tests: added check on saving certs and OCSP responses

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

diff --git a/tests/Makefile.am b/tests/Makefile.am
index ef09b69f8f0e167b5e2aca15da0df4d879f429d1..81e843b0fcb2610ab30e22cf74c72eb3cec8d376 100644 (file)
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -308,7 +308,7 @@ dist_check_SCRIPTS += fastopen.sh pkgconfig.sh starttls.sh starttls-ftp.sh start
        starttls-lmtp.sh starttls-pop3.sh starttls-nntp.sh starttls-sieve.sh \
        ocsp-tests/ocsp-tls-connection ocsp-tests/ocsp-must-staple-connection \
        ocsp-tests/ocsp-test cipher-listings.sh sni-hostname.sh server-multi-keys.sh \
-       psktool.sh ocsp-tests/ocsp-load-chain
+       psktool.sh ocsp-tests/ocsp-load-chain gnutls-cli-save-data.sh
 if ENABLE_DANE
 dist_check_SCRIPTS += danetool.sh
 endif

diff --git a/tests/gnutls-cli-save-data.sh b/tests/gnutls-cli-save-data.sh
new file mode 100755 (executable)
index 0000000..767453e
--- /dev/null
+++ b/tests/gnutls-cli-save-data.sh
@@ -0,0 +1,77 @@
+#!/bin/sh
+
+# Copyright (C) 2010-2016 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+srcdir="${srcdir:-.}"
+SERV="${SERV:-../src/gnutls-serv${EXEEXT}}"
+CLI="${CLI:-../src/gnutls-cli${EXEEXT}}"
+unset RETCODE
+
+if ! test -x "${SERV}"; then
+       exit 77
+fi
+
+if ! test -x "${CLI}"; then
+       exit 77
+fi
+
+if test "${WINDIR}" != ""; then
+       exit 77
+fi 
+
+if ! test -z "${VALGRIND}"; then
+       VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15"
+fi
+
+
+SERV="${SERV} -q"
+
+. "${srcdir}/scripts/common.sh"
+
+echo "Checking whether saving OCSP response and cert succeeds"
+
+KEY1=${srcdir}/../doc/credentials/x509/key-rsa.pem
+CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem
+OCSP1=${srcdir}/ocsp-tests/response1.der
+
+TMPFILE1=save-data1.$$.tmp
+TMPFILE2=save-data2.$$.tmp
+
+eval "${GETPORT}"
+launch_server $$ --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} --ocsp-response=${OCSP1}
+PID=$!
+wait_server ${PID}
+
+${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --save-cert ${TMPFILE1} --save-ocsp ${TMPFILE2} </dev/null >/dev/null && \
+       fail ${PID} "1. handshake should have failed!"
+
+
+kill ${PID}
+wait
+
+if ! test -f ${TMPFILE1} || ! test -f ${TMPFILE2};then
+       echo "Could not retrieve OCSP response or certificate"
+       exit 1
+fi
+
+rm -f ${TMPFILE1} ${TMPFILE2}
+
+exit 0