Custome built dladdr() for AIX.

[openssl.git] / test / recipes / 80-test_ssl_old.t

diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t
index ff1a50ab8fc2eaf468c8771735f809321448eda9..6468bd65716637cec1b686dd9dc3dc3c7ad6681e 100644 (file)
--- a/test/recipes/80-test_ssl_old.t
+++ b/test/recipes/80-test_ssl_old.t
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -424,7 +424,7 @@ sub testssl {
     subtest "Testing ciphersuites" => sub {
 
         my @exkeys = ();
-        my $ciphers = "-EXP:-PSK:-SRP:-kDH:-kECDHe";
+        my $ciphers = "-PSK:-SRP";
 
         if ($no_dh) {
             note "skipping DHE tests\n";
@@ -445,32 +445,41 @@ sub testssl {
         }
 
        my @protocols = ();
-       # FIXME: I feel unsure about the following line, is that really just TLSv1.2, or is it all of the SSLv3/TLS protocols?
-        push(@protocols, "TLSv1.2") unless $no_tls1_2;
-        push(@protocols, "SSLv3") unless $no_ssl3;
-       my $protocolciphersuitcount = 0;
-       my %ciphersuites =
-           map { my @c =
-                     map { split(/:/, $_) }
-                     run(app(["openssl", "ciphers", "${_}:$ciphers"]),
-                          capture => 1);
-                 map { s/\R//; } @c;  # chomp @c;
-                 $protocolciphersuitcount += scalar @c;
-                 $_ => [ @c ] } @protocols;
+       # We only use the flags that ssltest_old understands
+       push @protocols, "-tls1_2" unless $no_tls1_2;
+       push @protocols, "-tls1" unless $no_tls1;
+       push @protocols, "-ssl3" unless $no_ssl3;
+       my $protocolciphersuitecount = 0;
+       my %ciphersuites = ();
+       foreach my $protocol (@protocols) {
+           $ciphersuites{$protocol} =
+               [ map { s|\R||; split(/:/, $_) }
+                 run(app(["openssl", "ciphers", "-s", $protocol,
+                          "ALL:$ciphers"]), capture => 1) ];
+           $protocolciphersuitecount += scalar @{$ciphersuites{$protocol}};
+       }
 
         plan skip_all => "None of the ciphersuites to test are available in this OpenSSL build"
-            if $protocolciphersuitcount + scalar(@protocols) == 0;
+            if $protocolciphersuitecount + scalar(keys %ciphersuites) == 0;
 
         # The count of protocols is because in addition to the ciphersuits
         # we got above, we're running a weak DH test for each protocol
-       plan tests => $protocolciphersuitcount + scalar(@protocols);
+       plan tests => $protocolciphersuitecount + scalar(keys %ciphersuites);
 
-       foreach my $protocol (@protocols) {
+       foreach my $protocol (sort keys %ciphersuites) {
            note "Testing ciphersuites for $protocol";
+           # ssltest_old doesn't know -tls1_2, but that's fine, since that's
+           # the default choice if TLSv1.2 enabled
+           my $flag = $protocol eq "-tls1_2" ? "" : $protocol;
            foreach my $cipher (@{$ciphersuites{$protocol}}) {
-               ok(run(test([@ssltest, @exkeys, "-cipher", $cipher,
-                            $protocol eq "SSLv3" ? ("-ssl3") : ()])),
-                  "Testing $cipher");
+                if ($protocol eq "-ssl3" && $cipher =~ /ECDH/ ) {
+                    note "*****SKIPPING $protocol $cipher";
+                    ok(1);
+                } else {
+                    ok(run(test([@ssltest, @exkeys, "-cipher", $cipher,
+                                 $flag || ()])),
+                       "Testing $cipher");
+               }
            }
             is(run(test([@ssltest,
                          "-s_cipher", "EDH",