Print SSLeay, OpenSSL, and LibreSSL version strings. Make client

and server compile with OpenSSL 1.1.  Check runtime version string
of SSL library.

7 files changed, 71 insertions, 12 deletions

diff --git a/src/regress/lib/libssl/interop/Makefile.inc b/src/regress/lib/libssl/interop/Makefile.inc
index fc282bea88..f209bdbd91 100644
--- a/src/regress/lib/libssl/interop/Makefile.inc
+++ b/src/regress/lib/libssl/interop/Makefile.inc
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile.inc,v 1.1.1.1 2018/11/07 01:08:49 bluhm Exp $
+# $OpenBSD: Makefile.inc,v 1.2 2018/11/07 06:29:26 bluhm Exp $
 
 .PATH:                  ${.CURDIR}/..
 
@@ -20,7 +20,7 @@ ldd-$p.out: $p
 
 CLEANFILES +=           client.out netcat-l.out netcat-l.fstat
 REGRESS_TARGETS +=      run-client
-run-client: client 127.0.0.1.crt
+client.out run-client: client 127.0.0.1.crt
         @echo '\n======== $@ ========'
         echo "greeting" | nc -l -c -C 127.0.0.1.crt -K 127.0.0.1.key \
             127.0.0.1 0 >netcat-l.out & \
@@ -39,7 +39,7 @@ run-client: client 127.0.0.1.crt
 
 CLEANFILES +=           server.out netcat.out
 REGRESS_TARGETS +=      run-server
-run-server: server 127.0.0.1.crt
+server.out run-server: server 127.0.0.1.crt
         @echo '\n======== $@ ========'
         LD_LIBRARY_PATH=${LD_LIBRARY_PATH} ./server 127.0.0.1 0 >server.out
         echo "hello" | nc -c -T noverify \
@@ -52,6 +52,10 @@ run-server: server 127.0.0.1.crt
         # client must have read server greeting
         grep -q '^greeting$$' netcat.out
 
+# check that programs have used correct runtime library
+
+REGRESS_TARGETS +=      ${PROGS:S/^/run-version-/}
+
 # create certificates for TLS
 
 CLEANFILES +=           127.0.0.1.crt 127.0.0.1.key
diff --git a/src/regress/lib/libssl/interop/client.c b/src/regress/lib/libssl/interop/client.c
index d4d4f1e94d..9d56182932 100644
--- a/src/regress/lib/libssl/interop/client.c
+++ b/src/regress/lib/libssl/interop/client.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: client.c,v 1.1.1.1 2018/11/07 01:08:49 bluhm Exp $    */
+/*      $OpenBSD: client.c,v 1.2 2018/11/07 06:29:26 bluhm Exp $        */
 /*
  * Copyright (c) 2018 Alexander Bluhm <bluhm@openbsd.org>
  *
@@ -21,6 +21,7 @@
 #include <err.h>
 #include <netdb.h>
 #include <stdio.h>
+#include <string.h>
 #include <unistd.h>
 
 #include <openssl/err.h>
@@ -61,6 +62,7 @@ main(int argc, char *argv[])
 
         SSL_library_init();
         SSL_load_error_strings();
+        print_version();
 
         /* setup method and context */
         method = SSLv23_client_method();
@@ -77,7 +79,6 @@ main(int argc, char *argv[])
         bio = BIO_new_connect(host_port);
         if (bio == NULL)
                 err_ssl(1, "BIO_new_connect");
-
         print_ciphers(SSL_get_ciphers(ssl));
 
         /* connect */
diff --git a/src/regress/lib/libssl/interop/libressl/Makefile b/src/regress/lib/libssl/interop/libressl/Makefile
index 2d8ef78922..5fce6c5c22 100644
--- a/src/regress/lib/libssl/interop/libressl/Makefile
+++ b/src/regress/lib/libssl/interop/libressl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.1.1.1 2018/11/07 01:08:49 bluhm Exp $
+# $OpenBSD: Makefile,v 1.2 2018/11/07 06:29:26 bluhm Exp $
 
 PROGS =                 client server
 CPPFLAGS =
@@ -15,6 +15,11 @@ run-ldd-$p: ldd-$p.out
         grep -q /usr/lib/libssl.so ldd-$p.out
         # check that $p is not linked with OpenSSL
         ! grep /usr/local/lib/ ldd-$p.out
+
+run-version-$p: $p.out
+        @echo '\n======== $@ ========'
+        # check that runtime version is LibreSSL
+        grep 'SSLEAY_VERSION: LibreSSL' $p.out
 .endfor
 
 .include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/openssl/Makefile b/src/regress/lib/libssl/interop/openssl/Makefile
index 26095d0019..9661767d7b 100644
--- a/src/regress/lib/libssl/interop/openssl/Makefile
+++ b/src/regress/lib/libssl/interop/openssl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.1.1.1 2018/11/07 01:08:49 bluhm Exp $
+# $OpenBSD: Makefile,v 1.2 2018/11/07 06:29:26 bluhm Exp $
 
 .if ! exists(/usr/local/bin/eopenssl)
 regress:
@@ -22,6 +22,11 @@ run-ldd-$p: ldd-$p.out
         grep -q /usr/local/lib/eopenssl/libssl.so ldd-$p.out
         # check that $p is not linked with LibreSSL
         ! grep -v libc.so ldd-$p.out | grep /usr/lib/
+
+run-version-$p: $p.out
+        @echo '\n======== $@ ========'
+        # check that runtime version is OpenSSL 1.0
+        grep 'SSLEAY_VERSION: OpenSSL 1.0' $p.out
 .endfor
 
 .include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/server.c b/src/regress/lib/libssl/interop/server.c
index 862ca21fcb..6f40c4899c 100644
--- a/src/regress/lib/libssl/interop/server.c
+++ b/src/regress/lib/libssl/interop/server.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: server.c,v 1.1.1.1 2018/11/07 01:08:49 bluhm Exp $    */
+/*      $OpenBSD: server.c,v 1.2 2018/11/07 06:29:26 bluhm Exp $        */
 /*
  * Copyright (c) 2018 Alexander Bluhm <bluhm@openbsd.org>
  *
@@ -21,6 +21,7 @@
 #include <err.h>
 #include <netdb.h>
 #include <stdio.h>
+#include <string.h>
 #include <unistd.h>
 
 #include <openssl/err.h>
@@ -65,6 +66,7 @@ main(int argc, char *argv[])
 
         SSL_library_init();
         SSL_load_error_strings();
+        print_version();
 
         /* setup method and context */
         method = SSLv23_server_method();
@@ -93,7 +95,6 @@ main(int argc, char *argv[])
         bio = BIO_new_accept(host_port);
         if (bio == NULL)
                 err_ssl(1, "BIO_new_accept");
-
         print_ciphers(SSL_get_ciphers(ssl));
 
         /* bind, listen */
diff --git a/src/regress/lib/libssl/interop/util.c b/src/regress/lib/libssl/interop/util.c
index 3f1c221d51..b012d73193 100644
--- a/src/regress/lib/libssl/interop/util.c
+++ b/src/regress/lib/libssl/interop/util.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: util.c,v 1.1.1.1 2018/11/07 01:08:49 bluhm Exp $      */
+/*      $OpenBSD: util.c,v 1.2 2018/11/07 06:29:26 bluhm Exp $  */
 /*
  * Copyright (c) 2018 Alexander Bluhm <bluhm@openbsd.org>
  *
@@ -24,13 +24,55 @@
 
 #include <openssl/err.h>
 #include <openssl/ssl.h>
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
 
 #include "util.h"
 
 void
+print_version(void)
+{
+#ifdef OPENSSL_VERSION_NUMBER
+        printf("OPENSSL_VERSION_NUMBER: %#08lx\n", OPENSSL_VERSION_NUMBER);
+#endif
+#ifdef LIBRESSL_VERSION_NUMBER
+        printf("LIBRESSL_VERSION_NUMBER: %#08lx\n", LIBRESSL_VERSION_NUMBER);
+#endif
+#ifdef LIBRESSL_VERSION_TEXT
+        printf("LIBRESSL_VERSION_TEXT: %s\n", LIBRESSL_VERSION_TEXT);
+#endif
+#if OPENSSL_VERSION_NUMBER >= 0x1010000f
+        printf("OpenSSL_version_num: %#08lx\n", OpenSSL_version_num());
+        printf("OpenSSL_version OPENSSL_VERSION: %s\n",
+            OpenSSL_version(OPENSSL_VERSION));
+        printf("OpenSSL_version OPENSSL_CFLAGS: %s\n",
+            OpenSSL_version(OPENSSL_CFLAGS));
+        printf("OpenSSL_version OPENSSL_BUILT_ON: %s\n",
+            OpenSSL_version(OPENSSL_BUILT_ON));
+        printf("OpenSSL_version OPENSSL_PLATFORM: %s\n",
+            OpenSSL_version(OPENSSL_PLATFORM));
+        printf("OpenSSL_version OPENSSL_DIR: %s\n",
+            OpenSSL_version(OPENSSL_DIR));
+        printf("OpenSSL_version OPENSSL_ENGINES_DIR: %s\n",
+            OpenSSL_version(OPENSSL_ENGINES_DIR));
+#endif
+        printf("SSLeay: %#08lx\n", SSLeay());
+        printf("SSLeay_version SSLEAY_VERSION: %s\n",
+            SSLeay_version(SSLEAY_VERSION));
+        printf("SSLeay_version SSLEAY_CFLAGS: %s\n",
+            SSLeay_version(SSLEAY_CFLAGS));
+        printf("SSLeay_version SSLEAY_BUILT_ON: %s\n",
+            SSLeay_version(SSLEAY_BUILT_ON));
+        printf("SSLeay_version SSLEAY_PLATFORM: %s\n",
+            SSLeay_version(SSLEAY_PLATFORM));
+        printf("SSLeay_version SSLEAY_DIR: %s\n",
+            SSLeay_version(SSLEAY_DIR));
+}
+
+void
 print_ciphers(STACK_OF(SSL_CIPHER) *cstack)
 {
-        SSL_CIPHER *cipher;
+        const SSL_CIPHER *cipher;
         int i;
 
         for (i = 0; (cipher = sk_SSL_CIPHER_value(cstack, i)) != NULL; i++)
diff --git a/src/regress/lib/libssl/interop/util.h b/src/regress/lib/libssl/interop/util.h
index 2fdebf34b3..78f7bb63b6 100644
--- a/src/regress/lib/libssl/interop/util.h
+++ b/src/regress/lib/libssl/interop/util.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: util.h,v 1.1.1.1 2018/11/07 01:08:49 bluhm Exp $      */
+/*      $OpenBSD: util.h,v 1.2 2018/11/07 06:29:26 bluhm Exp $  */
 /*
  * Copyright (c) 2018 Alexander Bluhm <bluhm@openbsd.org>
  *
@@ -15,6 +15,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
+void print_version(void);
 void print_ciphers(STACK_OF(SSL_CIPHER) *);
 void print_sockname(BIO *);
 void print_peername(BIO *);