Loading ssl/ssltest.c +33 −0 Original line number Diff line number Diff line Loading @@ -85,6 +85,11 @@ # define TEST_CLIENT_CERT "../apps/client.pem" #endif /* There is really no standard for this, so let's assign some tentative numbers. In any case, these numbers are only for this test */ #define COMP_RLE 1 #define COMP_ZLIB 2 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); #ifndef NO_RSA static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength); Loading Loading @@ -148,6 +153,8 @@ static void sv_usage(void) fprintf(stderr," -bio_pair - Use BIO pairs\n"); fprintf(stderr," -f - Test even cases that can't work\n"); fprintf(stderr," -time - measure processor time used by client and server\n"); fprintf(stderr," -zlib - use zlib compression\n"); fprintf(stderr," -time - use rle compression\n"); } static void print_details(SSL *c_ssl, const char *prefix) Loading Loading @@ -220,6 +227,7 @@ int main(int argc, char *argv[]) int no_dhe = 0; int print_time = 0; clock_t s_time = 0, c_time = 0; int comp = 0; verbose = 0; debug = 0; Loading Loading @@ -333,6 +341,14 @@ int main(int argc, char *argv[]) { print_time = 1; } else if (strcmp(*argv,"-zlib") == 0) { comp = COMP_ZLIB; } else if (strcmp(*argv,"-rle") == 0) { comp = COMP_RLE; } else { fprintf(stderr,"unknown option %s\n",*argv); Loading Loading @@ -374,6 +390,23 @@ bad: SSL_library_init(); SSL_load_error_strings(); if (comp == COMP_ZLIB) { COMP_METHOD *cm = COMP_zlib(); if (cm->type != NID_undef) SSL_COMP_add_compression_method(COMP_ZLIB, cm); else fprintf(stderr, "Warning: zlib compression not supported\n"); } if (comp == COMP_RLE) { COMP_METHOD *cm = COMP_rle(); if (cm->type != NID_undef) SSL_COMP_add_compression_method(COMP_RLE, cm); else fprintf(stderr, "Warning: rle compression not supported\n"); } #if !defined(NO_SSL2) && !defined(NO_SSL3) if (ssl2) meth=SSLv2_method(); Loading test/testssl +35 −29 Original line number Diff line number Diff line Loading @@ -24,105 +24,111 @@ else CA="-CAfile $3" fi if [ "$4" = "" ]; then extra="" else extra="$4" fi ############################################################################# echo test sslv2 $ssltest -ssl2 || exit 1 $ssltest -ssl2 $extra || exit 1 echo test sslv2 with server authentication $ssltest -ssl2 -server_auth $CA || exit 1 $ssltest -ssl2 -server_auth $CA $extra || exit 1 if [ $dsa_cert = NO ]; then echo test sslv2 with client authentication $ssltest -ssl2 -client_auth $CA || exit 1 $ssltest -ssl2 -client_auth $CA $extra || exit 1 echo test sslv2 with both client and server authentication $ssltest -ssl2 -server_auth -client_auth $CA || exit 1 $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1 fi echo test sslv3 $ssltest -ssl3 || exit 1 $ssltest -ssl3 $extra || exit 1 echo test sslv3 with server authentication $ssltest -ssl3 -server_auth $CA || exit 1 $ssltest -ssl3 -server_auth $CA $extra || exit 1 echo test sslv3 with client authentication $ssltest -ssl3 -client_auth $CA || exit 1 $ssltest -ssl3 -client_auth $CA $extra || exit 1 echo test sslv3 with both client and server authentication $ssltest -ssl3 -server_auth -client_auth $CA || exit 1 $ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 $ssltest || exit 1 $ssltest $extra || exit 1 echo test sslv2/sslv3 with server authentication $ssltest -server_auth $CA || exit 1 $ssltest -server_auth $CA $extra || exit 1 echo test sslv2/sslv3 with client authentication $ssltest -client_auth $CA || exit 1 $ssltest -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 with both client and server authentication $ssltest -server_auth -client_auth $CA || exit 1 $ssltest -server_auth -client_auth $CA $extra || exit 1 echo test sslv2 via BIO pair $ssltest -bio_pair -ssl2 || exit 1 $ssltest -bio_pair -ssl2 $extra || exit 1 echo test sslv2 with server authentication via BIO pair $ssltest -bio_pair -ssl2 -server_auth $CA || exit 1 $ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1 if [ $dsa_cert = NO ]; then echo test sslv2 with client authentication via BIO pair $ssltest -bio_pair -ssl2 -client_auth $CA || exit 1 $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1 echo test sslv2 with both client and server authentication via BIO pair $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA || exit 1 $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1 fi echo test sslv3 via BIO pair $ssltest -bio_pair -ssl3 || exit 1 $ssltest -bio_pair -ssl3 $extra || exit 1 echo test sslv3 with server authentication via BIO pair $ssltest -bio_pair -ssl3 -server_auth $CA || exit 1 $ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1 echo test sslv3 with client authentication via BIO pair $ssltest -bio_pair -ssl3 -client_auth $CA || exit 1 $ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1 echo test sslv3 with both client and server authentication via BIO pair $ssltest -bio_pair -ssl3 -server_auth -client_auth $CA || exit 1 $ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 via BIO pair $ssltest || exit 1 $ssltest $extra || exit 1 if [ $dsa_cert = NO ]; then echo test sslv2/sslv3 w/o DHE via BIO pair $ssltest -bio_pair -no_dhe || exit 1 $ssltest -bio_pair -no_dhe $extra || exit 1 fi echo test sslv2/sslv3 with 1024bit DHE via BIO pair $ssltest -bio_pair -dhe1024dsa -v || exit 1 $ssltest -bio_pair -dhe1024dsa -v $extra || exit 1 echo test sslv2/sslv3 with server authentication $ssltest -bio_pair -server_auth $CA || exit 1 $ssltest -bio_pair -server_auth $CA $extra || exit 1 echo test sslv2/sslv3 with client authentication via BIO pair $ssltest -bio_pair -client_auth $CA || exit 1 $ssltest -bio_pair -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 with both client and server authentication via BIO pair $ssltest -bio_pair -server_auth -client_auth $CA || exit 1 $ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1 ############################################################################# echo test tls1 with 1024bit anonymous DH, multiple handshakes $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time || exit 1 $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 if ../apps/openssl no-rsa; then echo skipping RSA tests else echo test tls1 with 1024bit RSA, no DHE, multiple handshakes ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time || exit 1 ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1 echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time || exit 1 ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 fi exit 0 Loading
ssl/ssltest.c +33 −0 Original line number Diff line number Diff line Loading @@ -85,6 +85,11 @@ # define TEST_CLIENT_CERT "../apps/client.pem" #endif /* There is really no standard for this, so let's assign some tentative numbers. In any case, these numbers are only for this test */ #define COMP_RLE 1 #define COMP_ZLIB 2 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); #ifndef NO_RSA static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength); Loading Loading @@ -148,6 +153,8 @@ static void sv_usage(void) fprintf(stderr," -bio_pair - Use BIO pairs\n"); fprintf(stderr," -f - Test even cases that can't work\n"); fprintf(stderr," -time - measure processor time used by client and server\n"); fprintf(stderr," -zlib - use zlib compression\n"); fprintf(stderr," -time - use rle compression\n"); } static void print_details(SSL *c_ssl, const char *prefix) Loading Loading @@ -220,6 +227,7 @@ int main(int argc, char *argv[]) int no_dhe = 0; int print_time = 0; clock_t s_time = 0, c_time = 0; int comp = 0; verbose = 0; debug = 0; Loading Loading @@ -333,6 +341,14 @@ int main(int argc, char *argv[]) { print_time = 1; } else if (strcmp(*argv,"-zlib") == 0) { comp = COMP_ZLIB; } else if (strcmp(*argv,"-rle") == 0) { comp = COMP_RLE; } else { fprintf(stderr,"unknown option %s\n",*argv); Loading Loading @@ -374,6 +390,23 @@ bad: SSL_library_init(); SSL_load_error_strings(); if (comp == COMP_ZLIB) { COMP_METHOD *cm = COMP_zlib(); if (cm->type != NID_undef) SSL_COMP_add_compression_method(COMP_ZLIB, cm); else fprintf(stderr, "Warning: zlib compression not supported\n"); } if (comp == COMP_RLE) { COMP_METHOD *cm = COMP_rle(); if (cm->type != NID_undef) SSL_COMP_add_compression_method(COMP_RLE, cm); else fprintf(stderr, "Warning: rle compression not supported\n"); } #if !defined(NO_SSL2) && !defined(NO_SSL3) if (ssl2) meth=SSLv2_method(); Loading
test/testssl +35 −29 Original line number Diff line number Diff line Loading @@ -24,105 +24,111 @@ else CA="-CAfile $3" fi if [ "$4" = "" ]; then extra="" else extra="$4" fi ############################################################################# echo test sslv2 $ssltest -ssl2 || exit 1 $ssltest -ssl2 $extra || exit 1 echo test sslv2 with server authentication $ssltest -ssl2 -server_auth $CA || exit 1 $ssltest -ssl2 -server_auth $CA $extra || exit 1 if [ $dsa_cert = NO ]; then echo test sslv2 with client authentication $ssltest -ssl2 -client_auth $CA || exit 1 $ssltest -ssl2 -client_auth $CA $extra || exit 1 echo test sslv2 with both client and server authentication $ssltest -ssl2 -server_auth -client_auth $CA || exit 1 $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1 fi echo test sslv3 $ssltest -ssl3 || exit 1 $ssltest -ssl3 $extra || exit 1 echo test sslv3 with server authentication $ssltest -ssl3 -server_auth $CA || exit 1 $ssltest -ssl3 -server_auth $CA $extra || exit 1 echo test sslv3 with client authentication $ssltest -ssl3 -client_auth $CA || exit 1 $ssltest -ssl3 -client_auth $CA $extra || exit 1 echo test sslv3 with both client and server authentication $ssltest -ssl3 -server_auth -client_auth $CA || exit 1 $ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 $ssltest || exit 1 $ssltest $extra || exit 1 echo test sslv2/sslv3 with server authentication $ssltest -server_auth $CA || exit 1 $ssltest -server_auth $CA $extra || exit 1 echo test sslv2/sslv3 with client authentication $ssltest -client_auth $CA || exit 1 $ssltest -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 with both client and server authentication $ssltest -server_auth -client_auth $CA || exit 1 $ssltest -server_auth -client_auth $CA $extra || exit 1 echo test sslv2 via BIO pair $ssltest -bio_pair -ssl2 || exit 1 $ssltest -bio_pair -ssl2 $extra || exit 1 echo test sslv2 with server authentication via BIO pair $ssltest -bio_pair -ssl2 -server_auth $CA || exit 1 $ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1 if [ $dsa_cert = NO ]; then echo test sslv2 with client authentication via BIO pair $ssltest -bio_pair -ssl2 -client_auth $CA || exit 1 $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1 echo test sslv2 with both client and server authentication via BIO pair $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA || exit 1 $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1 fi echo test sslv3 via BIO pair $ssltest -bio_pair -ssl3 || exit 1 $ssltest -bio_pair -ssl3 $extra || exit 1 echo test sslv3 with server authentication via BIO pair $ssltest -bio_pair -ssl3 -server_auth $CA || exit 1 $ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1 echo test sslv3 with client authentication via BIO pair $ssltest -bio_pair -ssl3 -client_auth $CA || exit 1 $ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1 echo test sslv3 with both client and server authentication via BIO pair $ssltest -bio_pair -ssl3 -server_auth -client_auth $CA || exit 1 $ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 via BIO pair $ssltest || exit 1 $ssltest $extra || exit 1 if [ $dsa_cert = NO ]; then echo test sslv2/sslv3 w/o DHE via BIO pair $ssltest -bio_pair -no_dhe || exit 1 $ssltest -bio_pair -no_dhe $extra || exit 1 fi echo test sslv2/sslv3 with 1024bit DHE via BIO pair $ssltest -bio_pair -dhe1024dsa -v || exit 1 $ssltest -bio_pair -dhe1024dsa -v $extra || exit 1 echo test sslv2/sslv3 with server authentication $ssltest -bio_pair -server_auth $CA || exit 1 $ssltest -bio_pair -server_auth $CA $extra || exit 1 echo test sslv2/sslv3 with client authentication via BIO pair $ssltest -bio_pair -client_auth $CA || exit 1 $ssltest -bio_pair -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 with both client and server authentication via BIO pair $ssltest -bio_pair -server_auth -client_auth $CA || exit 1 $ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1 ############################################################################# echo test tls1 with 1024bit anonymous DH, multiple handshakes $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time || exit 1 $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 if ../apps/openssl no-rsa; then echo skipping RSA tests else echo test tls1 with 1024bit RSA, no DHE, multiple handshakes ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time || exit 1 ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1 echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time || exit 1 ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 fi exit 0
