]>
Commit | Line | Data |
---|---|---|
7d7d2cbc UM |
1 | $! TESTSSL.COM |
2 | $ | |
3 | $ __arch := VAX | |
48f48d96 | 4 | $ if f$getsyi("cpu") .ge. 128 then - |
3acd3158 | 5 | __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") |
48f48d96 | 6 | $ if __arch .eqs. "" then __arch := UNK |
c13ee214 RL |
7 | $ texe_dir := sys$disk:[-.'__arch'.exe.test] |
8 | $ exe_dir := sys$disk:[-.'__arch'.exe.apps] | |
9 | $ | |
10 | $ if p1 .eqs. "" | |
11 | $ then | |
12 | $ key="[-.apps]server.pem" | |
13 | $ else | |
14 | $ key=p1 | |
15 | $ endif | |
16 | $ if p2 .eqs. "" | |
17 | $ then | |
18 | $ cert="[-.apps]server.pem" | |
19 | $ else | |
20 | $ cert=p2 | |
21 | $ endif | |
22 | $ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert' | |
23 | $ | |
cde245bd | 24 | $ define/user sys$output testssl-x509-output. |
c13ee214 RL |
25 | $ define/user sys$error nla0: |
26 | $ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout | |
27 | $ set noon | |
28 | $ define/user sys$error nla0: | |
cde245bd | 29 | $ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact |
c13ee214 RL |
30 | $ if $severity .eq. 1 |
31 | $ then | |
32 | $ dsa_cert := YES | |
33 | $ else | |
34 | $ dsa_cert := NO | |
35 | $ endif | |
36 | $ set on | |
cde245bd | 37 | $ delete testssl-x509-output.;* |
c13ee214 RL |
38 | $ |
39 | $ if p3 .eqs. "" | |
40 | $ then | |
41 | $ copy/concatenate [-.certs]*.pem certs.tmp | |
42 | $ CA = """-CAfile"" certs.tmp" | |
43 | $ else | |
44 | $ CA = """-CAfile"" "+p3 | |
45 | $ endif | |
46 | $ | |
47 | $!########################################################################### | |
7d7d2cbc UM |
48 | $ |
49 | $ write sys$output "test sslv2" | |
c13ee214 | 50 | $ 'ssltest' -ssl2 |
7d7d2cbc UM |
51 | $ if $severity .ne. 1 then goto exit3 |
52 | $ | |
53 | $ write sys$output "test sslv2 with server authentication" | |
c13ee214 | 54 | $ 'ssltest' -ssl2 -server_auth 'CA' |
7d7d2cbc UM |
55 | $ if $severity .ne. 1 then goto exit3 |
56 | $ | |
c13ee214 RL |
57 | $ if .not. dsa_cert |
58 | $ then | |
59 | $ write sys$output "test sslv2 with client authentication" | |
60 | $ 'ssltest' -ssl2 -client_auth 'CA' | |
61 | $ if $severity .ne. 1 then goto exit3 | |
7d7d2cbc | 62 | $ |
c13ee214 RL |
63 | $ write sys$output "test sslv2 with both client and server authentication" |
64 | $ 'ssltest' -ssl2 -server_auth -client_auth 'CA' | |
65 | $ if $severity .ne. 1 then goto exit3 | |
66 | $ endif | |
7d7d2cbc UM |
67 | $ |
68 | $ write sys$output "test sslv3" | |
c13ee214 | 69 | $ 'ssltest' -ssl3 |
7d7d2cbc UM |
70 | $ if $severity .ne. 1 then goto exit3 |
71 | $ | |
72 | $ write sys$output "test sslv3 with server authentication" | |
c13ee214 | 73 | $ 'ssltest' -ssl3 -server_auth 'CA' |
7d7d2cbc UM |
74 | $ if $severity .ne. 1 then goto exit3 |
75 | $ | |
76 | $ write sys$output "test sslv3 with client authentication" | |
c13ee214 | 77 | $ 'ssltest' -ssl3 -client_auth 'CA' |
7d7d2cbc UM |
78 | $ if $severity .ne. 1 then goto exit3 |
79 | $ | |
80 | $ write sys$output "test sslv3 with both client and server authentication" | |
c13ee214 | 81 | $ 'ssltest' -ssl3 -server_auth -client_auth 'CA' |
7d7d2cbc UM |
82 | $ if $severity .ne. 1 then goto exit3 |
83 | $ | |
84 | $ write sys$output "test sslv2/sslv3" | |
c13ee214 | 85 | $ 'ssltest' |
7d7d2cbc UM |
86 | $ if $severity .ne. 1 then goto exit3 |
87 | $ | |
88 | $ write sys$output "test sslv2/sslv3 with server authentication" | |
c13ee214 | 89 | $ 'ssltest' -server_auth 'CA' |
7d7d2cbc UM |
90 | $ if $severity .ne. 1 then goto exit3 |
91 | $ | |
92 | $ write sys$output "test sslv2/sslv3 with client authentication" | |
c13ee214 | 93 | $ 'ssltest' -client_auth 'CA' |
7d7d2cbc UM |
94 | $ if $severity .ne. 1 then goto exit3 |
95 | $ | |
96 | $ write sys$output "test sslv2/sslv3 with both client and server authentication" | |
c13ee214 | 97 | $ 'ssltest' -server_auth -client_auth 'CA' |
7d7d2cbc UM |
98 | $ if $severity .ne. 1 then goto exit3 |
99 | $ | |
8c197cc5 | 100 | $ write sys$output "test sslv2 via BIO pair" |
c13ee214 | 101 | $ 'ssltest' -bio_pair -ssl2 |
da0fc5bf RL |
102 | $ if $severity .ne. 1 then goto exit3 |
103 | $ | |
8c197cc5 | 104 | $ write sys$output "test sslv2 with server authentication via BIO pair" |
c13ee214 | 105 | $ 'ssltest' -bio_pair -ssl2 -server_auth 'CA' |
8c197cc5 UM |
106 | $ if $severity .ne. 1 then goto exit3 |
107 | $ | |
c13ee214 RL |
108 | $ if .not. dsa_cert |
109 | $ then | |
110 | $ write sys$output "test sslv2 with client authentication via BIO pair" | |
111 | $ 'ssltest' -bio_pair -ssl2 -client_auth 'CA' | |
112 | $ if $severity .ne. 1 then goto exit3 | |
8c197cc5 | 113 | $ |
c13ee214 RL |
114 | $ write sys$output "test sslv2 with both client and server authentication via BIO pair" |
115 | $ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' | |
116 | $ if $severity .ne. 1 then goto exit3 | |
117 | $ endif | |
8c197cc5 UM |
118 | $ |
119 | $ write sys$output "test sslv3 via BIO pair" | |
c13ee214 | 120 | $ 'ssltest' -bio_pair -ssl3 |
8c197cc5 UM |
121 | $ if $severity .ne. 1 then goto exit3 |
122 | $ | |
123 | $ write sys$output "test sslv3 with server authentication via BIO pair" | |
c13ee214 | 124 | $ 'ssltest' -bio_pair -ssl3 -server_auth 'CA' |
8c197cc5 UM |
125 | $ if $severity .ne. 1 then goto exit3 |
126 | $ | |
127 | $ write sys$output "test sslv3 with client authentication via BIO pair" | |
c13ee214 | 128 | $ 'ssltest' -bio_pair -ssl3 -client_auth 'CA' |
8c197cc5 UM |
129 | $ if $severity .ne. 1 then goto exit3 |
130 | ||
131 | $ write sys$output "test sslv3 with both client and server authentication via BIO pair" | |
c13ee214 | 132 | $ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' |
8c197cc5 UM |
133 | $ if $severity .ne. 1 then goto exit3 |
134 | $ | |
135 | $ write sys$output "test sslv2/sslv3 via BIO pair" | |
c13ee214 | 136 | $ 'ssltest' |
8c197cc5 UM |
137 | $ if $severity .ne. 1 then goto exit3 |
138 | $ | |
c13ee214 RL |
139 | $ if .not. dsa_cert |
140 | $ then | |
141 | $ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair" | |
142 | $ 'ssltest' -bio_pair -no_dhe | |
143 | $ if $severity .ne. 1 then goto exit3 | |
144 | $ endif | |
145 | $ | |
146 | $ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" | |
147 | $ 'ssltest' -bio_pair -dhe1024dsa -v | |
82a2d072 RL |
148 | $ if $severity .ne. 1 then goto exit3 |
149 | $ | |
8c197cc5 | 150 | $ write sys$output "test sslv2/sslv3 with server authentication" |
c13ee214 | 151 | $ 'ssltest' -bio_pair -server_auth 'CA' |
8c197cc5 UM |
152 | $ if $severity .ne. 1 then goto exit3 |
153 | $ | |
154 | $ write sys$output "test sslv2/sslv3 with client authentication via BIO pair" | |
c13ee214 | 155 | $ 'ssltest' -bio_pair -client_auth 'CA' |
8c197cc5 UM |
156 | $ if $severity .ne. 1 then goto exit3 |
157 | $ | |
158 | $ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair" | |
c13ee214 | 159 | $ 'ssltest' -bio_pair -server_auth -client_auth 'CA' |
8c197cc5 UM |
160 | $ if $severity .ne. 1 then goto exit3 |
161 | $ | |
c13ee214 RL |
162 | $!########################################################################### |
163 | $ | |
c13ee214 RL |
164 | $ set noon |
165 | $ define/user sys$output nla0: | |
166 | $ mcr 'exe_dir'openssl no-rsa | |
0d3f2ccb RL |
167 | $ no_rsa=$SEVERITY |
168 | $ define/user sys$output nla0: | |
169 | $ mcr 'exe_dir'openssl no-dh | |
170 | $ no_dh=$SEVERITY | |
c13ee214 | 171 | $ set on |
0d3f2ccb RL |
172 | $ |
173 | $ if no_dh | |
174 | $ then | |
175 | $ write sys$output "skipping anonymous DH tests" | |
176 | $ else | |
177 | $ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes" | |
178 | $ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time | |
179 | $ if $severity .ne. 1 then goto exit3 | |
180 | $ endif | |
181 | $ | |
182 | $ if no_rsa | |
c13ee214 RL |
183 | $ then |
184 | $ write sys$output "skipping RSA tests" | |
185 | $ else | |
186 | $ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes" | |
187 | $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time | |
188 | $ if $severity .ne. 1 then goto exit3 | |
189 | $ | |
0d3f2ccb RL |
190 | $ if no_dh |
191 | $ then | |
192 | $ write sys$output "skipping RSA+DHE tests" | |
193 | $ else | |
194 | $ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" | |
195 | $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time | |
196 | $ if $severity .ne. 1 then goto exit3 | |
197 | $ endif | |
c13ee214 RL |
198 | $ endif |
199 | $ | |
7d7d2cbc UM |
200 | $ RET = 1 |
201 | $ goto exit | |
202 | $ exit3: | |
203 | $ RET = 3 | |
204 | $ exit: | |
cde245bd | 205 | $ if p3 .eqs. "" then delete certs.tmp;* |
7d7d2cbc | 206 | $ exit 'RET' |