diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-07-26 12:40:54 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-07-27 14:13:26 +0200 |
commit | d3467fb4c85029a91fa28ab17017f76f925cb7d0 (patch) | |
tree | f23646c251c5574c049150bc60608e392bf7785b | |
parent | 1d40fa6e774d0748cc4c0717b2f66a64a2cbc31a (diff) | |
download | gnutls-d3467fb4c85029a91fa28ab17017f76f925cb7d0.tar.gz |
tests: run tls-fuzzer PSK testsuite
Resolves #508
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | tests/suite/Makefile.am | 2 | ||||
-rw-r--r-- | tests/suite/tls-fuzzer/gnutls-psk.json | 18 | ||||
-rwxr-xr-x | tests/suite/tls-fuzzer/tls-fuzzer-psk.sh | 69 |
3 files changed, 88 insertions, 1 deletions
diff --git a/tests/suite/Makefile.am b/tests/suite/Makefile.am index fdc878bf73..9778538000 100644 --- a/tests/suite/Makefile.am +++ b/tests/suite/Makefile.am @@ -92,7 +92,7 @@ scripts_to_test = chain.sh \ testrng.sh testcompat-polarssl.sh testcompat-openssl.sh \ testrandom.sh tls-fuzzer/tls-fuzzer-nocert.sh \ tls-fuzzer/tls-fuzzer-cert.sh tls-fuzzer/tls-fuzzer-alpn.sh \ - tls-fuzzer/tls-fuzzer-nocert-tls13.sh + tls-fuzzer/tls-fuzzer-nocert-tls13.sh tls-fuzzer/tls-fuzzer-psk.sh TESTS_ENVIRONMENT = EXEEXT=$(EXEEXT) \ LC_ALL="C" \ diff --git a/tests/suite/tls-fuzzer/gnutls-psk.json b/tests/suite/tls-fuzzer/gnutls-psk.json new file mode 100644 index 0000000000..e23eb8fa23 --- /dev/null +++ b/tests/suite/tls-fuzzer/gnutls-psk.json @@ -0,0 +1,18 @@ +[ + {"server_command": ["@SERVER@", "--http", + "--debug=3", + "--pskpasswd", "@PSKFILE@", + "--priority=@PRIORITY@", + "--port=@PORT@"], + "server_hostname": "localhost", + "server_port": @PORT@, + "tests" : [ + {"name" : "test-tls13-psk_ke.py", + "arguments" : ["-p", "@PORT@", "--psk", "@PSKKEY@", + "--psk-iden", "@PSKID@"]}, + {"name" : "test-tls13-psk_dhe_ke.py", + "arguments" : ["-p", "@PORT@", "--psk", "@PSKKEY@", + "--psk-iden", "@PSKID@"]} + ] + } +] diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-psk.sh b/tests/suite/tls-fuzzer/tls-fuzzer-psk.sh new file mode 100755 index 0000000000..096e5ed1f2 --- /dev/null +++ b/tests/suite/tls-fuzzer/tls-fuzzer-psk.sh @@ -0,0 +1,69 @@ +#!/bin/bash + +# Copyright (C) 2016-2018 Red Hat, Inc. +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +srcdir="${srcdir:-.}" +SERV="../../../../src/gnutls-serv${EXEEXT}" +CLI="../../../../src/gnutls-cli${EXEEXT}" + +OUTFILE=tls-fuzzer.debug.log +TMPFILE=tls-fuzzer.$$.tmp +PSKFILE=tls-fuzzer.psk.$$.tmp + +. "${srcdir}/../scripts/common.sh" + +eval "${GETPORT}" + +pushd tls-fuzzer + +if ! test -d tlsfuzzer;then + exit 77 +fi + +rm -f "$OUTFILE" + +pushd tlsfuzzer +test -L ecdsa || ln -s ../python-ecdsa/src/ecdsa ecdsa +test -L tlslite || ln -s ../tlslite-ng/tlslite tlslite 2>/dev/null + +wait_for_free_port $PORT + +retval=0 + +PRIORITY="NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:-KX-ALL:+DHE-PSK:+ECDHE-PSK:+PSK" + +PSKKEY=8a7759b3f26983c453e448060bde8981 +PSKID=test + +sed -e "s|@SERVER@|$SERV|g" -e "s/@PSKKEY@/$PSKKEY/g" -e "s/@PSKID@/$PSKID/g" -e "s/@PSKFILE@/$PSKFILE/g" -e "s/@PORT@/$PORT/g" -e "s/@PRIORITY@/$PRIORITY/g" ../gnutls-psk.json >${TMPFILE} + +cat >${PSKFILE} <<_EOF_ +${PSKID}:${PSKKEY} +_EOF_ + +PYTHONPATH=. python tests/scripts_retention.py ${TMPFILE} ${SERV} +retval=$? + +rm -f ${TMPFILE} +rm -f ${PSKFILE} + +popd +popd + +exit $retval |