diff options
-rw-r--r-- | tests/suite/Makefile.am | 2 | ||||
-rwxr-xr-x | tests/suite/tls-fuzzer/tls-fuzzer-alpn.sh | 40 | ||||
-rwxr-xr-x | tests/suite/tls-fuzzer/tls-fuzzer-cert.sh | 40 | ||||
-rwxr-xr-x | tests/suite/tls-fuzzer/tls-fuzzer-common.sh | 56 | ||||
-rwxr-xr-x | tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh | 40 | ||||
-rwxr-xr-x | tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh | 40 | ||||
-rwxr-xr-x | tests/suite/tls-fuzzer/tls-fuzzer-psk.sh | 39 |
7 files changed, 72 insertions, 185 deletions
diff --git a/tests/suite/Makefile.am b/tests/suite/Makefile.am index 9778538000..f43fe90eee 100644 --- a/tests/suite/Makefile.am +++ b/tests/suite/Makefile.am @@ -86,7 +86,7 @@ nodist_libecore_la_SOURCES = ecore/src/lib/ecore_anim.c \ EXTRA_DIST += testcompat-main-polarssl testcompat-main-openssl \ - testcompat-common params.dh + testcompat-common params.dh tls-fuzzer/tls-fuzzer-common.sh scripts_to_test = chain.sh \ testrng.sh testcompat-polarssl.sh testcompat-openssl.sh \ diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-alpn.sh b/tests/suite/tls-fuzzer/tls-fuzzer-alpn.sh index 80ebfc57b1..07ab0fa7f0 100755 --- a/tests/suite/tls-fuzzer/tls-fuzzer-alpn.sh +++ b/tests/suite/tls-fuzzer/tls-fuzzer-alpn.sh @@ -19,49 +19,15 @@ # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. srcdir="${srcdir:-.}" -SERV="../../../../src/gnutls-serv${EXEEXT}" -CLI="../../../../src/gnutls-cli${EXEEXT}" - -OUTFILE=tls-fuzzer.debug.log -TMPFILE=tls-fuzzer.$$.tmp - -. "${srcdir}/../scripts/common.sh" - -eval "${GETPORT}" - -pushd tls-fuzzer - -if ! test -d tlsfuzzer;then - exit 77 -fi - -rm -f "$OUTFILE" - -pushd tlsfuzzer -test -L ecdsa || ln -s ../python-ecdsa/src/ecdsa ecdsa -test -L tlslite || ln -s ../tlslite-ng/tlslite tlslite 2>/dev/null - -wait_for_free_port $PORT - -retval=0 +tls_fuzzer_prepare() { PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:+VERS-SSL3.0" ${CLI} --list --priority "${PRIORITY}" >/dev/null 2>&1 if test $? != 0;then PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:+VERS-SSL3.0" fi -TLS_PY=./tlslite-ng/scripts/tls.py -#TLS_PY=$(which tls.py) - sed -e "s|@SERVER@|$SERV|g" -e "s/@PORT@/$PORT/g" -e "s/@PRIORITY@/$PRIORITY/g" ../gnutls-alpn.json >${TMPFILE} +} -PYTHONPATH=. python tests/scripts_retention.py ${TMPFILE} ${SERV} -retval=$? - -rm -f ${TMPFILE} - -popd -popd - -exit $retval +. "${srcdir}/tls-fuzzer/tls-fuzzer-common.sh" diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-cert.sh b/tests/suite/tls-fuzzer/tls-fuzzer-cert.sh index 761363b7a2..054343fc28 100755 --- a/tests/suite/tls-fuzzer/tls-fuzzer-cert.sh +++ b/tests/suite/tls-fuzzer/tls-fuzzer-cert.sh @@ -19,49 +19,15 @@ # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. srcdir="${srcdir:-.}" -SERV="../../../../src/gnutls-serv${EXEEXT}" -CLI="../../../../src/gnutls-cli${EXEEXT}" - -OUTFILE=tls-fuzzer-cert.debug.log -TMPFILE=tls-fuzzer-cert.$$.tmp - -. "${srcdir}/../scripts/common.sh" - -eval "${GETPORT}" - -pushd tls-fuzzer - -if ! test -d tlsfuzzer;then - exit 77 -fi - -rm -f "$OUTFILE" - -pushd tlsfuzzer -test -L ecdsa || ln -s ../python-ecdsa/src/ecdsa ecdsa -test -L tlslite || ln -s ../tlslite-ng/tlslite tlslite 2>/dev/null - -wait_for_free_port $PORT - -retval=0 +tls_fuzzer_prepare() { PRIORITY="NORMAL:+ARCFOUR-128:%VERIFY_ALLOW_SIGN_WITH_SHA1:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:+VERS-SSL3.0" ${CLI} --list --priority "${PRIORITY}" >/dev/null 2>&1 if test $? != 0;then PRIORITY="NORMAL:+ARCFOUR-128:%VERIFY_ALLOW_SIGN_WITH_SHA1:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:+VERS-SSL3.0" fi -TLS_PY=./tlslite-ng/scripts/tls.py -#TLS_PY=$(which tls.py) - sed -e "s|@SERVER@|$SERV|g" -e "s/@PORT@/$PORT/g" -e "s/@PRIORITY@/$PRIORITY/g" ../gnutls-cert.json >${TMPFILE} +} -PYTHONPATH=. python tests/scripts_retention.py ${TMPFILE} ${SERV} -retval=$? - -rm -f ${TMPFILE} - -popd -popd - -exit $retval +. "${srcdir}/tls-fuzzer/tls-fuzzer-common.sh" diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-common.sh b/tests/suite/tls-fuzzer/tls-fuzzer-common.sh new file mode 100755 index 0000000000..cb44656220 --- /dev/null +++ b/tests/suite/tls-fuzzer/tls-fuzzer-common.sh @@ -0,0 +1,56 @@ +#!/bin/bash + +# Copyright (C) 2016-2018 Red Hat, Inc. +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +SERV="../../../../src/gnutls-serv${EXEEXT}" +CLI="../../../../src/gnutls-cli${EXEEXT}" + +TMPFILE=tls-fuzzer.$$.tmp +PSKFILE=tls-fuzzer.psk.$$.tmp + +. "${srcdir}/../scripts/common.sh" + +eval "${GETPORT}" + +pushd tls-fuzzer + +if ! test -d tlsfuzzer;then + exit 77 +fi + +pushd tlsfuzzer +test -L ecdsa || ln -s ../python-ecdsa/src/ecdsa ecdsa +test -L tlslite || ln -s ../tlslite-ng/tlslite tlslite 2>/dev/null + +wait_for_free_port $PORT + +retval=0 + +tls_fuzzer_prepare + +PYTHONPATH=. python tests/scripts_retention.py ${TMPFILE} ${SERV} +retval=$? + +rm -f ${TMPFILE} +[ -f "${PSKFILE}" ] && rm -f ${PSKFILE} + +popd +popd + +exit $retval diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh b/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh index f5d94dd692..aab37db5e2 100755 --- a/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh +++ b/tests/suite/tls-fuzzer/tls-fuzzer-nocert-tls13.sh @@ -19,47 +19,13 @@ # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. srcdir="${srcdir:-.}" -SERV="../../../../src/gnutls-serv${EXEEXT}" -CLI="../../../../src/gnutls-cli${EXEEXT}" - -OUTFILE=tls-fuzzer.debug.log -TMPFILE=tls-fuzzer.$$.tmp - -. "${srcdir}/../scripts/common.sh" - -eval "${GETPORT}" - -pushd tls-fuzzer - -if ! test -d tlsfuzzer;then - exit 77 -fi - -rm -f "$OUTFILE" - -pushd tlsfuzzer -test -L ecdsa || ln -s ../python-ecdsa/src/ecdsa ecdsa -test -L tlslite || ln -s ../tlslite-ng/tlslite tlslite 2>/dev/null - -wait_for_free_port $PORT - -retval=0 +tls_fuzzer_prepare() { PRIORITY="NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1" -TLS_PY=./tlslite-ng/scripts/tls.py -#TLS_PY=$(which tls.py) - sed -e "s|@SERVER@|$SERV|g" -e "s/@PORT@/$PORT/g" -e "s/@PRIORITY@/$PRIORITY/g" ../gnutls-nocert-tls13.json >${TMPFILE} sed -i 's/(127, 28)/(3, 4)/g' ./tlslite/constants.py +} -PYTHONPATH=. python tests/scripts_retention.py ${TMPFILE} ${SERV} -retval=$? - -rm -f ${TMPFILE} - -popd -popd - -exit $retval +. "${srcdir}/tls-fuzzer/tls-fuzzer-common.sh" diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh b/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh index c1175e0e74..77a1d050cd 100755 --- a/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh +++ b/tests/suite/tls-fuzzer/tls-fuzzer-nocert.sh @@ -19,32 +19,8 @@ # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. srcdir="${srcdir:-.}" -SERV="../../../../src/gnutls-serv${EXEEXT}" -CLI="../../../../src/gnutls-cli${EXEEXT}" - -OUTFILE=tls-fuzzer.debug.log -TMPFILE=tls-fuzzer.$$.tmp - -. "${srcdir}/../scripts/common.sh" - -eval "${GETPORT}" - -pushd tls-fuzzer - -if ! test -d tlsfuzzer;then - exit 77 -fi - -rm -f "$OUTFILE" - -pushd tlsfuzzer -test -L ecdsa || ln -s ../python-ecdsa/src/ecdsa ecdsa -test -L tlslite || ln -s ../tlslite-ng/tlslite tlslite 2>/dev/null - -wait_for_free_port $PORT - -retval=0 +tls_fuzzer_prepare() { VERSIONS="-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0" PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:-CURVE-SECP192R1:${VERSIONS}:+SHA256" ${CLI} --list --priority "${PRIORITY}" >/dev/null 2>&1 @@ -52,17 +28,7 @@ if test $? != 0;then PRIORITY="NORMAL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+ARCFOUR-128:+3DES-CBC:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1:${VERSIONS}:+SHA256" fi -TLS_PY=./tlslite-ng/scripts/tls.py -#TLS_PY=$(which tls.py) - sed -e "s|@SERVER@|$SERV|g" -e "s/@PORT@/$PORT/g" -e "s/@PRIORITY@/$PRIORITY/g" ../gnutls-nocert.json >${TMPFILE} +} -PYTHONPATH=. python tests/scripts_retention.py ${TMPFILE} ${SERV} -retval=$? - -rm -f ${TMPFILE} - -popd -popd - -exit $retval +. "${srcdir}/tls-fuzzer/tls-fuzzer-common.sh" diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-psk.sh b/tests/suite/tls-fuzzer/tls-fuzzer-psk.sh index 096e5ed1f2..cc2e6df0d4 100755 --- a/tests/suite/tls-fuzzer/tls-fuzzer-psk.sh +++ b/tests/suite/tls-fuzzer/tls-fuzzer-psk.sh @@ -19,33 +19,8 @@ # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. srcdir="${srcdir:-.}" -SERV="../../../../src/gnutls-serv${EXEEXT}" -CLI="../../../../src/gnutls-cli${EXEEXT}" - -OUTFILE=tls-fuzzer.debug.log -TMPFILE=tls-fuzzer.$$.tmp -PSKFILE=tls-fuzzer.psk.$$.tmp - -. "${srcdir}/../scripts/common.sh" - -eval "${GETPORT}" - -pushd tls-fuzzer - -if ! test -d tlsfuzzer;then - exit 77 -fi - -rm -f "$OUTFILE" - -pushd tlsfuzzer -test -L ecdsa || ln -s ../python-ecdsa/src/ecdsa ecdsa -test -L tlslite || ln -s ../tlslite-ng/tlslite tlslite 2>/dev/null - -wait_for_free_port $PORT - -retval=0 +tls_fuzzer_prepare() { PRIORITY="NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:-KX-ALL:+DHE-PSK:+ECDHE-PSK:+PSK" PSKKEY=8a7759b3f26983c453e448060bde8981 @@ -56,14 +31,6 @@ sed -e "s|@SERVER@|$SERV|g" -e "s/@PSKKEY@/$PSKKEY/g" -e "s/@PSKID@/$PSKID/g" -e cat >${PSKFILE} <<_EOF_ ${PSKID}:${PSKKEY} _EOF_ +} -PYTHONPATH=. python tests/scripts_retention.py ${TMPFILE} ${SERV} -retval=$? - -rm -f ${TMPFILE} -rm -f ${PSKFILE} - -popd -popd - -exit $retval +. "${srcdir}/tls-fuzzer/tls-fuzzer-common.sh" |