summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl/interop/cipher
diff options
context:
space:
mode:
authortb <>2023-02-01 14:39:09 +0000
committertb <>2023-02-01 14:39:09 +0000
commit286da5b604ab0d9758d26a1ae1aecce4c34e4dbf (patch)
tree551c73b209e1ac3dd50d2eeccbd49b3e2c8439d4 /src/regress/lib/libssl/interop/cipher
parentbb11cbb827cae01ad8929c5c40a3dd254cac08f6 (diff)
downloadopenbsd-286da5b604ab0d9758d26a1ae1aecce4c34e4dbf.tar.gz
openbsd-286da5b604ab0d9758d26a1ae1aecce4c34e4dbf.tar.bz2
openbsd-286da5b604ab0d9758d26a1ae1aecce4c34e4dbf.zip
Retire OpenSSL 1.0.2 interop
Now that the OpenSSL 1.0.2 port is gone, there's no need to keep the interop tests anymore. anton's and bluhm's regress tests will switch to testing interoperability with OpenSSL 3.0.
Diffstat (limited to 'src/regress/lib/libssl/interop/cipher')
-rw-r--r--src/regress/lib/libssl/interop/cipher/Makefile16
1 files changed, 3 insertions, 13 deletions
diff --git a/src/regress/lib/libssl/interop/cipher/Makefile b/src/regress/lib/libssl/interop/cipher/Makefile
index 46951f6782..3cb4330d31 100644
--- a/src/regress/lib/libssl/interop/cipher/Makefile
+++ b/src/regress/lib/libssl/interop/cipher/Makefile
@@ -1,7 +1,7 @@
1# $OpenBSD: Makefile,v 1.10 2023/01/27 08:28:36 tb Exp $ 1# $OpenBSD: Makefile,v 1.11 2023/02/01 14:39:09 tb Exp $
2 2
3# Connect a client to a server. Both can be current libressl, or 3# Connect a client to a server. Both can be current libressl, or
4# openssl 1.0.2, 1.1, or 3.0. Create lists of supported ciphers 4# openssl 1.1 or 3.0. Create lists of supported ciphers
5# and pin client and server to one of the ciphers. Use server 5# and pin client and server to one of the ciphers. Use server
6# certificate with compatible type. Check that client and server 6# certificate with compatible type. Check that client and server
7# have used correct cipher by grepping in their session print out. 7# have used correct cipher by grepping in their session print out.
@@ -18,9 +18,6 @@ check-cipher-GOST2012256-GOST89-GOST89-client-libressl-server-libressl:
18 @echo DISABLED 18 @echo DISABLED
19 19
20LIBRARIES = libressl 20LIBRARIES = libressl
21.if exists(/usr/local/bin/eopenssl)
22LIBRARIES += openssl
23.endif
24.if exists(/usr/local/bin/eopenssl11) 21.if exists(/usr/local/bin/eopenssl11)
25LIBRARIES += openssl11 22LIBRARIES += openssl11
26.endif 23.endif
@@ -84,7 +81,6 @@ regress: ciphers.mk
84.endif 81.endif
85 82
86LEVEL_libressl = 83LEVEL_libressl =
87LEVEL_openssl =
88LEVEL_openssl11 = ,@SECLEVEL=0 84LEVEL_openssl11 = ,@SECLEVEL=0
89LEVEL_openssl30 = ,@SECLEVEL=0 85LEVEL_openssl30 = ,@SECLEVEL=0
90 86
@@ -104,12 +100,7 @@ TYPE_${cipher} = rsa
104TYPE_${cipher} = 127.0.0.1 100TYPE_${cipher} = 127.0.0.1
105.endif 101.endif
106 102
107.if "${slib}" == "openssl" && \
108 "${cipher:MADH-*}${cipher:MEDH-*}${cipher:MDHE-*}" != ""
109DHPARAM_${cipher}_${slib} = -p dh.param
110.else
111DHPARAM_${cipher}_${slib} = 103DHPARAM_${cipher}_${slib} =
112.endif
113 104
114.if ("${clib}" == "libressl" || "${slib}" == "libressl") 105.if ("${clib}" == "libressl" || "${slib}" == "libressl")
115REGRESS_TARGETS += run-cipher-${cipher}-client-${clib}-server-${slib} 106REGRESS_TARGETS += run-cipher-${cipher}-client-${clib}-server-${slib}
@@ -141,8 +132,7 @@ REGRESS_SLOW_TARGETS += check-cipher-${cipher}-client-${clib}-server-${slib}
141check-cipher-${cipher}-client-${clib}-server-${slib}: \ 132check-cipher-${cipher}-client-${clib}-server-${slib}: \
142 client-cipher-${cipher}-client-${clib}-server-${slib}.out \ 133 client-cipher-${cipher}-client-${clib}-server-${slib}.out \
143 server-cipher-${cipher}-client-${clib}-server-${slib}.out 134 server-cipher-${cipher}-client-${clib}-server-${slib}.out
144.if "${clib}" != "openssl" && "${slib}" != "openssl" && \ 135.if "${cipher:C/TLS_(AES.*_GCM|CHACHA.*_POLY.*)_SHA.*/TLS1_3/}" != TLS1_3
145 "${cipher:C/TLS_(AES.*_GCM|CHACHA.*_POLY.*)_SHA.*/TLS1_3/}" != TLS1_3
146 # client and server 1.3 capable, not TLS 1.3 cipher 136 # client and server 1.3 capable, not TLS 1.3 cipher
147. if "${clib}" == "libressl" 137. if "${clib}" == "libressl"
148 # libressl client may prefer chacha-poly if aes-ni is not supported 138 # libressl client may prefer chacha-poly if aes-ni is not supported