blob: 8ac90ae5eec37a76ef0ffa9001b8582a85708b43 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
|
#!/bin/sh
if [ "$1" = "" ]; then
key=../apps/server.pem
else
key="$1"
fi
if [ "$2" = "" ]; then
cert=../apps/server.pem
else
cert="$2"
fi
ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
dsa_cert=YES
else
dsa_cert=NO
fi
if [ "$3" = "" ]; then
CA="-CApath ../certs"
else
CA="-CAfile $3"
fi
if [ "$4" = "" ]; then
extra=""
else
extra="$4"
fi
#############################################################################
echo test sslv2
$ssltest -ssl2 $extra || exit 1
echo test sslv2 with server authentication
$ssltest -ssl2 -server_auth $CA $extra || exit 1
if [ $dsa_cert = NO ]; then
echo test sslv2 with client authentication
$ssltest -ssl2 -client_auth $CA $extra || exit 1
echo test sslv2 with both client and server authentication
$ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
fi
echo test sslv3
$ssltest -ssl3 $extra || exit 1
echo test sslv3 with server authentication
$ssltest -ssl3 -server_auth $CA $extra || exit 1
echo test sslv3 with client authentication
$ssltest -ssl3 -client_auth $CA $extra || exit 1
echo test sslv3 with both client and server authentication
$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
echo test sslv2/sslv3
$ssltest $extra || exit 1
echo test sslv2/sslv3 with server authentication
$ssltest -server_auth $CA $extra || exit 1
echo test sslv2/sslv3 with client authentication
$ssltest -client_auth $CA $extra || exit 1
echo test sslv2/sslv3 with both client and server authentication
$ssltest -server_auth -client_auth $CA $extra || exit 1
echo test sslv2 via BIO pair
$ssltest -bio_pair -ssl2 $extra || exit 1
echo test sslv2 with server authentication via BIO pair
$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
if [ $dsa_cert = NO ]; then
echo test sslv2 with client authentication via BIO pair
$ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
echo test sslv2 with both client and server authentication via BIO pair
$ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
fi
echo test sslv3 via BIO pair
$ssltest -bio_pair -ssl3 $extra || exit 1
echo test sslv3 with server authentication via BIO pair
$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
echo test sslv3 with client authentication via BIO pair
$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
echo test sslv3 with both client and server authentication via BIO pair
$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
echo test sslv2/sslv3 via BIO pair
$ssltest $extra || exit 1
if [ $dsa_cert = NO ]; then
echo test sslv2/sslv3 w/o DHE via BIO pair
$ssltest -bio_pair -no_dhe $extra || exit 1
fi
echo test sslv2/sslv3 with 1024bit DHE via BIO pair
$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
echo test sslv2/sslv3 with server authentication
$ssltest -bio_pair -server_auth $CA $extra || exit 1
echo test sslv2/sslv3 with client authentication via BIO pair
$ssltest -bio_pair -client_auth $CA $extra || exit 1
echo test sslv2/sslv3 with both client and server authentication via BIO pair
$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
#############################################################################
if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
echo skipping anonymous DH tests
else
echo test tls1 with 1024bit anonymous DH, multiple handshakes
$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
fi
if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
echo skipping RSA tests
else
echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
echo skipping RSA+DHE tests
else
echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
fi
fi
exit 0
|