Merge pull request #3953 from JacobBarthelmeh/build-tests
add option to use an engine with openssl test script
This commit is contained in:
Chris Conlon
GitHub
commit
2739759072
@ -2,6 +2,10 @@
|
||||
|
||||
#openssl.test
|
||||
|
||||
# Enviornment variables used:
|
||||
# OPENSSL (openssl app to use)
|
||||
# OPENSSL_ENGINE_ID (engine id if any i.e. "wolfengine")
|
||||
|
||||
CERT_DIR="$PWD/$(dirname "$0")/../certs"
|
||||
|
||||
if ! test -n "$WOLFSSL_OPENSSL_TEST"; then
|
||||
@ -129,17 +133,39 @@ start_openssl_server() {
|
||||
server_port=$port
|
||||
found_free_port=0
|
||||
counter=0
|
||||
|
||||
# If OPENSSL_ENGINE_ID has been set then check that the desired engine can
|
||||
# be loaded successfully and error out if not. Otherwise the OpenSSL app
|
||||
# will fall back to default engine.
|
||||
if [ ! -z "${OPENSSL_ENGINE_ID}" ]; then
|
||||
OUTPUT=`$OPENSSL engine -tt $OPENSSL_ENGINE_ID`
|
||||
if [ $? != 0 ]; then
|
||||
printf "not able to load engine\n"
|
||||
printf "$OPENSSL engine -tt $OPENSSL_ENGINE_ID\n"
|
||||
do_cleanup
|
||||
exit 1
|
||||
else
|
||||
echo $OUTPUT | grep "available"
|
||||
if [ $? != 0 ]; then
|
||||
printf "engine not available\n"
|
||||
do_cleanup
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
OPENSSL_ENGINE_ID="-engine ${OPENSSL_ENGINE_ID}"
|
||||
fi
|
||||
|
||||
while [ "$counter" -lt 20 ]; do
|
||||
echo -e "\n# Trying to start $openssl_suite OpenSSL server on port $server_port..."
|
||||
echo "#"
|
||||
|
||||
if [ "$cert_file" != "" ]
|
||||
then
|
||||
echo "# " $OPENSSL s_server -accept $server_port -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
|
||||
$OPENSSL s_server -accept $server_port -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
|
||||
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
|
||||
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
|
||||
else
|
||||
echo "# " $OPENSSL s_server -accept $server_port -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
|
||||
$OPENSSL s_server -accept $server_port -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
|
||||
echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
|
||||
$OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
|
||||
fi
|
||||
server_pid=$!
|
||||
# wait to see if s_server successfully starts before continuing
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user