blob: b53b47b878a1be53696243578ad371d0042bfed5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Test TLS interoperability between LibreSSL and OpenSSL.
Implement simple SSL client and server in C. Create six binaries
by linking them with LibreSSL or OpenSSL 1.0.2 or OpenSSL 1.1. This
way API compatibility is tested. Connect and accept with netcat
to test protocol compatibility with libtls.
To self test each SSL library, connect client with server. Check
that the highest available TLS version is selected. LibreSSL TLS
1.3 check has to be enabled when the feature becomes available.
Currently OpenSSL 1.0.2p and OpenSSL 1.1.1 from ports are used. As
soon as LibreSSL supports TLS 1.3, it should be used automatically
when netcat is communicating with OpenSSL 1.1.
The cert subdir is testing all combinations of certificate validation.
Having the three libraries, client and server certificates, missing
or invalid CA or certificates, and enforcing peer certificate results
in 1944 test cases.
|
