X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=test%2Ftestssl.com;h=f19edc4719f85f6735258b9f92180687e5a2e9c1;hp=06c9f657a7fd4b448f526309e4ab725aa58e08ef;hb=4b64e0cbdb563e13a6f7cd8631b31532c04f1234;hpb=7d7d2cbcb02206f3393681f2bce198e11e2e185b diff --git a/test/testssl.com b/test/testssl.com index 06c9f657a7..f19edc4719 100644 --- a/test/testssl.com +++ b/test/testssl.com @@ -1,63 +1,208 @@ $! TESTSSL.COM $ -$ __arch := VAX -$ if f$getsyi("cpu") .ge. 128 then __arch := AXP -$ exe_dir := sys$disk:[-.'__arch'.exe.test] +$ __arch = "VAX" +$ if f$getsyi("cpu") .ge. 128 then - + __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") +$ if __arch .eqs. "" then __arch = "UNK" +$! +$ if (p4 .eqs. "64") then __arch = __arch+ "_64" +$! +$ texe_dir = "sys$disk:[-.''__arch'.exe.test]" +$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" $ -$ copy/concatenate [-.certs]*.pem certs.tmp +$ if p1 .eqs. "" +$ then +$ key="[-.apps]server.pem" +$ else +$ key=p1 +$ endif +$ if p2 .eqs. "" +$ then +$ cert="[-.apps]server.pem" +$ else +$ cert=p2 +$ endif +$ ssltest = "mcr ''texe_dir'ssltest -key ''key'"+ - + " -cert ''cert' -c_key ''key' -c_cert ''cert'" +$! +$ set noon +$ define/user sys$output testssl-x509-output. +$ define/user sys$error nla0: +$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout +$ define/user sys$error nla0: +$ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact +$ if $severity .eq. 1 +$ then +$ dsa_cert = "YES" +$ else +$ dsa_cert = "NO" +$ endif +$ delete testssl-x509-output.;* +$ +$ if p3 .eqs. "" +$ then +$ copy/concatenate [-.certs]*.pem certs.tmp +$ CA = """-CAfile"" certs.tmp" +$ else +$ CA = """-CAfile"" "+p3 +$ endif +$ +$!########################################################################### $ $ write sys$output "test sslv2" -$ mcr 'exe_dir'ssltest -ssl2 +$ 'ssltest' -ssl2 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 with server authentication" -$ mcr 'exe_dir'ssltest -ssl2 -server_auth "-CAfile" certs.tmp +$ 'ssltest' -ssl2 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ -$ write sys$output "test sslv2 with client authentication" -$ mcr 'exe_dir'ssltest -ssl2 -client_auth "-CAfile" certs.tmp -$ if $severity .ne. 1 then goto exit3 +$ if .not. dsa_cert +$ then +$ write sys$output "test sslv2 with client authentication" +$ 'ssltest' -ssl2 -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 $ -$ write sys$output "test sslv2 with both client and server authentication" -$ mcr 'exe_dir'ssltest -ssl2 -server_auth -client_auth "-CAfile" certs.tmp -$ if $severity .ne. 1 then goto exit3 +$ write sys$output "test sslv2 with both client and server authentication" +$ 'ssltest' -ssl2 -server_auth -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ endif $ $ write sys$output "test sslv3" -$ mcr 'exe_dir'ssltest -ssl3 +$ 'ssltest' -ssl3 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with server authentication" -$ mcr 'exe_dir'ssltest -ssl3 -server_auth "-CAfile" certs.tmp +$ 'ssltest' -ssl3 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with client authentication" -$ mcr 'exe_dir'ssltest -ssl3 -client_auth "-CAfile" certs.tmp +$ 'ssltest' -ssl3 -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with both client and server authentication" -$ mcr 'exe_dir'ssltest -ssl3 -server_auth -client_auth "-CAfile" certs.tmp +$ 'ssltest' -ssl3 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3" -$ mcr 'exe_dir'ssltest +$ 'ssltest' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with server authentication" -$ mcr 'exe_dir'ssltest -server_auth "-CAfile" certs.tmp +$ 'ssltest' -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with client authentication" -$ mcr 'exe_dir'ssltest -client_auth "-CAfile" certs.tmp +$ 'ssltest' -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with both client and server authentication" -$ mcr 'exe_dir'ssltest -server_auth -client_auth "-CAfile" certs.tmp +$ 'ssltest' -server_auth -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ +$ write sys$output "test sslv2 via BIO pair" +$ 'ssltest' -bio_pair -ssl2 +$ if $severity .ne. 1 then goto exit3 +$ +$ write sys$output "test sslv2 with server authentication via BIO pair" +$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ +$ if .not. dsa_cert +$ then +$ write sys$output "test sslv2 with client authentication via BIO pair" +$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ +$ write sys$output "test sslv2 with both client and server authentication via BIO pair" +$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ endif +$ +$ write sys$output "test sslv3 via BIO pair" +$ 'ssltest' -bio_pair -ssl3 +$ if $severity .ne. 1 then goto exit3 +$ +$ write sys$output "test sslv3 with server authentication via BIO pair" +$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ +$ write sys$output "test sslv3 with client authentication via BIO pair" +$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 + +$ write sys$output "test sslv3 with both client and server authentication via BIO pair" +$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ +$ write sys$output "test sslv2/sslv3 via BIO pair" +$ 'ssltest' +$ if $severity .ne. 1 then goto exit3 +$ +$ if .not. dsa_cert +$ then +$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair" +$ 'ssltest' -bio_pair -no_dhe +$ if $severity .ne. 1 then goto exit3 +$ endif +$ +$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" +$ 'ssltest' -bio_pair -dhe1024dsa -v +$ if $severity .ne. 1 then goto exit3 +$ +$ write sys$output "test sslv2/sslv3 with server authentication" +$ 'ssltest' -bio_pair -server_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ +$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair" +$ 'ssltest' -bio_pair -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ +$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair" +$ 'ssltest' -bio_pair -server_auth -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ +$!########################################################################### +$ +$ define/user sys$output nla0: +$ mcr 'exe_dir'openssl no-rsa +$ no_rsa=$SEVERITY +$ define/user sys$output nla0: +$ mcr 'exe_dir'openssl no-dh +$ no_dh=$SEVERITY +$ +$ if no_dh +$ then +$ write sys$output "skipping anonymous DH tests" +$ else +$ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes" +$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time +$ if $severity .ne. 1 then goto exit3 +$ endif +$ +$ if no_rsa +$ then +$ write sys$output "skipping RSA tests" +$ else +$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes" +$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time +$ if $severity .ne. 1 then goto exit3 +$ +$ if no_dh +$ then +$ write sys$output "skipping RSA+DHE tests" +$ else +$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" +$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time +$ if $severity .ne. 1 then goto exit3 +$ endif +$ endif +$ $ RET = 1 $ goto exit $ exit3: $ RET = 3 $ exit: -$ delete certs.tmp;* +$ if p3 .eqs. "" then delete certs.tmp;* +$ set on $ exit 'RET'