forked from wolfSSL/wolfssl
Merge pull request #1801 from kaleb-himes/OCSP-GLOBALSIGN-FIXr2
Address issues when testing with WOLFSSL_OCSP_TEST set
This commit is contained in:
@ -1301,6 +1301,14 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case 'S' :
|
case 'S' :
|
||||||
|
if (XSTRNCMP(myoptarg, "check", 5) == 0) {
|
||||||
|
#ifdef HAVE_SNI
|
||||||
|
printf("SNI is: ON\n");
|
||||||
|
#else
|
||||||
|
printf("SNI is: OFF\n");
|
||||||
|
#endif
|
||||||
|
XEXIT_T(EXIT_SUCCESS);
|
||||||
|
}
|
||||||
#ifdef HAVE_SNI
|
#ifdef HAVE_SNI
|
||||||
sniHostName = myoptarg;
|
sniHostName = myoptarg;
|
||||||
#endif
|
#endif
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
# ocsp-stapling.test
|
# ocsp.test
|
||||||
|
|
||||||
server=www.globalsign.com
|
server=www.globalsign.com
|
||||||
ca=certs/external/ca-globalsign-root.pem
|
ca=certs/external/ca-globalsign-root.pem
|
||||||
@ -15,16 +15,30 @@ if [ $? -eq 0 ]; then
|
|||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# is our desired server there?
|
# Global Sign now requires server name indication extension to work, check
|
||||||
./scripts/ping.test $server 2
|
# enabled prior to testing
|
||||||
RESULT=$?
|
OUTPUT=$(eval "./examples/client/client -S check")
|
||||||
if [ $RESULT -eq 0 ]; then
|
if [ "$OUTPUT" = "SNI is: ON" ]; then
|
||||||
# client test against the server
|
printf '\n\n%s\n\n' "SNI is on, proceed with globalsign test"
|
||||||
./examples/client/client -X -C -h $server -p 443 -A $ca -g -o -N
|
|
||||||
GL_RESULT=$?
|
# is our desired server there?
|
||||||
[ $GL_RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection failed"
|
./scripts/ping.test $server 2
|
||||||
|
RESULT=$?
|
||||||
|
if [ $RESULT -ne 0 ]; then
|
||||||
|
GL_UNREACHABLE=1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ $RESULT -eq 0 ]; then
|
||||||
|
# client test against the server
|
||||||
|
./examples/client/client -X -C -h $server -p 443 -A $ca -g -o -N -v d -S $server
|
||||||
|
GL_RESULT=$?
|
||||||
|
[ $GL_RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection failed"
|
||||||
|
else
|
||||||
|
GL_RESULT=1
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
GL_RESULT=1
|
printf '\n\n%s\n\n' "SNI disabled, skipping globalsign test"
|
||||||
|
GL_RESULT=0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
server=www.google.com
|
server=www.google.com
|
||||||
@ -48,6 +62,10 @@ if test -n "$WOLFSSL_OCSP_TEST"; then
|
|||||||
printf '\n\n%s\n' "Both OCSP connection to globalsign and google passed"
|
printf '\n\n%s\n' "Both OCSP connection to globalsign and google passed"
|
||||||
printf '%s\n' "Test Passed!"
|
printf '%s\n' "Test Passed!"
|
||||||
exit 0
|
exit 0
|
||||||
|
elif [ $GL_UNREACHABLE -eq 1 ] && [ $GR_RESULT -eq 0 ]; then
|
||||||
|
printf '%s\n' "Global Sign is currently unreachable. Logging it but if"
|
||||||
|
printf '%s\n' "this continues to occur should be investigated"
|
||||||
|
exit 0
|
||||||
else
|
else
|
||||||
# Unlike other environment variables the intent of WOLFSSL_OCSP_TEST
|
# Unlike other environment variables the intent of WOLFSSL_OCSP_TEST
|
||||||
# is to indicate a requirement for both tests to pass. If variable is
|
# is to indicate a requirement for both tests to pass. If variable is
|
||||||
|
Reference in New Issue
Block a user