summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKinichiro Inoguchi <inoguchi@cvs.openbsd.org>2018-09-08 03:39:52 +0000
committerKinichiro Inoguchi <inoguchi@cvs.openbsd.org>2018-09-08 03:39:52 +0000
commite08f5db11ac8016aafec0951d9087de9c45cb6f7 (patch)
tree5ee367caed0e13a8c9c7a2d7a7bacc5f19f8c082
parente432ef2c7188307628d28126b5f3adda114e2d6d (diff)
Test more ciphers and randomize the order in regress appstest.sh
- change test target ciphers - randomize the test ciphers order - display test cipher count
-rwxr-xr-xregress/usr.bin/openssl/appstest.sh14
1 files changed, 9 insertions, 5 deletions
diff --git a/regress/usr.bin/openssl/appstest.sh b/regress/usr.bin/openssl/appstest.sh
index 04b354f57b1..744153412bf 100755
--- a/regress/usr.bin/openssl/appstest.sh
+++ b/regress/usr.bin/openssl/appstest.sh
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $OpenBSD: appstest.sh,v 1.10 2018/09/07 14:11:39 inoguchi Exp $
+# $OpenBSD: appstest.sh,v 1.11 2018/09/08 03:39:51 inoguchi Exp $
#
# Copyright (c) 2016 Kinichiro Inoguchi <inoguchi@openbsd.org>
#
@@ -953,6 +953,7 @@ $openssl_bin s_server -accept $port -CAfile $ca_cert \
-cert $server_cert -key $server_key -pass pass:$server_pass \
-context "appstest.sh" -id_prefix "APPSTEST.SH" -crl_check \
-nextprotoneg "http/1.1,spdy/3" -alpn "http/1.1,spdy/3" -www \
+ -cipher ALL \
-msg -tlsextdebug > $s_server_out 2>&1 &
check_exit_status $?
s_server_pid=$!
@@ -1004,13 +1005,16 @@ check_exit_status $?
grep 'Verify return code: 0 (ok)' $s_client_out > /dev/null
check_exit_status $?
-# all available TLSv1.2 ciphers
+# all available ciphers with random order
-ciphers=`$openssl_bin ciphers TLSv1.2:-ECDSA:-ADH:-NULL | sed 's/:/ /g'`
+ciphers=`$openssl_bin ciphers -v ALL:!ECDSA:!kGOST | awk '{print $1}' | sort -R`
+cnum=0
for c in $ciphers ; do
- s_client_out=$user1_dir/s_client_tls_$c.out
+ cnum=`expr $cnum + 1`
+ cnstr=`printf %03d $cnum`
+ s_client_out=$user1_dir/s_client_tls_${cnstr}_${c}.out
- start_message "s_client ... connect to SSL/TLS test server with $c"
+ start_message "s_client ... connect to SSL/TLS test server with [ $cnstr ] $c"
$openssl_bin s_client -connect $host:$port -CAfile $ca_cert -pause -prexit \
-cipher $c -msg -tlsextdebug < /dev/null > $s_client_out 2>&1
check_exit_status $?