]>
Commit | Line | Data |
---|---|---|
d02b48c6 RE |
1 | #!/bin/sh |
2 | ||
65b002f3 BM |
3 | if [ "$1" = "" ]; then |
4 | key=../apps/server.pem | |
5 | else | |
6 | key="$1" | |
7 | fi | |
8 | if [ "$2" = "" ]; then | |
9 | cert=../apps/server.pem | |
10 | else | |
11 | cert="$2" | |
12 | fi | |
62d27939 | 13 | ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert" |
65b002f3 | 14 | |
62d27939 | 15 | if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then |
65b002f3 BM |
16 | dsa_cert=YES |
17 | else | |
18 | dsa_cert=NO | |
19 | fi | |
20 | ||
21 | if [ "$3" = "" ]; then | |
22 | CA="-CApath ../certs" | |
23 | else | |
24 | CA="-CAfile $3" | |
25 | fi | |
26 | ||
23f80f46 RL |
27 | if [ "$4" = "" ]; then |
28 | extra="" | |
29 | else | |
30 | extra="$4" | |
31 | fi | |
32 | ||
e27711cf T |
33 | serverinfo="./serverinfo.pem" |
34 | ||
65b002f3 BM |
35 | ############################################################################# |
36 | ||
d02b48c6 | 37 | echo test sslv2 |
23f80f46 | 38 | $ssltest -ssl2 $extra || exit 1 |
d02b48c6 RE |
39 | |
40 | echo test sslv2 with server authentication | |
23f80f46 | 41 | $ssltest -ssl2 -server_auth $CA $extra || exit 1 |
d02b48c6 | 42 | |
65b002f3 BM |
43 | if [ $dsa_cert = NO ]; then |
44 | echo test sslv2 with client authentication | |
23f80f46 | 45 | $ssltest -ssl2 -client_auth $CA $extra || exit 1 |
d02b48c6 | 46 | |
65b002f3 | 47 | echo test sslv2 with both client and server authentication |
23f80f46 | 48 | $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1 |
65b002f3 | 49 | fi |
d02b48c6 RE |
50 | |
51 | echo test sslv3 | |
23f80f46 | 52 | $ssltest -ssl3 $extra || exit 1 |
d02b48c6 RE |
53 | |
54 | echo test sslv3 with server authentication | |
23f80f46 | 55 | $ssltest -ssl3 -server_auth $CA $extra || exit 1 |
d02b48c6 RE |
56 | |
57 | echo test sslv3 with client authentication | |
23f80f46 | 58 | $ssltest -ssl3 -client_auth $CA $extra || exit 1 |
d02b48c6 RE |
59 | |
60 | echo test sslv3 with both client and server authentication | |
23f80f46 | 61 | $ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1 |
d02b48c6 RE |
62 | |
63 | echo test sslv2/sslv3 | |
23f80f46 | 64 | $ssltest $extra || exit 1 |
d02b48c6 RE |
65 | |
66 | echo test sslv2/sslv3 with server authentication | |
23f80f46 | 67 | $ssltest -server_auth $CA $extra || exit 1 |
d02b48c6 RE |
68 | |
69 | echo test sslv2/sslv3 with client authentication | |
23f80f46 | 70 | $ssltest -client_auth $CA $extra || exit 1 |
d02b48c6 RE |
71 | |
72 | echo test sslv2/sslv3 with both client and server authentication | |
23f80f46 | 73 | $ssltest -server_auth -client_auth $CA $extra || exit 1 |
d02b48c6 | 74 | |
95d29597 | 75 | echo test sslv2 via BIO pair |
23f80f46 | 76 | $ssltest -bio_pair -ssl2 $extra || exit 1 |
95d29597 BM |
77 | |
78 | echo test sslv2 with server authentication via BIO pair | |
23f80f46 | 79 | $ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1 |
95d29597 | 80 | |
65b002f3 BM |
81 | if [ $dsa_cert = NO ]; then |
82 | echo test sslv2 with client authentication via BIO pair | |
23f80f46 | 83 | $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1 |
95d29597 | 84 | |
65b002f3 | 85 | echo test sslv2 with both client and server authentication via BIO pair |
23f80f46 | 86 | $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1 |
65b002f3 | 87 | fi |
95d29597 BM |
88 | |
89 | echo test sslv3 via BIO pair | |
23f80f46 | 90 | $ssltest -bio_pair -ssl3 $extra || exit 1 |
95d29597 BM |
91 | |
92 | echo test sslv3 with server authentication via BIO pair | |
23f80f46 | 93 | $ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1 |
95d29597 BM |
94 | |
95 | echo test sslv3 with client authentication via BIO pair | |
23f80f46 | 96 | $ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1 |
95d29597 BM |
97 | |
98 | echo test sslv3 with both client and server authentication via BIO pair | |
23f80f46 | 99 | $ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1 |
d02b48c6 | 100 | |
95d29597 | 101 | echo test sslv2/sslv3 via BIO pair |
23f80f46 | 102 | $ssltest $extra || exit 1 |
95d29597 | 103 | |
65b002f3 | 104 | if [ $dsa_cert = NO ]; then |
f30258c4 BM |
105 | echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair' |
106 | $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1 | |
65b002f3 | 107 | fi |
77fa04a9 | 108 | |
563f1503 | 109 | echo test sslv2/sslv3 with 1024bit DHE via BIO pair |
23f80f46 | 110 | $ssltest -bio_pair -dhe1024dsa -v $extra || exit 1 |
a87030a1 | 111 | |
95d29597 | 112 | echo test sslv2/sslv3 with server authentication |
23f80f46 | 113 | $ssltest -bio_pair -server_auth $CA $extra || exit 1 |
95d29597 BM |
114 | |
115 | echo test sslv2/sslv3 with client authentication via BIO pair | |
23f80f46 | 116 | $ssltest -bio_pair -client_auth $CA $extra || exit 1 |
95d29597 BM |
117 | |
118 | echo test sslv2/sslv3 with both client and server authentication via BIO pair | |
23f80f46 | 119 | $ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1 |
65b002f3 | 120 | |
023ec151 BM |
121 | echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify |
122 | $ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1 | |
123 | ||
0462eedf AL |
124 | echo "Testing ciphersuites" |
125 | for protocol in TLSv1.2 SSLv3; do | |
126 | echo "Testing ciphersuites for $protocol" | |
127 | for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do | |
128 | echo "Testing $cipher" | |
129 | prot="" | |
130 | if [ $protocol = "SSLv3" ] ; then | |
131 | prot="-ssl3" | |
132 | fi | |
133 | $ssltest -cipher $cipher $prot | |
134 | if [ $? -ne 0 ] ; then | |
135 | echo "Failed $cipher" | |
136 | exit 1 | |
137 | fi | |
138 | done | |
139 | done | |
140 | ||
65b002f3 BM |
141 | ############################################################################# |
142 | ||
62d27939 | 143 | if ../util/shlib_wrap.sh ../apps/openssl no-dh; then |
0d3f2ccb RL |
144 | echo skipping anonymous DH tests |
145 | else | |
146 | echo test tls1 with 1024bit anonymous DH, multiple handshakes | |
147 | $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 | |
148 | fi | |
d58d6c27 | 149 | |
62d27939 | 150 | if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then |
46c4647e BM |
151 | echo skipping RSA tests |
152 | else | |
f30258c4 BM |
153 | echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes' |
154 | ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1 | |
95d29597 | 155 | |
62d27939 | 156 | if ../util/shlib_wrap.sh ../apps/openssl no-dh; then |
0d3f2ccb RL |
157 | echo skipping RSA+DHE tests |
158 | else | |
159 | echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes | |
62d27939 | 160 | ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 |
0d3f2ccb | 161 | fi |
65b002f3 | 162 | fi |
563f1503 | 163 | |
efebb108 BM |
164 | echo test tls1 with PSK |
165 | $ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1 | |
ddac1974 NL |
166 | |
167 | echo test tls1 with PSK via BIO pair | |
168 | $ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1 | |
169 | ||
e27711cf T |
170 | ############################################################################# |
171 | # Custom Extension tests | |
172 | ||
173 | echo test tls1 with custom extensions | |
174 | $ssltest -bio_pair -tls1 -custom_ext || exit 1 | |
175 | ||
176 | ############################################################################# | |
177 | # Serverinfo tests | |
178 | ||
179 | echo test tls1 with serverinfo | |
180 | $ssltest -bio_pair -tls1 -serverinfo_file $serverinfo || exit 1 | |
181 | $ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_sct || exit 1 | |
182 | $ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_tack || exit 1 | |
183 | $ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_sct -serverinfo_tack || exit 1 | |
184 | $ssltest -bio_pair -tls1 -custom_ext -serverinfo_file $serverinfo -serverinfo_sct -serverinfo_tack || exit 1 | |
185 | ||
186 | ||
a149b246 BL |
187 | if ../util/shlib_wrap.sh ../apps/openssl no-srp; then |
188 | echo skipping SRP tests | |
189 | else | |
190 | echo test tls1 with SRP | |
191 | $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123 | |
192 | ||
193 | echo test tls1 with SRP via BIO pair | |
194 | $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123 | |
195 | fi | |
196 | ||
95d29597 | 197 | exit 0 |