blob: c02ca187f218a3149ebe8b68203cc25eb0c01dcc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
# $Id$
Description:
This is a simple test for SSLIOP, it sends a file,
line-per-line to the server, using truss we can take a look at the
buffers and verify that they are giberish.
Expected output:
The server prints out the IOR of the object it serves. Later
it prints all the lines sent by the client. The client shouldn't
print out anything, it returns 0 on success.
How to run:
# Setup the environment and add the fake CA to your trusted list:
$ SSL_CERT_FILE=cacert.pem
$ export SSL_CERT_FILE
Now run the simplest test:
# Run the server
$ server -ORBSvcConf server_nopasswd.conf -o test.ior
# Run the client
$ client -ORBSvcConf client_nopasswd.conf -k file://test.ior < myfile
notice that this test uses unsecure private key files. This
could be appropriate if the keys are kept is a very trusted system,
but usually you will want to use a pass phrase protected key:
$ server -ORBSvcConf server.conf -o test.ior
$ client -ORBSvcConf client.conf -k file://test.ior < myfile
In this case both the client and the server ask for the pass
phrase (it is 'test').
======= Testing IIOP interoperability
We also want to verify that the client and server (assuming
"-SSLNoProtection" flag is set in server's `server.conf' file)
can interoperate with regular IIOP servers and clients.
First setup a pure IIOP server:
$ server -o test.ior
$ client -ORBSvcConf client.conf -k file://test.ior < myfile
next a pure IIOP client (assuming "-SSLNoProtection" flag is
set in server's `server.conf' file):
$ server -ORBSvcConf server.conf -o test.ior
$ client -k file://test.ior < myfile
and finally both are pure IIOP:
$ server -o test.ior
$ client -k file://test.ior < certificate.pem
======= Testing failed authentications:
To test failed server authentications we simply run the client
and server as indicated below, but we enter invalid pass phrases in
the client and/or server.
$ server -ORBSvcConf server.conf -o test.ior
$ client -ORBSvcConf client.conf -k file://test.ior < myfile
======= Testing connections without client authentication:
We run the server and client as follows:
$ server -ORBSvcConf server_none.conf -o test.ior
$ client -ORBSvcConf client.conf -k file://test.ior < myfile
|
