]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
tests: simplified server launching process
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Fri, 13 May 2016 11:41:53 +0000 (13:41 +0200)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Fri, 13 May 2016 18:15:19 +0000 (20:15 +0200)
Also attempt to use a new port on every started server and
added a waiting period for the port to become re-usable.

tests/dsa/testdsa
tests/openpgp-certs/testcerts
tests/scripts/common.sh
tests/suite/eagain.sh
tests/suite/mini-eagain2.c
tests/suite/testcompat-main-openssl
tests/suite/testcompat-main-polarssl
tests/suite/testpkcs11.sh
tests/suite/testsrn.sh

index 4890056ce80e6a8d84496fd86c64e8628b5c0eb2..e1b9dcf583840a004277d962701802d51d8c0581 100755 (executable)
@@ -37,8 +37,6 @@ fi
 
 . "${srcdir}/../scripts/common.sh"
 
-PORT="${PORT:-$RPORT}"
-
 size=`${VALGRIND} "${CERTTOOL}" -i --infile "${srcdir}/dsa-pubkey-1018.pem"|grep "Algorithm Secur"|cut -d '(' -f 2|cut -d ' ' -f 1`
 
 if test "${size}" != "1024"; then
@@ -53,7 +51,8 @@ echo "Checking various DSA key sizes (port ${PORT})"
 
 echo "Checking DSA-1024 with TLS 1.0"
 
-launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/cert.dsa.1024.pem" --x509keyfile "${srcdir}/dsa.1024.pem" >/dev/null &
+eval "${GETPORT}"
+launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/cert.dsa.1024.pem" --x509keyfile "${srcdir}/dsa.1024.pem"
 PID=$!
 wait_server "${PID}"
 
@@ -84,10 +83,10 @@ wait
 
 # DSA 1024 + TLS 1.2
 
-sleep 3
 echo "Checking DSA-1024 with TLS 1.2"
 
-launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/cert.dsa.1024.pem" --x509keyfile "${srcdir}/dsa.1024.pem" >/dev/null &
+eval "${GETPORT}"
+launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/cert.dsa.1024.pem" --x509keyfile "${srcdir}/dsa.1024.pem"
 PID=$!
 wait_server "${PID}"
 
@@ -119,7 +118,8 @@ wait
 
 #echo "Checking DSA-2048 with TLS 1.0"
 
-#launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile "${srcdir}/cert.dsa.2048.pem" --x509keyfile "${srcdir}/dsa.2048.pem" >/dev/null 2>&1 &
+#eval "${GETPORT}"
+#launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile "${srcdir}/cert.dsa.2048.pem" --x509keyfile "${srcdir}/dsa.2048.pem"
 #PID=$!
 #wait_server "${PID}"
 
@@ -130,10 +130,10 @@ wait
 #wait
 
 # DSA 2048 + TLS 1.2
-sleep 3
 echo "Checking DSA-2048 with TLS 1.2"
 
-launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/cert.dsa.2048.pem" --x509keyfile "${srcdir}/dsa.2048.pem" >/dev/null &
+eval "${GETPORT}"
+launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/cert.dsa.2048.pem" --x509keyfile "${srcdir}/dsa.2048.pem"
 PID=$!
 wait_server "${PID}"
 
@@ -147,7 +147,7 @@ wait
 
 #echo "Checking DSA-3072 with TLS 1.0"
 
-#launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile "${srcdir}/cert.dsa.3072.pem" --x509keyfile "${srcdir}/dsa.3072.pem" >/dev/null 2>&1 &
+#launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile "${srcdir}/cert.dsa.3072.pem" --x509keyfile "${srcdir}/dsa.3072.pem"
 #PID=$!
 #wait_server "${PID}"
 #
@@ -159,10 +159,10 @@ wait
 
 # DSA 3072 + TLS 1.2
 
-sleep 3
 echo "Checking DSA-3072 with TLS 1.2"
 
-launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/cert.dsa.3072.pem" --x509keyfile "${srcdir}/dsa.3072.pem" >/dev/null &
+eval "${GETPORT}"
+launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/cert.dsa.3072.pem" --x509keyfile "${srcdir}/dsa.3072.pem"
 PID=$!
 wait_server "${PID}"
 
index f09ec9ef91151717583cf292854ba609554accd8..2f5366954464c2f1d2dc3359c3386ac6035bca3f 100755 (executable)
@@ -34,11 +34,10 @@ fi
 
 . "${srcdir}/../scripts/common.sh"
 
-PORT="${PORT:-$RPORT}"
-
 echo "Checking OpenPGP certificate verification"
 
-launch_server $$ --priority NORMAL:+CTYPE-OPENPGP --pgpcertfile "${srcdir}/srv-public-127.0.0.1-signed.gpg" --pgpkeyfile "${srcdir}/srv-secret.gpg" >/dev/null 2>&1 &
+eval "${GETPORT}"
+launch_server $$ --priority NORMAL:+CTYPE-OPENPGP --pgpcertfile "${srcdir}/srv-public-127.0.0.1-signed.gpg" --pgpkeyfile "${srcdir}/srv-secret.gpg"
 PID=$!
 wait_server ${PID}
 
@@ -59,7 +58,8 @@ ${VALGRIND} "${CLI}" ${DEBUG} -p "${PORT}" localhost --priority NORMAL:+CTYPE-OP
 kill ${PID}
 wait
 
-launch_server $$ --priority NORMAL:+CTYPE-OPENPGP --pgpcertfile "${srcdir}/srv-public-localhost-signed.gpg" --pgpkeyfile "${srcdir}/srv-secret.gpg" >/dev/null 2>&1 &
+eval "${GETPORT}"
+launch_server $$ --priority NORMAL:+CTYPE-OPENPGP --pgpcertfile "${srcdir}/srv-public-localhost-signed.gpg" --pgpkeyfile "${srcdir}/srv-secret.gpg"
 PID=$!
 wait_server ${PID}
 
@@ -76,7 +76,8 @@ ${VALGRIND} "${CLI}" ${DEBUG} --priority NORMAL:+CTYPE-OPENPGP -p "${PORT}" 127.
 kill ${PID}
 wait
 
-launch_server $$ --priority NORMAL:+CTYPE-OPENPGP --pgpcertfile "${srcdir}/srv-public-all-signed.gpg" --pgpkeyfile "${srcdir}/srv-secret.gpg" >/dev/null 2>&1 &
+eval "${GETPORT}"
+launch_server $$ --priority NORMAL:+CTYPE-OPENPGP --pgpcertfile "${srcdir}/srv-public-all-signed.gpg" --pgpkeyfile "${srcdir}/srv-secret.gpg"
 PID=$!
 wait_server ${PID}
 
index b338201cb23fed49d679219b3c6991be5fc2ce04..ec8c7c3c4ff524baf6154bb8f523409c43350b35 100644 (file)
 # along with this file; if not, write to the Free Software Foundation,
 # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 
-rc=0
-while test $rc = 0
-do
-       RPORT="$(((($$<<15)|RANDOM) % 63001 + 2000))"
-       netstat -anlt|grep "\:$RPORT"
-       rc=$?
-done
+
+GETPORT='rc=0;while test $rc = 0;do PORT="$(((($$<<15)|RANDOM) % 63001 + 2000))";
+       netstat -anl|grep "[\:\.]$PORT" >/dev/null 2>&1;
+       rc=$?;done;'
 
 fail() {
    PID="$1"
@@ -34,56 +31,84 @@ fail() {
    exit 1
 }
 
+wait_for_port()
+{
+       local ret
+       local PORT="$1"
+       sleep 4
+
+       for i in 1 2 3 4 5 6;do
+               netstat -anl|grep "[\:\.]$PORT"|grep LISTEN >/dev/null 2>&1
+               ret=$?
+               if test $ret != 0;then
+               netstat -anl|grep "[\:\.]$PORT"
+                       echo try $i
+                       sleep 2
+               else
+                       break
+               fi
+       done
+       return $ret
+}
+
+wait_for_free_port()
+{
+       local ret
+       local PORT="$1"
+
+       for i in 1 2 3 4 5 6;do
+               netstat -anl|grep "[\:\.]$PORT" >/dev/null 2>&1
+               ret=$?
+               if test $ret != 0;then
+                       break
+               else
+                       sleep 20
+               fi
+       done
+       return $ret
+}
+
 launch_server() {
-       PARENT="$1"
-       shift
-       ${SERV} ${DEBUG} -p "${PORT}" $* >/dev/null 2>&1 &
-       LOCALPID="$!"
-       trap "[ ! -z \"${LOCALPID}\" ] && kill ${LOCALPID};" 15
-       wait "${LOCALPID}"
-       LOCALRET="$?"
-       if [ "${LOCALRET}" != "0" ] && [ "${LOCALRET}" != "143" ] ; then
-               # Houston, we'v got a problem...
-               echo "Failed to launch a gnutls-serv server !"
-               kill -10 ${PARENT}
-       fi
+       PARENT="$1"
+       shift
+
+       wait_for_free_port ${PORT}
+       ${SERV} ${DEBUG} -p "${PORT}" $* >/dev/null 2>&1 &
 }
 
 launch_pkcs11_server() {
-       PARENT="$1"
-       shift
-       PROVIDER="$1"
-       shift
-       ${VALGRIND} ${SERV} ${PROVIDER} ${DEBUG} -p "${PORT}" $* &
-       LOCALPID="$!"
-       trap "[ ! -z \"${LOCALPID}\" ] && kill ${LOCALPID};" 15
-       wait "${LOCALPID}"
-       LOCALRET="$?"
-       if [ "${LOCALRET}" != "0" ] && [ "${LOCALRET}" != "143" ] ; then
-               # Houston, we'v got a problem...
-               echo "Failed to launch a gnutls-serv server !"
-               kill -10 ${PARENT}
-       fi
+       PARENT="$1"
+       shift
+       PROVIDER="$1"
+       shift
+
+       wait_for_free_port ${PORT}
+
+       ${VALGRIND} ${SERV} ${PROVIDER} ${DEBUG} -p "${PORT}" $* &
 }
 
 launch_bare_server() {
-       PARENT="$1"
-       shift
-       ${SERV} $* >/dev/null 2>&1 &
-       LOCALPID="$!"
-       trap "[ ! -z \"${LOCALPID}\" ] && kill ${LOCALPID};" 15
-       wait "${LOCALPID}"
-       LOCALRET="$?"
-       if [ "${LOCALRET}" != "0" ] && [ "${LOCALRET}" != "143" ] ; then
-               # Houston, we'v got a problem...
-               echo "Failed to launch server !"
-               kill -10 ${PARENT}
-       fi
+       PARENT="$1"
+       shift
+
+       wait_for_free_port ${PORT}
+       ${SERV} $* >/dev/null 2>&1 &
 }
 
 wait_server() {
-       trap "kill $1" 1 15 2
+       local PID=$1
+       trap "test -n \"${PID}\" && kill ${PID};exit 1" 1 15 2
+       wait_for_port $PORT
+       if test $? != 0;then
+               echo "Server $PORT did not come up"
+               kill $PID
+               exit 1
+       fi
+}
+
+wait_udp_server() {
+       local PID=$1
+       trap "test -n \"${PID}\" && kill ${PID};exit 1" 1 15 2
        sleep 4
 }
 
-trap "fail '' 'Failed to launch a gnutls-serv server, aborting test... '" 10
index 42bb991bdd079a8ee34a574c6fcc80986afa23bd..c9c526ac82e6d07e8868581ce9b322770ca28b31 100755 (executable)
 
 srcdir="${srcdir:-.}"
 SERV="${SERV:-../../src/gnutls-serv${EXEEXT}} -q"
-PORT="${PORT:-5445}"
 
+. "${srcdir}/../scripts/common.sh"
 
-$SERV -p "${PORT}" --echo --priority "NORMAL:+ANON-DH" --dhparams "${srcdir}/params.dh" >/dev/null 2>&1 &
+eval "${GETPORT}"
+
+launch_server $$ --echo --priority "NORMAL:+ANON-DH" --dhparams "${srcdir}/params.dh"
 PID=$!
+wait_server ${PID}
 
-sleep 2
+export PORT
 
 ./eagain-cli
 if [ $? != 0 ]; then
index 5fabb982cd3e144016b8e5ccb128a7648cf3374c..cf0ea5ec4b284abbef6ddc3f253121e66b9ae5a7 100644 (file)
@@ -68,7 +68,7 @@ static const char
  */
 static int tcp_connect(void)
 {
-       const char *PORT = "5445";
+       const char *PORT = getenv("PORT");
        const char *SERVER = "127.0.0.1";       //verisign.com
        int err, sd;
        int flag = 1, curstate = 0;
index 3d4cbb47bfa16262f3733cdb3bf328e059211360..224a2a068d3f9b4553dd7ca7dcb2306b289b10c2 100755 (executable)
@@ -91,7 +91,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        if test "${HAVE_SSL3}" != 1; then
                # It seems debian disabled SSL 3.0 completely on openssl
 
-               launch_bare_server $$ s_server -cipher ALL -quiet -www -accept "${PORT}" -keyform pem -certform pem -ssl3 ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -dkey "${DSA_KEY}" -dcert "${DSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" &
+               eval "${GETPORT}"
+               launch_bare_server $$ s_server -cipher ALL -quiet -www -accept "${PORT}" -keyform pem -certform pem -ssl3 ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -dkey "${DSA_KEY}" -dcert "${DSA_CERT}" -Verify 1 -CAfile "${CA_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -113,7 +114,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
                kill ${PID}
                wait
 
-               launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -ssl3 ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -cipher RC4-MD5 &
+               eval "${GETPORT}"
+               launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -ssl3 ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -cipher RC4-MD5
                PID=$!
                wait_server ${PID}
 
@@ -127,7 +129,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
 
        if test "${NO_NULL}" = 0; then
                #-cipher RSA-NULL
-               launch_bare_server $$ s_server -cipher NULL-SHA -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" &
+               eval "${GETPORT}"
+               launch_bare_server $$ s_server -cipher NULL-SHA -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -Verify 1 -CAfile "${CA_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -141,7 +144,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        fi
 
        #-cipher RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA
-       launch_bare_server $$ s_server -cipher "ALL" -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -dkey "${DSA_KEY}" -dcert "${DSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" &
+       eval "${GETPORT}"
+       launch_bare_server $$ s_server -cipher "ALL" -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -dkey "${DSA_KEY}" -dcert "${DSA_CERT}" -Verify 1 -CAfile "${CA_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -189,7 +193,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        wait
 
        if test "${FIPS}" != 1; then
-               launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 -key "${RSA_KEY}" -cert "${RSA_CERT}" -named_curve prime192v1 -CAfile "${CA_CERT}" &
+               eval "${GETPORT}"
+               launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 -key "${RSA_KEY}" -cert "${RSA_CERT}" -named_curve prime192v1 -CAfile "${CA_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -202,7 +207,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
                wait
 
                #-cipher ECDHE-ECDSA-AES128-SHA
-               launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 -key "${ECC224_KEY}" -cert "${ECC224_CERT}" -Verify 1 -named_curve secp224r1 -CAfile "${CA_ECC_CERT}" &
+               eval "${GETPORT}"
+               launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 -key "${ECC224_KEY}" -cert "${ECC224_CERT}" -Verify 1 -named_curve secp224r1 -CAfile "${CA_ECC_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -216,7 +222,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        fi
 
        #-cipher ECDHE-ECDSA-AES128-SHA
-       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 -key "${ECC384_KEY}" -cert "${ECC384_CERT}" -Verify 1 -named_curve secp384r1 -CAfile "${CA_ECC_CERT}" &
+       eval "${GETPORT}"
+       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 -key "${ECC384_KEY}" -cert "${ECC384_CERT}" -Verify 1 -named_curve secp384r1 -CAfile "${CA_ECC_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -229,7 +236,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        wait
 
        #-cipher ECDHE-ECDSA-AES128-SHA
-       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 -key "${ECC521_KEY}" -cert "${ECC521_CERT}" -Verify 1 -named_curve secp521r1 -CAfile "${CA_ECC_CERT}" &
+       eval "${GETPORT}"
+       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 -key "${ECC521_KEY}" -cert "${ECC521_CERT}" -Verify 1 -named_curve secp521r1 -CAfile "${CA_ECC_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -242,7 +250,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        wait
 
        #-cipher PSK
-       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -tls1 -keyform pem -certform pem ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -cipher PSK -psk 9e32cf7786321a828ef7668f09fb35db &
+       eval "${GETPORT}"
+       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -tls1 -keyform pem -certform pem ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -cipher PSK -psk 9e32cf7786321a828ef7668f09fb35db
        PID=$!
        wait_server ${PID}
 
@@ -256,7 +265,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        if test ${NO_TLS1_2} = 0; then
                # Tests requiring openssl 1.0.1 - TLS 1.2
                #-cipher RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA
-               launch_bare_server $$ s_server -cipher ALL -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -dkey "${DSA_KEY}" -dcert "${DSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" &
+               eval "${GETPORT}"
+               launch_bare_server $$ s_server -cipher ALL -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -dkey "${DSA_KEY}" -dcert "${DSA_CERT}" -Verify 1 -CAfile "${CA_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -286,7 +296,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
                wait
 
                if test "${NO_X25519}" = 0 && test "${FIPS}" != 1; then
-                       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${RSA_KEY}" -cert "${RSA_CERT}" -named_curve X25519 -CAfile "${CA_CERT}" &
+                       eval "${GETPORT}"
+                       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${RSA_KEY}" -cert "${RSA_CERT}" -named_curve X25519 -CAfile "${CA_CERT}"
                        PID=$!
                        wait_server ${PID}
 
@@ -300,7 +311,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
 
                if test "${FIPS}" != 1; then
                        #-cipher ECDHE-ECDSA-AES128-SHA
-                       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${ECC224_KEY}" -cert "${ECC224_CERT}" -Verify 1 -named_curve secp224r1 -CAfile "${CA_ECC_CERT}" &
+                       eval "${GETPORT}"
+                       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${ECC224_KEY}" -cert "${ECC224_CERT}" -Verify 1 -named_curve secp224r1 -CAfile "${CA_ECC_CERT}"
                        PID=$!
                        wait_server ${PID}
 
@@ -313,7 +325,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
                fi
 
                #-cipher ECDHE-ECDSA-AES128-SHA
-               launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${ECC384_KEY}" -cert "${ECC384_CERT}" -Verify 1 -named_curve secp384r1 -CAfile "${CA_ECC_CERT}" &
+               eval "${GETPORT}"
+               launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${ECC384_KEY}" -cert "${ECC384_CERT}" -Verify 1 -named_curve secp384r1 -CAfile "${CA_ECC_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -326,7 +339,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
 
                if test "${FIPS}" != 1; then
                        #-cipher ECDHE-ECDSA-AES128-SHA
-                       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${ECC521_KEY}" -cert "${ECC521_CERT}" -Verify 1 -named_curve secp521r1 -CAfile "${CA_ECC_CERT}" &
+                       eval "${GETPORT}"
+                       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${ECC521_KEY}" -cert "${ECC521_CERT}" -Verify 1 -named_curve secp521r1 -CAfile "${CA_ECC_CERT}"
                        PID=$!
                        wait_server ${PID}
 
@@ -340,7 +354,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        fi #NO_TLS1_2
 
        #-cipher PSK
-       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -tls1_2 -keyform pem -certform pem ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -cipher PSK -psk 9e32cf7786321a828ef7668f09fb35db &
+       eval "${GETPORT}"
+       launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -tls1_2 -keyform pem -certform pem ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -cipher PSK -psk 9e32cf7786321a828ef7668f09fb35db
        PID=$!
        wait_server ${PID}
 
@@ -351,9 +366,10 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
-       launch_bare_server $$ s_server -cipher ALL -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1 -timeout ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -dkey "${DSA_KEY}" -dcert "${DSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" &
+       eval "${GETPORT}"
+       launch_bare_server $$ s_server -cipher ALL -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1 -timeout ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -dkey "${DSA_KEY}" -dcert "${DSA_CERT}" -Verify 1 -CAfile "${CA_CERT}"
        PID=$!
-       wait_server ${PID}
+       wait_udp_server ${PID}
 
        # Test DTLS 1.0 with RSA ciphersuite
        echo "Checking DTLS 1.0 with RSA..."
@@ -363,9 +379,10 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
-       launch_bare_server $$ s_server -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1 -timeout ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -dkey "${DSA_KEY}" -dcert "${DSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" &
+       eval "${GETPORT}"
+       launch_bare_server $$ s_server -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1 -timeout ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -dkey "${DSA_KEY}" -dcert "${DSA_CERT}" -Verify 1 -CAfile "${CA_CERT}"
        PID=$!
-       wait_server ${PID}
+       wait_udp_server ${PID}
 
        # Test DTLS 1.0 with DHE-RSA ciphersuite
        echo "Checking DTLS 1.0 with DHE-RSA..."
@@ -376,9 +393,10 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        wait
 
        if test "${NO_DSS}" != 1; then
-               launch_bare_server $$ s_server -cipher "ALL" -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1 -timeout ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -dkey "${DSA_KEY}" -dcert "${DSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" &
+               eval "${GETPORT}"
+               launch_bare_server $$ s_server -cipher "ALL" -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1 -timeout ${DH_PARAMS} -key "${RSA_KEY}" -cert "${RSA_CERT}" -dkey "${DSA_KEY}" -dcert "${DSA_CERT}" -Verify 1 -CAfile "${CA_CERT}"
                PID=$!
-               wait_server ${PID}
+               wait_udp_server ${PID}
 
                # Test DTLS 1.0 with DHE-DSS ciphersuite
                echo "Checking DTLS 1.0 with DHE-DSS..."
@@ -408,7 +426,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
        if test "${HAVE_SSL3}" != 1; then
 
                echo "Check SSL 3.0 with RSA ciphersuite"
-               launch_server $$ --priority "NONE:+MD5:+ARCFOUR-128:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh" &
+               eval "${GETPORT}"
+               launch_server $$ --priority "NONE:+MD5:+ARCFOUR-128:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
                PID=$!
                wait_server ${PID}
 
@@ -423,7 +442,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
                wait
 
                echo "Check SSL 3.0 with DHE-RSA ciphersuite"
-               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh" &
+               eval "${GETPORT}"
+               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
                PID=$!
                wait_server ${PID}
 
@@ -434,7 +454,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
                wait
 
                echo "Check SSL 3.0 with DHE-DSS ciphersuite"
-               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh" &
+               eval "${GETPORT}"
+               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh"
                PID=$!
                wait_server ${PID}
 
@@ -450,7 +471,7 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
 
        # This test was disabled because it doesn't work as expected with openssl 1.0.0d
        #echo "Check TLS 1.0 with RSA ciphersuite (SSLv2 hello)"
-       #launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh" &
+       #launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
        #PID=$!
        #wait_server ${PID}
        #
@@ -462,7 +483,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
 
        if test "${NO_NULL}" = 0; then
                echo "Check TLS 1.0 with RSA-NULL ciphersuite"
-               launch_server $$ --priority "NONE:+NULL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh" &
+               eval "${GETPORT}"
+               launch_server $$ --priority "NONE:+NULL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
                PID=$!
                wait_server ${PID}
 
@@ -474,7 +496,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
        fi
 
        echo "Check TLS 1.0 with DHE-RSA ciphersuite"
-       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh" &
+       eval "${GETPORT}"
+       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
        PID=$!
        wait_server ${PID}
 
@@ -486,7 +509,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
 
        if test "${NO_DSS}" != 1; then
                echo "Check TLS 1.0 with DHE-DSS ciphersuite"
-               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh" &
+               eval "${GETPORT}"
+               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh"
                PID=$!
                wait_server ${PID}
 
@@ -498,7 +522,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
        fi
 
        echo "Check TLS 1.0 with ECDHE-RSA ciphersuite"
-       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+       eval "${GETPORT}"
+       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -511,7 +536,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
 
        if test "${FIPS}" != 1; then
                echo "Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP224R1)"
-               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-SECP224R1:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}" &
+               eval "${GETPORT}"
+               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-SECP224R1:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -524,7 +550,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
        fi
 
        echo "Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP256R1)"
-       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}" &
+       eval "${GETPORT}"
+       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -536,7 +563,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
        wait
 
        echo "Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP384R1)"
-       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}" &
+       eval "${GETPORT}"
+       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -549,7 +577,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
 
        if test "${FIPS}" != 1; then
                echo "Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP521R1)"
-               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}" &
+               eval "${GETPORT}"
+               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -562,7 +591,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
        fi
 
        echo "Check TLS 1.0 with PSK ciphersuite"
-       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+       eval "${GETPORT}"
+       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -576,7 +606,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
        if test ${NO_TLS1_2} = 0; then
 
                echo "Check TLS 1.2 with DHE-RSA ciphersuite"
-               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh" &
+               eval "${GETPORT}"
+               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
                PID=$!
                wait_server ${PID}
 
@@ -588,7 +619,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
 
                if test "${NO_DSS}" != 1; then
                        echo "Check TLS 1.2 with DHE-DSS ciphersuite"
-                       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh" &
+                       eval "${GETPORT}"
+                       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh"
                        PID=$!
                        wait_server ${PID}
 
@@ -600,7 +632,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
                fi
 
                echo "Check TLS 1.2 with ECDHE-RSA ciphersuite"
-               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+               eval "${GETPORT}"
+               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -613,7 +646,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
 
                if test "${NO_X22519}" = 0 && test "${FIPS}" != 1; then
                        echo "Check TLS 1.2 with ECDHE-RSA ciphersuite (X25519)"
-                       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-RSA:+CURVE-X25519${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+                       eval "${GETPORT}"
+                       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-RSA:+CURVE-X25519${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
                        PID=$!
                        wait_server ${PID}
 
@@ -626,7 +660,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
 
                if test "${FIPS}" != 1; then
                        echo "Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP224R1)"
-                       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-SECP224R1:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}" &
+                       eval "${GETPORT}"
+                       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-SECP224R1:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}"
                        PID=$!
                        wait_server ${PID}
 
@@ -639,7 +674,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
                fi
 
                echo "Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP256R1)"
-               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}" &
+               eval "${GETPORT}"
+               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -651,7 +687,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
                wait
 
                echo "Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP384R1)"
-               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}" &
+               eval "${GETPORT}"
+               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -664,7 +701,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
 
                if test "${FIPS}" != 1; then
                        echo "Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP521R1)"
-                       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}" &
+                       eval "${GETPORT}"
+                       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}"
                        PID=$!
                        wait_server ${PID}
 
@@ -677,7 +715,8 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
                fi
 
                echo "Check TLS 1.2 with PSK ciphersuite"
-               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+               eval "${GETPORT}"
+               launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -692,9 +731,10 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
 
        # DTLS
        echo "Check DTLS 1.0 with RSA ciphersuite"
-       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh" &
+       eval "${GETPORT}"
+       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
        PID=$!
-       wait_server ${PID}
+       wait_udp_server ${PID}
 
 
        ${OPENSSL_CLI} s_client -host localhost -port "${PORT}" -dtls1 -cert "${CLI_CERT}" -key "${CLI_KEY}" -CAfile "${CA_CERT}" </dev/null 2>&1 | grep "\:error\:" && \
@@ -705,9 +745,10 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
 
 
        echo "Check DTLS 1.0 with DHE-RSA ciphersuite"
-       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh" &
+       eval "${GETPORT}"
+       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
        PID=$!
-       wait_server ${PID}
+       wait_udp_server ${PID}
 
 
        ${OPENSSL_CLI} s_client -host localhost -port "${PORT}" -dtls1 -cert "${CLI_CERT}" -key "${CLI_KEY}" -CAfile "${CA_CERT}" </dev/null 2>&1 | grep "\:error\:" && \
@@ -718,9 +759,10 @@ for ADD in "" ":%COMPAT" ":%NO_ETM" ":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTIATION
 
 
        echo "Check DTLS 1.0 with DHE-DSS ciphersuite"
-       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --udp --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh" &
+       eval "${GETPORT}"
+       launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --udp --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh"
        PID=$!
-       wait_server ${PID}
+       wait_udp_server ${PID}
 
 
        ${OPENSSL_CLI} s_client -host localhost -port "${PORT}" -dtls1 -cert "${CLI_CERT}" -key "${CLI_KEY}" -CAfile "${CA_CERT}" </dev/null 2>&1 | grep "\:error\:" && \
index bf49918cac8ac373cfb764cc422f3ae95f8f6ad3..a004f710c325a79c7864e69acaf5e0f5839d6162 100755 (executable)
@@ -44,7 +44,7 @@ fi
 
 . "${srcdir}/../scripts/common.sh"
 
-PORT="${PORT:-${RPORT}}"
+
 TXT=`"${CLI}" --priority NORMAL --list|grep SECP224`
 if test -z "${TXT}"; then
        ALL_CURVES=0
@@ -91,10 +91,12 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
                echo "** Modifier: ${ADD}"
        fi
 
+       eval "${GETPORT}"
+
        # SSL 3.0 is disabled in debian's polarssl
        if test 0 = 1; then
                echo "Check SSL 3.0 with RSA ciphersuite"
-               launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"  &
+               launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
                PID=$!
                wait_server ${PID}
 
@@ -105,7 +107,7 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
                wait
 
                echo "Check SSL 3.0 with DHE-RSA ciphersuite"
-               launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"  &
+               launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
                PID=$!
                wait_server ${PID}
 
@@ -117,7 +119,7 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
 
                # No DSS for polarssl
                #echo "Check SSL 3.0 with DHE-DSS ciphersuite"
-               #launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-DSS" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh"  &
+               #launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-DSS" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh"
                #PID=$!
                #wait_server ${PID}
 
@@ -131,7 +133,7 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        #TLS 1.0
 
        echo "Check TLS 1.0 with DHE-RSA ciphersuite"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"  &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
        PID=$!
        wait_server ${PID}
 
@@ -142,7 +144,7 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        wait
 
        #echo "Check TLS 1.0 with DHE-DSS ciphersuite"
-       #launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-DSS${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh"  &
+       #launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-DSS${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh"
        #PID=$!
        #wait_server ${PID}
 
@@ -152,8 +154,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        #kill ${PID}
        #wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.0 with ECDHE-RSA ciphersuite"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -164,8 +167,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.0 with PSK ciphersuite"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -176,8 +180,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.0 with DHE-PSK ciphersuite"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -188,8 +193,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.0 with ECDHE-PSK ciphersuite"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -200,8 +206,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.0 with RSA-PSK ciphersuite"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -213,8 +220,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        wait
 
        if test ${ALL_CURVES} = 1; then
+               eval "${GETPORT}"
                echo "Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP224R1)"
-               launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}" &
+               launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -226,8 +234,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
                wait
        fi
 
+       eval "${GETPORT}"
        echo "Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP256R1)"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -238,8 +247,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP384R1)"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -250,8 +260,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP521R1)"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -262,8 +273,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.2 with DHE-RSA ciphersuite"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"  &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
        PID=$!
        wait_server ${PID}
 
@@ -273,8 +285,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.2 with CAMELLIA-128-GCM-DHE-RSA ciphersuite"
-       launch_server $$  --priority "NONE:-CIPHER-ALL:+CAMELLIA-128-GCM:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"  &
+       launch_server $$  --priority "NONE:-CIPHER-ALL:+CAMELLIA-128-GCM:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
        PID=$!
        wait_server ${PID}
 
@@ -284,8 +297,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.2 with CAMELLIA-256-GCM-DHE-RSA ciphersuite"
-       launch_server $$  --priority "NONE:-CIPHER-ALL:+CAMELLIA-256-GCM:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"  &
+       launch_server $$  --priority "NONE:-CIPHER-ALL:+CAMELLIA-256-GCM:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
        PID=$!
        wait_server ${PID}
 
@@ -295,8 +309,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.2 with AES-128-CCM-DHE-RSA ciphersuite"
-       launch_server $$  --priority "NONE:-CIPHER-ALL:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"  &
+       launch_server $$  --priority "NONE:-CIPHER-ALL:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
        PID=$!
        wait_server ${PID}
 
@@ -306,8 +321,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.2 with AES-128-CCM-8-DHE-RSA ciphersuite"
-       launch_server $$  --priority "NONE:-CIPHER-ALL:+AES-128-CCM-8:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"  &
+       launch_server $$  --priority "NONE:-CIPHER-ALL:+AES-128-CCM-8:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${srcdir}/params.dh"
        PID=$!
        wait_server ${PID}
 
@@ -318,7 +334,7 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        wait
 
        #echo "Check TLS 1.2 with DHE-DSS ciphersuite"
-       #launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-DSS${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh"  &
+       #launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-DSS${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${srcdir}/params.dh"
        #PID=$!
        #wait_server ${PID}
        #
@@ -328,8 +344,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        #kill ${PID}
        #wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.2 with ECDHE-RSA ciphersuite"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -341,8 +358,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        wait
 
        if test ${ALL_CURVES} = 1; then
+               eval "${GETPORT}"
                echo "Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP224R1)"
-               launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}" &
+               launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}"
                PID=$!
                wait_server ${PID}
 
@@ -354,8 +372,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
                wait
        fi
 
+       eval "${GETPORT}"
        echo "Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP256R1)"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -366,8 +385,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP384R1)"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -378,8 +398,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP521R1)"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -390,8 +411,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.2 with PSK ciphersuite"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -402,8 +424,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.2 with DHE-PSK ciphersuite"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -414,8 +437,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.2 with ECDHE-PSK ciphersuite"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
        PID=$!
        wait_server ${PID}
 
@@ -426,8 +450,9 @@ for ADD in "" ":%COMPAT" ":%NO_ETM"; do #":%NO_TICKETS" ":%DISABLE_SAFE_RENEGOTI
        kill ${PID}
        wait
 
+       eval "${GETPORT}"
        echo "Check TLS 1.2 with RSA-PSK ciphersuite"
-       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+RSA-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" &
+       launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+RSA-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}"
        PID=$!
        wait_server ${PID}
 
index 619270e4f459f47ba56d33b4f34b30dc30584d5b..09c494dd65a925463a6abf282e48fbc2ec7dc668 100755 (executable)
@@ -41,8 +41,6 @@ P11TOOL="${VALGRIND} ${P11TOOL} --batch"
 
 . ${srcdir}/../scripts/common.sh
 
-PORT="${PORT:-${RPORT}}"
-
 rm -f "${TMPFILE}"
 
 exit_error () {
@@ -521,9 +519,10 @@ use_certificate_test () {
 
        echo -n "* Using PKCS #11 with gnutls-cli (${txt})... "
        # start server
+       eval "${GETPORT}"
        launch_pkcs11_server $$ "${ADDITIONAL_PARAM}" --echo --priority NORMAL --x509certfile="${certfile}" \
                --x509keyfile="$keyfile" --x509cafile="${cafile}" \
-               --require-client-cert >>"${TMPFILE}" 2>&1 &
+               --require-client-cert >>"${TMPFILE}" 2>&1
 
        PID=$!
        wait_server ${PID}
index 4c981a854cdff16ef7084b1fc201b62d0dd8bbd5..1c6bfc3191cacb8e6ccc86577c599d90ee8fddda 100755 (executable)
@@ -36,11 +36,10 @@ fi
 
 . "${srcdir}/../scripts/common.sh"
 
-PORT="${PORT:-${RPORT}}"
-
 echo "Checking Safe renegotiation"
 
-launch_server $$ --echo --priority NORMAL:+ANON-DH:%PARTIAL_RENEGOTIATION --dhparams "${srcdir}/params.dh" >/dev/null 2>&1 &
+eval "${GETPORT}"
+launch_server $$ --echo --priority NORMAL:+ANON-DH:%PARTIAL_RENEGOTIATION --dhparams "${srcdir}/params.dh"
 PID=$!
 wait_server ${PID}
 
@@ -62,9 +61,9 @@ ${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --rehandshake --priority NORMAL:+ANO
 
 kill ${PID}
 wait
-sleep 5
 
-launch_server $$  --echo --priority NORMAL:+ANON-DH:%SAFE_RENEGOTIATION --dhparams "${srcdir}/params.dh" >/dev/null &
+eval "${GETPORT}"
+launch_server $$  --echo --priority NORMAL:+ANON-DH:%SAFE_RENEGOTIATION --dhparams "${srcdir}/params.dh"
 PID=$!
 wait_server ${PID}
 
@@ -82,9 +81,9 @@ ${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --rehandshake --priority NORMAL:+ANO
 
 kill ${PID}
 wait
-sleep 5
 
-launch_server $$ --echo --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION --dhparams "${srcdir}/params.dh" >/dev/null &
+eval "${GETPORT}"
+launch_server $$ --echo --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION --dhparams "${srcdir}/params.dh"
 PID=$!
 wait_server ${PID}