deps: upgrade openssl sources to 1.0.2b

This just replaces all sources of openssl-1.0.2b.tar.gz into deps/openssl/openssl Fixes: https://github.com/nodejs/io.js/issues/1921 PR-URL: https://github.com/nodejs/io.js/pull/1950 Reviewed-By: Fedor Indutny <fedor@indutny.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
author: Shigeki Ohtsu <ohtsu@iij.ad.jp> 2015-06-12 00:00:05 +0900
committer: Shigeki Ohtsu <ohtsu@iij.ad.jp> 2015-06-12 09:47:44 +0900
commit: c21b24decf6fef3d808cdf1e2fa58be156898d65 (patch)
tree: 3c4cfc597b96b6fbb1c1f18bce4693396c97b32d /deps/openssl/openssl/test
parent: a6b8ee19b85bbd798510191f0aee596f36b909d2 (diff)
download: android-node-v8-c21b24decf6fef3d808cdf1e2fa58be156898d65.tar.gz
android-node-v8-c21b24decf6fef3d808cdf1e2fa58be156898d65.tar.bz2
android-node-v8-c21b24decf6fef3d808cdf1e2fa58be156898d65.zip
6 files changed, 87 insertions, 23 deletions
diff --git a/deps/openssl/openssl/test/Makefile b/deps/openssl/openssl/test/Makefile
index 338867952f..a570fadf98 100644
--- a/deps/openssl/openssl/test/Makefile
+++ b/deps/openssl/openssl/test/Makefile
@@ -351,12 +351,13 @@ test_constant_time: $(CONSTTIMETEST)$(EXE_EXT)
 lint:
 	lint -DLINT $(INCLUDES) $(SRC)>fluff
 
-depend:
-	@if [ -z "$(THIS)" ]; then \
-	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
-	else \
-	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
-	fi
+update: local_depend
+	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+depend: local_depend
+	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+local_depend:
+	@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC)
 
 dclean:
 	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
@@ -368,10 +369,10 @@ clean:
 	rm -f .rnd tmp.bntest tmp.bctest *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log dummytest
 
 $(DLIBSSL):
-	(cd ..; $(MAKE) DIRS=ssl all)
+	(cd ..; $(MAKE) build_libssl)
 
 $(DLIBCRYPTO):
-	(cd ..; $(MAKE) DIRS=crypto all)
+	(cd ..; $(MAKE) build_libcrypto)
 
 BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
 		shlib_target="$(SHLIB_TARGET)"; \
diff --git a/deps/openssl/openssl/test/cms-test.pl b/deps/openssl/openssl/test/cms-test.pl
index 57c541bbd9..baa3b5948a 100644
--- a/deps/openssl/openssl/test/cms-test.pl
+++ b/deps/openssl/openssl/test/cms-test.pl
@@ -113,7 +113,7 @@ else
 	{
 	die "Error checking for EC support\n";
 	}
-
+    
 system ("$ossl_path no-ec2m > $null_path");
 if ($? == 0)
 	{
@@ -128,7 +128,7 @@ else
 	die "Error checking for EC2M support\n";
 	}
 
-system ("$ossl_path no-ecdh > $null_path");
+system ("$ossl_path no-ec > $null_path");
 if ($? == 0)
 	{
 	$no_ecdh = 1;
@@ -141,7 +141,7 @@ else
 	{
 	die "Error checking for ECDH support\n";
 	}
-
+    
 my @smime_pkcs7_tests = (
 
     [
@@ -453,6 +453,14 @@ my @smime_cms_param_tests = (
     ],
 
     [
+"enveloped content test streaming S/MIME format, ECDH, key identifier",
+        "-encrypt -keyid -in smcont.txt"
+          . " -stream -out test.cms"
+          . " -recip $smdir/smec1.pem",
+        "-decrypt -recip $smdir/smec1.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
 "enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF",
         "-encrypt -in smcont.txt"
           . " -stream -out test.cms"
diff --git a/deps/openssl/openssl/test/ocsp-tests/D3_Cert_EE.pem b/deps/openssl/openssl/test/ocsp-tests/D3_Cert_EE.pem
index e0a80d359b..f371ed1f17 100644
--- a/deps/openssl/openssl/test/ocsp-tests/D3_Cert_EE.pem
+++ b/deps/openssl/openssl/test/ocsp-tests/D3_Cert_EE.pem
@@ -21,11 +21,11 @@ BQUAA4ICAQA2+uCGX18kZD8gyfj44TlwV4TXJ5BrT0M9qogg2k5u057i+X2ePy3D
 iE2REyLkU+i5ekH5gvTl74uSJKtpSf/hMyJEByyPyIULhlXCl46z2Z60drYzO4ig
 apCdkm0JthVGvk6/hjdaxgBGhUvSTEP5nLNkDa+uYVHJI58wfX2oh9gqxf8VnMJ8
 /A8Zi6mYCWUlFUobNd/ozyDZ6WVntrLib85sAFhds93nkoUYxgx1N9Xg/I31/jcL
-6bqmpRAZcbPtvEom0RyqPLM+AOgySWiYbg1Nl8nKx25C2AuXk63NN4CVwkXpdFF3
-q5qk1izPruvJ68jNW0pG7nrMQsiY2BCesfGyEzY8vfrMjeR5MLNv5r+obeYFnC1j
-uYp6JBt+thW+xPFzHYLjohKPwo/NbMOjIUM9gv/Pq3rVRPgWru4/8yYWhrmEK370
-rtlYBUSGRUdR8xed1Jvs+4qJ3s9t41mLSXvUfwyPsT7eoloUAfw3RhdwOzXoC2P6
-ftmniyu/b/HuYH1AWK+HFtFi9CHiMIqOJMhj/LnzL9udrQOpir7bVej/mlb3kSRo
-2lZymKOvuMymMpJkvBvUU/QEbCxWZAkTyqL2qlcQhHv7W366DOFjxDqpthaTRD69
-T8i/2AnsBDjYFxa47DisIvR57rLmE+fILjSvd94N/IpGs3lSOS5JeA==
+6bqmpRAZcbPtvEom0RyqPLM+AOgySWiYbg1Nl8nKx25C2AuXk63NN4CVwkXpdFF3                                                                                                               
+q5qk1izPruvJ68jNW0pG7nrMQsiY2BCesfGyEzY8vfrMjeR5MLNv5r+obeYFnC1j                                                                                                               
+uYp6JBt+thW+xPFzHYLjohKPwo/NbMOjIUM9gv/Pq3rVRPgWru4/8yYWhrmEK370                                                                                                               
+rtlYBUSGRUdR8xed1Jvs+4qJ3s9t41mLSXvUfwyPsT7eoloUAfw3RhdwOzXoC2P6                                                                                                               
+ftmniyu/b/HuYH1AWK+HFtFi9CHiMIqOJMhj/LnzL9udrQOpir7bVej/mlb3kSRo                                                                                                               
+2lZymKOvuMymMpJkvBvUU/QEbCxWZAkTyqL2qlcQhHv7W366DOFjxDqpthaTRD69                                                                                                               
+T8i/2AnsBDjYFxa47DisIvR57rLmE+fILjSvd94N/IpGs3lSOS5JeA==                                                                                                                       
 -----END CERTIFICATE-----
diff --git a/deps/openssl/openssl/test/smime-certs/ca.cnf b/deps/openssl/openssl/test/smime-certs/ca.cnf
index 9e1def2493..5e8b108654 100644
--- a/deps/openssl/openssl/test/smime-certs/ca.cnf
+++ b/deps/openssl/openssl/test/smime-certs/ca.cnf
@@ -63,3 +63,4 @@ subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid:always
 basicConstraints = critical,CA:true
 keyUsage = critical, cRLSign, keyCertSign
+
diff --git a/deps/openssl/openssl/test/testssl b/deps/openssl/openssl/test/testssl
index e3b342bfd4..ddebf08534 100644
--- a/deps/openssl/openssl/test/testssl
+++ b/deps/openssl/openssl/test/testssl
@@ -101,6 +101,30 @@ $ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
 echo test sslv2/sslv3 via BIO pair
 $ssltest $extra || exit 1
 
+echo test dtlsv1
+$ssltest -dtls1 $extra || exit 1
+
+echo test dtlsv1 with server authentication
+$ssltest -dtls1 -server_auth $CA $extra || exit 1
+
+echo test dtlsv1 with client authentication
+$ssltest -dtls1 -client_auth $CA $extra || exit 1
+
+echo test dtlsv1 with both client and server authentication
+$ssltest -dtls1 -server_auth -client_auth $CA $extra || exit 1
+
+echo test dtlsv1.2
+$ssltest -dtls12 $extra || exit 1
+
+echo test dtlsv1.2 with server authentication
+$ssltest -dtls12 -server_auth $CA $extra || exit 1
+
+echo test dtlsv1.2 with client authentication
+$ssltest -dtls12 -client_auth $CA $extra || exit 1
+
+echo test dtlsv1.2 with both client and server authentication
+$ssltest -dtls12 -server_auth -client_auth $CA $extra || exit 1
+
 if [ $dsa_cert = NO ]; then
   echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
   $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
@@ -121,10 +145,9 @@ $ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
 echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
 $ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
 
-echo "Testing ciphersuites"
-for protocol in TLSv1.2 SSLv3; do
-  echo "Testing ciphersuites for $protocol"
-  for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
+test_cipher() {
+  local cipher=$1
+  local protocol=$2
     echo "Testing $cipher"
     prot=""
     if [ $protocol = "SSLv3" ] ; then
@@ -135,7 +158,38 @@ for protocol in TLSv1.2 SSLv3; do
 	  echo "Failed $cipher"
 	  exit 1
     fi
+}
+
+echo "Testing ciphersuites"
+for protocol in TLSv1.2 SSLv3; do
+  echo "Testing ciphersuites for $protocol"
+  for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
+    test_cipher $cipher $protocol
   done
+  if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+    echo "skipping RSA+DHE tests"
+  else
+    for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do
+      test_cipher $cipher $protocol
+    done
+    echo "testing connection with weak DH, expecting failure"
+    if [ $protocol = "SSLv3" ] ; then
+      $ssltest -cipher EDH -dhe512 -ssl3
+    else
+      $ssltest -cipher EDH -dhe512
+    fi
+    if [ $? -eq 0 ]; then
+      echo "FAIL: connection with weak DH succeeded"
+      exit 1
+    fi
+  fi
+  if ../util/shlib_wrap.sh ../apps/openssl no-ec; then
+    echo "skipping RSA+ECDHE tests"
+  else
+    for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EECDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do
+      test_cipher $cipher $protocol
+    done
+  fi
 done
 
 #############################################################################
diff --git a/deps/openssl/openssl/test/tocsp b/deps/openssl/openssl/test/tocsp
index 5fc291ca6e..48e81bf302 100644
--- a/deps/openssl/openssl/test/tocsp
+++ b/deps/openssl/openssl/test/tocsp
@@ -8,7 +8,7 @@ check_time="-attime 1355875200"
 test_ocsp () {
 
 	$cmd base64 -d -in $ocspdir/$1 | \
-		$cmd ocsp -respin - -partial_chain $check_time \
+		$cmd ocsp -respin - -partial_chain $check_time -trusted_first \
 		-CAfile $ocspdir/$2 -verify_other $ocspdir/$2 -CApath /dev/null
 	[ $? != $3 ] && exit 1
 }
author	Shigeki Ohtsu <ohtsu@iij.ad.jp>	2015-06-12 00:00:05 +0900
committer	Shigeki Ohtsu <ohtsu@iij.ad.jp>	2015-06-12 09:47:44 +0900
commit	c21b24decf6fef3d808cdf1e2fa58be156898d65 (patch)
tree	3c4cfc597b96b6fbb1c1f18bce4693396c97b32d /deps/openssl/openssl/test
parent	a6b8ee19b85bbd798510191f0aee596f36b909d2 (diff)
download	android-node-v8-c21b24decf6fef3d808cdf1e2fa58be156898d65.tar.gz android-node-v8-c21b24decf6fef3d808cdf1e2fa58be156898d65.tar.bz2 android-node-v8-c21b24decf6fef3d808cdf1e2fa58be156898d65.zip