From: tb <tb@openbsd.org>
Date: Thu, 7 Jul 2022 13:12:57 +0000 (+0000)
Subject: Only run tests against ciphers supported by the method.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=96b8bb3ec7524913f6ec41f74b56a1d89f0e6510;p=openbsd

Only run tests against ciphers supported by the method.
---

diff --git a/regress/lib/libssl/interop/client.c b/regress/lib/libssl/interop/client.c
index a8e66c28760..31a960381ee 100644
--- a/regress/lib/libssl/interop/client.c
+++ b/regress/lib/libssl/interop/client.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: client.c,v 1.10 2020/09/14 00:51:04 bluhm Exp $	*/
+/*	$OpenBSD: client.c,v 1.11 2022/07/07 13:12:57 tb Exp $	*/
 /*
  * Copyright (c) 2018-2019 Alexander Bluhm <bluhm@openbsd.org>
  *
@@ -184,10 +184,22 @@ main(int argc, char *argv[])
 	}
 
 	if (listciphers) {
+		STACK_OF(SSL_CIPHER) *supported_ciphers;
+
+#if OPENSSL_VERSION_NUMBER < 0x1010000f
+#define SSL_get1_supported_ciphers SSL_get_ciphers
+#endif
 		ssl = SSL_new(ctx);
 		if (ssl == NULL)
 			err_ssl(1, "SSL_new");
-		print_ciphers(SSL_get_ciphers(ssl));
+		supported_ciphers = SSL_get1_supported_ciphers(ssl);
+		if (supported_ciphers == NULL)
+			err_ssl(1, "SSL_get1_supported_ciphers");
+		print_ciphers(supported_ciphers);
+
+#if OPENSSL_VERSION_NUMBER >= 0x1010000f
+		sk_SSL_CIPHER_free(supported_ciphers);
+#endif
 		return 0;
 	}
 
diff --git a/regress/lib/libssl/interop/server.c b/regress/lib/libssl/interop/server.c
index 68e277a87bd..c8e4cb7fc30 100644
--- a/regress/lib/libssl/interop/server.c
+++ b/regress/lib/libssl/interop/server.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: server.c,v 1.10 2021/07/06 11:50:34 bluhm Exp $	*/
+/*	$OpenBSD: server.c,v 1.11 2022/07/07 13:12:57 tb Exp $	*/
 /*
  * Copyright (c) 2018-2019 Alexander Bluhm <bluhm@openbsd.org>
  *
@@ -229,10 +229,22 @@ main(int argc, char *argv[])
 	}
 
 	if (listciphers) {
+		STACK_OF(SSL_CIPHER) *supported_ciphers;
+
+#if OPENSSL_VERSION_NUMBER < 0x1010000f
+#define SSL_get1_supported_ciphers SSL_get_ciphers
+#endif
 		ssl = SSL_new(ctx);
 		if (ssl == NULL)
 			err_ssl(1, "SSL_new");
-		print_ciphers(SSL_get_ciphers(ssl));
+		supported_ciphers = SSL_get1_supported_ciphers(ssl);
+		if (supported_ciphers == NULL)
+			err_ssl(1, "SSL_get1_supported_ciphers");
+		print_ciphers(supported_ciphers);
+
+#if OPENSSL_VERSION_NUMBER >= 0x1010000f
+		sk_SSL_CIPHER_free(supported_ciphers);
+#endif
 		return 0;
 	}