]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Added interoperability tests with openssl.
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Fri, 15 Apr 2011 07:27:55 +0000 (09:27 +0200)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Fri, 15 Apr 2011 07:28:55 +0000 (09:28 +0200)
tests/certs/cert-rsa-2432.pem [new file with mode: 0644]
tests/certs/rsa-2432.pem [new file with mode: 0644]
tests/scripts/common.sh
tests/suite/Makefile.am
tests/suite/testbig [new file with mode: 0755]
tests/suite/testbig-main [new file with mode: 0755]

diff --git a/tests/certs/cert-rsa-2432.pem b/tests/certs/cert-rsa-2432.pem
new file mode 100644 (file)
index 0000000..bbc2b63
--- /dev/null
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDlzCCAk+gAwIBAgIETadUITANBgkqhkiG9w0BAQsFADAyMQswCQYDVQQGEwJC
+RTEPMA0GA1UEChMGR251VExTMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTEwNDE0
+MjAwODAyWhcNMzgwODI5MjAwODA0WjAyMQswCQYDVQQGEwJCRTEPMA0GA1UEChMG
+R251VExTMRIwEAYDVQQDEwlsb2NhbGhvc3QwggFSMA0GCSqGSIb3DQEBAQUAA4IB
+PwAwggE6AoIBMQDdz5fSpR2V3YYY2MS5raYMtJ223PrcIeE6YjQH6DOy6JfuLEHS
+EvFf7eR2/2UmHgzHQRVpXw35rYkUjerXFlKaR8G7AALkiEVzeKSu2zjDxgfSZA6H
+7XSMa8TAAlB8TqbRWOnlEwmp21rq6w8GgFwJ75TI6fs3LnXhrJOtmzcTS2Y6djPY
+xNdM+2HIkiEH/N+piFTko6lH0my44zmJEYg4LaLcPl5KqaSO1R+y0N1BPNoQaJ5H
+G2UCosUocwKDAwn99Sl+l9wqTkuqeUZGcIYbm7j2ir4ph31f2qWXa+/IQwlD4h+K
+Fn4dUF312gLu8sMqSOZrMOoC1++siwy4wYXYv3yFqB6DvlwmLnl7R/VKP2Zikv1B
+ILYsAPBSyiYGLXzPelB9D8vdlyDIb+TgUPTjAgMBAAGjVTBTMAwGA1UdEwEB/wQC
+MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNVHQ4E
+FgQUklPWcbn4aKqzU/aN9TlFZpyn5TEwDQYJKoZIhvcNAQELBQADggExAJi/SInB
+5uYVE8z8uu2gieWGRTBzaLJ5H4gCgPstybghVY3Ft1Ybz8N27tDw2SI6Y5LFBIZw
+HkIzKjvEFAjFQpJzfD45wO40xzMWX5Ouzx+aMAlR/i2UnCitKn7kFIFFaw3XESH8
+2ycXdLTMlBpunntYqeAGjdpfYOG4byhotli+xaw2Rzf2qDh0I4HzIr5h/wgIh+vC
+jykldV1M69UJKKt7mflpCKLGAtIuzfrxGc4/RGqhS6hW1RGuRONoBVBXjXIPxyHb
+j6NQeF1aOcuQPVJDM7/qiQcaksyFJ6g9NLhbUu7vILm2/+rFkNNHxVGQ4uY+Urke
+eRi+/eIkvkcyWrADa6rbw9v2YEQItiwZR6LwQ3/wB5dXq+yguGpJzgjmw03ypOm4
+Q+fwhNcachRdgho=
+-----END CERTIFICATE-----
diff --git a/tests/certs/rsa-2432.pem b/tests/certs/rsa-2432.pem
new file mode 100644 (file)
index 0000000..c3e3c44
--- /dev/null
@@ -0,0 +1,32 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIFfAIBAAKCATEA3c+X0qUdld2GGNjEua2mDLSdttz63CHhOmI0B+gzsuiX7ixB
+0hLxX+3kdv9lJh4Mx0EVaV8N+a2JFI3q1xZSmkfBuwAC5IhFc3ikrts4w8YH0mQO
+h+10jGvEwAJQfE6m0Vjp5RMJqdta6usPBoBcCe+UyOn7Ny514ayTrZs3E0tmOnYz
+2MTXTPthyJIhB/zfqYhU5KOpR9JsuOM5iRGIOC2i3D5eSqmkjtUfstDdQTzaEGie
+RxtlAqLFKHMCgwMJ/fUpfpfcKk5LqnlGRnCGG5u49oq+KYd9X9qll2vvyEMJQ+If
+ihZ+HVBd9doC7vLDKkjmazDqAtfvrIsMuMGF2L98hageg75cJi55e0f1Sj9mYpL9
+QSC2LADwUsomBi18z3pQfQ/L3ZcgyG/k4FD04wIDAQABAoIBMQDKrMQSUpMs/ARq
+sa9X5iai12qAy3xhJofxXAgk7XRH1qX0l/XwqSRqvimS3hyjbrPIYVzaMmPHr1xh
+LqfVruz9UfHgF8uM3ENxllwL9f3xTQKaqJhqdXuYT2Sw+axnWUquYWseyH18+hUi
+MHRDQYhX/9VYnAvSyR4nfhRWfkwd0jhv1M/dE0eTbONVbMjHzrTj6NGBNVYZa6U6
+NopQnn78Sku061751RCC7lwmwEwAgpu2+n5SQzoXN79cPy4NdHbEfW8JEPyOXTNB
++yUVwI4glPbT+9GG2LwIL/eGT71DQOW6O7De6+URU7thc4VQSpt0CBG3XDvtp1bo
+AQ+MHncOAGtz5ueJwC10HjflosRLc1U2DBWQmAGCiG9smu8eYsFKfFwhxoW1VBdD
+jP1GU4xZAoGZAN68jwJoaZ+GbRcAgkyHDA6u2nCjPZ5qTZAp4PWWkCcXlSG0rhjS
+8ZW+p55dw6W5hm0k5Ozg+kYKgSRH5THTPzHy3ijmKXoyvEjz+A8arf4StedPAg2Z
+OLw3cx0ZDGM86WDvhBrPxw0WtgpaJiogZ6vtSeOB64kLkdi9agDjuTucB/1kBgfx
+6i17wkjfCkWIvvdebDpkMQqfAoGZAP7vpWHvz34u/c2HrviigWhNrA2oWnLmwhem
+TSd8vLGPM4VmI189NIeP2x3SpLF+uPoLIhUWJSHxzl9yIZkZb2ci+jj5paiGad6P
+wEruhJL7pngMgxrU69G2qG4BRc1F0UNKqqqql9428GjcpSczw2nklSxeifkpLAfc
+kTDOxUSBx5k3oLEVEkov/FDmF0+afUOd/Rz1pHM9AoGYSPHpx/kX9lWY7nqNMbDc
+owZipZbgfDwGMNt2QBfSF+tiPMqmZZzX35mz3WqJw4GR47a8flNjw4J3LsGY7wtm
+293VIgHWvZ1WCnJT3+Z16wqHpjw6yOdQLFvgiDwG0Y1GRSfL1NgNMV0puxQxAYTh
+Tu4ET8zhrV0ro5bM24O4yyvbdgHG890nO0QXqbPZ8lHJcMvsl+buJLMCgZhcxIfB
+46n1mNPyfnVFNJ0yf1EkhyaiuSXXxUQ+Ij3nvtxYppoohfUff1GUwJn9nMdi9bop
+Qi2w9HTMdpOTSpYnSasUIIQPlxnfSyAGJFVJxxkEhkkO8nv9jCIuJXhpAgbsHbeM
+8xbgXc2N2vyeD1AEsJE33A8JA9pp4fFTeWp/S1p+fqeSyMAnDt8Z8SB6bxU2Db+V
+Ui3NYQKBmQDcQLZxlmIVCSoi7bgYao0MzTZQRGxh2Sb8IP0JG/8JeXSvWBos2fA9
+gGnjYxuadFpkLlNE+mj8Y9YcHsnPsHblVc/ebKH9rB3jHWg8+SDvEDsaB3KLJp4g
+ElDlARbld3I1ACNmpY7RTIAqSintWG2fg8w3lvCbm96xyisGLG9KL1z9pJdAO/LG
+EYRdbwn1bSCWDbwiqYkWFg==
+-----END RSA PRIVATE KEY-----
index f7b75e66492339dbbc804d14c9a55943d4455f47..18c321fa1481f31566e3ed821b34ba745718f87b 100644 (file)
@@ -20,6 +20,7 @@
 
 fail() {
    echo "Failure: $1" >&2
+   kill $PID
    exit 1
 }
 
@@ -38,6 +39,21 @@ launch_server() {
        fi
 }
 
+launch_bare_server() {
+       PARENT=$1;
+       shift;
+       $SERV $* >/dev/null 2>&1 &
+       LOCALPID="$!";
+       trap "[ ! -z \"${LOCALPID}\" ] && kill ${LOCALPID};" 15
+       wait "${LOCALPID}"
+       LOCALRET="$?"
+       if [ "${LOCALRET}" != "0" -a "${LOCALRET}" != "143" ] ; then
+               # Houston, we'v got a problem...
+               echo "Failed to launch server !"
+               kill -10 ${PARENT}
+       fi
+}
+
 wait_server() {
        trap "kill $1" 1 15 2
        sleep 2
index 32aab4a4926776676a47be05e4ed9c8e87ea0d40..6c95f437f5e6b784e859bfd043380d6c9919026f 100644 (file)
@@ -72,6 +72,7 @@ nodist_eagain_cli_SOURCES = mini-eagain2.c
 
 noinst_PROGRAMS = eagain-cli
 
-nodist_check_SCRIPTS = eagain testsrn
+nodist_check_SCRIPTS = eagain testsrn testbig
+
+TESTS = eagain testsrn testbig
 
-TESTS = eagain testsrn
diff --git a/tests/suite/testbig b/tests/suite/testbig
new file mode 100755 (executable)
index 0000000..fc69fbd
--- /dev/null
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# Copyright (C) 2010 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+if ! test -x /usr/bin/openssl;then
+  exit 77
+fi
+
+datefudge "2007-04-22" ./testbig-main
diff --git a/tests/suite/testbig-main b/tests/suite/testbig-main
new file mode 100755 (executable)
index 0000000..18ec3b1
--- /dev/null
@@ -0,0 +1,244 @@
+#!/bin/sh
+
+# Copyright (C) 2010 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+srcdir="${srcdir:-.}"
+CLI="${CLI:-../../src/gnutls-cli$EXEEXT}"
+PORT="${PORT:-5558}"
+unset RETCODE
+
+if test "${WINDIR}" != "";then
+  exit 77
+fi 
+
+. ../scripts/common.sh
+
+echo "Compatibility checks using "`openssl version`
+
+DSA_CERT=$srcdir/../dsa/cert.dsa.1024.pem
+DSA_KEY=$srcdir/../dsa/dsa.1024.pem
+
+RSA_CERT=$srcdir/../certs/cert-rsa-2432.pem
+RSA_KEY=$srcdir/../certs/rsa-2432.pem
+
+CA_CERT=$srcdir/../../doc/credentials/x509-ca.pem
+CLI_CERT=$srcdir/../../doc/credentials/x509-client.pem
+CLI_KEY=$srcdir/../../doc/credentials/x509-client-key.pem
+
+SERV_CERT=$srcdir/../../doc/credentials/x509-server.pem
+SERV_KEY=$srcdir/../../doc/credentials/x509-server-key.pem
+SERV_DSA_CERT=$srcdir/../../doc/credentials/x509-server-dsa.pem
+SERV_DSA_KEY=$srcdir/../../doc/credentials/x509-server-key-dsa.pem
+
+echo "#####################"
+echo "# Client mode tests #"
+echo "#####################"
+
+SERV=openssl
+
+launch_bare_server $$ s_server -quiet -www -accept $PORT -keyform pem -certform pem -ssl3 -dhparam params.dh -key $RSA_KEY -cert $RSA_CERT -dkey $DSA_KEY -dcert $DSA_CERT -Verify 1 -CAfile $CA_CERT &
+PID=$!
+wait_server $PID
+
+# Test SSL 3.0 with RSA ciphersuite
+echo "Checking SSL 3.0 with RSA..." 
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+RSA" --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+  fail "Failed"
+
+# Test SSL 3.0 with DHE-RSA ciphersuite
+echo "Checking SSL 3.0 with DHE-RSA..." 
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-RSA" --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+  fail "Failed"
+
+# Test SSL 3.0 with DHE-DSS ciphersuite
+echo "Checking SSL 3.0 with DHE-DSS..." 
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-DSS" --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+  fail "Failed"
+
+kill $PID
+wait
+
+launch_bare_server $$ s_server -quiet -www -accept $PORT -keyform pem -certform pem -tls1 -dhparam params.dh -key $RSA_KEY -cert $RSA_CERT -dkey $DSA_KEY -dcert $DSA_CERT -Verify 1 -CAfile $CA_CERT &
+PID=$!
+wait_server $PID
+
+# Test TLS 1.0 with RSA ciphersuite
+echo "Checking TLS 1.0 with RSA..." 
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA" --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+  fail "Failed"
+
+# Test TLS 1.0 with DHE-RSA ciphersuite
+echo "Checking TLS 1.0 with DHE-RSA..." 
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-RSA" --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+  fail "Failed"
+
+# Test TLS 1.0 with DHE-DSS ciphersuite
+echo "Checking TLS 1.0 with DHE-DSS..." 
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-DSS" --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+  fail "Failed"
+
+kill $PID
+wait
+
+launch_bare_server $$ s_server -quiet -accept $PORT -keyform pem -certform pem -dtls1 -mtu 1000 -timeout -dhparam params.dh -key $RSA_KEY -cert $RSA_CERT -dkey $DSA_KEY -dcert $DSA_CERT -Verify 1 -CAfile $CA_CERT &
+PID=$!
+wait_server $PID
+
+# Test DTLS 1.0 with RSA ciphersuite
+echo "Checking DTLS 1.0 with RSA..." 
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+RSA" --udp --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+  fail "Failed"
+
+kill $PID
+wait
+
+launch_bare_server $$ s_server -quiet -accept $PORT -keyform pem -certform pem -dtls1 -mtu 1000 -timeout -dhparam params.dh -key $RSA_KEY -cert $RSA_CERT -dkey $DSA_KEY -dcert $DSA_CERT -Verify 1 -CAfile $CA_CERT &
+PID=$!
+wait_server $PID
+
+# Test DTLS 1.0 with DHE-RSA ciphersuite
+echo "Checking DTLS 1.0 with DHE-RSA..." 
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-RSA" --udp --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+  fail "Failed"
+
+kill $PID
+wait
+
+launch_bare_server $$ s_server -quiet -accept $PORT -keyform pem -certform pem -dtls1 -mtu 1000 -timeout -dhparam params.dh -key $RSA_KEY -cert $RSA_CERT -dkey $DSA_KEY -dcert $DSA_CERT -Verify 1 -CAfile $CA_CERT &
+PID=$!
+wait_server $PID
+
+# Test DTLS 1.0 with DHE-DSS ciphersuite
+echo "Checking DTLS 1.0 with DHE-DSS..." 
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-DSS" --udp --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+  fail "Failed"
+
+kill $PID
+wait
+
+echo "Client mode tests were successfully completed"
+echo ""
+echo "#####################"
+echo "# Server mode tests #"
+echo "#####################"
+SERV="../../src/gnutls-serv$EXEEXT -q"
+CLI="openssl"
+PORT="5559"
+
+# Note that openssl s_client does not return error code on failure
+
+echo "Check SSL 3.0 with RSA ciphersuite"
+launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+RSA" --x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT --dhparams params.dh  & PID=$!
+wait_server $PID
+
+$CLI s_client  -host localhost -port $PORT -ssl3 -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+  fail "Failed"
+
+kill $PID
+wait
+
+echo "Check SSL 3.0 with DHE-RSA ciphersuite"
+launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-RSA" --x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT --dhparams params.dh  & PID=$!
+wait_server $PID
+
+$CLI s_client  -host localhost -port $PORT -ssl3 -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+  fail "Failed"
+
+kill $PID
+wait
+
+echo "Check SSL 3.0 with DHE-DSS ciphersuite"
+launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-DSS" --x509certfile $SERV_DSA_CERT --x509keyfile $SERV_DSA_KEY --dhparams params.dh  & PID=$!
+wait_server $PID
+
+$CLI s_client  -host localhost -port $PORT -ssl3 -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+  fail "Failed"
+
+kill $PID
+wait
+
+#TLS 1.0
+
+echo "Check TLS 1.0 with RSA ciphersuite (SSLv2 hello)"
+launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA" --x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT --dhparams params.dh & PID=$!
+wait_server $PID
+
+$CLI s_client  -host localhost -port $PORT -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+  fail "Failed"
+
+kill $PID
+wait
+
+echo "Check TLS 1.0 with DHE-RSA ciphersuite"
+launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-RSA" --x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT --dhparams params.dh  & PID=$!
+wait_server $PID
+
+$CLI s_client  -host localhost -tls1 -port $PORT -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+  fail "Failed"
+
+kill $PID
+wait
+
+echo "Check TLS 1.0 with DHE-DSS ciphersuite"
+launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-DSS" --x509certfile $SERV_DSA_CERT --x509keyfile $SERV_DSA_KEY --dhparams params.dh  & PID=$!
+wait_server $PID
+
+$CLI s_client  -host localhost -tls1 -port $PORT -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+  fail "Failed"
+
+kill $PID
+wait
+
+
+# DTLS
+echo "Check DTLS 1.0 with RSA ciphersuite"
+launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+RSA" --udp --x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT --dhparams params.dh  & PID=$!
+wait_server $PID
+
+$CLI s_client  -host localhost -port $PORT -dtls1 -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+  fail "Failed"
+
+kill $PID
+wait
+
+echo "Check DTLS 1.0 with DHE-RSA ciphersuite"
+launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-RSA" --udp --x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT --dhparams params.dh  & PID=$!
+wait_server $PID
+
+$CLI s_client  -host localhost -port $PORT -dtls1 -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+  fail "Failed"
+
+kill $PID
+wait
+
+echo "Check DTLS 1.0 with DHE-DSS ciphersuite"
+launch_server $$  --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-DSS" --udp --x509certfile $SERV_DSA_CERT --x509keyfile $SERV_DSA_KEY --dhparams params.dh  & PID=$!
+wait_server $PID
+
+$CLI s_client  -host localhost -port $PORT -dtls1 -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+  fail "Failed"
+
+kill $PID
+wait
+
+
+
+exit 0