X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=test%2Ftestssl.com;h=26308f7715cd8098014c113a3df8eb6fa215f3ab;hb=bc767216d9c570812a2c5e1f6ef1cd34d346334c;hp=0b4b0a0ad3c7159a66745940115ee34becb6e627;hpb=da0fc5bf0f25ee488838845a66f47b444f8c7b70;p=openssl.git

diff --git a/test/testssl.com b/test/testssl.com
index 0b4b0a0ad3..26308f7715 100644
--- a/test/testssl.com
+++ b/test/testssl.com
@@ -2,118 +2,203 @@ $! TESTSSL.COM
 $
 $	__arch := VAX
 $	if f$getsyi("cpu") .ge. 128 then __arch := AXP
-$	exe_dir := sys$disk:[-.'__arch'.exe.test]
-$
-$	copy/concatenate [-.certs]*.pem certs.tmp
+$	texe_dir := sys$disk:[-.'__arch'.exe.test]
+$	exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$	if p1 .eqs. ""
+$	then
+$	    key="[-.apps]server.pem"
+$	else
+$	    key=p1
+$	endif
+$	if p2 .eqs. ""
+$	then
+$	    cert="[-.apps]server.pem"
+$	else
+$	    cert=p2
+$	endif
+$	ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
+$
+$	define/user sys$output testssl-x509-output.
+$	define/user sys$error nla0:
+$	mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
+$	set noon
+$	define/user sys$error nla0:
+$	search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
+$	if $severity .eq. 1
+$	then
+$	    dsa_cert := YES
+$	else
+$	    dsa_cert := NO
+$	endif
+$	set on
+$	delete testssl-x509-output.;*
+$
+$	if p3 .eqs. ""
+$	then
+$	    copy/concatenate [-.certs]*.pem certs.tmp
+$	    CA = """-CAfile"" certs.tmp"
+$	else
+$	    CA = """-CAfile"" "+p3
+$	endif
+$
+$!###########################################################################
 $
 $	write sys$output "test sslv2"
-$	mcr 'exe_dir'ssltest -ssl2
+$	'ssltest' -ssl2
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2 with server authentication"
-$	mcr 'exe_dir'ssltest -ssl2 -server_auth "-CAfile" certs.tmp
+$	'ssltest' -ssl2 -server_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
-$	write sys$output "test sslv2 with client authentication"
-$	mcr 'exe_dir'ssltest -ssl2 -client_auth "-CAfile" certs.tmp
-$	if $severity .ne. 1 then goto exit3
+$	if .not. dsa_cert
+$	then
+$	    write sys$output "test sslv2 with client authentication"
+$	    'ssltest' -ssl2 -client_auth 'CA'
+$	    if $severity .ne. 1 then goto exit3
 $
-$	write sys$output "test sslv2 with both client and server authentication"
-$	mcr 'exe_dir'ssltest -ssl2 -server_auth -client_auth "-CAfile" certs.tmp
-$	if $severity .ne. 1 then goto exit3
+$	    write sys$output "test sslv2 with both client and server authentication"
+$	    'ssltest' -ssl2 -server_auth -client_auth 'CA'
+$	    if $severity .ne. 1 then goto exit3
+$	endif
 $
 $	write sys$output "test sslv3"
-$	mcr 'exe_dir'ssltest -ssl3
+$	'ssltest' -ssl3
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv3 with server authentication"
-$	mcr 'exe_dir'ssltest -ssl3 -server_auth "-CAfile" certs.tmp
+$	'ssltest' -ssl3 -server_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv3 with client authentication"
-$	mcr 'exe_dir'ssltest -ssl3 -client_auth "-CAfile" certs.tmp
+$	'ssltest' -ssl3 -client_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv3 with both client and server authentication"
-$	mcr 'exe_dir'ssltest -ssl3 -server_auth -client_auth "-CAfile" certs.tmp
+$	'ssltest' -ssl3 -server_auth -client_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3"
-$	mcr 'exe_dir'ssltest
+$	'ssltest'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 with server authentication"
-$	mcr 'exe_dir'ssltest -server_auth "-CAfile" certs.tmp
+$	'ssltest' -server_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 with client authentication"
-$	mcr 'exe_dir'ssltest -client_auth "-CAfile" certs.tmp
+$	'ssltest' -client_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 with both client and server authentication"
-$	mcr 'exe_dir'ssltest -server_auth -client_auth "-CAfile" certs.tmp
+$	'ssltest' -server_auth -client_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2 via BIO pair"
-$	mcr 'exe_dir'ssltest -bio_pair -ssl2 
-$	if $severity .ne. 1 then goto exit3
-$
-$	write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
-$	mcr 'exe_dir'ssltest -bio_pair -dhe1024 -v
+$	'ssltest' -bio_pair -ssl2 
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2 with server authentication via BIO pair"
-$	mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth "-CAfile" certs.tmp 
+$	'ssltest' -bio_pair -ssl2 -server_auth 'CA' 
 $	if $severity .ne. 1 then goto exit3
 $
-$	write sys$output "test sslv2 with client authentication via BIO pair"
-$	mcr 'exe_dir'ssltest -bio_pair -ssl2 -client_auth "-CAfile" certs.tmp 
-$	if $severity .ne. 1 then goto exit3
+$	if .not. dsa_cert
+$	then
+$	    write sys$output "test sslv2 with client authentication via BIO pair"
+$	    'ssltest' -bio_pair -ssl2 -client_auth 'CA' 
+$	    if $severity .ne. 1 then goto exit3
 $
-$	write sys$output "test sslv2 with both client and server authentication via BIO pair"
-$	mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth -client_auth "-CAfile" certs.tmp 
-$	if $severity .ne. 1 then goto exit3
+$	    write sys$output "test sslv2 with both client and server authentication via BIO pair"
+$	    'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' 
+$	    if $severity .ne. 1 then goto exit3
+$	endif
 $
 $	write sys$output "test sslv3 via BIO pair"
-$	mcr 'exe_dir'ssltest -bio_pair -ssl3 
+$	'ssltest' -bio_pair -ssl3 
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv3 with server authentication via BIO pair"
-$	mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth "-CAfile" certs.tmp 
+$	'ssltest' -bio_pair -ssl3 -server_auth 'CA' 
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv3 with client authentication via BIO pair"
-$	mcr 'exe_dir'ssltest -bio_pair -ssl3 -client_auth "-CAfile" certs.tmp 
+$	'ssltest' -bio_pair -ssl3 -client_auth 'CA' 
 $	if $severity .ne. 1 then goto exit3
  
 $	write sys$output "test sslv3 with both client and server authentication via BIO pair"
-$	mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth -client_auth "-CAfile" certs.tmp 
+$	'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' 
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 via BIO pair"
-$	mcr 'exe_dir'ssltest 
+$	'ssltest' 
 $	if $severity .ne. 1 then goto exit3
 $
-$	write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
-$	mcr 'exe_dir'ssltest -bio_pair -no_dhe
+$	if .not. dsa_cert
+$	then
+$	    write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
+$	    'ssltest' -bio_pair -no_dhe
+$	    if $severity .ne. 1 then goto exit3
+$	endif
+$
+$	write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
+$	'ssltest' -bio_pair -dhe1024dsa -v
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 with server authentication"
-$	mcr 'exe_dir'ssltest -bio_pair -server_auth "-CAfile" certs.tmp 
+$	'ssltest' -bio_pair -server_auth 'CA' 
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
-$	mcr 'exe_dir'ssltest -bio_pair -client_auth "-CAfile" certs.tmp 
+$	'ssltest' -bio_pair -client_auth 'CA' 
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
-$	mcr 'exe_dir'ssltest -bio_pair -server_auth -client_auth "-CAfile" certs.tmp 
-$	if $severity .ne. 1 then goto exit3
+$	'ssltest' -bio_pair -server_auth -client_auth 'CA' 
+$	if $severity .ne. 1 then goto exit3
+$
+$!###########################################################################
+$
+$	set noon
+$	define/user sys$output nla0:
+$	mcr 'exe_dir'openssl no-rsa
+$	no_rsa=$SEVERITY
+$	define/user sys$output nla0:
+$	mcr 'exe_dir'openssl no-dh
+$	no_dh=$SEVERITY
+$	set on
+$
+$	if no_dh
+$	then
+$	    write sys$output "skipping anonymous DH tests"
+$	else
+$	    write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
+$	    'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
+$	    if $severity .ne. 1 then goto exit3
+$	endif
+$
+$	if no_rsa
+$	then
+$	    write sys$output "skipping RSA tests"
+$	else
+$	    write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
+$	    mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
+$	    if $severity .ne. 1 then goto exit3
+$
+$	    if no_dh
+$	    then
+$		write sys$output "skipping RSA+DHE tests"
+$	    else
+$		write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
+$		mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
+$		if $severity .ne. 1 then goto exit3
+$	    endif
+$	endif
 $
 $	RET = 1
 $	goto exit
 $ exit3:
 $	RET = 3
 $ exit:
-$	delete certs.tmp;*
+$	if p3 .eqs. "" then delete certs.tmp;*
 $	exit 'RET'