Add support for openssl32 in interop test
authortb <tb@openbsd.org>
Sun, 18 Aug 2024 09:14:17 +0000 (09:14 +0000)
committertb <tb@openbsd.org>
Sun, 18 Aug 2024 09:14:17 +0000 (09:14 +0000)
regress/lib/libssl/interop/Makefile
regress/lib/libssl/interop/botan/Makefile
regress/lib/libssl/interop/cert/Makefile
regress/lib/libssl/interop/cipher/Makefile
regress/lib/libssl/interop/netcat/Makefile
regress/lib/libssl/interop/openssl32/Makefile [new file with mode: 0644]
regress/lib/libssl/interop/session/Makefile

index 82bef23..0a545ad 100644 (file)
@@ -1,6 +1,6 @@
-# $OpenBSD: Makefile,v 1.18 2023/10/30 17:15:21 tb Exp $
+# $OpenBSD: Makefile,v 1.19 2024/08/18 09:14:17 tb Exp $
 
-SUBDIR =       libressl openssl11 openssl30 openssl31
+SUBDIR =       libressl openssl11 openssl30 openssl31 openssl32
 
 # the above binaries must have been built before we can continue
 SUBDIR +=      netcat
index b9570b8..acc350a 100644 (file)
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.7 2023/10/30 17:15:21 tb Exp $
+# $OpenBSD: Makefile,v 1.8 2024/08/18 09:14:17 tb Exp $
 
 .include <bsd.own.mk>
 
@@ -29,6 +29,9 @@ LIBRARIES +=          openssl30
 .if exists(/usr/local/bin/eopenssl31)
 LIBRARIES +=           openssl31
 .endif
+.if exists(/usr/local/bin/eopenssl32)
+LIBRARIES +=           openssl32
+.endif
 
 PROGS =                client
 SRCS_client =  client.cpp
index ae755be..8c37d8a 100644 (file)
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.11 2023/10/30 17:15:21 tb Exp $
+# $OpenBSD: Makefile,v 1.12 2024/08/18 09:14:17 tb Exp $
 
 # Connect a client to a server.  Both can be current libressl, or
 # openssl 1.1 or 3.0.  Create client and server certificates
@@ -16,6 +16,9 @@ LIBRARIES +=          openssl30
 .if exists(/usr/local/bin/eopenssl31)
 LIBRARIES +=           openssl31
 .endif
+.if exists(/usr/local/bin/eopenssl32)
+LIBRARIES +=           openssl32
+.endif
 
 .for cca in noca ca fakeca
 .for sca in noca ca fakeca
index 3a116d5..70eaeec 100644 (file)
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.14 2024/02/03 15:58:34 beck Exp $
+# $OpenBSD: Makefile,v 1.15 2024/08/18 09:14:17 tb Exp $
 
 # Connect a client to a server.  Both can be current libressl, or
 # openssl 1.1 or 3.0.  Create lists of supported ciphers
@@ -16,6 +16,9 @@ LIBRARIES +=          openssl30
 .if exists(/usr/local/bin/eopenssl31)
 LIBRARIES +=           openssl31
 .endif
+.if exists(/usr/local/bin/eopenssl32)
+LIBRARIES +=           openssl32
+.endif
 
 CLEANFILES =   *.tmp *.ciphers ciphers.mk
 
@@ -46,7 +49,8 @@ client-${clib}-server-${slib}.ciphers: \
        sort $@ client-libressl.ciphers >$@.tmp
 . if "${clib}" == "openssl11" || "${slib}" == "openssl11" || \
        "${clib}" == "openssl30" || "${slib}" == "openssl30" || \
-       "${clib}" == "openssl31" || "${slib}" == "openssl31"
+       "${clib}" == "openssl31" || "${slib}" == "openssl31" || \
+       "${clib}" == "openssl32" || "${slib}" == "openssl32"
        # OpenSSL's SSL_CTX_set_cipher_list doesn't accept TLSv1.3 ciphers
        sed -i '/^TLS_/d' $@.tmp
 . endif
@@ -76,6 +80,8 @@ regress: ciphers.mk
 LEVEL_libressl =
 LEVEL_openssl11 = ,@SECLEVEL=0
 LEVEL_openssl30 = ,@SECLEVEL=0
+LEVEL_openssl31 = ,@SECLEVEL=0
+LEVEL_openssl32 = ,@SECLEVEL=0
 
 .for clib in ${LIBRARIES}
 .for slib in ${LIBRARIES}
@@ -136,7 +142,7 @@ check-cipher-${cipher}-client-${clib}-server-${slib}: \
 . endif
 . if "${clib}" == "libressl"
        # libressl client may prefer chacha-poly if aes-ni is not supported
-.  if "${slib}" == "openssl11" || "${slib}" == "openssl30" || "${slib}" == "openssl31"
+.  if "${slib}" == "openssl11" || "${slib}" == "openssl30" || "${slib}" == "openssl31" || "${slib}" == "openssl32"
        egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out
 .  else
        egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out
index 568c4d2..3e3e4ef 100644 (file)
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.7 2023/10/30 17:15:21 tb Exp $
+# $OpenBSD: Makefile,v 1.8 2024/08/18 09:14:17 tb Exp $
 
 LIBRARIES =            libressl
 .if exists(/usr/local/bin/eopenssl11)
@@ -10,6 +10,9 @@ LIBRARIES +=          openssl30
 .if exists(/usr/local/bin/eopenssl31)
 LIBRARIES +=           openssl31
 .endif
+.if exists(/usr/local/bin/eopenssl32)
+LIBRARIES +=           openssl32
+.endif
 
 # run netcat server and connect with test client
 
diff --git a/regress/lib/libssl/interop/openssl32/Makefile b/regress/lib/libssl/interop/openssl32/Makefile
new file mode 100644 (file)
index 0000000..12536d0
--- /dev/null
@@ -0,0 +1,43 @@
+# $OpenBSD: Makefile,v 1.1 2024/08/18 09:14:17 tb Exp $
+
+.if ! exists(/usr/local/bin/eopenssl32)
+regress:
+       # install openssl-3.2 ports for interop tests
+       @echo 'Run "pkg_add openssl--%3.2" to run tests against OpenSSL 3.2'
+       @echo SKIPPED
+.else
+
+PROGS =                        client server
+CPPFLAGS =             -I /usr/local/include/eopenssl32
+LDFLAGS =              -L /usr/local/lib/eopenssl32
+LDADD =                        -lssl -lcrypto
+DPADD =                        /usr/local/lib/eopenssl32/libssl.a \
+                       /usr/local/lib/eopenssl32/libcrypto.a
+LD_LIBRARY_PATH =      /usr/local/lib/eopenssl32
+REGRESS_TARGETS =      run-self-client-server
+.for p in ${PROGS}
+REGRESS_TARGETS +=     run-ldd-$p run-version-$p run-protocol-$p
+.endfor
+
+.for p in ${PROGS}
+
+run-ldd-$p: ldd-$p.out
+       # check that $p is linked with OpenSSL 3.2
+       grep -q /usr/local/lib/eopenssl32/libcrypto.so ldd-$p.out
+       grep -q /usr/local/lib/eopenssl32/libssl.so ldd-$p.out
+       # check that $p is not linked with LibreSSL
+       ! grep -v libc.so ldd-$p.out | grep /usr/lib/
+
+run-version-$p: $p-self.out
+       # check that runtime version is OpenSSL 3.2
+       grep 'SSLEAY_VERSION: OpenSSL 3.2' $p-self.out
+
+run-protocol-$p: $p-self.out
+       # check that OpenSSL 3.2 protocol version is TLS 1.3
+       grep 'Protocol *: TLSv1.3' $p-self.out
+
+.endfor
+
+.endif # exists(/usr/local/bin/eopenssl32)
+
+.include <bsd.regress.mk>
index 99daa4b..d1644de 100644 (file)
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.9 2023/10/30 17:15:21 tb Exp $
+# $OpenBSD: Makefile,v 1.10 2024/08/18 09:14:17 tb Exp $
 
 LIBRARIES =            libressl
 .if exists(/usr/local/bin/eopenssl11)
@@ -10,6 +10,9 @@ LIBRARIES +=          openssl11
 .if exists(/usr/local/bin/eopenssl31)
 #LIBRARIES +=          openssl31
 .endif
+.if exists(/usr/local/bin/eopenssl32)
+#LIBRARIES +=          openssl32
+.endif
 
 run-session-client-libressl-server-libressl \
 run-session-client-libressl-server-openssl11 \