1 files changed, 112 insertions, 15 deletions
diff --git a/src/lib/libssl/test/testssl b/src/lib/libssl/test/testssl
index f115adb8e1..ba5e41c861 100644
--- a/src/lib/libssl/test/testssl
+++ b/src/lib/libssl/test/testssl
@@ -1,40 +1,137 @@
 #!/bin/sh
+if [ "$1" = "" ]; then
+  key=../apps/server.pem
+else
+  key="$1"
+fi
+if [ "$2" = "" ]; then
+  cert=../apps/server.pem
+else
+  cert="$2"
+fi
+ssltest="./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
+if ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
+  dsa_cert=YES
+else
+  dsa_cert=NO
+fi
+if [ "$3" = "" ]; then
+  CA="-CApath ../certs"
+else
+  CA="-CAfile $3"
+fi
+if [ "$4" = "" ]; then
+  extra=""
+else
+  extra="$4"
+fi
+#############################################################################
 echo test sslv2
-./ssltest -ssl2 || exit 1
+$ssltest -ssl2 $extra || exit 1
 echo test sslv2 with server authentication
-./ssltest -ssl2 -server_auth -CApath ../certs || exit 1
+$ssltest -ssl2 -server_auth $CA $extra || exit 1
-echo test sslv2 with client authentication
+if [ $dsa_cert = NO ]; then
-./ssltest -ssl2 -client_auth -CApath ../certs || exit 1
+  echo test sslv2 with client authentication
+  $ssltest -ssl2 -client_auth $CA $extra || exit 1
-echo test sslv2 with both client and server authentication
+  echo test sslv2 with both client and server authentication
-./ssltest -ssl2 -server_auth -client_auth -CApath ../certs || exit 1
+  $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
+fi
 echo test sslv3
-./ssltest -ssl3 || exit 1
+$ssltest -ssl3 $extra || exit 1
 echo test sslv3 with server authentication
-./ssltest -ssl3 -server_auth -CApath ../certs || exit 1
+$ssltest -ssl3 -server_auth $CA $extra || exit 1
 echo test sslv3 with client authentication
-./ssltest -ssl3 -client_auth -CApath ../certs || exit 1
+$ssltest -ssl3 -client_auth $CA $extra || exit 1
 echo test sslv3 with both client and server authentication
-./ssltest -ssl3 -server_auth -client_auth -CApath ../certs || exit 1
+$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
 echo test sslv2/sslv3
-./ssltest || exit 1
+$ssltest $extra || exit 1
 echo test sslv2/sslv3 with server authentication
-./ssltest -server_auth -CApath ../certs || exit 1
+$ssltest -server_auth $CA $extra || exit 1
 echo test sslv2/sslv3 with client authentication
-./ssltest -client_auth -CApath ../certs || exit 1
+$ssltest -client_auth $CA $extra || exit 1
 echo test sslv2/sslv3 with both client and server authentication
-./ssltest -server_auth -client_auth -CApath ../certs || exit 1
+$ssltest -server_auth -client_auth $CA $extra || exit 1
-exit 0
+echo test sslv2 via BIO pair
+$ssltest -bio_pair -ssl2 $extra || exit 1
+echo test sslv2 with server authentication via BIO pair
+$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
+if [ $dsa_cert = NO ]; then
+  echo test sslv2 with client authentication via BIO pair
+  $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
+  echo test sslv2 with both client and server authentication via BIO pair
+  $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
+fi
+echo test sslv3 via BIO pair
+$ssltest -bio_pair -ssl3 $extra || exit 1
+echo test sslv3 with server authentication via BIO pair
+$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
+echo test sslv3 with client authentication via BIO pair
+$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
+echo test sslv3 with both client and server authentication via BIO pair
+$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
+echo test sslv2/sslv3 via BIO pair
+$ssltest $extra || exit 1
+if [ $dsa_cert = NO ]; then
+  echo test sslv2/sslv3 w/o DHE via BIO pair
+  $ssltest -bio_pair -no_dhe $extra || exit 1
+fi
+echo test sslv2/sslv3 with 1024bit DHE via BIO pair
+$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
+echo test sslv2/sslv3 with server authentication
+$ssltest -bio_pair -server_auth $CA $extra || exit 1
+echo test sslv2/sslv3 with client authentication via BIO pair
+$ssltest -bio_pair -client_auth $CA $extra || exit 1
+echo test sslv2/sslv3 with both client and server authentication via BIO pair
+$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
+echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
+$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
+#############################################################################
+echo test tls1 with 1024bit anonymous DH, multiple handshakes
+$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
+if ../apps/openssl no-rsa; then
+  echo skipping RSA tests
+else
+  echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
+  ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
+  echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
+  ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
+fi
+exit 0

diff --git a/src/lib/libssl/test/testssl b/src/lib/libssl/test/testssl index f115adb8e1..ba5e41c861 100644 --- a/src/lib/libssl/test/testssl +++ b/src/lib/libssl/test/testssl
@@ -1,40 +1,137 @@
1	#!/bin/sh	1	#!/bin/sh
2		2
		3	if [ "$1" = "" ]; then
		4	key=../apps/server.pem
		5	else
		6	key="$1"
		7	fi
		8	if [ "$2" = "" ]; then
		9	cert=../apps/server.pem
		10	else
		11	cert="$2"
		12	fi
		13	ssltest="./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
		14
		15	if ../apps/openssl x509 -in $cert -text -noout \| fgrep 'DSA Public Key' >/dev/null; then
		16	dsa_cert=YES
		17	else
		18	dsa_cert=NO
		19	fi
		20
		21	if [ "$3" = "" ]; then
		22	CA="-CApath ../certs"
		23	else
		24	CA="-CAfile $3"
		25	fi
		26
		27	if [ "$4" = "" ]; then
		28	extra=""
		29	else
		30	extra="$4"
		31	fi
		32
		33	#############################################################################
		34
3	echo test sslv2	35	echo test sslv2
4	./ssltest -ssl2 \|\| exit 1	36	$ssltest -ssl2 $extra \|\| exit 1
5		37
6	echo test sslv2 with server authentication	38	echo test sslv2 with server authentication
7	./ssltest -ssl2 -server_auth -CApath ../certs \|\| exit 1	39	$ssltest -ssl2 -server_auth $CA $extra \|\| exit 1
8		40
9	echo test sslv2 with client authentication	41	if [ $dsa_cert = NO ]; then
10	./ssltest -ssl2 -client_auth -CApath ../certs \|\| exit 1	42	echo test sslv2 with client authentication
		43	$ssltest -ssl2 -client_auth $CA $extra \|\| exit 1
11		44
12	echo test sslv2 with both client and server authentication	45	echo test sslv2 with both client and server authentication
13	./ssltest -ssl2 -server_auth -client_auth -CApath ../certs \|\| exit 1	46	$ssltest -ssl2 -server_auth -client_auth $CA $extra \|\| exit 1
		47	fi
14		48
15	echo test sslv3	49	echo test sslv3
16	./ssltest -ssl3 \|\| exit 1	50	$ssltest -ssl3 $extra \|\| exit 1
17		51
18	echo test sslv3 with server authentication	52	echo test sslv3 with server authentication
19	./ssltest -ssl3 -server_auth -CApath ../certs \|\| exit 1	53	$ssltest -ssl3 -server_auth $CA $extra \|\| exit 1
20		54
21	echo test sslv3 with client authentication	55	echo test sslv3 with client authentication
22	./ssltest -ssl3 -client_auth -CApath ../certs \|\| exit 1	56	$ssltest -ssl3 -client_auth $CA $extra \|\| exit 1
23		57
24	echo test sslv3 with both client and server authentication	58	echo test sslv3 with both client and server authentication
25	./ssltest -ssl3 -server_auth -client_auth -CApath ../certs \|\| exit 1	59	$ssltest -ssl3 -server_auth -client_auth $CA $extra \|\| exit 1
26		60
27	echo test sslv2/sslv3	61	echo test sslv2/sslv3
28	./ssltest \|\| exit 1	62	$ssltest $extra \|\| exit 1
29		63
30	echo test sslv2/sslv3 with server authentication	64	echo test sslv2/sslv3 with server authentication
31	./ssltest -server_auth -CApath ../certs \|\| exit 1	65	$ssltest -server_auth $CA $extra \|\| exit 1
32		66
33	echo test sslv2/sslv3 with client authentication	67	echo test sslv2/sslv3 with client authentication
34	./ssltest -client_auth -CApath ../certs \|\| exit 1	68	$ssltest -client_auth $CA $extra \|\| exit 1
35		69
36	echo test sslv2/sslv3 with both client and server authentication	70	echo test sslv2/sslv3 with both client and server authentication
37	./ssltest -server_auth -client_auth -CApath ../certs \|\| exit 1	71	$ssltest -server_auth -client_auth $CA $extra \|\| exit 1
38		72
39	exit 0	73	echo test sslv2 via BIO pair
		74	$ssltest -bio_pair -ssl2 $extra \|\| exit 1
		75
		76	echo test sslv2 with server authentication via BIO pair
		77	$ssltest -bio_pair -ssl2 -server_auth $CA $extra \|\| exit 1
		78
		79	if [ $dsa_cert = NO ]; then
		80	echo test sslv2 with client authentication via BIO pair
		81	$ssltest -bio_pair -ssl2 -client_auth $CA $extra \|\| exit 1
		82
		83	echo test sslv2 with both client and server authentication via BIO pair
		84	$ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra \|\| exit 1
		85	fi
		86
		87	echo test sslv3 via BIO pair
		88	$ssltest -bio_pair -ssl3 $extra \|\| exit 1
		89
		90	echo test sslv3 with server authentication via BIO pair
		91	$ssltest -bio_pair -ssl3 -server_auth $CA $extra \|\| exit 1
		92
		93	echo test sslv3 with client authentication via BIO pair
		94	$ssltest -bio_pair -ssl3 -client_auth $CA $extra \|\| exit 1
		95
		96	echo test sslv3 with both client and server authentication via BIO pair
		97	$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra \|\| exit 1
40		98
		99	echo test sslv2/sslv3 via BIO pair
		100	$ssltest $extra \|\| exit 1
		101
		102	if [ $dsa_cert = NO ]; then
		103	echo test sslv2/sslv3 w/o DHE via BIO pair
		104	$ssltest -bio_pair -no_dhe $extra \|\| exit 1
		105	fi
		106
		107	echo test sslv2/sslv3 with 1024bit DHE via BIO pair
		108	$ssltest -bio_pair -dhe1024dsa -v $extra \|\| exit 1
		109
		110	echo test sslv2/sslv3 with server authentication
		111	$ssltest -bio_pair -server_auth $CA $extra \|\| exit 1
		112
		113	echo test sslv2/sslv3 with client authentication via BIO pair
		114	$ssltest -bio_pair -client_auth $CA $extra \|\| exit 1
		115
		116	echo test sslv2/sslv3 with both client and server authentication via BIO pair
		117	$ssltest -bio_pair -server_auth -client_auth $CA $extra \|\| exit 1
		118
		119	echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
		120	$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra \|\| exit 1
		121
		122	#############################################################################
		123
		124	echo test tls1 with 1024bit anonymous DH, multiple handshakes
		125	$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra \|\| exit 1
		126
		127	if ../apps/openssl no-rsa; then
		128	echo skipping RSA tests
		129	else
		130	echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
		131	./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra \|\| exit 1
		132
		133	echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
		134	./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra \|\| exit 1
		135	fi
		136
		137	exit 0