From da09ef32df91f7481e9f7ca02c356fe09aecac24 Mon Sep 17 00:00:00 2001 From: Gerhard Rieger Date: Thu, 4 Apr 2019 10:58:10 +0200 Subject: [PATCH] configure.ac: SSLv2_*_method dependend on TLS_*method; test.sh: avoid hanging of a few sec tests --- configure.ac | 10 +++++----- test.sh | 38 +++++++++++++++++++++++++------------- 2 files changed, 30 insertions(+), 18 deletions(-) diff --git a/configure.ac b/configure.ac index fe37090..3ae4b63 100644 --- a/configure.ac +++ b/configure.ac @@ -1437,15 +1437,13 @@ AC_CHECK_FUNC(setenv, AC_DEFINE(HAVE_SETENV), dnl Search for unsetenv() AC_CHECK_FUNC(unsetenv, AC_DEFINE(HAVE_UNSETENV)) +AC_CHECK_FUNC(TLS_client_method, AC_DEFINE(HAVE_TLS_client_method) ac_cv_have_tls_client_method=yes, AC_CHECK_LIB(crypt, TLS_client_method, [LIBS=-lcrypt $LIBS])) +AC_CHECK_FUNC(TLS_server_method, AC_DEFINE(HAVE_TLS_server_method) ac_cv_have_tls_server_method=yes, AC_CHECK_LIB(crypt, TLS_server_method, [LIBS=-lcrypt $LIBS])) +if test -n "$WITH_OPENSSL_METHOD" -o -z "$ac_cv_have_tls_client_method" -o -z "$ac_cv_have_tls_server_method" ; then dnl Search for SSLv2_client_method, SSLv2_server_method AC_CHECK_FUNC(SSLv2_client_method, AC_DEFINE(HAVE_SSLv2_client_method), AC_CHECK_LIB(crypt, SSLv2_client_method, [LIBS=-lcrypt $LIBS])) AC_CHECK_FUNC(SSLv2_server_method, AC_DEFINE(HAVE_SSLv2_server_method), AC_CHECK_LIB(crypt, SSLv2_server_method, [LIBS=-lcrypt $LIBS])) dnl -AC_CHECK_FUNC(SSL_CTX_set_default_verify_paths, AC_DEFINE(HAVE_SSL_CTX_set_default_verify_paths)) - -AC_CHECK_FUNC(TLS_client_method, AC_DEFINE(HAVE_TLS_client_method), AC_CHECK_LIB(crypt, TLS_client_method, [LIBS=-lcrypt $LIBS])) -AC_CHECK_FUNC(TLS_server_method, AC_DEFINE(HAVE_TLS_server_method), AC_CHECK_LIB(crypt, TLS_server_method, [LIBS=-lcrypt $LIBS])) -if test -n "$WITH_OPENSSL_METHOD"; then AC_CHECK_FUNC(SSLv3_client_method, AC_DEFINE(HAVE_SSLv3_client_method), AC_CHECK_LIB(crypt, SSLv3_client_method, [LIBS=-lcrypt $LIBS])) AC_CHECK_FUNC(SSLv3_server_method, AC_DEFINE(HAVE_SSLv3_server_method), AC_CHECK_LIB(crypt, SSLv3_server_method, [LIBS=-lcrypt $LIBS])) AC_CHECK_FUNC(SSLv23_client_method, AC_DEFINE(HAVE_SSLv23_client_method), AC_CHECK_LIB(crypt, SSLv23_client_method, [LIBS=-lcrypt $LIBS])) @@ -1459,6 +1457,8 @@ AC_CHECK_FUNC(TLSv1_2_server_method, AC_DEFINE(HAVE_TLSv1_2_server_method), AC_C AC_CHECK_FUNC(DTLSv1_client_method, AC_DEFINE(HAVE_DTLSv1_client_method), AC_CHECK_LIB(crypt, DTLSv1_client_method, [LIBS=-lcrypt $LIBS])) AC_CHECK_FUNC(DTLSv1_server_method, AC_DEFINE(HAVE_DTLSv1_server_method), AC_CHECK_LIB(crypt, DTLSv1_server_method, [LIBS=-lcrypt $LIBS])) fi # $WITH_OPENSSL_METHOD + +AC_CHECK_FUNC(SSL_CTX_set_default_verify_paths, AC_DEFINE(HAVE_SSL_CTX_set_default_verify_paths)) AC_CHECK_FUNC(RAND_egd, AC_DEFINE(HAVE_RAND_egd), AC_CHECK_LIB(crypt, RAND_egd, [LIBS=-lcrypt $LIBS])) AC_CHECK_FUNC(DH_set0_pqg, AC_DEFINE(HAVE_DH_set0_pqg), AC_CHECK_LIB(crypt, DH_set0_pqg, [LIBS=-lcrypt $LIBS])) AC_CHECK_FUNC(ASN1_STRING_get0_data, AC_DEFINE(HAVE_ASN1_STRING_get0_data), AC_CHECK_LIB(crypt, ASN1_STRING_get0_data, [LIBS=-lcrypt $LIBS])) diff --git a/test.sh b/test.sh index 0814927..baab429 100755 --- a/test.sh +++ b/test.sh @@ -215,7 +215,7 @@ else SUBSTUSER="$(grep -v '^[^:]*:^[^:]*:0:' /etc/passwd |tail -n 1 |cut -d: -f1)" fi -if type ip; then +if type ip >/dev/null; then if ip -V |grep -q "^ip utility, iproute2-ss"; then IP=$(which ip) else @@ -223,7 +223,7 @@ if type ip; then fi fi -if type ss; then +if type ss >/dev/null; then if ss -V |grep -q "^ss utility, iproute2-ss"; then SS=$(which ss) else @@ -4215,7 +4215,7 @@ te="$td/test$N.stderr" tdiff="$td/test$N.diff" da="test$N $(date) $RANDOM" CMD2="$TRACE $SOCAT $opts \"$PEERADDR\" EXEC:'$OD_C'" -CMD="$TRACE $SOCAT -T1 $opts - $TESTADDR" +CMD="$TRACE $SOCAT -T1 $opts -t 1 - $TESTADDR" printf "test $F_n $TEST... " $N eval "$CMD2 2>\"${te}1\" &" pid=$! # background process id @@ -5951,7 +5951,7 @@ elif ! testaddrs openssl >/dev/null; then else gentestcert testsrv gentestcert testcli -testserversec "$N" "$TEST" "$opts -lu -d" "ssl:$LOCALHOST:$PORT,pf=ip4,fork,retry=2,verify,cert=testcli.pem,$SOCAT_EGD" "cafile=testsrv.crt" "cafile=testcli.crt" "ssl-l:$PORT,pf=ip4,reuseaddr,$SOCAT_EGD,cafile=testcli.crt,cert=testsrv.crt,key=testsrv.key" 4 tcp "" -1 +testserversec "$N" "$TEST" "$opts -t 0.5 -lu -d" "ssl:$LOCALHOST:$PORT,pf=ip4,fork,retry=2,verify,cert=testcli.pem,$SOCAT_EGD" "cafile=testsrv.crt" "cafile=testcli.crt" "ssl-l:$PORT,pf=ip4,reuseaddr,$SOCAT_EGD,cafile=testcli.crt,cert=testsrv.crt,key=testsrv.key" 4 tcp "" -1 fi ;; # NUMCOND, feats esac PORT=$((PORT+1)) @@ -6053,7 +6053,7 @@ elif ! testaddrs listen tcp ip4 >/dev/null || ! runsip4 >/dev/null; then else gentestcert testsrv gentestcert testcli -testserversec "$N" "$TEST" "$opts -4" "SSL:127.0.0.1:$PORT,fork,retry=2,verify,cafile=testsrv.crt" "commonname=$LOCALHOST" "" "SSL-L:$PORT,pf=ip4,$REUSEADDR,cert=testsrv.crt,key=testsrv.key,verify=0" 4 tcp "" 0 +testserversec "$N" "$TEST" "$opts -t 0.5 -4" "SSL:127.0.0.1:$PORT,fork,retry=2,verify,cafile=testsrv.crt" "commonname=$LOCALHOST" "" "SSL-L:$PORT,pf=ip4,$REUSEADDR,cert=testsrv.crt,key=testsrv.key,verify=0" 4 tcp "" 0 fi ;; # testaddrs, NUMCOND esac PORT=$((PORT+1)) @@ -6077,7 +6077,7 @@ elif ! testaddrs listen tcp ip4 >/dev/null || ! runsip4 >/dev/null; then else gentestcert testsrv gentestcert testcli -testserversec "$N" "$TEST" "$opts -4" "SSL-L:$PORT,pf=ip4,reuseaddr,cert=testsrv.crt,key=testsrv.key,cafile=testcli.crt" "" "commonname=onlyyou" "SSL:$LOCALHOST:$PORT,$REUSEADDR,verify=0,cafile=testsrv.crt,cert=testcli.crt,key=testcli.key" 4 tcp "" 0 +testserversec "$N" "$TEST" "$opts -4" "SSL-L:$PORT,pf=ip4,reuseaddr,cert=testsrv.crt,key=testsrv.key,cafile=testcli.crt" "" "commonname=onlyyou" "SSL:$LOCALHOST:$PORT,$REUSEADDR,verify=0,cafile=testsrv.crt,cert=testcli.crt,key=testcli.key" 4 tcp "$PORT" 0 fi ;; # testaddrs, NUMCOND esac PORT=$((PORT+1)) @@ -6560,8 +6560,9 @@ rc="$?"; kill "$pids" 2>/dev/null if [ $rc -ne 0 ]; then $PRINTF "$FAILED:\n" echo "$SRV &" + cat "${te}s" echo "$CLI" - cat "${te}s" "${te}2" + cat "${te}2" numFAIL=$((numFAIL+1)) listFAIL="$listFAIL $N" elif ! echo "$da2" |diff - "${tf}2" >"$tdiff"; then @@ -12753,36 +12754,47 @@ kill $pid0 $pid1 $pid2 2>/dev/null; wait if ! echo "$da2" |diff - "${tf}2"; then $PRINTF "${YELLOW}phase 1 failed${NORMAL}\n" echo "$CMD0 &" + cat "${te}0" echo "$CMD1 &" + cat "${te}1" echo "$CMD2" - cat "${te}0" "${te}1" "${te}2" + cat "${te}2" numCANT=$((numCANT+1)) elif [ $rc3 -ne 0 ]; then $PRINTF "$FAILED:\n" echo "$CMD0 &" + cat "${te}0" echo "$CMD1 &" + cat "${te}1" echo "$CMD2" + cat "${te}2" echo "$CMD3" - cat "${te}0" "${te}1" "${te}2" "${te}3" + cat "${te}3" numFAIL=$((numFAIL+1)) listFAIL="$listFAIL $N" elif ! echo "$da2" |diff - "${tf}2"; then $PRINTF "$FAILED:\n" echo "$CMD0 &" - echo "$CMD1" + cat "${te}0" + echo "$CMD1 &" + cat "${te}1" echo "$CMD2" + cat "${te}2" echo "$CMD3" - cat "${te}0" "${te}1" "${te}2" "${te}3" + cat "${te}3" echo "$da2" |diff - "${tf}2" numFAIL=$((numFAIL+1)) listFAIL="$listFAIL $N" elif ! echo "$da3" |diff - "${tf}3"; then $PRINTF "$FAILED:\n" echo "$CMD0 &" - echo "$CMD1" + cat "${te}0" + echo "$CMD1 &" + cat "${te}1" echo "$CMD2" + cat "${te}2" echo "$CMD3" - cat "${te}0" "${te}1" "${te}2" "${te}3" + cat "${te}3" echo "$da3" |diff - "${tf}3" numFAIL=$((numFAIL+1)) listFAIL="$listFAIL $N"