From 5fe210ff514aa4b3149ea7561862776d7b8849e7 Mon Sep 17 00:00:00 2001
From: marha <marha@users.sourceforge.net>
Date: Mon, 15 Jun 2015 20:18:50 +0200
Subject: Update to openssl-1.0.2c

---
 openssl/test/Makefile         | 17 ++++++------
 openssl/test/cms-test.pl      | 10 ++++++-
 openssl/test/evp_extra_test.c |  0
 openssl/test/testssl          | 62 ++++++++++++++++++++++++++++++++++++++++---
 openssl/test/tocsp            |  2 +-
 5 files changed, 77 insertions(+), 14 deletions(-)
 mode change 100644 => 120000 openssl/test/evp_extra_test.c

(limited to 'openssl/test')

diff --git a/openssl/test/Makefile b/openssl/test/Makefile
index 338867952..a570fadf9 100644
--- a/openssl/test/Makefile
+++ b/openssl/test/Makefile
@@ -351,12 +351,13 @@ test_constant_time: $(CONSTTIMETEST)$(EXE_EXT)
 lint:
 	lint -DLINT $(INCLUDES) $(SRC)>fluff
 
-depend:
-	@if [ -z "$(THIS)" ]; then \
-	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
-	else \
-	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
-	fi
+update: local_depend
+	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+depend: local_depend
+	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+local_depend:
+	@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC)
 
 dclean:
 	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
@@ -368,10 +369,10 @@ clean:
 	rm -f .rnd tmp.bntest tmp.bctest *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log dummytest
 
 $(DLIBSSL):
-	(cd ..; $(MAKE) DIRS=ssl all)
+	(cd ..; $(MAKE) build_libssl)
 
 $(DLIBCRYPTO):
-	(cd ..; $(MAKE) DIRS=crypto all)
+	(cd ..; $(MAKE) build_libcrypto)
 
 BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
 		shlib_target="$(SHLIB_TARGET)"; \
diff --git a/openssl/test/cms-test.pl b/openssl/test/cms-test.pl
index 51abeef2c..baa3b5948 100644
--- a/openssl/test/cms-test.pl
+++ b/openssl/test/cms-test.pl
@@ -128,7 +128,7 @@ else
 	die "Error checking for EC2M support\n";
 	}
 
-system ("$ossl_path no-ecdh > $null_path");
+system ("$ossl_path no-ec > $null_path");
 if ($? == 0)
 	{
 	$no_ecdh = 1;
@@ -452,6 +452,14 @@ my @smime_cms_param_tests = (
         "-decrypt -recip $smdir/smec1.pem -in test.cms -out smtst.txt"
     ],
 
+    [
+"enveloped content test streaming S/MIME format, ECDH, key identifier",
+        "-encrypt -keyid -in smcont.txt"
+          . " -stream -out test.cms"
+          . " -recip $smdir/smec1.pem",
+        "-decrypt -recip $smdir/smec1.pem -in test.cms -out smtst.txt"
+    ],
+
     [
 "enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF",
         "-encrypt -in smcont.txt"
diff --git a/openssl/test/evp_extra_test.c b/openssl/test/evp_extra_test.c
deleted file mode 100644
index 2f2a8f7b0..000000000
--- a/openssl/test/evp_extra_test.c
+++ /dev/null
@@ -1 +0,0 @@
-../crypto/evp/evp_extra_test.c
\ No newline at end of file
diff --git a/openssl/test/evp_extra_test.c b/openssl/test/evp_extra_test.c
new file mode 120000
index 000000000..2f2a8f7b0
--- /dev/null
+++ b/openssl/test/evp_extra_test.c
@@ -0,0 +1 @@
+../crypto/evp/evp_extra_test.c
\ No newline at end of file
diff --git a/openssl/test/testssl b/openssl/test/testssl
index e3b342bfd..ddebf0853 100644
--- a/openssl/test/testssl
+++ b/openssl/test/testssl
@@ -101,6 +101,30 @@ $ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
 echo test sslv2/sslv3 via BIO pair
 $ssltest $extra || exit 1
 
+echo test dtlsv1
+$ssltest -dtls1 $extra || exit 1
+
+echo test dtlsv1 with server authentication
+$ssltest -dtls1 -server_auth $CA $extra || exit 1
+
+echo test dtlsv1 with client authentication
+$ssltest -dtls1 -client_auth $CA $extra || exit 1
+
+echo test dtlsv1 with both client and server authentication
+$ssltest -dtls1 -server_auth -client_auth $CA $extra || exit 1
+
+echo test dtlsv1.2
+$ssltest -dtls12 $extra || exit 1
+
+echo test dtlsv1.2 with server authentication
+$ssltest -dtls12 -server_auth $CA $extra || exit 1
+
+echo test dtlsv1.2 with client authentication
+$ssltest -dtls12 -client_auth $CA $extra || exit 1
+
+echo test dtlsv1.2 with both client and server authentication
+$ssltest -dtls12 -server_auth -client_auth $CA $extra || exit 1
+
 if [ $dsa_cert = NO ]; then
   echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
   $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
@@ -121,10 +145,9 @@ $ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
 echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
 $ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
 
-echo "Testing ciphersuites"
-for protocol in TLSv1.2 SSLv3; do
-  echo "Testing ciphersuites for $protocol"
-  for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
+test_cipher() {
+  local cipher=$1
+  local protocol=$2
     echo "Testing $cipher"
     prot=""
     if [ $protocol = "SSLv3" ] ; then
@@ -135,7 +158,38 @@ for protocol in TLSv1.2 SSLv3; do
 	  echo "Failed $cipher"
 	  exit 1
     fi
+}
+
+echo "Testing ciphersuites"
+for protocol in TLSv1.2 SSLv3; do
+  echo "Testing ciphersuites for $protocol"
+  for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
+    test_cipher $cipher $protocol
   done
+  if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+    echo "skipping RSA+DHE tests"
+  else
+    for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do
+      test_cipher $cipher $protocol
+    done
+    echo "testing connection with weak DH, expecting failure"
+    if [ $protocol = "SSLv3" ] ; then
+      $ssltest -cipher EDH -dhe512 -ssl3
+    else
+      $ssltest -cipher EDH -dhe512
+    fi
+    if [ $? -eq 0 ]; then
+      echo "FAIL: connection with weak DH succeeded"
+      exit 1
+    fi
+  fi
+  if ../util/shlib_wrap.sh ../apps/openssl no-ec; then
+    echo "skipping RSA+ECDHE tests"
+  else
+    for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EECDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do
+      test_cipher $cipher $protocol
+    done
+  fi
 done
 
 #############################################################################
diff --git a/openssl/test/tocsp b/openssl/test/tocsp
index 5fc291ca6..48e81bf30 100755
--- a/openssl/test/tocsp
+++ b/openssl/test/tocsp
@@ -8,7 +8,7 @@ check_time="-attime 1355875200"
 test_ocsp () {
 
 	$cmd base64 -d -in $ocspdir/$1 | \
-		$cmd ocsp -respin - -partial_chain $check_time \
+		$cmd ocsp -respin - -partial_chain $check_time -trusted_first \
 		-CAfile $ocspdir/$2 -verify_other $ocspdir/$2 -CApath /dev/null
 	[ $? != $3 ] && exit 1
 }
-- 
cgit v1.2.3