mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tests: fix test scripts for paths with spaces

This commit is contained in:
Elms 2021-06-08 18:42:30 -07:00
parent 3180ec96a5
commit 21db484f50
11 changed files with 173 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
scripts/crl-revoked.test
View File

@ -29,9 +29,9 @@ server_pid=$no_pid
ready_file=`pwd`/wolfssl_crl_ready$$
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "removing existing ready file"
rm $ready_file
rm "$ready_file"
fi
}
@ -70,12 +70,12 @@ run_test() {
# starts the server on crl_port, -R generates ready file to be used as a
# mutex lock, -c loads the revoked certificate. We capture the processid
# into the variable server_pid
./examples/server/server -R $ready_file -p $crl_port \
./examples/server/server -R "$ready_file" -p $crl_port \
-c ${CERT_DIR}/server-revoked-cert.pem \
-k ${CERT_DIR}/server-revoked-key.pem &
server_pid=$!
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
echo -e "waiting for ready file..."
sleep 0.1
counter=$((counter+ 1))
@ -84,7 +84,7 @@ run_test() {
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
sleep 0.1
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "found ready file, starting client..."
else
echo -e "NO ready file ending test..."
@ -92,7 +92,7 @@ run_test() {
fi
# get created port 0 ephemeral port
crl_port="$(cat $ready_file)"
crl_port="$(cat "$ready_file")"
# starts client on crl_port and captures the output from client
capture_out=$(./examples/client/client -p $crl_port 2>&1)
@ -147,18 +147,18 @@ run_hashdir_test() {
# starts the server on crl_port, -R generates ready file to be used as a
# mutex lock, -c loads the revoked certificate. We capture the processid
# into the variable server_pid
./examples/server/server -R $ready_file -p $crl_port \
./examples/server/server -R "$ready_file" -p $crl_port \
-c ${CERT_DIR}/server-revoked-cert.pem \
-k ${CERT_DIR}/server-revoked-key.pem &
server_pid=$!
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
echo -e "waiting for ready file..."
sleep 0.1
counter=$((counter+ 1))
done
# get created port 0 ephemeral port
crl_port="$(cat $ready_file)"
crl_port="$(cat "$ready_file")"
# starts client on crl_port and captures the output from client
capture_out=$(./examples/client/client -p $crl_port -9 2>&1)

2
scripts/external.test
View File

@ -34,7 +34,7 @@ if [ $? -ne 0 ]; then
fi
# is our desired server there?
${SCRIPT_DIR}/ping.test $server 2
"${SCRIPT_DIR}"/ping.test $server 2
RESULT=$?
[ $RESULT -ne 0 ] && exit 0

40
scripts/ocsp-stapling-with-ca-as-responder.test
View File

@ -43,7 +43,7 @@ CERT_DIR="certs/ocsp"
ready_file="${WORKSPACE}"/wolf_ocsp_s1_readyF$$
ready_file2="${WORKSPACE}"/wolf_ocsp_s1_readyF2$$
printf '%s\n' "ready files: $ready_file $ready_file2"
printf '%s\n' "ready files: \"$ready_file\" \"$ready_file2\""
test_cnf="ocsp_s_w_ca_a_r.cnf"
@ -51,7 +51,7 @@ wait_for_readyFile(){
counter=0
while [ ! -s $1 -a "$counter" -lt 20 ]; do
while [ ! -s "$1" -a "$counter" -lt 20 ]; do
if [[ -n "${2-}" ]]; then
if ! kill -0 $2 2>&-; then
echo "pid $2 for port ${3-} exited before creating ready file. bailing..."
@ -63,19 +63,19 @@ wait_for_readyFile(){
counter=$((counter+ 1))
done
if test -e $1; then
if test -e "$1"; then
echo -e "found ready file, starting client..."
else
echo -e "NO ready file at $1 -- ending test..."
echo -e "NO ready file at \"$1\" -- ending test..."
exit 1
fi
}
remove_single_rF(){
if test -e $1; then
printf '%s\n' "removing ready file: $1"
rm $1
if test -e "$1"; then
printf '%s\n' "removing ready file: \"$1\""
rm "$1"
fi
}
@ -135,13 +135,13 @@ create_new_cnf() {
}
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
printf '%s\n' "removing ready file"
rm $ready_file
rm "$ready_file"
fi
if test -e $ready_file2; then
printf '%s\n' "removing ready file: $ready_file2"
rm $ready_file2
if test -e "$ready_file2"; then
printf '%s\n' "removing ready file: \"$ready_file2\""
rm "$ready_file2"
fi
}
@ -197,10 +197,10 @@ port2=$(get_first_free_port $((port1 + 1)))
# create a port to use with openssl ocsp responder
./examples/server/server -R $ready_file -p $port1 &
./examples/server/server -R "$ready_file" -p $port1 &
wolf_pid=$!
wait_for_readyFile $ready_file $wolf_pid $port1
if [ ! -f $ready_file ]; then
wait_for_readyFile "$ready_file" $wolf_pid $port1
if [ ! -f "$ready_file" ]; then
printf '%s\n' "Failed to create ready file: \"$ready_file\""
exit 1
else
@ -240,10 +240,10 @@ sleep 0.1
printf '%s\n\n' "------------- TEST CASE 1 SHOULD PASS ------------------------"
# client test against our own server - GOOD CERT
./examples/server/server -c certs/ocsp/server1-cert.pem \
-k certs/ocsp/server1-key.pem -R $ready_file2 \
-k certs/ocsp/server1-key.pem -R "$ready_file2" \
-p $port2 &
wolf_pid2=$!
wait_for_readyFile $ready_file2 $wolf_pid2 $port2
wait_for_readyFile "$ready_file2" $wolf_pid2 $port2
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 \
-p $port2
RESULT=$?
@ -252,12 +252,12 @@ printf '%s\n\n' "Test PASSED!"
printf '%s\n\n' "------------- TEST CASE 2 SHOULD REVOKE ----------------------"
# client test against our own server - REVOKED CERT
remove_single_rF $ready_file2
remove_single_rF "$ready_file2"
./examples/server/server -c certs/ocsp/server2-cert.pem \
-k certs/ocsp/server2-key.pem -R $ready_file2 \
-k certs/ocsp/server2-key.pem -R "$ready_file2" \
-p $port2 &
wolf_pid2=$!
wait_for_readyFile $ready_file2 $wolf_pid2 $port2
wait_for_readyFile "$ready_file2" $wolf_pid2 $port2
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 \
-p $port2
RESULT=$?

72
scripts/ocsp-stapling.test
View File

@ -60,7 +60,7 @@ ln -s ../examples
CERT_DIR="./certs/ocsp"
ready_file="$WORKSPACE"/wolf_ocsp_s1_readyF$$
ready_file2="$WORKSPACE"/wolf_ocsp_s1_readyF2$$
printf '%s\n' "ready file: $ready_file"
printf '%s\n' "ready file: \"$ready_file\""
test_cnf="ocsp_s1.cnf"
@ -68,7 +68,7 @@ wait_for_readyFile(){
counter=0
while [ ! -s $1 -a "$counter" -lt 20 ]; do
while [ ! -s "$1" -a "$counter" -lt 20 ]; do
if [[ -n "${2-}" ]]; then
if ! kill -0 $2 2>&-; then
echo "pid $2 for port ${3-} exited before creating ready file. bailing..."
@ -80,19 +80,19 @@ wait_for_readyFile(){
counter=$((counter+ 1))
done
if test -e $1; then
if test -e "$1"; then
echo -e "found ready file, starting client..."
else
echo -e "NO ready file at $1 -- ending test..."
echo -e "NO ready file at \"$1\" -- ending test..."
exit 1
fi
}
remove_single_rF(){
if test -e $1; then
printf '%s\n' "removing ready file: $1"
rm $1
if test -e "$1"; then
printf '%s\n' "removing ready file: \"$1\""
rm "$1"
fi
}
@ -148,17 +148,17 @@ create_new_cnf() {
CURR_LOC="$PWD"
printf '%s\n' "echo now in $CURR_LOC"
./renewcerts-for-test.sh $test_cnf
cd $WORKSPACE
cd "$WORKSPACE"
}
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
printf '%s\n' "removing ready file"
rm $ready_file
rm "$ready_file"
fi
if test -e $ready_file2; then
printf '%s\n' "removing ready file: $ready_file2"
rm $ready_file2
if test -e "$ready_file2"; then
printf '%s\n' "removing ready file: \"$ready_file2\""
rm "$ready_file2"
fi
}
@ -227,11 +227,11 @@ port3=$(get_first_free_port $((port2 + 1)))
# test interop fail case
ready_file=$PWD/wolf_ocsp_readyF$$
printf '%s\n' "ready file: $ready_file"
./examples/server/server -b -p $port1 -o -R $ready_file &
printf '%s\n' "ready file: \"$ready_file\""
./examples/server/server -b -p $port1 -o -R "$ready_file" &
wolf_pid=$!
wait_for_readyFile $ready_file $wolf_pid $port1
if [ ! -f $ready_file ]; then
wait_for_readyFile "$ready_file" $wolf_pid $port1
if [ ! -f "$ready_file" ]; then
printf '%s\n' "Failed to create ready file: \"$ready_file\""
exit 1
else
@ -239,10 +239,10 @@ else
echo "hi" | openssl s_client -status $V4V6_FLAG -connect ${LOCALHOST}:$port1 -cert ./certs/client-cert.pem -key ./certs/client-key.pem -CAfile ./certs/ocsp/root-ca-cert.pem 2>&1 | tee /dev/stderr | fgrep -q 'self signed certificate in certificate chain'
if [ $? -neq 0 ]; then
printf '%s\n' "Expected verification error from s_client is missing."
remove_single_rF $ready_file
remove_single_rF "$ready_file"
exit 1
fi
remove_single_rF $ready_file
remove_single_rF "$ready_file"
wait $wolf_pid
if [ $? -ne 1 ]; then
printf '%s\n' "wolfSSL server unexpected fail value"
@ -252,10 +252,10 @@ fi
# create a port to use with openssl ocsp responder
./examples/server/server -b -p $port2 -R $ready_file &
./examples/server/server -b -p $port2 -R "$ready_file" &
wolf_pid2=$!
wait_for_readyFile $ready_file $wolf_pid2 $port2
if [ ! -f $ready_file ]; then
wait_for_readyFile "$ready_file" $wolf_pid2 $port2
if [ ! -f "$ready_file" ]; then
printf '%s\n' "Failed to create ready file: \"$ready_file\""
exit 1
else
@ -307,10 +307,10 @@ sleep 0.1
printf '%s\n\n' "------------- TEST CASE 1 SHOULD PASS ------------------------"
# client test against our own server - GOOD CERT
./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file2 \
./examples/server/server -c certs/ocsp/server1-cert.pem -R "$ready_file2" \
-k certs/ocsp/server1-key.pem -p $port3 &
wolf_pid3=$!
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -p $port3
RESULT=$?
[ $RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection 1 failed" && exit 1
@ -318,11 +318,11 @@ printf '%s\n\n' "Test PASSED!"
printf '%s\n\n' "------------- TEST CASE 2 SHOULD REVOKE ----------------------"
# client test against our own server - REVOKED CERT
remove_single_rF $ready_file2
./examples/server/server -c certs/ocsp/server2-cert.pem -R $ready_file2 \
remove_single_rF "$ready_file2"
./examples/server/server -c certs/ocsp/server2-cert.pem -R "$ready_file2" \
-k certs/ocsp/server2-key.pem -p $port3 &
wolf_pid3=$!
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
sleep 0.1
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -p $port3
RESULT=$?
@ -335,12 +335,12 @@ printf '%s\n\n' "Test successfully REVOKED!"
if [ $? -ne 0 ]; then
printf '%s\n\n' "------------- TEST CASE 3 SHOULD PASS --------------------"
# client test against our own server - GOOD CERT
remove_single_rF $ready_file2
./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file2 \
remove_single_rF "$ready_file2"
./examples/server/server -c certs/ocsp/server1-cert.pem -R "$ready_file2" \
-k certs/ocsp/server1-key.pem -v 4 \
-p $port3 &
wolf_pid3=$!
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -v 4 -F 1 \
-p $port3
RESULT=$?
@ -349,12 +349,12 @@ if [ $? -ne 0 ]; then
printf '%s\n\n' "------------- TEST CASE 4 SHOULD PASS --------------------"
# client test against our own server, must staple - GOOD CERT
remove_single_rF $ready_file2
./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file2 \
remove_single_rF "$ready_file2"
./examples/server/server -c certs/ocsp/server1-cert.pem -R "$ready_file2" \
-k certs/ocsp/server1-key.pem -v 4 \
-p $port3 &
wolf_pid3=$!
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1m -v 4 -F 1 \
-p $port3
RESULT=$?
@ -363,12 +363,12 @@ if [ $? -ne 0 ]; then
printf '%s\n\n' "------------- TEST CASE 5 SHOULD REVOKE ------------------"
# client test against our own server - REVOKED CERT
remove_single_rF $ready_file2
./examples/server/server -c certs/ocsp/server2-cert.pem -R $ready_file2 \
remove_single_rF "$ready_file2"
./examples/server/server -c certs/ocsp/server2-cert.pem -R "$ready_file2" \
-k certs/ocsp/server2-key.pem -v 4 \
-p $port3 &
wolf_pid3=$!
wait_for_readyFile $ready_file2 $wolf_pid3 $port3
wait_for_readyFile "$ready_file2" $wolf_pid3 $port3
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -v 4 -F 1 \
-p $port3
RESULT=$?

6
scripts/ocsp.test
View File

@ -27,7 +27,7 @@ if [ "$OUTPUT" = "SNI is: ON" ]; then
printf '\n\n%s\n\n' "SNI is on, proceed with globalsign test"
# is our desired server there?
${SCRIPT_DIR}/ping.test $server 2
"${SCRIPT_DIR}/ping.test" $server 2
RESULT=$?
if [ $RESULT -ne 0 ]; then
GL_UNREACHABLE=1
@ -35,7 +35,7 @@ if [ "$OUTPUT" = "SNI is: ON" ]; then
if [ $RESULT -eq 0 ]; then
# client test against the server
./examples/client/client -X -C -h $server -p 443 -A $ca -g -o -N -v d -S $server
./examples/client/client -X -C -h $server -p 443 -A "$ca" -g -o -N -v d -S $server
GL_RESULT=$?
[ $GL_RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection failed"
else
@ -54,7 +54,7 @@ ${SCRIPT_DIR}/ping.test $server 2
RESULT=$?
if [ $RESULT -eq 0 ]; then
# client test against the server
./examples/client/client -X -C -h $server -p 443 -A $ca -g -o -N
./examples/client/client -X -C -h $server -p 443 -A "$ca" -g -o -N
GR_RESULT=$?
[ $GR_RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection failed"
else

42
scripts/openssl.test
View File

@ -161,11 +161,11 @@ start_openssl_server() {
if [ "$cert_file" != "" ]
then
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert \"$cert_file\" -key \"$key_file\" -quiet -CAfile \"$ca_file\" -www -dhparam \"${CERT_DIR}/dh2048.pem\" -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert "$cert_file" -key "$key_file" -quiet -CAfile "$ca_file" -www -dhparam "${CERT_DIR}/dh2048.pem" -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
else
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam \"${CERT_DIR}/dh2048.pem\" -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam "${CERT_DIR}/dh2048.pem" -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
fi
server_pid=$!
# wait to see if s_server successfully starts before continuing
@ -229,8 +229,8 @@ start_wolfssl_server() {
echo -e "\n# Trying to start $wolfssl_suite wolfSSL server on port $server_port..."
echo "#"
echo "# $WOLFSSL_SERVER -p $server_port $wolfssl_cert $wolfssl_key $wolfssl_caCert -g -v d -x -i $psk $crl -l ALL"
$WOLFSSL_SERVER -p $server_port $wolfssl_cert $wolfssl_key $wolfssl_caCert -g -v d -x -i $psk $crl -l ALL &
echo "# $WOLFSSL_SERVER -p $server_port "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" -g -v d -x -i $psk $crl -l ALL"
$WOLFSSL_SERVER -p $server_port "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" -g -v d -x -i $psk $crl -l ALL &
server_pid=$!
# wait to see if server successfully starts before continuing
sleep 0.1
@ -316,13 +316,13 @@ do_wolfssl_client() {
if [ "$version" != "5" -a "$version" != "" ]
then
echo "#"
echo "# $WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite -v $version $psk $adh $wolfssl_cert $wolfssl_key $wolfssl_caCert $crl"
$WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite -v $version $psk $adh $wolfssl_cert $wolfssl_key $wolfssl_caCert $crl
echo "# $WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite -v $version $psk $adh "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" $crl"
$WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite -v $version $psk $adh "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" $crl
else
echo "#"
echo "# $WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite $psk $adh $wolfssl_cert $wolfssl_key $wolfssl_caCert $crl"
echo "# $WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite $psk $adh "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" $crl"
# do all versions
$WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite $psk $adh $wolfssl_cert $wolfssl_key $wolfssl_caCert $crl
$WOLFSSL_CLIENT -p $port -g $wolfssl_resume -l $wolfSuite $psk $adh "$wolfssl_cert" "$wolfssl_key" "$wolfssl_caCert" $crl
fi
client_result=$?
@ -370,12 +370,12 @@ do_openssl_client() {
if [ "$tls13_cipher" = "" ]
then
echo "#"
echo "# $OPENSSL s_client -connect localhost:$port -reconnect -cipher $cmpSuite $openssl_version $openssl_psk $openssl_cert1 $openssl_cert2 $openssl_key1 $openssl_key2 $openssl_caCert1 $openssl_caCert2"
echo "Hello" | eval "$OPENSSL s_client -connect localhost:$port -reconnect -cipher $cmpSuite $openssl_version $openssl_psk $openssl_cert1 $openssl_cert2 $openssl_key1 $openssl_key2 $openssl_caCert1 $openssl_caCert2"
echo "# $OPENSSL s_client -connect localhost:$port -reconnect -cipher $cmpSuite $openssl_version $openssl_psk $openssl_cert1 \"$openssl_cert2\" $openssl_key1 \"$openssl_key2\" $openssl_caCert1 \"$openssl_caCert2\""
echo "Hello" | eval "$OPENSSL s_client -connect localhost:$port -reconnect -cipher $cmpSuite $openssl_version $openssl_psk $openssl_cert1 \"$openssl_cert2\" $openssl_key1 \"$openssl_key2\" $openssl_caCert1 \"$openssl_caCert2\""
else
echo "#"
echo "# $OPENSSL s_client -connect localhost:$port -reconnect -ciphersuites=$cmpSuite $openssl_version $openssl_psk $openssl_cert1 $openssl_cert2 $openssl_key1 $openssl_key2 $openssl_caCert1 $openssl_caCert2"
echo "Hello" | eval "$OPENSSL s_client -connect localhost:$port -reconnect -ciphersuites=$cmpSuite $openssl_version $openssl_psk $openssl_cert1 $openssl_cert2 $openssl_key1 $openssl_key2 $openssl_caCert1 $openssl_caCert2"
echo "# $OPENSSL s_client -connect localhost:$port -reconnect -ciphersuites=$cmpSuite $openssl_version $openssl_psk $openssl_cert1 \"$openssl_cert2\" $openssl_key1 \"$openssl_key2\" $openssl_caCert1 \"$openssl_caCert2\""
echo "Hello" | eval "$OPENSSL s_client -connect localhost:$port -reconnect -ciphersuites=$cmpSuite $openssl_version $openssl_psk $openssl_cert1 \"$openssl_cert2\" $openssl_key1 \"$openssl_key2\" $openssl_caCert1 \"$openssl_caCert2\""
fi
client_result=$?
@ -407,7 +407,7 @@ command -v $OPENSSL >/dev/null 2>&1 || { echo >&2 "Requires openssl command, but
echo -e "\nTesting for _build directory as part of distcheck, different paths"
currentDir=`pwd`
if [ $currentDir = *"_build" ]
if [ "$currentDir" = *"_build" ]
then
echo -e "_build directory detected, moving a directory back"
cd ..
@ -479,7 +479,7 @@ esac
if [ "$wolf_certs" != "" ]
then
# Check if ECC certificates supported in wolfSSL
wolf_ecc=`$WOLFSSL_CLIENT -A ${CERT_DIR}/ed25519/ca-ecc-cert.pem 2>&1`
wolf_ecc=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed25519/ca-ecc-cert.pem" 2>&1`
case $wolf_ecc in
*"ca file"*)
wolf_ecc=""
@ -488,7 +488,7 @@ then
;;
esac
# Check if Ed25519 certificates supported in wolfSSL
wolf_ed25519=`$WOLFSSL_CLIENT -A ${CERT_DIR}/ed25519/root-ed25519.pem 2>&1`
wolf_ed25519=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed25519/root-ed25519.pem" 2>&1`
case $wolf_ed25519 in
*"ca file"*)
wolf_ed25519=""
@ -497,7 +497,7 @@ then
;;
esac
# Check if Ed25519 certificates supported in OpenSSL
openssl_ed25519=`$OPENSSL s_client -cert ${CERT_DIR}/ed25519/client-ed25519.pem -key ${CERT_DIR}/ed25519/client-ed25519-priv.pem 2>&1`
openssl_ed25519=`$OPENSSL s_client -cert "${CERT_DIR}/ed25519/client-ed25519.pem" -key "${CERT_DIR}/ed25519/client-ed25519-priv.pem" 2>&1`
case $openssl_ed25519 in
*"unable to load"*)
wolf_ed25519=""
@ -506,7 +506,7 @@ then
;;
esac
# Check if Ed448 certificates supported in wolfSSL
wolf_ed448=`$WOLFSSL_CLIENT -A ${CERT_DIR}/ed448/root-ed448.pem 2>&1`
wolf_ed448=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed448/root-ed448.pem" 2>&1`
case $wolf_ed448 in
*"ca file"*)
wolf_ed448=""
@ -515,7 +515,7 @@ then
;;
esac
# Check if Ed448 certificates supported in OpenSSL
openssl_ed448=`$OPENSSL s_client -cert ${CERT_DIR}/ed448/client-ed448.pem -key ${CERT_DIR}/ed448/client-ed448-priv.pem 2>&1`
openssl_ed448=`$OPENSSL s_client -cert "${CERT_DIR}/ed448/client-ed448.pem" -key "${CERT_DIR}/ed448/client-ed448-priv.pem" 2>&1`
case $openssl_ed448 in
*"unable to load"*)
wolf_ed448=""
@ -757,7 +757,7 @@ do
# double check that can actually do a sslv3 connection using
# client-cert.pem to send but any file with EOF works
$OPENSSL s_client -ssl3 -no_ign_eof -host localhost -port $openssl_port < ${CERT_DIR}/client-cert.pem
$OPENSSL s_client -ssl3 -no_ign_eof -host localhost -port $openssl_port < "${CERT_DIR}/client-cert.pem"
sslv3_sup=$?
if [ $sslv3_sup != 0 ]
then

12
scripts/pkcallbacks.test
View File

@ -27,9 +27,9 @@ server_pid=$no_pid
ready_file=`pwd`/wolfssl_pk_ready$$
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "removing existing ready file"
rm $ready_file
rm "$ready_file"
fi
}
@ -79,16 +79,16 @@ run_test() {
# starts the server on pk_port, -R generates ready file to be used as a
# mutex lock, -P does pkcallbacks. We capture the processid
# into the variable server_pid
./examples/server/server -P -R $ready_file -p $pk_port &
./examples/server/server -P -R "$ready_file" -p $pk_port &
server_pid=$!
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
echo -e "waiting for ready file..."
sleep 0.1
counter=$((counter+ 1))
done
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "found ready file, starting client..."
else
echo -e "NO ready file ending test..."
@ -99,7 +99,7 @@ run_test() {
sleep 0.1
# get created port 0 ephemeral port
pk_port=`cat $ready_file`
pk_port=`cat "$ready_file"`
# starts client on pk_port with pkcallbacks, captures the output from client
capture_out=$(./examples/client/client -P -p $pk_port 2>&1)

20
scripts/psk.test
View File

@ -25,23 +25,23 @@ counter=0
# per source tree
ready_file=`pwd`/wolfssl_psk_ready$$
echo "ready file $ready_file"
echo "ready file \"$ready_file\""
create_port() {
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
echo -e "waiting for ready file..."
sleep 0.1
counter=$((counter+ 1))
done
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "found ready file, starting client..."
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
sleep 0.1
# get created port 0 ephemeral port
port=`cat $ready_file`
port=`cat "$ready_file"`
else
echo -e "NO ready file ending test..."
do_cleanup
@ -49,9 +49,9 @@ create_port() {
}
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "removing existing ready file"
rm $ready_file
rm "$ready_file"
fi
}
@ -87,7 +87,7 @@ fi
# Usual psk server / psk client. This use case is tested in
# tests/unit.test and is used here for just checking if PSK is enabled
port=0
./examples/server/server -s -R $ready_file -p $port &
./examples/server/server -s -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -s -p $port
@ -110,7 +110,7 @@ if [ $? -ne 0 ]; then
# tests/unit.test and is used here for just checking if cipher suite
# is available (one case for example is with disable-asn)
port=0
./examples/server/server -R $ready_file -p $port -l DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA &
./examples/server/server -R "$ready_file" -p $port -l DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA &
server_pid=$!
create_port
./examples/client/client -p $port
@ -126,7 +126,7 @@ if [ $? -ne 0 ]; then
# psk server with non psk client
port=0
./examples/server/server -j -R $ready_file -p $port &
./examples/server/server -j -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -p $port
@ -142,7 +142,7 @@ if [ $? -ne 0 ]; then
# check fail if no auth, psk server with non psk client
echo "Checking fail when not sending peer cert"
port=0
./examples/server/server -j -R $ready_file -p $port &
./examples/server/server -j -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -x -p $port

12
scripts/resume.test
View File

@ -29,9 +29,9 @@ ready_file=`pwd`/wolfssl_resume_ready$$
echo "ready file $ready_file"
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "removing existing ready file"
rm $ready_file
rm "$ready_file"
fi
}
@ -69,16 +69,16 @@ do_test() {
esac
remove_ready_file
./examples/server/server -r -R $ready_file -p $resume_port &
./examples/server/server -r -R "$ready_file" -p $resume_port &
server_pid=$!
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
echo -e "waiting for ready file..."
sleep 0.1
counter=$((counter+ 1))
done
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "found ready file, starting client..."
else
echo -e "NO ready file ending test..."
@ -90,7 +90,7 @@ do_test() {
sleep 0.1
# get created port 0 ephemeral port
resume_port=`cat $ready_file`
resume_port=`cat "$ready_file"`
capture_out=$(./examples/client/client $1 -r -p $resume_port 2>&1)
client_result=$?

60
scripts/tls13.test
View File

@ -30,10 +30,10 @@ server_out_file=`pwd`/wolfssl_tls13_server_out$$
# Client output
client_out_file=`pwd`/wolfssl_tls13_client_out$$
echo "ready file $ready_file"
echo "ready file "$ready_file""
create_port() {
while [ ! -s $ready_file ]; do
while [ ! -s "$ready_file" ]; do
if [ "$counter" -gt 50 ]; then
break
fi
@ -42,14 +42,14 @@ create_port() {
counter=$((counter+ 1))
done
if [ -e $ready_file ]; then
if [ -e "$ready_file" ]; then
echo -e "found ready file, starting client..."
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
sleep 0.1
# get created port 0 ephemeral port
port=`cat $ready_file`
port=`cat "$ready_file"`
else
echo -e "NO ready file ending test..."
do_cleanup
@ -57,9 +57,9 @@ create_port() {
}
remove_ready_file() {
if [ -e $ready_file ]; then
if [ -e "$ready_file" ]; then
echo -e "removing existing ready file"
rm $ready_file
rm "$ready_file"
fi
}
@ -73,17 +73,17 @@ do_cleanup() {
server_pid=$no_pid
fi
remove_ready_file
if [ -e $client_file ]; then
if [ -e "$client_file" ]; then
echo -e "removing existing client file"
rm $client_file
rm "$client_file"
fi
if [ -e $server_out_file ]; then
if [ -e "$server_out_file" ]; then
echo -e "removing existing server output file"
rm $server_out_file
rm "$server_out_file"
fi
if [ -e $client_out_file ]; then
if [ -e "$client_out_file" ]; then
echo -e "removing existing client output file"
rm $client_out_file
rm "$client_out_file"
fi
}
@ -108,10 +108,10 @@ fi
# Usual TLS v1.3 server / TLS v1.3 client.
echo -e "\n\nTLS v1.3 server with TLS v1.3 client"
port=0
./examples/server/server -v 4 -R $ready_file -p $port &
./examples/server/server -v 4 -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port | tee $client_file
./examples/client/client -v 4 -p $port | tee "$client_file"
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
@ -124,7 +124,7 @@ echo ""
# TLS 1.3 cipher suites server / client.
echo -e "\n\nTLS v1.3 cipher suite mismatch"
port=0
./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-CHACHA20-POLY1305-SHA256 &
./examples/server/server -v 4 -R "$ready_file" -p $port -l TLS13-CHACHA20-POLY1305-SHA256 &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port -l TLS13-AES256-GCM-SHA384
@ -146,7 +146,7 @@ if [ $NO_CERTS -ne 0 -a $NO_CLIENT_AUTH -ne 0 ]; then
# TLS 1.3 mutual auth required but client doesn't send certificates.
echo -e "\n\nTLS v1.3 mutual auth fail"
port=0
./examples/server/server -v 4 -F -R $ready_file -p $port &
./examples/server/server -v 4 -F -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -x -p $port
@ -167,7 +167,7 @@ if [ $? -ne 0 ]; then
# TLS 1.3 server / TLS 1.2 client.
echo -e "\n\nTLS v1.3 server downgrading to TLS v1.2"
port=0
./examples/server/server -v 4 -R $ready_file -p $port &
./examples/server/server -v 4 -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -v 3 -p $port
@ -184,7 +184,7 @@ if [ $? -ne 0 ]; then
# TLS 1.2 server / TLS 1.3 client.
echo -e "\n\nTLS v1.3 client upgrading server to TLS v1.3"
port=0
./examples/server/server -v 3 -R $ready_file -p $port &
./examples/server/server -v 3 -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port
@ -215,7 +215,7 @@ if [ $? -ne 0 ]; then
port=0
SERVER_CS="TLS13-AES256-GCM-SHA384:$TLS12_CS"
CLIENT_CS="TLS13-AES128-GCM-SHA256:$TLS12_CS"
./examples/server/server -v d -l $SERVER_CS -R $ready_file -p $port &
./examples/server/server -v d -l $SERVER_CS -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -v d -l $CLIENT_CS -p $port
@ -246,17 +246,17 @@ fi
if [ "$early_data" = "yes" ]; then
echo -e "\n\nTLS v1.3 Early Data - session ticket"
port=0
(./examples/server/server -v 4 -r -0 -R $ready_file -p $port 2>&1 | \
tee $server_out_file) &
(./examples/server/server -v 4 -r -0 -R "$ready_file" -p $port 2>&1 | \
tee "$server_out_file") &
server_pid=$!
create_port
./examples/client/client -v 4 -r -0 -p $port 2>&1 >$client_out_file
./examples/client/client -v 4 -r -0 -p $port 2>&1 >"$client_out_file"
RESULT=$?
cat $client_out_file
cat "$client_out_file"
remove_ready_file
grep 'Session Ticket' $client_out_file
grep 'Session Ticket' "$client_out_file"
session_ticket=$?
early_data_cnt=`grep 'Early Data' $server_out_file | wc -l`
early_data_cnt=`grep 'Early Data' "$server_out_file" | wc -l`
if [ $session_ticket -eq 0 -a $early_data_cnt -ne 4 ]; then
RESULT=1
fi
@ -272,8 +272,8 @@ fi
if [ "$early_data" = "yes" -a "$psk" = "yes" ]; then
echo -e "\n\nTLS v1.3 Early Data - PSK"
port=0
(./examples/server/server -v 4 -s -0 -R $ready_file -p $port 2>&1 | \
tee $server_out_file) &
(./examples/server/server -v 4 -s -0 -R "$ready_file" -p $port 2>&1 | \
tee "$server_out_file") &
server_pid=$!
create_port
./examples/client/client -v 4 -s -0 -p $port
@ -283,14 +283,14 @@ if [ "$early_data" = "yes" -a "$psk" = "yes" ]; then
# wait for the server to quit and write output
wait $server_pid
early_data_cnt=`grep 'Early Data' $server_out_file | wc -l`
early_data_cnt=`grep 'Early Data' "$server_out_file" | wc -l`
if [ $early_data_cnt -ne 3 -a $early_data_cnt -ne 5 ]; then
echo
echo "Server out file"
cat $server_out_file
cat "$server_out_file"
echo
echo "Found lines"
grep 'Early Data' $server_out_file
grep 'Early Data' "$server_out_file"
echo -e "\n\nToo few 'Early Data' lines - $early_data_cnt"
RESULT=1
fi

62
scripts/trusted_peer.test
View File

@ -1,4 +1,4 @@
#!/bin/sh
#!/bin/bash
# trusted_peer.test
# copyright wolfSSL 2016
@ -36,23 +36,23 @@ combined_cert=`pwd`/certs/client_combined.pem
wrong_ca=`pwd`/certs/wolfssl-website-ca.pem
wrong_cert=`pwd`/certs/server-revoked-cert.pem
echo "ready file $ready_file"
echo "ready file \"$ready_file\""
create_port() {
while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
echo -e "waiting for ready file..."
sleep 0.1
counter=$((counter+ 1))
done
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "found ready file, starting client..."
# sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
sleep 0.1
# get created port 0 ephemeral port
port=`cat $ready_file`
port=`cat "$ready_file"`
else
echo -e "NO ready file ending test..."
do_cleanup
@ -60,9 +60,9 @@ create_port() {
}
remove_ready_file() {
if test -e $ready_file; then
if test -e "$ready_file"; then
echo -e "removing existing ready file"
rm $ready_file
rm "$ready_file"
fi
}
@ -89,7 +89,7 @@ trap do_trap INT TERM
# Look for if RSA and/or ECC is enabled and adjust certs/keys
ciphers=`./examples/client/client -e`
if [[ $ciphers != *"RSA"* ]]; then
if [[ "$ciphers" != *"RSA"* ]]; then
if [[ $ciphers == *"ECDSA"* ]]; then
client_cert=`pwd`/certs/client-ecc-cert.pem
client_ca=`pwd`/certs/server-ecc.pem
@ -107,7 +107,7 @@ fi
# CRL list not set up for tests
crl_test=`./examples/client/client -h`
if [[ $crl_test == *"-C "* ]]; then
if [[ "$crl_test" == *"-C "* ]]; then
echo "test not set up to run with CRL"
exit 0
fi
@ -118,10 +118,10 @@ echo "Checking built with trusted peer certs "
echo "-----------------------------------------------------"
port=0
remove_ready_file
./examples/server/server -E $client_cert -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -E "$client_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $client_ca -p $port
./examples/client/client -A "$client_ca" -p $port
RESULT=$?
remove_ready_file
# if fail here then is a settings issue so return 0
@ -136,10 +136,10 @@ echo ""
echo "Server and Client relying on trusted peer cert loaded"
echo "-----------------------------------------------------"
port=0
./examples/server/server -A $wrong_ca -E $client_cert -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -A "$wrong_ca" -E "$client_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $wrong_ca -E $server_cert -c $client_cert -p $port
./examples/client/client -A "$wrong_ca" -E "$server_cert" -c "$client_cert" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
@ -153,10 +153,10 @@ echo ""
echo "Server relying on trusted peer cert loaded"
echo "-----------------------------------------------------"
port=0
./examples/server/server -A $wrong_ca -E $client_cert -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -A "$wrong_ca" -E "$client_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $client_ca -c $client_cert -p $port
./examples/client/client -A "$client_ca" -c "$client_cert" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
@ -170,10 +170,10 @@ echo ""
echo "Client relying on trusted peer cert loaded"
echo "-----------------------------------------------------"
port=0
./examples/server/server -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $wrong_ca -E $server_cert -p $port
./examples/client/client -A "$wrong_ca" -E "$server_cert" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
@ -187,10 +187,10 @@ echo ""
echo "Client fall through to loaded CAs"
echo "-----------------------------------------------------"
port=0
./examples/server/server -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $client_ca -E $wrong_cert -p $port
./examples/client/client -A "$client_ca" -E "$wrong_cert" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
@ -206,10 +206,10 @@ if [[ $wrong_ca != *"ecc"* ]]; then
echo "Client wrong CA and wrong trusted peer cert loaded"
echo "-----------------------------------------------------"
port=0
./examples/server/server -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $wrong_ca -E $wrong_cert -p $port
./examples/client/client -A "$wrong_ca" -E "$wrong_cert" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -eq 0 ]; then
@ -224,10 +224,10 @@ fi
echo "Server wrong CA and wrong trusted peer cert loaded"
echo "-----------------------------------------------------"
port=0
./examples/server/server -A $wrong_ca -E $wrong_cert -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -A "$wrong_ca" -E "$wrong_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $client_ca -p $port
./examples/client/client -A "$client_ca" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -eq 0 ]; then
@ -241,10 +241,10 @@ echo ""
echo "Server fall through to loaded CAs"
echo "-----------------------------------------------------"
port=0
./examples/server/server -E $wrong_cert -c $server_cert -k $server_key -R $ready_file -p $port &
./examples/server/server -E "$wrong_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $client_ca -p $port
./examples/client/client -A "$client_ca" -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
@ -259,25 +259,25 @@ echo "Server loading multiple trusted peer certs"
echo "Test two success cases and one fail case"
echo "-----------------------------------------------------"
port=0
cat $client_cert $client_ca > $combined_cert
./examples/server/server -i -A $wrong_ca -E $combined_cert -c $server_cert -k $server_key -R $ready_file -p $port &
cat "$client_cert" "$client_ca" > "$combined_cert"
./examples/server/server -i -A "$wrong_ca" -E "$combined_cert" -c "$server_cert" -k "$server_key" -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -A $client_ca -c $client_cert -k $client_key -p $port
./examples/client/client -A "$client_ca" -c "$client_cert" -k "$client_key" -p $port
RESULT=$?
if [ $RESULT -ne 0 ]; then
echo -e "\nServer load multiple trusted peer certs failed!"
do_cleanup
exit 1
fi
./examples/client/client -A $client_ca -c $client_ca -k $ca_key -p $port
./examples/client/client -A "$client_ca" -c "$client_ca" -k "$ca_key" -p $port
RESULT=$?
if [ $RESULT -ne 0 ]; then
echo -e "\nServer load multiple trusted peer certs failed!"
do_cleanup
exit 1
fi
./examples/client/client -A $client_ca -c $wrong_cert -k $client_key -p $port
./examples/client/client -A "$client_ca" -c "$wrong_cert" -k "$client_key" -p $port
RESULT=$?
if [ $RESULT -eq 0 ]; then
echo -e "\nServer load multiple trusted peer certs failed!"
@ -286,7 +286,7 @@ if [ $RESULT -eq 0 ]; then
fi
do_cleanup # kill PID of server running in infinite loop
rm $combined_cert
rm "$combined_cert"
remove_ready_file
echo ""