X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=test%2Ftestssl;h=2151a6438cdab64341bb30711efe7b2c79df98ae;hp=e256e38b41f01ffac200fe21c6f692fd6e6f7172;hb=8224b0cbe51ce28bcb11440f0262bb8122991b08;hpb=563f1503a83f690ac428f725057fc19be6728e9e diff --git a/test/testssl b/test/testssl index e256e38b41..2151a6438c 100644 --- a/test/testssl +++ b/test/testssl @@ -1,86 +1,128 @@ #!/bin/sh +if [ "$1" = "" ]; then + key=../apps/server.pem +else + key="$1" +fi +if [ "$2" = "" ]; then + cert=../apps/server.pem +else + cert="$2" +fi +ssltest="./ssltest -key $key -cert $cert -c_key $key -c_cert $cert" + +if ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then + dsa_cert=YES +else + dsa_cert=NO +fi + +if [ "$3" = "" ]; then + CA="-CApath ../certs" +else + CA="-CAfile $3" +fi + +############################################################################# + echo test sslv2 -./ssltest -ssl2 || exit 1 +$ssltest -ssl2 || exit 1 echo test sslv2 with server authentication -./ssltest -ssl2 -server_auth -CApath ../certs || exit 1 +$ssltest -ssl2 -server_auth $CA || exit 1 -echo test sslv2 with client authentication -./ssltest -ssl2 -client_auth -CApath ../certs || exit 1 +if [ $dsa_cert = NO ]; then + echo test sslv2 with client authentication + $ssltest -ssl2 -client_auth $CA || exit 1 -echo test sslv2 with both client and server authentication -./ssltest -ssl2 -server_auth -client_auth -CApath ../certs || exit 1 + echo test sslv2 with both client and server authentication + $ssltest -ssl2 -server_auth -client_auth $CA || exit 1 +fi echo test sslv3 -./ssltest -ssl3 || exit 1 +$ssltest -ssl3 || exit 1 echo test sslv3 with server authentication -./ssltest -ssl3 -server_auth -CApath ../certs || exit 1 +$ssltest -ssl3 -server_auth $CA || exit 1 echo test sslv3 with client authentication -./ssltest -ssl3 -client_auth -CApath ../certs || exit 1 +$ssltest -ssl3 -client_auth $CA || exit 1 echo test sslv3 with both client and server authentication -./ssltest -ssl3 -server_auth -client_auth -CApath ../certs || exit 1 +$ssltest -ssl3 -server_auth -client_auth $CA || exit 1 echo test sslv2/sslv3 -./ssltest || exit 1 +$ssltest || exit 1 echo test sslv2/sslv3 with server authentication -./ssltest -server_auth -CApath ../certs || exit 1 +$ssltest -server_auth $CA || exit 1 echo test sslv2/sslv3 with client authentication -./ssltest -client_auth -CApath ../certs || exit 1 +$ssltest -client_auth $CA || exit 1 echo test sslv2/sslv3 with both client and server authentication -./ssltest -server_auth -client_auth -CApath ../certs || exit 1 +$ssltest -server_auth -client_auth $CA || exit 1 echo test sslv2 via BIO pair -./ssltest -bio_pair -ssl2 || exit 1 +$ssltest -bio_pair -ssl2 || exit 1 echo test sslv2 with server authentication via BIO pair -./ssltest -bio_pair -ssl2 -server_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -ssl2 -server_auth $CA || exit 1 -echo test sslv2 with client authentication via BIO pair -./ssltest -bio_pair -ssl2 -client_auth -CApath ../certs || exit 1 +if [ $dsa_cert = NO ]; then + echo test sslv2 with client authentication via BIO pair + $ssltest -bio_pair -ssl2 -client_auth $CA || exit 1 -echo test sslv2 with both client and server authentication via BIO pair -./ssltest -bio_pair -ssl2 -server_auth -client_auth -CApath ../certs || exit 1 + echo test sslv2 with both client and server authentication via BIO pair + $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA || exit 1 +fi echo test sslv3 via BIO pair -./ssltest -bio_pair -ssl3 || exit 1 +$ssltest -bio_pair -ssl3 || exit 1 echo test sslv3 with server authentication via BIO pair -./ssltest -bio_pair -ssl3 -server_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -ssl3 -server_auth $CA || exit 1 echo test sslv3 with client authentication via BIO pair -./ssltest -bio_pair -ssl3 -client_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -ssl3 -client_auth $CA || exit 1 echo test sslv3 with both client and server authentication via BIO pair -./ssltest -bio_pair -ssl3 -server_auth -client_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA || exit 1 echo test sslv2/sslv3 via BIO pair -./ssltest || exit 1 +$ssltest || exit 1 -echo test sslv2/sslv3 w/o DHE via BIO pair -./ssltest -bio_pair -no_dhe || exit 1 +if [ $dsa_cert = NO ]; then + echo test sslv2/sslv3 w/o DHE via BIO pair + $ssltest -bio_pair -no_dhe || exit 1 +fi echo test sslv2/sslv3 with 1024bit DHE via BIO pair -./ssltest -bio_pair -dhe1024dsa -v || exit 1 +$ssltest -bio_pair -dhe1024dsa -v || exit 1 echo test sslv2/sslv3 with server authentication -./ssltest -bio_pair -server_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -server_auth $CA || exit 1 echo test sslv2/sslv3 with client authentication via BIO pair -./ssltest -bio_pair -client_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -client_auth $CA || exit 1 echo test sslv2/sslv3 with both client and server authentication via BIO pair -./ssltest -bio_pair -server_auth -client_auth -CApath ../certs || exit 1 +$ssltest -bio_pair -server_auth -client_auth $CA || exit 1 + +############################################################################# + +echo test tls1 with 1024bit anonymous DH, multiple handshakes +$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time || exit 1 + +if ../apps/openssl no-rsa; then + echo skipping RSA tests +else + echo test tls1 with 1024bit RSA, no DHE, multiple handshakes + ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time || exit 1 -echo test tls1 with 1024bit RSA, no DHE, multiple handshakes -./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time || exit 1 + echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes + ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time || exit 1 +fi -echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes -./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time || exit 1 exit 0