summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authortb <>2024-08-18 09:14:17 +0000
committertb <>2024-08-18 09:14:17 +0000
commit9bf6dcf903a69a1bdcb775ae3133c6e4a34714d9 (patch)
tree1cde2f0e848ef602837dec9224c3ad7a15990c30 /src
parente7c2883bfd13e329ef5acff5caddef46e0b02708 (diff)
downloadopenbsd-9bf6dcf903a69a1bdcb775ae3133c6e4a34714d9.tar.gz
openbsd-9bf6dcf903a69a1bdcb775ae3133c6e4a34714d9.tar.bz2
openbsd-9bf6dcf903a69a1bdcb775ae3133c6e4a34714d9.zip
Add support for openssl32 in interop test
Diffstat (limited to 'src')
-rw-r--r--src/regress/lib/libssl/interop/Makefile4
-rw-r--r--src/regress/lib/libssl/interop/botan/Makefile5
-rw-r--r--src/regress/lib/libssl/interop/cert/Makefile5
-rw-r--r--src/regress/lib/libssl/interop/cipher/Makefile12
-rw-r--r--src/regress/lib/libssl/interop/netcat/Makefile5
-rw-r--r--src/regress/lib/libssl/interop/openssl32/Makefile43
-rw-r--r--src/regress/lib/libssl/interop/session/Makefile5
7 files changed, 70 insertions, 9 deletions
diff --git a/src/regress/lib/libssl/interop/Makefile b/src/regress/lib/libssl/interop/Makefile
index 82bef2314d..0a545aded7 100644
--- a/src/regress/lib/libssl/interop/Makefile
+++ b/src/regress/lib/libssl/interop/Makefile
@@ -1,6 +1,6 @@
1# $OpenBSD: Makefile,v 1.18 2023/10/30 17:15:21 tb Exp $ 1# $OpenBSD: Makefile,v 1.19 2024/08/18 09:14:17 tb Exp $
2 2
3SUBDIR = libressl openssl11 openssl30 openssl31 3SUBDIR = libressl openssl11 openssl30 openssl31 openssl32
4 4
5# the above binaries must have been built before we can continue 5# the above binaries must have been built before we can continue
6SUBDIR += netcat 6SUBDIR += netcat
diff --git a/src/regress/lib/libssl/interop/botan/Makefile b/src/regress/lib/libssl/interop/botan/Makefile
index b9570b815a..acc350a936 100644
--- a/src/regress/lib/libssl/interop/botan/Makefile
+++ b/src/regress/lib/libssl/interop/botan/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.7 2023/10/30 17:15:21 tb Exp $ 1# $OpenBSD: Makefile,v 1.8 2024/08/18 09:14:17 tb Exp $
2 2
3.include <bsd.own.mk> 3.include <bsd.own.mk>
4 4
@@ -29,6 +29,9 @@ LIBRARIES += openssl30
29.if exists(/usr/local/bin/eopenssl31) 29.if exists(/usr/local/bin/eopenssl31)
30LIBRARIES += openssl31 30LIBRARIES += openssl31
31.endif 31.endif
32.if exists(/usr/local/bin/eopenssl32)
33LIBRARIES += openssl32
34.endif
32 35
33PROGS = client 36PROGS = client
34SRCS_client = client.cpp 37SRCS_client = client.cpp
diff --git a/src/regress/lib/libssl/interop/cert/Makefile b/src/regress/lib/libssl/interop/cert/Makefile
index ae755be223..8c37d8a4f8 100644
--- a/src/regress/lib/libssl/interop/cert/Makefile
+++ b/src/regress/lib/libssl/interop/cert/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.11 2023/10/30 17:15:21 tb Exp $ 1# $OpenBSD: Makefile,v 1.12 2024/08/18 09:14:17 tb Exp $
2 2
3# Connect a client to a server. Both can be current libressl, or 3# Connect a client to a server. Both can be current libressl, or
4# openssl 1.1 or 3.0. Create client and server certificates 4# openssl 1.1 or 3.0. Create client and server certificates
@@ -16,6 +16,9 @@ LIBRARIES += openssl30
16.if exists(/usr/local/bin/eopenssl31) 16.if exists(/usr/local/bin/eopenssl31)
17LIBRARIES += openssl31 17LIBRARIES += openssl31
18.endif 18.endif
19.if exists(/usr/local/bin/eopenssl32)
20LIBRARIES += openssl32
21.endif
19 22
20.for cca in noca ca fakeca 23.for cca in noca ca fakeca
21.for sca in noca ca fakeca 24.for sca in noca ca fakeca
diff --git a/src/regress/lib/libssl/interop/cipher/Makefile b/src/regress/lib/libssl/interop/cipher/Makefile
index 3a116d5ed5..70eaeec44c 100644
--- a/src/regress/lib/libssl/interop/cipher/Makefile
+++ b/src/regress/lib/libssl/interop/cipher/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.14 2024/02/03 15:58:34 beck Exp $ 1# $OpenBSD: Makefile,v 1.15 2024/08/18 09:14:17 tb Exp $
2 2
3# Connect a client to a server. Both can be current libressl, or 3# Connect a client to a server. Both can be current libressl, or
4# openssl 1.1 or 3.0. Create lists of supported ciphers 4# openssl 1.1 or 3.0. Create lists of supported ciphers
@@ -16,6 +16,9 @@ LIBRARIES += openssl30
16.if exists(/usr/local/bin/eopenssl31) 16.if exists(/usr/local/bin/eopenssl31)
17LIBRARIES += openssl31 17LIBRARIES += openssl31
18.endif 18.endif
19.if exists(/usr/local/bin/eopenssl32)
20LIBRARIES += openssl32
21.endif
19 22
20CLEANFILES = *.tmp *.ciphers ciphers.mk 23CLEANFILES = *.tmp *.ciphers ciphers.mk
21 24
@@ -46,7 +49,8 @@ client-${clib}-server-${slib}.ciphers: \
46 sort $@ client-libressl.ciphers >$@.tmp 49 sort $@ client-libressl.ciphers >$@.tmp
47. if "${clib}" == "openssl11" || "${slib}" == "openssl11" || \ 50. if "${clib}" == "openssl11" || "${slib}" == "openssl11" || \
48 "${clib}" == "openssl30" || "${slib}" == "openssl30" || \ 51 "${clib}" == "openssl30" || "${slib}" == "openssl30" || \
49 "${clib}" == "openssl31" || "${slib}" == "openssl31" 52 "${clib}" == "openssl31" || "${slib}" == "openssl31" || \
53 "${clib}" == "openssl32" || "${slib}" == "openssl32"
50 # OpenSSL's SSL_CTX_set_cipher_list doesn't accept TLSv1.3 ciphers 54 # OpenSSL's SSL_CTX_set_cipher_list doesn't accept TLSv1.3 ciphers
51 sed -i '/^TLS_/d' $@.tmp 55 sed -i '/^TLS_/d' $@.tmp
52. endif 56. endif
@@ -76,6 +80,8 @@ regress: ciphers.mk
76LEVEL_libressl = 80LEVEL_libressl =
77LEVEL_openssl11 = ,@SECLEVEL=0 81LEVEL_openssl11 = ,@SECLEVEL=0
78LEVEL_openssl30 = ,@SECLEVEL=0 82LEVEL_openssl30 = ,@SECLEVEL=0
83LEVEL_openssl31 = ,@SECLEVEL=0
84LEVEL_openssl32 = ,@SECLEVEL=0
79 85
80.for clib in ${LIBRARIES} 86.for clib in ${LIBRARIES}
81.for slib in ${LIBRARIES} 87.for slib in ${LIBRARIES}
@@ -136,7 +142,7 @@ check-cipher-${cipher}-client-${clib}-server-${slib}: \
136. endif 142. endif
137. if "${clib}" == "libressl" 143. if "${clib}" == "libressl"
138 # libressl client may prefer chacha-poly if aes-ni is not supported 144 # libressl client may prefer chacha-poly if aes-ni is not supported
139. if "${slib}" == "openssl11" || "${slib}" == "openssl30" || "${slib}" == "openssl31" 145. if "${slib}" == "openssl11" || "${slib}" == "openssl30" || "${slib}" == "openssl31" || "${slib}" == "openssl32"
140 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out 146 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out
141. else 147. else
142 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out 148 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out
diff --git a/src/regress/lib/libssl/interop/netcat/Makefile b/src/regress/lib/libssl/interop/netcat/Makefile
index 568c4d255a..3e3e4efd1e 100644
--- a/src/regress/lib/libssl/interop/netcat/Makefile
+++ b/src/regress/lib/libssl/interop/netcat/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.7 2023/10/30 17:15:21 tb Exp $ 1# $OpenBSD: Makefile,v 1.8 2024/08/18 09:14:17 tb Exp $
2 2
3LIBRARIES = libressl 3LIBRARIES = libressl
4.if exists(/usr/local/bin/eopenssl11) 4.if exists(/usr/local/bin/eopenssl11)
@@ -10,6 +10,9 @@ LIBRARIES += openssl30
10.if exists(/usr/local/bin/eopenssl31) 10.if exists(/usr/local/bin/eopenssl31)
11LIBRARIES += openssl31 11LIBRARIES += openssl31
12.endif 12.endif
13.if exists(/usr/local/bin/eopenssl32)
14LIBRARIES += openssl32
15.endif
13 16
14# run netcat server and connect with test client 17# run netcat server and connect with test client
15 18
diff --git a/src/regress/lib/libssl/interop/openssl32/Makefile b/src/regress/lib/libssl/interop/openssl32/Makefile
new file mode 100644
index 0000000000..12536d0c89
--- /dev/null
+++ b/src/regress/lib/libssl/interop/openssl32/Makefile
@@ -0,0 +1,43 @@
1# $OpenBSD: Makefile,v 1.1 2024/08/18 09:14:17 tb Exp $
2
3.if ! exists(/usr/local/bin/eopenssl32)
4regress:
5 # install openssl-3.2 ports for interop tests
6 @echo 'Run "pkg_add openssl--%3.2" to run tests against OpenSSL 3.2'
7 @echo SKIPPED
8.else
9
10PROGS = client server
11CPPFLAGS = -I /usr/local/include/eopenssl32
12LDFLAGS = -L /usr/local/lib/eopenssl32
13LDADD = -lssl -lcrypto
14DPADD = /usr/local/lib/eopenssl32/libssl.a \
15 /usr/local/lib/eopenssl32/libcrypto.a
16LD_LIBRARY_PATH = /usr/local/lib/eopenssl32
17REGRESS_TARGETS = run-self-client-server
18.for p in ${PROGS}
19REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p
20.endfor
21
22.for p in ${PROGS}
23
24run-ldd-$p: ldd-$p.out
25 # check that $p is linked with OpenSSL 3.2
26 grep -q /usr/local/lib/eopenssl32/libcrypto.so ldd-$p.out
27 grep -q /usr/local/lib/eopenssl32/libssl.so ldd-$p.out
28 # check that $p is not linked with LibreSSL
29 ! grep -v libc.so ldd-$p.out | grep /usr/lib/
30
31run-version-$p: $p-self.out
32 # check that runtime version is OpenSSL 3.2
33 grep 'SSLEAY_VERSION: OpenSSL 3.2' $p-self.out
34
35run-protocol-$p: $p-self.out
36 # check that OpenSSL 3.2 protocol version is TLS 1.3
37 grep 'Protocol *: TLSv1.3' $p-self.out
38
39.endfor
40
41.endif # exists(/usr/local/bin/eopenssl32)
42
43.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/session/Makefile b/src/regress/lib/libssl/interop/session/Makefile
index 99daa4ba4f..d1644de3f3 100644
--- a/src/regress/lib/libssl/interop/session/Makefile
+++ b/src/regress/lib/libssl/interop/session/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.9 2023/10/30 17:15:21 tb Exp $ 1# $OpenBSD: Makefile,v 1.10 2024/08/18 09:14:17 tb Exp $
2 2
3LIBRARIES = libressl 3LIBRARIES = libressl
4.if exists(/usr/local/bin/eopenssl11) 4.if exists(/usr/local/bin/eopenssl11)
@@ -10,6 +10,9 @@ LIBRARIES += openssl11
10.if exists(/usr/local/bin/eopenssl31) 10.if exists(/usr/local/bin/eopenssl31)
11#LIBRARIES += openssl31 11#LIBRARIES += openssl31
12.endif 12.endif
13.if exists(/usr/local/bin/eopenssl32)
14#LIBRARIES += openssl32
15.endif
13 16
14run-session-client-libressl-server-libressl \ 17run-session-client-libressl-server-libressl \
15run-session-client-libressl-server-openssl11 \ 18run-session-client-libressl-server-openssl11 \
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-24 23:41:09 +0000