commit c0cbb4c19bb6e22b338dd17c096be323f7414faf
author Richard Levitte <levitte@openssl.org> Mon Aug 10 10:46:27 2015 +0100
committer Matt Caswell <matt@openssl.org> Tue Aug 11 20:27:46 2015 +0100
tree fb69e70b5e3cfd36962384657ed3796dc6ca8480
parent c2a34c58f56980b80f034e8295210146b5c247c3

Use dynamic engine for libssl test harness

Use a dynamic engine for ossltest engine so that we can build it without
subsequently deploying it during install. We do not want people accidentally
using this engine.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

engines/Makefile

diff --git a/engines/Makefile b/engines/Makefile
index c0b7c03..8b9e38b 100644
--- a/engines/Makefile
+++ b/engines/Makefile
@@ -31,20 +31,21 @@
 GENERAL=Makefile engines.com install.com engine_vector.mar
 
 LIB=$(TOP)/libcrypto.a
-LIBNAMES= 4758cca gmp padlock capi ossltest
-
+LIBNAMES= 4758cca gmp padlock capi
 LIBSRC=	e_4758cca.c \
 	e_gmp.c \
 	e_padlock.c \
-	e_capi.c \
-	e_ossltest.c
+	e_capi.c
 LIBOBJ= e_4758cca.o \
 	e_gmp.o \
 	e_padlock.o \
 	e_capi.o \
-	e_ossltest.o \
 	$(ENGINES_ASM_OBJ)
 
+TESTLIBNAMES= ossltest
+TESTLIBSRC= e_ossltest.c
+TESTLIBOBJ= e_ossltest.o
+
 SRC= $(LIBSRC)
 
 HEADER=	e_4758cca_err.c e_4758cca_err.h \
@@ -63,10 +64,10 @@
 
 all:	lib subdirs
 
-lib:	$(LIBOBJ)
+lib:	$(LIBOBJ) $(TESTLIBOBJ)
 	@if [ -n "$(SHARED_LIBS)" ]; then \
 		set -e; \
-		for l in $(LIBNAMES); do \
+		for l in $(LIBNAMES) $(TESTLIBNAMES); do \
 			$(MAKE) -f ../Makefile.shared -e \
 				LIBNAME=$$l LIBEXTRAS="e_$$l*.o" \
 				LIBDEPS='-L.. -lcrypto $(EX_LIBS)' \
@@ -145,7 +146,7 @@
 	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
 	@[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
 local_depend:
-	@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+	@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(TESTLIBSRC)
 
 dclean:
 	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new

engines/e_ossltest.c

diff --git a/engines/e_ossltest.c b/engines/e_ossltest.c
index 689e532..6e50a5f 100644
--- a/engines/e_ossltest.c
+++ b/engines/e_ossltest.c
@@ -257,7 +257,7 @@
     return 1;
 }
 
-#ifdef ENGINE_DYNAMIC_SUPPORT
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
 static int bind_helper(ENGINE *e, const char *id)
 {
     if (id && (strcmp(id, engine_ossltest_id) != 0))
@@ -269,7 +269,8 @@
 
 IMPLEMENT_DYNAMIC_CHECK_FN()
     IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
-#else
+#endif
+
 static ENGINE *engine_ossltest(void)
 {
     ENGINE *ret = ENGINE_new();
@@ -292,7 +293,6 @@
     ENGINE_free(toadd);
     ERR_clear_error();
 }
-#endif
 
 
 static int ossltest_init(ENGINE *e)

test/Makefile

diff --git a/test/Makefile b/test/Makefile
index 5cd024a..31b3796 100644
--- a/test/Makefile
+++ b/test/Makefile
@@ -424,15 +424,18 @@
 #OPENSSL_ia32cap=... in ssl tests below ensures AES-NI is switched off (AES-NI does not go through the testmode engine)
 test_sslvertol: ../apps/openssl$(EXE_EXT)
 	@echo $(START) $@
-	PERL5LIB=$$PERL5LIB:../util ../util/shlib_wrap.sh ./$(SSLVERTOLTEST) "OPENSSL_ia32cap='~0x200000200000000' ../apps/openssl$(EXE_EXT)" ../apps/server.pem
+	[ -z "$(SHARED_LIBS)" ] || PERL5LIB=$$PERL5LIB:../util OPENSSL_ENGINES=../engines ../util/shlib_wrap.sh ./$(SSLVERTOLTEST) "OPENSSL_ia32cap='~0x200000200000000' ../apps/openssl$(EXE_EXT)" ../apps/server.pem
+	@[ -n "$(SHARED_LIBS)" ] || echo test_sslvertol can only be performed with OpenSSL configured shared
 
 test_sslextension: ../apps/openssl$(EXE_EXT)
 	@echo $(START) $@
-	PERL5LIB=$$PERL5LIB:../util ../util/shlib_wrap.sh ./$(SSLEXTENSIONTEST) "OPENSSL_ia32cap='~0x200000200000000' ../apps/openssl$(EXE_EXT)" ../apps/server.pem
+	[ -z "$(SHARED_LIBS)" ] || PERL5LIB=$$PERL5LIB:../util OPENSSL_ENGINES=../engines ../util/shlib_wrap.sh ./$(SSLEXTENSIONTEST) "OPENSSL_ia32cap='~0x200000200000000' ../apps/openssl$(EXE_EXT)" ../apps/server.pem
+	@[ -n "$(SHARED_LIBS)" ] || echo test_sslextension can only be performed with OpenSSL configured shared
 
 test_sslskewith0p: ../apps/openssl$(EXE_EXT)
 	@echo $(START) $@
-	PERL5LIB=$$PERL5LIB:../util ../util/shlib_wrap.sh ./$(SSLSKEWITH0PTEST) "OPENSSL_ia32cap='~0x200000200000000' ../apps/openssl$(EXE_EXT)" ../apps/server.pem
+	[ -z "$(SHARED_LIBS)" ] || PERL5LIB=$$PERL5LIB:../util OPENSSL_ENGINES=../engines ../util/shlib_wrap.sh ./$(SSLSKEWITH0PTEST) "OPENSSL_ia32cap='~0x200000200000000' ../apps/openssl$(EXE_EXT)" ../apps/server.pem
+	@[ -n "$(SHARED_LIBS)" ] || echo test_sslskewith0p can only be performed with OpenSSL configured shared
 
 update: local_depend
 	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi

util/TLSProxy/Proxy.pm

diff --git a/util/TLSProxy/Proxy.pm b/util/TLSProxy/Proxy.pm
index 8c4f55d..c033c29 100644
--- a/util/TLSProxy/Proxy.pm
+++ b/util/TLSProxy/Proxy.pm
@@ -130,7 +130,7 @@
         open(STDOUT, ">", File::Spec->devnull())
             or die "Failed to redirect stdout";
         open(STDERR, ">&STDOUT");
-        my $execcmd = $self->execute." s_server -testmode -accept "
+        my $execcmd = $self->execute." s_server -engine ossltest -accept "
             .($self->server_port)
             ." -cert ".$self->cert." -naccept 1";
         if ($self->ciphers ne "") {
@@ -167,7 +167,7 @@
                 or die "Failed to redirect stdout";
             open(STDERR, ">&STDOUT");
             my $execcmd = $self->execute
-                 ." s_client -testmode -connect "
+                 ." s_client -engine ossltest -connect "
                  .($self->proxy_addr).":".($self->proxy_port);
             if ($self->cipherc ne "") {
                 $execcmd .= " -cipher ".$self->cipherc;