#define USE_SOCKETS
#include "e_os.h"
-#define _XOPEN_SOURCE 1 /* Or isascii won't be declared properly on
+#define _XOPEN_SOURCE 500 /* Or isascii won't be declared properly on
VMS (at least with DECompHP C). */
#include <ctype.h>
#endif
#include <openssl/err.h>
#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
+#endif
#include <openssl/bn.h>
#define _XOPEN_SOURCE_EXTENDED 1 /* Or gethostname won't be declared properly
int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes,clock_t *s_time,clock_t *c_time);
int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
+static int do_test_cipherlist(void);
static void sv_usage(void)
{
fprintf(stderr,"usage: ssltest [args ...]\n");
" Use \"openssl ecparam -list_curves\" for all names\n" \
" (default is sect163r2).\n");
#endif
+ fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n");
}
static void print_details(SSL *c_ssl, const char *prefix)
}
}
+
int main(int argc, char *argv[])
{
char *CApath=NULL,*CAfile=NULL;
char *server_key=NULL;
char *client_cert=TEST_CLIENT_CERT;
char *client_key=NULL;
+#ifndef OPENSSL_NO_ECDH
char *named_curve = NULL;
+#endif
SSL_CTX *s_ctx=NULL;
SSL_CTX *c_ctx=NULL;
- SSL_METHOD *meth=NULL;
+ const SSL_METHOD *meth=NULL;
SSL *c_ssl,*s_ssl;
int number=1,reuse=0;
long bytes=256L;
int comp = 0;
COMP_METHOD *cm = NULL;
STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
+ int test_cipherlist = 0;
verbose = 0;
debug = 0;
{
app_verify_arg.allow_proxy_certs = 1;
}
+ else if (strcmp(*argv,"-test_cipherlist") == 0)
+ {
+ test_cipherlist = 1;
+ }
else
{
fprintf(stderr,"unknown option %s\n",*argv);
goto end;
}
+ if (test_cipherlist == 1)
+ {
+ /* ensure that the cipher list are correctly sorted and exit */
+ if (do_test_cipherlist() == 0)
+ EXIT(1);
+ ret = 0;
+ goto end;
+ }
+
if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force)
{
fprintf(stderr, "This case cannot work. Use -f to perform "
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL) BIO_free(bio_err);
EXIT(ret);
+ return ret;
}
int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s);
while(i-- > 0)
{
- char c = *s++;
+ int c = *s++;
if (isascii(c) && isalpha(c))
{
if (islower(c))
static int process_proxy_cond_val(unsigned int letters[26],
const char *cond, const char **cond_end, int *pos, int indent)
{
- char c;
+ int c;
int ok = 1;
int negate = 0;
- while(isspace(*cond))
+ while(isspace((int)*cond))
{
cond++; (*pos)++;
}
{
negate = !negate;
cond++; (*pos)++;
- while(isspace(*cond))
+ while(isspace((int)*cond))
{
cond++; (*pos)++;
}
cond = *cond_end;
if (ok < 0)
goto end;
- while(isspace(*cond))
+ while(isspace((int)*cond))
{
cond++; (*pos)++;
}
while(ok >= 0)
{
- while(isspace(*cond))
+ while(isspace((int)*cond))
{
cond++; (*pos)++;
}
while(ok >= 0)
{
- while(isspace(*cond))
+ while(isspace((int)*cond))
{
cond++; (*pos)++;
}
letters[i] = 0;
for(sp = cb_arg->proxy_auth; *sp; sp++)
{
- char c = *sp;
+ int c = *sp;
if (isascii(c) && isalpha(c))
{
if (islower(c))
dh->length = 160;
return(dh);
}
+
+static int do_test_cipherlist(void)
+ {
+ int i = 0;
+ const SSL_METHOD *meth;
+ SSL_CIPHER *ci, *tci = NULL;
+
+ fprintf(stderr, "testing SSLv2 cipher list order: ");
+ meth = SSLv2_method();
+ while ((ci = meth->get_cipher(i++)) != NULL)
+ {
+ if (tci != NULL)
+ if (ci->id >= tci->id)
+ {
+ fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
+ return 0;
+ }
+ tci = ci;
+ }
+ fprintf(stderr, "ok\n");
+
+ fprintf(stderr, "testing SSLv3 cipher list order: ");
+ meth = SSLv3_method();
+ tci = NULL;
+ while ((ci = meth->get_cipher(i++)) != NULL)
+ {
+ if (tci != NULL)
+ if (ci->id >= tci->id)
+ {
+ fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
+ return 0;
+ }
+ tci = ci;
+ }
+ fprintf(stderr, "ok\n");
+
+ fprintf(stderr, "testing TLSv1 cipher list order: ");
+ meth = TLSv1_method();
+ tci = NULL;
+ while ((ci = meth->get_cipher(i++)) != NULL)
+ {
+ if (tci != NULL)
+ if (ci->id >= tci->id)
+ {
+ fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
+ return 0;
+ }
+ tci = ci;
+ }
+ fprintf(stderr, "ok\n");
+
+ return 1;
+ }
#endif
projects / openssl.git / blobdiff