opensssl 1.1.1g test failure(s)

classic Classic list List threaded Threaded
12 messages Options
Reply | Threaded
Open this post in threaded view
|

opensssl 1.1.1g test failure(s)

Claus Assmann
Note sure whether this is already known (a search didn't bring up
anything meaningful):

../test/recipes/80-test_ssl_old.t ..................
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/6 subtests
Test Summary Report
-------------------
../test/recipes/80-test_ssl_old.t                (Wstat: 256 Tests: 6 Failed: 1)
  Failed test:  2
                ^ Is that supposed to be the number of failed tests?
                  If so, I don't see the 2nd test failure
                  (and it should probably  be "Failed test(s):"?)

Files=155, Tests=1256, 298 wallclock secs ( 0.32 usr  2.07 sys + 126.58 cusr 156.65 csys = 285.62 CPU)
Result: FAIL

OS Version:
OpenBSD 6.5 amd64
Reply | Threaded
Open this post in threaded view
|

Re: opensssl 1.1.1g test failure(s)

OpenSSL - User mailing list
On Tue, Apr 21, 2020 at 07:22:38PM +0200, Claus Assmann wrote:
> Note sure whether this is already known (a search didn't bring up
> anything meaningful):
>
> ../test/recipes/80-test_ssl_old.t ..................
> Dubious, test returned 1 (wstat 256, 0x100)
> Failed 1/6 subtests
> Test Summary Report
> -------------------
> ../test/recipes/80-test_ssl_old.t                (Wstat: 256 Tests: 6 Failed: 1)
                                                                        ^^^^^^^^^
this is the number of failed tests

>   Failed test:  2
>                 ^ Is that supposed to be the number of failed tests?

No, that's the index of the failing test(s).  (I always have to check whether
it's 0-indexed or 1-indexed, though.)

>                   If so, I don't see the 2nd test failure
>                   (and it should probably  be "Failed test(s):"?)
>
> Files=155, Tests=1256, 298 wallclock secs ( 0.32 usr  2.07 sys + 126.58 cusr 156.65 csys = 285.62 CPU)
> Result: FAIL

Please run again with `make V=1 TESTS=test_ssl_old test` and post the relevant parts of the output?

Thanks,

Ben
Reply | Threaded
Open this post in threaded view
|

Re: opensssl 1.1.1g test failure(s)

Claus Assmann
On Tue, Apr 21, 2020, Benjamin Kaduk via openssl-users wrote:
> On Tue, Apr 21, 2020 at 07:22:38PM +0200, Claus Assmann wrote:

> > ../test/recipes/80-test_ssl_old.t ..................
> > Dubious, test returned 1 (wstat 256, 0x100)

> Please run again with `make V=1 TESTS=test_ssl_old test` and post the relevant parts of the output?

Thanks for the reply, below is the output, It seems it only fails
because the host doesn't support IPv6?

make depend && make _tests
( cd test;  mkdir -p test-runs;  SRCTOP=../.  BLDTOP=../.  RESULT_D=test-runs  PERL="/usr/bin/perl"  EXE_EXT=  OPENSSL_ENGINES=`cd .././engines 2>/dev/null && pwd`  OPENSSL_DEBUG_MEMORY=on  /usr/bin/perl .././test/run_tests.pl test_ssl_old )
../test/recipes/80-test_ssl_old.t ..
1..6
# Subtest: test_ss
    1..17
Generating a RSA private key
......+++++
..................................................................................................+++++
writing new private key to 'keyCA.ss'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers
Common Name (eg, YOUR name) []:Dodgy CA
../../util/shlib_wrap.sh ../../apps/openssl req -config ../CAss.cnf -out reqCA.ss -keyout keyCA.ss -new => 0
    ok 1 - make cert request
Signature ok
subject=C = AU, O = Dodgy Brothers, CN = Dodgy CA
Getting Private key
../../util/shlib_wrap.sh ../../apps/openssl x509 -sha1 -CAcreateserial -in reqCA.ss -days 30 -req -out certCA.ss -signkey keyCA.ss -extfile ../CAss.cnf -extensions v3_ca > err.ss => 0
    ok 2 - convert request into self-signed cert
Getting request Private Key
Generating certificate request
../../util/shlib_wrap.sh ../../apps/openssl x509 -sha1 -in certCA.ss -x509toreq -signkey keyCA.ss -out req2CA.ss > err.ss => 0
    ok 3 - convert cert into a cert request
verify OK
../../util/shlib_wrap.sh ../../apps/openssl req -config ../../apps/openssl.cnf -verify -in reqCA.ss -noout => 0
    ok 4 - verify request 1
verify OK
../../util/shlib_wrap.sh ../../apps/openssl req -config ../../apps/openssl.cnf -verify -in req2CA.ss -noout => 0
    ok 5 - verify request 2
certCA.ss: OK
../../util/shlib_wrap.sh ../../apps/openssl verify -CAfile certCA.ss certCA.ss => 0
    ok 6 - verify signature
Generating a RSA private key
.........................+++++
.........+++++
writing new private key to 'keyU.ss'
-----
../../util/shlib_wrap.sh ../../apps/openssl req -config ../Uss.cnf -out reqU.ss -keyout keyU.ss -new > err.ss => 0
    ok 7 - make a user cert request
Signature ok
subject=C = AU, O = Dodgy Brothers, CN = Brother 1, CN = Brother 2
Getting CA Private Key
../../util/shlib_wrap.sh ../../apps/openssl x509 -sha1 -CAcreateserial -in reqU.ss -days 30 -req -out certU.ss -CA certCA.ss -CAkey keyCA.ss -CAserial certCA.srl -extfile ../Uss.cnf -extensions v3_ee > err.ss => 0
certU.ss: OK
../../util/shlib_wrap.sh ../../apps/openssl verify -CAfile certCA.ss certU.ss => 0
    ok 8 - sign user cert request
# subject=C = AU, O = Dodgy Brothers, CN = Brother 1, CN = Brother 2
# issuer=C = AU, O = Dodgy Brothers, CN = Dodgy CA
# notBefore=Apr 21 17:30:29 2020 GMT
# notAfter=May 21 17:30:29 2020 GMT
../../util/shlib_wrap.sh ../../apps/openssl x509 -sha1 -subject -issuer -startdate -enddate -noout -in certU.ss => 0
    ok 9 - Certificate details
    # Subtest: DSA certificate creation
        1..5
Generating DSA key, 1024 bits
../../util/shlib_wrap.sh ../../apps/openssl gendsa -out keyD.ss ../../apps/dsa1024.pem > err.ss => 0
        ok 1 - make a DSA key
../../util/shlib_wrap.sh ../../apps/openssl req -new -config ../Uss.cnf -out reqD.ss -key keyD.ss > err.ss => 0
        ok 2 - make a DSA user cert request
Signature ok
subject=C = AU, O = Dodgy Brothers, CN = Brother 1, CN = DSA Certificate
Getting CA Private Key
../../util/shlib_wrap.sh ../../apps/openssl x509 -sha1 -CAcreateserial -in reqD.ss -days 30 -req -out certD.ss -CA certCA.ss -CAkey keyCA.ss -CAserial certCA.srl -extfile ../Uss.cnf -extensions v3_ee_dsa > err.ss => 0
        ok 3 - sign DSA user cert request
certD.ss: OK
../../util/shlib_wrap.sh ../../apps/openssl verify -CAfile certCA.ss certD.ss => 0
        ok 4 - verify DSA user cert
# subject=C = AU, O = Dodgy Brothers, CN = Brother 1, CN = DSA Certificate
# issuer=C = AU, O = Dodgy Brothers, CN = Dodgy CA
# notBefore=Apr 21 17:30:29 2020 GMT
# notAfter=May 21 17:30:29 2020 GMT
../../util/shlib_wrap.sh ../../apps/openssl x509 -sha1 -subject -issuer -startdate -enddate -noout -in certD.ss => 0
        ok 5 - DSA Certificate details
    ok 10 - DSA certificate creation
    # Subtest: ECDSA/ECDH certificate creation
        1..5
../../util/shlib_wrap.sh ../../apps/openssl ecparam -name P-256 -out ecp.ss => 0
        ok 1 - make EC parameters
Generating an EC private key
writing new private key to 'keyE.ss'
-----
../../util/shlib_wrap.sh ../../apps/openssl req -config ../Uss.cnf -out reqE.ss -keyout keyE.ss -newkey 'ec:ecp.ss' > err.ss => 0
        ok 2 - make a ECDSA/ECDH user cert request
Signature ok
subject=C = AU, O = Dodgy Brothers, CN = Brother 1, CN = ECDSA Certificate
Getting CA Private Key
../../util/shlib_wrap.sh ../../apps/openssl x509 -sha1 -CAcreateserial -in reqE.ss -days 30 -req -out certE.ss -CA certCA.ss -CAkey keyCA.ss -CAserial certCA.srl -extfile ../Uss.cnf -extensions v3_ee_ec > err.ss => 0
        ok 3 - sign ECDSA/ECDH user cert request
certE.ss: OK
../../util/shlib_wrap.sh ../../apps/openssl verify -CAfile certCA.ss certE.ss => 0
        ok 4 - verify ECDSA/ECDH user cert
# subject=C = AU, O = Dodgy Brothers, CN = Brother 1, CN = ECDSA Certificate
# issuer=C = AU, O = Dodgy Brothers, CN = Dodgy CA
# notBefore=Apr 21 17:30:30 2020 GMT
# notAfter=May 21 17:30:30 2020 GMT
../../util/shlib_wrap.sh ../../apps/openssl x509 -sha1 -subject -issuer -startdate -enddate -noout -in certE.ss => 0
        ok 5 - ECDSA Certificate details
    ok 11 - ECDSA/ECDH certificate creation
Generating a RSA private key
.................................+++++
.................................+++++
writing new private key to 'keyP1.ss'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers
Common Name (eg, YOUR name) []:Brother 1
Common Name (eg, YOUR name) []:Brother 2
Common Name (eg, YOUR name) []:Proxy 1
../../util/shlib_wrap.sh ../../apps/openssl req -config ../P1ss.cnf -out reqP1.ss -keyout keyP1.ss -new > err.ss => 0
    ok 12 - make a proxy cert request
Signature ok
subject=C = AU, O = Dodgy Brothers, CN = Brother 1, CN = Brother 2, CN = Proxy 1
Getting CA Private Key
../../util/shlib_wrap.sh ../../apps/openssl x509 -sha1 -CAcreateserial -in reqP1.ss -days 30 -req -out certP1.ss -CA certU.ss -CAkey keyU.ss -extfile ../P1ss.cnf -extensions v3_proxy > err.ss => 0
    ok 13 - sign proxy with user cert
C = AU, O = Dodgy Brothers, CN = Brother 1, CN = Brother 2, CN = Proxy 1
error 40 at 0 depth lookup: proxy certificates not allowed, please set the appropriate flag
error certP1.ss: verification failed
../../util/shlib_wrap.sh ../../apps/openssl verify -CAfile certCA.ss -untrusted tmp_intP1.ss certP1.ss => 2
# subject=C = AU, O = Dodgy Brothers, CN = Brother 1, CN = Brother 2, CN = Proxy 1
# issuer=C = AU, O = Dodgy Brothers, CN = Brother 1, CN = Brother 2
# notBefore=Apr 21 17:30:30 2020 GMT
# notAfter=May 21 17:30:30 2020 GMT
../../util/shlib_wrap.sh ../../apps/openssl x509 -sha1 -subject -issuer -startdate -enddate -noout -in certP1.ss => 0
    ok 14 - Certificate details
Generating a RSA private key
...........+++++
.........................................................................................................................................................................................................+++++
writing new private key to 'keyP2.ss'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers
Common Name (eg, YOUR name) []:Brother 1
Common Name (eg, YOUR name) []:Brother 2
Common Name (eg, YOUR name) []:Proxy 1
Common Name (eg, YOUR name) []:Proxy 2
../../util/shlib_wrap.sh ../../apps/openssl req -config ../P2ss.cnf -out reqP2.ss -keyout keyP2.ss -new > err.ss => 0
    ok 15 - make another proxy cert request
Signature ok
subject=C = AU, O = Dodgy Brothers, CN = Brother 1, CN = Brother 2, CN = Proxy 1, CN = Proxy 2
Getting CA Private Key
../../util/shlib_wrap.sh ../../apps/openssl x509 -sha1 -CAcreateserial -in reqP2.ss -days 30 -req -out certP2.ss -CA certP1.ss -CAkey keyP1.ss -extfile ../P2ss.cnf -extensions v3_proxy > err.ss => 0
    ok 16 - sign second proxy cert request with the first proxy cert
C = AU, O = Dodgy Brothers, CN = Brother 1, CN = Brother 2, CN = Proxy 1, CN = Proxy 2
error 40 at 0 depth lookup: proxy certificates not allowed, please set the appropriate flag
error certP2.ss: verification failed
../../util/shlib_wrap.sh ../../apps/openssl verify -CAfile certCA.ss -untrusted tmp_intP2.ss certP2.ss => 2
# subject=C = AU, O = Dodgy Brothers, CN = Brother 1, CN = Brother 2, CN = Proxy 1, CN = Proxy 2
# issuer=C = AU, O = Dodgy Brothers, CN = Brother 1, CN = Brother 2, CN = Proxy 1
# notBefore=Apr 21 17:30:31 2020 GMT
# notAfter=May 21 17:30:31 2020 GMT
../../util/shlib_wrap.sh ../../apps/openssl x509 -sha1 -subject -issuer -startdate -enddate -noout -in certP2.ss => 0
    ok 17 - Certificate details
ok 1 - test_ss
# test_ssl -- key U
../../util/shlib_wrap.sh ../../apps/openssl x509 -in certU.ss -text -noout => 0
# Subtest: standard SSL tests
    1..13
    ok 1 # skip SSLv3 is not supported by this OpenSSL build
    ok 2 # skip SSLv3 is not supported by this OpenSSL build
    ok 3 # skip SSLv3 is not supported by this OpenSSL build
    ok 4 # skip SSLv3 is not supported by this OpenSSL build
Doing handshakes=1 bytes=256
TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair => 0
    ok 5 - test sslv2/sslv3 via BIO pair
Doing handshakes=1 bytes=256
TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair -no_dhe -no_ecdhe => 0
    ok 6 - test sslv2/sslv3 w/o (EC)DHE via BIO pair
Doing handshakes=1 bytes=256
DONE via BIO pair: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair -dhe1024dsa -v => 0
    ok 7 - test sslv2/sslv3 with 1024bit DHE via BIO pair
server authentication
Doing handshakes=1 bytes=256
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair -server_auth -CAfile certCA.ss => 0
    ok 8 - test sslv2/sslv3 with server authentication
client authentication
Doing handshakes=1 bytes=256
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair -client_auth -CAfile certCA.ss => 0
    ok 9 - test sslv2/sslv3 with client authentication via BIO pair
client authentication
server authentication
Doing handshakes=1 bytes=256
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair -server_auth -client_auth -CAfile certCA.ss => 0
    ok 10 - test sslv2/sslv3 with both client and server authentication via BIO pair
client authentication
server authentication
Doing handshakes=1 bytes=256
In app_verify_callback, allowing cert. Arg is: Test Callback Argument
Finished printing do we have a context? 0x0x1c4fed3a200 a cert? 0x0x1c54fc5ce00
cert depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
In app_verify_callback, allowing cert. Arg is: Test Callback Argument
Finished printing do we have a context? 0x0x1c5562e8c00 a cert? 0x0x1c4fed3de00
cert depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair -server_auth -client_auth -app_verify -CAfile certCA.ss => 0
    ok 11 - test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
Doing handshakes=1 bytes=256
TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -ipv4 => 0
    ok 12 - test TLS via IPv4
0:error:0200E016:system library:setsockopt:Invalid argument:crypto/bio/b_sock2.c:255:
0:error:2008B088:BIO routines:BIO_listen:listen v6 only:crypto/bio/b_sock2.c:256:
Doing handshakes=1 bytes=256
TLSv1.3, cipher (NONE) (NONE)
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -ipv6 => 1
    not ok 13 - test TLS via IPv6
    #   Failed test 'test TLS via IPv6'
    #   at ../test/recipes/80-test_ssl_old.t line 390.
    # Looks like you failed 1 test of 13.
not ok 2 - standard SSL tests
#   Failed test 'standard SSL tests'
#   at /home/ca/pd/security/openssl-1.1.1g/test/../util/perl/OpenSSL/Test.pm line 1212.
# Subtest: Testing ciphersuites
../../util/shlib_wrap.sh ../../apps/openssl ciphers -s -tls1_3 'ALL:-PSK:-SRP' => 0
../../util/shlib_wrap.sh ../../apps/openssl ciphers -s -tls1_2 'ALL:-PSK:-SRP' => 0
../../util/shlib_wrap.sh ../../apps/openssl ciphers -s -tls1 'ALL:-PSK:-SRP' => 0
    1..102
    ok 1 - Getting ciphers for -tls1_3
    ok 2 - Getting ciphers for -tls1_2
    ok 3 - Getting ciphers for -tls1
    # Testing ciphersuites for -tls1
Doing handshakes=1 bytes=256
TLSv1, cipher TLSv1.0 ECDHE-ECDSA-AES256-SHA, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-AES256-SHA -ciphersuites '' -tls1 => 0
    ok 4 - Testing ECDHE-ECDSA-AES256-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-RSA-AES256-SHA -ciphersuites '' -tls1 => 0
    ok 5 - Testing ECDHE-RSA-AES256-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 DHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 1024 bits DH, digest=MD5-SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-AES256-SHA -ciphersuites '' -tls1 => 0
    ok 6 - Testing DHE-RSA-AES256-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 DHE-DSS-AES256-SHA, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-AES256-SHA -ciphersuites '' -tls1 => 0
    ok 7 - Testing DHE-DSS-AES256-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 DHE-RSA-CAMELLIA256-SHA, 2048 bits RSA, temp key: 1024 bits DH, digest=MD5-SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-CAMELLIA256-SHA -ciphersuites '' -tls1 => 0
    ok 8 - Testing DHE-RSA-CAMELLIA256-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 DHE-DSS-CAMELLIA256-SHA, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-CAMELLIA256-SHA -ciphersuites '' -tls1 => 0
    ok 9 - Testing DHE-DSS-CAMELLIA256-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-AES128-SHA -ciphersuites '' -tls1 => 0
    ok 10 - Testing ECDHE-ECDSA-AES128-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher TLSv1.0 ECDHE-RSA-AES128-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-RSA-AES128-SHA -ciphersuites '' -tls1 => 0
    ok 11 - Testing ECDHE-RSA-AES128-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 DHE-RSA-AES128-SHA, 2048 bits RSA, temp key: 1024 bits DH, digest=MD5-SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-AES128-SHA -ciphersuites '' -tls1 => 0
    ok 12 - Testing DHE-RSA-AES128-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 DHE-DSS-AES128-SHA, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-AES128-SHA -ciphersuites '' -tls1 => 0
    ok 13 - Testing DHE-DSS-AES128-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 DHE-RSA-SEED-SHA, 2048 bits RSA, temp key: 1024 bits DH, digest=MD5-SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-SEED-SHA -ciphersuites '' -tls1 => 0
    ok 14 - Testing DHE-RSA-SEED-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 DHE-DSS-SEED-SHA, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-SEED-SHA -ciphersuites '' -tls1 => 0
    ok 15 - Testing DHE-DSS-SEED-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 DHE-RSA-CAMELLIA128-SHA, 2048 bits RSA, temp key: 1024 bits DH, digest=MD5-SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-CAMELLIA128-SHA -ciphersuites '' -tls1 => 0
    ok 16 - Testing DHE-RSA-CAMELLIA128-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 DHE-DSS-CAMELLIA128-SHA, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-CAMELLIA128-SHA -ciphersuites '' -tls1 => 0
    ok 17 - Testing DHE-DSS-CAMELLIA128-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 AES256-SHA, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher AES256-SHA -ciphersuites '' -tls1 => 0
    ok 18 - Testing AES256-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 CAMELLIA256-SHA, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher CAMELLIA256-SHA -ciphersuites '' -tls1 => 0
    ok 19 - Testing CAMELLIA256-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 AES128-SHA, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher AES128-SHA -ciphersuites '' -tls1 => 0
    ok 20 - Testing AES128-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 SEED-SHA, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher SEED-SHA -ciphersuites '' -tls1 => 0
    ok 21 - Testing SEED-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 CAMELLIA128-SHA, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher CAMELLIA128-SHA -ciphersuites '' -tls1 => 0
    ok 22 - Testing CAMELLIA128-SHA
Doing handshakes=1 bytes=256
TLSv1, cipher SSLv3 IDEA-CBC-SHA, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher IDEA-CBC-SHA -ciphersuites '' -tls1 => 0
    ok 23 - Testing IDEA-CBC-SHA
0:error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small:ssl/s3_lib.c:3782:
0:error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small:ssl/s3_lib.c:3782:
ERROR in SERVER
0:error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher:ssl/statem/statem_srvr.c:2284:
Doing handshakes=1 bytes=256
TLSv1, cipher (NONE) (NONE)
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cipher EDH -c_cipher 'EDH:@SECLEVEL=1' -dhe512 -tls1 => 1
    ok 24 - testing connection with weak DH, expecting failure
    # Testing ciphersuites for -tls1_2
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-AES256-GCM-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 25 - Testing ECDHE-ECDSA-AES256-GCM-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-RSA-AES256-GCM-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 26 - Testing ECDHE-RSA-AES256-GCM-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-DSS-AES256-GCM-SHA384, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA224
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-AES256-GCM-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 27 - Testing DHE-DSS-AES256-GCM-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-AES256-GCM-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 28 - Testing DHE-RSA-AES256-GCM-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-CHACHA20-POLY1305 -ciphersuites '' -tls1_2 => 0
    ok 29 - Testing ECDHE-ECDSA-CHACHA20-POLY1305
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-RSA-CHACHA20-POLY1305 -ciphersuites '' -tls1_2 => 0
    ok 30 - Testing ECDHE-RSA-CHACHA20-POLY1305
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-RSA-CHACHA20-POLY1305, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-CHACHA20-POLY1305 -ciphersuites '' -tls1_2 => 0
    ok 31 - Testing DHE-RSA-CHACHA20-POLY1305
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES256-CCM8, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-AES256-CCM8 -ciphersuites '' -tls1_2 => 0
    ok 32 - Testing ECDHE-ECDSA-AES256-CCM8
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES256-CCM, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-AES256-CCM -ciphersuites '' -tls1_2 => 0
    ok 33 - Testing ECDHE-ECDSA-AES256-CCM
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-CCM8, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-AES256-CCM8 -ciphersuites '' -tls1_2 => 0
    ok 34 - Testing DHE-RSA-AES256-CCM8
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-CCM, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-AES256-CCM -ciphersuites '' -tls1_2 => 0
    ok 35 - Testing DHE-RSA-AES256-CCM
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-ARIA256-GCM-SHA384, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-ARIA256-GCM-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 36 - Testing ECDHE-ECDSA-ARIA256-GCM-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ARIA256-GCM-SHA384, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ARIA256-GCM-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 37 - Testing ECDHE-ARIA256-GCM-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-DSS-ARIA256-GCM-SHA384, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA224
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-ARIA256-GCM-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 38 - Testing DHE-DSS-ARIA256-GCM-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-RSA-ARIA256-GCM-SHA384, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-ARIA256-GCM-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 39 - Testing DHE-RSA-ARIA256-GCM-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-AES128-GCM-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 40 - Testing ECDHE-ECDSA-AES128-GCM-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-RSA-AES128-GCM-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 41 - Testing ECDHE-RSA-AES128-GCM-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-DSS-AES128-GCM-SHA256, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA224
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-AES128-GCM-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 42 - Testing DHE-DSS-AES128-GCM-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-RSA-AES128-GCM-SHA256, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-AES128-GCM-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 43 - Testing DHE-RSA-AES128-GCM-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES128-CCM8, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-AES128-CCM8 -ciphersuites '' -tls1_2 => 0
    ok 44 - Testing ECDHE-ECDSA-AES128-CCM8
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES128-CCM, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-AES128-CCM -ciphersuites '' -tls1_2 => 0
    ok 45 - Testing ECDHE-ECDSA-AES128-CCM
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-RSA-AES128-CCM8, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-AES128-CCM8 -ciphersuites '' -tls1_2 => 0
    ok 46 - Testing DHE-RSA-AES128-CCM8
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-RSA-AES128-CCM, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-AES128-CCM -ciphersuites '' -tls1_2 => 0
    ok 47 - Testing DHE-RSA-AES128-CCM
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-ARIA128-GCM-SHA256, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-ARIA128-GCM-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 48 - Testing ECDHE-ECDSA-ARIA128-GCM-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ARIA128-GCM-SHA256, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ARIA128-GCM-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 49 - Testing ECDHE-ARIA128-GCM-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-DSS-ARIA128-GCM-SHA256, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA224
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-ARIA128-GCM-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 50 - Testing DHE-DSS-ARIA128-GCM-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-RSA-ARIA128-GCM-SHA256, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-ARIA128-GCM-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 51 - Testing DHE-RSA-ARIA128-GCM-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES256-SHA384, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-AES256-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 52 - Testing ECDHE-ECDSA-AES256-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-SHA384, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-RSA-AES256-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 53 - Testing ECDHE-RSA-AES256-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-SHA256, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-AES256-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 54 - Testing DHE-RSA-AES256-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-DSS-AES256-SHA256, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA224
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-AES256-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 55 - Testing DHE-DSS-AES256-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-CAMELLIA256-SHA384, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-CAMELLIA256-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 56 - Testing ECDHE-ECDSA-CAMELLIA256-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-RSA-CAMELLIA256-SHA384, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-RSA-CAMELLIA256-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 57 - Testing ECDHE-RSA-CAMELLIA256-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-RSA-CAMELLIA256-SHA256, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-CAMELLIA256-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 58 - Testing DHE-RSA-CAMELLIA256-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-DSS-CAMELLIA256-SHA256, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA224
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-CAMELLIA256-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 59 - Testing DHE-DSS-CAMELLIA256-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES128-SHA256, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-AES128-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 60 - Testing ECDHE-ECDSA-AES128-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES128-SHA256, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-RSA-AES128-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 61 - Testing ECDHE-RSA-AES128-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-RSA-AES128-SHA256, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-AES128-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 62 - Testing DHE-RSA-AES128-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-DSS-AES128-SHA256, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA224
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-AES128-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 63 - Testing DHE-DSS-AES128-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-CAMELLIA128-SHA256, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-CAMELLIA128-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 64 - Testing ECDHE-ECDSA-CAMELLIA128-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ECDHE-RSA-CAMELLIA128-SHA256, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-RSA-CAMELLIA128-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 65 - Testing ECDHE-RSA-CAMELLIA128-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-RSA-CAMELLIA128-SHA256, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-CAMELLIA128-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 66 - Testing DHE-RSA-CAMELLIA128-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 DHE-DSS-CAMELLIA128-SHA256, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA224
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-CAMELLIA128-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 67 - Testing DHE-DSS-CAMELLIA128-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.0 ECDHE-ECDSA-AES256-SHA, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-AES256-SHA -ciphersuites '' -tls1_2 => 0
    ok 68 - Testing ECDHE-ECDSA-AES256-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-RSA-AES256-SHA -ciphersuites '' -tls1_2 => 0
    ok 69 - Testing ECDHE-RSA-AES256-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-AES256-SHA -ciphersuites '' -tls1_2 => 0
    ok 70 - Testing DHE-RSA-AES256-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 DHE-DSS-AES256-SHA, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA224
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-AES256-SHA -ciphersuites '' -tls1_2 => 0
    ok 71 - Testing DHE-DSS-AES256-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 DHE-RSA-CAMELLIA256-SHA, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-CAMELLIA256-SHA -ciphersuites '' -tls1_2 => 0
    ok 72 - Testing DHE-RSA-CAMELLIA256-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 DHE-DSS-CAMELLIA256-SHA, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA224
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-CAMELLIA256-SHA -ciphersuites '' -tls1_2 => 0
    ok 73 - Testing DHE-DSS-CAMELLIA256-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-ECDSA-AES128-SHA -ciphersuites '' -tls1_2 => 0
    ok 74 - Testing ECDHE-ECDSA-AES128-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.0 ECDHE-RSA-AES128-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ECDHE-RSA-AES128-SHA -ciphersuites '' -tls1_2 => 0
    ok 75 - Testing ECDHE-RSA-AES128-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 DHE-RSA-AES128-SHA, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-AES128-SHA -ciphersuites '' -tls1_2 => 0
    ok 76 - Testing DHE-RSA-AES128-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 DHE-DSS-AES128-SHA, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA224
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-AES128-SHA -ciphersuites '' -tls1_2 => 0
    ok 77 - Testing DHE-DSS-AES128-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 DHE-RSA-SEED-SHA, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-SEED-SHA -ciphersuites '' -tls1_2 => 0
    ok 78 - Testing DHE-RSA-SEED-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 DHE-DSS-SEED-SHA, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA224
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-SEED-SHA -ciphersuites '' -tls1_2 => 0
    ok 79 - Testing DHE-DSS-SEED-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 DHE-RSA-CAMELLIA128-SHA, 2048 bits RSA, temp key: 1024 bits DH, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-RSA-CAMELLIA128-SHA -ciphersuites '' -tls1_2 => 0
    ok 80 - Testing DHE-RSA-CAMELLIA128-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 DHE-DSS-CAMELLIA128-SHA, 1024 bits DSA, temp key: 1024 bits DH, digest=SHA224
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher DHE-DSS-CAMELLIA128-SHA -ciphersuites '' -tls1_2 => 0
    ok 81 - Testing DHE-DSS-CAMELLIA128-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 AES256-GCM-SHA384, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher AES256-GCM-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 82 - Testing AES256-GCM-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 AES256-CCM8, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher AES256-CCM8 -ciphersuites '' -tls1_2 => 0
    ok 83 - Testing AES256-CCM8
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 AES256-CCM, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher AES256-CCM -ciphersuites '' -tls1_2 => 0
    ok 84 - Testing AES256-CCM
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ARIA256-GCM-SHA384, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ARIA256-GCM-SHA384 -ciphersuites '' -tls1_2 => 0
    ok 85 - Testing ARIA256-GCM-SHA384
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 AES128-GCM-SHA256, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher AES128-GCM-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 86 - Testing AES128-GCM-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 AES128-CCM8, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher AES128-CCM8 -ciphersuites '' -tls1_2 => 0
    ok 87 - Testing AES128-CCM8
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 AES128-CCM, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher AES128-CCM -ciphersuites '' -tls1_2 => 0
    ok 88 - Testing AES128-CCM
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 ARIA128-GCM-SHA256, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher ARIA128-GCM-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 89 - Testing ARIA128-GCM-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 AES256-SHA256, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher AES256-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 90 - Testing AES256-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 CAMELLIA256-SHA256, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher CAMELLIA256-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 91 - Testing CAMELLIA256-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 AES128-SHA256, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher AES128-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 92 - Testing AES128-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher TLSv1.2 CAMELLIA128-SHA256, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher CAMELLIA128-SHA256 -ciphersuites '' -tls1_2 => 0
    ok 93 - Testing CAMELLIA128-SHA256
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 AES256-SHA, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher AES256-SHA -ciphersuites '' -tls1_2 => 0
    ok 94 - Testing AES256-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 CAMELLIA256-SHA, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher CAMELLIA256-SHA -ciphersuites '' -tls1_2 => 0
    ok 95 - Testing CAMELLIA256-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 AES128-SHA, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher AES128-SHA -ciphersuites '' -tls1_2 => 0
    ok 96 - Testing AES128-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 SEED-SHA, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher SEED-SHA -ciphersuites '' -tls1_2 => 0
    ok 97 - Testing SEED-SHA
Doing handshakes=1 bytes=256
TLSv1.2, cipher SSLv3 CAMELLIA128-SHA, 2048 bits RSA
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher CAMELLIA128-SHA -ciphersuites '' -tls1_2 => 0
    ok 98 - Testing CAMELLIA128-SHA
0:error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small:ssl/s3_lib.c:3782:
0:error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small:ssl/s3_lib.c:3782:
ERROR in SERVER
0:error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher:ssl/statem/statem_srvr.c:2284:
Doing handshakes=1 bytes=256
TLSv1.2, cipher (NONE) (NONE)
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cipher EDH -c_cipher 'EDH:@SECLEVEL=1' -dhe512 -tls1_2 => 1
    ok 99 - testing connection with weak DH, expecting failure
    # Testing ciphersuites for -tls1_3
Doing handshakes=1 bytes=256
TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher '' -ciphersuites TLS_AES_256_GCM_SHA384 => 0
    ok 100 - Testing
Doing handshakes=1 bytes=256
TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher '' -ciphersuites TLS_CHACHA20_POLY1305_SHA256 => 0
    ok 101 - Testing
Doing handshakes=1 bytes=256
TLSv1.3, cipher TLSv1.3 TLS_AES_128_GCM_SHA256, 256 bits EC (P-256), temp key: 253 bits X25519, digest=SHA256
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -s_cert certD.ss -s_key keyD.ss -s_cert certE.ss -s_key keyE.ss -cipher '' -ciphersuites TLS_AES_128_GCM_SHA256 => 0
    ok 102 - Testing
ok 3 - Testing ciphersuites
# Subtest: RSA/(EC)DHE/PSK tests
    1..5
Doing handshakes=10 bytes=256
DONE via BIO pair: TLSv1, cipher SSLv3 ADH-AES256-SHA, temp key: 1024 bits DH
DONE via BIO pair: TLSv1, cipher SSLv3 ADH-AES256-SHA, temp key: 1024 bits DH
DONE via BIO pair: TLSv1, cipher SSLv3 ADH-AES256-SHA, temp key: 1024 bits DH
DONE via BIO pair: TLSv1, cipher SSLv3 ADH-AES256-SHA, temp key: 1024 bits DH
DONE via BIO pair: TLSv1, cipher SSLv3 ADH-AES256-SHA, temp key: 1024 bits DH
DONE via BIO pair: TLSv1, cipher SSLv3 ADH-AES256-SHA, temp key: 1024 bits DH
DONE via BIO pair: TLSv1, cipher SSLv3 ADH-AES256-SHA, temp key: 1024 bits DH
DONE via BIO pair: TLSv1, cipher SSLv3 ADH-AES256-SHA, temp key: 1024 bits DH
DONE via BIO pair: TLSv1, cipher SSLv3 ADH-AES256-SHA, temp key: 1024 bits DH
DONE via BIO pair: TLSv1, cipher SSLv3 ADH-AES256-SHA, temp key: 1024 bits DH
Approximate total server time:   0.01 s
Approximate total client time:   0.02 s
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time => 0
    ok 1 - test tlsv1 with 1024bit anonymous DH, multiple handshakes
Doing handshakes=10 bytes=256
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
Approximate total server time:   0.04 s
Approximate total client time:   0.01 s
../../util/shlib_wrap.sh ../ssltest_old -v -bio_pair -tls1 -s_cert ../../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time => 0
    ok 2 - test tlsv1 with 1024bit RSA, no (EC)DHE, multiple handshakes
Doing handshakes=10 bytes=256
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
DONE via BIO pair: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
Approximate total server time:   0.03 s
Approximate total client time:   0.02 s
../../util/shlib_wrap.sh ../ssltest_old -v -bio_pair -tls1 -s_cert ../../apps/server2.pem -dhe1024dsa -num 10 -f -time => 0
    ok 3 - test tlsv1 with 1024bit RSA, 1024bit DHE, multiple handshakes
Doing handshakes=1 bytes=256
TLSv1, cipher TLSv1.0 ECDHE-PSK-AES256-CBC-SHA384, temp key: 253 bits X25519
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -tls1 -cipher PSK -psk abc123 => 0
    ok 4 - test tls1 with PSK
Doing handshakes=1 bytes=256
TLSv1, cipher TLSv1.0 ECDHE-PSK-AES256-CBC-SHA384, temp key: 253 bits X25519
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair -tls1 -cipher PSK -psk abc123 => 0
    ok 5 - test tls1 with PSK via BIO pair
ok 4 - RSA/(EC)DHE/PSK tests
# Subtest: Custom Extension tests
    1..1
Doing handshakes=1 bytes=256
TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair -tls1 -custom_ext => 0
    ok 1 - test tls1 with custom extensions
ok 5 - Custom Extension tests
# Subtest: Serverinfo tests
    1..5
    # echo test tls1 with serverinfo
Doing handshakes=1 bytes=256
TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair -tls1 -serverinfo_file ../serverinfo.pem => 0
    ok 1
Doing handshakes=1 bytes=256
TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair -tls1 -serverinfo_file ../serverinfo.pem -serverinfo_sct => 0
    ok 2
Doing handshakes=1 bytes=256
TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair -tls1 -serverinfo_file ../serverinfo.pem -serverinfo_tack => 0
    ok 3
Doing handshakes=1 bytes=256
TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair -tls1 -serverinfo_file ../serverinfo.pem -serverinfo_sct -serverinfo_tack => 0
    ok 4
Doing handshakes=1 bytes=256
TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bits RSA, temp key: 253 bits X25519, digest=MD5-SHA1
../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -bio_pair -tls1 -custom_ext -serverinfo_file ../serverinfo.pem -serverinfo_sct -serverinfo_tack => 0
    ok 5
ok 6 - Serverinfo tests
# Looks like you failed 1 test of 6.
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/6 subtests

Test Summary Report
-------------------
../test/recipes/80-test_ssl_old.t (Wstat: 256 Tests: 6 Failed: 1)
  Failed test:  2
  Non-zero exit status: 1
Files=1, Tests=6, 12 wallclock secs ( 0.04 usr  0.06 sys +  1.77 cusr  9.78 csys = 11.65 CPU)
Result: FAIL
*** Error 1 in . (Makefile:217 '_tests')
*** Error 1 in /home/ca/pd/security/openssl-1.1.1g (Makefile:205 'tests')
Reply | Threaded
Open this post in threaded view
|

Re: opensssl 1.1.1g test failure(s)

OpenSSL - User mailing list
Summary: The OpenSSL 1.1.1g test suite contains at least two bugs:

TestBug#1: Test suite fails if local network has no IPv6, error message
(non-
   verbose) doesn't say that's the issue.  [ Testing IPv6 makes sense,
rejecting
   regression tests on inadequate machines is important to avoid silent
failures,
   but not telling testers that a test precondition failed or which ones
is bad.
   ]

TestBug#2: Test suite uses ambiguous wording to report the index of
failed test.
   Should have said "Failed test indexes:  2" or "Failed test: #2" (latter
   needs to repeat "#" for each index listed)

On 21/04/2020 19:34, Claus Assmann wrote:

> On Tue, Apr 21, 2020, Benjamin Kaduk via openssl-users wrote:
>> On Tue, Apr 21, 2020 at 07:22:38PM +0200, Claus Assmann wrote:
>>> ../test/recipes/80-test_ssl_old.t ..................
>>> Dubious, test returned 1 (wstat 256, 0x100)
>> Please run again with `make V=1 TESTS=test_ssl_old test` and post the relevant parts of the output?
> Thanks for the reply, below is the output, It seems it only fails
> because the host doesn't support IPv6?
>
> make depend && make _tests
> ( cd test;  mkdir -p test-runs;  SRCTOP=../.  BLDTOP=../.  RESULT_D=test-runs  PERL="/usr/bin/perl"  EXE_EXT=  OPENSSL_ENGINES=`cd .././engines 2>/dev/null && pwd`  OPENSSL_DEBUG_MEMORY=on  /usr/bin/perl .././test/run_tests.pl test_ssl_old )
> ../test/recipes/80-test_ssl_old.t ..
> 1..6
> # Subtest: test_ss
>      1..17
...

> 0:error:0200E016:system library:setsockopt:Invalid argument:crypto/bio/b_sock2.c:255:
> 0:error:2008B088:BIO routines:BIO_listen:listen v6 only:crypto/bio/b_sock2.c:256:
> Doing handshakes=1 bytes=256
> TLSv1.3, cipher (NONE) (NONE)
> ../../util/shlib_wrap.sh ../ssltest_old -s_key keyU.ss -s_cert certU.ss -c_key keyU.ss -c_cert certU.ss -ipv6 => 1
>      not ok 13 - test TLS via IPv6
>      #   Failed test 'test TLS via IPv6'
>      #   at ../test/recipes/80-test_ssl_old.t line 390.
>      # Looks like you failed 1 test of 13.
> not ok 2 - standard SSL tests
> #   Failed test 'standard SSL tests'
> #   at /home/ca/pd/security/openssl-1.1.1g/test/../util/perl/OpenSSL/Test.pm line 1212.
...

> # Looks like you failed 1 test of 6.
> Dubious, test returned 1 (wstat 256, 0x100)
> Failed 1/6 subtests
>
> Test Summary Report
> -------------------
> ../test/recipes/80-test_ssl_old.t (Wstat: 256 Tests: 6 Failed: 1)
>    Failed test:  2
>    Non-zero exit status: 1
> Files=1, Tests=6, 12 wallclock secs ( 0.04 usr  0.06 sys +  1.77 cusr  9.78 csys = 11.65 CPU)
> Result: FAIL
> *** Error 1 in . (Makefile:217 '_tests')
> *** Error 1 in /home/ca/pd/security/openssl-1.1.1g (Makefile:205 'tests')


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  http://www.wisemo.com
Transformervej 29, 2860 Soborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

Reply | Threaded
Open this post in threaded view
|

Re: opensssl 1.1.1g test failure(s)

Matt Caswell-2
In reply to this post by Claus Assmann


On 21/04/2020 18:34, Claus Assmann wrote:
> Thanks for the reply, below is the output, It seems it only fails
> because the host doesn't support IPv6?

Yes - it does seem to be an IPv6 problem. I don't recall any recent
changes in this area. Were you successfully able to run the tests with
previous versions of OpenSSL?

Looks like the failing call is here:

        if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
                       (const void *)&on, sizeof(on)) != 0) {

To which we get an errno indicating "Invalid argument". So it looks like
your host has the relevant IPV6 macros defined (otherwise we would have
got a compilation failure) - but doesn't understand them when used.

If you're not using IPv6 on that host and this is the only test failure
then it can probably be safely ignored.

Matt
Reply | Threaded
Open this post in threaded view
|

Re: opensssl 1.1.1g test failure(s)

Kurt Roeckx
On Tue, Apr 21, 2020 at 10:49:25PM +0100, Matt Caswell wrote:
>
> Looks like the failing call is here:
>
>         if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
>                        (const void *)&on, sizeof(on)) != 0) {
>
> To which we get an errno indicating "Invalid argument". So it looks like
> your host has the relevant IPV6 macros defined (otherwise we would have
> got a compilation failure) - but doesn't understand them when used.

OpenBSD is really weird in this regard. They always use the
behavior of IPV6_V6ONLY set to on. But if you actually try to set
it on, they return an error. They should instead return an error
when you try to set it off.


Kurt

Reply | Threaded
Open this post in threaded view
|

Re: opensssl 1.1.1g test failure(s)

Michael Tuexen-4
In reply to this post by Matt Caswell-2
> On 21. Apr 2020, at 23:49, Matt Caswell <[hidden email]> wrote:
>
>
>
> On 21/04/2020 18:34, Claus Assmann wrote:
>> Thanks for the reply, below is the output, It seems it only fails
>> because the host doesn't support IPv6?
>
> Yes - it does seem to be an IPv6 problem. I don't recall any recent
> changes in this area. Were you successfully able to run the tests with
> previous versions of OpenSSL?
>
> Looks like the failing call is here:
>
>        if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
>                       (const void *)&on, sizeof(on)) != 0) {
Can you provide a pointer to the code?

Best regards
Michael
>
> To which we get an errno indicating "Invalid argument". So it looks like
> your host has the relevant IPV6 macros defined (otherwise we would have
> got a compilation failure) - but doesn't understand them when used.
>
> If you're not using IPv6 on that host and this is the only test failure
> then it can probably be safely ignored.
>
> Matt

Reply | Threaded
Open this post in threaded view
|

Re: opensssl 1.1.1g test failure(s)

OpenSSL - User mailing list
On 2020-04-21 18:45, Michael Tuexen wrote:

>> On 21. Apr 2020, at 23:49, Matt Caswell <[hidden email]> wrote:
>>
>>
>>
>> On 21/04/2020 18:34, Claus Assmann wrote:
>>> Thanks for the reply, below is the output, It seems it only fails
>>> because the host doesn't support IPv6?
>>
>> Yes - it does seem to be an IPv6 problem. I don't recall any recent
>> changes in this area. Were you successfully able to run the tests with
>> previous versions of OpenSSL?
>>
>> Looks like the failing call is here:
>>
>>         if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
>>                        (const void *)&on, sizeof(on)) != 0) {
> Can you provide a pointer to the code?
>
> Best regards
> Michael
>>
>> To which we get an errno indicating "Invalid argument". So it looks like
>> your host has the relevant IPV6 macros defined (otherwise we would have
>> got a compilation failure) - but doesn't understand them when used.
>>
>> If you're not using IPv6 on that host and this is the only test failure
>> then it can probably be safely ignored.
>>
>> Matt

Not sure what the complaints are however here on the most strict POSIX
risc environment with a really strict compiler :


.
.
.
All tests successful.
Files=155, Tests=1460, 1378 wallclock secs (10.52 usr  1.12 sys +
1251.44 cusr 53.76 csys = 1316.84 CPU)
Result: PASS
gmake[1]: Leaving directory
'/usr/local/build/openssl-1.1.1g_SunOS5.10_sparc64vii+.001'
alpha$
alpha$
alpha$ uname -a
SunOS alpha 5.10 Generic_150400-65 sun4u sparc SUNW,SPARC-Enterprise
alpha$
alpha$ psrinfo -pv
The physical processor has 2 virtual processors (2 3)
   SPARC64-VII+ (portid 1024 impl 0x7 ver 0xa1 clock 2860 MHz)
alpha$
alpha$ cc -V
cc: Studio 12.6 Sun C 5.15 SunOS_sparc 2017/05/30
alpha$
alpha$


--
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
GreyBeard and suspenders optional
Reply | Threaded
Open this post in threaded view
|

Re: opensssl 1.1.1g test failure(s)

Matt Caswell-2
In reply to this post by Michael Tuexen-4


On 21/04/2020 23:45, Michael Tuexen wrote:
>> Looks like the failing call is here:
>>
>>        if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
>>                       (const void *)&on, sizeof(on)) != 0) {
> Can you provide a pointer to the code?

Yes, its here:

https://github.com/openssl/openssl/blob/fa555aa8970260c3e198d91709b2d4b3e40f8fa8/crypto/bio/b_sock2.c#L267-L282

Matt
Reply | Threaded
Open this post in threaded view
|

Re: opensssl 1.1.1g test failure(s)

Claus Assmann
In reply to this post by Matt Caswell-2
On Tue, Apr 21, 2020, Matt Caswell wrote:

> changes in this area. Were you successfully able to run the tests with
> previous versions of OpenSSL?

It's the first time I compiled 1.1.1 on that host. Just to check I
tried 1.1.1d and it shows the same problem, so it's not a regression.
Reply | Threaded
Open this post in threaded view
|

Re: opensssl 1.1.1g test failure(s)

Michael Tuexen-4
In reply to this post by Matt Caswell-2
> On 22. Apr 2020, at 10:38, Matt Caswell <[hidden email]> wrote:
>
>
>
> On 21/04/2020 23:45, Michael Tuexen wrote:
>>> Looks like the failing call is here:
>>>
>>>       if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
>>>                      (const void *)&on, sizeof(on)) != 0) {
>> Can you provide a pointer to the code?
>
> Yes, its here:
>
> https://github.com/openssl/openssl/blob/fa555aa8970260c3e198d91709b2d4b3e40f8fa8/crypto/bio/b_sock2.c#L267-L282
OK. Thanks.

Could it be that on == 0, when you do the setsockopt() call? Disabling IPV6_V6ONLY seems not to be supported
on OpenBSD:

From sys/netinet6/ip6_output.c:

                        case IPV6_V6ONLY:
                                /*
                                 * make setsockopt(IPV6_V6ONLY)
                                 * available only prior to bind(2).
                                 * see ipng mailing list, Jun 22 2001.
                                 */
                                if (inp->inp_lport ||
                                    !IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6)) {
                                        error = EINVAL;
                                        break;
                                }
                                /* No support for IPv4-mapped addresses. */
                                if (!optval)
                                        error = EINVAL;
                                else
                                        error = 0;
                                break;


I don't see a bug in OpenBSD here, or a strange behaviour. OpenBSD just does not support mapped addresses.

Best regards
Michael
>
> Matt

Reply | Threaded
Open this post in threaded view
|

Re: opensssl 1.1.1g test failure(s)

Kurt Roeckx
On Wed, Apr 22, 2020 at 11:02:47AM +0200, Michael Tuexen wrote:

> > On 22. Apr 2020, at 10:38, Matt Caswell <[hidden email]> wrote:
> >
> >
> >
> > On 21/04/2020 23:45, Michael Tuexen wrote:
> >>> Looks like the failing call is here:
> >>>
> >>>       if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
> >>>                      (const void *)&on, sizeof(on)) != 0) {
> >> Can you provide a pointer to the code?
> >
> > Yes, its here:
> >
> > https://github.com/openssl/openssl/blob/fa555aa8970260c3e198d91709b2d4b3e40f8fa8/crypto/bio/b_sock2.c#L267-L282
> OK. Thanks.
>
> Could it be that on == 0, when you do the setsockopt() call? Disabling IPV6_V6ONLY seems not to be supported
> on OpenBSD:

Yes:
    if (BIO_ADDR_family(addr) == AF_INET6) {
        /*
         * Note: Windows default of IPV6_V6ONLY is ON, and Linux is OFF.
         * Therefore we always have to use setsockopt here.
         */
        on = options & BIO_SOCK_V6_ONLY ? 1 : 0;
        if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
                       (const void *)&on, sizeof(on)) != 0) {

So something is calling BIO_listen without setting BIO_SOCK_V6_ONLY
in options. All calling functions really should set BIO_SOCK_V6_ONLY
if they actually support multiple sockets, and they should.


Kurt