Use an OCTET STRING for the encoding of an OCSP nonce value.

[openssl.git] / test / testssl.com

diff --git a/test/testssl.com b/test/testssl.com
index 4470b7625399fe508fb0a90b6e76bbebc2d98ce2..26308f7715cd8098014c113a3df8eb6fa215f3ab 100644 (file)
--- a/test/testssl.com
+++ b/test/testssl.com
@@ -19,12 +19,12 @@ $       cert=p2
 $      endif
 $      ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
 $
-$      define/user sys$output test-ssltest-output.
+$      define/user sys$output testssl-x509-output.
 $      define/user sys$error nla0:
 $      mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
 $      set noon
 $      define/user sys$error nla0:
-$      search/output=nla0: testssl-ssltest-output. "DSA Public Key"/exact
+$      search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
 $      if $severity .eq. 1
 $      then
 $          dsa_cert := YES
@@ -32,7 +32,7 @@ $     else
 $          dsa_cert := NO
 $      endif
 $      set on
-$      delete testssl-ssltest-output.;*
+$      delete testssl-x509-output.;*
 $
 $      if p3 .eqs. ""
 $      then
@@ -159,16 +159,25 @@ $ if $severity .ne. 1 then goto exit3
 $
 $!###########################################################################
 $
-$      write sys$output "test tls1 with 1024bit anonymous SH, multiple handshakes"
-$      'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
-$      if $severity .ne. 1 then goto exit3
-$
 $      set noon
 $      define/user sys$output nla0:
 $      mcr 'exe_dir'openssl no-rsa
-$      save_severity=$SEVERITY
+$      no_rsa=$SEVERITY
+$      define/user sys$output nla0:
+$      mcr 'exe_dir'openssl no-dh
+$      no_dh=$SEVERITY
 $      set on
-$      if save_severity
+$
+$      if no_dh
+$      then
+$          write sys$output "skipping anonymous DH tests"
+$      else
+$          write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
+$          'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
+$          if $severity .ne. 1 then goto exit3
+$      endif
+$
+$      if no_rsa
 $      then
 $          write sys$output "skipping RSA tests"
 $      else
@@ -176,9 +185,14 @@ $      write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
 $          mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
 $          if $severity .ne. 1 then goto exit3
 $
-$          write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
-$          mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
-$          if $severity .ne. 1 then goto exit3
+$          if no_dh
+$          then
+$              write sys$output "skipping RSA+DHE tests"
+$          else
+$              write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
+$              mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
+$              if $severity .ne. 1 then goto exit3
+$          endif
 $      endif
 $
 $      RET = 1
@@ -186,5 +200,5 @@ $   goto exit
 $ exit3:
 $      RET = 3
 $ exit:
-$      delete certs.tmp;*
+$      if p3 .eqs. "" then delete certs.tmp;*
 $      exit 'RET'