feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #4108 from elms/fix/scripts/paths_w_spaces

Browse Source 
tests: fix test scripts for paths with spaces
This commit is contained in:
David Garske
2021-06-15 08:18:08 -07:00
committed by GitHub
parent cce96f5fe6 9ae021d2cb
commit a9515b80eb
11 changed files with 173 additions and 173 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
scripts/crl-revoked.test
View File

@ -29,9 +29,9 @@ server_pid=$no_pid
ready_file=`pwd`/wolfssl_crl_ready$$
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "removing existing ready file"
rm $ready_file
rm "$ready_file"
fi
}
@ -70,12 +70,12 @@ run_test() {
# starts the server on crl_port, -R generates ready file to be used as a
# mutex lock, -c loads the revoked certificate. We capture the processid
# into the variable server_pid
./examples/server/server -R $ready_file -p $crl_port \
./examples/server/server -R "$ready_file" -p $crl_port \
-c ${CERT_DIR}/server-revoked-cert.pem \
-k ${CERT_DIR}/server-revoked-key.pem &
server_pid=$!
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
echo -e "waiting for ready file..."
sleep 0.1
counter=$((counter+ 1))
@ -84,7 +84,7 @@ run_test() {
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
sleep 0.1
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "found ready file, starting client..."
else
echo -e "NO ready file ending test..."
@ -92,7 +92,7 @@ run_test() {
fi
# get created port 0 ephemeral port
crl_port="$(cat $ready_file)"
crl_port="$(cat "$ready_file")"
# starts client on crl_port and captures the output from client
capture_out=$(./examples/client/client -p $crl_port 2>&1)
@ -147,18 +147,18 @@ run_hashdir_test() {
# starts the server on crl_port, -R generates ready file to be used as a
# mutex lock, -c loads the revoked certificate. We capture the processid
# into the variable server_pid
./examples/server/server -R $ready_file -p $crl_port \
./examples/server/server -R "$ready_file" -p $crl_port \
-c ${CERT_DIR}/server-revoked-cert.pem \
-k ${CERT_DIR}/server-revoked-key.pem &
server_pid=$!
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
echo -e "waiting for ready file..."
sleep 0.1
counter=$((counter+ 1))
done
# get created port 0 ephemeral port
crl_port="$(cat $ready_file)"
crl_port="$(cat "$ready_file")"
# starts client on crl_port and captures the output from client
capture_out=$(./examples/client/client -p $crl_port -9 2>&1)

2
scripts/external.test
View File

@ -34,7 +34,7 @@ if [ $? -ne 0 ]; then
fi
# is our desired server there?
${SCRIPT_DIR}/ping.test $server 2
"${SCRIPT_DIR}"/ping.test $server 2
RESULT=$?
[ $RESULT -ne 0 ] && exit 0

40
scripts/ocsp-stapling-with-ca-as-responder.test
View File

@ -43,7 +43,7 @@ CERT_DIR="certs/ocsp"
ready_file="${WORKSPACE}"/wolf_ocsp_s1_readyF$$
ready_file2="${WORKSPACE}"/wolf_ocsp_s1_readyF2$$
printf '%s\n' "ready files: $ready_file $ready_file2"
printf '%s\n' "ready files: \"$ready_file\" \"$ready_file2\""
test_cnf="ocsp_s_w_ca_a_r.cnf"
@ -51,7 +51,7 @@ wait_for_readyFile(){
counter=0
while [ ! -s $1 -a "$counter" -lt 20 ]; do
while [ ! -s "$1" -a "$counter" -lt 20 ]; do
if [[ -n "${2-}" ]]; then
if ! kill -0 $2 2>&-; then
echo "pid $2 for port ${3-} exited before creating ready file. bailing..."
@ -63,19 +63,19 @@ wait_for_readyFile(){
counter=$((counter+ 1))
done
if test -e $1; then
if test -e "$1"; then
echo -e "found ready file, starting client..."
else
echo -e "NO ready file at $1 -- ending test..."
echo -e "NO ready file at \"$1\" -- ending test..."
exit 1
fi
}
remove_single_rF(){
if test -e $1; then
printf '%s\n' "removing ready file: $1"
rm $1
if test -e "$1"; then
printf '%s\n' "removing ready file: \"$1\""
rm "$1"
fi
}
@ -135,13 +135,13 @@ create_new_cnf() {
}
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
printf '%s\n' "removing ready file"
rm $ready_file
rm "$ready_file"
fi
if test -e $ready_file2; then
printf '%s\n' "removing ready file: $ready_file2"
rm $ready_file2
if test -e "$ready_file2"; then
printf '%s\n' "removing ready file: \"$ready_file2\""
rm "$ready_file2"
fi
}
@ -197,10 +197,10 @@ port2=$(get_first_free_port $((port1 + 1)))
# create a port to use with openssl ocsp responder
./examples/server/server -R $ready_file -p $port1 &
./examples/server/server -R "$ready_file" -p $port1 &
wolf_pid=$!
wait_for_readyFile $ready_file $wolf_pid $port1
if [ ! -f $ready_file ]; then
wait_for_readyFile "$ready_file" $wolf_pid $port1
if [ ! -f "$ready_file" ]; then
printf '%s\n' "Failed to create ready file: \"$ready_file\""
exit 1
else
@ -240,10 +240,10 @@ sleep 0.1
printf '%s\n\n' "------------- TEST CASE 1 SHOULD PASS ------------------------"
# client test against our own server - GOOD CERT
./examples/server/server -c certs/ocsp/server1-cert.pem \
-k certs/ocsp/server1-key.pem -R $ready_file2 \
-k certs/ocsp/server1-key.pem -R "$ready_file2" \
-p $port2 &
wolf_pid2=$!
wait_for_readyFile $ready_file2 $wolf_pid2 $port2
wait_for_readyFile "$ready_file2" $wolf_pid2 $port2
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 \
-p $port2
RESULT=$?
@ -252,12 +252,12 @@ printf '%s\n\n' "Test PASSED!"
printf '%s\n\n' "------------- TEST CASE 2 SHOULD REVOKE ----------------------"
# client test against our own server - REVOKED CERT
remove_single_rF $ready_file2
remove_single_rF "$ready_file2"
./examples/server/server -c certs/ocsp/server2-cert.pem \
-k certs/ocsp/server2-key.pem -R $ready_file2 \
-k certs/ocsp/server2-key.pem -R "$ready_file2" \
-p $port2 &
wolf_pid2=$!
wait_for_readyFile $ready_file2 $wolf_pid2 $port2
wait_for_readyFile "$ready_file2" $wolf_pid2 $port2
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 \
-p $port2
RESULT=$?

72
scripts/ocsp-stapling.test
View File

@ -60,7 +60,7 @@ ln -s ../examples
CERT_DIR="./certs/ocsp"
ready_file="$WORKSPACE"/wolf_ocsp_s1_readyF$$
ready_file2="$WORKSPACE"/wolf_ocsp_s1_readyF2$$
printf '%s\n' "ready file: $ready_file"
printf '%s\n' "ready file: \"$ready_file\""
test_cnf="ocsp_s1.cnf"
@ -68,7 +68,7 @@ wait_for_readyFile(){
counter=0
while [ ! -s $1 -a "$counter" -lt 20 ]; do
while [ ! -s "$1" -a "$counter" -lt 20 ]; do
if [[ -n "${2-}" ]]; then
if ! kill -0 $2 2>&-; then
echo "pid $2 for port ${3-} exited before creating ready file. bailing..."
@ -80,19 +80,19 @@ wait_for_readyFile(){
counter=$((counter+ 1))
done
if test -e $1; then
if test -e "$1"; then
echo -e "found ready file, starting client..."
else
echo -e "NO ready file at $1 -- ending test..."
echo -e "NO ready file at \"$1\" -- ending test..."
exit 1
fi
}
remove_single_rF(){
if test -e $1; then
printf '%s\n' "removing ready file: $1"
rm $1
if test -e "$1"; then
printf '%s\n' "removing ready file: \"$1\""
rm "$1"
fi
}
@ -148,17 +148,17 @@ create_new_cnf() {
CURR_LOC="$PWD"
printf '%s\n' "echo now in $CURR_LOC"
./renewcerts-for-test.sh $test_cnf
cd $WORKSPACE
cd "$WORKSPACE"
}
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
printf '%s\n' "removing ready file"
rm $ready_file
rm "$ready_file"
fi
if test -e $ready_file2; then
printf '%s\n' "removing ready file: $ready_file2"
rm $ready_file2
if test -e "$ready_file2"; then
printf '%s\n' "removing ready file: \"$ready_file2\""
rm "$ready_file2"
fi
}
@ -227,11 +227,11 @@ port3=$(get_first_free_port $((port2 + 1)))
# test interop fail case
ready_file=$PWD/wolf_ocsp_readyF$$
printf '%s\n' "ready file: $ready_file"
./examples/server/server -b -p $port1 -o -R $ready_file &
printf '%s\n' "ready file: \"$ready_file\""
./examples/server/server -b -p $port1 -o -R "$ready_file" &
wolf_pid=$!
wait_for_readyFile $ready_file $wolf_pid $port1
if [ ! -f $ready_file ]; then
wait_for_readyFile "$ready_file" $wolf_pid $port1
if [ ! -f "$ready_file" ]; then
printf '%s\n' "Failed to create ready file: \"$ready_file\""
exit 1
else
@ -239,10 +239,10 @@ else
echo "hi" | openssl s_client -status $V4V6_FLAG -connect ${LOCALHOST}:$port1 -cert ./certs/client-cert.pem -key ./certs/client-key.pem -CAfile ./certs/ocsp/root-ca-cert.pem 2>&1 | tee /dev/stderr | fgrep -q 'self signed certificate in certificate chain'
if [ $? -neq 0 ]; then
printf '%s\n' "Expected verification error from s_client is missing."
remove_single_rF $ready_file
remove_single_rF "$ready_file"
exit 1
fi
remove_single_rF $ready_file
remove_single_rF "$ready_file"
wait $wolf_pid
if [ $? -ne 1 ]; then
printf '%s\n' "wolfSSL server unexpected fail value"
@ -252,10 +252,10 @@ fi
# create a port to use with openssl ocsp responder
./examples/server/server -b -p $port2 -R $ready_file &
./examples/server/server -b -p $port2 -R "$ready_file" &
wolf_pid2=$!
wait_for_readyFile $ready_file $wolf_pid2 $port2
if [ ! -f $ready_file ]; then
wait_for_readyFile "$ready_file" $wolf_pid2 $port2
if [ ! -f "$ready_file" ]; then
printf '%s\n' "Failed to create ready file: \"$ready_file\""
exit 1
else
@ -307,10 +307,10 @@ sleep 0.1
printf '%s\n\n' "------------- TEST CASE 1 SHOULD PASS ------------------------"
# client test against our own server - GOOD CERT
./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file2 \
./examples/server/server -c certs/ocsp/server1-cert.pem -R "$ready_file2" \
-k certs/ocsp/server1-key.pem -p $port3 &
wolf_pid3=$!
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -p $port3
RESULT=$?
[ $RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection 1 failed" && exit 1
@ -318,11 +318,11 @@ printf '%s\n\n' "Test PASSED!"
printf '%s\n\n' "------------- TEST CASE 2 SHOULD REVOKE ----------------------"
# client test against our own server - REVOKED CERT
remove_single_rF $ready_file2
./examples/server/server -c certs/ocsp/server2-cert.pem -R $ready_file2 \
remove_single_rF "$ready_file2"
./examples/server/server -c certs/ocsp/server2-cert.pem -R "$ready_file2" \
-k certs/ocsp/server2-key.pem -p $port3 &
wolf_pid3=$!
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
sleep 0.1
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -p $port3
RESULT=$?
@ -335,12 +335,12 @@ printf '%s\n\n' "Test successfully REVOKED!"
if [ $? -ne 0 ]; then
printf '%s\n\n' "------------- TEST CASE 3 SHOULD PASS --------------------"
# client test against our own server - GOOD CERT
remove_single_rF $ready_file2
./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file2 \
remove_single_rF "$ready_file2"
./examples/server/server -c certs/ocsp/server1-cert.pem -R "$ready_file2" \
-k certs/ocsp/server1-key.pem -v 4 \
-p $port3 &
wolf_pid3=$!
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -v 4 -F 1 \
-p $port3
RESULT=$?
@ -349,12 +349,12 @@ if [ $? -ne 0 ]; then
printf '%s\n\n' "------------- TEST CASE 4 SHOULD PASS --------------------"
# client test against our own server, must staple - GOOD CERT
remove_single_rF $ready_file2
./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file2 \
remove_single_rF "$ready_file2"
./examples/server/server -c certs/ocsp/server1-cert.pem -R "$ready_file2" \
-k certs/ocsp/server1-key.pem -v 4 \
-p $port3 &
wolf_pid3=$!
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1m -v 4 -F 1 \
-p $port3
RESULT=$?
@ -363,12 +363,12 @@ if [ $? -ne 0 ]; then
printf '%s\n\n' "------------- TEST CASE 5 SHOULD REVOKE ------------------"
# client test against our own server - REVOKED CERT
remove_single_rF $ready_file2
./examples/server/server -c certs/ocsp/server2-cert.pem -R $ready_file2 \
remove_single_rF "$ready_file2"
./examples/server/server -c certs/ocsp/server2-cert.pem -R "$ready_file2" \
-k certs/ocsp/server2-key.pem -v 4 \
-p $port3 &
wolf_pid3=$!
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -v 4 -F 1 \
-p $port3
RESULT=$?

6
scripts/ocsp.test
View File

@ -27,7 +27,7 @@ if [ "$OUTPUT" = "SNI is: ON" ]; then
printf '\n\n%s\n\n' "SNI is on, proceed with globalsign test"
# is our desired server there?
${SCRIPT_DIR}/ping.test $server 2
"${SCRIPT_DIR}/ping.test" $server 2
RESULT=$?
if [ $RESULT -ne 0 ]; then
GL_UNREACHABLE=1
@ -35,7 +35,7 @@ if [ "$OUTPUT" = "SNI is: ON" ]; then
if [ $RESULT -eq 0 ]; then
# client test against the server
./examples/client/client -X -C -h $server -p 443 -A $ca -g -o -N -v d -S $server
./examples/client/client -X -C -h $server -p 443 -A "$ca" -g -o -N -v d -S $server
GL_RESULT=$?
[ $GL_RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection failed"
else
@ -54,7 +54,7 @@ ${SCRIPT_DIR}/ping.test $server 2
RESULT=$?
if [ $RESULT -eq 0 ]; then
# client test against the server
./examples/client/client -X -C -h $server -p 443 -A $ca -g -o -N
./examples/client/client -X -C -h $server -p 443 -A "$ca" -g -o -N
GR_RESULT=$?
[ $GR_RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection failed"
else

42
scripts/openssl.test
View File

@ -161,11 +161,11 @@ start_openssl_server() {
if [ "$cert_file" != "" ]
then
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert \"$cert_file\" -key \"$key_file\" -quiet -CAfile \"$ca_file\" -www -dhparam \"${CERT_DIR}/dh2048.pem\" -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert "$cert_file" -key "$key_file" -quiet -CAfile "$ca_file" -www -dhparam "${CERT_DIR}/dh2048.pem" -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
else
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam \"${CERT_DIR}/dh2048.pem\" -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam "${CERT_DIR}/dh2048.pem" -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
fi
server_pid=$!
# wait to see if s_server successfully starts before continuing
@ -229,8 +229,8 @@ start_wolfssl_server() {
echo -e "\n# Trying to start $wolfssl_suite wolfSSL server on port $server_port..."
echo "#"
echo "# $WOLFSSL_SERVER -p $server_port $wolfssl_cert $wolfssl_key $wolfssl_caCert -g -v d -x -i $psk $crl -l ALL"
$WOLFSSL_SERVER -p $server_port $wolfssl_cert $wolfssl_key $wolfssl_caCert -g -v d -x -i $psk $crl -l ALL &
echo "# $WOLFSSL_SERVER -p $server_port -g -v d -x -i $psk $crl -l ALL \"$wolfssl_cert\" \"$wolfssl_key\" \"$wolfssl_caCert\""
$WOLFSSL_SERVER -p $server_port -g -v d -x -i $psk $crl -l ALL "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" &
server_pid=$!
# wait to see if server successfully starts before continuing
sleep 0.1
@ -316,13 +316,13 @@ do_wolfssl_client() {
if [ "$version" != "5" -a "$version" != "" ]
then
echo "#"
echo "# $WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite -v $version $psk $adh $wolfssl_cert $wolfssl_key $wolfssl_caCert $crl"
$WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite -v $version $psk $adh $wolfssl_cert $wolfssl_key $wolfssl_caCert $crl
echo "# $WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite -v $version $psk $adh "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" $crl"
$WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite -v $version $psk $adh "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" $crl
else
echo "#"
echo "# $WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite $psk $adh $wolfssl_cert $wolfssl_key $wolfssl_caCert $crl"
echo "# $WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite $psk $adh "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" $crl"
# do all versions
$WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite $psk $adh $wolfssl_cert $wolfssl_key $wolfssl_caCert $crl
$WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite $psk $adh "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" $crl
fi
client_result=$?
@ -370,12 +370,12 @@ do_openssl_client() {
if [ "$tls13_cipher" = "" ]
then
echo "#"
echo "# $OPENSSL s_client -connect localhost:$port -reconnect -cipher $cmpSuite $openssl_version $openssl_psk $openssl_cert1 $openssl_cert2 $openssl_key1 $openssl_key2 $openssl_caCert1 $openssl_caCert2"
echo "Hello" | eval "$OPENSSL s_client -connect localhost:$port -reconnect -cipher $cmpSuite $openssl_version $openssl_psk $openssl_cert1 $openssl_cert2 $openssl_key1 $openssl_key2 $openssl_caCert1 $openssl_caCert2"
echo "# $OPENSSL s_client -connect localhost:$port -reconnect -cipher $cmpSuite $openssl_version $openssl_psk $openssl_cert1 \"$openssl_cert2\" $openssl_key1 \"$openssl_key2\" $openssl_caCert1 \"$openssl_caCert2\""
echo "Hello" | eval "$OPENSSL s_client -connect localhost:$port -reconnect -cipher $cmpSuite $openssl_version $openssl_psk $openssl_cert1 \"$openssl_cert2\" $openssl_key1 \"$openssl_key2\" $openssl_caCert1 \"$openssl_caCert2\""
else
echo "#"
echo "# $OPENSSL s_client -connect localhost:$port -reconnect -ciphersuites=$cmpSuite $openssl_version $openssl_psk $openssl_cert1 $openssl_cert2 $openssl_key1 $openssl_key2 $openssl_caCert1 $openssl_caCert2"
echo "Hello" | eval "$OPENSSL s_client -connect localhost:$port -reconnect -ciphersuites=$cmpSuite $openssl_version $openssl_psk $openssl_cert1 $openssl_cert2 $openssl_key1 $openssl_key2 $openssl_caCert1 $openssl_caCert2"
echo "# $OPENSSL s_client -connect localhost:$port -reconnect -ciphersuites=$cmpSuite $openssl_version $openssl_psk $openssl_cert1 \"$openssl_cert2\" $openssl_key1 \"$openssl_key2\" $openssl_caCert1 \"$openssl_caCert2\""
echo "Hello" | eval "$OPENSSL s_client -connect localhost:$port -reconnect -ciphersuites=$cmpSuite $openssl_version $openssl_psk $openssl_cert1 \"$openssl_cert2\" $openssl_key1 \"$openssl_key2\" $openssl_caCert1 \"$openssl_caCert2\""
fi
client_result=$?
@ -407,7 +407,7 @@ command -v $OPENSSL >/dev/null 2>&1 || { echo >&2 "Requires openssl command, but
echo -e "\nTesting for _build directory as part of distcheck, different paths"
currentDir=`pwd`
if [ $currentDir = *"_build" ]
if [ "$currentDir" = *"_build" ]
then
echo -e "_build directory detected, moving a directory back"
cd ..
@ -479,7 +479,7 @@ esac
if [ "$wolf_certs" != "" ]
then
# Check if ECC certificates supported in wolfSSL
wolf_ecc=`$WOLFSSL_CLIENT -A ${CERT_DIR}/ed25519/ca-ecc-cert.pem 2>&1`
wolf_ecc=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed25519/ca-ecc-cert.pem" 2>&1`
case $wolf_ecc in
*"ca file"*)
wolf_ecc=""
@ -488,7 +488,7 @@ then
;;
esac
# Check if Ed25519 certificates supported in wolfSSL
wolf_ed25519=`$WOLFSSL_CLIENT -A ${CERT_DIR}/ed25519/root-ed25519.pem 2>&1`
wolf_ed25519=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed25519/root-ed25519.pem" 2>&1`
case $wolf_ed25519 in
*"ca file"*)
wolf_ed25519=""
@ -497,7 +497,7 @@ then
;;
esac
# Check if Ed25519 certificates supported in OpenSSL
openssl_ed25519=`$OPENSSL s_client -cert ${CERT_DIR}/ed25519/client-ed25519.pem -key ${CERT_DIR}/ed25519/client-ed25519-priv.pem 2>&1`
openssl_ed25519=`$OPENSSL s_client -cert "${CERT_DIR}/ed25519/client-ed25519.pem" -key "${CERT_DIR}/ed25519/client-ed25519-priv.pem" 2>&1`
case $openssl_ed25519 in
*"unable to load"*)
wolf_ed25519=""
@ -506,7 +506,7 @@ then
;;
esac
# Check if Ed448 certificates supported in wolfSSL
wolf_ed448=`$WOLFSSL_CLIENT -A ${CERT_DIR}/ed448/root-ed448.pem 2>&1`
wolf_ed448=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed448/root-ed448.pem" 2>&1`
case $wolf_ed448 in
*"ca file"*)
wolf_ed448=""
@ -515,7 +515,7 @@ then
;;
esac
# Check if Ed448 certificates supported in OpenSSL
openssl_ed448=`$OPENSSL s_client -cert ${CERT_DIR}/ed448/client-ed448.pem -key ${CERT_DIR}/ed448/client-ed448-priv.pem 2>&1`
openssl_ed448=`$OPENSSL s_client -cert "${CERT_DIR}/ed448/client-ed448.pem" -key "${CERT_DIR}/ed448/client-ed448-priv.pem" 2>&1`
case $openssl_ed448 in
*"unable to load"*)
wolf_ed448=""
@ -757,7 +757,7 @@ do
# double check that can actually do a sslv3 connection using
# client-cert.pem to send but any file with EOF works
$OPENSSL s_client -ssl3 -no_ign_eof -host localhost -port $openssl_port < ${CERT_DIR}/client-cert.pem
$OPENSSL s_client -ssl3 -no_ign_eof -host localhost -port $openssl_port < "${CERT_DIR}/client-cert.pem"
sslv3_sup=$?
if [ $sslv3_sup != 0 ]
then

12
scripts/pkcallbacks.test
View File

@ -27,9 +27,9 @@ server_pid=$no_pid
ready_file=`pwd`/wolfssl_pk_ready$$
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "removing existing ready file"
rm $ready_file
rm "$ready_file"
fi
}
@ -79,16 +79,16 @@ run_test() {
# starts the server on pk_port, -R generates ready file to be used as a
# mutex lock, -P does pkcallbacks. We capture the processid
# into the variable server_pid
./examples/server/server -P -R $ready_file -p $pk_port &
./examples/server/server -P -R "$ready_file" -p $pk_port &
server_pid=$!
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
echo -e "waiting for ready file..."
sleep 0.1
counter=$((counter+ 1))
done
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "found ready file, starting client..."
else
echo -e "NO ready file ending test..."
@ -99,7 +99,7 @@ run_test() {
sleep 0.1
# get created port 0 ephemeral port
pk_port=`cat $ready_file`
pk_port=`cat "$ready_file"`
# starts client on pk_port with pkcallbacks, captures the output from client
capture_out=$(./examples/client/client -P -p $pk_port 2>&1)

20
scripts/psk.test
View File

@ -25,23 +25,23 @@ counter=0
# per source tree
ready_file=`pwd`/wolfssl_psk_ready$$
echo "ready file $ready_file"
echo "ready file \"$ready_file\""
create_port() {
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
echo -e "waiting for ready file..."
sleep 0.1
counter=$((counter+ 1))
done
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "found ready file, starting client..."
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
sleep 0.1
# get created port 0 ephemeral port
port=`cat $ready_file`
port=`cat "$ready_file"`
else
echo -e "NO ready file ending test..."
do_cleanup
@ -49,9 +49,9 @@ create_port() {
}
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "removing existing ready file"
rm $ready_file
rm "$ready_file"
fi
}
@ -87,7 +87,7 @@ fi
# Usual psk server / psk client. This use case is tested in
# tests/unit.test and is used here for just checking if PSK is enabled
port=0
./examples/server/server -s -R $ready_file -p $port &
./examples/server/server -s -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -s -p $port
@ -110,7 +110,7 @@ if [ $? -ne 0 ]; then
# tests/unit.test and is used here for just checking if cipher suite
# is available (one case for example is with disable-asn)
port=0
./examples/server/server -R $ready_file -p $port -l DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA &
./examples/server/server -R "$ready_file" -p $port -l DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA &
server_pid=$!
create_port
./examples/client/client -p $port
@ -126,7 +126,7 @@ if [ $? -ne 0 ]; then
# psk server with non psk client
port=0
./examples/server/server -j -R $ready_file -p $port &
./examples/server/server -j -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -p $port
@ -142,7 +142,7 @@ if [ $? -ne 0 ]; then
# check fail if no auth, psk server with non psk client
echo "Checking fail when not sending peer cert"
port=0
./examples/server/server -j -R $ready_file -p $port &
./examples/server/server -j -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -x -p $port

12
scripts/resume.test
View File

@ -29,9 +29,9 @@ ready_file=`pwd`/wolfssl_resume_ready$$
echo "ready file $ready_file"
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "removing existing ready file"
rm $ready_file
rm "$ready_file"
fi
}
@ -69,16 +69,16 @@ do_test() {
esac
remove_ready_file
./examples/server/server -r -R $ready_file -p $resume_port &
./examples/server/server -r -R "$ready_file" -p $resume_port &
server_pid=$!
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
echo -e "waiting for ready file..."
sleep 0.1
counter=$((counter+ 1))
done
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "found ready file, starting client..."
else
echo -e "NO ready file ending test..."
@ -90,7 +90,7 @@ do_test() {
sleep 0.1
# get created port 0 ephemeral port
resume_port=`cat $ready_file`
resume_port=`cat "$ready_file"`
capture_out=$(./examples/client/client $1 -r -p $resume_port 2>&1)
client_result=$?

60
scripts/tls13.test
View File

@ -30,10 +30,10 @@ server_out_file=`pwd`/wolfssl_tls13_server_out$$
# Client output
client_out_file=`pwd`/wolfssl_tls13_client_out$$
echo "ready file $ready_file"
echo "ready file "$ready_file""
create_port() {
while [ ! -s $ready_file ]; do
while [ ! -s "$ready_file" ]; do
if [ "$counter" -gt 50 ]; then
break
fi
@ -42,14 +42,14 @@ create_port() {
counter=$((counter+ 1))
done
if [ -e $ready_file ]; then
if [ -e "$ready_file" ]; then
echo -e "found ready file, starting client..."
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
sleep 0.1
# get created port 0 ephemeral port
port=`cat $ready_file`
port=`cat "$ready_file"`
else
echo -e "NO ready file ending test..."
do_cleanup
@ -57,9 +57,9 @@ create_port() {
}
remove_ready_file() {
if [ -e $ready_file ]; then
if [ -e "$ready_file" ]; then
echo -e "removing existing ready file"
rm $ready_file
rm "$ready_file"
fi
}
@ -73,17 +73,17 @@ do_cleanup() {
server_pid=$no_pid
fi
remove_ready_file
if [ -e $client_file ]; then
if [ -e "$client_file" ]; then
echo -e "removing existing client file"
rm $client_file
rm "$client_file"
fi
if [ -e $server_out_file ]; then
if [ -e "$server_out_file" ]; then
echo -e "removing existing server output file"
rm $server_out_file
rm "$server_out_file"
fi
if [ -e $client_out_file ]; then
if [ -e "$client_out_file" ]; then
echo -e "removing existing client output file"
rm $client_out_file
rm "$client_out_file"
fi
}
@ -108,10 +108,10 @@ fi
# Usual TLS v1.3 server / TLS v1.3 client.
echo -e "\n\nTLS v1.3 server with TLS v1.3 client"
port=0
./examples/server/server -v 4 -R $ready_file -p $port &
./examples/server/server -v 4 -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port | tee $client_file
./examples/client/client -v 4 -p $port | tee "$client_file"
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
@ -124,7 +124,7 @@ echo ""
# TLS 1.3 cipher suites server / client.
echo -e "\n\nTLS v1.3 cipher suite mismatch"
port=0
./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-CHACHA20-POLY1305-SHA256 &
./examples/server/server -v 4 -R "$ready_file" -p $port -l TLS13-CHACHA20-POLY1305-SHA256 &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port -l TLS13-AES256-GCM-SHA384
@ -146,7 +146,7 @@ if [ $NO_CERTS -ne 0 -a $NO_CLIENT_AUTH -ne 0 ]; then
# TLS 1.3 mutual auth required but client doesn't send certificates.
echo -e "\n\nTLS v1.3 mutual auth fail"
port=0
./examples/server/server -v 4 -F -R $ready_file -p $port &
./examples/server/server -v 4 -F -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -x -p $port
@ -167,7 +167,7 @@ if [ $? -ne 0 ]; then
# TLS 1.3 server / TLS 1.2 client.
echo -e "\n\nTLS v1.3 server downgrading to TLS v1.2"
port=0
./examples/server/server -v 4 -R $ready_file -p $port &
./examples/server/server -v 4 -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -v 3 -p $port
@ -184,7 +184,7 @@ if [ $? -ne 0 ]; then
# TLS 1.2 server / TLS 1.3 client.
echo -e "\n\nTLS v1.3 client upgrading server to TLS v1.3"
port=0
./examples/server/server -v 3 -R $ready_file -p $port &
./examples/server/server -v 3 -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port
@ -215,7 +215,7 @@ if [ $? -ne 0 ]; then
port=0
SERVER_CS="TLS13-AES256-GCM-SHA384:$TLS12_CS"
CLIENT_CS="TLS13-AES128-GCM-SHA256:$TLS12_CS"
./examples/server/server -v d -l $SERVER_CS -R $ready_file -p $port &
./examples/server/server -v d -l $SERVER_CS -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -v d -l $CLIENT_CS -p $port
@ -246,17 +246,17 @@ fi
if [ "$early_data" = "yes" ]; then
echo -e "\n\nTLS v1.3 Early Data - session ticket"
port=0
(./examples/server/server -v 4 -r -0 -R $ready_file -p $port 2>&1 | \
tee $server_out_file) &
(./examples/server/server -v 4 -r -0 -R "$ready_file" -p $port 2>&1 | \
tee "$server_out_file") &
server_pid=$!
create_port
./examples/client/client -v 4 -r -0 -p $port 2>&1 >$client_out_file
./examples/client/client -v 4 -r -0 -p $port 2>&1 >"$client_out_file"
RESULT=$?
cat $client_out_file
cat "$client_out_file"
remove_ready_file
grep 'Session Ticket' $client_out_file
grep 'Session Ticket' "$client_out_file"
session_ticket=$?
early_data_cnt=`grep 'Early Data' $server_out_file | wc -l`
early_data_cnt=`grep 'Early Data' "$server_out_file" | wc -l`
if [ $session_ticket -eq 0 -a $early_data_cnt -ne 4 ]; then
RESULT=1
fi
@ -272,8 +272,8 @@ fi
if [ "$early_data" = "yes" -a "$psk" = "yes" ]; then
echo -e "\n\nTLS v1.3 Early Data - PSK"
port=0
(./examples/server/server -v 4 -s -0 -R $ready_file -p $port 2>&1 | \
tee $server_out_file) &
(./examples/server/server -v 4 -s -0 -R "$ready_file" -p $port 2>&1 | \
tee "$server_out_file") &
server_pid=$!
create_port
./examples/client/client -v 4 -s -0 -p $port
@ -283,14 +283,14 @@ if [ "$early_data" = "yes" -a "$psk" = "yes" ]; then
# wait for the server to quit and write output
wait $server_pid
early_data_cnt=`grep 'Early Data' $server_out_file | wc -l`
early_data_cnt=`grep 'Early Data' "$server_out_file" | wc -l`
if [ $early_data_cnt -ne 3 -a $early_data_cnt -ne 5 ]; then
echo
echo "Server out file"
cat $server_out_file
cat "$server_out_file"
echo
echo "Found lines"
grep 'Early Data' $server_out_file
grep 'Early Data' "$server_out_file"
echo -e "\n\nToo few 'Early Data' lines - $early_data_cnt"
RESULT=1
fi

62
scripts/trusted_peer.test
View File

@ -1,4 +1,4 @@
#!/bin/sh
#!/bin/bash
# trusted_peer.test
# copyright wolfSSL 2016
@ -36,23 +36,23 @@ combined_cert=`pwd`/certs/client_combined.pem
wrong_ca=`pwd`/certs/wolfssl-website-ca.pem
wrong_cert=`pwd`/certs/server-revoked-cert.pem
echo "ready file $ready_file"
echo "ready file \"$ready_file\""
create_port() {
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
echo -e "waiting for ready file..."
sleep 0.1
counter=$((counter+ 1))
done
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "found ready file, starting client..."
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
sleep 0.1
# get created port 0 ephemeral port
port=`cat $ready_file`
port=`cat "$ready_file"`
else
echo -e "NO ready file ending test..."
do_cleanup
@ -60,9 +60,9 @@ create_port() {
}
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "removing existing ready file"
rm $ready_file
rm "$ready_file"
fi
}
@ -89,7 +89,7 @@ trap do_trap INT TERM
# Look for if RSA and/or ECC is enabled and adjust certs/keys
ciphers=`./examples/client/client -e`
if [[ $ciphers != *"RSA"* ]]; then
if [[ "$ciphers" != *"RSA"* ]]; then
if [[ $ciphers == *"ECDSA"* ]]; then
client_cert=`pwd`/certs/client-ecc-cert.pem
client_ca=`pwd`/certs/server-ecc.pem
@ -107,7 +107,7 @@ fi
# CRL list not set up for tests
crl_test=`./examples/client/client -h`
if [[ $crl_test == *"-C "* ]]; then
if [[ "$crl_test" == *"-C "* ]]; then
echo "test not set up to run with CRL"
exit 0
fi
@ -118,10 +118,10 @@ echo "Checking built with trusted peer certs "
echo "-----------------------------------------------------"
port=0
remove_ready_file
./examples/server/server -E $client_cert -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -E "$client_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $client_ca -p $port
./examples/client/client -A "$client_ca" -p $port
RESULT=$?
remove_ready_file
# if fail here then is a settings issue so return 0
@ -136,10 +136,10 @@ echo ""
echo "Server and Client relying on trusted peer cert loaded"
echo "-----------------------------------------------------"
port=0
./examples/server/server -A $wrong_ca -E $client_cert -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -A "$wrong_ca" -E "$client_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $wrong_ca -E $server_cert -c $client_cert -p $port
./examples/client/client -A "$wrong_ca" -E "$server_cert" -c "$client_cert" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
@ -153,10 +153,10 @@ echo ""
echo "Server relying on trusted peer cert loaded"
echo "-----------------------------------------------------"
port=0
./examples/server/server -A $wrong_ca -E $client_cert -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -A "$wrong_ca" -E "$client_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $client_ca -c $client_cert -p $port
./examples/client/client -A "$client_ca" -c "$client_cert" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
@ -170,10 +170,10 @@ echo ""
echo "Client relying on trusted peer cert loaded"
echo "-----------------------------------------------------"
port=0
./examples/server/server -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $wrong_ca -E $server_cert -p $port
./examples/client/client -A "$wrong_ca" -E "$server_cert" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
@ -187,10 +187,10 @@ echo ""
echo "Client fall through to loaded CAs"
echo "-----------------------------------------------------"
port=0
./examples/server/server -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $client_ca -E $wrong_cert -p $port
./examples/client/client -A "$client_ca" -E "$wrong_cert" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
@ -206,10 +206,10 @@ if [[ $wrong_ca != *"ecc"* ]]; then
echo "Client wrong CA and wrong trusted peer cert loaded"
echo "-----------------------------------------------------"
port=0
./examples/server/server -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $wrong_ca -E $wrong_cert -p $port
./examples/client/client -A "$wrong_ca" -E "$wrong_cert" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -eq 0 ]; then
@ -224,10 +224,10 @@ fi
echo "Server wrong CA and wrong trusted peer cert loaded"
echo "-----------------------------------------------------"
port=0
./examples/server/server -A $wrong_ca -E $wrong_cert -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -A "$wrong_ca" -E "$wrong_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $client_ca -p $port
./examples/client/client -A "$client_ca" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -eq 0 ]; then
@ -241,10 +241,10 @@ echo ""
echo "Server fall through to loaded CAs"
echo "-----------------------------------------------------"
port=0
./examples/server/server -E $wrong_cert -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -E "$wrong_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $client_ca -p $port
./examples/client/client -A "$client_ca" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
@ -259,25 +259,25 @@ echo "Server loading multiple trusted peer certs"
echo "Test two success cases and one fail case"
echo "-----------------------------------------------------"
port=0
cat $client_cert $client_ca > $combined_cert
./examples/server/server -i -A $wrong_ca -E $combined_cert -c $server_cert -k $server_key -R $ready_file -p $port &
cat "$client_cert" "$client_ca" > "$combined_cert"
./examples/server/server -i -A "$wrong_ca" -E "$combined_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $client_ca -c $client_cert -k $client_key -p $port
./examples/client/client -A "$client_ca" -c "$client_cert" -k "$client_key" -p $port
RESULT=$?
if [ $RESULT -ne 0 ]; then
echo -e "\nServer load multiple trusted peer certs failed!"
do_cleanup
exit 1
fi
./examples/client/client -A $client_ca -c $client_ca -k $ca_key -p $port
./examples/client/client -A "$client_ca" -c "$client_ca" -k "$ca_key" -p $port
RESULT=$?
if [ $RESULT -ne 0 ]; then
echo -e "\nServer load multiple trusted peer certs failed!"
do_cleanup
exit 1
fi
./examples/client/client -A $client_ca -c $wrong_cert -k $client_key -p $port
./examples/client/client -A "$client_ca" -c "$wrong_cert" -k "$client_key" -p $port
RESULT=$?
if [ $RESULT -eq 0 ]; then
echo -e "\nServer load multiple trusted peer certs failed!"
@ -286,7 +286,7 @@ if [ $RESULT -eq 0 ]; then
fi
do_cleanup # kill PID of server running in infinite loop
rm $combined_cert
rm "$combined_cert"
remove_ready_file
echo ""