diff options
-rw-r--r-- | configure.ac | 1 | ||||
-rw-r--r-- | tests/Makefile.am | 2 | ||||
-rwxr-xr-x | tests/dsa/testdsa | 47 | ||||
-rwxr-xr-x | tests/openpgp-certs/testcerts | 22 | ||||
-rw-r--r-- | tests/scripts/Makefile.am | 23 | ||||
-rw-r--r-- | tests/scripts/common.sh | 26 |
6 files changed, 71 insertions, 50 deletions
diff --git a/configure.ac b/configure.ac index cfea317a65..f7a253f777 100644 --- a/configure.ac +++ b/configure.ac @@ -283,6 +283,7 @@ AC_CONFIG_FILES([ tests/Makefile tests/key-id/Makefile tests/dsa/Makefile + tests/scripts/Makefile tests/openpgp-certs/Makefile tests/safe-renegotiation/Makefile tests/pathlen/Makefile diff --git a/tests/Makefile.am b/tests/Makefile.am index ae6a186b93..2d5e2d4d23 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -21,7 +21,7 @@ # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. SUBDIRS = . rsa-md5-collision pkcs1-padding pkcs8-decode pkcs12-decode \ - userid pathlen key-id sha2 safe-renegotiation dsa + userid pathlen key-id sha2 safe-renegotiation dsa scripts if ENABLE_OPENPGP SUBDIRS += openpgp-certs diff --git a/tests/dsa/testdsa b/tests/dsa/testdsa index 910bf8b167..f0840556f5 100755 --- a/tests/dsa/testdsa +++ b/tests/dsa/testdsa @@ -27,10 +27,7 @@ PORT="${PORT:-5559}" DEBUG="" unset RETCODE -fail() { - echo "Failure: $1" >&2 - exit 1 -} +. ../scripts/common.sh echo "Checking various DSA key sizes" @@ -38,11 +35,8 @@ echo "Checking various DSA key sizes" echo "Checking DSA-1024 with TLS 1.0" -$SERV $DEBUG -p $PORT --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile $srcdir/cert.dsa.1024.pem --x509keyfile $srcdir/dsa.1024.pem >/dev/null 2>&1 & PID=$! -trap "kill $PID" 1 15 2 - -# give the server a chance to initialize -sleep 2 +launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile $srcdir/cert.dsa.1024.pem --x509keyfile $srcdir/dsa.1024.pem >/dev/null 2>&1 & PID=$! +wait_server $PID $CLI $DEBUG -p $PORT 127.0.0.1 --insecure </dev/null >/dev/null || \ fail "Failed connection to a server with DSA 1024 key and TLS 1.0!" @@ -72,11 +66,8 @@ wait echo "Checking DSA-1024 with TLS 1.2" -$SERV $DEBUG -p $PORT --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2" --x509certfile $srcdir/cert.dsa.1024.pem --x509keyfile $srcdir/dsa.1024.pem >/dev/null 2>&1 & PID=$! -trap "kill $PID" 1 15 2 - -# give the server a chance to initialize -sleep 2 +launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2" --x509certfile $srcdir/cert.dsa.1024.pem --x509keyfile $srcdir/dsa.1024.pem >/dev/null 2>&1 & PID=$! +wait_server $PID $CLI $DEBUG -p $PORT 127.0.0.1 --insecure </dev/null >/dev/null || \ fail "Failed connection to a server with DSA 1024 key and TLS 1.2!" @@ -107,11 +98,8 @@ wait echo "Checking DSA-2048 with TLS 1.0" -$SERV $DEBUG -p $PORT --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile $srcdir/cert.dsa.2048.pem --x509keyfile $srcdir/dsa.2048.pem >/dev/null 2>&1 & PID=$! -trap "kill $PID" 1 15 2 - -# give the server a chance to initialize -sleep 2 +launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile $srcdir/cert.dsa.2048.pem --x509keyfile $srcdir/dsa.2048.pem >/dev/null 2>&1 & PID=$! +wait_server $PID $CLI $DEBUG -p $PORT 127.0.0.1 --insecure </dev/null >/dev/null 2>&1 && \ fail "Succeeded connection to a server with DSA 2048 key and TLS 1.0. Should have failed!" @@ -123,11 +111,8 @@ wait echo "Checking DSA-2048 with TLS 1.2" -$SERV $DEBUG -p $PORT --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2" --x509certfile $srcdir/cert.dsa.2048.pem --x509keyfile $srcdir/dsa.2048.pem >/dev/null 2>&1 & PID=$! -trap "kill $PID" 1 15 2 - -# give the server a chance to initialize -sleep 2 +launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2" --x509certfile $srcdir/cert.dsa.2048.pem --x509keyfile $srcdir/dsa.2048.pem >/dev/null 2>&1 & PID=$! +wait_server $PID $CLI $DEBUG -p $PORT 127.0.0.1 --insecure </dev/null >/dev/null || \ fail "Failed connection to a server with DSA 2048 key and TLS 1.2!" @@ -139,11 +124,8 @@ wait echo "Checking DSA-3072 with TLS 1.0" -$SERV $DEBUG -p $PORT --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile $srcdir/cert.dsa.3072.pem --x509keyfile $srcdir/dsa.3072.pem >/dev/null 2>&1 & PID=$! -trap "kill $PID" 1 15 2 - -# give the server a chance to initialize -sleep 2 +launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile $srcdir/cert.dsa.3072.pem --x509keyfile $srcdir/dsa.3072.pem >/dev/null 2>&1 & PID=$! +wait_server $PID $CLI $DEBUG -p $PORT 127.0.0.1 --insecure </dev/null >/dev/null 2>&1 && \ fail "Succeeded connection to a server with DSA 2048 key and TLS 1.0. Should have failed!" @@ -155,11 +137,8 @@ wait echo "Checking DSA-3072 with TLS 1.2" -$SERV $DEBUG -p $PORT --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2" --x509certfile $srcdir/cert.dsa.3072.pem --x509keyfile $srcdir/dsa.3072.pem >/dev/null 2>&1 & PID=$! -trap "kill $PID" 1 15 2 - -# give the server a chance to initialize -sleep 2 +launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2" --x509certfile $srcdir/cert.dsa.3072.pem --x509keyfile $srcdir/dsa.3072.pem >/dev/null 2>&1 & PID=$! +wait_server $PID $CLI $DEBUG -p $PORT 127.0.0.1 --insecure </dev/null >/dev/null || \ fail "Failed connection to a server with DSA 3072 key and TLS 1.2!" diff --git a/tests/openpgp-certs/testcerts b/tests/openpgp-certs/testcerts index b100ac8f38..ad090bd853 100755 --- a/tests/openpgp-certs/testcerts +++ b/tests/openpgp-certs/testcerts @@ -27,18 +27,14 @@ PORT="${PORT:-5557}" DEBUG="" unset RETCODE -fail() { - echo "Failure: $1" >&2 - RETCODE=${RETCODE:-${2:-1}} -} +. ../scripts/common.sh echo "Checking OpenPGP certificate verification" -$SERV -p $PORT --pgpcertfile $srcdir/srv-public-127.0.0.1-signed.gpg --pgpkeyfile $srcdir/srv-secret.gpg >/dev/null 2>&1 & PID=$! -trap "kill $PID" 1 15 2 +launch_server $$ --pgpcertfile $srcdir/srv-public-127.0.0.1-signed.gpg --pgpkeyfile $srcdir/srv-secret.gpg >/dev/null 2>&1 & PID=$! +wait_server $PID # give the server a chance to initialize -sleep 2 #gnutls currently only considers PGP certificates verified only if #all user IDs in the certificate were signed. @@ -55,11 +51,8 @@ $CLI $DEBUG -p $PORT localhost --pgpkeyring $srcdir/ca-public.gpg </dev/null >/d kill $PID wait -$SERV -p $PORT --pgpcertfile $srcdir/srv-public-localhost-signed.gpg --pgpkeyfile $srcdir/srv-secret.gpg >/dev/null 2>&1 & PID=$! -trap "kill $PID" 1 15 2 - -# give the server a chance to initialize -sleep 2 +launch_server $$ --pgpcertfile $srcdir/srv-public-localhost-signed.gpg --pgpkeyfile $srcdir/srv-secret.gpg >/dev/null 2>&1 & PID=$! +wait_server $PID echo | $CLI $DEBUG -p $PORT 127.0.0.1 --pgpkeyring $srcdir/ca-public.gpg </dev/null >/dev/null 2>&1 && \ fail "Connection to unverified IP address should have failed! (error code $?)" $? @@ -74,11 +67,10 @@ $CLI $DEBUG -p $PORT 127.0.0.2 --pgpkeyring $srcdir/ca-public.gpg </dev/null >/d kill $PID wait -$SERV -p $PORT --pgpcertfile $srcdir/srv-public-all-signed.gpg --pgpkeyfile $srcdir/srv-secret.gpg >/dev/null 2>&1 & PID=$! -trap "kill $PID" 1 15 2 +launch_server $$ --pgpcertfile $srcdir/srv-public-all-signed.gpg --pgpkeyfile $srcdir/srv-secret.gpg >/dev/null 2>&1 & PID=$! +wait_server $PID # give the server a chance to initialize -sleep 2 echo | $CLI $DEBUG -p $PORT 127.0.0.1 --pgpkeyring $srcdir/ca-public.gpg </dev/null >/dev/null || \ fail "Connection to signed PGP certificate should have succeeded! (error code $?)" $? diff --git a/tests/scripts/Makefile.am b/tests/scripts/Makefile.am new file mode 100644 index 0000000000..559de27704 --- /dev/null +++ b/tests/scripts/Makefile.am @@ -0,0 +1,23 @@ +## Process this file with automake to produce Makefile.in +# Copyright (C) 2007, 2008, 2010 Free Software Foundation, Inc. +# +# Author: Simon Josefsson +# +# This file is part of GnuTLS. +# +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This file is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this file; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +EXTRA_DIST = common.sh + diff --git a/tests/scripts/common.sh b/tests/scripts/common.sh new file mode 100644 index 0000000000..b9183cf51b --- /dev/null +++ b/tests/scripts/common.sh @@ -0,0 +1,26 @@ +fail() { + echo "Failure: $1" >&2 + exit 1 +} + +launch_server() { + PARENT=$1; + shift; + $SERV $DEBUG -p $PORT $* >/dev/null 2>&1 & + LOCALPID="$!"; + trap "[ ! -z \"${LOCALPID}\" ] && kill ${LOCALPID};" 15 + wait "${LOCALPID}" + LOCALRET="$?" + if [ "${LOCALRET}" != "0" -a "${LOCALRET}" != "143" ] ; then + # Houston, we'v got a problem... + echo "Failed to launch a gnutls-serv server !" + kill -10 ${PARENT} + fi +} + +wait_server() { + trap "kill $1" 1 15 2 + sleep 2 +} + +trap "fail \"Failed to launch a gnutls-serv server, aborting test... \"" 10 |