diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-02-13 16:01:26 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-02-13 16:05:31 +0100 |
| commit | ac98c219bffb6b58d35e49808b3d5c6a1ddb04e0 (patch) | |
| tree | 2b369828e2d5270581d9eadb7fa7681de84b87d7 | |
| parent | 59126d75c03cc5255231f1c7813130a4e520e961 (diff) | |
| download | gnutls-ac98c219bffb6b58d35e49808b3d5c6a1ddb04e0.tar.gz | |
tests: backported testdsa to prevent random failures in test suite
| -rwxr-xr-x | tests/dsa/testdsa | 108 | ||||
| -rw-r--r-- | tests/scripts/common.sh | 2 |
2 files changed, 61 insertions, 49 deletions
diff --git a/tests/dsa/testdsa b/tests/dsa/testdsa index bfbc43ec3c..4117b51392 100755 --- a/tests/dsa/testdsa +++ b/tests/dsa/testdsa @@ -23,133 +23,143 @@ srcdir="${srcdir:-.}" SERV="${SERV:-../../src/gnutls-serv} -q" CLI="${CLI:-../../src/gnutls-cli}" -PORT="${PORT:-5558}" DEBUG="" unset RETCODE -if test "${WINDIR}" != "";then - exit 77 +CERTTOOL="${CERTTOOL:-../../src/certtool${EXEEXT}}" +if ! test -z "${VALGRIND}"; then + VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND}" +fi + +if test "${WINDIR}" != ""; then + exit 77 fi -. $srcdir/../scripts/common.sh +. "${srcdir}/../scripts/common.sh" + +PORT="${PORT:-$RPORT}" -echo "Checking various DSA key sizes (port $PORT)" +echo "Checking various DSA key sizes (port ${PORT})" # DSA 1024 + TLS 1.0 echo "Checking DSA-1024 with TLS 1.0" -launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile $srcdir/cert.dsa.1024.pem --x509keyfile $srcdir/dsa.1024.pem >/dev/null 2>&1 & PID=$! -wait_server $PID +launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/cert.dsa.1024.pem" --x509keyfile "${srcdir}/dsa.1024.pem" >/dev/null 2>&1 & +PID=$! +wait_server "${PID}" PRIO="--priority NORMAL:+DHE-DSS:+SIGN-DSA-SHA512:+SIGN-DSA-SHA384:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" -$CLI $DEBUG $PRIO -p $PORT 127.0.0.1 --insecure </dev/null >/dev/null || \ - fail $PID "Failed connection to a server with DSA 1024 key and TLS 1.0!" +"${CLI}" ${DEBUG} ${PRIO} -p "${PORT}" 127.0.0.1 --insecure </dev/null >/dev/null || \ + fail "${PID}" "Failed connection to a server with DSA 1024 key and TLS 1.0!" echo "Checking server DSA-1024 with client DSA-1024 and TLS 1.0" #try with client key of 1024 bits (should succeed) -$CLI $DEBUG $PRIO -p $PORT 127.0.0.1 --insecure --x509certfile $srcdir/cert.dsa.1024.pem --x509keyfile $srcdir/dsa.1024.pem </dev/null >/dev/null || \ - fail $PID "Failed connection to a server with DSA 1024 key and TLS 1.0!" +"${CLI}" ${DEBUG} ${PRIO} -p "${PORT}" 127.0.0.1 --insecure --x509certfile "${srcdir}/cert.dsa.1024.pem" --x509keyfile "${srcdir}/dsa.1024.pem" </dev/null >/dev/null || \ + fail "${PID}" "Failed connection to a server with DSA 1024 key and TLS 1.0!" echo "Checking server DSA-1024 with client DSA-2048 and TLS 1.0" #try with client key of 2048 bits (should fail) -$CLI $DEBUG $PRIO -p $PORT 127.0.0.1 --insecure --x509certfile $srcdir/cert.dsa.2048.pem --x509keyfile $srcdir/dsa.2048.pem </dev/null >/dev/null 2>&1 && \ - fail $PID "Succeeded connection to a server with a client DSA 2048 key and TLS 1.0!" +"${CLI}" ${DEBUG} ${PRIO} -p "${PORT}" 127.0.0.1 --insecure --x509certfile "${srcdir}/cert.dsa.2048.pem" --x509keyfile "${srcdir}/dsa.2048.pem" </dev/null >/dev/null 2>&1 && \ + fail "${PID}" "Succeeded connection to a server with a client DSA 2048 key and TLS 1.0!" echo "Checking server DSA-1024 with client DSA-3072 and TLS 1.0" #try with client key of 3072 bits (should fail) -$CLI $DEBUG $PRIO -p $PORT 127.0.0.1 --insecure --x509certfile $srcdir/cert.dsa.3072.pem --x509keyfile $srcdir/dsa.3072.pem </dev/null >/dev/null 2>&1 && \ - fail $PID "Succeeded connection to a server with a client DSA 3072 key and TLS 1.0!" +"${CLI}" ${DEBUG} ${PRIO} -p "${PORT}" 127.0.0.1 --insecure --x509certfile "${srcdir}/cert.dsa.3072.pem" --x509keyfile "${srcdir}/dsa.3072.pem" </dev/null >/dev/null 2>&1 && \ + fail "${PID}" "Succeeded connection to a server with a client DSA 3072 key and TLS 1.0!" -kill $PID +kill "${PID}" wait # DSA 1024 + TLS 1.2 echo "Checking DSA-1024 with TLS 1.2" -launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile $srcdir/cert.dsa.1024.pem --x509keyfile $srcdir/dsa.1024.pem >/dev/null 2>&1 & PID=$! -wait_server $PID +launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/cert.dsa.1024.pem" --x509keyfile "${srcdir}/dsa.1024.pem" >/dev/null 2>&1 & +PID=$! +wait_server "${PID}" -$CLI $DEBUG $PRIO -p $PORT 127.0.0.1 --insecure </dev/null >/dev/null || \ - fail $PID "Failed connection to a server with DSA 1024 key and TLS 1.2!" +"${CLI}" ${DEBUG} ${PRIO} -p "${PORT}" 127.0.0.1 --insecure </dev/null >/dev/null || \ + fail "${PID}" "Failed connection to a server with DSA 1024 key and TLS 1.2!" echo "Checking server DSA-1024 with client DSA-1024 and TLS 1.2" #try with client key of 1024 bits (should succeed) -$CLI $DEBUG $PRIO -p $PORT 127.0.0.1 --insecure --x509certfile $srcdir/cert.dsa.1024.pem --x509keyfile $srcdir/dsa.1024.pem </dev/null >/dev/null || \ - fail $PID "Failed connection to a server with DSA 1024 key and TLS 1.2!" +"${CLI}" ${DEBUG} ${PRIO} -p "${PORT}" 127.0.0.1 --insecure --x509certfile "${srcdir}/cert.dsa.1024.pem" --x509keyfile "${srcdir}/dsa.1024.pem" </dev/null >/dev/null || \ + fail "${PID}" "Failed connection to a server with DSA 1024 key and TLS 1.2!" echo "Checking server DSA-1024 with client DSA-2048 and TLS 1.2" #try with client key of 2048 bits (should succeed) -$CLI $DEBUG $PRIO -p $PORT 127.0.0.1 --insecure --x509certfile $srcdir/cert.dsa.2048.pem --x509keyfile $srcdir/dsa.2048.pem </dev/null >/dev/null || \ - fail $PID "Failed connection to a server with a client DSA 2048 key and TLS 1.2!" +"${CLI}" ${DEBUG} ${PRIO} -p "${PORT}" 127.0.0.1 --insecure --x509certfile "${srcdir}/cert.dsa.2048.pem" --x509keyfile "${srcdir}/dsa.2048.pem" </dev/null >/dev/null || \ + fail "${PID}" "Failed connection to a server with a client DSA 2048 key and TLS 1.2!" echo "Checking server DSA-1024 with client DSA-3072 and TLS 1.2" #try with client key of 3072 bits (should succeed) -$CLI $DEBUG $PRIO -p $PORT 127.0.0.1 --insecure --x509certfile $srcdir/cert.dsa.3072.pem --x509keyfile $srcdir/dsa.3072.pem </dev/null >/dev/null || \ - fail $PID "Failed connection to a server with a client DSA 3072 key and TLS 1.2!" +"${CLI}" ${DEBUG} ${PRIO} -p "${PORT}" 127.0.0.1 --insecure --x509certfile "${srcdir}/cert.dsa.3072.pem" --x509keyfile "${srcdir}/dsa.3072.pem" </dev/null >/dev/null || \ + fail "${PID}" "Failed connection to a server with a client DSA 3072 key and TLS 1.2!" - -kill $PID +kill "${PID}" wait # DSA 2048 + TLS 1.0 #echo "Checking DSA-2048 with TLS 1.0" -#launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile $srcdir/cert.dsa.2048.pem --x509keyfile $srcdir/dsa.2048.pem >/dev/null 2>&1 & PID=$! -#wait_server $PID +#launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile "${srcdir}/cert.dsa.2048.pem" --x509keyfile "${srcdir}/dsa.2048.pem" >/dev/null 2>&1 & +#PID=$! +#wait_server "${PID}" -#$CLI $DEBUG $PRIO -p $PORT 127.0.0.1 --insecure </dev/null >/dev/null 2>&1 && \ -# fail $PID "Succeeded connection to a server with DSA 2048 key and TLS 1.0. Should have failed!" +#"${CLI}" ${DEBUG} ${PRIO} -p "${PORT}" 127.0.0.1 --insecure </dev/null >/dev/null 2>&1 && \ +# fail "${PID}" "Succeeded connection to a server with DSA 2048 key and TLS 1.0. Should have failed!" -#kill $PID +#kill "${PID}" #wait # DSA 2048 + TLS 1.2 echo "Checking DSA-2048 with TLS 1.2" -launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile $srcdir/cert.dsa.2048.pem --x509keyfile $srcdir/dsa.2048.pem >/dev/null 2>&1 & PID=$! -wait_server $PID +launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/cert.dsa.2048.pem" --x509keyfile "${srcdir}/dsa.2048.pem" >/dev/null 2>&1 & +PID=$! +wait_server "${PID}" -$CLI $DEBUG $PRIO -p $PORT 127.0.0.1 --insecure </dev/null >/dev/null || \ - fail $PID "Failed connection to a server with DSA 2048 key and TLS 1.2!" +"${CLI}" ${DEBUG} ${PRIO} -p "${PORT}" 127.0.0.1 --insecure </dev/null >/dev/null || \ + fail "${PID}" "Failed connection to a server with DSA 2048 key and TLS 1.2!" -kill $PID +kill "${PID}" wait # DSA 3072 + TLS 1.0 #echo "Checking DSA-3072 with TLS 1.0" -#launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile $srcdir/cert.dsa.3072.pem --x509keyfile $srcdir/dsa.3072.pem >/dev/null 2>&1 & PID=$! -#wait_server $PID +#launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile "${srcdir}/cert.dsa.3072.pem" --x509keyfile "${srcdir}/dsa.3072.pem" >/dev/null 2>&1 & +#PID=$! +#wait_server "${PID}" # -#$CLI $DEBUG $PRIO -p $PORT 127.0.0.1 --insecure </dev/null >/dev/null 2>&1 && \ -# fail $PID "Succeeded connection to a server with DSA 3072 key and TLS 1.0. Should have failed!" +#"${CLI}" ${DEBUG} ${PRIO} -p "${PORT}" 127.0.0.1 --insecure </dev/null >/dev/null 2>&1 && \ +# fail "${PID}" "Succeeded connection to a server with DSA 3072 key and TLS 1.0. Should have failed!" # -#kill $PID +#kill "${PID}" #wait # DSA 3072 + TLS 1.2 echo "Checking DSA-3072 with TLS 1.2" -launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile $srcdir/cert.dsa.3072.pem --x509keyfile $srcdir/dsa.3072.pem >/dev/null 2>&1 & PID=$! -wait_server $PID +launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/cert.dsa.3072.pem" --x509keyfile "${srcdir}/dsa.3072.pem" >/dev/null 2>&1 & +PID=$! +wait_server "${PID}" -$CLI $DEBUG $PRIO -p $PORT 127.0.0.1 --insecure </dev/null >/dev/null || \ - fail $PID "Failed connection to a server with DSA 3072 key and TLS 1.2!" +"${CLI}" ${DEBUG} ${PRIO} -p "${PORT}" 127.0.0.1 --insecure </dev/null >/dev/null || \ + fail "${PID}" "Failed connection to a server with DSA 3072 key and TLS 1.2!" -kill $PID +kill "${PID}" wait exit 0 - diff --git a/tests/scripts/common.sh b/tests/scripts/common.sh index 7a1196b60a..50880f53c4 100644 --- a/tests/scripts/common.sh +++ b/tests/scripts/common.sh @@ -18,6 +18,8 @@ # along with this file; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +RPORT="$(((($$<<15)|RANDOM) % 63001 + 2000))" + fail() { PID=$1 shift; |