--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIFfAIBAAKCATEA3c+X0qUdld2GGNjEua2mDLSdttz63CHhOmI0B+gzsuiX7ixB
+0hLxX+3kdv9lJh4Mx0EVaV8N+a2JFI3q1xZSmkfBuwAC5IhFc3ikrts4w8YH0mQO
+h+10jGvEwAJQfE6m0Vjp5RMJqdta6usPBoBcCe+UyOn7Ny514ayTrZs3E0tmOnYz
+2MTXTPthyJIhB/zfqYhU5KOpR9JsuOM5iRGIOC2i3D5eSqmkjtUfstDdQTzaEGie
+RxtlAqLFKHMCgwMJ/fUpfpfcKk5LqnlGRnCGG5u49oq+KYd9X9qll2vvyEMJQ+If
+ihZ+HVBd9doC7vLDKkjmazDqAtfvrIsMuMGF2L98hageg75cJi55e0f1Sj9mYpL9
+QSC2LADwUsomBi18z3pQfQ/L3ZcgyG/k4FD04wIDAQABAoIBMQDKrMQSUpMs/ARq
+sa9X5iai12qAy3xhJofxXAgk7XRH1qX0l/XwqSRqvimS3hyjbrPIYVzaMmPHr1xh
+LqfVruz9UfHgF8uM3ENxllwL9f3xTQKaqJhqdXuYT2Sw+axnWUquYWseyH18+hUi
+MHRDQYhX/9VYnAvSyR4nfhRWfkwd0jhv1M/dE0eTbONVbMjHzrTj6NGBNVYZa6U6
+NopQnn78Sku061751RCC7lwmwEwAgpu2+n5SQzoXN79cPy4NdHbEfW8JEPyOXTNB
++yUVwI4glPbT+9GG2LwIL/eGT71DQOW6O7De6+URU7thc4VQSpt0CBG3XDvtp1bo
+AQ+MHncOAGtz5ueJwC10HjflosRLc1U2DBWQmAGCiG9smu8eYsFKfFwhxoW1VBdD
+jP1GU4xZAoGZAN68jwJoaZ+GbRcAgkyHDA6u2nCjPZ5qTZAp4PWWkCcXlSG0rhjS
+8ZW+p55dw6W5hm0k5Ozg+kYKgSRH5THTPzHy3ijmKXoyvEjz+A8arf4StedPAg2Z
+OLw3cx0ZDGM86WDvhBrPxw0WtgpaJiogZ6vtSeOB64kLkdi9agDjuTucB/1kBgfx
+6i17wkjfCkWIvvdebDpkMQqfAoGZAP7vpWHvz34u/c2HrviigWhNrA2oWnLmwhem
+TSd8vLGPM4VmI189NIeP2x3SpLF+uPoLIhUWJSHxzl9yIZkZb2ci+jj5paiGad6P
+wEruhJL7pngMgxrU69G2qG4BRc1F0UNKqqqql9428GjcpSczw2nklSxeifkpLAfc
+kTDOxUSBx5k3oLEVEkov/FDmF0+afUOd/Rz1pHM9AoGYSPHpx/kX9lWY7nqNMbDc
+owZipZbgfDwGMNt2QBfSF+tiPMqmZZzX35mz3WqJw4GR47a8flNjw4J3LsGY7wtm
+293VIgHWvZ1WCnJT3+Z16wqHpjw6yOdQLFvgiDwG0Y1GRSfL1NgNMV0puxQxAYTh
+Tu4ET8zhrV0ro5bM24O4yyvbdgHG890nO0QXqbPZ8lHJcMvsl+buJLMCgZhcxIfB
+46n1mNPyfnVFNJ0yf1EkhyaiuSXXxUQ+Ij3nvtxYppoohfUff1GUwJn9nMdi9bop
+Qi2w9HTMdpOTSpYnSasUIIQPlxnfSyAGJFVJxxkEhkkO8nv9jCIuJXhpAgbsHbeM
+8xbgXc2N2vyeD1AEsJE33A8JA9pp4fFTeWp/S1p+fqeSyMAnDt8Z8SB6bxU2Db+V
+Ui3NYQKBmQDcQLZxlmIVCSoi7bgYao0MzTZQRGxh2Sb8IP0JG/8JeXSvWBos2fA9
+gGnjYxuadFpkLlNE+mj8Y9YcHsnPsHblVc/ebKH9rB3jHWg8+SDvEDsaB3KLJp4g
+ElDlARbld3I1ACNmpY7RTIAqSintWG2fg8w3lvCbm96xyisGLG9KL1z9pJdAO/LG
+EYRdbwn1bSCWDbwiqYkWFg==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+#!/bin/sh
+
+# Copyright (C) 2010 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+srcdir="${srcdir:-.}"
+CLI="${CLI:-../../src/gnutls-cli$EXEEXT}"
+PORT="${PORT:-5558}"
+unset RETCODE
+
+if test "${WINDIR}" != "";then
+ exit 77
+fi
+
+. ../scripts/common.sh
+
+echo "Compatibility checks using "`openssl version`
+
+DSA_CERT=$srcdir/../dsa/cert.dsa.1024.pem
+DSA_KEY=$srcdir/../dsa/dsa.1024.pem
+
+RSA_CERT=$srcdir/../certs/cert-rsa-2432.pem
+RSA_KEY=$srcdir/../certs/rsa-2432.pem
+
+CA_CERT=$srcdir/../../doc/credentials/x509-ca.pem
+CLI_CERT=$srcdir/../../doc/credentials/x509-client.pem
+CLI_KEY=$srcdir/../../doc/credentials/x509-client-key.pem
+
+SERV_CERT=$srcdir/../../doc/credentials/x509-server.pem
+SERV_KEY=$srcdir/../../doc/credentials/x509-server-key.pem
+SERV_DSA_CERT=$srcdir/../../doc/credentials/x509-server-dsa.pem
+SERV_DSA_KEY=$srcdir/../../doc/credentials/x509-server-key-dsa.pem
+
+echo "#####################"
+echo "# Client mode tests #"
+echo "#####################"
+
+SERV=openssl
+
+launch_bare_server $$ s_server -quiet -www -accept $PORT -keyform pem -certform pem -ssl3 -dhparam params.dh -key $RSA_KEY -cert $RSA_CERT -dkey $DSA_KEY -dcert $DSA_CERT -Verify 1 -CAfile $CA_CERT &
+PID=$!
+wait_server $PID
+
+# Test SSL 3.0 with RSA ciphersuite
+echo "Checking SSL 3.0 with RSA..."
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+RSA" --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+ fail "Failed"
+
+# Test SSL 3.0 with DHE-RSA ciphersuite
+echo "Checking SSL 3.0 with DHE-RSA..."
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-RSA" --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+ fail "Failed"
+
+# Test SSL 3.0 with DHE-DSS ciphersuite
+echo "Checking SSL 3.0 with DHE-DSS..."
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-DSS" --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+ fail "Failed"
+
+kill $PID
+wait
+
+launch_bare_server $$ s_server -quiet -www -accept $PORT -keyform pem -certform pem -tls1 -dhparam params.dh -key $RSA_KEY -cert $RSA_CERT -dkey $DSA_KEY -dcert $DSA_CERT -Verify 1 -CAfile $CA_CERT &
+PID=$!
+wait_server $PID
+
+# Test TLS 1.0 with RSA ciphersuite
+echo "Checking TLS 1.0 with RSA..."
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA" --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+ fail "Failed"
+
+# Test TLS 1.0 with DHE-RSA ciphersuite
+echo "Checking TLS 1.0 with DHE-RSA..."
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-RSA" --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+ fail "Failed"
+
+# Test TLS 1.0 with DHE-DSS ciphersuite
+echo "Checking TLS 1.0 with DHE-DSS..."
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-DSS" --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+ fail "Failed"
+
+kill $PID
+wait
+
+launch_bare_server $$ s_server -quiet -accept $PORT -keyform pem -certform pem -dtls1 -mtu 1000 -timeout -dhparam params.dh -key $RSA_KEY -cert $RSA_CERT -dkey $DSA_KEY -dcert $DSA_CERT -Verify 1 -CAfile $CA_CERT &
+PID=$!
+wait_server $PID
+
+# Test DTLS 1.0 with RSA ciphersuite
+echo "Checking DTLS 1.0 with RSA..."
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+RSA" --udp --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+ fail "Failed"
+
+kill $PID
+wait
+
+launch_bare_server $$ s_server -quiet -accept $PORT -keyform pem -certform pem -dtls1 -mtu 1000 -timeout -dhparam params.dh -key $RSA_KEY -cert $RSA_CERT -dkey $DSA_KEY -dcert $DSA_CERT -Verify 1 -CAfile $CA_CERT &
+PID=$!
+wait_server $PID
+
+# Test DTLS 1.0 with DHE-RSA ciphersuite
+echo "Checking DTLS 1.0 with DHE-RSA..."
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-RSA" --udp --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+ fail "Failed"
+
+kill $PID
+wait
+
+launch_bare_server $$ s_server -quiet -accept $PORT -keyform pem -certform pem -dtls1 -mtu 1000 -timeout -dhparam params.dh -key $RSA_KEY -cert $RSA_CERT -dkey $DSA_KEY -dcert $DSA_CERT -Verify 1 -CAfile $CA_CERT &
+PID=$!
+wait_server $PID
+
+# Test DTLS 1.0 with DHE-DSS ciphersuite
+echo "Checking DTLS 1.0 with DHE-DSS..."
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-DSS" --udp --insecure --x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+ fail "Failed"
+
+kill $PID
+wait
+
+echo "Client mode tests were successfully completed"
+echo ""
+echo "#####################"
+echo "# Server mode tests #"
+echo "#####################"
+SERV="../../src/gnutls-serv$EXEEXT -q"
+CLI="openssl"
+PORT="5559"
+
+# Note that openssl s_client does not return error code on failure
+
+echo "Check SSL 3.0 with RSA ciphersuite"
+launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+RSA" --x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT --dhparams params.dh & PID=$!
+wait_server $PID
+
+$CLI s_client -host localhost -port $PORT -ssl3 -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+ fail "Failed"
+
+kill $PID
+wait
+
+echo "Check SSL 3.0 with DHE-RSA ciphersuite"
+launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-RSA" --x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT --dhparams params.dh & PID=$!
+wait_server $PID
+
+$CLI s_client -host localhost -port $PORT -ssl3 -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+ fail "Failed"
+
+kill $PID
+wait
+
+echo "Check SSL 3.0 with DHE-DSS ciphersuite"
+launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-DSS" --x509certfile $SERV_DSA_CERT --x509keyfile $SERV_DSA_KEY --dhparams params.dh & PID=$!
+wait_server $PID
+
+$CLI s_client -host localhost -port $PORT -ssl3 -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+ fail "Failed"
+
+kill $PID
+wait
+
+#TLS 1.0
+
+echo "Check TLS 1.0 with RSA ciphersuite (SSLv2 hello)"
+launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA" --x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT --dhparams params.dh & PID=$!
+wait_server $PID
+
+$CLI s_client -host localhost -port $PORT -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+ fail "Failed"
+
+kill $PID
+wait
+
+echo "Check TLS 1.0 with DHE-RSA ciphersuite"
+launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-RSA" --x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT --dhparams params.dh & PID=$!
+wait_server $PID
+
+$CLI s_client -host localhost -tls1 -port $PORT -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+ fail "Failed"
+
+kill $PID
+wait
+
+echo "Check TLS 1.0 with DHE-DSS ciphersuite"
+launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-DSS" --x509certfile $SERV_DSA_CERT --x509keyfile $SERV_DSA_KEY --dhparams params.dh & PID=$!
+wait_server $PID
+
+$CLI s_client -host localhost -tls1 -port $PORT -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+ fail "Failed"
+
+kill $PID
+wait
+
+
+# DTLS
+echo "Check DTLS 1.0 with RSA ciphersuite"
+launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+RSA" --udp --x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT --dhparams params.dh & PID=$!
+wait_server $PID
+
+$CLI s_client -host localhost -port $PORT -dtls1 -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+ fail "Failed"
+
+kill $PID
+wait
+
+echo "Check DTLS 1.0 with DHE-RSA ciphersuite"
+launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-RSA" --udp --x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT --dhparams params.dh & PID=$!
+wait_server $PID
+
+$CLI s_client -host localhost -port $PORT -dtls1 -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+ fail "Failed"
+
+kill $PID
+wait
+
+echo "Check DTLS 1.0 with DHE-DSS ciphersuite"
+launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-DSS" --udp --x509certfile $SERV_DSA_CERT --x509keyfile $SERV_DSA_KEY --dhparams params.dh & PID=$!
+wait_server $PID
+
+$CLI s_client -host localhost -port $PORT -dtls1 -cert $CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+ fail "Failed"
+
+kill $PID
+wait
+
+
+
+exit 0