -v libc.so ldd-$p.out | grep /usr/lib/
30
31run-version-$p: $p-self.out
32 # check that runtime version is OpenSSL 1.1
33 grep 'SSLEAY_VERSION: OpenSSL 1.1' $p-self.out
34
35run-protocol-$p: $p-self.out
36 # check that OpenSSL 1.1 protocol version is TLS 1.3
37 grep 'Protocol *: TLSv1.3' $p-self.out
38
39.endfor
40
41.endif # exists(/usr/local/bin/eopenssl11)
42
43.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/openssl31/Makefile b/src/regress/lib/libssl/interop/openssl31/Makefile
deleted file mode 100644
index 8f35fa272f..0000000000
--- a/src/regress/lib/libssl/interop/openssl31/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2023/10/30 17:15:21 tb Exp $
2
3.if !exists(/usr/local/bin/eopenssl31)
4regress:
5 # install openssl-3.1 from ports for interop tests
6 @echo 'Run "pkg_add openssl--%3.1" to run tests against OpenSSL 3.1'
7 @echo SKIPPED
8.else
9
10PROGS = client server
11CPPFLAGS = -I /usr/local/include/eopenssl31
12LDFLAGS = -L /usr/local/lib/eopenssl31
13LDADD = -lssl -lcrypto
14DPADD = /usr/local/lib/eopenssl31/libssl.a \
15 /usr/local/lib/eopenssl31/libcrypto.a
16LD_LIBRARY_PATH = /usr/local/lib/eopenssl31
17REGRESS_TARGETS = run-self-client-server
18.for p in ${PROGS}
19REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p
20.endfor
21
22.for p in ${PROGS}
23
24run-ldd-$p: ldd-$p.out
25 # check that $p is linked with OpenSSL 3.1
26 grep -q /usr/local/lib/eopenssl31/libcrypto.so ldd-$p.out
27 grep -q /usr/local/lib/eopenssl31/libssl.so ldd-$p.out
28 # check that $p is not linked with LibreSSL
29 ! grep -v libc.so ldd-$p.out | grep /usr/lib/
30
31run-version-$p: $p-self.out
32 # check that runtime version is OpenSSL 3.1
33 grep 'SSLEAY_VERSION: OpenSSL 3.1' $p-self.out
34
35run-protocol-$p: $p-self.out
36 # check that OpenSSL 3.1 protocol version is TLS 1.3
37 grep 'Protocol *: TLSv1.3' $p-self.out
38
39.endfor
40
41.endif # exists(/usr/local/bin/eopenssl31)
42
43.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/openssl32/Makefile b/src/regress/lib/libssl/interop/openssl32/Makefile
deleted file mode 100644
index 87255138ff..0000000000
--- a/src/regress/lib/libssl/interop/openssl32/Makefile
+++ /dev/null
@@ -1,44 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2024/10/22 16:31:10 tb Exp $
2
3.if ! exists(/usr/local/bin/eopenssl32)
4regress:
5 # install openssl-3.2 ports for interop tests
6 @echo 'Run "pkg_add openssl--%3.2" to run tests against OpenSSL 3.2'
7 @echo SKIPPED
8.else
9
10PROGS = client server
11CFLAGS += -DOPENSSL_SUPPRESS_DEPRECATED
12CPPFLAGS = -I /usr/local/include/eopenssl32
13LDFLAGS = -L /usr/local/lib/eopenssl32
14LDADD = -lssl -lcrypto
15DPADD = /usr/local/lib/eopenssl32/libssl.a \
16 /usr/local/lib/eopenssl32/libcrypto.a
17LD_LIBRARY_PATH = /usr/local/lib/eopenssl32
18REGRESS_TARGETS = run-self-client-server
19.for p in ${PROGS}
20REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p
21.endfor
22
23.for p in ${PROGS}
24
25run-ldd-$p: ldd-$p.out
26 # check that $p is linked with OpenSSL 3.2
27 grep -q /usr/local/lib/eopenssl32/libcrypto.so ldd-$p.out
28 grep -q /usr/local/lib/eopenssl32/libssl.so ldd-$p.out
29 # check that $p is not linked with LibreSSL
30 ! grep -v libc.so ldd-$p.out | grep /usr/lib/
31
32run-version-$p: $p-self.out
33 # check that runtime version is OpenSSL 3.2
34 grep 'SSLEAY_VERSION: OpenSSL 3.2' $p-self.out
35
36run-protocol-$p: $p-self.out
37 # check that OpenSSL 3.2 protocol version is TLS 1.3
38 grep 'Protocol *: TLSv1.3' $p-self.out
39
40.endfor
41
42.endif # exists(/usr/local/bin/eopenssl32)
43
44.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/openssl33/Makefile b/src/regress/lib/libssl/interop/openssl33/Makefile
new file mode 100644
index 0000000000..eff61704d0
--- /dev/null
+++ b/src/regress/lib/libssl/interop/openssl33/Makefile
@@ -0,0 +1,44 @@
1# $OpenBSD: Makefile,v 1.1 2025/01/15 10:54:17 tb Exp $
2
3.if ! exists(/usr/local/bin/eopenssl33)
4regress:
5 # install openssl-3.3 from ports for interop tests
6 @echo 'Run "pkg_add openssl--%3.3" to run tests against OpenSSL 3.3'
7 @echo SKIPPED
8.else
9
10PROGS = client server
11CFLAGS += -DOPENSSL_SUPPRESS_DEPRECATED
12CPPFLAGS = -I /usr/local/include/eopenssl33
13LDFLAGS = -L /usr/local/lib/eopenssl33
14LDADD = -lssl -lcrypto
15DPADD = /usr/local/lib/eopenssl33/libssl.a \
16 /usr/local/lib/eopenssl33/libcrypto.a
17LD_LIBRARY_PATH = /usr/local/lib/eopenssl33
18REGRESS_TARGETS = run-self-client-server
19.for p in ${PROGS}
20REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p
21.endfor
22
23.for p in ${PROGS}
24
25run-ldd-$p: ldd-$p.out
26 # check that $p is linked with OpenSSL 3.3
27 grep -q /usr/local/lib/eopenssl33/libcrypto.so ldd-$p.out
28 grep -q /usr/local/lib/eopenssl33/libssl.so ldd-$p.out
29 # check that $p is not linked with LibreSSL
30 ! grep -v libc.so ldd-$p.out | grep /usr/lib/
31
32run-version-$p: $p-self.out
33 # check that runtime version is OpenSSL 3.3
34 grep 'SSLEAY_VERSION: OpenSSL 3.3' $p-self.out
35
36run-protocol-$p: $p-self.out
37 # check that OpenSSL 3.3 protocol version is TLS 1.3
38 grep 'Protocol *: TLSv1.3' $p-self.out
39
40.endfor
41
42.endif # exists(/usr/local/bin/eopenssl33)
43
44.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/openssl34/Makefile b/src/regress/lib/libssl/interop/openssl34/Makefile
new file mode 100644
index 0000000000..72246bb621
--- /dev/null
+++ b/src/regress/lib/libssl/interop/openssl34/Makefile
@@ -0,0 +1,44 @@
1# $OpenBSD: Makefile,v 1.1 2025/01/15 10:54:17 tb Exp $
2
3.if ! exists(/usr/local/bin/eopenssl34)
4regress:
5 # install openssl-3.4 from ports for interop tests
6 @echo 'Run "pkg_add openssl--%3.4" to run tests against OpenSSL 3.4'
7 @echo SKIPPED
8.else
9
10PROGS = client server
11CFLAGS += -DOPENSSL_SUPPRESS_DEPRECATED
12CPPFLAGS = -I /usr/local/include/eopenssl34
13LDFLAGS = -L /usr/local/lib/eopenssl34
14LDADD = -lssl -lcrypto
15DPADD = /usr/local/lib/eopenssl34/libssl.a \
16 /usr/local/lib/eopenssl34/libcrypto.a
17LD_LIBRARY_PATH = /usr/local/lib/eopenssl34
18REGRESS_TARGETS = run-self-client-server
19.for p in ${PROGS}
20REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p
21.endfor
22
23.for p in ${PROGS}
24
25run-ldd-$p: ldd-$p.out
26 # check that $p is linked with OpenSSL 3.4
27 grep -q /usr/local/lib/eopenssl34/libcrypto.so ldd-$p.out
28 grep -q /usr/local/lib/eopenssl34/libssl.so ldd-$p.out
29 # check that $p is not linked with LibreSSL
30 ! grep -v libc.so ldd-$p.out | grep /usr/lib/
31
32run-version-$p: $p-self.out
33 # check that runtime version is OpenSSL 3.4
34 grep 'SSLEAY_VERSION: OpenSSL 3.4' $p-self.out
35
36run-protocol-$p: $p-self.out
37 # check that OpenSSL 3.4 protocol version is TLS 1.3
38 grep 'Protocol *: TLSv1.3' $p-self.out
39
40.endfor
41
42.endif # exists(/usr/local/bin/eopenssl34)
43
44.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/session/Makefile b/src/regress/lib/libssl/interop/session/Makefile
index ab6503c97f..e9a353f99e 100644
--- a/src/regress/lib/libssl/interop/session/Makefile
+++ b/src/regress/lib/libssl/interop/session/Makefile
@@ -1,20 +1,14 @@
1# $OpenBSD: Makefile,v 1.11 2024/08/18 10:02:10 tb Exp $ 1# $OpenBSD: Makefile,v 1.12 2025/01/15 10:54:17 tb Exp $
2 2
3LIBRARIES = libressl 3LIBRARIES = libressl
4.if exists(/usr/local/bin/eopenssl11) 4.if exists(/usr/local/bin/eopenssl33)
5LIBRARIES += openssl11 5#LIBRARIES += openssl33
6.endif 6.endif
7.if exists(/usr/local/bin/eopenssl31) 7.if exists(/usr/local/bin/eopenssl34)
8#LIBRARIES += openssl31 8#LIBRARIES += openssl34
9.endif
10.if exists(/usr/local/bin/eopenssl32)
11#LIBRARIES += openssl32
12.endif 9.endif
13 10
14run-session-client-libressl-server-libressl \ 11run-session-client-libressl-server-libressl:
15run-session-client-libressl-server-openssl11 \
16run-session-client-openssl11-server-libressl \
17run-session-client-openssl11-server-openssl11:
18 # TLS 1.3 needs some extra setup for session reuse 12 # TLS 1.3 needs some extra setup for session reuse
19 @echo DISABLED 13 @echo DISABLED
20 14
diff --git a/src/regress/lib/libssl/interop/version/Makefile b/src/regress/lib/libssl/interop/version/Makefile
index aa5883fa2d..605fba252f 100644
--- a/src/regress/lib/libssl/interop/version/Makefile
+++ b/src/regress/lib/libssl/interop/version/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.9 2024/08/18 10:02:10 tb Exp $ 1# $OpenBSD: Makefile,v 1.10 2025/01/15 10:54:17 tb Exp $
2 2
3# Connect a client to a server. Both can be current libressl, or 3# Connect a client to a server. Both can be current libressl, or
4# openssl 1.1 or openssl 3.0. Pin client or server to a fixed TLS 4# openssl 1.1 or openssl 3.0. Pin client or server to a fixed TLS
@@ -7,11 +7,11 @@
7# print out. 7# print out.
8 8
9LIBRARIES = libressl 9LIBRARIES = libressl
10.if exists(/usr/local/bin/eopenssl11) 10.if exists(/usr/local/bin/eopenssl33)
11LIBRARIES += openssl11 11LIBRARIES += openssl33
12.endif 12.endif
13.if exists(/usr/local/bin/eopenssl31) 13.if exists(/usr/local/bin/eopenssl34)
14LIBRARIES += openssl31 14LIBRARIES += openssl34
15.endif 15.endif
16 16
17VERSIONS = any TLS1_2 TLS1_3 17VERSIONS = any TLS1_2 TLS1_3
@@ -29,7 +29,8 @@ FAIL_${cver}_${sver} = !
29.for slib in ${LIBRARIES} 29.for slib in ${LIBRARIES}
30 30
31.if ("${cver}" != TLS1_3 && "${sver}" != TLS1_3) && \ 31.if ("${cver}" != TLS1_3 && "${sver}" != TLS1_3) && \
32 ((("${clib}" != openssl31 && "${slib}" != openssl31)) || \ 32 ((("${clib}" != openssl33 && "${slib}" != openssl33)) || \
33 (("${clib}" != openssl34 && "${slib}" != openssl34)) || \
33 (("${cver}" != any && "${sver}" != any) && \ 34 (("${cver}" != any && "${sver}" != any) && \
34 ("${cver}" != TLS1 && "${sver}" != TLS1) && \ 35 ("${cver}" != TLS1 && "${sver}" != TLS1) && \
35 ("${cver}" != TLS1_1 && "${sver}" != TLS1_1))) 36 ("${cver}" != TLS1_1 && "${sver}" != TLS1_1)))
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 22:59:40 +0000