blob: a9947e600c9755fab0301d0c0d4b06408f8714ee (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
# $OpenBSD: Makefile,v 1.3 2020/01/25 16:03:31 jsing Exp $
LIBRARIES = libressl
.if exists(/usr/local/bin/eopenssl)
LIBRARIES += openssl
.endif
.if exists(/usr/local/bin/eopenssl11)
LIBRARIES += openssl11
.endif
# run netcat server and connect with test client
.for clib in ${LIBRARIES}
REGRESS_TARGETS += run-netcat-client-${clib}-server-nc
REGRESS_TARGETS += run-protocol-client-${clib}
run-netcat-client-${clib}-server-nc: ../${clib}/client 127.0.0.1.crt
@echo '\n======== $@ ========'
echo "greeting" | \
nc >${@:S/^run/server/}.out \
-l -c -C 127.0.0.1.crt -K 127.0.0.1.key \
127.0.0.1 0 & \
for i in `jot 1000`; do fstat -p $$! >netcat.fstat; \
grep -q ' stream tcp .*:[1-9][0-9]*$$' netcat.fstat && \
exit 0; done; exit 1
LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
../${clib}/client >${@:S/^run/client/}.out \
`sed -n 's/.* stream tcp .*:/127.0.0.1 /p' netcat.fstat`
# check that the client run successfully to the end
grep -q '^success$$' ${@:S/^run/client/}.out
# client must have read server greeting
grep -q '^<<< greeting$$' ${@:S/^run/client/}.out
# netstat server must have read client hello
grep -q '^hello$$' ${@:S/^run/server/}.out
.endfor
# run test server and connect with netcat client
.for slib in ${LIBRARIES}
REGRESS_TARGETS += run-netcat-client-nc-server-${slib}
run-netcat-client-nc-server-${slib}: ../${slib}/server 127.0.0.1.crt
@echo '\n======== $@ ========'
LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
../${slib}/server >${@:S/^run/server/}.out \
127.0.0.1 0
echo "hello" | \
nc >${@:S/^run/client/}.out \
-c -R 127.0.0.1.crt \
`sed -n 's/listen sock: //p' ${@:S/^run/server/}.out`
# check that the server child run successfully to the end
grep -q '^success$$' ${@:S/^run/server/}.out || \
{ sleep 1; grep -q '^success$$' ${@:S/^run/server/}.out; }
# server must have read client hello
grep -q '^<<< hello$$' ${@:S/^run/server/}.out
# client must have read server greeting
grep -q '^greeting$$' ${@:S/^run/client/}.out
.endfor
# check the TLS protocol version in client and server logs
.for clib in ${LIBRARIES}
REGRESS_TARGETS += run-protocol-client-${clib}
run-protocol-client-${clib}: client-netcat-client-${clib}-server-nc.out
@echo '\n======== $@ ========'
# check that LibTLS protocol version is TLS 1.2
# XXX adapt when LibreSSL supports TLS 1.3
grep 'Protocol *: TLSv1.2' client-netcat-client-${clib}-server-nc.out
.endfor
.for slib in ${LIBRARIES}
REGRESS_TARGETS += run-protocol-server-${slib}
run-protocol-server-${slib}: server-netcat-client-nc-server-${slib}.out
@echo '\n======== $@ ========'
# check that LibTLS protocol version is TLS 1.2 or TLS 1.3
grep 'Protocol *: TLSv1.[23]' server-netcat-client-nc-server-${slib}.out
.endfor
.include <bsd.regress.mk>
|
