More expansive testing

2025-05-07 17:42:10 +00:00 · 2012-11-23 14:25:34 +01:00 · 2012-11-23 14:25:34 +01:00 · 1eeceaeac8
parent 78ce507988
commit 1eeceaeac8
1 changed files with 31 additions and 26 deletions
--- a/tests/compat.sh
+++ b/tests/compat.sh
@ -1,19 +1,22 @@
 killall -q openssl ssl_server ssl_server2
 MODES="ssl3 tls1 tls1_1 tls1_2"
-#VERIFY="YES"
+VERIFIES="NO YES"
 VERIFY=""
 OPENSSL=openssl
 for VERIFY in $VERIFIES;
 do
 if [ "X$VERIFY" = "XYES" ];
 then
-    P_CLIENT_ARGS="crt_file=data_files/server2.crt key_file=data_files/server2.key"
+    P_SERVER_ARGS="auth_mode=required crt_file=data_files/server1.crt key_file=data_files/server1.key ca_file=data_files/test-ca.crt"
-    O_SERVER_ARGS="-verify 10 -CAfile data_files/test-ca.crt"
+    P_CLIENT_ARGS="crt_file=data_files/server2.crt key_file=data_files/server2.key ca_file=data_files/test-ca.crt"
    O_SERVER_ARGS="-verify 10 -CAfile data_files/test-ca.crt -cert data_files/server1.crt -key data_files/server1.key"
    O_CLIENT_ARGS="-cert data_files/server2.crt -key data_files/server2.key -CAfile data_files/test-ca.crt"
 fi
 for MODE in $MODES;
 do
-echo "Running for $MODE"
+echo "Running for $MODE (Verify: $VERIFY)"
 echo "-----------"
 P_CIPHERS="                                 \
@ -56,24 +59,24 @@ O_CIPHERS="                         \
 # Also add SHA256 ciphersuites
 #
 P_CIPHERS="$P_CIPHERS                       \
    TLS-RSA-WITH-NULL-SHA256                \
    TLS-RSA-WITH-AES-128-CBC-SHA256         \
    TLS-DHE-RSA-WITH-AES-128-CBC-SHA256     \
    TLS-RSA-WITH-AES-256-CBC-SHA256         \
    TLS-DHE-RSA-WITH-AES-256-CBC-SHA256     \
    "
 O_CIPHERS="$O_CIPHERS           \
    NULL-SHA256                 \
    AES128-SHA256               \
    DHE-RSA-AES128-SHA256       \
    AES256-SHA256               \
    DHE-RSA-AES256-SHA256       \
    "
 if [ "$MODE" = "tls1_2" ];
 then
    P_CIPHERS="$P_CIPHERS                       \
        TLS-RSA-WITH-NULL-SHA256                \
        TLS-RSA-WITH-AES-128-CBC-SHA256         \
        TLS-DHE-RSA-WITH-AES-128-CBC-SHA256     \
        TLS-RSA-WITH-AES-256-CBC-SHA256         \
        TLS-DHE-RSA-WITH-AES-256-CBC-SHA256     \
        "
    O_CIPHERS="$O_CIPHERS           \
        NULL-SHA256                 \
        AES128-SHA256               \
        DHE-RSA-AES128-SHA256       \
        AES256-SHA256               \
        DHE-RSA-AES256-SHA256       \
        "
    P_CIPHERS="$P_CIPHERS                   \
        TLS-RSA-WITH-AES-128-GCM-SHA256     \
        TLS-RSA-WITH-AES-256-GCM-SHA384     \
@ -112,14 +115,14 @@ do
 done
 kill $PROCESS_ID
-../programs/ssl/ssl_server2 > /dev/null &
+../programs/ssl/ssl_server2 $P_SERVER_ARGS > /dev/null &
 PROCESS_ID=$!
 sleep 1
 for i in $O_CIPHERS;
 do
-    RESULT="$( ( echo -e 'GET HTTP/1.0'; echo; sleep 1 ) | $OPENSSL s_client -$MODE -cipher $i 2>&1)"
+    RESULT="$( ( echo -e 'GET HTTP/1.0'; echo; sleep 1 ) | $OPENSSL s_client -$MODE -cipher $i $O_CLIENT_ARGS 2>&1 )"
    EXIT=$?
    echo -n "PolarSSL Server - OpenSSL Client - $i : $EXIT - "
@ -131,6 +134,8 @@ do
            echo "Ciphersuite not supported in server"
        else
            echo Failed
            echo ../programs/ssl/ssl_server2 $P_SERVER_ARGS 
            echo $OPENSSL s_client -$MODE -cipher $i $O_CLIENT_ARGS 
            echo $RESULT
        fi
    else
@ -140,7 +145,7 @@ done
 kill $PROCESS_ID
-../programs/ssl/ssl_server2 > /dev/null &
+../programs/ssl/ssl_server2 $P_SERVER_ARGS > /dev/null &
 PROCESS_ID=$!
 sleep 1
@ -160,7 +165,7 @@ fi
 for i in $P_CIPHERS;
 do
-    RESULT="$( ../programs/ssl/ssl_client2 force_ciphersuite=$i )"
+    RESULT="$( ../programs/ssl/ssl_client2 force_ciphersuite=$i $P_CLIENT_ARGS )"
    EXIT=$?
    echo -n "PolarSSL Server - PolarSSL Client - $i : $EXIT - "
    if [ "$EXIT" = "2" ];
@ -177,4 +182,4 @@ done
 kill $PROCESS_ID
 done
-
+done