diff options
author | Sergei Chernov <sergei.cv@ndivi.com> | 2015-12-08 17:11:24 -0500 |
---|---|---|
committer | Sergei Chernov <sergei.cv@ndivi.com> | 2015-12-08 17:11:24 -0500 |
commit | d38cf7ddfbc3f615f2af916dba06c8e87f2b0c61 (patch) | |
tree | 675ef6045d3ba6b138103c529359fb46f63f8d98 /tests | |
parent | 4aab1ad9f2863caf05e8358a9bbb317abd72116f (diff) | |
download | nss-hg-d38cf7ddfbc3f615f2af916dba06c8e87f2b0c61.tar.gz |
Bug 944175 - Implement Certificate Transparency [part 1, client side]. r=wtc
Diffstat (limited to 'tests')
-rwxr-xr-x | tests/ssl/ssl.sh | 42 |
1 files changed, 41 insertions, 1 deletions
diff --git a/tests/ssl/ssl.sh b/tests/ssl/ssl.sh index 1bfb4b74e..ffa826109 100755 --- a/tests/ssl/ssl.sh +++ b/tests/ssl/ssl.sh @@ -58,7 +58,7 @@ ssl_init() PORT=${PORT-8443} NSS_SSL_TESTS=${NSS_SSL_TESTS:-normal_normal} - nss_ssl_run="stapling cov auth stress" + nss_ssl_run="stapling signed_cert_timestamps cov auth stress" NSS_SSL_RUN=${NSS_SSL_RUN:-$nss_ssl_run} # Test case files @@ -533,6 +533,43 @@ ssl_stapling() html "</TABLE><BR>" } +############################ ssl_signed_cert_timestamps ################# +# local shell function to perform SSL Signed Certificate Timestamp tests +######################################################################### +ssl_signed_cert_timestamps() +{ + html_head "SSL Signed Certificate Timestamps $NORM_EXT - server $SERVER_MODE/client $CLIENT_MODE $ECC_STRING" + + testname="ssl_signed_cert_timestamps" + value=0 + + if [ "$SERVER_MODE" = "fips" -o "$CLIENT_MODE" = "fips" ] ; then + echo "$SCRIPTNAME: skipping $testname (non-FIPS only)" + return 0 + fi + + echo "${testname}" + + start_selfserv + + # Since we don't have server-side support, this test only covers advertising the + # extension in the client hello. + echo "tstclnt -p ${PORT} -h ${HOSTADDR} -f -d ${P_R_CLIENTDIR} -v ${CLIENT_OPTIONS} \\" + echo " -U -V tls1.0: < ${REQUEST_FILE}" + rm ${TMP}/$HOST.tmp.$$ 2>/dev/null + ${PROFTOOL} ${BINDIR}/tstclnt -p ${PORT} -h ${HOSTADDR} -f ${CLIENT_OPTIONS} \ + -d ${P_R_CLIENTDIR} -v -U -V tls1.0: < ${REQUEST_FILE} \ + >${TMP}/$HOST.tmp.$$ 2>&1 + ret=$? + cat ${TMP}/$HOST.tmp.$$ + rm ${TMP}/$HOST.tmp.$$ 2>/dev/null + + html_msg $ret $value "${testname}" \ + "produced a returncode of $ret, expected is $value" + kill_selfserv + html "</TABLE><BR>" +} + ############################## ssl_stress ############################## # local shell function to perform SSL stress test @@ -933,6 +970,9 @@ ssl_run() "stapling") ssl_stapling ;; + "signed_cert_timestamps") + ssl_signed_cert_timestamps + ;; "cov") ssl_cov ;; |