From 0b64ada685f24b0b30aa99f777f0e815736a4012 Mon Sep 17 00:00:00 2001 From: Alexander Sosedkin Date: Fri, 3 Jul 2020 14:54:17 +0200 Subject: tests: split up system-override-sig-hash.sh Split up system-override-sig-hash.sh so that the errors won't get swallowed or conflated. Also correct unused `srcdir` to `builddir`, which I believe was meant to be set there. Signed-off-by: Alexander Sosedkin --- tests/Makefile.am | 3 ++- tests/system-override-hash.sh | 39 ++++++++++++++++++++++++++++ tests/system-override-sig-hash.sh | 54 --------------------------------------- tests/system-override-sig.sh | 40 +++++++++++++++++++++++++++++ 4 files changed, 81 insertions(+), 55 deletions(-) create mode 100755 tests/system-override-hash.sh delete mode 100755 tests/system-override-sig-hash.sh create mode 100755 tests/system-override-sig.sh diff --git a/tests/Makefile.am b/tests/Makefile.am index 38d691fa3d..b04cb081b4 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -515,7 +515,8 @@ dist_check_SCRIPTS += fastopen.sh pkgconfig.sh starttls.sh starttls-ftp.sh start server-weak-keys.sh if !DISABLE_SYSTEM_CONFIG -dist_check_SCRIPTS += system-override-sig-hash.sh system-override-versions.sh system-override-invalid.sh \ +dist_check_SCRIPTS += system-override-sig.sh system-override-hash.sh \ + system-override-versions.sh system-override-invalid.sh \ system-override-curves.sh system-override-profiles.sh system-override-tls.sh \ system-override-kx.sh system-override-default-priority-string.sh endif diff --git a/tests/system-override-hash.sh b/tests/system-override-hash.sh new file mode 100755 index 0000000000..cb027c2fad --- /dev/null +++ b/tests/system-override-hash.sh @@ -0,0 +1,39 @@ +#!/bin/sh + +# Copyright (C) 2019 Nikos Mavrogiannopoulos +# +# Author: Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +: ${builddir=.} +TMPFILE=c.$$.tmp +export GNUTLS_SYSTEM_PRIORITY_FAIL_ON_INVALID=1 + +cat <<_EOF_ > ${TMPFILE} +[overrides] + +insecure-hash = sha256 +insecure-hash = sha512 +_EOF_ + +export GNUTLS_SYSTEM_PRIORITY_FILE="${TMPFILE}" + +"${builddir}/system-override-hash" +rc=$? +rm ${TMPFILE} +exit $rc diff --git a/tests/system-override-sig-hash.sh b/tests/system-override-sig-hash.sh deleted file mode 100755 index 37980ec584..0000000000 --- a/tests/system-override-sig-hash.sh +++ /dev/null @@ -1,54 +0,0 @@ -#!/bin/sh - -# Copyright (C) 2019 Nikos Mavrogiannopoulos -# -# Author: Nikos Mavrogiannopoulos -# -# This file is part of GnuTLS. -# -# GnuTLS is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by the -# Free Software Foundation; either version 3 of the License, or (at -# your option) any later version. -# -# GnuTLS is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with GnuTLS; if not, write to the Free Software Foundation, -# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - -srcdir="${srcdir:-.}" -TMPFILE=c.$$.tmp -export GNUTLS_SYSTEM_PRIORITY_FAIL_ON_INVALID=1 - -cat <<_EOF_ > ${TMPFILE} -[overrides] - -insecure-hash = sha256 -insecure-hash = sha512 -_EOF_ - -export GNUTLS_SYSTEM_PRIORITY_FILE="${TMPFILE}" - -${builddir}/system-override-hash - -cat <<_EOF_ > ${TMPFILE} -[overrides] - -insecure-sig-for-cert = rsa-sha256 -insecure-sig = rsa-sha512 -insecure-sig = rsa-sha1 -_EOF_ - -export GNUTLS_SYSTEM_PRIORITY_FILE="${TMPFILE}" - -${builddir}/system-override-sig -if test $? != 0;then - echo "Could not parse config file" - exit 1 -fi - -exit 0 diff --git a/tests/system-override-sig.sh b/tests/system-override-sig.sh new file mode 100755 index 0000000000..68bf759048 --- /dev/null +++ b/tests/system-override-sig.sh @@ -0,0 +1,40 @@ +#!/bin/sh + +# Copyright (C) 2019 Nikos Mavrogiannopoulos +# +# Author: Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +: ${builddir=.} +TMPFILE=c.$$.tmp +export GNUTLS_SYSTEM_PRIORITY_FAIL_ON_INVALID=1 + +cat <<_EOF_ > ${TMPFILE} +[overrides] + +insecure-sig-for-cert = rsa-sha256 +insecure-sig = rsa-sha512 +insecure-sig = rsa-sha1 +_EOF_ + +export GNUTLS_SYSTEM_PRIORITY_FILE="${TMPFILE}" + +"${builddir}/system-override-sig" +rc=$? +rm ${TMPFILE} +exit $rc -- cgit v1.2.1