diff options
| -rw-r--r-- | configure.ac | 1 | ||||
| -rw-r--r-- | tests/Makefile.am | 7 | ||||
| -rw-r--r-- | tests/scripts/Makefile.am | 23 | ||||
| -rwxr-xr-x | tests/scripts/starttls-common.sh | 57 | ||||
| -rwxr-xr-x | tests/starttls-ftp.sh | 48 | ||||
| -rwxr-xr-x | tests/starttls-lmtp.sh | 48 | ||||
| -rwxr-xr-x | tests/starttls-nntp.sh | 48 | ||||
| -rwxr-xr-x | tests/starttls-pop3.sh | 48 | ||||
| -rwxr-xr-x | tests/starttls-sieve.sh | 48 | ||||
| -rwxr-xr-x | tests/starttls-smtp.sh | 48 | ||||
| -rwxr-xr-x | tests/starttls.sh | 120 |
11 files changed, 351 insertions, 145 deletions
diff --git a/configure.ac b/configure.ac index 9868f8636e..5779d2d584 100644 --- a/configure.ac +++ b/configure.ac @@ -1007,7 +1007,6 @@ AC_CONFIG_FILES([ tests/ocsp-tests/Makefile tests/dtls/Makefile tests/key-tests/Makefile - tests/scripts/Makefile tests/slow/Makefile tests/suite/Makefile ]) diff --git a/tests/Makefile.am b/tests/Makefile.am index 255ea1e476..05f6c52226 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -19,7 +19,7 @@ # along with this file; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -SUBDIRS = . cert-tests ocsp-tests key-tests scripts slow dtls windows +SUBDIRS = . cert-tests ocsp-tests key-tests slow dtls windows if WANT_TEST_SUITE SUBDIRS += suite @@ -42,7 +42,7 @@ EXTRA_DIST = suppressions.valgrind eagain-common.h cert-common.h test-chains.h \ certs-interesting/cert3.der.err certs-interesting/cert4.der pkcs7-interesting/pkcs7-1.der \ pkcs7-interesting/pkcs7-1.der.err pkcs7-interesting/pkcs7-2.der pkcs7-interesting/pkcs7-2.der.err \ client-interesting/client1.raw client-interesting/client2.raw client-interesting/client3.disabled \ - server-interesting/server1.raw + server-interesting/server1.raw scripts/common.sh scripts/starttls-common.sh AM_CFLAGS = $(WARN_CFLAGS) $(WERROR_CFLAGS) AM_CPPFLAGS = \ @@ -298,7 +298,8 @@ check_PROGRAMS = $(ctests) dist_check_SCRIPTS = rfc2253-escape-test rsa-md5-collision/rsa-md5-collision.sh if !WINDOWS -dist_check_SCRIPTS += fastopen.sh starttls.sh +dist_check_SCRIPTS += fastopen.sh starttls.sh starttls-ftp.sh starttls-smtp.sh \ + starttls-lmtp.sh starttls-pop3.sh starttls-nntp.sh starttls-sieve.sh if ENABLE_DANE dist_check_SCRIPTS += danetool.sh endif diff --git a/tests/scripts/Makefile.am b/tests/scripts/Makefile.am deleted file mode 100644 index 043e656c2d..0000000000 --- a/tests/scripts/Makefile.am +++ /dev/null @@ -1,23 +0,0 @@ -## Process this file with automake to produce Makefile.in -# Copyright (C) 2007-2008, 2010, 2012 Free Software Foundation, Inc. -# -# Author: Simon Josefsson -# -# This file is part of GnuTLS. -# -# This file is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3 of the License, or -# (at your option) any later version. -# -# This file is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this file; if not, write to the Free Software Foundation, -# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - -EXTRA_DIST = common.sh - diff --git a/tests/scripts/starttls-common.sh b/tests/scripts/starttls-common.sh new file mode 100755 index 0000000000..0fa13f18fc --- /dev/null +++ b/tests/scripts/starttls-common.sh @@ -0,0 +1,57 @@ +#!/bin/sh + +# Copyright (C) 2010-2016 Free Software Foundation, Inc. +# +# Author: Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +if ! test -x "${SERV}"; then + exit 77 +fi + +if ! test -x "${CLI}"; then + exit 77 +fi + +if test "${WINDIR}" != ""; then + exit 77 +fi + +if ! test -z "${VALGRIND}"; then + VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15" +fi + +if test ! -x /usr/bin/socat;then + exit 77 +fi + +for file in `which chat` /sbin/chat /usr/sbin/chat /usr/local/sbin/chat +do + if test -x "$file" + then + CHAT="$file" + break + fi +done + +if test -z "$CHAT" +then + echo "chat not found" + exit 77 +fi + diff --git a/tests/starttls-ftp.sh b/tests/starttls-ftp.sh new file mode 100755 index 0000000000..4e6b241e3a --- /dev/null +++ b/tests/starttls-ftp.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +# Copyright (C) 2010-2016 Free Software Foundation, Inc. +# +# Author: Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +srcdir="${srcdir:-.}" +SERV="${SERV:-../src/gnutls-serv${EXEEXT}}" +CLI="${CLI:-../src/gnutls-cli${EXEEXT}}" +unset RETCODE + +. "${srcdir}/scripts/common.sh" +. "${srcdir}/scripts/starttls-common.sh" + +SERV="${SERV} -q" + +echo "Checking STARTTLS over FTP" + +eval "${GETPORT}" +socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-ftp.txt",pty & +PID=$! +wait_server ${PID} + +${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto ftp --verbose </dev/null >/dev/null +if test $? != 1;then + fail ${PID} "connect should have failed with error code 1" +fi + +kill ${PID} +wait + +exit 0 diff --git a/tests/starttls-lmtp.sh b/tests/starttls-lmtp.sh new file mode 100755 index 0000000000..96c5c0c160 --- /dev/null +++ b/tests/starttls-lmtp.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +# Copyright (C) 2010-2016 Free Software Foundation, Inc. +# +# Author: Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +srcdir="${srcdir:-.}" +SERV="${SERV:-../src/gnutls-serv${EXEEXT}}" +CLI="${CLI:-../src/gnutls-cli${EXEEXT}}" +unset RETCODE + +. "${srcdir}/scripts/common.sh" +. "${srcdir}/scripts/starttls-common.sh" + +SERV="${SERV} -q" + +echo "Checking STARTTLS over LMTP" + +eval "${GETPORT}" +socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-lmtp.txt",pty & +PID=$! +wait_server ${PID} + +${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto lmtp --verbose </dev/null >/dev/null +if test $? != 1;then + fail ${PID} "connect should have failed with error code 1" +fi + +kill ${PID} +wait + +exit 0 diff --git a/tests/starttls-nntp.sh b/tests/starttls-nntp.sh new file mode 100755 index 0000000000..256a7cad4b --- /dev/null +++ b/tests/starttls-nntp.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +# Copyright (C) 2010-2016 Free Software Foundation, Inc. +# +# Author: Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +srcdir="${srcdir:-.}" +SERV="${SERV:-../src/gnutls-serv${EXEEXT}}" +CLI="${CLI:-../src/gnutls-cli${EXEEXT}}" +unset RETCODE + +. "${srcdir}/scripts/common.sh" +. "${srcdir}/scripts/starttls-common.sh" + +SERV="${SERV} -q" + +echo "Checking STARTTLS over NNTP" + +eval "${GETPORT}" +socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-nntp.txt",pty & +PID=$! +wait_server ${PID} + +${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto nntp --verbose </dev/null >/dev/null +if test $? != 1;then + fail ${PID} "connect should have failed with error code 1" +fi + +kill ${PID} +wait + +exit 0 diff --git a/tests/starttls-pop3.sh b/tests/starttls-pop3.sh new file mode 100755 index 0000000000..57fa2de9af --- /dev/null +++ b/tests/starttls-pop3.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +# Copyright (C) 2010-2016 Free Software Foundation, Inc. +# +# Author: Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +srcdir="${srcdir:-.}" +SERV="${SERV:-../src/gnutls-serv${EXEEXT}}" +CLI="${CLI:-../src/gnutls-cli${EXEEXT}}" +unset RETCODE + +. "${srcdir}/scripts/common.sh" +. "${srcdir}/scripts/starttls-common.sh" + +SERV="${SERV} -q" + +echo "Checking STARTTLS over POP3" + +eval "${GETPORT}" +socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-pop3.txt",pty & +PID=$! +wait_server ${PID} + +${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto pop3 --verbose </dev/null >/dev/null +if test $? != 1;then + fail ${PID} "connect should have failed with error code 1" +fi + +kill ${PID} +wait + +exit 0 diff --git a/tests/starttls-sieve.sh b/tests/starttls-sieve.sh new file mode 100755 index 0000000000..e7b90a3e06 --- /dev/null +++ b/tests/starttls-sieve.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +# Copyright (C) 2010-2016 Free Software Foundation, Inc. +# +# Author: Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +srcdir="${srcdir:-.}" +SERV="${SERV:-../src/gnutls-serv${EXEEXT}}" +CLI="${CLI:-../src/gnutls-cli${EXEEXT}}" +unset RETCODE + +. "${srcdir}/scripts/common.sh" +. "${srcdir}/scripts/starttls-common.sh" + +SERV="${SERV} -q" + +echo "Checking STARTTLS over SIEVE" + +eval "${GETPORT}" +socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-sieve.txt",pty & +PID=$! +wait_server ${PID} + +${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto sieve --verbose </dev/null >/dev/null +if test $? != 1;then + fail ${PID} "connect should have failed with error code 1" +fi + +kill ${PID} +wait + +exit 0 diff --git a/tests/starttls-smtp.sh b/tests/starttls-smtp.sh new file mode 100755 index 0000000000..c346b11f17 --- /dev/null +++ b/tests/starttls-smtp.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +# Copyright (C) 2010-2016 Free Software Foundation, Inc. +# +# Author: Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +srcdir="${srcdir:-.}" +SERV="${SERV:-../src/gnutls-serv${EXEEXT}}" +CLI="${CLI:-../src/gnutls-cli${EXEEXT}}" +unset RETCODE + +. "${srcdir}/scripts/common.sh" +. "${srcdir}/scripts/starttls-common.sh" + +SERV="${SERV} -q" + +echo "Checking STARTTLS over SMTP" + +eval "${GETPORT}" +socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-smtp.txt",pty & +PID=$! +wait_server ${PID} + +${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto smtp --verbose </dev/null >/dev/null +if test $? != 1;then + fail ${PID} "connect should have failed with error code 1" +fi + +kill ${PID} +wait + +exit 0 diff --git a/tests/starttls.sh b/tests/starttls.sh index c0e5a6750e..929ab1d5cc 100755 --- a/tests/starttls.sh +++ b/tests/starttls.sh @@ -25,45 +25,11 @@ SERV="${SERV:-../src/gnutls-serv${EXEEXT}}" CLI="${CLI:-../src/gnutls-cli${EXEEXT}}" unset RETCODE -if ! test -x "${SERV}"; then - exit 77 -fi - -if ! test -x "${CLI}"; then - exit 77 -fi - -if test "${WINDIR}" != ""; then - exit 77 -fi - -if ! test -z "${VALGRIND}"; then - VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15" -fi - -if test ! -x /usr/bin/socat;then - exit 77 -fi - -for file in `which chat` /sbin/chat /usr/sbin/chat /usr/local/sbin/chat -do - if test -x "$file" - then - CHAT="$file" - break - fi -done - -if test -z "$CHAT" -then - echo "chat not found" - exit 77 -fi +. "${srcdir}/scripts/common.sh" +. "${srcdir}/scripts/starttls-common.sh" SERV="${SERV} -q" -. "${srcdir}/scripts/common.sh" - echo "Checking STARTTLS" eval "${GETPORT}" @@ -78,86 +44,4 @@ ${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insec kill ${PID} wait -echo "Checking STARTTLS over SMTP" - -eval "${GETPORT}" -socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-smtp.txt",pty & -PID=$! -wait_server ${PID} - -${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto smtp --verbose </dev/null >/dev/null -if test $? != 1;then - fail ${PID} "connect should have failed with error code 1" -fi - -kill ${PID} -wait - -echo "Checking STARTTLS over FTP" - -eval "${GETPORT}" -socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-ftp.txt",pty & -PID=$! -wait_server ${PID} - -${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto ftp --verbose </dev/null >/dev/null -if test $? != 1;then - fail ${PID} "connect should have failed with error code 1" -fi - -kill ${PID} -wait - -eval "${GETPORT}" -socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-lmtp.txt",pty & -PID=$! -wait_server ${PID} - -${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto lmtp --verbose </dev/null >/dev/null -if test $? != 1;then - fail ${PID} "connect should have failed with error code 1" -fi - -kill ${PID} -wait - -eval "${GETPORT}" -socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-pop3.txt",pty & -PID=$! -wait_server ${PID} - -${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto pop3 --verbose </dev/null >/dev/null -if test $? != 1;then - fail ${PID} "connect should have failed with error code 1" -fi - -kill ${PID} -wait - -eval "${GETPORT}" -socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-nntp.txt",pty & -PID=$! -wait_server ${PID} - -${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto nntp --verbose </dev/null >/dev/null -if test $? != 1;then - fail ${PID} "connect should have failed with error code 1" -fi - -kill ${PID} -wait - -eval "${GETPORT}" -socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-sieve.txt",pty & -PID=$! -wait_server ${PID} - -${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto sieve --verbose </dev/null >/dev/null -if test $? != 1;then - fail ${PID} "connect should have failed with error code 1" -fi - -kill ${PID} -wait - exit 0 |