gnutls-cli: Fix output with option "--logfile"

The X.509 connection would still print informational message to the
stdout by default. Move that output to logfile and add x509 functionality
test in the test suite.

Signed-off-by: Ke Zhao <kzhao@redhat.com>

diff --git a/src/common.c b/src/common.c
index f0fdf9e00d1130ba227efbb9f9d972ab6076c5a4..01ecef90614a3a18182eeb308d44450b8f917b3a 100644 (file)
--- a/src/common.c
+++ b/src/common.c
@@ -168,8 +168,8 @@ print_x509_info(gnutls_session_t session, FILE *out, int flag, int print_cert, i
                return;
        }
 
-       fprintf(out, "- Certificate type: X.509\n");
-       fprintf(out, "- Got a certificate list of %d certificates.\n",
+       log_msg(out, "- Certificate type: X.509\n");
+       log_msg(out, "- Got a certificate list of %d certificates.\n",
               cert_list_size);
 
        for (j = 0; j < cert_list_size; j++) {
@@ -190,13 +190,13 @@ print_x509_info(gnutls_session_t session, FILE *out, int flag, int print_cert, i
                        return;
                }
 
-               fprintf(out, "- Certificate[%d] info:\n - ", j);
+               log_msg(out, "- Certificate[%d] info:\n - ", j);
                if (flag == GNUTLS_CRT_PRINT_COMPACT && j > 0)
                        flag = GNUTLS_CRT_PRINT_ONELINE;
 
                ret = gnutls_x509_crt_print(crt, flag, &cinfo);
                if (ret == 0) {
-                       fprintf(out, "%s\n", cinfo.data);
+                       log_msg(out, "%s\n", cinfo.data);
                        gnutls_free(cinfo.data);
                }
 
@@ -212,9 +212,7 @@ print_x509_info(gnutls_session_t session, FILE *out, int flag, int print_cert, i
                                return;
                        }
 
-                       fputs("\n", out);
-                       fputs((char*)pem.data, out);
-                       fputs("\n", out);
+                       log_msg(out, "\n%s\n", (char*)pem.data);
 
                        gnutls_free(pem.data);
                }

diff --git a/tests/logfile-option.sh b/tests/logfile-option.sh
index 64fa232c8b7901143d7d28366941530e0ce7e9b6..1eb7a492f79d39240e26b16632cf988d24b6a0c6 100755 (executable)
--- a/tests/logfile-option.sh
+++ b/tests/logfile-option.sh
@@ -48,14 +48,16 @@ SERV="${SERV} -q"
 
 echo "Checking whether logfile option works."
 
-KEY1=${srcdir}/../doc/credentials/x509/key-rsa.pem
-CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem
-OCSP1=${srcdir}/ocsp-tests/response1.der
+KEY1=${srcdir}/../doc/credentials/x509/example.com-key.pem
+CERT1=${srcdir}/../doc/credentials/x509/example.com-cert.pem
+CA1=${srcdir}/../doc/credentials/x509/ca.pem
 PSK=${srcdir}/psk.passwd
 
 TMPFILE1=save-data1.$$.tmp
 TMPFILE2=save-data2.$$.tmp
 
+OPTS="--sni-hostname example.com --verify-hostname example.com"
+
 eval "${GETPORT}"
 launch_server $$ --echo --priority NORMAL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=${PSK}
 PID=$!
@@ -110,4 +112,58 @@ else
 fi
 rm -f ${TMPFILE1} ${TMPFILE2}
 
+
+echo "x509 functionality test"
+eval "${GETPORT}"
+launch_server $$ --echo --sni-hostname-fatal --sni-hostname example.com --x509keyfile ${KEY1} --x509certfile ${CERT1}
+PID=$!
+wait_server ${PID}
+
+${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 ${OPTS} --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2" --x509cafile ${CA1}  </dev/null >${TMPFILE2}
+kill ${PID}
+wait
+
+if test -f ${TMPFILE1};then
+        echo "Logfile should not be created!"
+        exit 1
+fi
+if ! test -s ${TMPFILE2};then
+        echo "Stdout should not be empty!"
+        exit 1
+fi
+if grep -q "Handshake was completed" ${TMPFILE2};then
+        echo "Find the expected output!"
+else
+        echo "Cannot find the expected output!"
+        exit 1
+fi
+
+rm -f ${TMPFILE1} ${TMPFILE2}
+
+eval "${GETPORT}"
+launch_server $$ --echo --sni-hostname-fatal --sni-hostname example.com --x509keyfile ${KEY1} --x509certfile ${CERT1}
+PID=$!
+wait_server ${PID}
+
+${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 ${OPTS} --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2" --x509cafile ${CA1} --logfile ${TMPFILE1} </dev/null >${TMPFILE2}
+kill ${PID}
+wait
+
+if ! test -f ${TMPFILE1};then
+       echo "Logfile shoule be created!"
+       exit 1
+fi
+if test -s ${TMPFILE2};then
+       echo "Stdout should be empty!"
+       exit 1
+fi
+
+if grep -q "Handshake was completed" ${TMPFILE1}; then
+       echo "Found the expected output!"
+else
+       echo "Cannot find the expected output!"
+       exit 1
+fi
+rm -f ${TMPFILE1} ${TMPFILE2}
+
 exit 0