diff options
author | Shigeki Ohtsu <ohtsu@iij.ad.jp> | 2015-06-12 00:00:05 +0900 |
---|---|---|
committer | Shigeki Ohtsu <ohtsu@iij.ad.jp> | 2015-06-12 09:47:44 +0900 |
commit | c21b24decf6fef3d808cdf1e2fa58be156898d65 (patch) | |
tree | 3c4cfc597b96b6fbb1c1f18bce4693396c97b32d /deps/openssl/openssl/test | |
parent | a6b8ee19b85bbd798510191f0aee596f36b909d2 (diff) | |
download | android-node-v8-c21b24decf6fef3d808cdf1e2fa58be156898d65.tar.gz android-node-v8-c21b24decf6fef3d808cdf1e2fa58be156898d65.tar.bz2 android-node-v8-c21b24decf6fef3d808cdf1e2fa58be156898d65.zip |
deps: upgrade openssl sources to 1.0.2b
This just replaces all sources of openssl-1.0.2b.tar.gz
into deps/openssl/openssl
Fixes: https://github.com/nodejs/io.js/issues/1921
PR-URL: https://github.com/nodejs/io.js/pull/1950
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Diffstat (limited to 'deps/openssl/openssl/test')
-rw-r--r-- | deps/openssl/openssl/test/Makefile | 17 | ||||
-rw-r--r-- | deps/openssl/openssl/test/cms-test.pl | 14 | ||||
-rw-r--r-- | deps/openssl/openssl/test/ocsp-tests/D3_Cert_EE.pem | 14 | ||||
-rw-r--r-- | deps/openssl/openssl/test/smime-certs/ca.cnf | 1 | ||||
-rw-r--r-- | deps/openssl/openssl/test/testssl | 62 | ||||
-rw-r--r-- | deps/openssl/openssl/test/tocsp | 2 |
6 files changed, 87 insertions, 23 deletions
diff --git a/deps/openssl/openssl/test/Makefile b/deps/openssl/openssl/test/Makefile index 338867952f..a570fadf98 100644 --- a/deps/openssl/openssl/test/Makefile +++ b/deps/openssl/openssl/test/Makefile @@ -351,12 +351,13 @@ test_constant_time: $(CONSTTIMETEST)$(EXE_EXT) lint: lint -DLINT $(INCLUDES) $(SRC)>fluff -depend: - @if [ -z "$(THIS)" ]; then \ - $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \ - else \ - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \ - fi +update: local_depend + @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi + +depend: local_depend + @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi +local_depend: + @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC) dclean: $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new @@ -368,10 +369,10 @@ clean: rm -f .rnd tmp.bntest tmp.bctest *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log dummytest $(DLIBSSL): - (cd ..; $(MAKE) DIRS=ssl all) + (cd ..; $(MAKE) build_libssl) $(DLIBCRYPTO): - (cd ..; $(MAKE) DIRS=crypto all) + (cd ..; $(MAKE) build_libcrypto) BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ shlib_target="$(SHLIB_TARGET)"; \ diff --git a/deps/openssl/openssl/test/cms-test.pl b/deps/openssl/openssl/test/cms-test.pl index 57c541bbd9..baa3b5948a 100644 --- a/deps/openssl/openssl/test/cms-test.pl +++ b/deps/openssl/openssl/test/cms-test.pl @@ -113,7 +113,7 @@ else { die "Error checking for EC support\n"; } - + system ("$ossl_path no-ec2m > $null_path"); if ($? == 0) { @@ -128,7 +128,7 @@ else die "Error checking for EC2M support\n"; } -system ("$ossl_path no-ecdh > $null_path"); +system ("$ossl_path no-ec > $null_path"); if ($? == 0) { $no_ecdh = 1; @@ -141,7 +141,7 @@ else { die "Error checking for ECDH support\n"; } - + my @smime_pkcs7_tests = ( [ @@ -453,6 +453,14 @@ my @smime_cms_param_tests = ( ], [ +"enveloped content test streaming S/MIME format, ECDH, key identifier", + "-encrypt -keyid -in smcont.txt" + . " -stream -out test.cms" + . " -recip $smdir/smec1.pem", + "-decrypt -recip $smdir/smec1.pem -in test.cms -out smtst.txt" + ], + + [ "enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF", "-encrypt -in smcont.txt" . " -stream -out test.cms" diff --git a/deps/openssl/openssl/test/ocsp-tests/D3_Cert_EE.pem b/deps/openssl/openssl/test/ocsp-tests/D3_Cert_EE.pem index e0a80d359b..f371ed1f17 100644 --- a/deps/openssl/openssl/test/ocsp-tests/D3_Cert_EE.pem +++ b/deps/openssl/openssl/test/ocsp-tests/D3_Cert_EE.pem @@ -21,11 +21,11 @@ BQUAA4ICAQA2+uCGX18kZD8gyfj44TlwV4TXJ5BrT0M9qogg2k5u057i+X2ePy3D iE2REyLkU+i5ekH5gvTl74uSJKtpSf/hMyJEByyPyIULhlXCl46z2Z60drYzO4ig apCdkm0JthVGvk6/hjdaxgBGhUvSTEP5nLNkDa+uYVHJI58wfX2oh9gqxf8VnMJ8 /A8Zi6mYCWUlFUobNd/ozyDZ6WVntrLib85sAFhds93nkoUYxgx1N9Xg/I31/jcL -6bqmpRAZcbPtvEom0RyqPLM+AOgySWiYbg1Nl8nKx25C2AuXk63NN4CVwkXpdFF3 -q5qk1izPruvJ68jNW0pG7nrMQsiY2BCesfGyEzY8vfrMjeR5MLNv5r+obeYFnC1j -uYp6JBt+thW+xPFzHYLjohKPwo/NbMOjIUM9gv/Pq3rVRPgWru4/8yYWhrmEK370 -rtlYBUSGRUdR8xed1Jvs+4qJ3s9t41mLSXvUfwyPsT7eoloUAfw3RhdwOzXoC2P6 -ftmniyu/b/HuYH1AWK+HFtFi9CHiMIqOJMhj/LnzL9udrQOpir7bVej/mlb3kSRo -2lZymKOvuMymMpJkvBvUU/QEbCxWZAkTyqL2qlcQhHv7W366DOFjxDqpthaTRD69 -T8i/2AnsBDjYFxa47DisIvR57rLmE+fILjSvd94N/IpGs3lSOS5JeA== +6bqmpRAZcbPtvEom0RyqPLM+AOgySWiYbg1Nl8nKx25C2AuXk63NN4CVwkXpdFF3 +q5qk1izPruvJ68jNW0pG7nrMQsiY2BCesfGyEzY8vfrMjeR5MLNv5r+obeYFnC1j +uYp6JBt+thW+xPFzHYLjohKPwo/NbMOjIUM9gv/Pq3rVRPgWru4/8yYWhrmEK370 +rtlYBUSGRUdR8xed1Jvs+4qJ3s9t41mLSXvUfwyPsT7eoloUAfw3RhdwOzXoC2P6 +ftmniyu/b/HuYH1AWK+HFtFi9CHiMIqOJMhj/LnzL9udrQOpir7bVej/mlb3kSRo +2lZymKOvuMymMpJkvBvUU/QEbCxWZAkTyqL2qlcQhHv7W366DOFjxDqpthaTRD69 +T8i/2AnsBDjYFxa47DisIvR57rLmE+fILjSvd94N/IpGs3lSOS5JeA== -----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/smime-certs/ca.cnf b/deps/openssl/openssl/test/smime-certs/ca.cnf index 9e1def2493..5e8b108654 100644 --- a/deps/openssl/openssl/test/smime-certs/ca.cnf +++ b/deps/openssl/openssl/test/smime-certs/ca.cnf @@ -63,3 +63,4 @@ subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always basicConstraints = critical,CA:true keyUsage = critical, cRLSign, keyCertSign + diff --git a/deps/openssl/openssl/test/testssl b/deps/openssl/openssl/test/testssl index e3b342bfd4..ddebf08534 100644 --- a/deps/openssl/openssl/test/testssl +++ b/deps/openssl/openssl/test/testssl @@ -101,6 +101,30 @@ $ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 via BIO pair $ssltest $extra || exit 1 +echo test dtlsv1 +$ssltest -dtls1 $extra || exit 1 + +echo test dtlsv1 with server authentication +$ssltest -dtls1 -server_auth $CA $extra || exit 1 + +echo test dtlsv1 with client authentication +$ssltest -dtls1 -client_auth $CA $extra || exit 1 + +echo test dtlsv1 with both client and server authentication +$ssltest -dtls1 -server_auth -client_auth $CA $extra || exit 1 + +echo test dtlsv1.2 +$ssltest -dtls12 $extra || exit 1 + +echo test dtlsv1.2 with server authentication +$ssltest -dtls12 -server_auth $CA $extra || exit 1 + +echo test dtlsv1.2 with client authentication +$ssltest -dtls12 -client_auth $CA $extra || exit 1 + +echo test dtlsv1.2 with both client and server authentication +$ssltest -dtls12 -server_auth -client_auth $CA $extra || exit 1 + if [ $dsa_cert = NO ]; then echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair' $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1 @@ -121,10 +145,9 @@ $ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify $ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1 -echo "Testing ciphersuites" -for protocol in TLSv1.2 SSLv3; do - echo "Testing ciphersuites for $protocol" - for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do +test_cipher() { + local cipher=$1 + local protocol=$2 echo "Testing $cipher" prot="" if [ $protocol = "SSLv3" ] ; then @@ -135,7 +158,38 @@ for protocol in TLSv1.2 SSLv3; do echo "Failed $cipher" exit 1 fi +} + +echo "Testing ciphersuites" +for protocol in TLSv1.2 SSLv3; do + echo "Testing ciphersuites for $protocol" + for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do + test_cipher $cipher $protocol done + if ../util/shlib_wrap.sh ../apps/openssl no-dh; then + echo "skipping RSA+DHE tests" + else + for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do + test_cipher $cipher $protocol + done + echo "testing connection with weak DH, expecting failure" + if [ $protocol = "SSLv3" ] ; then + $ssltest -cipher EDH -dhe512 -ssl3 + else + $ssltest -cipher EDH -dhe512 + fi + if [ $? -eq 0 ]; then + echo "FAIL: connection with weak DH succeeded" + exit 1 + fi + fi + if ../util/shlib_wrap.sh ../apps/openssl no-ec; then + echo "skipping RSA+ECDHE tests" + else + for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EECDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do + test_cipher $cipher $protocol + done + fi done ############################################################################# diff --git a/deps/openssl/openssl/test/tocsp b/deps/openssl/openssl/test/tocsp index 5fc291ca6e..48e81bf302 100644 --- a/deps/openssl/openssl/test/tocsp +++ b/deps/openssl/openssl/test/tocsp @@ -8,7 +8,7 @@ check_time="-attime 1355875200" test_ocsp () { $cmd base64 -d -in $ocspdir/$1 | \ - $cmd ocsp -respin - -partial_chain $check_time \ + $cmd ocsp -respin - -partial_chain $check_time -trusted_first \ -CAfile $ocspdir/$2 -verify_other $ocspdir/$2 -CApath /dev/null [ $? != $3 ] && exit 1 } |