mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-30 10:47:28 +02:00
Merge pull request #4108 from elms/fix/scripts/paths_w_spaces
tests: fix test scripts for paths with spaces
This commit is contained in:
@ -29,9 +29,9 @@ server_pid=$no_pid
|
|||||||
ready_file=`pwd`/wolfssl_crl_ready$$
|
ready_file=`pwd`/wolfssl_crl_ready$$
|
||||||
|
|
||||||
remove_ready_file() {
|
remove_ready_file() {
|
||||||
if test -e $ready_file; then
|
if test -e "$ready_file"; then
|
||||||
echo -e "removing existing ready file"
|
echo -e "removing existing ready file"
|
||||||
rm $ready_file
|
rm "$ready_file"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -70,12 +70,12 @@ run_test() {
|
|||||||
# starts the server on crl_port, -R generates ready file to be used as a
|
# starts the server on crl_port, -R generates ready file to be used as a
|
||||||
# mutex lock, -c loads the revoked certificate. We capture the processid
|
# mutex lock, -c loads the revoked certificate. We capture the processid
|
||||||
# into the variable server_pid
|
# into the variable server_pid
|
||||||
./examples/server/server -R $ready_file -p $crl_port \
|
./examples/server/server -R "$ready_file" -p $crl_port \
|
||||||
-c ${CERT_DIR}/server-revoked-cert.pem \
|
-c ${CERT_DIR}/server-revoked-cert.pem \
|
||||||
-k ${CERT_DIR}/server-revoked-key.pem &
|
-k ${CERT_DIR}/server-revoked-key.pem &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
|
|
||||||
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
|
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
|
||||||
echo -e "waiting for ready file..."
|
echo -e "waiting for ready file..."
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
counter=$((counter+ 1))
|
counter=$((counter+ 1))
|
||||||
@ -84,7 +84,7 @@ run_test() {
|
|||||||
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
|
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
|
|
||||||
if test -e $ready_file; then
|
if test -e "$ready_file"; then
|
||||||
echo -e "found ready file, starting client..."
|
echo -e "found ready file, starting client..."
|
||||||
else
|
else
|
||||||
echo -e "NO ready file ending test..."
|
echo -e "NO ready file ending test..."
|
||||||
@ -92,7 +92,7 @@ run_test() {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# get created port 0 ephemeral port
|
# get created port 0 ephemeral port
|
||||||
crl_port="$(cat $ready_file)"
|
crl_port="$(cat "$ready_file")"
|
||||||
|
|
||||||
# starts client on crl_port and captures the output from client
|
# starts client on crl_port and captures the output from client
|
||||||
capture_out=$(./examples/client/client -p $crl_port 2>&1)
|
capture_out=$(./examples/client/client -p $crl_port 2>&1)
|
||||||
@ -147,18 +147,18 @@ run_hashdir_test() {
|
|||||||
# starts the server on crl_port, -R generates ready file to be used as a
|
# starts the server on crl_port, -R generates ready file to be used as a
|
||||||
# mutex lock, -c loads the revoked certificate. We capture the processid
|
# mutex lock, -c loads the revoked certificate. We capture the processid
|
||||||
# into the variable server_pid
|
# into the variable server_pid
|
||||||
./examples/server/server -R $ready_file -p $crl_port \
|
./examples/server/server -R "$ready_file" -p $crl_port \
|
||||||
-c ${CERT_DIR}/server-revoked-cert.pem \
|
-c ${CERT_DIR}/server-revoked-cert.pem \
|
||||||
-k ${CERT_DIR}/server-revoked-key.pem &
|
-k ${CERT_DIR}/server-revoked-key.pem &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
|
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
|
||||||
echo -e "waiting for ready file..."
|
echo -e "waiting for ready file..."
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
counter=$((counter+ 1))
|
counter=$((counter+ 1))
|
||||||
done
|
done
|
||||||
|
|
||||||
# get created port 0 ephemeral port
|
# get created port 0 ephemeral port
|
||||||
crl_port="$(cat $ready_file)"
|
crl_port="$(cat "$ready_file")"
|
||||||
|
|
||||||
# starts client on crl_port and captures the output from client
|
# starts client on crl_port and captures the output from client
|
||||||
capture_out=$(./examples/client/client -p $crl_port -9 2>&1)
|
capture_out=$(./examples/client/client -p $crl_port -9 2>&1)
|
||||||
|
@ -34,7 +34,7 @@ if [ $? -ne 0 ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# is our desired server there?
|
# is our desired server there?
|
||||||
${SCRIPT_DIR}/ping.test $server 2
|
"${SCRIPT_DIR}"/ping.test $server 2
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && exit 0
|
[ $RESULT -ne 0 ] && exit 0
|
||||||
|
|
||||||
|
@ -43,7 +43,7 @@ CERT_DIR="certs/ocsp"
|
|||||||
|
|
||||||
ready_file="${WORKSPACE}"/wolf_ocsp_s1_readyF$$
|
ready_file="${WORKSPACE}"/wolf_ocsp_s1_readyF$$
|
||||||
ready_file2="${WORKSPACE}"/wolf_ocsp_s1_readyF2$$
|
ready_file2="${WORKSPACE}"/wolf_ocsp_s1_readyF2$$
|
||||||
printf '%s\n' "ready files: $ready_file $ready_file2"
|
printf '%s\n' "ready files: \"$ready_file\" \"$ready_file2\""
|
||||||
|
|
||||||
test_cnf="ocsp_s_w_ca_a_r.cnf"
|
test_cnf="ocsp_s_w_ca_a_r.cnf"
|
||||||
|
|
||||||
@ -51,7 +51,7 @@ wait_for_readyFile(){
|
|||||||
|
|
||||||
counter=0
|
counter=0
|
||||||
|
|
||||||
while [ ! -s $1 -a "$counter" -lt 20 ]; do
|
while [ ! -s "$1" -a "$counter" -lt 20 ]; do
|
||||||
if [[ -n "${2-}" ]]; then
|
if [[ -n "${2-}" ]]; then
|
||||||
if ! kill -0 $2 2>&-; then
|
if ! kill -0 $2 2>&-; then
|
||||||
echo "pid $2 for port ${3-} exited before creating ready file. bailing..."
|
echo "pid $2 for port ${3-} exited before creating ready file. bailing..."
|
||||||
@ -63,19 +63,19 @@ wait_for_readyFile(){
|
|||||||
counter=$((counter+ 1))
|
counter=$((counter+ 1))
|
||||||
done
|
done
|
||||||
|
|
||||||
if test -e $1; then
|
if test -e "$1"; then
|
||||||
echo -e "found ready file, starting client..."
|
echo -e "found ready file, starting client..."
|
||||||
else
|
else
|
||||||
echo -e "NO ready file at $1 -- ending test..."
|
echo -e "NO ready file at \"$1\" -- ending test..."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
remove_single_rF(){
|
remove_single_rF(){
|
||||||
if test -e $1; then
|
if test -e "$1"; then
|
||||||
printf '%s\n' "removing ready file: $1"
|
printf '%s\n' "removing ready file: \"$1\""
|
||||||
rm $1
|
rm "$1"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -135,13 +135,13 @@ create_new_cnf() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
remove_ready_file() {
|
remove_ready_file() {
|
||||||
if test -e $ready_file; then
|
if test -e "$ready_file"; then
|
||||||
printf '%s\n' "removing ready file"
|
printf '%s\n' "removing ready file"
|
||||||
rm $ready_file
|
rm "$ready_file"
|
||||||
fi
|
fi
|
||||||
if test -e $ready_file2; then
|
if test -e "$ready_file2"; then
|
||||||
printf '%s\n' "removing ready file: $ready_file2"
|
printf '%s\n' "removing ready file: \"$ready_file2\""
|
||||||
rm $ready_file2
|
rm "$ready_file2"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -197,10 +197,10 @@ port2=$(get_first_free_port $((port1 + 1)))
|
|||||||
|
|
||||||
|
|
||||||
# create a port to use with openssl ocsp responder
|
# create a port to use with openssl ocsp responder
|
||||||
./examples/server/server -R $ready_file -p $port1 &
|
./examples/server/server -R "$ready_file" -p $port1 &
|
||||||
wolf_pid=$!
|
wolf_pid=$!
|
||||||
wait_for_readyFile $ready_file $wolf_pid $port1
|
wait_for_readyFile "$ready_file" $wolf_pid $port1
|
||||||
if [ ! -f $ready_file ]; then
|
if [ ! -f "$ready_file" ]; then
|
||||||
printf '%s\n' "Failed to create ready file: \"$ready_file\""
|
printf '%s\n' "Failed to create ready file: \"$ready_file\""
|
||||||
exit 1
|
exit 1
|
||||||
else
|
else
|
||||||
@ -240,10 +240,10 @@ sleep 0.1
|
|||||||
printf '%s\n\n' "------------- TEST CASE 1 SHOULD PASS ------------------------"
|
printf '%s\n\n' "------------- TEST CASE 1 SHOULD PASS ------------------------"
|
||||||
# client test against our own server - GOOD CERT
|
# client test against our own server - GOOD CERT
|
||||||
./examples/server/server -c certs/ocsp/server1-cert.pem \
|
./examples/server/server -c certs/ocsp/server1-cert.pem \
|
||||||
-k certs/ocsp/server1-key.pem -R $ready_file2 \
|
-k certs/ocsp/server1-key.pem -R "$ready_file2" \
|
||||||
-p $port2 &
|
-p $port2 &
|
||||||
wolf_pid2=$!
|
wolf_pid2=$!
|
||||||
wait_for_readyFile $ready_file2 $wolf_pid2 $port2
|
wait_for_readyFile "$ready_file2" $wolf_pid2 $port2
|
||||||
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 \
|
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 \
|
||||||
-p $port2
|
-p $port2
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
@ -252,12 +252,12 @@ printf '%s\n\n' "Test PASSED!"
|
|||||||
|
|
||||||
printf '%s\n\n' "------------- TEST CASE 2 SHOULD REVOKE ----------------------"
|
printf '%s\n\n' "------------- TEST CASE 2 SHOULD REVOKE ----------------------"
|
||||||
# client test against our own server - REVOKED CERT
|
# client test against our own server - REVOKED CERT
|
||||||
remove_single_rF $ready_file2
|
remove_single_rF "$ready_file2"
|
||||||
./examples/server/server -c certs/ocsp/server2-cert.pem \
|
./examples/server/server -c certs/ocsp/server2-cert.pem \
|
||||||
-k certs/ocsp/server2-key.pem -R $ready_file2 \
|
-k certs/ocsp/server2-key.pem -R "$ready_file2" \
|
||||||
-p $port2 &
|
-p $port2 &
|
||||||
wolf_pid2=$!
|
wolf_pid2=$!
|
||||||
wait_for_readyFile $ready_file2 $wolf_pid2 $port2
|
wait_for_readyFile "$ready_file2" $wolf_pid2 $port2
|
||||||
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 \
|
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 \
|
||||||
-p $port2
|
-p $port2
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
|
@ -60,7 +60,7 @@ ln -s ../examples
|
|||||||
CERT_DIR="./certs/ocsp"
|
CERT_DIR="./certs/ocsp"
|
||||||
ready_file="$WORKSPACE"/wolf_ocsp_s1_readyF$$
|
ready_file="$WORKSPACE"/wolf_ocsp_s1_readyF$$
|
||||||
ready_file2="$WORKSPACE"/wolf_ocsp_s1_readyF2$$
|
ready_file2="$WORKSPACE"/wolf_ocsp_s1_readyF2$$
|
||||||
printf '%s\n' "ready file: $ready_file"
|
printf '%s\n' "ready file: \"$ready_file\""
|
||||||
|
|
||||||
test_cnf="ocsp_s1.cnf"
|
test_cnf="ocsp_s1.cnf"
|
||||||
|
|
||||||
@ -68,7 +68,7 @@ wait_for_readyFile(){
|
|||||||
|
|
||||||
counter=0
|
counter=0
|
||||||
|
|
||||||
while [ ! -s $1 -a "$counter" -lt 20 ]; do
|
while [ ! -s "$1" -a "$counter" -lt 20 ]; do
|
||||||
if [[ -n "${2-}" ]]; then
|
if [[ -n "${2-}" ]]; then
|
||||||
if ! kill -0 $2 2>&-; then
|
if ! kill -0 $2 2>&-; then
|
||||||
echo "pid $2 for port ${3-} exited before creating ready file. bailing..."
|
echo "pid $2 for port ${3-} exited before creating ready file. bailing..."
|
||||||
@ -80,19 +80,19 @@ wait_for_readyFile(){
|
|||||||
counter=$((counter+ 1))
|
counter=$((counter+ 1))
|
||||||
done
|
done
|
||||||
|
|
||||||
if test -e $1; then
|
if test -e "$1"; then
|
||||||
echo -e "found ready file, starting client..."
|
echo -e "found ready file, starting client..."
|
||||||
else
|
else
|
||||||
echo -e "NO ready file at $1 -- ending test..."
|
echo -e "NO ready file at \"$1\" -- ending test..."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
remove_single_rF(){
|
remove_single_rF(){
|
||||||
if test -e $1; then
|
if test -e "$1"; then
|
||||||
printf '%s\n' "removing ready file: $1"
|
printf '%s\n' "removing ready file: \"$1\""
|
||||||
rm $1
|
rm "$1"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -148,17 +148,17 @@ create_new_cnf() {
|
|||||||
CURR_LOC="$PWD"
|
CURR_LOC="$PWD"
|
||||||
printf '%s\n' "echo now in $CURR_LOC"
|
printf '%s\n' "echo now in $CURR_LOC"
|
||||||
./renewcerts-for-test.sh $test_cnf
|
./renewcerts-for-test.sh $test_cnf
|
||||||
cd $WORKSPACE
|
cd "$WORKSPACE"
|
||||||
}
|
}
|
||||||
|
|
||||||
remove_ready_file() {
|
remove_ready_file() {
|
||||||
if test -e $ready_file; then
|
if test -e "$ready_file"; then
|
||||||
printf '%s\n' "removing ready file"
|
printf '%s\n' "removing ready file"
|
||||||
rm $ready_file
|
rm "$ready_file"
|
||||||
fi
|
fi
|
||||||
if test -e $ready_file2; then
|
if test -e "$ready_file2"; then
|
||||||
printf '%s\n' "removing ready file: $ready_file2"
|
printf '%s\n' "removing ready file: \"$ready_file2\""
|
||||||
rm $ready_file2
|
rm "$ready_file2"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -227,11 +227,11 @@ port3=$(get_first_free_port $((port2 + 1)))
|
|||||||
|
|
||||||
# test interop fail case
|
# test interop fail case
|
||||||
ready_file=$PWD/wolf_ocsp_readyF$$
|
ready_file=$PWD/wolf_ocsp_readyF$$
|
||||||
printf '%s\n' "ready file: $ready_file"
|
printf '%s\n' "ready file: \"$ready_file\""
|
||||||
./examples/server/server -b -p $port1 -o -R $ready_file &
|
./examples/server/server -b -p $port1 -o -R "$ready_file" &
|
||||||
wolf_pid=$!
|
wolf_pid=$!
|
||||||
wait_for_readyFile $ready_file $wolf_pid $port1
|
wait_for_readyFile "$ready_file" $wolf_pid $port1
|
||||||
if [ ! -f $ready_file ]; then
|
if [ ! -f "$ready_file" ]; then
|
||||||
printf '%s\n' "Failed to create ready file: \"$ready_file\""
|
printf '%s\n' "Failed to create ready file: \"$ready_file\""
|
||||||
exit 1
|
exit 1
|
||||||
else
|
else
|
||||||
@ -239,10 +239,10 @@ else
|
|||||||
echo "hi" | openssl s_client -status $V4V6_FLAG -connect ${LOCALHOST}:$port1 -cert ./certs/client-cert.pem -key ./certs/client-key.pem -CAfile ./certs/ocsp/root-ca-cert.pem 2>&1 | tee /dev/stderr | fgrep -q 'self signed certificate in certificate chain'
|
echo "hi" | openssl s_client -status $V4V6_FLAG -connect ${LOCALHOST}:$port1 -cert ./certs/client-cert.pem -key ./certs/client-key.pem -CAfile ./certs/ocsp/root-ca-cert.pem 2>&1 | tee /dev/stderr | fgrep -q 'self signed certificate in certificate chain'
|
||||||
if [ $? -neq 0 ]; then
|
if [ $? -neq 0 ]; then
|
||||||
printf '%s\n' "Expected verification error from s_client is missing."
|
printf '%s\n' "Expected verification error from s_client is missing."
|
||||||
remove_single_rF $ready_file
|
remove_single_rF "$ready_file"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
remove_single_rF $ready_file
|
remove_single_rF "$ready_file"
|
||||||
wait $wolf_pid
|
wait $wolf_pid
|
||||||
if [ $? -ne 1 ]; then
|
if [ $? -ne 1 ]; then
|
||||||
printf '%s\n' "wolfSSL server unexpected fail value"
|
printf '%s\n' "wolfSSL server unexpected fail value"
|
||||||
@ -252,10 +252,10 @@ fi
|
|||||||
|
|
||||||
|
|
||||||
# create a port to use with openssl ocsp responder
|
# create a port to use with openssl ocsp responder
|
||||||
./examples/server/server -b -p $port2 -R $ready_file &
|
./examples/server/server -b -p $port2 -R "$ready_file" &
|
||||||
wolf_pid2=$!
|
wolf_pid2=$!
|
||||||
wait_for_readyFile $ready_file $wolf_pid2 $port2
|
wait_for_readyFile "$ready_file" $wolf_pid2 $port2
|
||||||
if [ ! -f $ready_file ]; then
|
if [ ! -f "$ready_file" ]; then
|
||||||
printf '%s\n' "Failed to create ready file: \"$ready_file\""
|
printf '%s\n' "Failed to create ready file: \"$ready_file\""
|
||||||
exit 1
|
exit 1
|
||||||
else
|
else
|
||||||
@ -307,10 +307,10 @@ sleep 0.1
|
|||||||
|
|
||||||
printf '%s\n\n' "------------- TEST CASE 1 SHOULD PASS ------------------------"
|
printf '%s\n\n' "------------- TEST CASE 1 SHOULD PASS ------------------------"
|
||||||
# client test against our own server - GOOD CERT
|
# client test against our own server - GOOD CERT
|
||||||
./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file2 \
|
./examples/server/server -c certs/ocsp/server1-cert.pem -R "$ready_file2" \
|
||||||
-k certs/ocsp/server1-key.pem -p $port3 &
|
-k certs/ocsp/server1-key.pem -p $port3 &
|
||||||
wolf_pid3=$!
|
wolf_pid3=$!
|
||||||
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
|
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
|
||||||
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -p $port3
|
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -p $port3
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection 1 failed" && exit 1
|
[ $RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection 1 failed" && exit 1
|
||||||
@ -318,11 +318,11 @@ printf '%s\n\n' "Test PASSED!"
|
|||||||
|
|
||||||
printf '%s\n\n' "------------- TEST CASE 2 SHOULD REVOKE ----------------------"
|
printf '%s\n\n' "------------- TEST CASE 2 SHOULD REVOKE ----------------------"
|
||||||
# client test against our own server - REVOKED CERT
|
# client test against our own server - REVOKED CERT
|
||||||
remove_single_rF $ready_file2
|
remove_single_rF "$ready_file2"
|
||||||
./examples/server/server -c certs/ocsp/server2-cert.pem -R $ready_file2 \
|
./examples/server/server -c certs/ocsp/server2-cert.pem -R "$ready_file2" \
|
||||||
-k certs/ocsp/server2-key.pem -p $port3 &
|
-k certs/ocsp/server2-key.pem -p $port3 &
|
||||||
wolf_pid3=$!
|
wolf_pid3=$!
|
||||||
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
|
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -p $port3
|
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -p $port3
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
@ -335,12 +335,12 @@ printf '%s\n\n' "Test successfully REVOKED!"
|
|||||||
if [ $? -ne 0 ]; then
|
if [ $? -ne 0 ]; then
|
||||||
printf '%s\n\n' "------------- TEST CASE 3 SHOULD PASS --------------------"
|
printf '%s\n\n' "------------- TEST CASE 3 SHOULD PASS --------------------"
|
||||||
# client test against our own server - GOOD CERT
|
# client test against our own server - GOOD CERT
|
||||||
remove_single_rF $ready_file2
|
remove_single_rF "$ready_file2"
|
||||||
./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file2 \
|
./examples/server/server -c certs/ocsp/server1-cert.pem -R "$ready_file2" \
|
||||||
-k certs/ocsp/server1-key.pem -v 4 \
|
-k certs/ocsp/server1-key.pem -v 4 \
|
||||||
-p $port3 &
|
-p $port3 &
|
||||||
wolf_pid3=$!
|
wolf_pid3=$!
|
||||||
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
|
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
|
||||||
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -v 4 -F 1 \
|
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -v 4 -F 1 \
|
||||||
-p $port3
|
-p $port3
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
@ -349,12 +349,12 @@ if [ $? -ne 0 ]; then
|
|||||||
|
|
||||||
printf '%s\n\n' "------------- TEST CASE 4 SHOULD PASS --------------------"
|
printf '%s\n\n' "------------- TEST CASE 4 SHOULD PASS --------------------"
|
||||||
# client test against our own server, must staple - GOOD CERT
|
# client test against our own server, must staple - GOOD CERT
|
||||||
remove_single_rF $ready_file2
|
remove_single_rF "$ready_file2"
|
||||||
./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file2 \
|
./examples/server/server -c certs/ocsp/server1-cert.pem -R "$ready_file2" \
|
||||||
-k certs/ocsp/server1-key.pem -v 4 \
|
-k certs/ocsp/server1-key.pem -v 4 \
|
||||||
-p $port3 &
|
-p $port3 &
|
||||||
wolf_pid3=$!
|
wolf_pid3=$!
|
||||||
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
|
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
|
||||||
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1m -v 4 -F 1 \
|
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1m -v 4 -F 1 \
|
||||||
-p $port3
|
-p $port3
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
@ -363,12 +363,12 @@ if [ $? -ne 0 ]; then
|
|||||||
|
|
||||||
printf '%s\n\n' "------------- TEST CASE 5 SHOULD REVOKE ------------------"
|
printf '%s\n\n' "------------- TEST CASE 5 SHOULD REVOKE ------------------"
|
||||||
# client test against our own server - REVOKED CERT
|
# client test against our own server - REVOKED CERT
|
||||||
remove_single_rF $ready_file2
|
remove_single_rF "$ready_file2"
|
||||||
./examples/server/server -c certs/ocsp/server2-cert.pem -R $ready_file2 \
|
./examples/server/server -c certs/ocsp/server2-cert.pem -R "$ready_file2" \
|
||||||
-k certs/ocsp/server2-key.pem -v 4 \
|
-k certs/ocsp/server2-key.pem -v 4 \
|
||||||
-p $port3 &
|
-p $port3 &
|
||||||
wolf_pid3=$!
|
wolf_pid3=$!
|
||||||
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
|
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
|
||||||
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -v 4 -F 1 \
|
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -v 4 -F 1 \
|
||||||
-p $port3
|
-p $port3
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
|
@ -27,7 +27,7 @@ if [ "$OUTPUT" = "SNI is: ON" ]; then
|
|||||||
printf '\n\n%s\n\n' "SNI is on, proceed with globalsign test"
|
printf '\n\n%s\n\n' "SNI is on, proceed with globalsign test"
|
||||||
|
|
||||||
# is our desired server there?
|
# is our desired server there?
|
||||||
${SCRIPT_DIR}/ping.test $server 2
|
"${SCRIPT_DIR}/ping.test" $server 2
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
if [ $RESULT -ne 0 ]; then
|
if [ $RESULT -ne 0 ]; then
|
||||||
GL_UNREACHABLE=1
|
GL_UNREACHABLE=1
|
||||||
@ -35,7 +35,7 @@ if [ "$OUTPUT" = "SNI is: ON" ]; then
|
|||||||
|
|
||||||
if [ $RESULT -eq 0 ]; then
|
if [ $RESULT -eq 0 ]; then
|
||||||
# client test against the server
|
# client test against the server
|
||||||
./examples/client/client -X -C -h $server -p 443 -A $ca -g -o -N -v d -S $server
|
./examples/client/client -X -C -h $server -p 443 -A "$ca" -g -o -N -v d -S $server
|
||||||
GL_RESULT=$?
|
GL_RESULT=$?
|
||||||
[ $GL_RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection failed"
|
[ $GL_RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection failed"
|
||||||
else
|
else
|
||||||
@ -54,7 +54,7 @@ ${SCRIPT_DIR}/ping.test $server 2
|
|||||||
RESULT=$?
|
RESULT=$?
|
||||||
if [ $RESULT -eq 0 ]; then
|
if [ $RESULT -eq 0 ]; then
|
||||||
# client test against the server
|
# client test against the server
|
||||||
./examples/client/client -X -C -h $server -p 443 -A $ca -g -o -N
|
./examples/client/client -X -C -h $server -p 443 -A "$ca" -g -o -N
|
||||||
GR_RESULT=$?
|
GR_RESULT=$?
|
||||||
[ $GR_RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection failed"
|
[ $GR_RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection failed"
|
||||||
else
|
else
|
||||||
|
@ -161,11 +161,11 @@ start_openssl_server() {
|
|||||||
|
|
||||||
if [ "$cert_file" != "" ]
|
if [ "$cert_file" != "" ]
|
||||||
then
|
then
|
||||||
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
|
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert \"$cert_file\" -key \"$key_file\" -quiet -CAfile \"$ca_file\" -www -dhparam \"${CERT_DIR}/dh2048.pem\" -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
|
||||||
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
|
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert "$cert_file" -key "$key_file" -quiet -CAfile "$ca_file" -www -dhparam "${CERT_DIR}/dh2048.pem" -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
|
||||||
else
|
else
|
||||||
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
|
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam \"${CERT_DIR}/dh2048.pem\" -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
|
||||||
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
|
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam "${CERT_DIR}/dh2048.pem" -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
|
||||||
fi
|
fi
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
# wait to see if s_server successfully starts before continuing
|
# wait to see if s_server successfully starts before continuing
|
||||||
@ -229,8 +229,8 @@ start_wolfssl_server() {
|
|||||||
echo -e "\n# Trying to start $wolfssl_suite wolfSSL server on port $server_port..."
|
echo -e "\n# Trying to start $wolfssl_suite wolfSSL server on port $server_port..."
|
||||||
|
|
||||||
echo "#"
|
echo "#"
|
||||||
echo "# $WOLFSSL_SERVER -p $server_port $wolfssl_cert $wolfssl_key $wolfssl_caCert -g -v d -x -i $psk $crl -l ALL"
|
echo "# $WOLFSSL_SERVER -p $server_port -g -v d -x -i $psk $crl -l ALL \"$wolfssl_cert\" \"$wolfssl_key\" \"$wolfssl_caCert\""
|
||||||
$WOLFSSL_SERVER -p $server_port $wolfssl_cert $wolfssl_key $wolfssl_caCert -g -v d -x -i $psk $crl -l ALL &
|
$WOLFSSL_SERVER -p $server_port -g -v d -x -i $psk $crl -l ALL "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
# wait to see if server successfully starts before continuing
|
# wait to see if server successfully starts before continuing
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
@ -316,13 +316,13 @@ do_wolfssl_client() {
|
|||||||
if [ "$version" != "5" -a "$version" != "" ]
|
if [ "$version" != "5" -a "$version" != "" ]
|
||||||
then
|
then
|
||||||
echo "#"
|
echo "#"
|
||||||
echo "# $WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite -v $version $psk $adh $wolfssl_cert $wolfssl_key $wolfssl_caCert $crl"
|
echo "# $WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite -v $version $psk $adh "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" $crl"
|
||||||
$WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite -v $version $psk $adh $wolfssl_cert $wolfssl_key $wolfssl_caCert $crl
|
$WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite -v $version $psk $adh "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" $crl
|
||||||
else
|
else
|
||||||
echo "#"
|
echo "#"
|
||||||
echo "# $WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite $psk $adh $wolfssl_cert $wolfssl_key $wolfssl_caCert $crl"
|
echo "# $WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite $psk $adh "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" $crl"
|
||||||
# do all versions
|
# do all versions
|
||||||
$WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite $psk $adh $wolfssl_cert $wolfssl_key $wolfssl_caCert $crl
|
$WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite $psk $adh "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" $crl
|
||||||
fi
|
fi
|
||||||
|
|
||||||
client_result=$?
|
client_result=$?
|
||||||
@ -370,12 +370,12 @@ do_openssl_client() {
|
|||||||
if [ "$tls13_cipher" = "" ]
|
if [ "$tls13_cipher" = "" ]
|
||||||
then
|
then
|
||||||
echo "#"
|
echo "#"
|
||||||
echo "# $OPENSSL s_client -connect localhost:$port -reconnect -cipher $cmpSuite $openssl_version $openssl_psk $openssl_cert1 $openssl_cert2 $openssl_key1 $openssl_key2 $openssl_caCert1 $openssl_caCert2"
|
echo "# $OPENSSL s_client -connect localhost:$port -reconnect -cipher $cmpSuite $openssl_version $openssl_psk $openssl_cert1 \"$openssl_cert2\" $openssl_key1 \"$openssl_key2\" $openssl_caCert1 \"$openssl_caCert2\""
|
||||||
echo "Hello" | eval "$OPENSSL s_client -connect localhost:$port -reconnect -cipher $cmpSuite $openssl_version $openssl_psk $openssl_cert1 $openssl_cert2 $openssl_key1 $openssl_key2 $openssl_caCert1 $openssl_caCert2"
|
echo "Hello" | eval "$OPENSSL s_client -connect localhost:$port -reconnect -cipher $cmpSuite $openssl_version $openssl_psk $openssl_cert1 \"$openssl_cert2\" $openssl_key1 \"$openssl_key2\" $openssl_caCert1 \"$openssl_caCert2\""
|
||||||
else
|
else
|
||||||
echo "#"
|
echo "#"
|
||||||
echo "# $OPENSSL s_client -connect localhost:$port -reconnect -ciphersuites=$cmpSuite $openssl_version $openssl_psk $openssl_cert1 $openssl_cert2 $openssl_key1 $openssl_key2 $openssl_caCert1 $openssl_caCert2"
|
echo "# $OPENSSL s_client -connect localhost:$port -reconnect -ciphersuites=$cmpSuite $openssl_version $openssl_psk $openssl_cert1 \"$openssl_cert2\" $openssl_key1 \"$openssl_key2\" $openssl_caCert1 \"$openssl_caCert2\""
|
||||||
echo "Hello" | eval "$OPENSSL s_client -connect localhost:$port -reconnect -ciphersuites=$cmpSuite $openssl_version $openssl_psk $openssl_cert1 $openssl_cert2 $openssl_key1 $openssl_key2 $openssl_caCert1 $openssl_caCert2"
|
echo "Hello" | eval "$OPENSSL s_client -connect localhost:$port -reconnect -ciphersuites=$cmpSuite $openssl_version $openssl_psk $openssl_cert1 \"$openssl_cert2\" $openssl_key1 \"$openssl_key2\" $openssl_caCert1 \"$openssl_caCert2\""
|
||||||
fi
|
fi
|
||||||
|
|
||||||
client_result=$?
|
client_result=$?
|
||||||
@ -407,7 +407,7 @@ command -v $OPENSSL >/dev/null 2>&1 || { echo >&2 "Requires openssl command, but
|
|||||||
|
|
||||||
echo -e "\nTesting for _build directory as part of distcheck, different paths"
|
echo -e "\nTesting for _build directory as part of distcheck, different paths"
|
||||||
currentDir=`pwd`
|
currentDir=`pwd`
|
||||||
if [ $currentDir = *"_build" ]
|
if [ "$currentDir" = *"_build" ]
|
||||||
then
|
then
|
||||||
echo -e "_build directory detected, moving a directory back"
|
echo -e "_build directory detected, moving a directory back"
|
||||||
cd ..
|
cd ..
|
||||||
@ -479,7 +479,7 @@ esac
|
|||||||
if [ "$wolf_certs" != "" ]
|
if [ "$wolf_certs" != "" ]
|
||||||
then
|
then
|
||||||
# Check if ECC certificates supported in wolfSSL
|
# Check if ECC certificates supported in wolfSSL
|
||||||
wolf_ecc=`$WOLFSSL_CLIENT -A ${CERT_DIR}/ed25519/ca-ecc-cert.pem 2>&1`
|
wolf_ecc=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed25519/ca-ecc-cert.pem" 2>&1`
|
||||||
case $wolf_ecc in
|
case $wolf_ecc in
|
||||||
*"ca file"*)
|
*"ca file"*)
|
||||||
wolf_ecc=""
|
wolf_ecc=""
|
||||||
@ -488,7 +488,7 @@ then
|
|||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
# Check if Ed25519 certificates supported in wolfSSL
|
# Check if Ed25519 certificates supported in wolfSSL
|
||||||
wolf_ed25519=`$WOLFSSL_CLIENT -A ${CERT_DIR}/ed25519/root-ed25519.pem 2>&1`
|
wolf_ed25519=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed25519/root-ed25519.pem" 2>&1`
|
||||||
case $wolf_ed25519 in
|
case $wolf_ed25519 in
|
||||||
*"ca file"*)
|
*"ca file"*)
|
||||||
wolf_ed25519=""
|
wolf_ed25519=""
|
||||||
@ -497,7 +497,7 @@ then
|
|||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
# Check if Ed25519 certificates supported in OpenSSL
|
# Check if Ed25519 certificates supported in OpenSSL
|
||||||
openssl_ed25519=`$OPENSSL s_client -cert ${CERT_DIR}/ed25519/client-ed25519.pem -key ${CERT_DIR}/ed25519/client-ed25519-priv.pem 2>&1`
|
openssl_ed25519=`$OPENSSL s_client -cert "${CERT_DIR}/ed25519/client-ed25519.pem" -key "${CERT_DIR}/ed25519/client-ed25519-priv.pem" 2>&1`
|
||||||
case $openssl_ed25519 in
|
case $openssl_ed25519 in
|
||||||
*"unable to load"*)
|
*"unable to load"*)
|
||||||
wolf_ed25519=""
|
wolf_ed25519=""
|
||||||
@ -506,7 +506,7 @@ then
|
|||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
# Check if Ed448 certificates supported in wolfSSL
|
# Check if Ed448 certificates supported in wolfSSL
|
||||||
wolf_ed448=`$WOLFSSL_CLIENT -A ${CERT_DIR}/ed448/root-ed448.pem 2>&1`
|
wolf_ed448=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed448/root-ed448.pem" 2>&1`
|
||||||
case $wolf_ed448 in
|
case $wolf_ed448 in
|
||||||
*"ca file"*)
|
*"ca file"*)
|
||||||
wolf_ed448=""
|
wolf_ed448=""
|
||||||
@ -515,7 +515,7 @@ then
|
|||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
# Check if Ed448 certificates supported in OpenSSL
|
# Check if Ed448 certificates supported in OpenSSL
|
||||||
openssl_ed448=`$OPENSSL s_client -cert ${CERT_DIR}/ed448/client-ed448.pem -key ${CERT_DIR}/ed448/client-ed448-priv.pem 2>&1`
|
openssl_ed448=`$OPENSSL s_client -cert "${CERT_DIR}/ed448/client-ed448.pem" -key "${CERT_DIR}/ed448/client-ed448-priv.pem" 2>&1`
|
||||||
case $openssl_ed448 in
|
case $openssl_ed448 in
|
||||||
*"unable to load"*)
|
*"unable to load"*)
|
||||||
wolf_ed448=""
|
wolf_ed448=""
|
||||||
@ -757,7 +757,7 @@ do
|
|||||||
|
|
||||||
# double check that can actually do a sslv3 connection using
|
# double check that can actually do a sslv3 connection using
|
||||||
# client-cert.pem to send but any file with EOF works
|
# client-cert.pem to send but any file with EOF works
|
||||||
$OPENSSL s_client -ssl3 -no_ign_eof -host localhost -port $openssl_port < ${CERT_DIR}/client-cert.pem
|
$OPENSSL s_client -ssl3 -no_ign_eof -host localhost -port $openssl_port < "${CERT_DIR}/client-cert.pem"
|
||||||
sslv3_sup=$?
|
sslv3_sup=$?
|
||||||
if [ $sslv3_sup != 0 ]
|
if [ $sslv3_sup != 0 ]
|
||||||
then
|
then
|
||||||
|
@ -27,9 +27,9 @@ server_pid=$no_pid
|
|||||||
ready_file=`pwd`/wolfssl_pk_ready$$
|
ready_file=`pwd`/wolfssl_pk_ready$$
|
||||||
|
|
||||||
remove_ready_file() {
|
remove_ready_file() {
|
||||||
if test -e $ready_file; then
|
if test -e "$ready_file"; then
|
||||||
echo -e "removing existing ready file"
|
echo -e "removing existing ready file"
|
||||||
rm $ready_file
|
rm "$ready_file"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -79,16 +79,16 @@ run_test() {
|
|||||||
# starts the server on pk_port, -R generates ready file to be used as a
|
# starts the server on pk_port, -R generates ready file to be used as a
|
||||||
# mutex lock, -P does pkcallbacks. We capture the processid
|
# mutex lock, -P does pkcallbacks. We capture the processid
|
||||||
# into the variable server_pid
|
# into the variable server_pid
|
||||||
./examples/server/server -P -R $ready_file -p $pk_port &
|
./examples/server/server -P -R "$ready_file" -p $pk_port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
|
|
||||||
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
|
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
|
||||||
echo -e "waiting for ready file..."
|
echo -e "waiting for ready file..."
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
counter=$((counter+ 1))
|
counter=$((counter+ 1))
|
||||||
done
|
done
|
||||||
|
|
||||||
if test -e $ready_file; then
|
if test -e "$ready_file"; then
|
||||||
echo -e "found ready file, starting client..."
|
echo -e "found ready file, starting client..."
|
||||||
else
|
else
|
||||||
echo -e "NO ready file ending test..."
|
echo -e "NO ready file ending test..."
|
||||||
@ -99,7 +99,7 @@ run_test() {
|
|||||||
sleep 0.1
|
sleep 0.1
|
||||||
|
|
||||||
# get created port 0 ephemeral port
|
# get created port 0 ephemeral port
|
||||||
pk_port=`cat $ready_file`
|
pk_port=`cat "$ready_file"`
|
||||||
|
|
||||||
# starts client on pk_port with pkcallbacks, captures the output from client
|
# starts client on pk_port with pkcallbacks, captures the output from client
|
||||||
capture_out=$(./examples/client/client -P -p $pk_port 2>&1)
|
capture_out=$(./examples/client/client -P -p $pk_port 2>&1)
|
||||||
|
@ -25,23 +25,23 @@ counter=0
|
|||||||
# per source tree
|
# per source tree
|
||||||
ready_file=`pwd`/wolfssl_psk_ready$$
|
ready_file=`pwd`/wolfssl_psk_ready$$
|
||||||
|
|
||||||
echo "ready file $ready_file"
|
echo "ready file \"$ready_file\""
|
||||||
|
|
||||||
create_port() {
|
create_port() {
|
||||||
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
|
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
|
||||||
echo -e "waiting for ready file..."
|
echo -e "waiting for ready file..."
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
counter=$((counter+ 1))
|
counter=$((counter+ 1))
|
||||||
done
|
done
|
||||||
|
|
||||||
if test -e $ready_file; then
|
if test -e "$ready_file"; then
|
||||||
echo -e "found ready file, starting client..."
|
echo -e "found ready file, starting client..."
|
||||||
|
|
||||||
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
|
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
|
|
||||||
# get created port 0 ephemeral port
|
# get created port 0 ephemeral port
|
||||||
port=`cat $ready_file`
|
port=`cat "$ready_file"`
|
||||||
else
|
else
|
||||||
echo -e "NO ready file ending test..."
|
echo -e "NO ready file ending test..."
|
||||||
do_cleanup
|
do_cleanup
|
||||||
@ -49,9 +49,9 @@ create_port() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
remove_ready_file() {
|
remove_ready_file() {
|
||||||
if test -e $ready_file; then
|
if test -e "$ready_file"; then
|
||||||
echo -e "removing existing ready file"
|
echo -e "removing existing ready file"
|
||||||
rm $ready_file
|
rm "$ready_file"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -87,7 +87,7 @@ fi
|
|||||||
# Usual psk server / psk client. This use case is tested in
|
# Usual psk server / psk client. This use case is tested in
|
||||||
# tests/unit.test and is used here for just checking if PSK is enabled
|
# tests/unit.test and is used here for just checking if PSK is enabled
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -s -R $ready_file -p $port &
|
./examples/server/server -s -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -s -p $port
|
./examples/client/client -s -p $port
|
||||||
@ -110,7 +110,7 @@ if [ $? -ne 0 ]; then
|
|||||||
# tests/unit.test and is used here for just checking if cipher suite
|
# tests/unit.test and is used here for just checking if cipher suite
|
||||||
# is available (one case for example is with disable-asn)
|
# is available (one case for example is with disable-asn)
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -R $ready_file -p $port -l DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA &
|
./examples/server/server -R "$ready_file" -p $port -l DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -p $port
|
./examples/client/client -p $port
|
||||||
@ -126,7 +126,7 @@ if [ $? -ne 0 ]; then
|
|||||||
|
|
||||||
# psk server with non psk client
|
# psk server with non psk client
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -j -R $ready_file -p $port &
|
./examples/server/server -j -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -p $port
|
./examples/client/client -p $port
|
||||||
@ -142,7 +142,7 @@ if [ $? -ne 0 ]; then
|
|||||||
# check fail if no auth, psk server with non psk client
|
# check fail if no auth, psk server with non psk client
|
||||||
echo "Checking fail when not sending peer cert"
|
echo "Checking fail when not sending peer cert"
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -j -R $ready_file -p $port &
|
./examples/server/server -j -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -x -p $port
|
./examples/client/client -x -p $port
|
||||||
|
@ -29,9 +29,9 @@ ready_file=`pwd`/wolfssl_resume_ready$$
|
|||||||
echo "ready file $ready_file"
|
echo "ready file $ready_file"
|
||||||
|
|
||||||
remove_ready_file() {
|
remove_ready_file() {
|
||||||
if test -e $ready_file; then
|
if test -e "$ready_file"; then
|
||||||
echo -e "removing existing ready file"
|
echo -e "removing existing ready file"
|
||||||
rm $ready_file
|
rm "$ready_file"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -69,16 +69,16 @@ do_test() {
|
|||||||
esac
|
esac
|
||||||
|
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
./examples/server/server -r -R $ready_file -p $resume_port &
|
./examples/server/server -r -R "$ready_file" -p $resume_port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
|
|
||||||
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
|
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
|
||||||
echo -e "waiting for ready file..."
|
echo -e "waiting for ready file..."
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
counter=$((counter+ 1))
|
counter=$((counter+ 1))
|
||||||
done
|
done
|
||||||
|
|
||||||
if test -e $ready_file; then
|
if test -e "$ready_file"; then
|
||||||
echo -e "found ready file, starting client..."
|
echo -e "found ready file, starting client..."
|
||||||
else
|
else
|
||||||
echo -e "NO ready file ending test..."
|
echo -e "NO ready file ending test..."
|
||||||
@ -90,7 +90,7 @@ do_test() {
|
|||||||
sleep 0.1
|
sleep 0.1
|
||||||
|
|
||||||
# get created port 0 ephemeral port
|
# get created port 0 ephemeral port
|
||||||
resume_port=`cat $ready_file`
|
resume_port=`cat "$ready_file"`
|
||||||
|
|
||||||
capture_out=$(./examples/client/client $1 -r -p $resume_port 2>&1)
|
capture_out=$(./examples/client/client $1 -r -p $resume_port 2>&1)
|
||||||
client_result=$?
|
client_result=$?
|
||||||
|
@ -30,10 +30,10 @@ server_out_file=`pwd`/wolfssl_tls13_server_out$$
|
|||||||
# Client output
|
# Client output
|
||||||
client_out_file=`pwd`/wolfssl_tls13_client_out$$
|
client_out_file=`pwd`/wolfssl_tls13_client_out$$
|
||||||
|
|
||||||
echo "ready file $ready_file"
|
echo "ready file "$ready_file""
|
||||||
|
|
||||||
create_port() {
|
create_port() {
|
||||||
while [ ! -s $ready_file ]; do
|
while [ ! -s "$ready_file" ]; do
|
||||||
if [ "$counter" -gt 50 ]; then
|
if [ "$counter" -gt 50 ]; then
|
||||||
break
|
break
|
||||||
fi
|
fi
|
||||||
@ -42,14 +42,14 @@ create_port() {
|
|||||||
counter=$((counter+ 1))
|
counter=$((counter+ 1))
|
||||||
done
|
done
|
||||||
|
|
||||||
if [ -e $ready_file ]; then
|
if [ -e "$ready_file" ]; then
|
||||||
echo -e "found ready file, starting client..."
|
echo -e "found ready file, starting client..."
|
||||||
|
|
||||||
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
|
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
|
|
||||||
# get created port 0 ephemeral port
|
# get created port 0 ephemeral port
|
||||||
port=`cat $ready_file`
|
port=`cat "$ready_file"`
|
||||||
else
|
else
|
||||||
echo -e "NO ready file ending test..."
|
echo -e "NO ready file ending test..."
|
||||||
do_cleanup
|
do_cleanup
|
||||||
@ -57,9 +57,9 @@ create_port() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
remove_ready_file() {
|
remove_ready_file() {
|
||||||
if [ -e $ready_file ]; then
|
if [ -e "$ready_file" ]; then
|
||||||
echo -e "removing existing ready file"
|
echo -e "removing existing ready file"
|
||||||
rm $ready_file
|
rm "$ready_file"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -73,17 +73,17 @@ do_cleanup() {
|
|||||||
server_pid=$no_pid
|
server_pid=$no_pid
|
||||||
fi
|
fi
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
if [ -e $client_file ]; then
|
if [ -e "$client_file" ]; then
|
||||||
echo -e "removing existing client file"
|
echo -e "removing existing client file"
|
||||||
rm $client_file
|
rm "$client_file"
|
||||||
fi
|
fi
|
||||||
if [ -e $server_out_file ]; then
|
if [ -e "$server_out_file" ]; then
|
||||||
echo -e "removing existing server output file"
|
echo -e "removing existing server output file"
|
||||||
rm $server_out_file
|
rm "$server_out_file"
|
||||||
fi
|
fi
|
||||||
if [ -e $client_out_file ]; then
|
if [ -e "$client_out_file" ]; then
|
||||||
echo -e "removing existing client output file"
|
echo -e "removing existing client output file"
|
||||||
rm $client_out_file
|
rm "$client_out_file"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -108,10 +108,10 @@ fi
|
|||||||
# Usual TLS v1.3 server / TLS v1.3 client.
|
# Usual TLS v1.3 server / TLS v1.3 client.
|
||||||
echo -e "\n\nTLS v1.3 server with TLS v1.3 client"
|
echo -e "\n\nTLS v1.3 server with TLS v1.3 client"
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -v 4 -R $ready_file -p $port &
|
./examples/server/server -v 4 -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -v 4 -p $port | tee $client_file
|
./examples/client/client -v 4 -p $port | tee "$client_file"
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
if [ $RESULT -ne 0 ]; then
|
if [ $RESULT -ne 0 ]; then
|
||||||
@ -124,7 +124,7 @@ echo ""
|
|||||||
# TLS 1.3 cipher suites server / client.
|
# TLS 1.3 cipher suites server / client.
|
||||||
echo -e "\n\nTLS v1.3 cipher suite mismatch"
|
echo -e "\n\nTLS v1.3 cipher suite mismatch"
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-CHACHA20-POLY1305-SHA256 &
|
./examples/server/server -v 4 -R "$ready_file" -p $port -l TLS13-CHACHA20-POLY1305-SHA256 &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -v 4 -p $port -l TLS13-AES256-GCM-SHA384
|
./examples/client/client -v 4 -p $port -l TLS13-AES256-GCM-SHA384
|
||||||
@ -146,7 +146,7 @@ if [ $NO_CERTS -ne 0 -a $NO_CLIENT_AUTH -ne 0 ]; then
|
|||||||
# TLS 1.3 mutual auth required but client doesn't send certificates.
|
# TLS 1.3 mutual auth required but client doesn't send certificates.
|
||||||
echo -e "\n\nTLS v1.3 mutual auth fail"
|
echo -e "\n\nTLS v1.3 mutual auth fail"
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -v 4 -F -R $ready_file -p $port &
|
./examples/server/server -v 4 -F -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -v 4 -x -p $port
|
./examples/client/client -v 4 -x -p $port
|
||||||
@ -167,7 +167,7 @@ if [ $? -ne 0 ]; then
|
|||||||
# TLS 1.3 server / TLS 1.2 client.
|
# TLS 1.3 server / TLS 1.2 client.
|
||||||
echo -e "\n\nTLS v1.3 server downgrading to TLS v1.2"
|
echo -e "\n\nTLS v1.3 server downgrading to TLS v1.2"
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -v 4 -R $ready_file -p $port &
|
./examples/server/server -v 4 -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -v 3 -p $port
|
./examples/client/client -v 3 -p $port
|
||||||
@ -184,7 +184,7 @@ if [ $? -ne 0 ]; then
|
|||||||
# TLS 1.2 server / TLS 1.3 client.
|
# TLS 1.2 server / TLS 1.3 client.
|
||||||
echo -e "\n\nTLS v1.3 client upgrading server to TLS v1.3"
|
echo -e "\n\nTLS v1.3 client upgrading server to TLS v1.3"
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -v 3 -R $ready_file -p $port &
|
./examples/server/server -v 3 -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -v 4 -p $port
|
./examples/client/client -v 4 -p $port
|
||||||
@ -215,7 +215,7 @@ if [ $? -ne 0 ]; then
|
|||||||
port=0
|
port=0
|
||||||
SERVER_CS="TLS13-AES256-GCM-SHA384:$TLS12_CS"
|
SERVER_CS="TLS13-AES256-GCM-SHA384:$TLS12_CS"
|
||||||
CLIENT_CS="TLS13-AES128-GCM-SHA256:$TLS12_CS"
|
CLIENT_CS="TLS13-AES128-GCM-SHA256:$TLS12_CS"
|
||||||
./examples/server/server -v d -l $SERVER_CS -R $ready_file -p $port &
|
./examples/server/server -v d -l $SERVER_CS -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -v d -l $CLIENT_CS -p $port
|
./examples/client/client -v d -l $CLIENT_CS -p $port
|
||||||
@ -246,17 +246,17 @@ fi
|
|||||||
if [ "$early_data" = "yes" ]; then
|
if [ "$early_data" = "yes" ]; then
|
||||||
echo -e "\n\nTLS v1.3 Early Data - session ticket"
|
echo -e "\n\nTLS v1.3 Early Data - session ticket"
|
||||||
port=0
|
port=0
|
||||||
(./examples/server/server -v 4 -r -0 -R $ready_file -p $port 2>&1 | \
|
(./examples/server/server -v 4 -r -0 -R "$ready_file" -p $port 2>&1 | \
|
||||||
tee $server_out_file) &
|
tee "$server_out_file") &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -v 4 -r -0 -p $port 2>&1 >$client_out_file
|
./examples/client/client -v 4 -r -0 -p $port 2>&1 >"$client_out_file"
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
cat $client_out_file
|
cat "$client_out_file"
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
grep 'Session Ticket' $client_out_file
|
grep 'Session Ticket' "$client_out_file"
|
||||||
session_ticket=$?
|
session_ticket=$?
|
||||||
early_data_cnt=`grep 'Early Data' $server_out_file | wc -l`
|
early_data_cnt=`grep 'Early Data' "$server_out_file" | wc -l`
|
||||||
if [ $session_ticket -eq 0 -a $early_data_cnt -ne 4 ]; then
|
if [ $session_ticket -eq 0 -a $early_data_cnt -ne 4 ]; then
|
||||||
RESULT=1
|
RESULT=1
|
||||||
fi
|
fi
|
||||||
@ -272,8 +272,8 @@ fi
|
|||||||
if [ "$early_data" = "yes" -a "$psk" = "yes" ]; then
|
if [ "$early_data" = "yes" -a "$psk" = "yes" ]; then
|
||||||
echo -e "\n\nTLS v1.3 Early Data - PSK"
|
echo -e "\n\nTLS v1.3 Early Data - PSK"
|
||||||
port=0
|
port=0
|
||||||
(./examples/server/server -v 4 -s -0 -R $ready_file -p $port 2>&1 | \
|
(./examples/server/server -v 4 -s -0 -R "$ready_file" -p $port 2>&1 | \
|
||||||
tee $server_out_file) &
|
tee "$server_out_file") &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -v 4 -s -0 -p $port
|
./examples/client/client -v 4 -s -0 -p $port
|
||||||
@ -283,14 +283,14 @@ if [ "$early_data" = "yes" -a "$psk" = "yes" ]; then
|
|||||||
# wait for the server to quit and write output
|
# wait for the server to quit and write output
|
||||||
wait $server_pid
|
wait $server_pid
|
||||||
|
|
||||||
early_data_cnt=`grep 'Early Data' $server_out_file | wc -l`
|
early_data_cnt=`grep 'Early Data' "$server_out_file" | wc -l`
|
||||||
if [ $early_data_cnt -ne 3 -a $early_data_cnt -ne 5 ]; then
|
if [ $early_data_cnt -ne 3 -a $early_data_cnt -ne 5 ]; then
|
||||||
echo
|
echo
|
||||||
echo "Server out file"
|
echo "Server out file"
|
||||||
cat $server_out_file
|
cat "$server_out_file"
|
||||||
echo
|
echo
|
||||||
echo "Found lines"
|
echo "Found lines"
|
||||||
grep 'Early Data' $server_out_file
|
grep 'Early Data' "$server_out_file"
|
||||||
echo -e "\n\nToo few 'Early Data' lines - $early_data_cnt"
|
echo -e "\n\nToo few 'Early Data' lines - $early_data_cnt"
|
||||||
RESULT=1
|
RESULT=1
|
||||||
fi
|
fi
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
#!/bin/sh
|
#!/bin/bash
|
||||||
|
|
||||||
# trusted_peer.test
|
# trusted_peer.test
|
||||||
# copyright wolfSSL 2016
|
# copyright wolfSSL 2016
|
||||||
@ -36,23 +36,23 @@ combined_cert=`pwd`/certs/client_combined.pem
|
|||||||
wrong_ca=`pwd`/certs/wolfssl-website-ca.pem
|
wrong_ca=`pwd`/certs/wolfssl-website-ca.pem
|
||||||
wrong_cert=`pwd`/certs/server-revoked-cert.pem
|
wrong_cert=`pwd`/certs/server-revoked-cert.pem
|
||||||
|
|
||||||
echo "ready file $ready_file"
|
echo "ready file \"$ready_file\""
|
||||||
|
|
||||||
create_port() {
|
create_port() {
|
||||||
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
|
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
|
||||||
echo -e "waiting for ready file..."
|
echo -e "waiting for ready file..."
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
counter=$((counter+ 1))
|
counter=$((counter+ 1))
|
||||||
done
|
done
|
||||||
|
|
||||||
if test -e $ready_file; then
|
if test -e "$ready_file"; then
|
||||||
echo -e "found ready file, starting client..."
|
echo -e "found ready file, starting client..."
|
||||||
|
|
||||||
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
|
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
|
|
||||||
# get created port 0 ephemeral port
|
# get created port 0 ephemeral port
|
||||||
port=`cat $ready_file`
|
port=`cat "$ready_file"`
|
||||||
else
|
else
|
||||||
echo -e "NO ready file ending test..."
|
echo -e "NO ready file ending test..."
|
||||||
do_cleanup
|
do_cleanup
|
||||||
@ -60,9 +60,9 @@ create_port() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
remove_ready_file() {
|
remove_ready_file() {
|
||||||
if test -e $ready_file; then
|
if test -e "$ready_file"; then
|
||||||
echo -e "removing existing ready file"
|
echo -e "removing existing ready file"
|
||||||
rm $ready_file
|
rm "$ready_file"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -89,7 +89,7 @@ trap do_trap INT TERM
|
|||||||
|
|
||||||
# Look for if RSA and/or ECC is enabled and adjust certs/keys
|
# Look for if RSA and/or ECC is enabled and adjust certs/keys
|
||||||
ciphers=`./examples/client/client -e`
|
ciphers=`./examples/client/client -e`
|
||||||
if [[ $ciphers != *"RSA"* ]]; then
|
if [[ "$ciphers" != *"RSA"* ]]; then
|
||||||
if [[ $ciphers == *"ECDSA"* ]]; then
|
if [[ $ciphers == *"ECDSA"* ]]; then
|
||||||
client_cert=`pwd`/certs/client-ecc-cert.pem
|
client_cert=`pwd`/certs/client-ecc-cert.pem
|
||||||
client_ca=`pwd`/certs/server-ecc.pem
|
client_ca=`pwd`/certs/server-ecc.pem
|
||||||
@ -107,7 +107,7 @@ fi
|
|||||||
|
|
||||||
# CRL list not set up for tests
|
# CRL list not set up for tests
|
||||||
crl_test=`./examples/client/client -h`
|
crl_test=`./examples/client/client -h`
|
||||||
if [[ $crl_test == *"-C "* ]]; then
|
if [[ "$crl_test" == *"-C "* ]]; then
|
||||||
echo "test not set up to run with CRL"
|
echo "test not set up to run with CRL"
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
@ -118,10 +118,10 @@ echo "Checking built with trusted peer certs "
|
|||||||
echo "-----------------------------------------------------"
|
echo "-----------------------------------------------------"
|
||||||
port=0
|
port=0
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
./examples/server/server -E $client_cert -c $server_cert -k $server_key -R $ready_file -p $port &
|
./examples/server/server -E "$client_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -A $client_ca -p $port
|
./examples/client/client -A "$client_ca" -p $port
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
# if fail here then is a settings issue so return 0
|
# if fail here then is a settings issue so return 0
|
||||||
@ -136,10 +136,10 @@ echo ""
|
|||||||
echo "Server and Client relying on trusted peer cert loaded"
|
echo "Server and Client relying on trusted peer cert loaded"
|
||||||
echo "-----------------------------------------------------"
|
echo "-----------------------------------------------------"
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -A $wrong_ca -E $client_cert -c $server_cert -k $server_key -R $ready_file -p $port &
|
./examples/server/server -A "$wrong_ca" -E "$client_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -A $wrong_ca -E $server_cert -c $client_cert -p $port
|
./examples/client/client -A "$wrong_ca" -E "$server_cert" -c "$client_cert" -p $port
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
if [ $RESULT -ne 0 ]; then
|
if [ $RESULT -ne 0 ]; then
|
||||||
@ -153,10 +153,10 @@ echo ""
|
|||||||
echo "Server relying on trusted peer cert loaded"
|
echo "Server relying on trusted peer cert loaded"
|
||||||
echo "-----------------------------------------------------"
|
echo "-----------------------------------------------------"
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -A $wrong_ca -E $client_cert -c $server_cert -k $server_key -R $ready_file -p $port &
|
./examples/server/server -A "$wrong_ca" -E "$client_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -A $client_ca -c $client_cert -p $port
|
./examples/client/client -A "$client_ca" -c "$client_cert" -p $port
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
if [ $RESULT -ne 0 ]; then
|
if [ $RESULT -ne 0 ]; then
|
||||||
@ -170,10 +170,10 @@ echo ""
|
|||||||
echo "Client relying on trusted peer cert loaded"
|
echo "Client relying on trusted peer cert loaded"
|
||||||
echo "-----------------------------------------------------"
|
echo "-----------------------------------------------------"
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -c $server_cert -k $server_key -R $ready_file -p $port &
|
./examples/server/server -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -A $wrong_ca -E $server_cert -p $port
|
./examples/client/client -A "$wrong_ca" -E "$server_cert" -p $port
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
if [ $RESULT -ne 0 ]; then
|
if [ $RESULT -ne 0 ]; then
|
||||||
@ -187,10 +187,10 @@ echo ""
|
|||||||
echo "Client fall through to loaded CAs"
|
echo "Client fall through to loaded CAs"
|
||||||
echo "-----------------------------------------------------"
|
echo "-----------------------------------------------------"
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -c $server_cert -k $server_key -R $ready_file -p $port &
|
./examples/server/server -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -A $client_ca -E $wrong_cert -p $port
|
./examples/client/client -A "$client_ca" -E "$wrong_cert" -p $port
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
if [ $RESULT -ne 0 ]; then
|
if [ $RESULT -ne 0 ]; then
|
||||||
@ -206,10 +206,10 @@ if [[ $wrong_ca != *"ecc"* ]]; then
|
|||||||
echo "Client wrong CA and wrong trusted peer cert loaded"
|
echo "Client wrong CA and wrong trusted peer cert loaded"
|
||||||
echo "-----------------------------------------------------"
|
echo "-----------------------------------------------------"
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -c $server_cert -k $server_key -R $ready_file -p $port &
|
./examples/server/server -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -A $wrong_ca -E $wrong_cert -p $port
|
./examples/client/client -A "$wrong_ca" -E "$wrong_cert" -p $port
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
if [ $RESULT -eq 0 ]; then
|
if [ $RESULT -eq 0 ]; then
|
||||||
@ -224,10 +224,10 @@ fi
|
|||||||
echo "Server wrong CA and wrong trusted peer cert loaded"
|
echo "Server wrong CA and wrong trusted peer cert loaded"
|
||||||
echo "-----------------------------------------------------"
|
echo "-----------------------------------------------------"
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -A $wrong_ca -E $wrong_cert -c $server_cert -k $server_key -R $ready_file -p $port &
|
./examples/server/server -A "$wrong_ca" -E "$wrong_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -A $client_ca -p $port
|
./examples/client/client -A "$client_ca" -p $port
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
if [ $RESULT -eq 0 ]; then
|
if [ $RESULT -eq 0 ]; then
|
||||||
@ -241,10 +241,10 @@ echo ""
|
|||||||
echo "Server fall through to loaded CAs"
|
echo "Server fall through to loaded CAs"
|
||||||
echo "-----------------------------------------------------"
|
echo "-----------------------------------------------------"
|
||||||
port=0
|
port=0
|
||||||
./examples/server/server -E $wrong_cert -c $server_cert -k $server_key -R $ready_file -p $port &
|
./examples/server/server -E "$wrong_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -A $client_ca -p $port
|
./examples/client/client -A "$client_ca" -p $port
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
if [ $RESULT -ne 0 ]; then
|
if [ $RESULT -ne 0 ]; then
|
||||||
@ -259,25 +259,25 @@ echo "Server loading multiple trusted peer certs"
|
|||||||
echo "Test two success cases and one fail case"
|
echo "Test two success cases and one fail case"
|
||||||
echo "-----------------------------------------------------"
|
echo "-----------------------------------------------------"
|
||||||
port=0
|
port=0
|
||||||
cat $client_cert $client_ca > $combined_cert
|
cat "$client_cert" "$client_ca" > "$combined_cert"
|
||||||
./examples/server/server -i -A $wrong_ca -E $combined_cert -c $server_cert -k $server_key -R $ready_file -p $port &
|
./examples/server/server -i -A "$wrong_ca" -E "$combined_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
|
||||||
server_pid=$!
|
server_pid=$!
|
||||||
create_port
|
create_port
|
||||||
./examples/client/client -A $client_ca -c $client_cert -k $client_key -p $port
|
./examples/client/client -A "$client_ca" -c "$client_cert" -k "$client_key" -p $port
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
if [ $RESULT -ne 0 ]; then
|
if [ $RESULT -ne 0 ]; then
|
||||||
echo -e "\nServer load multiple trusted peer certs failed!"
|
echo -e "\nServer load multiple trusted peer certs failed!"
|
||||||
do_cleanup
|
do_cleanup
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
./examples/client/client -A $client_ca -c $client_ca -k $ca_key -p $port
|
./examples/client/client -A "$client_ca" -c "$client_ca" -k "$ca_key" -p $port
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
if [ $RESULT -ne 0 ]; then
|
if [ $RESULT -ne 0 ]; then
|
||||||
echo -e "\nServer load multiple trusted peer certs failed!"
|
echo -e "\nServer load multiple trusted peer certs failed!"
|
||||||
do_cleanup
|
do_cleanup
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
./examples/client/client -A $client_ca -c $wrong_cert -k $client_key -p $port
|
./examples/client/client -A "$client_ca" -c "$wrong_cert" -k "$client_key" -p $port
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
if [ $RESULT -eq 0 ]; then
|
if [ $RESULT -eq 0 ]; then
|
||||||
echo -e "\nServer load multiple trusted peer certs failed!"
|
echo -e "\nServer load multiple trusted peer certs failed!"
|
||||||
@ -286,7 +286,7 @@ if [ $RESULT -eq 0 ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
do_cleanup # kill PID of server running in infinite loop
|
do_cleanup # kill PID of server running in infinite loop
|
||||||
rm $combined_cert
|
rm "$combined_cert"
|
||||||
remove_ready_file
|
remove_ready_file
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user