diff options
Diffstat (limited to 'src/regress/lib/libssl/interop/cipher')
| -rw-r--r-- | src/regress/lib/libssl/interop/cipher/Makefile | 25 |
1 files changed, 10 insertions, 15 deletions
diff --git a/src/regress/lib/libssl/interop/cipher/Makefile b/src/regress/lib/libssl/interop/cipher/Makefile index bf4a1e28dc..fa7e25f9ee 100644 --- a/src/regress/lib/libssl/interop/cipher/Makefile +++ b/src/regress/lib/libssl/interop/cipher/Makefile | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: Makefile,v 1.16 2024/08/18 10:02:10 tb Exp $ | 1 | # $OpenBSD: Makefile,v 1.17 2025/01/15 10:54:17 tb Exp $ |
| 2 | 2 | ||
| 3 | # Connect a client to a server. Both can be current libressl, or | 3 | # Connect a client to a server. Both can be current libressl, or |
| 4 | # openssl 1.1 or 3.0. Create lists of supported ciphers | 4 | # openssl 1.1 or 3.0. Create lists of supported ciphers |
| @@ -7,14 +7,11 @@ | |||
| 7 | # have used correct cipher by grepping in their session print out. | 7 | # have used correct cipher by grepping in their session print out. |
| 8 | 8 | ||
| 9 | LIBRARIES = libressl | 9 | LIBRARIES = libressl |
| 10 | .if exists(/usr/local/bin/eopenssl11) | 10 | .if exists(/usr/local/bin/eopenssl33) |
| 11 | LIBRARIES += openssl11 | 11 | LIBRARIES += openssl33 |
| 12 | .endif | 12 | .endif |
| 13 | .if exists(/usr/local/bin/eopenssl31) | 13 | .if exists(/usr/local/bin/eopenssl34) |
| 14 | LIBRARIES += openssl31 | 14 | LIBRARIES += openssl34 |
| 15 | .endif | ||
| 16 | .if exists(/usr/local/bin/eopenssl32) | ||
| 17 | LIBRARIES += openssl32 | ||
| 18 | .endif | 15 | .endif |
| 19 | 16 | ||
| 20 | CLEANFILES = *.tmp *.ciphers ciphers.mk | 17 | CLEANFILES = *.tmp *.ciphers ciphers.mk |
| @@ -44,9 +41,8 @@ client-${clib}-server-${slib}.ciphers: \ | |||
| 44 | uniq -d <$@.tmp >$@ | 41 | uniq -d <$@.tmp >$@ |
| 45 | # we are only interested in ciphers supported by libressl | 42 | # we are only interested in ciphers supported by libressl |
| 46 | sort $@ client-libressl.ciphers >$@.tmp | 43 | sort $@ client-libressl.ciphers >$@.tmp |
| 47 | . if "${clib}" == "openssl11" || "${slib}" == "openssl11" || \ | 44 | . if "${clib}" == "openssl33" || "${slib}" == "openssl33" || \ |
| 48 | "${clib}" == "openssl31" || "${slib}" == "openssl31" || \ | 45 | "${clib}" == "openssl34" || "${slib}" == "openssl34" |
| 49 | "${clib}" == "openssl32" || "${slib}" == "openssl32" | ||
| 50 | # OpenSSL's SSL_CTX_set_cipher_list doesn't accept TLSv1.3 ciphers | 46 | # OpenSSL's SSL_CTX_set_cipher_list doesn't accept TLSv1.3 ciphers |
| 51 | sed -i '/^TLS_/d' $@.tmp | 47 | sed -i '/^TLS_/d' $@.tmp |
| 52 | . endif | 48 | . endif |
| @@ -74,9 +70,8 @@ regress: ciphers.mk | |||
| 74 | .endif | 70 | .endif |
| 75 | 71 | ||
| 76 | LEVEL_libressl = | 72 | LEVEL_libressl = |
| 77 | LEVEL_openssl11 = ,@SECLEVEL=0 | 73 | LEVEL_openssl33 = ,@SECLEVEL=0 |
| 78 | LEVEL_openssl31 = ,@SECLEVEL=0 | 74 | LEVEL_openssl34 = ,@SECLEVEL=0 |
| 79 | LEVEL_openssl32 = ,@SECLEVEL=0 | ||
| 80 | 75 | ||
| 81 | .for clib in ${LIBRARIES} | 76 | .for clib in ${LIBRARIES} |
| 82 | .for slib in ${LIBRARIES} | 77 | .for slib in ${LIBRARIES} |
| @@ -137,7 +132,7 @@ check-cipher-${cipher}-client-${clib}-server-${slib}: \ | |||
| 137 | . endif | 132 | . endif |
| 138 | . if "${clib}" == "libressl" | 133 | . if "${clib}" == "libressl" |
| 139 | # libressl client may prefer chacha-poly if aes-ni is not supported | 134 | # libressl client may prefer chacha-poly if aes-ni is not supported |
| 140 | . if "${slib}" == "openssl11" || "${slib}" == "openssl31" || "${slib}" == "openssl32" | 135 | . if "${slib}" == "openssl33" || "${slib}" == "openssl34" |
| 141 | egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out | 136 | egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out |
| 142 | . else | 137 | . else |
| 143 | egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out | 138 | egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out |