From 96b8bb3ec7524913f6ec41f74b56a1d89f0e6510 Mon Sep 17 00:00:00 2001 From: tb Date: Thu, 7 Jul 2022 13:12:57 +0000 Subject: [PATCH] Only run tests against ciphers supported by the method. --- regress/lib/libssl/interop/client.c | 16 ++++++++++++++-- regress/lib/libssl/interop/server.c | 16 ++++++++++++++-- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/regress/lib/libssl/interop/client.c b/regress/lib/libssl/interop/client.c index a8e66c28760..31a960381ee 100644 --- a/regress/lib/libssl/interop/client.c +++ b/regress/lib/libssl/interop/client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: client.c,v 1.10 2020/09/14 00:51:04 bluhm Exp $ */ +/* $OpenBSD: client.c,v 1.11 2022/07/07 13:12:57 tb Exp $ */ /* * Copyright (c) 2018-2019 Alexander Bluhm * @@ -184,10 +184,22 @@ main(int argc, char *argv[]) } if (listciphers) { + STACK_OF(SSL_CIPHER) *supported_ciphers; + +#if OPENSSL_VERSION_NUMBER < 0x1010000f +#define SSL_get1_supported_ciphers SSL_get_ciphers +#endif ssl = SSL_new(ctx); if (ssl == NULL) err_ssl(1, "SSL_new"); - print_ciphers(SSL_get_ciphers(ssl)); + supported_ciphers = SSL_get1_supported_ciphers(ssl); + if (supported_ciphers == NULL) + err_ssl(1, "SSL_get1_supported_ciphers"); + print_ciphers(supported_ciphers); + +#if OPENSSL_VERSION_NUMBER >= 0x1010000f + sk_SSL_CIPHER_free(supported_ciphers); +#endif return 0; } diff --git a/regress/lib/libssl/interop/server.c b/regress/lib/libssl/interop/server.c index 68e277a87bd..c8e4cb7fc30 100644 --- a/regress/lib/libssl/interop/server.c +++ b/regress/lib/libssl/interop/server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: server.c,v 1.10 2021/07/06 11:50:34 bluhm Exp $ */ +/* $OpenBSD: server.c,v 1.11 2022/07/07 13:12:57 tb Exp $ */ /* * Copyright (c) 2018-2019 Alexander Bluhm * @@ -229,10 +229,22 @@ main(int argc, char *argv[]) } if (listciphers) { + STACK_OF(SSL_CIPHER) *supported_ciphers; + +#if OPENSSL_VERSION_NUMBER < 0x1010000f +#define SSL_get1_supported_ciphers SSL_get_ciphers +#endif ssl = SSL_new(ctx); if (ssl == NULL) err_ssl(1, "SSL_new"); - print_ciphers(SSL_get_ciphers(ssl)); + supported_ciphers = SSL_get1_supported_ciphers(ssl); + if (supported_ciphers == NULL) + err_ssl(1, "SSL_get1_supported_ciphers"); + print_ciphers(supported_ciphers); + +#if OPENSSL_VERSION_NUMBER >= 0x1010000f + sk_SSL_CIPHER_free(supported_ciphers); +#endif return 0; } -- 2.20.1