diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2014-06-17 23:06:07 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2014-06-17 23:06:07 +1000 |
| commit | 316fac6f18f87262a315c79bcf68b9f92c9337e4 (patch) | |
| tree | 4ca56b926c75d844cf69b33461be32ae178e62e7 /openbsd-compat/regress | |
| parent | af665bb7b092a59104db1e65577851cf35b86e32 (diff) | |
| download | openssh-git-316fac6f18f87262a315c79bcf68b9f92c9337e4.tar.gz | |
- (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}
openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}]
Move the OpenSSL header/library version test into its own function and add
tests for it. Fix it to allow fix version upgrades (but not downgrades).
Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150).
ok djm@ chl@
Diffstat (limited to 'openbsd-compat/regress')
| -rw-r--r-- | openbsd-compat/regress/.cvsignore | 3 | ||||
| -rw-r--r-- | openbsd-compat/regress/Makefile.in | 6 | ||||
| -rw-r--r-- | openbsd-compat/regress/opensslvertest.c | 69 |
3 files changed, 74 insertions, 4 deletions
diff --git a/openbsd-compat/regress/.cvsignore b/openbsd-compat/regress/.cvsignore index afbf7cc3..33074f4a 100644 --- a/openbsd-compat/regress/.cvsignore +++ b/openbsd-compat/regress/.cvsignore @@ -2,4 +2,5 @@ Makefile snprintftest strduptest strtonumtest - +closefromtest +opensslvertest diff --git a/openbsd-compat/regress/Makefile.in b/openbsd-compat/regress/Makefile.in index bcf214bd..dabdb091 100644 --- a/openbsd-compat/regress/Makefile.in +++ b/openbsd-compat/regress/Makefile.in @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.4 2006/08/19 09:12:14 dtucker Exp $ +# $Id: Makefile.in,v 1.5 2014/06/17 13:06:08 dtucker Exp $ sysconfdir=@sysconfdir@ piddir=@piddir@ @@ -16,11 +16,11 @@ LIBS=@LIBS@ LDFLAGS=@LDFLAGS@ $(LIBCOMPAT) TESTPROGS=closefromtest$(EXEEXT) snprintftest$(EXEEXT) strduptest$(EXEEXT) \ - strtonumtest$(EXEEXT) + strtonumtest$(EXEEXT) opensslvertest$(EXEEXT) all: t-exec ${OTHERTESTS} -%$(EXEEXT): %.c +%$(EXEEXT): %.c $(LIBCOMPAT) $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o $@ $< $(LIBCOMPAT) $(LIBS) t-exec: $(TESTPROGS) diff --git a/openbsd-compat/regress/opensslvertest.c b/openbsd-compat/regress/opensslvertest.c new file mode 100644 index 00000000..5d019b59 --- /dev/null +++ b/openbsd-compat/regress/opensslvertest.c @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2014 Darren Tucker + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <stdio.h> +#include <stdlib.h> + +int ssh_compatible_openssl(long, long); + +struct version_test { + long headerver; + long libver; + int result; +} version_tests[] = { + /* built with 0.9.8b release headers */ + { 0x0090802fL, 0x0090802fL, 1}, /* exact match */ + { 0x0090802fL, 0x0090804fL, 1}, /* newer library fix version: ok */ + { 0x0090802fL, 0x0090801fL, 1}, /* older library fix version: ok */ + { 0x0090802fL, 0x0090702fL, 0}, /* older library minor version: NO */ + { 0x0090802fL, 0x0090902fL, 0}, /* newer library minor version: NO */ + { 0x0090802fL, 0x0080802fL, 0}, /* older library major version: NO */ + { 0x0090802fL, 0x1000100fL, 0}, /* newer library major version: NO */ + + /* built with 1.0.1b release headers */ + { 0x1000101fL, 0x1000101fL, 1},/* exact match */ + { 0x1000101fL, 0x1000102fL, 1}, /* newer library patch version: ok */ + { 0x1000101fL, 0x1000100fL, 1}, /* older library patch version: ok */ + { 0x1000101fL, 0x1000201fL, 1}, /* newer library fix version: ok */ + { 0x1000101fL, 0x1000001fL, 0}, /* older library fix version: NO */ + { 0x1000101fL, 0x1010101fL, 0}, /* newer library minor version: NO */ + { 0x1000101fL, 0x0000101fL, 0}, /* older library major version: NO */ + { 0x1000101fL, 0x2000101fL, 0}, /* newer library major version: NO */ +}; + +void +fail(long hver, long lver, int result) +{ + fprintf(stderr, "opensslver: header %lx library %lx != %d \n", hver, lver, result); + exit(1); +} + +int +main(void) +{ + unsigned int i; + int res; + long hver, lver; + + for (i = 0; i < sizeof(version_tests) / sizeof(version_tests[0]); i++) { + hver = version_tests[i].headerver; + lver = version_tests[i].libver; + res = version_tests[i].result; + if (ssh_compatible_openssl(hver, lver) != res) + fail(hver, lver, res); + } + exit(0); +} |