diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2002-09-03 21:44:00 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2002-09-03 21:44:00 +0000 |
| commit | 5b8be6c48cbed4429ec83a3b2a81fd92557e9ae9 (patch) | |
| tree | c1c78eae8210c30507d2a1be611d5190f564149e /lib/libssl | |
| parent | eac87e5d343a3c4f1145745659846ec8e6d30c19 (diff) | |
sync these files with openssl-0.9.7-beta1, too
Diffstat (limited to 'lib/libssl')
| -rw-r--r-- | lib/libssl/src/INSTALL | 7 | ||||
| -rw-r--r-- | lib/libssl/src/INSTALL.W32 | 8 | ||||
| -rw-r--r-- | lib/libssl/src/config | 18 | ||||
| -rw-r--r-- | lib/libssl/src/makevms.com | 23 | ||||
| -rw-r--r-- | lib/libssl/src/ssl/ssl-lib.com | 2 | ||||
| -rw-r--r-- | lib/libssl/src/test/maketests.com | 30 | ||||
| -rw-r--r-- | lib/libssl/src/test/testgen.com | 24 | ||||
| -rw-r--r-- | lib/libssl/src/test/testss.com | 19 | ||||
| -rw-r--r-- | lib/libssl/src/test/testssl.com | 155 | ||||
| -rw-r--r-- | lib/libssl/src/test/trsa.com | 11 |
10 files changed, 200 insertions, 97 deletions
diff --git a/lib/libssl/src/INSTALL b/lib/libssl/src/INSTALL index 06aa96bcfac..7eaa8147c3b 100644 --- a/lib/libssl/src/INSTALL +++ b/lib/libssl/src/INSTALL @@ -2,8 +2,8 @@ INSTALLATION ON THE UNIX PLATFORM --------------------------------- - [See INSTALL.W32 for instructions for compiling OpenSSL on Windows systems, - and INSTALL.VMS for installing on OpenVMS systems.] + [Installation on Windows, OpenVMS and MacOS (before MacOS X) is described + in INSTALL.W32, INSTALL.VMS and INSTALL.MacOS.] To install OpenSSL, you will need: @@ -36,7 +36,8 @@ Configuration Options --------------------- - There are several options to ./config to customize the build: + There are several options to ./config (or ./Configure) to customize + the build: --prefix=DIR Install in DIR/bin, DIR/lib, DIR/include/openssl. Configuration files used by OpenSSL will be in DIR/ssl diff --git a/lib/libssl/src/INSTALL.W32 b/lib/libssl/src/INSTALL.W32 index 852a82831f9..d85d81b0fdd 100644 --- a/lib/libssl/src/INSTALL.W32 +++ b/lib/libssl/src/INSTALL.W32 @@ -119,10 +119,12 @@ * Compile OpenSSL: - > perl Configure Mingw32 - > ms\mw.bat + > ms\mingw32 - This will create the library and binaries in out. + This will create the library and binaries in out. In case any problems + occur, try + > ms\mingw32 no-asm + instead. libcrypto.a and libssl.a are the static libraries. To use the DLLs, link with libeay32.a and libssl32.a instead. diff --git a/lib/libssl/src/config b/lib/libssl/src/config index ece32483938..3d443da6fb5 100644 --- a/lib/libssl/src/config +++ b/lib/libssl/src/config @@ -390,13 +390,11 @@ exit 0 # figure out if gcc is available and if so we use it otherwise # we fallback to whatever cc does on the system -GCCVER=`(gcc --version) 2>/dev/null | head -1` +GCCVER=`(gcc --version) 2>/dev/null` if [ "$GCCVER" != "" ]; then CC=gcc - # then strip off whatever prefix Cygnus as well as GCC 3.1 prepends - # the number with... Hopefully, this will work for any future prefixes - # as well. - GCCVER=`echo $GCCVER | sed 's/^[a-zA-Z ()]*\-//'` + # then strip off whatever prefix Cygnus prepends the number with... + GCCVER=`echo $GCCVER | sed 's/^[a-z]*\-//'` # peak single digit before and after first dot, e.g. 2.95.1 gives 29 GCCVER=`echo $GCCVER | sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/'` else @@ -525,6 +523,7 @@ EOF OUT="linux-ppc" ;; ppc-*-linux2) OUT="linux-ppc" ;; m68k-*-linux*) OUT="linux-m68k" ;; + ia64-*-linux?) OUT="linux-ia64" ;; ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;; ppc-apple-darwin*) OUT="darwin-ppc-cc" ;; i386-apple-darwin*) OUT="darwin-i386-cc" ;; @@ -625,10 +624,17 @@ EOF *86*-*-netbsd) OUT="NetBSD-x86" ;; sun3*-*-netbsd) OUT="NetBSD-m68" ;; *-*-netbsd) OUT="NetBSD-sparc" ;; - *86*-*-openbsd) OUT="OpenBSD-x86" ;; alpha*-*-openbsd) OUT="OpenBSD-alpha" ;; + *86*-*-openbsd) OUT="OpenBSD-i386" ;; + m68k*-*-openbsd) OUT="OpenBSD-m68k" ;; + m88k*-*-openbsd) OUT="OpenBSD-m88k" ;; + mips*-*-openbsd) OUT="OpenBSD-mips" ;; pmax*-*-openbsd) OUT="OpenBSD-mips" ;; + powerpc*-*-openbsd) OUT="OpenBSD-powerpc" ;; + sparc64*-*-openbsd) OUT="OpenBSD-sparc64" ;; + sparc*-*-openbsd) OUT="OpenBSD-sparc" ;; vax*-*-openbsd) OUT="OpenBSD-vax" ;; + hppa*-*-openbsd) OUT="OpenBSD-hppa" ;; *-*-openbsd) OUT="OpenBSD" ;; *86*-*-bsdi4) OUT="bsdi-elf-gcc" ;; *-*-osf) OUT="alphaold-cc" ;; diff --git a/lib/libssl/src/makevms.com b/lib/libssl/src/makevms.com index ba9e911fac9..e5c1edbe0e7 100644 --- a/lib/libssl/src/makevms.com +++ b/lib/libssl/src/makevms.com @@ -23,6 +23,8 @@ $! SOFTLINKS Just fix the Unix soft links. $! BUILDALL Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done. $! RSAREF Just build the "[.xxx.EXE.RSAREF]LIBRSAGLUE.OLB" library. $! CRYPTO Just build the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library. +$! CRYPTO/x Just build the x part of the +$! "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library. $! SSL Just build the "[.xxx.EXE.SSL]LIBSSL.OLB" library. $! SSL_TASK Just build the "[.xxx.EXE.SSL]SSL_TASK.EXE" program. $! TEST Just build the "[.xxx.EXE.TEST]" test programs for OpenSSL. @@ -529,7 +531,7 @@ $ SET DEFAULT SYS$DISK:[.CRYPTO] $! $! Build The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library. $! -$ @CRYPTO-LIB LIBRARY 'RSAREF' 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" 'ISSEVEN' +$ @CRYPTO-LIB LIBRARY 'RSAREF' 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''ISSEVEN'" "''BUILDPART'" $! $! Build The [.xxx.EXE.CRYPTO]*.EXE Test Applications. $! @@ -675,6 +677,16 @@ $! Check The User's Options. $! $ CHECK_OPTIONS: $! +$! Check if there's a "part", and separate it out +$! +$ BUILDPART = F$ELEMENT(1,"/",P1) +$ IF BUILDPART .EQS. "/" +$ THEN +$ BUILDPART = "" +$ ELSE +$ P1 = F$EXTRACT(0,F$LENGTH(P1) - F$LENGTH(BUILDPART) - 1, P1) +$ ENDIF +$! $! Check To See If P1 Is Blank. $! $ IF (P1.EQS."ALL") @@ -690,9 +702,10 @@ $ ELSE $! $! Else, Check To See If P1 Has A Valid Arguement. $! -$ IF (P1.EQS."BUILDINF").OR.(P1.EQS."SOFTLINKS").OR.(P1.EQS."CRYPTO") - - .OR.(P1.EQS."SSL").OR.(P1.EQS."RSAREF").OR.(P1.EQS."SSL_TASK") - - .OR.(P1.EQS."TEST").OR.(P1.EQS."APPS") +$ IF (P1.EQS."CONFIG").OR.(P1.EQS."BUILDINF").OR.(P1.EQS."SOFTLINKS") - + .OR.(P1.EQS."BUILDALL") - + .OR.(P1.EQS."CRYPTO").OR.(P1.EQS."SSL").OR.(P1.EQS."RSAREF") - + .OR.(P1.EQS."SSL_TASK").OR.(P1.EQS."TEST").OR.(P1.EQS."APPS") $ THEN $! $! A Valid Arguement. @@ -714,6 +727,8 @@ $ WRITE SYS$OUTPUT " BUILDINF : Just build the [.CRYPTO]BUILDINF.H file. $ WRITE SYS$OUTPUT " SOFTLINKS: Just Fix The Unix soft links." $ WRITE SYS$OUTPUT " BUILDALL : Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done." $ WRITE SYS$OUTPUT " CRYPTO : To Build Just The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library." +$ WRITE SYS$OUTPUT " CRYPTO/x : To Build Just The x Part Of The" +$ WRITE SYS$OUTPUT " [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library." $ WRITE SYS$OUTPUT " SSL : To Build Just The [.xxx.EXE.SSL]LIBSSL.OLB Library." $ WRITE SYS$OUTPUT " SSL_TASK : To Build Just The [.xxx.EXE.SSL]SSL_TASK.EXE Program." $ WRITE SYS$OUTPUT " TEST : To Build Just The OpenSSL Test Programs." diff --git a/lib/libssl/src/ssl/ssl-lib.com b/lib/libssl/src/ssl/ssl-lib.com index 1f1921e1625..e706ab8e99e 100644 --- a/lib/libssl/src/ssl/ssl-lib.com +++ b/lib/libssl/src/ssl/ssl-lib.com @@ -314,7 +314,7 @@ $ WRITE SYS$OUTPUT "Creating SSL_TASK OSU HTTP SSL Engine." $! $! Compile The File. $! -$ ON ERROR THEN GOTO SSL_TASK_END +$ ON ERROR GOTO SSL_TASK_END $ CC5/OBJECT='OBJ_DIR'SSL_TASK.OBJ SYS$DISK:[]SSL_TASK.C $! $! Link The Program, Check To See If We Need To Link With RSAREF Or Not. diff --git a/lib/libssl/src/test/maketests.com b/lib/libssl/src/test/maketests.com index b3bf8bb837d..f7ff8fe4071 100644 --- a/lib/libssl/src/test/maketests.com +++ b/lib/libssl/src/test/maketests.com @@ -910,8 +910,7 @@ $ ENDIF $! $! Time to check the contents, and to make sure we get the correct library. $! -$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" - - .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE" +$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" $ THEN $! $! Check to see if SOCKETSHR was chosen @@ -960,32 +959,6 @@ $! Done with UCX $! $ ENDIF $! -$! Check to see if TCPIP was chosen -$! -$ IF P4.EQS."TCPIP" -$ THEN -$! -$! Set the library to use TCPIP (post UCX). -$! -$ TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT/OPT" -$! -$! Done with TCPIP -$! -$ ENDIF -$! -$! Check to see if NONE was chosen -$! -$ IF P4.EQS."NONE" -$ THEN -$! -$! Do not use a TCPIP library. -$! -$ TCPIP_LIB = "" -$! -$! Done with NONE -$! -$ ENDIF -$! $! Print info $! $ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB @@ -1001,7 +974,6 @@ $ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" $ WRITE SYS$OUTPUT "" $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." -$ WRITE SYS$OUTPUT " TCPIP : To link with TCPIP (post UCX) TCP/IP library." $ WRITE SYS$OUTPUT "" $! $! Time To EXIT. diff --git a/lib/libssl/src/test/testgen.com b/lib/libssl/src/test/testgen.com index 0e9029371a3..5d28ebec721 100644 --- a/lib/libssl/src/test/testgen.com +++ b/lib/libssl/src/test/testgen.com @@ -16,23 +16,35 @@ $ set on $ $ write sys$output "generating certificate request" $ -$ write sys$output "There should be a 2 sequences of .'s and some +'s." -$ write sys$output "There should not be more that at most 80 per line" -$ write sys$output "This could take some time." -$ $ append/new nl: .rnd $ open/append random_file .rnd $ write random_file "string to make the random number generator think it has entropy" $ close random_file $ -$ mcr 'exe_dir'openssl req -config test.cnf -new -out testreq.pem +$ set noon +$ define/user sys$output nla0: +$ mcr 'exe_dir'openssl no-rsa +$ save_severity=$SEVERITY +$ set on +$ if save_severity +$ then +$ req_new="-newkey dsa:[-.apps]dsa512.pem" +$ else +$ req_new="-new" +$ write sys$output "There should be a 2 sequences of .'s and some +'s." +$ write sys$output "There should not be more that at most 80 per line" +$ endif +$ +$ write sys$output "This could take some time." +$ +$ mcr 'exe_dir'openssl req -config test.cnf 'req_new' -out testreq.pem $ if $severity .ne. 1 $ then $ write sys$output "problems creating request" $ exit 3 $ endif $ -$ mcr 'exe_dir'openssl req -verify -in testreq.pem -noout +$ mcr 'exe_dir'openssl req -config test.cnf -verify -in testreq.pem -noout $ if $severity .ne. 1 $ then $ write sys$output "signature on req is wrong" diff --git a/lib/libssl/src/test/testss.com b/lib/libssl/src/test/testss.com index ce2c4b43f66..685ae5043df 100644 --- a/lib/libssl/src/test/testss.com +++ b/lib/libssl/src/test/testss.com @@ -4,7 +4,7 @@ $ __arch := VAX $ if f$getsyi("cpu") .ge. 128 then __arch := AXP $ exe_dir := sys$disk:[-.'__arch'.exe.apps] $ -$ digest="-mdc2" +$ digest="-md5" $ reqcmd := mcr 'exe_dir'openssl req $ x509cmd := mcr 'exe_dir'openssl x509 'digest' $ verifycmd := mcr 'exe_dir'openssl verify @@ -23,7 +23,20 @@ $ Ucert="""certU.ss""" $ $ write sys$output "" $ write sys$output "make a certificate request using 'req'" -$ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' -new ! -out err.ss +$ +$ set noon +$ define/user sys$output nla0: +$ mcr 'exe_dir'openssl no-rsa +$ save_severity=$SEVERITY +$ set on +$ if save_severity +$ then +$ req_new="-newkey dsa:[-.apps]dsa512.pem" +$ else +$ req_new="-new" +$ endif +$ +$ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss $ if $severity .ne. 1 $ then $ write sys$output "error using 'req' to generate a certificate request" @@ -73,7 +86,7 @@ $ $ write sys$output "" $ write sys$output "make another certificate request using 'req'" $ define /user sys$output err.ss -$ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' -new +$ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new' $ if $severity .ne. 1 $ then $ write sys$output "error using 'req' to generate a certificate request" diff --git a/lib/libssl/src/test/testssl.com b/lib/libssl/src/test/testssl.com index 0b4b0a0ad3c..785f262f5ad 100644 --- a/lib/libssl/src/test/testssl.com +++ b/lib/libssl/src/test/testssl.com @@ -2,118 +2,189 @@ $! TESTSSL.COM $ $ __arch := VAX $ if f$getsyi("cpu") .ge. 128 then __arch := AXP -$ exe_dir := sys$disk:[-.'__arch'.exe.test] -$ -$ copy/concatenate [-.certs]*.pem certs.tmp +$ texe_dir := sys$disk:[-.'__arch'.exe.test] +$ exe_dir := sys$disk:[-.'__arch'.exe.apps] +$ +$ if p1 .eqs. "" +$ then +$ key="[-.apps]server.pem" +$ else +$ key=p1 +$ endif +$ if p2 .eqs. "" +$ then +$ cert="[-.apps]server.pem" +$ else +$ cert=p2 +$ endif +$ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert' +$ +$ define/user sys$output testssl-x509-output. +$ define/user sys$error nla0: +$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout +$ set noon +$ define/user sys$error nla0: +$ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact +$ if $severity .eq. 1 +$ then +$ dsa_cert := YES +$ else +$ dsa_cert := NO +$ endif +$ set on +$ delete testssl-x509-output.;* +$ +$ if p3 .eqs. "" +$ then +$ copy/concatenate [-.certs]*.pem certs.tmp +$ CA = """-CAfile"" certs.tmp" +$ else +$ CA = """-CAfile"" "+p3 +$ endif +$ +$!########################################################################### $ $ write sys$output "test sslv2" -$ mcr 'exe_dir'ssltest -ssl2 +$ 'ssltest' -ssl2 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 with server authentication" -$ mcr 'exe_dir'ssltest -ssl2 -server_auth "-CAfile" certs.tmp +$ 'ssltest' -ssl2 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ -$ write sys$output "test sslv2 with client authentication" -$ mcr 'exe_dir'ssltest -ssl2 -client_auth "-CAfile" certs.tmp -$ if $severity .ne. 1 then goto exit3 +$ if .not. dsa_cert +$ then +$ write sys$output "test sslv2 with client authentication" +$ 'ssltest' -ssl2 -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 $ -$ write sys$output "test sslv2 with both client and server authentication" -$ mcr 'exe_dir'ssltest -ssl2 -server_auth -client_auth "-CAfile" certs.tmp -$ if $severity .ne. 1 then goto exit3 +$ write sys$output "test sslv2 with both client and server authentication" +$ 'ssltest' -ssl2 -server_auth -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ endif $ $ write sys$output "test sslv3" -$ mcr 'exe_dir'ssltest -ssl3 +$ 'ssltest' -ssl3 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with server authentication" -$ mcr 'exe_dir'ssltest -ssl3 -server_auth "-CAfile" certs.tmp +$ 'ssltest' -ssl3 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with client authentication" -$ mcr 'exe_dir'ssltest -ssl3 -client_auth "-CAfile" certs.tmp +$ 'ssltest' -ssl3 -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with both client and server authentication" -$ mcr 'exe_dir'ssltest -ssl3 -server_auth -client_auth "-CAfile" certs.tmp +$ 'ssltest' -ssl3 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3" -$ mcr 'exe_dir'ssltest +$ 'ssltest' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with server authentication" -$ mcr 'exe_dir'ssltest -server_auth "-CAfile" certs.tmp +$ 'ssltest' -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with client authentication" -$ mcr 'exe_dir'ssltest -client_auth "-CAfile" certs.tmp +$ 'ssltest' -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with both client and server authentication" -$ mcr 'exe_dir'ssltest -server_auth -client_auth "-CAfile" certs.tmp +$ 'ssltest' -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -dhe1024 -v +$ 'ssltest' -bio_pair -ssl2 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 with server authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ -$ write sys$output "test sslv2 with client authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -client_auth "-CAfile" certs.tmp -$ if $severity .ne. 1 then goto exit3 +$ if .not. dsa_cert +$ then +$ write sys$output "test sslv2 with client authentication via BIO pair" +$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 $ -$ write sys$output "test sslv2 with both client and server authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth -client_auth "-CAfile" certs.tmp -$ if $severity .ne. 1 then goto exit3 +$ write sys$output "test sslv2 with both client and server authentication via BIO pair" +$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ endif $ $ write sys$output "test sslv3 via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl3 +$ 'ssltest' -bio_pair -ssl3 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with server authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with client authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -client_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ write sys$output "test sslv3 with both client and server authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth -client_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 via BIO pair" -$ mcr 'exe_dir'ssltest +$ 'ssltest' $ if $severity .ne. 1 then goto exit3 $ -$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -no_dhe +$ if .not. dsa_cert +$ then +$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair" +$ 'ssltest' -bio_pair -no_dhe +$ if $severity .ne. 1 then goto exit3 +$ endif +$ +$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" +$ 'ssltest' -bio_pair -dhe1024dsa -v $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with server authentication" -$ mcr 'exe_dir'ssltest -bio_pair -server_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with client authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -client_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -server_auth -client_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ +$!########################################################################### +$ +$ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes" +$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time +$ if $severity .ne. 1 then goto exit3 +$ +$ set noon +$ define/user sys$output nla0: +$ mcr 'exe_dir'openssl no-rsa +$ save_severity=$SEVERITY +$ set on +$ if save_severity +$ then +$ write sys$output "skipping RSA tests" +$ else +$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes" +$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time +$ if $severity .ne. 1 then goto exit3 +$ +$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" +$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time +$ if $severity .ne. 1 then goto exit3 +$ endif +$ $ RET = 1 $ goto exit $ exit3: $ RET = 3 $ exit: -$ delete certs.tmp;* +$ if p3 .eqs. "" then delete certs.tmp;* $ exit 'RET' diff --git a/lib/libssl/src/test/trsa.com b/lib/libssl/src/test/trsa.com index 28add5eefd0..6b6c318e2b5 100644 --- a/lib/libssl/src/test/trsa.com +++ b/lib/libssl/src/test/trsa.com @@ -4,6 +4,17 @@ $ __arch := VAX $ if f$getsyi("cpu") .ge. 128 then __arch := AXP $ exe_dir := sys$disk:[-.'__arch'.exe.apps] $ +$ set noon +$ define/user sys$output nla0: +$ mcr 'exe_dir'openssl no-rsa +$ save_severity=$SEVERITY +$ set on +$ if save_severity +$ then +$ write sys$output "skipping RSA conversion test" +$ exit +$ endif +$ $ cmd := mcr 'exe_dir'openssl rsa $ $ t := testrsa.pem |