From 5693217025086160333d0a12214c5bee3d7660fc Mon Sep 17 00:00:00 2001 From: bluhm <> Date: Wed, 7 Nov 2018 20:46:28 +0000 Subject: Add a self test for each SSL library by connecting client with server. Check that the highest available TLS version is selected. LibreSSL TLS 1.3 check is disabled until the feature becomes available. --- src/regress/lib/libssl/interop/openssl11/Makefile | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) (limited to 'src/regress/lib/libssl/interop/openssl11') diff --git a/src/regress/lib/libssl/interop/openssl11/Makefile b/src/regress/lib/libssl/interop/openssl11/Makefile index b11e08488a..e7257a3976 100644 --- a/src/regress/lib/libssl/interop/openssl11/Makefile +++ b/src/regress/lib/libssl/interop/openssl11/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.1 2018/11/07 19:09:01 bluhm Exp $ +# $OpenBSD: Makefile,v 1.2 2018/11/07 20:46:28 bluhm Exp $ .if ! exists(/usr/local/bin/eopenssl11) regress: @@ -14,6 +14,11 @@ DPADD = /usr/local/lib/eopenssl11/libssl.a \ /usr/local/lib/eopenssl11/libcrypto.a LD_LIBRARY_PATH = /usr/local/lib/eopenssl11 +run-protocol-nc-client run-protocol-nc-server: + @echo '\n======== $@ ========' + # LibreSSL does not support TLS 1.3 yet + @echo DISABLED + .for p in ${PROGS} run-ldd-$p: ldd-$p.out @echo '\n======== $@ ========' @@ -22,11 +27,18 @@ run-ldd-$p: ldd-$p.out grep -q /usr/local/lib/eopenssl11/libssl.so ldd-$p.out # check that $p is not linked with LibreSSL ! grep -v libc.so ldd-$p.out | grep /usr/lib/ +.endfor -run-version-$p: $p.out +.for o in nc-client nc-server self-client self-server +run-version-$o: $o.out @echo '\n======== $@ ========' # check that runtime version is OpenSSL 1.1 - grep 'SSLEAY_VERSION: OpenSSL 1.1' $p.out + grep 'SSLEAY_VERSION: OpenSSL 1.1' $o.out + +run-protocol-$o: $o.out + @echo '\n======== $@ ========' + # check that protocol version is TLS 1.3 + grep 'Protocol *: TLSv1.3' $o.out .endfor .include -- cgit v1.2.3-55-g6feb