Add libssl ciphers regress, which currently only covers

get_cipher_by_char/put_cipher_by_char.

3 files changed, 130 insertions, 1 deletions

diff --git a/regress/lib/libssl/Makefile b/regress/lib/libssl/Makefile
index 00bc860d8e6..f13ebf0b479 100644
--- a/regress/lib/libssl/Makefile
+++ b/regress/lib/libssl/Makefile
@@ -1,7 +1,8 @@
-#	$OpenBSD: Makefile,v 1.19 2014/07/13 16:03:54 jsing Exp $
+#	$OpenBSD: Makefile,v 1.20 2015/02/06 08:48:39 jsing Exp $
 
 SUBDIR= \
 	asn1 \
+	ciphers \
 	ssl
 
 install:
diff --git a/regress/lib/libssl/ciphers/Makefile b/regress/lib/libssl/ciphers/Makefile
new file mode 100644
index 00000000000..c9a58a5e098
--- /dev/null
+++ b/regress/lib/libssl/ciphers/Makefile
@@ -0,0 +1,9 @@
+#	$OpenBSD: Makefile,v 1.1 2015/02/06 08:48:39 jsing Exp $
+
+PROG=	cipherstest
+LDADD=	-lssl -lcrypto
+DPADD=	${LIBSSL} ${LIBCRYPTO}
+WARNINGS=	Yes
+CFLAGS+=	-DLIBRESSL_INTERNAL -Werror
+
+.include <bsd.regress.mk>
diff --git a/regress/lib/libssl/ciphers/cipherstest.c b/regress/lib/libssl/ciphers/cipherstest.c
new file mode 100644
index 00000000000..f9c4cdc7c11
--- /dev/null
+++ b/regress/lib/libssl/ciphers/cipherstest.c
@@ -0,0 +1,119 @@
+/*
+ * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <openssl/ssl.h>
+
+#include <err.h>
+#include <stdio.h>
+#include <string.h>
+
+static int
+get_put_test(const char *name, const SSL_METHOD *method)
+{
+	STACK_OF(SSL_CIPHER) *ciphers;
+	const SSL_CIPHER *cipher;
+	unsigned char buf[2];
+	SSL_CTX *ssl_ctx = NULL;
+	SSL *ssl = NULL;
+	int ret = 1;
+	int i, len;
+
+	if ((len = method->put_cipher_by_char(NULL, NULL)) != 2) {
+		fprintf(stderr,
+		    "%s: put_cipher_by_char() returned len %i (want 2)\n",
+		    name, len);
+		return (1);
+	}
+
+	if ((ssl_ctx = SSL_CTX_new(method)) == NULL) {
+		fprintf(stderr, "%s: SSL_CTX_new() returned NULL\n", name);
+		goto failure;
+	}
+	if ((ssl = SSL_new(ssl_ctx)) == NULL) {
+		fprintf(stderr, "%s: SSL_new() returned NULL\n", name);
+		goto failure;
+	}
+
+	if ((ciphers = SSL_get_ciphers(ssl)) == NULL) {
+		fprintf(stderr, "%s: no ciphers\n", name);
+		goto failure;
+	}
+
+	for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
+		cipher = sk_SSL_CIPHER_value(ciphers, i);
+		if ((len = method->put_cipher_by_char(cipher, buf)) != 2) {
+			fprintf(stderr,
+			    "%s: put_cipher_by_char() returned len %i for %s "
+			    "(want 2)\n",
+			    name, len, SSL_CIPHER_get_name(cipher));
+			goto failure;
+		}
+		if ((cipher = method->get_cipher_by_char(buf)) == NULL) {
+			fprintf(stderr,
+			    "%s: get_cipher_by_char() returned NULL for %s\n",
+			    name, SSL_CIPHER_get_name(cipher));
+			goto failure;
+		}
+	}
+
+	ret = 0;
+
+failure:
+	SSL_CTX_free(ssl_ctx);
+	SSL_free(ssl);
+
+	return (ret);
+}
+
+static int
+cipher_get_put_tests(void)
+{
+	int failed = 0;
+
+	failed |= get_put_test("SSLv23", SSLv23_method());
+	failed |= get_put_test("SSLv23_client", SSLv23_client_method());
+	failed |= get_put_test("SSLv23_server", SSLv23_server_method());
+
+	failed |= get_put_test("SSLv3", SSLv3_method());
+	failed |= get_put_test("SSLv3_client", SSLv3_client_method());
+	failed |= get_put_test("SSLv3_server", SSLv3_server_method());
+
+	failed |= get_put_test("TLSv1", TLSv1_method());
+	failed |= get_put_test("TLSv1_client", TLSv1_client_method());
+	failed |= get_put_test("TLSv1_server", TLSv1_server_method());
+
+	failed |= get_put_test("TLSv1_1", TLSv1_1_method());
+	failed |= get_put_test("TLSv1_1_client", TLSv1_1_client_method());
+	failed |= get_put_test("TLSv1_1_server", TLSv1_1_server_method());
+
+	failed |= get_put_test("TLSv1_2", TLSv1_2_method());
+	failed |= get_put_test("TLSv1_2_client", TLSv1_2_client_method());
+	failed |= get_put_test("TLSv1_2_server", TLSv1_2_server_method());
+
+	failed |= get_put_test("DTLSv1", DTLSv1_method());
+	failed |= get_put_test("DTLSv1_client", DTLSv1_client_method());
+	failed |= get_put_test("DTLSv1_server", DTLSv1_server_method());
+
+	return failed;
+}
+
+int
+main(int argc, char **argv)
+{
+	SSL_library_init();
+
+	return cipher_get_put_tests();
+}