From 047d933ac8dfb2f4978c5bbfbe2a00f1fb5998ad Mon Sep 17 00:00:00 2001 From: tb Date: Sun, 29 Aug 2021 12:40:37 +0000 Subject: [PATCH] Use s_server -naccept 1 and remove echo "Q" | openssl s_client hack. --- regress/usr.bin/openssl/x509/Makefile | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/regress/usr.bin/openssl/x509/Makefile b/regress/usr.bin/openssl/x509/Makefile index c61c1a595a5..94cdf8d3992 100644 --- a/regress/usr.bin/openssl/x509/Makefile +++ b/regress/usr.bin/openssl/x509/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.4 2021/04/27 05:14:25 tb Exp $ +# $OpenBSD: Makefile,v 1.5 2021/08/29 12:40:37 tb Exp $ # Copyright (c) 2021 Jan Klemkow # @@ -56,49 +56,49 @@ cleanup-ssl: test-inlabel-wildcard-cert-no-CA-client: # unusual wildcard cert, no CA given to client # start server - ${OPENSSL} s_server -cert server-unusual-wildcard.pem \ + ${OPENSSL} s_server -naccept 1 -cert server-unusual-wildcard.pem \ -key server-unusual-wildcard.pem & \ timeout=$$(($$(date +%s) + 5)); \ while fstat -p $$! | ! grep -q 'tcp .* \*:4433$$'; \ do test $$(date +%s) -lt $$timeout || exit 1; done # start client - echo "Q" | ${OPENSSL} s_client -verify_return_error \ + ${OPENSSL} s_client -verify_return_error \ | grep "Verify return code: 21" test-inlabel-wildcard-cert-CA-client: # unusual wildcard cert, CA given to client # start server - ${OPENSSL} s_server -cert server-unusual-wildcard.pem \ + ${OPENSSL} s_server -naccept 1 -cert server-unusual-wildcard.pem \ -key server-unusual-wildcard.pem & \ timeout=$$(($$(date +%s) + 5)); \ while fstat -p $$! | ! grep -q 'tcp .* \*:4433$$'; \ do test $$(date +%s) -lt $$timeout || exit 1; done # start client - echo "Q" | ${OPENSSL} s_client -CAfile caR.pem \ + ${OPENSSL} s_client -CAfile caR.pem \ | grep "Verify return code: 0" test-common-wildcard-cert-no-CA-client: # common wildcard cert, no CA given to client # start server - ${OPENSSL} s_server -cert server-common-wildcard.pem \ + ${OPENSSL} s_server -naccept 1 -cert server-common-wildcard.pem \ -key server-common-wildcard.pem & \ timeout=$$(($$(date +%s) + 5)); \ while fstat -p $$! | ! grep -q 'tcp .* \*:4433$$'; \ do test $$(date +%s) -lt $$timeout || exit 1; done # start client - echo "Q" | ${OPENSSL} s_client \ + ${OPENSSL} s_client \ | grep "Verify return code: 21" test-common-wildcard-cert-CA-client: # common wildcard cert, CA given to client # start server - ${OPENSSL} s_server -cert server-unusual-wildcard.pem \ + ${OPENSSL} s_server -naccept 1 -cert server-unusual-wildcard.pem \ -key server-unusual-wildcard.pem & \ timeout=$$(($$(date +%s) + 5)); \ while fstat -p $$! | ! grep -q 'tcp .* \*:4433$$'; \ do test $$(date +%s) -lt $$timeout || exit 1; done # start client - echo "Q" | ${OPENSSL} s_client -CAfile caR.pem \ + ${OPENSSL} s_client -CAfile caR.pem \ | grep "Verify return code: 21" test-verify-unusual-wildcard-cert: @@ -114,13 +114,12 @@ test-openssl-verify-common-wildcard-cert: test-chain-certificates-s_server: # Not all chain certificates are sent in s_server # start server - # ${OPENSSL} s_server -cert server-subca.pem -CAfile subcaR.pem - ${OPENSSL} s_server -cert server-subca-chainS.pem -CAfile subcaR.pem & \ + ${OPENSSL} s_server -naccept 1 -cert server-subca-chainS.pem -CAfile subcaR.pem & \ timeout=$$(($$(date +%s) + 5)); \ while fstat -p $$! | ! grep -q 'tcp .* \*:4433$$'; \ do test $$(date +%s) -lt $$timeout || exit 1; done # start client - ${OPENSSL} s_client -CAfile caR.pem | grep "Verify return code: 0" + ${OPENSSL} s_client -CAfile caR.pem | grep "Verify return code: 0" test-alternative-chain: # alternative chain not found -- 2.20.1