Rewrite get_put_test() as cipher_find_test().

The get_cipher_by_char() and put_cipher_by_char() pointers are no longer accessible on the SSL_METHOD (and soon will not even exist). Rewrite the test to use SSL_CIPHER_find() instead.
author: jsing <> 2021-07-03 14:52:12 +0000
committer: jsing <> 2021-07-03 14:52:12 +0000
commit: 01d3cb38351c42cd85db30d9fef1682001d52f88 (patch)
tree: 07c2497afa8940043b1240cf870e3f10d790f713 /src
parent: e11b2dc91aab6bc54d54c61b141471abd866d596 (diff)
download: openbsd-01d3cb38351c42cd85db30d9fef1682001d52f88.tar.gz
openbsd-01d3cb38351c42cd85db30d9fef1682001d52f88.tar.bz2
openbsd-01d3cb38351c42cd85db30d9fef1682001d52f88.zip
1 files changed, 25 insertions, 54 deletions
diff --git a/src/regress/lib/libssl/ciphers/cipherstest.c b/src/regress/lib/libssl/ciphers/cipherstest.c
index 8626bc06b4..f3bd841130 100644
--- a/src/regress/lib/libssl/ciphers/cipherstest.c
+++ b/src/regress/lib/libssl/ciphers/cipherstest.c
@@ -32,9 +32,8 @@ ssl_aes_is_accelerated(void)
 #endif
 }
-#if 0
 static int
-get_put_test(const char *name, const SSL_METHOD *method)
+cipher_find_test(void)
 {
        STACK_OF(SSL_CIPHER) *ciphers;
        const SSL_CIPHER *cipher;
@@ -42,42 +41,46 @@ get_put_test(const char *name, const SSL_METHOD *method)
        SSL_CTX *ssl_ctx = NULL;
        SSL *ssl = NULL;
        int ret = 1;
-        int i, len;
+        int i;
-        if ((len = method->put_cipher_by_char(NULL, NULL)) != 2) {
-                fprintf(stderr,
-                    "%s: put_cipher_by_char() returned len %i (want 2)\n",
-                    name, len);
-                return (1);
-        }
-        if ((ssl_ctx = SSL_CTX_new(method)) == NULL) {
+        if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL) {
-                fprintf(stderr, "%s: SSL_CTX_new() returned NULL\n", name);
+                fprintf(stderr, "SSL_CTX_new() returned NULL\n");
                goto failure;
        }
        if ((ssl = SSL_new(ssl_ctx)) == NULL) {
-                fprintf(stderr, "%s: SSL_new() returned NULL\n", name);
+                fprintf(stderr, "SSL_new() returned NULL\n");
+                goto failure;
+        }
+        if (!SSL_set_cipher_list(ssl, "ALL")) {
+                fprintf(stderr, "SSL_set_cipher_list failed\n");
                goto failure;
        }
        if ((ciphers = SSL_get_ciphers(ssl)) == NULL) {
-                fprintf(stderr, "%s: no ciphers\n", name);
+                fprintf(stderr, "no ciphers\n");
                goto failure;
        }
        for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
+                uint16_t cipher_value;
                cipher = sk_SSL_CIPHER_value(ciphers, i);
-                if ((len = method->put_cipher_by_char(cipher, buf)) != 2) {
+                cipher_value = SSL_CIPHER_get_value(cipher);
+                buf[0] = cipher_value >> 8;
+                buf[1] = cipher_value & 0xff;
+                if ((cipher = SSL_CIPHER_find(ssl, buf)) == NULL) {
                        fprintf(stderr,
-                            "%s: put_cipher_by_char() returned len %i for %s "
+                            "SSL_CIPHER_find() returned NULL for %s\n",
-                            "(want 2)\n",
+                            SSL_CIPHER_get_name(cipher));
-                            name, len, SSL_CIPHER_get_name(cipher));
                        goto failure;
                }
-                if ((cipher = method->get_cipher_by_char(buf)) == NULL) {
+                if (SSL_CIPHER_get_value(cipher) != cipher_value) {
                        fprintf(stderr,
-                            "%s: get_cipher_by_char() returned NULL for %s\n",
+                            "got cipher with value 0x%x, want 0x%x\n",
-                            name, SSL_CIPHER_get_name(cipher));
+                            SSL_CIPHER_get_value(cipher), cipher_value);
                        goto failure;
                }
        }
@@ -92,35 +95,6 @@ get_put_test(const char *name, const SSL_METHOD *method)
 }
 static int
-cipher_get_put_tests(void)
-{
-        int failed = 0;
-        failed |= get_put_test("SSLv23", SSLv23_method());
-        failed |= get_put_test("SSLv23_client", SSLv23_client_method());
-        failed |= get_put_test("SSLv23_server", SSLv23_server_method());
-        failed |= get_put_test("TLSv1", TLSv1_method());
-        failed |= get_put_test("TLSv1_client", TLSv1_client_method());
-        failed |= get_put_test("TLSv1_server", TLSv1_server_method());
-        failed |= get_put_test("TLSv1_1", TLSv1_1_method());
-        failed |= get_put_test("TLSv1_1_client", TLSv1_1_client_method());
-        failed |= get_put_test("TLSv1_1_server", TLSv1_1_server_method());
-        failed |= get_put_test("TLSv1_2", TLSv1_2_method());
-        failed |= get_put_test("TLSv1_2_client", TLSv1_2_client_method());
-        failed |= get_put_test("TLSv1_2_server", TLSv1_2_server_method());
-        failed |= get_put_test("DTLSv1", DTLSv1_method());
-        failed |= get_put_test("DTLSv1_client", DTLSv1_client_method());
-        failed |= get_put_test("DTLSv1_server", DTLSv1_server_method());
-        return failed;
-}
-#endif
-static int
 cipher_get_by_value_tests(void)
 {
        STACK_OF(SSL_CIPHER) *ciphers;
@@ -510,10 +484,7 @@ main(int argc, char **argv)
 {
        int failed = 0;
-#if 0
+        failed |= cipher_find_test();
-        failed |= cipher_get_put_tests();
-#endif
        failed |= cipher_get_by_value_tests();
        failed |= parse_ciphersuites_test();
author	jsing <>	2021-07-03 14:52:12 +0000
committer	jsing <>	2021-07-03 14:52:12 +0000
commit	01d3cb38351c42cd85db30d9fef1682001d52f88 (patch)
tree	07c2497afa8940043b1240cf870e3f10d790f713 /src
parent	e11b2dc91aab6bc54d54c61b141471abd866d596 (diff)
download	openbsd-01d3cb38351c42cd85db30d9fef1682001d52f88.tar.gz openbsd-01d3cb38351c42cd85db30d9fef1682001d52f88.tar.bz2 openbsd-01d3cb38351c42cd85db30d9fef1682001d52f88.zip

diff --git a/src/regress/lib/libssl/ciphers/cipherstest.c b/src/regress/lib/libssl/ciphers/cipherstest.c index 8626bc06b4..f3bd841130 100644 --- a/src/regress/lib/libssl/ciphers/cipherstest.c +++ b/src/regress/lib/libssl/ciphers/cipherstest.c
@@ -32,9 +32,8 @@ ssl_aes_is_accelerated(void)
32	#endif	32	#endif
33	}	33	}
34		34
35	#if 0
36	static int	35	static int
37	get_put_test(const char name, const SSL_METHOD method)	36	cipher_find_test(void)
38	{	37	{
39	STACK_OF(SSL_CIPHER) *ciphers;	38	STACK_OF(SSL_CIPHER) *ciphers;
40	const SSL_CIPHER *cipher;	39	const SSL_CIPHER *cipher;
@@ -42,42 +41,46 @@ get_put_test(const char name, const SSL_METHOD method)
42	SSL_CTX *ssl_ctx = NULL;	41	SSL_CTX *ssl_ctx = NULL;
43	SSL *ssl = NULL;	42	SSL *ssl = NULL;
44	int ret = 1;	43	int ret = 1;
45	int i, len;	44	int i;
46
47	if ((len = method->put_cipher_by_char(NULL, NULL)) != 2) {
48	fprintf(stderr,
49	"%s: put_cipher_by_char() returned len %i (want 2)\n",
50	name, len);
51	return (1);
52	}
53		45
54	if ((ssl_ctx = SSL_CTX_new(method)) == NULL) {	46	if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL) {
55	fprintf(stderr, "%s: SSL_CTX_new() returned NULL\n", name);	47	fprintf(stderr, "SSL_CTX_new() returned NULL\n");
56	goto failure;	48	goto failure;
57	}	49	}
58	if ((ssl = SSL_new(ssl_ctx)) == NULL) {	50	if ((ssl = SSL_new(ssl_ctx)) == NULL) {
59	fprintf(stderr, "%s: SSL_new() returned NULL\n", name);	51	fprintf(stderr, "SSL_new() returned NULL\n");
		52	goto failure;
		53	}
		54	if (!SSL_set_cipher_list(ssl, "ALL")) {
		55	fprintf(stderr, "SSL_set_cipher_list failed\n");
60	goto failure;	56	goto failure;
61	}	57	}
62		58
63	if ((ciphers = SSL_get_ciphers(ssl)) == NULL) {	59	if ((ciphers = SSL_get_ciphers(ssl)) == NULL) {
64	fprintf(stderr, "%s: no ciphers\n", name);	60	fprintf(stderr, "no ciphers\n");
65	goto failure;	61	goto failure;
66	}	62	}
67		63
68	for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {	64	for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
		65	uint16_t cipher_value;
		66
69	cipher = sk_SSL_CIPHER_value(ciphers, i);	67	cipher = sk_SSL_CIPHER_value(ciphers, i);
70	if ((len = method->put_cipher_by_char(cipher, buf)) != 2) {	68	cipher_value = SSL_CIPHER_get_value(cipher);
		69
		70	buf[0] = cipher_value >> 8;
		71	buf[1] = cipher_value & 0xff;
		72
		73	if ((cipher = SSL_CIPHER_find(ssl, buf)) == NULL) {
71	fprintf(stderr,	74	fprintf(stderr,
72	"%s: put_cipher_by_char() returned len %i for %s "	75	"SSL_CIPHER_find() returned NULL for %s\n",
73	"(want 2)\n",	76	SSL_CIPHER_get_name(cipher));
74	name, len, SSL_CIPHER_get_name(cipher));
75	goto failure;	77	goto failure;
76	}	78	}
77	if ((cipher = method->get_cipher_by_char(buf)) == NULL) {	79
		80	if (SSL_CIPHER_get_value(cipher) != cipher_value) {
78	fprintf(stderr,	81	fprintf(stderr,
79	"%s: get_cipher_by_char() returned NULL for %s\n",	82	"got cipher with value 0x%x, want 0x%x\n",
80	name, SSL_CIPHER_get_name(cipher));	83	SSL_CIPHER_get_value(cipher), cipher_value);
81	goto failure;	84	goto failure;
82	}	85	}
83	}	86	}
@@ -92,35 +95,6 @@ get_put_test(const char name, const SSL_METHOD method)
92	}	95	}
93		96
94	static int	97	static int
95	cipher_get_put_tests(void)
96	{
97	int failed = 0;
98
99	failed \|= get_put_test("SSLv23", SSLv23_method());
100	failed \|= get_put_test("SSLv23_client", SSLv23_client_method());
101	failed \|= get_put_test("SSLv23_server", SSLv23_server_method());
102
103	failed \|= get_put_test("TLSv1", TLSv1_method());
104	failed \|= get_put_test("TLSv1_client", TLSv1_client_method());
105	failed \|= get_put_test("TLSv1_server", TLSv1_server_method());
106
107	failed \|= get_put_test("TLSv1_1", TLSv1_1_method());
108	failed \|= get_put_test("TLSv1_1_client", TLSv1_1_client_method());
109	failed \|= get_put_test("TLSv1_1_server", TLSv1_1_server_method());
110
111	failed \|= get_put_test("TLSv1_2", TLSv1_2_method());
112	failed \|= get_put_test("TLSv1_2_client", TLSv1_2_client_method());
113	failed \|= get_put_test("TLSv1_2_server", TLSv1_2_server_method());
114
115	failed \|= get_put_test("DTLSv1", DTLSv1_method());
116	failed \|= get_put_test("DTLSv1_client", DTLSv1_client_method());
117	failed \|= get_put_test("DTLSv1_server", DTLSv1_server_method());
118
119	return failed;
120	}
121	#endif
122
123	static int
124	cipher_get_by_value_tests(void)	98	cipher_get_by_value_tests(void)
125	{	99	{
126	STACK_OF(SSL_CIPHER) *ciphers;	100	STACK_OF(SSL_CIPHER) *ciphers;
@@ -510,10 +484,7 @@ main(int argc, char **argv)
510	{	484	{
511	int failed = 0;	485	int failed = 0;
512		486
513	#if 0	487	failed \|= cipher_find_test();
514	failed \|= cipher_get_put_tests();
515	#endif
516
517	failed \|= cipher_get_by_value_tests();	488	failed \|= cipher_get_by_value_tests();
518		489
519	failed \|= parse_ciphersuites_test();	490	failed \|= parse_ciphersuites_test();