forked from wolfSSL/wolfssl
changes post review
crl-revoked dash compliant. revoked-cert has unique fields new print statements
This commit is contained in:
kaleb-himes
@@ -1,35 +1,36 @@
|
||||
#!/bin/bash
|
||||
#!/bin/sh
|
||||
|
||||
#crl.test
|
||||
|
||||
log_file="scripts/client_result.txt"
|
||||
success_line="err = -361, CRL Cert revoked"
|
||||
exit_code=-1
|
||||
|
||||
revocation_code="-361"
|
||||
exit_code=1
|
||||
counter=0
|
||||
crl_port=11113
|
||||
#no_pid tells us process was never started if -1
|
||||
no_pid=-1
|
||||
#server_pid captured on startup, stores the id of the server process
|
||||
server_pid=$no_pid
|
||||
|
||||
function remove_ready_file() {
|
||||
remove_ready_file() {
|
||||
if test -e /tmp/wolfssl_server_ready; then
|
||||
echo -e "removing exisitng server_ready file"
|
||||
rm /tmp/wolfssl_server_ready
|
||||
fi
|
||||
}
|
||||
|
||||
function remove_log_file() {
|
||||
if test -e $log_file; then
|
||||
echo -e "removing client log file"
|
||||
rm $log_file
|
||||
fi
|
||||
}
|
||||
|
||||
# trap this function so if user aborts with ^C or other kill signal we still
|
||||
# get an exit that will in turn clean up the file system
|
||||
function abort_trap() {
|
||||
exit_code=-2 #different exit code in case of user interrupt
|
||||
abort_trap() {
|
||||
echo "script aborted"
|
||||
|
||||
if [ $server_pid != $no_pid ]
|
||||
then
|
||||
echo "killing server"
|
||||
kill -9 $server_pid
|
||||
fi
|
||||
|
||||
exit_code=2 #different exit code in case of user interrupt
|
||||
|
||||
echo "got abort signal, exiting with $exit_code"
|
||||
exit $exit_code
|
||||
}
|
||||
@@ -39,20 +40,12 @@ trap abort_trap INT TERM
|
||||
# trap this function so that if we exit on an error the file system will still
|
||||
# be restored and the other tests may still pass. Never call this function
|
||||
# instead use "exit <some value>" and this function will run automatically
|
||||
function restore_file_system() {
|
||||
echo "in cleanup"
|
||||
|
||||
if [ $server_pid != $no_pid ]
|
||||
then
|
||||
echo "killing server"
|
||||
kill -9 $server_pid
|
||||
fi
|
||||
restore_file_system() {
|
||||
remove_ready_file
|
||||
remove_log_file
|
||||
}
|
||||
trap restore_file_system EXIT
|
||||
|
||||
function run_test() {
|
||||
run_test() {
|
||||
echo -e "\nStarting example server for crl test...\n"
|
||||
|
||||
remove_ready_file
|
||||
@@ -60,28 +53,42 @@ function run_test() {
|
||||
# starts the server on crl_port, -R generates ready file to be used as a
|
||||
# mutex lock, -c loads the revoked certificate. We capture the processid
|
||||
# into the variable server_pid
|
||||
./examples/server/server -R -p $crl_port -c certs/server-revoked-cert.pem &
|
||||
./examples/server/server -R -p $crl_port -c certs/server-revoked-cert.pem \
|
||||
-k certs/server-revoked-key.pem &
|
||||
server_pid=$!
|
||||
|
||||
while [ ! -s /tmp/wolfssl_server_ready ]; do
|
||||
while [ ! -s /tmp/wolfssl_server_ready -a "$counter" -lt 20 ]; do
|
||||
echo -e "waiting for server_ready file..."
|
||||
sleep 0.1
|
||||
counter=$((counter+ 1))
|
||||
done
|
||||
|
||||
# starts client on crl_port and redirects output to log_file
|
||||
./examples/client/client -p $crl_port &> $log_file
|
||||
# starts client on crl_port and captures the output from client
|
||||
capture_out=$(./examples/client/client -p $crl_port 2>&1)
|
||||
client_result=$?
|
||||
|
||||
if test -e $log_file
|
||||
then
|
||||
while read line;
|
||||
do
|
||||
if [[ "x$success_line" == "x$line" ]]
|
||||
then
|
||||
echo "Successful Revocation!!!!"
|
||||
fi
|
||||
done < $log_file
|
||||
fi
|
||||
wait $server_pid
|
||||
server_result=$?
|
||||
|
||||
# look up wild-card match
|
||||
# read about "job control"
|
||||
case "$capture_out" in
|
||||
*$revocation_code*)
|
||||
# only exit with zero on detection of the expected error code
|
||||
echo ""
|
||||
echo "Successful Revocation!!!!"
|
||||
echo ""
|
||||
exit_code=0
|
||||
echo "exiting with $exit_code"
|
||||
exit $exit_code
|
||||
;;
|
||||
*)
|
||||
echo ""
|
||||
echo "Certificate was not revoked saw this instead: $capture_out"
|
||||
echo ""
|
||||
echo "configure with --enable-crl and run this script again"
|
||||
echo ""
|
||||
esac
|
||||
}
|
||||
|
||||
|
||||
@@ -89,7 +96,8 @@ function run_test() {
|
||||
|
||||
# run the test
|
||||
run_test
|
||||
exit_code=0
|
||||
echo "exiting with $exit_code"
|
||||
|
||||
# If we get to this exit, exit_code will be a -1 signaling failure
|
||||
echo "exiting with $exit_code certificate was not revoked"
|
||||
exit $exit_code
|
||||
########## end program ##########
|
||||
+7
-3
@@ -10,14 +10,18 @@ endif
|
||||
|
||||
if BUILD_EXAMPLES
|
||||
dist_noinst_SCRIPTS+= scripts/resume.test
|
||||
|
||||
if BUILD_CRL
|
||||
# make revoked test rely on completion of resume test
|
||||
dist_noinst_SCRIPTS+= scripts/crl-revoked.test
|
||||
scripts/crl-revoked.log: scripts/resume.log
|
||||
endif
|
||||
|
||||
if !BUILD_IPV6
|
||||
dist_noinst_SCRIPTS+= scripts/external.test
|
||||
dist_noinst_SCRIPTS+= scripts/google.test
|
||||
endif
|
||||
endif
|
||||
|
||||
if BUILD_CRL
|
||||
dist_noinst_SCRIPTS+= scripts/crl.test
|
||||
endif
|
||||
|
||||
EXTRA_DIST += scripts/testsuite.pcap
|
||||
|
||||
Reference in New Issue
Block a user