diff options
Diffstat (limited to 'src/regress/lib/libssl/ssl')
| -rw-r--r-- | src/regress/lib/libssl/ssl/ssltest.c | 16 | ||||
| -rw-r--r-- | src/regress/lib/libssl/ssl/testssl | 36 |
2 files changed, 25 insertions, 27 deletions
diff --git a/src/regress/lib/libssl/ssl/ssltest.c b/src/regress/lib/libssl/ssl/ssltest.c index b4b10446e6..6b8e243073 100644 --- a/src/regress/lib/libssl/ssl/ssltest.c +++ b/src/regress/lib/libssl/ssl/ssltest.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssltest.c,v 1.39 2023/04/15 16:50:05 tb Exp $ */ | 1 | /* $OpenBSD: ssltest.c,v 1.40 2023/07/02 17:21:32 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -336,7 +336,7 @@ sv_usage(void) | |||
| 336 | fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); | 336 | fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); |
| 337 | fprintf(stderr, " -no_dhe - disable DHE\n"); | 337 | fprintf(stderr, " -no_dhe - disable DHE\n"); |
| 338 | fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); | 338 | fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); |
| 339 | fprintf(stderr, " -dtls1 - use DTLSv1\n"); | 339 | fprintf(stderr, " -dtls1_2 - use DTLSv1.2\n"); |
| 340 | fprintf(stderr, " -tls1 - use TLSv1\n"); | 340 | fprintf(stderr, " -tls1 - use TLSv1\n"); |
| 341 | fprintf(stderr, " -tls1_2 - use TLSv1.2\n"); | 341 | fprintf(stderr, " -tls1_2 - use TLSv1.2\n"); |
| 342 | fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); | 342 | fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); |
| @@ -409,7 +409,7 @@ main(int argc, char *argv[]) | |||
| 409 | int badop = 0; | 409 | int badop = 0; |
| 410 | int bio_pair = 0; | 410 | int bio_pair = 0; |
| 411 | int force = 0; | 411 | int force = 0; |
| 412 | int tls1 = 0, tls1_2 = 0, dtls1 = 0, ret = 1; | 412 | int tls1 = 0, tls1_2 = 0, dtls1_2 = 0, ret = 1; |
| 413 | int client_auth = 0; | 413 | int client_auth = 0; |
| 414 | int server_auth = 0, i; | 414 | int server_auth = 0, i; |
| 415 | char *app_verify_arg = "Test Callback Argument"; | 415 | char *app_verify_arg = "Test Callback Argument"; |
| @@ -464,8 +464,8 @@ main(int argc, char *argv[]) | |||
| 464 | no_dhe = 1; | 464 | no_dhe = 1; |
| 465 | else if (strcmp(*argv, "-no_ecdhe") == 0) | 465 | else if (strcmp(*argv, "-no_ecdhe") == 0) |
| 466 | no_ecdhe = 1; | 466 | no_ecdhe = 1; |
| 467 | else if (strcmp(*argv, "-dtls1") == 0) | 467 | else if (strcmp(*argv, "-dtls1_2") == 0) |
| 468 | dtls1 = 1; | 468 | dtls1_2 = 1; |
| 469 | else if (strcmp(*argv, "-tls1") == 0) | 469 | else if (strcmp(*argv, "-tls1") == 0) |
| 470 | tls1 = 1; | 470 | tls1 = 1; |
| 471 | else if (strcmp(*argv, "-tls1_2") == 0) | 471 | else if (strcmp(*argv, "-tls1_2") == 0) |
| @@ -565,7 +565,7 @@ bad: | |||
| 565 | goto end; | 565 | goto end; |
| 566 | } | 566 | } |
| 567 | 567 | ||
| 568 | if (!dtls1 && !tls1 && !tls1_2 && number > 1 && !reuse && !force) { | 568 | if (!dtls1_2 && !tls1 && !tls1_2 && number > 1 && !reuse && !force) { |
| 569 | fprintf(stderr, | 569 | fprintf(stderr, |
| 570 | "This case cannot work. Use -f to perform " | 570 | "This case cannot work. Use -f to perform " |
| 571 | "the test anyway (and\n-d to see what happens), " | 571 | "the test anyway (and\n-d to see what happens), " |
| @@ -588,8 +588,8 @@ bad: | |||
| 588 | SSL_library_init(); | 588 | SSL_library_init(); |
| 589 | SSL_load_error_strings(); | 589 | SSL_load_error_strings(); |
| 590 | 590 | ||
| 591 | if (dtls1) | 591 | if (dtls1_2) |
| 592 | meth = DTLSv1_method(); | 592 | meth = DTLSv1_2_method(); |
| 593 | else if (tls1) | 593 | else if (tls1) |
| 594 | meth = TLSv1_method(); | 594 | meth = TLSv1_method(); |
| 595 | else if (tls1_2) | 595 | else if (tls1_2) |
diff --git a/src/regress/lib/libssl/ssl/testssl b/src/regress/lib/libssl/ssl/testssl index 43efaa6460..70db1752b7 100644 --- a/src/regress/lib/libssl/ssl/testssl +++ b/src/regress/lib/libssl/ssl/testssl | |||
| @@ -95,8 +95,7 @@ done | |||
| 95 | if $openssl no-dh; then | 95 | if $openssl no-dh; then |
| 96 | echo skipping anonymous DH tests | 96 | echo skipping anonymous DH tests |
| 97 | else | 97 | else |
| 98 | echo test tls1 with 1024bit anonymous DH, multiple handshakes | 98 | echo skipping tls1 tests. |
| 99 | $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 | ||
| 100 | fi | 99 | fi |
| 101 | 100 | ||
| 102 | #if $openssl no-rsa; then | 101 | #if $openssl no-rsa; then |
| @@ -117,17 +116,16 @@ fi | |||
| 117 | # DTLS tests | 116 | # DTLS tests |
| 118 | # | 117 | # |
| 119 | 118 | ||
| 120 | echo test dtlsv1 | 119 | $ssltest -dtls1_2 $extra || exit 1 |
| 121 | $ssltest -dtls1 $extra || exit 1 | ||
| 122 | 120 | ||
| 123 | echo test dtlsv1 with server authentication | 121 | echo test dtlsv1_2 with server authentication |
| 124 | $ssltest -dtls1 -server_auth $CA $extra || exit 1 | 122 | $ssltest -dtls1_2 -server_auth $CA $extra || exit 1 |
| 125 | 123 | ||
| 126 | echo test dtlsv1 with client authentication | 124 | echo test dtlsv1_2 with client authentication |
| 127 | $ssltest -dtls1 -client_auth $CA $extra || exit 1 | 125 | $ssltest -dtls1_2 -client_auth $CA $extra || exit 1 |
| 128 | 126 | ||
| 129 | echo test dtlsv1 with both client and server authentication | 127 | echo test dtlsv1_2 with both client and server authentication |
| 130 | $ssltest -dtls1 -server_auth -client_auth $CA $extra || exit 1 | 128 | $ssltest -dtls1_2 -server_auth -client_auth $CA $extra || exit 1 |
| 131 | 129 | ||
| 132 | echo "Testing DTLS ciphersuites" | 130 | echo "Testing DTLS ciphersuites" |
| 133 | for protocol in SSLv3; do | 131 | for protocol in SSLv3; do |
| @@ -136,7 +134,7 @@ for protocol in SSLv3; do | |||
| 136 | awk "/ $protocol / { print \\$1 }" | | 134 | awk "/ $protocol / { print \\$1 }" | |
| 137 | grep -v RC4`; do | 135 | grep -v RC4`; do |
| 138 | echo "Testing $cipher" | 136 | echo "Testing $cipher" |
| 139 | $ssltest -cipher $cipher -dtls1 | 137 | $ssltest -cipher $cipher -dtls1_2 |
| 140 | if [ $? -ne 0 ] ; then | 138 | if [ $? -ne 0 ] ; then |
| 141 | echo "Failed $cipher" | 139 | echo "Failed $cipher" |
| 142 | exit 1 | 140 | exit 1 |
| @@ -148,17 +146,17 @@ done | |||
| 148 | # ALPN tests | 146 | # ALPN tests |
| 149 | # | 147 | # |
| 150 | echo "Testing ALPN..." | 148 | echo "Testing ALPN..." |
| 151 | $ssltest -bio_pair -tls1 -alpn_client foo -alpn_server bar || exit 1 | 149 | $ssltest -bio_pair -alpn_client foo -alpn_server bar || exit 1 |
| 152 | $ssltest -bio_pair -tls1 -alpn_client foo -alpn_server foo \ | 150 | $ssltest -bio_pair -alpn_client foo -alpn_server foo \ |
| 153 | -alpn_expected foo || exit 1 | 151 | -alpn_expected foo || exit 1 |
| 154 | $ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server foo \ | 152 | $ssltest -bio_pair -alpn_client foo,bar -alpn_server foo \ |
| 155 | -alpn_expected foo || exit 1 | 153 | -alpn_expected foo || exit 1 |
| 156 | $ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo \ | 154 | $ssltest -bio_pair -alpn_client bar,foo -alpn_server foo \ |
| 157 | -alpn_expected foo || exit 1 | 155 | -alpn_expected foo || exit 1 |
| 158 | $ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo,bar \ | 156 | $ssltest -bio_pair -alpn_client bar,foo -alpn_server foo,bar \ |
| 159 | -alpn_expected foo || exit 1 | 157 | -alpn_expected foo || exit 1 |
| 160 | $ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server bar,foo \ | 158 | $ssltest -bio_pair -alpn_client bar,foo -alpn_server bar,foo \ |
| 161 | -alpn_expected bar || exit 1 | 159 | -alpn_expected bar || exit 1 |
| 162 | $ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server bar,foo \ | 160 | $ssltest -bio_pair -alpn_client foo,bar -alpn_server bar,foo \ |
| 163 | -alpn_expected bar || exit 1 | 161 | -alpn_expected bar || exit 1 |
| 164 | $ssltest -bio_pair -tls1 -alpn_client baz -alpn_server bar,foo || exit 1 | 162 | $ssltest -bio_pair -alpn_client baz -alpn_server bar,foo || exit 1 |