X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=test%2Ftestssl;h=ca8e718022aa08b21b9e2558cca693d42680b11c;hb=79b42e76548f232a4736df0a3322fa7676868537;hp=a88e290c577da301b278f9bb6cd2f33c29a3440a;hpb=a87030a1edf0e4c6d601895f810b2d0da84ee10a;p=openssl.git diff --git a/test/testssl b/test/testssl index a88e290c57..ca8e718022 100644 --- a/test/testssl +++ b/test/testssl @@ -1,81 +1,145 @@ #!/bin/sh +if [ "$1" = "" ]; then + key=../apps/server.pem +else + key="$1" +fi +if [ "$2" = "" ]; then + cert=../apps/server.pem +else + cert="$2" +fi +ssltest="./ssltest -key $key -cert $cert -c_key $key -c_cert $cert" + +if ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then + dsa_cert=YES +else + dsa_cert=NO +fi + +if [ "$3" = "" ]; then + CA="-CApath ../certs" +else + CA="-CAfile $3" +fi + +if [ "$4" = "" ]; then + extra="" +else + extra="$4" +fi + +############################################################################# + echo test sslv2 -./ssltest -ssl2 || exit 1 +$ssltest -ssl2 $extra || exit 1 echo test sslv2 with server authentication -./ssltest -ssl2 -server_auth -CApath ../certs || exit 1 +$ssltest -ssl2 -server_auth $CA $extra || exit 1 -echo test sslv2 with client authentication -./ssltest -ssl2 -client_auth -CApath ../certs || exit 1 +if [ $dsa_cert = NO ]; then + echo test sslv2 with client authentication + $ssltest -ssl2 -client_auth $CA $extra || exit 1 -echo test sslv2 with both client and server authentication -./ssltest -ssl2 -server_auth -client_auth -CApath ../certs || exit 1 + echo test sslv2 with both client and server authentication + $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1 +fi echo test sslv3 -./ssltest -ssl3 || exit 1 +$ssltest -ssl3 $extra || exit 1 echo test sslv3 with server authentication -./ssltest -ssl3 -server_auth -CApath ../certs || exit 1 +$ssltest -ssl3 -server_auth $CA $extra || exit 1 echo test sslv3 with client authentication -./ssltest -ssl3 -client_auth -CApath ../certs || exit 1 +$ssltest -ssl3 -client_auth $CA $extra || exit 1 echo test sslv3 with both client and server authentication -./ssltest -ssl3 -server_auth -client_auth -CApath ../certs || exit 1 +$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 -./ssltest || exit 1 +$ssltest $extra || exit 1 echo test sslv2/sslv3 with server authentication -./ssltest -server_auth -CApath ../certs || exit 1 +$ssltest -server_auth $CA $extra || exit 1 echo test sslv2/sslv3 with client authentication -./ssltest -client_auth -CApath ../certs || exit 1 +$ssltest -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 with both client and server authentication -./ssltest -server_auth -client_auth -CApath ../certs || exit 1 +$ssltest -server_auth -client_auth $CA $extra || exit 1 echo test sslv2 via BIO pair -./ssltest -bio_pair -ssl2 || exit 1 +$ssltest -bio_pair -ssl2 $extra || exit 1 echo test sslv2 with server authentication via BIO pair -./ssltest -bio_pair -ssl2 -server_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1 -echo test sslv2 with client authentication via BIO pair -./ssltest -bio_pair -ssl2 -client_auth -CApath ../certs || exit 1 +if [ $dsa_cert = NO ]; then + echo test sslv2 with client authentication via BIO pair + $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1 -echo test sslv2 with both client and server authentication via BIO pair -./ssltest -bio_pair -ssl2 -server_auth -client_auth -CApath ../certs || exit 1 + echo test sslv2 with both client and server authentication via BIO pair + $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1 +fi echo test sslv3 via BIO pair -./ssltest -bio_pair -ssl3 || exit 1 +$ssltest -bio_pair -ssl3 $extra || exit 1 echo test sslv3 with server authentication via BIO pair -./ssltest -bio_pair -ssl3 -server_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1 echo test sslv3 with client authentication via BIO pair -./ssltest -bio_pair -ssl3 -client_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1 echo test sslv3 with both client and server authentication via BIO pair -./ssltest -bio_pair -ssl3 -server_auth -client_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 via BIO pair -./ssltest || exit 1 +$ssltest $extra || exit 1 -echo test sslv2/sslv3 w/o DHE via BIO pair -./ssltest -bio_pair -no_dhe || exit 1 +if [ $dsa_cert = NO ]; then + echo test sslv2/sslv3 w/o DHE via BIO pair + $ssltest -bio_pair -no_dhe $extra || exit 1 +fi -echo test sslv2/sslv3 with 1024bit DHE -./ssltest -bio_pair -dhe1024 -v || exit 1 +echo test sslv2/sslv3 with 1024bit DHE via BIO pair +$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1 echo test sslv2/sslv3 with server authentication -./ssltest -bio_pair -server_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -server_auth $CA $extra || exit 1 echo test sslv2/sslv3 with client authentication via BIO pair -./ssltest -bio_pair -client_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -client_auth $CA $extra || exit 1 echo test sslv2/sslv3 with both client and server authentication via BIO pair -./ssltest -bio_pair -server_auth -client_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1 + +echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify +$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1 + +############################################################################# + +if ../apps/openssl no-dh; then + echo skipping anonymous DH tests +else + echo test tls1 with 1024bit anonymous DH, multiple handshakes + $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 +fi + +if ../apps/openssl no-rsa; then + echo skipping RSA tests +else + echo test tls1 with 1024bit RSA, no DHE, multiple handshakes + ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1 + + if ../apps/openssl no-dh; then + echo skipping RSA+DHE tests + else + echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes + ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 + fi +fi exit 0