diff options
| author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2020-07-24 18:33:59 +0000 |
|---|---|---|
| committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2020-07-24 18:33:59 +0000 |
| commit | 8b0909aed0c0001f41d95477ea6a05b20ca284b6 (patch) | |
| tree | 1e0f545565a81fcc8f5502e35d9b58708d51cfe8 /regress/usr.sbin/syslogd | |
| parent | 4d197a94287f7314327ee06ffb48d36fdf9b74b2 (diff) | |
LibreSSL default TLS version has changed from 1.2 to 1.3. Adapt
tests that use and check selected SSL version.
Diffstat (limited to 'regress/usr.sbin/syslogd')
| -rw-r--r-- | regress/usr.sbin/syslogd/args-tls-ssl23.pl (renamed from regress/usr.sbin/syslogd/args-tls-v12-ssl23.pl) | 2 | ||||
| -rw-r--r-- | regress/usr.sbin/syslogd/args-tls-v12-verify.pl | 33 | ||||
| -rw-r--r-- | regress/usr.sbin/syslogd/args-tls-version.pl (renamed from regress/usr.sbin/syslogd/args-tls-v12-default.pl) | 4 |
3 files changed, 36 insertions, 3 deletions
diff --git a/regress/usr.sbin/syslogd/args-tls-v12-ssl23.pl b/regress/usr.sbin/syslogd/args-tls-ssl23.pl index a4b17fb7d84..87e2a03edfe 100644 --- a/regress/usr.sbin/syslogd/args-tls-v12-ssl23.pl +++ b/regress/usr.sbin/syslogd/args-tls-ssl23.pl @@ -23,7 +23,7 @@ our %args = ( loggrep => { qr/listen sock: (127.0.0.1|::1) \d+/ => 1, get_testgrep() => 1, - qr/ssl version: TLSv1_2$/ => 1, + qr/ssl version: TLSv1_3$/ => 1, }, sslversion => "SSLv23", }, diff --git a/regress/usr.sbin/syslogd/args-tls-v12-verify.pl b/regress/usr.sbin/syslogd/args-tls-v12-verify.pl new file mode 100644 index 00000000000..6bacfdfe94d --- /dev/null +++ b/regress/usr.sbin/syslogd/args-tls-v12-verify.pl @@ -0,0 +1,33 @@ +# The client writes a message to Sys::Syslog native method. +# The syslogd writes it into a file and through a pipe. +# The syslogd passes it via TLS to localhost loghost. +# The server receives the message on its TLS version 1.2 socket. +# Find the message in client, file, pipe, syslogd, server log. +# Check that server log contains ssl version 1.2. + +use strict; +use warnings; +use Socket; + +our %args = ( + syslogd => { + loghost => '@tls://localhost:$connectport', + loggrep => { + qr/Logging to FORWTLS \@tls:\/\/localhost:\d+/ => '>=4', + get_testgrep() => 1, + qr/syslogd: loghost .* connection error: connect failed:/ => 0, + }, + cacrt => "ca.crt", + }, + server => { + listen => { domain => AF_UNSPEC, proto => "tls", addr => "localhost" }, + loggrep => { + qr/listen sock: (127.0.0.1|::1) \d+/ => 1, + get_testgrep() => 1, + qr/ssl version: TLSv1_2$/ => 1, + }, + sslversion => "TLSv1_2", + }, +); + +1; diff --git a/regress/usr.sbin/syslogd/args-tls-v12-default.pl b/regress/usr.sbin/syslogd/args-tls-version.pl index 5156b0b6be4..af6e161f7f9 100644 --- a/regress/usr.sbin/syslogd/args-tls-v12-default.pl +++ b/regress/usr.sbin/syslogd/args-tls-version.pl @@ -3,7 +3,7 @@ # The syslogd passes it via TLS to localhost loghost. # The server receives the message on its TLS default socket. # Find the message in client, file, pipe, syslogd, server log. -# Check that server log contains ssl version TLS 1.2. +# Check that server log contains ssl version TLS 1.3. use strict; use warnings; @@ -23,7 +23,7 @@ our %args = ( loggrep => { qr/listen sock: (127.0.0.1|::1) \d+/ => 1, get_testgrep() => 1, - qr/ssl version: TLSv1_2$/ => 1, + qr/ssl version: TLSv1_3$/ => 1, }, }, ); |