blob: 7ac86ccbeb622a3952a6b7035845da7a474e9742 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
# $OpenBSD: Makefile,v 1.3 2020/12/17 00:51:12 bluhm Exp $
# Connect a client to a server. Both can be current libressl, or
# openssl 1.0.2, or openssl 1.1. Pin client or server to a fixed TLS
# version number. Incompatible versions must fail. Check that client
# and server have used correct version by grepping in their session
# print out.
LIBRARIES = libressl
.if exists(/usr/local/bin/eopenssl)
LIBRARIES += openssl
.endif
.if exists(/usr/local/bin/eopenssl11)
LIBRARIES += openssl11
.endif
VERSIONS = any TLS1 TLS1_1 TLS1_2 TLS1_3
.for cver in ${VERSIONS}
.for sver in ${VERSIONS}
.if "${cver}" == any || "${sver}" == any || "${cver}" == "${sver}"
FAIL_${cver}_${sver} =
.else
FAIL_${cver}_${sver} = !
.endif
.for clib in ${LIBRARIES}
.for slib in ${LIBRARIES}
.if ("${clib}" != openssl && "${slib}" != openssl) || \
("${cver}" != TLS1_3 && "${sver}" != TLS1_3)
.if ("${clib}" == "libressl" || "${slib}" == "libressl")
REGRESS_TARGETS += run-version-client-${clib}-${cver}-server-${slib}-${sver}
.else
REGRESS_SLOW_TARGETS += run-version-client-${clib}-${cver}-server-${slib}-${sver}
.endif
run-version-client-${clib}-${cver}-server-${slib}-${sver} \
client-version-client-${clib}-${cver}-server-${slib}-${sver}.out \
server-version-client-${clib}-${cver}-server-${slib}-${sver}.out: \
127.0.0.1.crt ../${clib}/client ../${slib}/server
LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
../${slib}/server >${@:S/^run/server/}.out \
-c 127.0.0.1.crt -k 127.0.0.1.key \
${sver:Nany:S/^/-V /} \
127.0.0.1 0
${FAIL_${cver}_${sver}} \
LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
../${clib}/client >${@:S/^run/client/}.out \
${cver:Nany:S/^/-V /} \
`sed -n 's/listen sock: //p' ${@:S/^run/server/}.out`
.if empty(${FAIL_${cver}_${sver}})
grep -q '^success$$' ${@:S/^run/server/}.out || \
{ sleep 1; grep -q '^success$$' ${@:S/^run/server/}.out; }
grep -q '^success$$' ${@:S/^run/client/}.out
.endif
.if empty(${FAIL_${cver}_${sver}})
.if ("${clib}" == "libressl" || "${slib}" == "libressl")
REGRESS_TARGETS += check-version-client-${clib}-${cver}-server-${slib}-${sver}
.else
REGRESS_SLOW_TARGETS += check-version-client-${clib}-${cver}-server-${slib}-${sver}
.endif
check-version-client-${clib}-${cver}-server-${slib}-${sver}: \
client-version-client-${clib}-${cver}-server-${slib}-${sver}.out \
server-version-client-${clib}-${cver}-server-${slib}-${sver}.out
@grep ' Protocol *: ' ${@:S/^check/client/}.out
@grep ' Protocol *: ' ${@:S/^check/server/}.out
.if "${cver}" == any
.if "${sver}" == any
.if "${clib}" == openssl || "${slib}" == openssl
grep -q ' Protocol *: TLSv1.2$$' ${@:S/^check/client/}.out
grep -q ' Protocol *: TLSv1.2$$' ${@:S/^check/server/}.out
.else
grep -q ' Protocol *: TLSv1.3$$' ${@:S/^check/client/}.out
grep -q ' Protocol *: TLSv1.3$$' ${@:S/^check/server/}.out
.endif
.else
grep -q ' Protocol *: ${sver:S/TLS/TLSv/:S/_/./}$$' \
${@:S/^check/client/}.out
grep -q ' Protocol *: ${sver:S/TLS/TLSv/:S/_/./}$$' \
${@:S/^check/server/}.out
.endif
.else
grep -q ' Protocol *: ${cver:S/TLS/TLSv/:S/_/./}$$' \
${@:S/^check/client/}.out
grep -q ' Protocol *: ${cver:S/TLS/TLSv/:S/_/./}$$' \
${@:S/^check/server/}.out
.endif
.endif
.endif
.endfor
.endfor
.endfor
.endfor
.include <bsd.regress.mk>
|
