Search
j0ke.net Open Build Service
>
Projects
>
home:netmax
:
monitoring
>
openssl1
> openssl-1.0.1e-add-test-suse-default-cipher-suite.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File openssl-1.0.1e-add-test-suse-default-cipher-suite.patch of Package openssl1
Index: openssl-1.0.1i-old/test/testssl =================================================================== --- openssl-1.0.1i-old.orig/test/testssl 2014-08-06 23:10:56.000000000 +0200 +++ openssl-1.0.1i-old/test/testssl 2017-11-03 12:16:47.943862217 +0100 @@ -136,6 +136,33 @@ for protocol in TLSv1.2 SSLv3; do done done +echo "Testing default ciphersuites" + +for cipher_suite in DEFAULT_SUSE DEFAULT; do + ../util/shlib_wrap.sh ../apps/openssl ciphers $cipher_suite + if [ $? -ne 0 ]; then + echo "Failed default ciphersuite $cipher_suite" + exit 1 + fi +done + +echo "Testing if MD5, DES and RC4 are excluded from DEFAULT_SUSE cipher suite" +../util/shlib_wrap.sh ../apps/openssl ciphers DEFAULT_SUSE | grep "MD5\|RC4\|DES-[^CBC3]" + +if [ $? -ne 1 ];then + echo "weak ciphers are present on DEFAULT_SUSE cipher suite" + exit 1 +fi + +echo "Testing if ECDSA ciphers are included in DEFAULT_SUSE cipher suite" +../util/shlib_wrap.sh ../apps/openssl ciphers -v DEFAULT_SUSE | grep "ECDSA" + +if [ $? -ne 0 ];then + echo "ECDSA is not present in DEFAULT_SUSE cipher suite" + exit 1 +fi + + ############################################################################# if ../util/shlib_wrap.sh ../apps/openssl no-dh; then