3 files changed, 0 insertions, 351 deletions
diff --git a/src/lib/libssl/test/testss b/src/lib/libssl/test/testss
deleted file mode 100644
index 1a426857d3..0000000000
--- a/src/lib/libssl/test/testss
+++ /dev/null
@@ -1,163 +0,0 @@
-#!/bin/sh
-digest='-sha1'
-reqcmd="../util/shlib_wrap.sh ../apps/openssl req"
-x509cmd="../util/shlib_wrap.sh ../apps/openssl x509 $digest"
-verifycmd="../util/shlib_wrap.sh ../apps/openssl verify"
-dummycnf="../apps/openssl.cnf"
-CAkey="keyCA.ss"
-CAcert="certCA.ss"
-CAreq="reqCA.ss"
-CAconf="CAss.cnf"
-CAreq2="req2CA.ss"      # temp
-Uconf="Uss.cnf"
-Ukey="keyU.ss"
-Ureq="reqU.ss"
-Ucert="certU.ss"
-P1conf="P1ss.cnf"
-P1key="keyP1.ss"
-P1req="reqP1.ss"
-P1cert="certP1.ss"
-P1intermediate="tmp_intP1.ss"
-P2conf="P2ss.cnf"
-P2key="keyP2.ss"
-P2req="reqP2.ss"
-P2cert="certP2.ss"
-P2intermediate="tmp_intP2.ss"
-echo
-echo "make a certificate request using 'req'"
-echo "string to make the random number generator think it has entropy" >> ./.rnd
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
-  req_new='-newkey dsa:../apps/dsa512.pem'
-else
-  req_new='-new'
-fi
-$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss
-if [ $? != 0 ]; then
-        echo "error using 'req' to generate a certificate request"
-        exit 1
-fi
-echo
-echo "convert the certificate request into a self signed certificate using 'x509'"
-$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss
-if [ $? != 0 ]; then
-        echo "error using 'x509' to self sign a certificate request"
-        exit 1
-fi
-echo
-echo "convert a certificate into a certificate request using 'x509'"
-$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
-if [ $? != 0 ]; then
-        echo "error using 'x509' convert a certificate to a certificate request"
-        exit 1
-fi
-$reqcmd -config $dummycnf -verify -in $CAreq -noout
-if [ $? != 0 ]; then
-        echo first generated request is invalid
-        exit 1
-fi
-$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
-if [ $? != 0 ]; then
-        echo second generated request is invalid
-        exit 1
-fi
-$verifycmd -CAfile $CAcert $CAcert
-if [ $? != 0 ]; then
-        echo first generated cert is invalid
-        exit 1
-fi
-echo
-echo "make a user certificate request using 'req'"
-$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
-if [ $? != 0 ]; then
-        echo "error using 'req' to generate a user certificate request"
-        exit 1
-fi
-echo
-echo "sign user certificate request with the just created CA via 'x509'"
-$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss
-if [ $? != 0 ]; then
-        echo "error using 'x509' to sign a user certificate request"
-        exit 1
-fi
-$verifycmd -CAfile $CAcert $Ucert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
-echo
-echo "make a proxy certificate request using 'req'"
-$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss
-if [ $? != 0 ]; then
-        echo "error using 'req' to generate a proxy certificate request"
-        exit 1
-fi
-echo
-echo "sign proxy certificate request with the just created user certificate via 'x509'"
-$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss
-if [ $? != 0 ]; then
-        echo "error using 'x509' to sign a proxy certificate request"
-        exit 1
-fi
-cat $Ucert > $P1intermediate
-$verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert
-echo
-echo "make another proxy certificate request using 'req'"
-$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss
-if [ $? != 0 ]; then
-        echo "error using 'req' to generate another proxy certificate request"
-        exit 1
-fi
-echo
-echo "sign second proxy certificate request with the first proxy certificate via 'x509'"
-$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss
-if [ $? != 0 ]; then
-        echo "error using 'x509' to sign a second proxy certificate request"
-        exit 1
-fi
-cat $Ucert $P1cert > $P2intermediate
-$verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert
-echo
-echo The generated CA certificate is $CAcert
-echo The generated CA private key is $CAkey
-echo The generated user certificate is $Ucert
-echo The generated user private key is $Ukey
-echo The first generated proxy certificate is $P1cert
-echo The first generated proxy private key is $P1key
-echo The second generated proxy certificate is $P2cert
-echo The second generated proxy private key is $P2key
-/bin/rm err.ss
-#/bin/rm $P1intermediate
-#/bin/rm $P2intermediate
-exit 0
diff --git a/src/lib/libssl/test/testssl b/src/lib/libssl/test/testssl
deleted file mode 100644
index 4e8542b556..0000000000
--- a/src/lib/libssl/test/testssl
+++ /dev/null
@@ -1,178 +0,0 @@
-#!/bin/sh
-if [ "$1" = "" ]; then
-  key=../apps/server.pem
-else
-  key="$1"
-fi
-if [ "$2" = "" ]; then
-  cert=../apps/server.pem
-else
-  cert="$2"
-fi
-ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
-if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
-  dsa_cert=YES
-else
-  dsa_cert=NO
-fi
-if [ "$3" = "" ]; then
-  CA="-CApath ../certs"
-else
-  CA="-CAfile $3"
-fi
-if [ "$4" = "" ]; then
-  extra=""
-else
-  extra="$4"
-fi
-#############################################################################
-echo test sslv2
-$ssltest -ssl2 $extra || exit 1
-echo test sslv2 with server authentication
-$ssltest -ssl2 -server_auth $CA $extra || exit 1
-if [ $dsa_cert = NO ]; then
-  echo test sslv2 with client authentication
-  $ssltest -ssl2 -client_auth $CA $extra || exit 1
-  echo test sslv2 with both client and server authentication
-  $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
-fi
-echo test sslv3
-$ssltest -ssl3 $extra || exit 1
-echo test sslv3 with server authentication
-$ssltest -ssl3 -server_auth $CA $extra || exit 1
-echo test sslv3 with client authentication
-$ssltest -ssl3 -client_auth $CA $extra || exit 1
-echo test sslv3 with both client and server authentication
-$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
-echo test sslv2/sslv3
-$ssltest $extra || exit 1
-echo test sslv2/sslv3 with server authentication
-$ssltest -server_auth $CA $extra || exit 1
-echo test sslv2/sslv3 with client authentication
-$ssltest -client_auth $CA $extra || exit 1
-echo test sslv2/sslv3 with both client and server authentication
-$ssltest -server_auth -client_auth $CA $extra || exit 1
-echo test sslv2 via BIO pair
-$ssltest -bio_pair -ssl2 $extra || exit 1
-echo test sslv2 with server authentication via BIO pair
-$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
-if [ $dsa_cert = NO ]; then
-  echo test sslv2 with client authentication via BIO pair
-  $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
-  echo test sslv2 with both client and server authentication via BIO pair
-  $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
-fi
-echo test sslv3 via BIO pair
-$ssltest -bio_pair -ssl3 $extra || exit 1
-echo test sslv3 with server authentication via BIO pair
-$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
-echo test sslv3 with client authentication via BIO pair
-$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
-echo test sslv3 with both client and server authentication via BIO pair
-$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
-echo test sslv2/sslv3 via BIO pair
-$ssltest $extra || exit 1
-if [ $dsa_cert = NO ]; then
-  echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
-  $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
-fi
-echo test sslv2/sslv3 with 1024bit DHE via BIO pair
-$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
-echo test sslv2/sslv3 with server authentication
-$ssltest -bio_pair -server_auth $CA $extra || exit 1
-echo test sslv2/sslv3 with client authentication via BIO pair
-$ssltest -bio_pair -client_auth $CA $extra || exit 1
-echo test sslv2/sslv3 with both client and server authentication via BIO pair
-$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
-echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
-$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
-echo "Testing ciphersuites"
-for protocol in TLSv1.2 SSLv3; do
-  echo "Testing ciphersuites for $protocol"
-  for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
-    echo "Testing $cipher"
-    prot=""
-    if [ $protocol = "SSLv3" ] ; then
-      prot="-ssl3"
-    fi
-    $ssltest -cipher $cipher $prot
-    if [ $? -ne 0 ] ; then
-          echo "Failed $cipher"
-          exit 1
-    fi
-  done
-done
-#############################################################################
-if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
-  echo skipping anonymous DH tests
-else
-  echo test tls1 with 1024bit anonymous DH, multiple handshakes
-  $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
-fi
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
-  echo skipping RSA tests
-else
-  echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes'
-  ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1
-  if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
-    echo skipping RSA+DHE tests
-  else
-    echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
-    ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
-  fi
-fi
-echo test tls1 with PSK
-$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
-echo test tls1 with PSK via BIO pair
-$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
-if ../util/shlib_wrap.sh ../apps/openssl no-srp; then
-  echo skipping SRP tests
-else
-  echo test tls1 with SRP
-  $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123
-  echo test tls1 with SRP via BIO pair
-  $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123
-fi
-exit 0
diff --git a/src/lib/libssl/test/testsslproxy b/src/lib/libssl/test/testsslproxy
deleted file mode 100644
index 58bbda8ab7..0000000000
--- a/src/lib/libssl/test/testsslproxy
+++ /dev/null
@@ -1,10 +0,0 @@
-#! /bin/sh
-echo 'Testing a lot of proxy conditions.'
-echo 'Some of them may turn out being invalid, which is fine.'
-for auth in A B C BC; do
-    for cond in A B C 'A|B&!C'; do
-        sh ./testssl $1 $2 $3 "-proxy -proxy_auth $auth -proxy_cond $cond"
-        if [ $? = 3 ]; then exit 1; fi
-    done
-done

diff --git a/src/lib/libssl/test/testss b/src/lib/libssl/test/testss deleted file mode 100644 index 1a426857d3..0000000000 --- a/src/lib/libssl/test/testss +++ /dev/null
@@ -1,163 +0,0 @@
1	#!/bin/sh
2
3	digest='-sha1'
4	reqcmd="../util/shlib_wrap.sh ../apps/openssl req"
5	x509cmd="../util/shlib_wrap.sh ../apps/openssl x509 $digest"
6	verifycmd="../util/shlib_wrap.sh ../apps/openssl verify"
7	dummycnf="../apps/openssl.cnf"
8
9	CAkey="keyCA.ss"
10	CAcert="certCA.ss"
11	CAreq="reqCA.ss"
12	CAconf="CAss.cnf"
13	CAreq2="req2CA.ss" # temp
14
15	Uconf="Uss.cnf"
16	Ukey="keyU.ss"
17	Ureq="reqU.ss"
18	Ucert="certU.ss"
19
20	P1conf="P1ss.cnf"
21	P1key="keyP1.ss"
22	P1req="reqP1.ss"
23	P1cert="certP1.ss"
24	P1intermediate="tmp_intP1.ss"
25
26	P2conf="P2ss.cnf"
27	P2key="keyP2.ss"
28	P2req="reqP2.ss"
29	P2cert="certP2.ss"
30	P2intermediate="tmp_intP2.ss"
31
32	echo
33	echo "make a certificate request using 'req'"
34
35	echo "string to make the random number generator think it has entropy" >> ./.rnd
36
37	if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
38	req_new='-newkey dsa:../apps/dsa512.pem'
39	else
40	req_new='-new'
41	fi
42
43	$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss
44	if [ $? != 0 ]; then
45	echo "error using 'req' to generate a certificate request"
46	exit 1
47	fi
48	echo
49	echo "convert the certificate request into a self signed certificate using 'x509'"
50	$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss
51	if [ $? != 0 ]; then
52	echo "error using 'x509' to self sign a certificate request"
53	exit 1
54	fi
55
56	echo
57	echo "convert a certificate into a certificate request using 'x509'"
58	$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
59	if [ $? != 0 ]; then
60	echo "error using 'x509' convert a certificate to a certificate request"
61	exit 1
62	fi
63
64	$reqcmd -config $dummycnf -verify -in $CAreq -noout
65	if [ $? != 0 ]; then
66	echo first generated request is invalid
67	exit 1
68	fi
69
70	$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
71	if [ $? != 0 ]; then
72	echo second generated request is invalid
73	exit 1
74	fi
75
76	$verifycmd -CAfile $CAcert $CAcert
77	if [ $? != 0 ]; then
78	echo first generated cert is invalid
79	exit 1
80	fi
81
82	echo
83	echo "make a user certificate request using 'req'"
84	$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
85	if [ $? != 0 ]; then
86	echo "error using 'req' to generate a user certificate request"
87	exit 1
88	fi
89
90	echo
91	echo "sign user certificate request with the just created CA via 'x509'"
92	$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss
93	if [ $? != 0 ]; then
94	echo "error using 'x509' to sign a user certificate request"
95	exit 1
96	fi
97
98	$verifycmd -CAfile $CAcert $Ucert
99	echo
100	echo "Certificate details"
101	$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
102
103	echo
104	echo "make a proxy certificate request using 'req'"
105	$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss
106	if [ $? != 0 ]; then
107	echo "error using 'req' to generate a proxy certificate request"
108	exit 1
109	fi
110
111	echo
112	echo "sign proxy certificate request with the just created user certificate via 'x509'"
113	$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss
114	if [ $? != 0 ]; then
115	echo "error using 'x509' to sign a proxy certificate request"
116	exit 1
117	fi
118
119	cat $Ucert > $P1intermediate
120	$verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert
121	echo
122	echo "Certificate details"
123	$x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert
124
125	echo
126	echo "make another proxy certificate request using 'req'"
127	$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss
128	if [ $? != 0 ]; then
129	echo "error using 'req' to generate another proxy certificate request"
130	exit 1
131	fi
132
133	echo
134	echo "sign second proxy certificate request with the first proxy certificate via 'x509'"
135	$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss
136	if [ $? != 0 ]; then
137	echo "error using 'x509' to sign a second proxy certificate request"
138	exit 1
139	fi
140
141	cat $Ucert $P1cert > $P2intermediate
142	$verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert
143	echo
144	echo "Certificate details"
145	$x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert
146
147	echo
148	echo The generated CA certificate is $CAcert
149	echo The generated CA private key is $CAkey
150
151	echo The generated user certificate is $Ucert
152	echo The generated user private key is $Ukey
153
154	echo The first generated proxy certificate is $P1cert
155	echo The first generated proxy private key is $P1key
156
157	echo The second generated proxy certificate is $P2cert
158	echo The second generated proxy private key is $P2key
159
160	/bin/rm err.ss
161	#/bin/rm $P1intermediate
162	#/bin/rm $P2intermediate
163	exit 0


diff --git a/src/lib/libssl/test/testssl b/src/lib/libssl/test/testssl deleted file mode 100644 index 4e8542b556..0000000000 --- a/src/lib/libssl/test/testssl +++ /dev/null
@@ -1,178 +0,0 @@
1	#!/bin/sh
2
3	if [ "$1" = "" ]; then
4	key=../apps/server.pem
5	else
6	key="$1"
7	fi
8	if [ "$2" = "" ]; then
9	cert=../apps/server.pem
10	else
11	cert="$2"
12	fi
13	ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
14
15	if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout \| fgrep 'DSA Public Key' >/dev/null; then
16	dsa_cert=YES
17	else
18	dsa_cert=NO
19	fi
20
21	if [ "$3" = "" ]; then
22	CA="-CApath ../certs"
23	else
24	CA="-CAfile $3"
25	fi
26
27	if [ "$4" = "" ]; then
28	extra=""
29	else
30	extra="$4"
31	fi
32
33	#############################################################################
34
35	echo test sslv2
36	$ssltest -ssl2 $extra \|\| exit 1
37
38	echo test sslv2 with server authentication
39	$ssltest -ssl2 -server_auth $CA $extra \|\| exit 1
40
41	if [ $dsa_cert = NO ]; then
42	echo test sslv2 with client authentication
43	$ssltest -ssl2 -client_auth $CA $extra \|\| exit 1
44
45	echo test sslv2 with both client and server authentication
46	$ssltest -ssl2 -server_auth -client_auth $CA $extra \|\| exit 1
47	fi
48
49	echo test sslv3
50	$ssltest -ssl3 $extra \|\| exit 1
51
52	echo test sslv3 with server authentication
53	$ssltest -ssl3 -server_auth $CA $extra \|\| exit 1
54
55	echo test sslv3 with client authentication
56	$ssltest -ssl3 -client_auth $CA $extra \|\| exit 1
57
58	echo test sslv3 with both client and server authentication
59	$ssltest -ssl3 -server_auth -client_auth $CA $extra \|\| exit 1
60
61	echo test sslv2/sslv3
62	$ssltest $extra \|\| exit 1
63
64	echo test sslv2/sslv3 with server authentication
65	$ssltest -server_auth $CA $extra \|\| exit 1
66
67	echo test sslv2/sslv3 with client authentication
68	$ssltest -client_auth $CA $extra \|\| exit 1
69
70	echo test sslv2/sslv3 with both client and server authentication
71	$ssltest -server_auth -client_auth $CA $extra \|\| exit 1
72
73	echo test sslv2 via BIO pair
74	$ssltest -bio_pair -ssl2 $extra \|\| exit 1
75
76	echo test sslv2 with server authentication via BIO pair
77	$ssltest -bio_pair -ssl2 -server_auth $CA $extra \|\| exit 1
78
79	if [ $dsa_cert = NO ]; then
80	echo test sslv2 with client authentication via BIO pair
81	$ssltest -bio_pair -ssl2 -client_auth $CA $extra \|\| exit 1
82
83	echo test sslv2 with both client and server authentication via BIO pair
84	$ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra \|\| exit 1
85	fi
86
87	echo test sslv3 via BIO pair
88	$ssltest -bio_pair -ssl3 $extra \|\| exit 1
89
90	echo test sslv3 with server authentication via BIO pair
91	$ssltest -bio_pair -ssl3 -server_auth $CA $extra \|\| exit 1
92
93	echo test sslv3 with client authentication via BIO pair
94	$ssltest -bio_pair -ssl3 -client_auth $CA $extra \|\| exit 1
95
96	echo test sslv3 with both client and server authentication via BIO pair
97	$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra \|\| exit 1
98
99	echo test sslv2/sslv3 via BIO pair
100	$ssltest $extra \|\| exit 1
101
102	if [ $dsa_cert = NO ]; then
103	echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
104	$ssltest -bio_pair -no_dhe -no_ecdhe $extra \|\| exit 1
105	fi
106
107	echo test sslv2/sslv3 with 1024bit DHE via BIO pair
108	$ssltest -bio_pair -dhe1024dsa -v $extra \|\| exit 1
109
110	echo test sslv2/sslv3 with server authentication
111	$ssltest -bio_pair -server_auth $CA $extra \|\| exit 1
112
113	echo test sslv2/sslv3 with client authentication via BIO pair
114	$ssltest -bio_pair -client_auth $CA $extra \|\| exit 1
115
116	echo test sslv2/sslv3 with both client and server authentication via BIO pair
117	$ssltest -bio_pair -server_auth -client_auth $CA $extra \|\| exit 1
118
119	echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
120	$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra \|\| exit 1
121
122	echo "Testing ciphersuites"
123	for protocol in TLSv1.2 SSLv3; do
124	echo "Testing ciphersuites for $protocol"
125	for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" \| tr ':' ' '`; do
126	echo "Testing $cipher"
127	prot=""
128	if [ $protocol = "SSLv3" ] ; then
129	prot="-ssl3"
130	fi
131	$ssltest -cipher $cipher $prot
132	if [ $? -ne 0 ] ; then
133	echo "Failed $cipher"
134	exit 1
135	fi
136	done
137	done
138
139	#############################################################################
140
141	if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
142	echo skipping anonymous DH tests
143	else
144	echo test tls1 with 1024bit anonymous DH, multiple handshakes
145	$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra \|\| exit 1
146	fi
147
148	if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
149	echo skipping RSA tests
150	else
151	echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes'
152	../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra \|\| exit 1
153
154	if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
155	echo skipping RSA+DHE tests
156	else
157	echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
158	../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra \|\| exit 1
159	fi
160	fi
161
162	echo test tls1 with PSK
163	$ssltest -tls1 -cipher PSK -psk abc123 $extra \|\| exit 1
164
165	echo test tls1 with PSK via BIO pair
166	$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra \|\| exit 1
167
168	if ../util/shlib_wrap.sh ../apps/openssl no-srp; then
169	echo skipping SRP tests
170	else
171	echo test tls1 with SRP
172	$ssltest -tls1 -cipher SRP -srpuser test -srppass abc123
173
174	echo test tls1 with SRP via BIO pair
175	$ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123
176	fi
177
178	exit 0


diff --git a/src/lib/libssl/test/testsslproxy b/src/lib/libssl/test/testsslproxy deleted file mode 100644 index 58bbda8ab7..0000000000 --- a/src/lib/libssl/test/testsslproxy +++ /dev/null
@@ -1,10 +0,0 @@
1	#! /bin/sh
2
3	echo 'Testing a lot of proxy conditions.'
4	echo 'Some of them may turn out being invalid, which is fine.'
5	for auth in A B C BC; do
6	for cond in A B C 'A\|B&!C'; do
7	sh ./testssl $1 $2 $3 "-proxy -proxy_auth $auth -proxy_cond $cond"
8	if [ $? = 3 ]; then exit 1; fi
9	done
10	done