提交 46c4647e 编写于 作者: B Bodo Möller

"openssl no-..." commands for avoiding the need to grep

"openssl list-standard-commands".
上级 d58d6c27
...@@ -4,6 +4,17 @@ ...@@ -4,6 +4,17 @@
Changes between 0.9.5 and 0.9.5a [XX XXX 2000] Changes between 0.9.5 and 0.9.5a [XX XXX 2000]
*) For easily testing in shell scripts whether some command exists,
'openssl no-XXX' returns with exit code 0 iff the command XXX is
available. 'no-XXX' is printed in this case, 'XXX' otherwise
(i.e. when a command of this name exists). In both cases,
the output goes to stdout and nothing is printed to stderr.
Additional arguments are always ignored.
Since for each cipher there is a command of the same name,
the 'no-cipher' compilation switches can be tested this way.
[Bodo Moeller]
*) Update test suite so that 'make test' succeeds in 'no-rsa' configuration. *) Update test suite so that 'make test' succeeds in 'no-rsa' configuration.
[Bodo Moeller] [Bodo Moeller]
......
...@@ -233,6 +233,18 @@ static int do_cmd(LHASH *prog, int argc, char *argv[]) ...@@ -233,6 +233,18 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
{ {
ret=fp->func(argc,argv); ret=fp->func(argc,argv);
} }
else if ((strncmp(argv[0],"no-",3)) == 0)
{
BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
f.name=argv[0]+3;
ret = (lh_retrieve(prog,&f) != NULL);
if (!ret)
BIO_printf(bio_stdout, "%s\n", argv[0]);
else
BIO_printf(bio_stdout, "%s\n", argv[0]+3);
BIO_free(bio_stdout);
goto end;
}
else if ((strcmp(argv[0],"quit") == 0) || else if ((strcmp(argv[0],"quit") == 0) ||
(strcmp(argv[0],"q") == 0) || (strcmp(argv[0],"q") == 0) ||
(strcmp(argv[0],"exit") == 0) || (strcmp(argv[0],"exit") == 0) ||
......
...@@ -215,11 +215,11 @@ test_ssl: keyU.ss certU.ss certCA.ss ...@@ -215,11 +215,11 @@ test_ssl: keyU.ss certU.ss certCA.ss
@sh ./testssl keyU.ss certU.ss certCA.ss @sh ./testssl keyU.ss certU.ss certCA.ss
test_ca: test_ca:
@if ../apps/openssl list-standard-commands | grep '^rsa$$' >/dev/null; then \ @if ../apps/openssl no-rsa; then \
echo "skipping CA.sh test -- requires RSA"; \
else \
echo "Generate and certify a test certificate via the 'ca' program"; \ echo "Generate and certify a test certificate via the 'ca' program"; \
sh ./testca; \ sh ./testca; \
else \
echo "skipping CA.sh test -- requires RSA"; \
fi fi
lint: lint:
......
...@@ -13,12 +13,12 @@ echo "generating certificate request" ...@@ -13,12 +13,12 @@ echo "generating certificate request"
echo "string to make the random number generator think it has entropy" >> ./.rnd echo "string to make the random number generator think it has entropy" >> ./.rnd
if ../apps/openssl list-standard-commands | grep '^rsa$' >/dev/null; then if ../apps/openssl no-rsa; then
req_new='-newkey dsa:../apps/dsa512.pem'
else
req_new='-new' req_new='-new'
echo "There should be a 2 sequences of .'s and some +'s." echo "There should be a 2 sequences of .'s and some +'s."
echo "There should not be more that at most 80 per line" echo "There should not be more that at most 80 per line"
else
req_new='-newkey dsa:../apps/dsa512.pem'
fi fi
echo "This could take some time." echo "This could take some time."
......
...@@ -20,10 +20,10 @@ Ucert="certU.ss" ...@@ -20,10 +20,10 @@ Ucert="certU.ss"
echo echo
echo "make a certificate request using 'req'" echo "make a certificate request using 'req'"
if ../apps/openssl list-standard-commands | grep '^rsa$' >/dev/null; then if ../apps/openssl no-rsa; then
req_new='-new'
else
req_new='-newkey dsa:../apps/dsa512.pem' req_new='-newkey dsa:../apps/dsa512.pem'
else
req_new='-new'
fi fi
$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss $reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss
......
...@@ -115,7 +115,9 @@ $ssltest -bio_pair -server_auth -client_auth $CA || exit 1 ...@@ -115,7 +115,9 @@ $ssltest -bio_pair -server_auth -client_auth $CA || exit 1
echo test tls1 with 1024bit anonymous DH, multiple handshakes echo test tls1 with 1024bit anonymous DH, multiple handshakes
$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time || exit 1 $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time || exit 1
if ../apps/openssl list-standard-commands | grep '^rsa$' >/dev/null; then if ../apps/openssl no-rsa; then
echo skipping RSA tests
else
echo test tls1 with 1024bit RSA, no DHE, multiple handshakes echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time || exit 1 ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time || exit 1
......
...@@ -3,10 +3,8 @@ ...@@ -3,10 +3,8 @@
PATH=../apps:$PATH PATH=../apps:$PATH
export PATH export PATH
if ../apps/openssl list-standard-commands | grep '^rsa$' >/dev/null; then if ../apps/openssl no-rsa; then
echo openssl rsa command available echo skipping rsa conversion test
else
echo openssl rsa command not available, skipping test
exit 0 exit 0
fi fi
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册