This commit was manufactured by cvs2git to create tag 'tb_20250414'.tb_20250414

author: cvs2svn <admin@example.com> 2025-04-14 17:32:06 +0000
committer: cvs2svn <admin@example.com> 2025-04-14 17:32:06 +0000
commit: eb8dd9dca1228af0cd132f515509051ecfabf6f6 (patch)
tree: edb6da6af7e865d488dc1a29309f1e1ec226e603 /src/regress/lib/libssl/server
parent: 247f0352e0ed72a4f476db9dc91f4d982bc83eb2 (diff)
download: openbsd-tb_20250414.tar.gz
openbsd-tb_20250414.tar.bz2
openbsd-tb_20250414.zip
2 files changed, 0 insertions, 227 deletions
diff --git a/src/regress/lib/libssl/server/Makefile b/src/regress/lib/libssl/server/Makefile
deleted file mode 100644
index be86dbb1ad..0000000000
--- a/src/regress/lib/libssl/server/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
-#       $OpenBSD: Makefile,v 1.3 2024/03/20 10:38:05 jsing Exp $
-PROG=   servertest
-LDADD=  ${SSL_INT} -lcrypto
-DPADD=  ${LIBSSL} ${LIBCRYPTO}
-WARNINGS=       Yes
-CFLAGS+=        -DLIBRESSL_INTERNAL -Werror
-REGRESS_TARGETS= \
-        regress-servertest
-regress-servertest: ${PROG}
-        ./servertest \
-            ${.CURDIR}/../../libssl/certs/server1-rsa.pem \
-            ${.CURDIR}/../../libssl/certs/server1-rsa-chain.pem \
-            ${.CURDIR}/../../libssl/certs/ca-root-rsa.pem
-.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/server/servertest.c b/src/regress/lib/libssl/server/servertest.c
deleted file mode 100644
index d572d14520..0000000000
--- a/src/regress/lib/libssl/server/servertest.c
+++ /dev/null
@@ -1,209 +0,0 @@
-/* $OpenBSD: servertest.c,v 1.9 2023/07/11 11:52:35 tb Exp $ */
-/*
- * Copyright (c) 2015, 2016, 2017 Joel Sing <jsing@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-#include <openssl/dtls1.h>
-#include <openssl/ssl3.h>
-#include <err.h>
-#include <stdio.h>
-#include <string.h>
-const SSL_METHOD *tls_legacy_method(void);
-char *server_ca_file;
-char *server_cert_file;
-char *server_key_file;
-static unsigned char sslv2_client_hello_tls10[] = {
-        0x80, 0x6a, 0x01, 0x03, 0x01, 0x00, 0x51, 0x00,
-        0x00, 0x00, 0x10, 0x00, 0x00, 0x39, 0x00, 0x00,
-        0x38, 0x00, 0x00, 0x35, 0x00, 0x00, 0x16, 0x00,
-        0x00, 0x13, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x33,
-        0x00, 0x00, 0x32, 0x00, 0x00, 0x2f, 0x00, 0x00,
-        0x07, 0x00, 0x00, 0x66, 0x00, 0x00, 0x05, 0x00,
-        0x00, 0x04, 0x00, 0x00, 0x63, 0x00, 0x00, 0x62,
-        0x00, 0x00, 0x61, 0x00, 0x00, 0x15, 0x00, 0x00,
-        0x12, 0x00, 0x00, 0x09, 0x00, 0x00, 0x65, 0x00,
-        0x00, 0x64, 0x00, 0x00, 0x60, 0x00, 0x00, 0x14,
-        0x00, 0x00, 0x11, 0x00, 0x00, 0x08, 0x00, 0x00,
-        0x06, 0x00, 0x00, 0x03, 0xdd, 0xb6, 0x59, 0x26,
-        0x46, 0xe6, 0x79, 0x77, 0xf4, 0xec, 0x42, 0x76,
-        0xc8, 0x73, 0xad, 0x9c,
-};
-static unsigned char sslv2_client_hello_tls12[] = {
-        0x80, 0xcb, 0x01, 0x03, 0x03, 0x00, 0xa2, 0x00,
-        0x00, 0x00, 0x20, 0x00, 0x00, 0xa5, 0x00, 0x00,
-        0xa3, 0x00, 0x00, 0xa1, 0x00, 0x00, 0x9f, 0x00,
-        0x00, 0x6b, 0x00, 0x00, 0x6a, 0x00, 0x00, 0x69,
-        0x00, 0x00, 0x68, 0x00, 0x00, 0x39, 0x00, 0x00,
-        0x38, 0x00, 0x00, 0x37, 0x00, 0x00, 0x36, 0x00,
-        0x00, 0x88, 0x00, 0x00, 0x87, 0x00, 0x00, 0x86,
-        0x00, 0x00, 0x85, 0x00, 0x00, 0x9d, 0x00, 0x00,
-        0x3d, 0x00, 0x00, 0x35, 0x00, 0x00, 0x84, 0x00,
-        0x00, 0xa4, 0x00, 0x00, 0xa2, 0x00, 0x00, 0xa0,
-        0x00, 0x00, 0x9e, 0x00, 0x00, 0x67, 0x00, 0x00,
-        0x40, 0x00, 0x00, 0x3f, 0x00, 0x00, 0x3e, 0x00,
-        0x00, 0x33, 0x00, 0x00, 0x32, 0x00, 0x00, 0x31,
-        0x00, 0x00, 0x30, 0x00, 0x00, 0x9a, 0x00, 0x00,
-        0x99, 0x00, 0x00, 0x98, 0x00, 0x00, 0x97, 0x00,
-        0x00, 0x45, 0x00, 0x00, 0x44, 0x00, 0x00, 0x43,
-        0x00, 0x00, 0x42, 0x00, 0x00, 0x9c, 0x00, 0x00,
-        0x3c, 0x00, 0x00, 0x2f, 0x00, 0x00, 0x96, 0x00,
-        0x00, 0x41, 0x00, 0x00, 0x07, 0x00, 0x00, 0x05,
-        0x00, 0x00, 0x04, 0x00, 0x00, 0x16, 0x00, 0x00,
-        0x13, 0x00, 0x00, 0x10, 0x00, 0x00, 0x0d, 0x00,
-        0x00, 0x0a, 0x00, 0x00, 0xff, 0x1d, 0xfd, 0x90,
-        0x03, 0x61, 0x3c, 0x5a, 0x22, 0x83, 0xed, 0x11,
-        0x85, 0xf4, 0xea, 0x36, 0x59, 0xd9, 0x1b, 0x27,
-        0x22, 0x01, 0x14, 0x07, 0x66, 0xb2, 0x24, 0xf5,
-        0x4e, 0x7d, 0x9d, 0x9c, 0x52,
-};
-struct server_hello_test {
-        const unsigned char *desc;
-        unsigned char *client_hello;
-        const size_t client_hello_len;
-        const SSL_METHOD *(*ssl_method)(void);
-        const long ssl_clear_options;
-        const long ssl_set_options;
-        int accept_fails;
-};
-static struct server_hello_test server_hello_tests[] = {
-        {
-                .desc = "TLSv1.0 in SSLv2 record",
-                .client_hello = sslv2_client_hello_tls10,
-                .client_hello_len = sizeof(sslv2_client_hello_tls10),
-                .ssl_method = tls_legacy_method,
-                .ssl_clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
-                .ssl_set_options = 0,
-                .accept_fails = 1,
-        },
-        {
-                .desc = "TLSv1.2 in SSLv2 record",
-                .client_hello = sslv2_client_hello_tls12,
-                .client_hello_len = sizeof(sslv2_client_hello_tls12),
-                .ssl_method = tls_legacy_method,
-                .ssl_clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
-                .ssl_set_options = 0,
-                .accept_fails = 1,
-        },
-};
-#define N_SERVER_HELLO_TESTS \
-    (sizeof(server_hello_tests) / sizeof(*server_hello_tests))
-static int
-server_hello_test(int testno, struct server_hello_test *sht)
-{
-        BIO *rbio = NULL, *wbio = NULL;
-        SSL_CTX *ssl_ctx = NULL;
-        SSL *ssl = NULL;
-        int ret = 1;
-        fprintf(stderr, "Test %d - %s\n", testno, sht->desc);
-        if ((rbio = BIO_new_mem_buf(sht->client_hello,
-            sht->client_hello_len)) == NULL) {
-                fprintf(stderr, "Failed to setup rbio\n");
-                goto failure;
-        }
-        if ((wbio = BIO_new(BIO_s_mem())) == NULL) {
-                fprintf(stderr, "Failed to setup wbio\n");
-                goto failure;
-        }
-        if ((ssl_ctx = SSL_CTX_new(sht->ssl_method())) == NULL) {
-                fprintf(stderr, "SSL_CTX_new() returned NULL\n");
-                goto failure;
-        }
-        if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert_file,
-            SSL_FILETYPE_PEM) != 1) {
-                fprintf(stderr, "Failed to load server certificate");
-                goto failure;
-        }
-        if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
-            SSL_FILETYPE_PEM) != 1) {
-                fprintf(stderr, "Failed to load server private key");
-                goto failure;
-        }
-        SSL_CTX_set_dh_auto(ssl_ctx, 1);
-        SSL_CTX_set_ecdh_auto(ssl_ctx, 1);
-        SSL_CTX_clear_options(ssl_ctx, sht->ssl_clear_options);
-        SSL_CTX_set_options(ssl_ctx, sht->ssl_set_options);
-        if ((ssl = SSL_new(ssl_ctx)) == NULL) {
-                fprintf(stderr, "SSL_new() returned NULL\n");
-                goto failure;
-        }
-        BIO_up_ref(rbio);
-        BIO_up_ref(wbio);
-        SSL_set_bio(ssl, rbio, wbio);
-        if (SSL_accept(ssl) != 0) {
-                if (sht->accept_fails)
-                        goto done;
-                fprintf(stderr, "SSL_accept() returned non-zero\n");
-                ERR_print_errors_fp(stderr);
-                goto failure;
-        }
- done:
-        ret = 0;
- failure:
-        SSL_CTX_free(ssl_ctx);
-        SSL_free(ssl);
-        BIO_free(rbio);
-        BIO_free(wbio);
-        return (ret);
-}
-int
-main(int argc, char **argv)
-{
-        int failed = 0;
-        size_t i;
-        if (argc != 4) {
-                fprintf(stderr, "usage: %s keyfile certfile cafile\n",
-                    argv[0]);
-                exit(1);
-        }
-        server_key_file = argv[1];
-        server_cert_file = argv[2];
-        server_ca_file = argv[3];
-        SSL_library_init();
-        SSL_load_error_strings();
-        for (i = 0; i < N_SERVER_HELLO_TESTS; i++)
-                failed |= server_hello_test(i, &server_hello_tests[i]);
-        return (failed);
-}
author	cvs2svn <admin@example.com>	2025-04-14 17:32:06 +0000
committer	cvs2svn <admin@example.com>	2025-04-14 17:32:06 +0000
commit	eb8dd9dca1228af0cd132f515509051ecfabf6f6 (patch)
tree	edb6da6af7e865d488dc1a29309f1e1ec226e603 /src/regress/lib/libssl/server
parent	247f0352e0ed72a4f476db9dc91f4d982bc83eb2 (diff)
download	openbsd-tb_20250414.tar.gz openbsd-tb_20250414.tar.bz2 openbsd-tb_20250414.zip

diff --git a/src/regress/lib/libssl/server/Makefile b/src/regress/lib/libssl/server/Makefile deleted file mode 100644 index be86dbb1ad..0000000000 --- a/src/regress/lib/libssl/server/Makefile +++ /dev/null
@@ -1,18 +0,0 @@
1	# $OpenBSD: Makefile,v 1.3 2024/03/20 10:38:05 jsing Exp $
2
3	PROG= servertest
4	LDADD= ${SSL_INT} -lcrypto
5	DPADD= ${LIBSSL} ${LIBCRYPTO}
6	WARNINGS= Yes
7	CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9	REGRESS_TARGETS= \
10	regress-servertest
11
12	regress-servertest: ${PROG}
13	./servertest \
14	${.CURDIR}/../../libssl/certs/server1-rsa.pem \
15	${.CURDIR}/../../libssl/certs/server1-rsa-chain.pem \
16	${.CURDIR}/../../libssl/certs/ca-root-rsa.pem
17
18	.include <bsd.regress.mk>


diff --git a/src/regress/lib/libssl/server/servertest.c b/src/regress/lib/libssl/server/servertest.c deleted file mode 100644 index d572d14520..0000000000 --- a/src/regress/lib/libssl/server/servertest.c +++ /dev/null
@@ -1,209 +0,0 @@
1	/* $OpenBSD: servertest.c,v 1.9 2023/07/11 11:52:35 tb Exp $ */
2	/*
3	* Copyright (c) 2015, 2016, 2017 Joel Sing <jsing@openbsd.org>
4	*
5	* Permission to use, copy, modify, and distribute this software for any
6	* purpose with or without fee is hereby granted, provided that the above
7	* copyright notice and this permission notice appear in all copies.
8	*
9	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16	*/
17
18	#include <openssl/ssl.h>
19
20	#include <openssl/err.h>
21	#include <openssl/dtls1.h>
22	#include <openssl/ssl3.h>
23
24	#include <err.h>
25	#include <stdio.h>
26	#include <string.h>
27
28	const SSL_METHOD *tls_legacy_method(void);
29
30	char *server_ca_file;
31	char *server_cert_file;
32	char *server_key_file;
33
34	static unsigned char sslv2_client_hello_tls10[] = {
35	0x80, 0x6a, 0x01, 0x03, 0x01, 0x00, 0x51, 0x00,
36	0x00, 0x00, 0x10, 0x00, 0x00, 0x39, 0x00, 0x00,
37	0x38, 0x00, 0x00, 0x35, 0x00, 0x00, 0x16, 0x00,
38	0x00, 0x13, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x33,
39	0x00, 0x00, 0x32, 0x00, 0x00, 0x2f, 0x00, 0x00,
40	0x07, 0x00, 0x00, 0x66, 0x00, 0x00, 0x05, 0x00,
41	0x00, 0x04, 0x00, 0x00, 0x63, 0x00, 0x00, 0x62,
42	0x00, 0x00, 0x61, 0x00, 0x00, 0x15, 0x00, 0x00,
43	0x12, 0x00, 0x00, 0x09, 0x00, 0x00, 0x65, 0x00,
44	0x00, 0x64, 0x00, 0x00, 0x60, 0x00, 0x00, 0x14,
45	0x00, 0x00, 0x11, 0x00, 0x00, 0x08, 0x00, 0x00,
46	0x06, 0x00, 0x00, 0x03, 0xdd, 0xb6, 0x59, 0x26,
47	0x46, 0xe6, 0x79, 0x77, 0xf4, 0xec, 0x42, 0x76,
48	0xc8, 0x73, 0xad, 0x9c,
49	};
50
51	static unsigned char sslv2_client_hello_tls12[] = {
52	0x80, 0xcb, 0x01, 0x03, 0x03, 0x00, 0xa2, 0x00,
53	0x00, 0x00, 0x20, 0x00, 0x00, 0xa5, 0x00, 0x00,
54	0xa3, 0x00, 0x00, 0xa1, 0x00, 0x00, 0x9f, 0x00,
55	0x00, 0x6b, 0x00, 0x00, 0x6a, 0x00, 0x00, 0x69,
56	0x00, 0x00, 0x68, 0x00, 0x00, 0x39, 0x00, 0x00,
57	0x38, 0x00, 0x00, 0x37, 0x00, 0x00, 0x36, 0x00,
58	0x00, 0x88, 0x00, 0x00, 0x87, 0x00, 0x00, 0x86,
59	0x00, 0x00, 0x85, 0x00, 0x00, 0x9d, 0x00, 0x00,
60	0x3d, 0x00, 0x00, 0x35, 0x00, 0x00, 0x84, 0x00,
61	0x00, 0xa4, 0x00, 0x00, 0xa2, 0x00, 0x00, 0xa0,
62	0x00, 0x00, 0x9e, 0x00, 0x00, 0x67, 0x00, 0x00,
63	0x40, 0x00, 0x00, 0x3f, 0x00, 0x00, 0x3e, 0x00,
64	0x00, 0x33, 0x00, 0x00, 0x32, 0x00, 0x00, 0x31,
65	0x00, 0x00, 0x30, 0x00, 0x00, 0x9a, 0x00, 0x00,
66	0x99, 0x00, 0x00, 0x98, 0x00, 0x00, 0x97, 0x00,
67	0x00, 0x45, 0x00, 0x00, 0x44, 0x00, 0x00, 0x43,
68	0x00, 0x00, 0x42, 0x00, 0x00, 0x9c, 0x00, 0x00,
69	0x3c, 0x00, 0x00, 0x2f, 0x00, 0x00, 0x96, 0x00,
70	0x00, 0x41, 0x00, 0x00, 0x07, 0x00, 0x00, 0x05,
71	0x00, 0x00, 0x04, 0x00, 0x00, 0x16, 0x00, 0x00,
72	0x13, 0x00, 0x00, 0x10, 0x00, 0x00, 0x0d, 0x00,
73	0x00, 0x0a, 0x00, 0x00, 0xff, 0x1d, 0xfd, 0x90,
74	0x03, 0x61, 0x3c, 0x5a, 0x22, 0x83, 0xed, 0x11,
75	0x85, 0xf4, 0xea, 0x36, 0x59, 0xd9, 0x1b, 0x27,
76	0x22, 0x01, 0x14, 0x07, 0x66, 0xb2, 0x24, 0xf5,
77	0x4e, 0x7d, 0x9d, 0x9c, 0x52,
78	};
79
80	struct server_hello_test {
81	const unsigned char *desc;
82	unsigned char *client_hello;
83	const size_t client_hello_len;
84	const SSL_METHOD (ssl_method)(void);
85	const long ssl_clear_options;
86	const long ssl_set_options;
87	int accept_fails;
88	};
89
90	static struct server_hello_test server_hello_tests[] = {
91	{
92	.desc = "TLSv1.0 in SSLv2 record",
93	.client_hello = sslv2_client_hello_tls10,
94	.client_hello_len = sizeof(sslv2_client_hello_tls10),
95	.ssl_method = tls_legacy_method,
96	.ssl_clear_options = SSL_OP_NO_TLSv1 \| SSL_OP_NO_TLSv1_1,
97	.ssl_set_options = 0,
98	.accept_fails = 1,
99	},
100	{
101	.desc = "TLSv1.2 in SSLv2 record",
102	.client_hello = sslv2_client_hello_tls12,
103	.client_hello_len = sizeof(sslv2_client_hello_tls12),
104	.ssl_method = tls_legacy_method,
105	.ssl_clear_options = SSL_OP_NO_TLSv1 \| SSL_OP_NO_TLSv1_1,
106	.ssl_set_options = 0,
107	.accept_fails = 1,
108	},
109	};
110
111	#define N_SERVER_HELLO_TESTS \
112	(sizeof(server_hello_tests) / sizeof(*server_hello_tests))
113
114	static int
115	server_hello_test(int testno, struct server_hello_test *sht)
116	{
117	BIO rbio = NULL, wbio = NULL;
118	SSL_CTX *ssl_ctx = NULL;
119	SSL *ssl = NULL;
120	int ret = 1;
121
122	fprintf(stderr, "Test %d - %s\n", testno, sht->desc);
123
124	if ((rbio = BIO_new_mem_buf(sht->client_hello,
125	sht->client_hello_len)) == NULL) {
126	fprintf(stderr, "Failed to setup rbio\n");
127	goto failure;
128	}
129	if ((wbio = BIO_new(BIO_s_mem())) == NULL) {
130	fprintf(stderr, "Failed to setup wbio\n");
131	goto failure;
132	}
133
134	if ((ssl_ctx = SSL_CTX_new(sht->ssl_method())) == NULL) {
135	fprintf(stderr, "SSL_CTX_new() returned NULL\n");
136	goto failure;
137	}
138
139	if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert_file,
140	SSL_FILETYPE_PEM) != 1) {
141	fprintf(stderr, "Failed to load server certificate");
142	goto failure;
143	}
144	if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
145	SSL_FILETYPE_PEM) != 1) {
146	fprintf(stderr, "Failed to load server private key");
147	goto failure;
148	}
149
150	SSL_CTX_set_dh_auto(ssl_ctx, 1);
151	SSL_CTX_set_ecdh_auto(ssl_ctx, 1);
152
153	SSL_CTX_clear_options(ssl_ctx, sht->ssl_clear_options);
154	SSL_CTX_set_options(ssl_ctx, sht->ssl_set_options);
155
156	if ((ssl = SSL_new(ssl_ctx)) == NULL) {
157	fprintf(stderr, "SSL_new() returned NULL\n");
158	goto failure;
159	}
160
161	BIO_up_ref(rbio);
162	BIO_up_ref(wbio);
163	SSL_set_bio(ssl, rbio, wbio);
164
165	if (SSL_accept(ssl) != 0) {
166	if (sht->accept_fails)
167	goto done;
168	fprintf(stderr, "SSL_accept() returned non-zero\n");
169	ERR_print_errors_fp(stderr);
170	goto failure;
171	}
172
173	done:
174	ret = 0;
175
176	failure:
177	SSL_CTX_free(ssl_ctx);
178	SSL_free(ssl);
179
180	BIO_free(rbio);
181	BIO_free(wbio);
182
183	return (ret);
184	}
185
186	int
187	main(int argc, char **argv)
188	{
189	int failed = 0;
190	size_t i;
191
192	if (argc != 4) {
193	fprintf(stderr, "usage: %s keyfile certfile cafile\n",
194	argv[0]);
195	exit(1);
196	}
197
198	server_key_file = argv[1];
199	server_cert_file = argv[2];
200	server_ca_file = argv[3];
201
202	SSL_library_init();
203	SSL_load_error_strings();
204
205	for (i = 0; i < N_SERVER_HELLO_TESTS; i++)
206	failed \|= server_hello_test(i, &server_hello_tests[i]);
207
208	return (failed);
209	}