diff options
author | Daiki Ueno <dueno@redhat.com> | 2017-11-14 18:45:23 +0100 |
---|---|---|
committer | Daiki Ueno <dueno@redhat.com> | 2017-11-14 18:45:23 +0100 |
commit | d2055d22f16172f329e9204b80584e9c2b87d5f3 (patch) | |
tree | 431bfb59e227bab82ab15d4f74adb818fc7bab41 /tests/ssl | |
parent | 7258806839ab32a9ffe634ae70645205605663bf (diff) | |
download | nss-hg-d2055d22f16172f329e9204b80584e9c2b87d5f3.tar.gz |
Bug 1416730, Backed out changeset 6039a5e4ab01 because of test failures
Diffstat (limited to 'tests/ssl')
-rwxr-xr-x | tests/ssl/ssl.sh | 61 |
1 files changed, 5 insertions, 56 deletions
diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh index 580fe16e0..4f5bb55bf 100755 --- a/tests/ssl/ssl.sh +++ b/tests/ssl/ssl.sh @@ -682,8 +682,7 @@ ssl_crl_ssl() setup_policy() { policy="$1" - outdir="$2" - OUTFILE="${outdir}/pkcs11.txt" + OUTFILE=${P_R_CLIENTDIR}/pkcs11.txt cat > "$OUTFILE" << ++EOF++ library= name=NSS Internal PKCS #11 Module @@ -699,7 +698,7 @@ NSS=trustOrder=100 ++EOF++ echo "******************************Testing with: " - cat "$OUTFILE" + cat ${P_R_CLIENTDIR}/pkcs11.txt echo "******************************" } @@ -746,7 +745,7 @@ ssl_policy() # load the policy policy=`echo ${policy} | sed -e 's;_; ;g'` - setup_policy "$policy" ${P_R_CLIENTDIR} + setup_policy "$policy" echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\" echo " -f -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE}" @@ -800,7 +799,7 @@ ssl_policy_listsuites() cp ${P_R_CLIENTDIR}/pkcs11.txt ${P_R_CLIENTDIR}/pkcs11.txt.sav # Disallow all explicitly - setup_policy "disallow=all" ${P_R_CLIENTDIR} + setup_policy "disallow=all" RET_EXP=1 list_enabled_suites | grep '^TLS_' RET=$? @@ -808,7 +807,7 @@ ssl_policy_listsuites() "produced a returncode of $RET, expected is $RET_EXP" # Disallow RSA in key exchange explicitly - setup_policy "disallow=rsa/ssl-key-exchange" ${P_R_CLIENTDIR} + setup_policy "disallow=rsa/ssl-key-exchange" RET_EXP=1 list_enabled_suites | grep '^TLS_RSA_' RET=$? @@ -820,55 +819,6 @@ ssl_policy_listsuites() html "</TABLE><BR>" } -############################## ssl_policy_selfserv ##################### -# local shell function to perform SSL Policy tests, using selfserv -######################################################################## -ssl_policy_selfserv() -{ - #verbose="-v" - html_head "SSL POLICY SELFSERV $NORM_EXT - server $SERVER_MODE/client $CLIENT_MODE" - - testname="" - sparam="$CIPHER_SUITES" - - if [ ! -f "${P_R_SERVERDIR}/pkcs11.txt" ] ; then - html_failed "${SCRIPTNAME}: ${P_R_SERVERDIR} is not initialized" - return 1; - fi - - echo "Saving pkcs11.txt" - cp ${P_R_SERVERDIR}/pkcs11.txt ${P_R_SERVERDIR}/pkcs11.txt.sav - - # Disallow RSA in key exchange explicitly - setup_policy "disallow=rsa/ssl-key-exchange" ${P_R_SERVERDIR} - - start_selfserv # Launch the server - - VMIN="ssl3" - VMAX="tls1.2" - - # Try to connect to the server with a ciphersuite using RSA in key exchange - echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c d -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\" - echo " -f -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE}" - - rm ${TMP}/$HOST.tmp.$$ 2>/dev/null - RET_EXP=254 - ${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c d -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \ - -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE} \ - >${TMP}/$HOST.tmp.$$ 2>&1 - RET=$? - cat ${TMP}/$HOST.tmp.$$ - rm ${TMP}/$HOST.tmp.$$ 2>/dev/null - - html_msg $RET $RET_EXP "${testname}" \ - "produced a returncode of $RET, expected is $RET_EXP" - - cp ${P_R_SERVERDIR}/pkcs11.txt.sav ${P_R_SERVERDIR}/pkcs11.txt - - kill_selfserv - html "</TABLE><BR>" -} - ############################# is_revoked ############################### # local shell function to check if certificate is revoked ######################################################################## @@ -1256,7 +1206,6 @@ ssl_run_tests() "policy") if [ "${TEST_MODE}" = "SHARED_DB" ] ; then ssl_policy_listsuites - ssl_policy_selfserv ssl_policy fi ;; |