File openssl-1.0.1e-add-test-suse-default-cipher-suite.patch of Package openssl.11276

Index: openssl-1.0.1i-old/test/testssl
===================================================================
--- openssl-1.0.1i-old.orig/test/testssl	2014-08-06 23:10:56.000000000 +0200
+++ openssl-1.0.1i-old/test/testssl	2017-11-03 12:16:47.943862217 +0100
@@ -136,6 +136,33 @@ for protocol in TLSv1.2 SSLv3; do
   done
 done
 
+echo "Testing default ciphersuites"
+
+for cipher_suite in DEFAULT_SUSE DEFAULT; do
+    ../util/shlib_wrap.sh ../apps/openssl ciphers $cipher_suite
+    if [ $? -ne 0 ]; then
+        echo "Failed default ciphersuite $cipher_suite"
+        exit 1
+    fi
+done
+
+echo "Testing if MD5, DES and RC4 are excluded from DEFAULT_SUSE cipher suite"
+../util/shlib_wrap.sh ../apps/openssl ciphers DEFAULT_SUSE | grep "MD5\|RC4\|DES-[^CBC3]" 
+
+if [ $? -ne 1 ];then
+    echo "weak ciphers are present on DEFAULT_SUSE cipher suite"
+    exit 1
+fi
+ 
+echo "Testing if ECDSA ciphers are included in DEFAULT_SUSE cipher suite"
+../util/shlib_wrap.sh ../apps/openssl ciphers -v DEFAULT_SUSE | grep "ECDSA"
+
+if [ $? -ne 0 ];then
+    echo "ECDSA is not present in DEFAULT_SUSE cipher suite"
+    exit 1
+fi
+
+
 #############################################################################
 
 if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
openSUSE Build Service is sponsored by