diff options
33 files changed, 168 insertions, 176 deletions
diff --git a/tests/cert-reencoding.sh b/tests/cert-reencoding.sh index 8b147fc823..8b5974b61c 100755 --- a/tests/cert-reencoding.sh +++ b/tests/cert-reencoding.sh @@ -244,7 +244,7 @@ TESTDATE="2018-03-01" # Start OpenSSL TLS server # -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${OPENSSL}" s_server -cert ${SERVER_CERT_FILE} -key ${SERVER_KEY_FILE} \ -CAfile ${CA_FILE} -port ${PORT} -Verify 1 -verify_return_error -www diff --git a/tests/cert-tests/dsa b/tests/cert-tests/dsa index ed3821e932..e8678a7763 100755 --- a/tests/cert-tests/dsa +++ b/tests/cert-tests/dsa @@ -59,7 +59,7 @@ echo "Checking various DSA key sizes (port ${PORT})" echo "Checking DSA-1024 with TLS 1.0" eval "${GETPORT}" -launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/data/cert.dsa.1024.pem" --x509keyfile "${srcdir}/data/dsa.1024.pem" +launch_server --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/data/cert.dsa.1024.pem" --x509keyfile "${srcdir}/data/dsa.1024.pem" PID=$! wait_server "${PID}" @@ -93,7 +93,7 @@ wait echo "Checking DSA-1024 with TLS 1.2" eval "${GETPORT}" -launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/data/cert.dsa.1024.pem" --x509keyfile "${srcdir}/data/dsa.1024.pem" +launch_server --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/data/cert.dsa.1024.pem" --x509keyfile "${srcdir}/data/dsa.1024.pem" PID=$! wait_server "${PID}" @@ -126,7 +126,7 @@ wait #echo "Checking DSA-2048 with TLS 1.0" #eval "${GETPORT}" -#launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile "${srcdir}/data/cert.dsa.2048.pem" --x509keyfile "${srcdir}/data/dsa.2048.pem" +#launch_server --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile "${srcdir}/data/cert.dsa.2048.pem" --x509keyfile "${srcdir}/data/dsa.2048.pem" #PID=$! #wait_server "${PID}" @@ -140,7 +140,7 @@ wait echo "Checking DSA-2048 with TLS 1.2" eval "${GETPORT}" -launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/data/cert.dsa.2048.pem" --x509keyfile "${srcdir}/data/dsa.2048.pem" +launch_server --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/data/cert.dsa.2048.pem" --x509keyfile "${srcdir}/data/dsa.2048.pem" PID=$! wait_server "${PID}" @@ -154,7 +154,7 @@ wait #echo "Checking DSA-3072 with TLS 1.0" -#launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile "${srcdir}/data/cert.dsa.3072.pem" --x509keyfile "${srcdir}/data/dsa.3072.pem" +#launch_server --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" --x509certfile "${srcdir}/data/cert.dsa.3072.pem" --x509keyfile "${srcdir}/data/dsa.3072.pem" #PID=$! #wait_server "${PID}" # @@ -169,7 +169,7 @@ wait echo "Checking DSA-3072 with TLS 1.2" eval "${GETPORT}" -launch_server $$ --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/data/cert.dsa.3072.pem" --x509keyfile "${srcdir}/data/dsa.3072.pem" +launch_server --priority "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1" --x509certfile "${srcdir}/data/cert.dsa.3072.pem" --x509keyfile "${srcdir}/data/dsa.3072.pem" PID=$! wait_server "${PID}" diff --git a/tests/dh-fips-approved.sh b/tests/dh-fips-approved.sh index 687ad6d5f7..cc98b91fb3 100755 --- a/tests/dh-fips-approved.sh +++ b/tests/dh-fips-approved.sh @@ -85,7 +85,7 @@ for params in $ALLOWED_PARAMS; do PARAMS=${srcdir}/../doc/credentials/dhparams/${params}.pem eval "${GETPORT}" - launch_server $$ ${OPTS} --x509keyfile ${KEY1} --x509certfile ${CERT1} --dhparams ${PARAMS} + launch_server ${OPTS} --x509keyfile ${KEY1} --x509certfile ${CERT1} --dhparams ${PARAMS} PID=$! wait_server ${PID} @@ -102,7 +102,7 @@ for params in $DISALLOWED_PARAMS; do PARAMS=${srcdir}/../doc/credentials/dhparams/${params}.pem eval "${GETPORT}" - launch_server $$ ${OPTS} --x509keyfile ${KEY1} --x509certfile ${CERT1} --dhparams ${PARAMS} + launch_server ${OPTS} --x509keyfile ${KEY1} --x509certfile ${CERT1} --dhparams ${PARAMS} PID=$! wait_server ${PID} diff --git a/tests/fastopen.sh b/tests/fastopen.sh index 95cbff267b..23a474e245 100755 --- a/tests/fastopen.sh +++ b/tests/fastopen.sh @@ -53,7 +53,7 @@ CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem CA1=${srcdir}/../doc/credentials/x509/ca.pem eval "${GETPORT}" -launch_server $$ --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} diff --git a/tests/gnutls-cli-debug.sh b/tests/gnutls-cli-debug.sh index ab81275972..a73910dea6 100755 --- a/tests/gnutls-cli-debug.sh +++ b/tests/gnutls-cli-debug.sh @@ -66,7 +66,7 @@ TMPFILE=outcert.$$.tmp echo "Checking output of gnutls-cli-debug for TLS1.1 and TLS1.2 server" eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.1" --x509keyfile ${KEY1} --x509certfile ${CERT1} \ +launch_server --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.1" --x509keyfile ${KEY1} --x509certfile ${CERT1} \ --x509keyfile ${KEY2} --x509certfile ${CERT2} --x509keyfile ${KEY3} --x509certfile ${CERT3} >/dev/null 2>&1 PID=$! wait_server ${PID} @@ -113,7 +113,7 @@ echo "" echo "Checking output of gnutls-cli-debug for TLS1.3 and TLS1.2 server" eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2" --x509keyfile ${KEY1} --x509certfile ${CERT1} \ +launch_server --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2" --x509keyfile ${KEY1} --x509certfile ${CERT1} \ --x509keyfile ${KEY2} --x509certfile ${CERT2} --x509keyfile ${KEY3} --x509certfile ${CERT3} >/dev/null 2>&1 PID=$! wait_server ${PID} @@ -155,7 +155,7 @@ echo "" echo "Checking output of gnutls-cli-debug for small records and no RSA" eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:-RSA:%ALLOW_SMALL_RECORDS" --x509keyfile ${KEY1} --x509certfile ${CERT1} \ +launch_server --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:-RSA:%ALLOW_SMALL_RECORDS" --x509keyfile ${KEY1} --x509certfile ${CERT1} \ --x509keyfile ${KEY2} --x509certfile ${CERT2} --x509keyfile ${KEY3} --x509certfile ${CERT3} --recordsize=64 >/dev/null 2>&1 PID=$! wait_server ${PID} @@ -173,7 +173,7 @@ check_text "for RSA key exchange support... no" echo "" echo "Checking output of gnutls-cli-debug when algorithms are disabled" eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2" --x509keyfile ${KEY1} --x509certfile ${CERT1} \ +launch_server --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2" --x509keyfile ${KEY1} --x509certfile ${CERT1} \ --x509keyfile ${KEY2} --x509certfile ${CERT2} --x509keyfile ${KEY3} --x509certfile ${CERT3} >/dev/null 2>&1 PID=$! wait_server ${PID} @@ -207,7 +207,7 @@ if test "${ENABLE_GOST}" = "1" && test "${GNUTLS_FORCE_FIPS_MODE}" != 1 ; then echo "Checking output of gnutls-cli-debug for GOST-enabled server" eval "${GETPORT}" - launch_server $$ --echo --priority "NORMAL:+GOST" --x509keyfile ${KEY4} --x509certfile ${CERT4} >/dev/null 2>&1 + launch_server --echo --priority "NORMAL:+GOST" --x509keyfile ${KEY4} --x509certfile ${CERT4} >/dev/null 2>&1 PID=$! wait_server ${PID} diff --git a/tests/gnutls-cli-invalid-crl.sh b/tests/gnutls-cli-invalid-crl.sh index 8f1ea8ae75..32e72630f7 100755 --- a/tests/gnutls-cli-invalid-crl.sh +++ b/tests/gnutls-cli-invalid-crl.sh @@ -164,7 +164,7 @@ FQj9tqRIMQZIer3gaURWG8OZfntCAvtlSSwc1PjwLBXO9ZvNBw== __EOF__ eval "${GETPORT}" -launch_server $$ --echo --x509keyfile ${TMPFILE} --x509certfile ${TMPFILE} +launch_server --echo --x509keyfile ${TMPFILE} --x509certfile ${TMPFILE} PID=$! wait_server ${PID} diff --git a/tests/gnutls-cli-rawpk.sh b/tests/gnutls-cli-rawpk.sh index 56f30c68aa..90fde68c46 100755 --- a/tests/gnutls-cli-rawpk.sh +++ b/tests/gnutls-cli-rawpk.sh @@ -186,7 +186,7 @@ cleanup() echo " * testing server X.509, client RAW" eval "${GETPORT}" -launch_server $$ --echo --x509keyfile ${CERTFILE1} --x509certfile ${CERTFILE1} --priority NORMAL:-CTYPE-CLI-ALL:+CTYPE-CLI-RAWPK --require-client-cert +launch_server --echo --x509keyfile ${CERTFILE1} --x509certfile ${CERTFILE1} --priority NORMAL:-CTYPE-CLI-ALL:+CTYPE-CLI-RAWPK --require-client-cert PID=$! wait_server ${PID} @@ -216,7 +216,7 @@ wait echo " * testing server RAW, client none" eval "${GETPORT}" -launch_server $$ --echo --rawpkkeyfile ${CERTFILE2} --rawpkfile ${CERTFILE2} --priority NORMAL:+CTYPE-SRV-RAWPK +launch_server --echo --rawpkkeyfile ${CERTFILE2} --rawpkfile ${CERTFILE2} --priority NORMAL:+CTYPE-SRV-RAWPK PID=$! wait_server ${PID} @@ -247,7 +247,7 @@ wait echo " * testing server RAW, client RAW" eval "${GETPORT}" -launch_server $$ --echo --rawpkkeyfile ${CERTFILE2} --rawpkfile ${CERTFILE2} --priority NORMAL:+CTYPE-SRV-RAWPK:-CTYPE-CLI-ALL:+CTYPE-CLI-RAWPK --require-client-cert +launch_server --echo --rawpkkeyfile ${CERTFILE2} --rawpkfile ${CERTFILE2} --priority NORMAL:+CTYPE-SRV-RAWPK:-CTYPE-CLI-ALL:+CTYPE-CLI-RAWPK --require-client-cert PID=$! wait_server ${PID} @@ -279,7 +279,7 @@ wait echo " * testing server X.509+RAW, client none" eval "${GETPORT}" -launch_server $$ --echo --x509keyfile ${CERTFILE1} --x509certfile ${CERTFILE1} --rawpkkeyfile ${CERTFILE2} --rawpkfile ${CERTFILE2} --priority NORMAL:+CTYPE-SRV-RAWPK +launch_server --echo --x509keyfile ${CERTFILE1} --x509certfile ${CERTFILE1} --rawpkkeyfile ${CERTFILE2} --rawpkfile ${CERTFILE2} --priority NORMAL:+CTYPE-SRV-RAWPK PID=$! wait_server ${PID} diff --git a/tests/gnutls-cli-resume.sh b/tests/gnutls-cli-resume.sh index e46eb45507..bd33ff01d2 100755 --- a/tests/gnutls-cli-resume.sh +++ b/tests/gnutls-cli-resume.sh @@ -45,7 +45,7 @@ KEY1=${srcdir}/../doc/credentials/x509/key-rsa.pem CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem eval "${GETPORT}" -launch_server $$ --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} diff --git a/tests/gnutls-cli-save-data.sh b/tests/gnutls-cli-save-data.sh index d9df2b6d6a..785d907d8f 100755 --- a/tests/gnutls-cli-save-data.sh +++ b/tests/gnutls-cli-save-data.sh @@ -56,7 +56,7 @@ TMPFILE1=save-data1.$$.tmp TMPFILE2=save-data2.$$.tmp eval "${GETPORT}" -launch_server $$ --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} --ocsp-response=${OCSP1} --ignore-ocsp-response-errors -d 6 +launch_server --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} --ocsp-response=${OCSP1} --ignore-ocsp-response-errors -d 6 PID=$! wait_server ${PID} diff --git a/tests/gnutls-cli-self-signed.sh b/tests/gnutls-cli-self-signed.sh index d68b64d80c..8fd7ea9e47 100755 --- a/tests/gnutls-cli-self-signed.sh +++ b/tests/gnutls-cli-self-signed.sh @@ -119,7 +119,7 @@ i2yISkQxkJZp8sTwSlIGZSBpuZcDq9AdUjan1WhGgl4hpHpjr3Y= __EOF__ eval "${GETPORT}" -launch_server $$ --echo --x509keyfile ${TMPFILE} --x509certfile ${TMPFILE} +launch_server --echo --x509keyfile ${TMPFILE} --x509certfile ${TMPFILE} PID=$! wait_server ${PID} diff --git a/tests/logfile-option.sh b/tests/logfile-option.sh index 869d22c837..e0086dc821 100755 --- a/tests/logfile-option.sh +++ b/tests/logfile-option.sh @@ -59,7 +59,7 @@ TMPFILE2=save-data2.$$.tmp OPTS="--sni-hostname example.com --verify-hostname example.com" eval "${GETPORT}" -launch_server $$ --echo --priority NORMAL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=${PSK} +launch_server --echo --priority NORMAL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=${PSK} PID=$! wait_server ${PID} @@ -86,7 +86,7 @@ fi rm -f ${TMPFILE1} ${TMPFILE2} eval "${GETPORT}" -launch_server $$ --echo --priority NORMAL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=${PSK} +launch_server --echo --priority NORMAL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=${PSK} PID=$! wait_server ${PID} @@ -115,7 +115,7 @@ rm -f ${TMPFILE1} ${TMPFILE2} echo "x509 functionality test" eval "${GETPORT}" -launch_server $$ --echo --sni-hostname-fatal --sni-hostname example.com --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --sni-hostname-fatal --sni-hostname example.com --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} @@ -141,7 +141,7 @@ fi rm -f ${TMPFILE1} ${TMPFILE2} eval "${GETPORT}" -launch_server $$ --echo --sni-hostname-fatal --sni-hostname example.com --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --sni-hostname-fatal --sni-hostname example.com --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} diff --git a/tests/ocsp-tests/ocsp-must-staple-connection b/tests/ocsp-tests/ocsp-must-staple-connection index ebf54165c6..da8bc6a6a1 100755 --- a/tests/ocsp-tests/ocsp-must-staple-connection +++ b/tests/ocsp-tests/ocsp-must-staple-connection @@ -130,7 +130,7 @@ cp "${srcdir}/ocsp-tests/certs/ocsp_index.txt.attr" ${ATTRFILE} # if started repeatedly in a short time, probably a lack of # SO_REUSEADDR usage. PORT=${OCSP_PORT} -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${OPENSSL}" ocsp -index "${INDEXFILE}" -text \ -port "${OCSP_PORT}" \ @@ -171,7 +171,7 @@ fi echo "=== Test 1: Server with valid certificate - no staple ===" PORT=${TLS_SERVER_PORT} -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${GNUTLS_SERV}" --echo --disable-client-cert \ --x509keyfile="${srcdir}/ocsp-tests/certs/server_good.key" \ @@ -203,7 +203,7 @@ eval "${GETPORT}" # Port for gnutls-serv TLS_SERVER_PORT=$PORT PORT=${TLS_SERVER_PORT} -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${GNUTLS_SERV}" --echo --disable-client-cert \ --x509keyfile="${srcdir}/ocsp-tests/certs/server_good.key" \ @@ -238,7 +238,7 @@ eval "${GETPORT}" # Port for gnutls-serv TLS_SERVER_PORT=$PORT PORT=${TLS_SERVER_PORT} -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${GNUTLS_SERV}" --echo --disable-client-cert \ --x509keyfile="${srcdir}/ocsp-tests/certs/server_good.key" \ @@ -274,7 +274,7 @@ eval "${GETPORT}" # Port for gnutls-serv TLS_SERVER_PORT=$PORT PORT=${TLS_SERVER_PORT} -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${GNUTLS_SERV}" --echo --disable-client-cert \ --x509keyfile="${srcdir}/ocsp-tests/certs/server_good.key" \ @@ -332,7 +332,7 @@ fi echo "=== Test 5.1: Server with valid certificate - expired staple (ignoring errors) ===" -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${GNUTLS_SERV}" --echo --disable-client-cert \ --x509keyfile="${srcdir}/ocsp-tests/certs/server_good.key" \ @@ -376,7 +376,7 @@ eval "${GETPORT}" # Port for gnutls-serv TLS_SERVER_PORT=$PORT PORT=${TLS_SERVER_PORT} -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${GNUTLS_SERV}" --echo --disable-client-cert \ --x509keyfile="${srcdir}/ocsp-tests/certs/server_good.key" \ @@ -409,7 +409,7 @@ eval "${GETPORT}" # Port for gnutls-serv TLS_SERVER_PORT=$PORT PORT=${TLS_SERVER_PORT} -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${GNUTLS_SERV}" --echo --disable-client-cert \ --x509keyfile="${srcdir}/ocsp-tests/certs/server_good.key" \ @@ -442,7 +442,7 @@ eval "${GETPORT}" # Port for gnutls-serv TLS_SERVER_PORT=$PORT PORT=${TLS_SERVER_PORT} -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${GNUTLS_SERV}" --echo --disable-client-cert \ --x509keyfile="${srcdir}/ocsp-tests/certs/server_good.key" \ @@ -475,7 +475,7 @@ eval "${GETPORT}" # Port for gnutls-serv TLS_SERVER_PORT=$PORT PORT=${TLS_SERVER_PORT} -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${GNUTLS_SERV}" --echo --disable-client-cert \ --x509keyfile="${srcdir}/ocsp-tests/certs/server_good.key" \ diff --git a/tests/ocsp-tests/ocsp-tls-connection b/tests/ocsp-tests/ocsp-tls-connection index 8d5b176bc7..1a0ec35b9d 100755 --- a/tests/ocsp-tests/ocsp-tls-connection +++ b/tests/ocsp-tests/ocsp-tls-connection @@ -112,7 +112,7 @@ echo "=== Bringing OCSP server up ===" # if started repeatedly in a short time, probably a lack of # SO_REUSEADDR usage. PORT=${OCSP_PORT} -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${OPENSSL}" ocsp -index "${srcdir}/ocsp-tests/certs/ocsp_index.txt" -text \ -port "${OCSP_PORT}" \ @@ -150,7 +150,7 @@ fi echo "=== Test 1: Server with valid certificate ===" PORT=${TLS_SERVER_PORT} -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${GNUTLS_SERV}" --echo --disable-client-cert \ --x509keyfile="${srcdir}/ocsp-tests/certs/server_good.key" \ @@ -195,7 +195,7 @@ echo "=== Test 2: Server with revoked certificate ===" eval "${GETPORT}" TLS_SERVER_PORT=$PORT -launch_bare_server $$ \ +launch_bare_server \ datefudge "${TESTDATE}" \ "${GNUTLS_SERV}" --echo --disable-client-cert \ --x509keyfile="${srcdir}/ocsp-tests/certs/server_bad.key" \ diff --git a/tests/profile-tests.sh b/tests/profile-tests.sh index 3c50a1628a..42ac25cfcb 100755 --- a/tests/profile-tests.sh +++ b/tests/profile-tests.sh @@ -81,7 +81,7 @@ _EOF_ KEY="${CERT}" eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL" --x509keyfile ${KEY} --x509certfile ${CERT} +launch_server --echo --priority "NORMAL" --x509keyfile ${KEY} --x509certfile ${CERT} PID=$! wait_server ${PID} @@ -145,7 +145,7 @@ _EOF_ KEY="${CERT}" eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL" --x509keyfile ${KEY} --x509certfile ${CERT} +launch_server --echo --priority "NORMAL" --x509keyfile ${KEY} --x509certfile ${CERT} PID=$! wait_server ${PID} @@ -213,7 +213,7 @@ _EOF_ KEY="${CERT}" eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL" --x509keyfile ${KEY} --x509certfile ${CERT} +launch_server --echo --priority "NORMAL" --x509keyfile ${KEY} --x509certfile ${CERT} PID=$! wait_server ${PID} diff --git a/tests/scripts/common.sh b/tests/scripts/common.sh index 3229510385..4a4add6493 100644 --- a/tests/scripts/common.sh +++ b/tests/scripts/common.sh @@ -161,16 +161,11 @@ wait_for_free_port() } launch_server() { - PARENT="$1" - shift - wait_for_free_port ${PORT} ${SERV} ${DEBUG} -p "${PORT}" "$@" >${LOGFILE-/dev/null} & } launch_pkcs11_server() { - PARENT="$1" - shift PROVIDER="$1" shift @@ -180,9 +175,6 @@ launch_pkcs11_server() { } launch_bare_server() { - PARENT="$1" - shift - wait_for_free_port ${PORT} ${SERV} "$@" >${LOGFILE-/dev/null} & } diff --git a/tests/serv-udp.sh b/tests/serv-udp.sh index b66db19cd8..bccc34c816 100755 --- a/tests/serv-udp.sh +++ b/tests/serv-udp.sh @@ -52,7 +52,7 @@ KEY1=${srcdir}/../doc/credentials/x509/key-rsa.pem CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem eval "${GETPORT}" -launch_server $$ --x509keyfile ${KEY1} --x509certfile ${CERT1} --udp -d 2 +launch_server --x509keyfile ${KEY1} --x509certfile ${CERT1} --udp -d 2 PID=$! wait_udp_server $PID diff --git a/tests/server-multi-keys.sh b/tests/server-multi-keys.sh index cf34f514d1..9dd6a6adfe 100755 --- a/tests/server-multi-keys.sh +++ b/tests/server-multi-keys.sh @@ -60,7 +60,7 @@ CAFILE=${srcdir}/../doc/credentials/x509/ca.pem TMPFILE=outcert.$$.tmp eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA" --x509keyfile ${KEY1} --x509certfile ${CERT1} \ +launch_server --echo --priority "NORMAL:+ECDHE-RSA:+ECDHE-ECDSA" --x509keyfile ${KEY1} --x509certfile ${CERT1} \ --x509keyfile ${KEY2} --x509certfile ${CERT2} --x509keyfile ${KEY3} --x509certfile ${CERT3} PID=$! wait_server ${PID} diff --git a/tests/server-weak-keys.sh b/tests/server-weak-keys.sh index a1135b4560..89b134c72a 100755 --- a/tests/server-weak-keys.sh +++ b/tests/server-weak-keys.sh @@ -54,7 +54,7 @@ KEY1=${srcdir}/certs/rsa-512.pem CERT1=${srcdir}/certs/rsa-512.pem eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL" --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --priority "NORMAL" --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} diff --git a/tests/sni-hostname.sh b/tests/sni-hostname.sh index ae72f10670..b8100d9d6d 100755 --- a/tests/sni-hostname.sh +++ b/tests/sni-hostname.sh @@ -55,7 +55,7 @@ OPTS="--sni-hostname example.com --verify-hostname example.com" NOOPTS="--sni-hostname noexample.com --verify-hostname example.com" eval "${GETPORT}" -launch_server $$ --echo --sni-hostname-fatal --sni-hostname example.com --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --sni-hostname-fatal --sni-hostname example.com --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} diff --git a/tests/sni-resume.sh b/tests/sni-resume.sh index 717199c7e5..7f2fd0132d 100755 --- a/tests/sni-resume.sh +++ b/tests/sni-resume.sh @@ -52,7 +52,7 @@ echo "Checking if the SNI extension is parsed in gnutls-serv during" \ TMPFILE="servoutput.$$.tmp" eval "${GETPORT}" -launch_server $$ --echo --priority ${PRIORITY} --sni-hostname-fatal \ +launch_server --echo --priority ${PRIORITY} --sni-hostname-fatal \ --sni-hostname server.example.com --noticket 2>${TMPFILE} PID=$! wait_server ${PID} diff --git a/tests/starttls.sh b/tests/starttls.sh index 77016687fa..ed9be413ec 100755 --- a/tests/starttls.sh +++ b/tests/starttls.sh @@ -33,7 +33,7 @@ SERV="${SERV} -q" echo "Checking STARTTLS" eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL:+ANON-ECDH" +launch_server --echo --priority "NORMAL:+ANON-ECDH" PID=$! wait_server ${PID} diff --git a/tests/suite/eagain.sh b/tests/suite/eagain.sh index d2a4365b1d..1b41ae482f 100755 --- a/tests/suite/eagain.sh +++ b/tests/suite/eagain.sh @@ -36,7 +36,7 @@ eval "${GETPORT}" KEY1=${srcdir}/../../doc/credentials/x509/key-rsa.pem CERT1=${srcdir}/../../doc/credentials/x509/cert-rsa.pem -launch_server $$ --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} diff --git a/tests/suite/testcompat-main-openssl b/tests/suite/testcompat-main-openssl index 09cca54a55..41a6965fa5 100755 --- a/tests/suite/testcompat-main-openssl +++ b/tests/suite/testcompat-main-openssl @@ -128,7 +128,7 @@ HAVE_NOT_SSL3=$? if test $HAVE_NOT_SSL3 = 0;then eval "${GETPORT}" - launch_bare_server $$ s_server -cipher ALL -quiet -www -accept "${PORT}" -keyform pem -certform pem -ssl3 -key "${RSA_KEY}" -cert "${RSA_CERT}" >/dev/null 2>&1 + launch_bare_server s_server -cipher ALL -quiet -www -accept "${PORT}" -keyform pem -certform pem -ssl3 -key "${RSA_KEY}" -cert "${RSA_CERT}" >/dev/null 2>&1 PID=$! wait_server ${PID} @@ -156,7 +156,7 @@ run_client_suite() { # It seems debian disabled SSL 3.0 completely on openssl eval "${GETPORT}" - launch_bare_server $$ s_server -cipher ALL -sigalgs "$SIGALGS" -quiet -www -accept "${PORT}" -keyform pem -certform pem -ssl3 ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null + launch_bare_server s_server -cipher ALL -sigalgs "$SIGALGS" -quiet -www -accept "${PORT}" -keyform pem -certform pem -ssl3 ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null PID=$! wait_server ${PID} @@ -182,7 +182,7 @@ run_client_suite() { if test "${NO_RC4}" != 1; then eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -ssl3 ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -cipher RC4-MD5 >/dev/null + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -ssl3 ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -cipher RC4-MD5 >/dev/null PID=$! wait_server ${PID} @@ -198,7 +198,7 @@ run_client_suite() { if test "${NO_NULL}" = 0; then #-cipher RSA-NULL eval "${GETPORT}" - launch_bare_server $$ s_server -cipher NULL-SHA -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" >/dev/null + launch_bare_server s_server -cipher NULL-SHA -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" >/dev/null PID=$! wait_server ${PID} @@ -213,7 +213,7 @@ run_client_suite() { #-cipher RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA eval "${GETPORT}" - launch_bare_server $$ s_server -cipher "ALL:@SECLEVEL=1" -sigalgs "$SIGALGS" -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null + launch_bare_server s_server -cipher "ALL:@SECLEVEL=1" -sigalgs "$SIGALGS" -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1 ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null PID=$! wait_server ${PID} @@ -264,7 +264,7 @@ run_client_suite() { if test "${FIPS_CURVES}" != 1 && test "${NO_PRIME192v1}" != 1; then eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -cipher 'DEFAULT:@SECLEVEL=1' -tls1 -key "${RSA_KEY}" -cert "${RSA_CERT}" -named_curve prime192v1 -CAfile "${CA_CERT}" >/dev/null + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -cipher 'DEFAULT:@SECLEVEL=1' -tls1 -key "${RSA_KEY}" -cert "${RSA_CERT}" -named_curve prime192v1 -CAfile "${CA_CERT}" >/dev/null PID=$! wait_server ${PID} @@ -278,7 +278,7 @@ run_client_suite() { #-cipher ECDHE-ECDSA-AES128-SHA eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -cipher 'DEFAULT:@SECLEVEL=1' -tls1 -key "${ECC224_KEY}" -cert "${ECC224_CERT}" -Verify 1 -named_curve secp224r1 -CAfile "${CA_ECC_CERT}" >/dev/null + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -cipher 'DEFAULT:@SECLEVEL=1' -tls1 -key "${ECC224_KEY}" -cert "${ECC224_CERT}" -Verify 1 -named_curve secp224r1 -CAfile "${CA_ECC_CERT}" >/dev/null PID=$! wait_server ${PID} @@ -293,7 +293,7 @@ run_client_suite() { #-cipher ECDHE-ECDSA-AES128-SHA eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -cipher 'DEFAULT:@SECLEVEL=1' -tls1 -key "${ECC384_KEY}" -cert "${ECC384_CERT}" -Verify 1 -named_curve secp384r1 -CAfile "${CA_ECC_CERT}" >/dev/null + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -cipher 'DEFAULT:@SECLEVEL=1' -tls1 -key "${ECC384_KEY}" -cert "${ECC384_CERT}" -Verify 1 -named_curve secp384r1 -CAfile "${CA_ECC_CERT}" >/dev/null PID=$! wait_server ${PID} @@ -307,7 +307,7 @@ run_client_suite() { #-cipher ECDHE-ECDSA-AES128-SHA eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -cipher 'DEFAULT:@SECLEVEL=1' -tls1 -key "${ECC521_KEY}" -cert "${ECC521_CERT}" -Verify 1 -named_curve secp521r1 -CAfile "${CA_ECC_CERT}" >/dev/null + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -cipher 'DEFAULT:@SECLEVEL=1' -tls1 -key "${ECC521_KEY}" -cert "${ECC521_CERT}" -Verify 1 -named_curve secp521r1 -CAfile "${CA_ECC_CERT}" >/dev/null PID=$! wait_server ${PID} @@ -321,7 +321,7 @@ run_client_suite() { #-cipher PSK eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -tls1 -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -cipher 'PSK:@SECLEVEL=1' -psk 9e32cf7786321a828ef7668f09fb35db >/dev/null + launch_bare_server s_server -quiet -www -accept "${PORT}" -tls1 -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -cipher 'PSK:@SECLEVEL=1' -psk 9e32cf7786321a828ef7668f09fb35db >/dev/null PID=$! wait_server ${PID} @@ -336,7 +336,7 @@ run_client_suite() { # Tests requiring openssl 1.0.1 - TLS 1.2 #-cipher RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA eval "${GETPORT}" - launch_bare_server $$ s_server -cipher 'ALL:@SECLEVEL=1' -sigalgs "$SIGALGS" -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null + launch_bare_server s_server -cipher 'ALL:@SECLEVEL=1' -sigalgs "$SIGALGS" -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null PID=$! wait_server ${PID} @@ -367,7 +367,7 @@ run_client_suite() { if test "${HAVE_X25519}" = 0; then eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${RSA_KEY}" -cert "${RSA_CERT}" -curves X25519 -CAfile "${CA_CERT}" >/dev/null + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${RSA_KEY}" -cert "${RSA_CERT}" -curves X25519 -CAfile "${CA_CERT}" >/dev/null PID=$! wait_server ${PID} @@ -382,7 +382,7 @@ run_client_suite() { if test "${FIPS_CURVES}" != 1; then #-cipher ECDHE-ECDSA-AES128-SHA eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${ECC224_KEY}" -cert "${ECC224_CERT}" -Verify 1 -named_curve secp224r1 -CAfile "${CA_ECC_CERT}" >/dev/null + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${ECC224_KEY}" -cert "${ECC224_CERT}" -Verify 1 -named_curve secp224r1 -CAfile "${CA_ECC_CERT}" >/dev/null PID=$! wait_server ${PID} @@ -396,7 +396,7 @@ run_client_suite() { #-cipher ECDHE-ECDSA-AES128-SHA eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${ECC384_KEY}" -cert "${ECC384_CERT}" -Verify 1 -named_curve secp384r1 -CAfile "${CA_ECC_CERT}" >/dev/null + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${ECC384_KEY}" -cert "${ECC384_CERT}" -Verify 1 -named_curve secp384r1 -CAfile "${CA_ECC_CERT}" >/dev/null PID=$! wait_server ${PID} @@ -410,7 +410,7 @@ run_client_suite() { if test "${FIPS_CURVES}" != 1; then #-cipher ECDHE-ECDSA-AES128-SHA eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${ECC521_KEY}" -cert "${ECC521_CERT}" -Verify 1 -named_curve secp521r1 -CAfile "${CA_ECC_CERT}" >/dev/null + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem -tls1_2 -key "${ECC521_KEY}" -cert "${ECC521_CERT}" -Verify 1 -named_curve secp521r1 -CAfile "${CA_ECC_CERT}" >/dev/null PID=$! wait_server ${PID} @@ -425,7 +425,7 @@ run_client_suite() { #-cipher PSK eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -tls1_2 -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -cipher PSK -psk 9e32cf7786321a828ef7668f09fb35db >/dev/null + launch_bare_server s_server -quiet -www -accept "${PORT}" -tls1_2 -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -cipher PSK -psk 9e32cf7786321a828ef7668f09fb35db >/dev/null PID=$! wait_server ${PID} @@ -437,7 +437,7 @@ run_client_suite() { wait eval "${GETPORT}" - launch_bare_server $$ s_server -cipher 'ALL:@SECLEVEL=1' -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1 -timeout ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null + launch_bare_server s_server -cipher 'ALL:@SECLEVEL=1' -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1 -timeout ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null PID=$! wait_udp_server ${PID} @@ -450,7 +450,7 @@ run_client_suite() { wait eval "${GETPORT}" - launch_bare_server $$ s_server -cipher 'ALL:@SECLEVEL=1' -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1 -timeout ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null + launch_bare_server s_server -cipher 'ALL:@SECLEVEL=1' -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1 -timeout ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null PID=$! wait_udp_server ${PID} @@ -464,7 +464,7 @@ run_client_suite() { if test "${NO_DSS}" = 0; then eval "${GETPORT}" - launch_bare_server $$ s_server -cipher "ALL:@SECLEVEL=1" -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1 -timeout ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null + launch_bare_server s_server -cipher "ALL:@SECLEVEL=1" -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1 -timeout ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null PID=$! wait_udp_server ${PID} @@ -478,7 +478,7 @@ run_client_suite() { fi eval "${GETPORT}" - launch_bare_server $$ s_server -cipher 'ALL:@SECLEVEL=1' -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1_2 -timeout ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null + launch_bare_server s_server -cipher 'ALL:@SECLEVEL=1' -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1_2 -timeout ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" ${DSA_PARAMS} -Verify 1 -CAfile "${CA_CERT}" >/dev/null PID=$! wait_udp_server ${PID} @@ -490,7 +490,7 @@ run_client_suite() { wait eval "${GETPORT}" - launch_bare_server $$ s_server -cipher ALL -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1_2 -timeout ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" >/dev/null + launch_bare_server s_server -cipher ALL -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1_2 -timeout ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" >/dev/null PID=$! wait_udp_server ${PID} @@ -503,7 +503,7 @@ run_client_suite() { wait eval "${GETPORT}" - launch_bare_server $$ s_server -cipher ALL -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1_2 -timeout ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" >/dev/null + launch_bare_server s_server -cipher ALL -quiet -accept "${PORT}" -keyform pem -certform pem -dtls1_2 -timeout ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" >/dev/null PID=$! wait_udp_server ${PID} @@ -546,7 +546,7 @@ run_server_suite() { echo "${PREFIX}Check SSL 3.0 with RSA ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+MD5:+ARCFOUR-128:+3DES-CBC:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+MD5:+ARCFOUR-128:+3DES-CBC:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -564,7 +564,7 @@ run_server_suite() { echo "${PREFIX}Check SSL 3.0 with DHE-RSA ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+3DES-CBC:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+CIPHER-ALL:+3DES-CBC:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -577,7 +577,7 @@ run_server_suite() { if test "${NO_DSS}" = 0; then echo "${PREFIX}Check SSL 3.0 with DHE-DSS ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+3DES-CBC:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+CIPHER-ALL:+3DES-CBC:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-SSL3.0:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -593,7 +593,7 @@ run_server_suite() { # This test was disabled because it doesn't work as expected with openssl 1.0.0d #echo "${PREFIX}Check TLS 1.0 with RSA ciphersuite (SSLv2 hello)" - #launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + #launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" #PID=$! #wait_server ${PID} # @@ -606,7 +606,7 @@ run_server_suite() { if test "${NO_NULL}" = 0; then echo "${PREFIX}Check TLS 1.0 with RSA-NULL ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+NULL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+NULL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -619,7 +619,7 @@ run_server_suite() { echo "${PREFIX}Check TLS 1.0 with DHE-RSA ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -632,7 +632,7 @@ run_server_suite() { if test "${NO_DSS}" = 0; then echo "${PREFIX}Check TLS 1.0 with DHE-DSS ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -645,7 +645,7 @@ run_server_suite() { echo "${PREFIX}Check TLS 1.0 with ECDHE-RSA ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -659,7 +659,7 @@ run_server_suite() { if test "${FIPS_CURVES}" != 1; then echo "${PREFIX}Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP224R1)" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-SECP224R1:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-SECP224R1:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -673,7 +673,7 @@ run_server_suite() { echo "${PREFIX}Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP256R1)" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -686,7 +686,7 @@ run_server_suite() { echo "${PREFIX}Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP384R1)" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -700,7 +700,7 @@ run_server_suite() { if test "${FIPS_CURVES}" != 1; then echo "${PREFIX}Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP521R1)" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -714,7 +714,7 @@ run_server_suite() { echo "${PREFIX}Check TLS 1.0 with PSK ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -729,7 +729,7 @@ run_server_suite() { # test resumption echo "${PREFIX}Check TLS 1.2 with resumption" eval "${GETPORT}" - launch_server $$ --priority "NORMAL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NORMAL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -741,7 +741,7 @@ run_server_suite() { echo "${PREFIX}Check TLS 1.2 with DHE-RSA ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -754,7 +754,7 @@ run_server_suite() { if test "${NO_DSS}" = 0; then echo "${PREFIX}Check TLS 1.2 with DHE-DSS ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+CIPHER-ALL:%VERIFY_ALLOW_SIGN_WITH_SHA1:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -767,7 +767,7 @@ run_server_suite() { echo "${PREFIX}Check TLS 1.2 with ECDHE-RSA ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -781,7 +781,7 @@ run_server_suite() { if test "${HAVE_X22519}" = 0; then echo "${PREFIX}Check TLS 1.2 with ECDHE-RSA ciphersuite (X25519)" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-RSA:+CURVE-X25519${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-RSA:+CURVE-X25519${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -795,7 +795,7 @@ run_server_suite() { if test "${FIPS_CURVES}" != 1; then echo "${PREFIX}Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP224R1)" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-SECP224R1:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-SECP224R1:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -809,7 +809,7 @@ run_server_suite() { echo "${PREFIX}Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP256R1)" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -822,7 +822,7 @@ run_server_suite() { echo "${PREFIX}Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP384R1)" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -836,7 +836,7 @@ run_server_suite() { if test "${FIPS_CURVES}" != 1; then echo "${PREFIX}Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP521R1)" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -850,7 +850,7 @@ run_server_suite() { echo "${PREFIX}Check TLS 1.2 with PSK ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -866,7 +866,7 @@ run_server_suite() { # DTLS echo "${PREFIX}Check DTLS 1.0 with RSA ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_udp_server ${PID} @@ -879,7 +879,7 @@ run_server_suite() { echo "${PREFIX}Check DTLS 1.0 with DHE-RSA ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_udp_server ${PID} @@ -893,7 +893,7 @@ run_server_suite() { if test "${NO_DSS}" = 0; then echo "${PREFIX}Check DTLS 1.0 with DHE-DSS ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --udp --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.0:+DHE-DSS:+SIGN-DSA-SHA1:+SIGN-DSA-SHA256${ADD}" --udp --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${DH_PARAMS}" PID=$! wait_udp_server ${PID} @@ -907,7 +907,7 @@ run_server_suite() { echo "${PREFIX}Check DTLS 1.2 with AES-CBC" eval "${GETPORT}" - launch_server $$ --priority "NONE:+AES-128-CBC:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.2:+RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+AES-128-CBC:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.2:+RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_udp_server ${PID} @@ -919,7 +919,7 @@ run_server_suite() { echo "${PREFIX}Check DTLS 1.2 with RSA ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.2:+RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.2:+RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_udp_server ${PID} @@ -932,7 +932,7 @@ run_server_suite() { echo "${PREFIX}Check DTLS 1.2 with DHE-RSA ciphersuite" eval "${GETPORT}" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.2:+DHE-RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.2:+DHE-RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_udp_server ${PID} @@ -945,7 +945,7 @@ run_server_suite() { echo "${PREFIX}Check DTLS 1.2 with ECDHE-RSA" eval "${GETPORT}" - launch_server $$ --priority "NONE:+GROUP-ALL:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.2:+ECDHE-RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+GROUP-ALL:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-DTLS1.2:+ECDHE-RSA${ADD}" --udp --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_udp_server ${PID} diff --git a/tests/suite/testcompat-main-polarssl b/tests/suite/testcompat-main-polarssl index a7650e4f42..ba8b7bbb6c 100755 --- a/tests/suite/testcompat-main-polarssl +++ b/tests/suite/testcompat-main-polarssl @@ -102,7 +102,7 @@ run_server_suite() { #TLS 1.0 echo "${PREFIX}Check TLS 1.0 with DHE-RSA ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -113,7 +113,7 @@ run_server_suite() { wait #echo "${PREFIX}Check TLS 1.0 with DHE-DSS ciphersuite" - #launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-DSS${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${DH_PARAMS}" + #launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-DSS${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${DH_PARAMS}" #PID=$! #wait_server ${PID} @@ -125,7 +125,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.0 with ECDHE-RSA ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -138,7 +138,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.0 with PSK ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -151,7 +151,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.0 with DHE-PSK ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -164,7 +164,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.0 with ECDHE-PSK ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -177,7 +177,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.0 with RSA-PSK ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -191,7 +191,7 @@ run_server_suite() { if test ${ALL_CURVES} = 1; then eval "${GETPORT}" echo "${PREFIX}Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP224R1)" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -205,7 +205,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP256R1)" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -218,7 +218,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP384R1)" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -231,7 +231,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.0 with ECDHE-ECDSA ciphersuite (SECP521R1)" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -244,7 +244,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with DHE-RSA ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -256,7 +256,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with CAMELLIA-128-GCM-DHE-RSA ciphersuite" - launch_server $$ --priority "NONE:-CIPHER-ALL:+CAMELLIA-128-GCM:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:-CIPHER-ALL:+CAMELLIA-128-GCM:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -268,7 +268,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with CAMELLIA-256-GCM-DHE-RSA ciphersuite" - launch_server $$ --priority "NONE:-CIPHER-ALL:+CAMELLIA-256-GCM:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:-CIPHER-ALL:+CAMELLIA-256-GCM:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -280,7 +280,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with AES-128-CCM-DHE-RSA ciphersuite" - launch_server $$ --priority "NONE:-CIPHER-ALL:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:-CIPHER-ALL:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -292,7 +292,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with AES-128-CCM-8-DHE-RSA ciphersuite" - launch_server $$ --priority "NONE:-CIPHER-ALL:+AES-128-CCM-8:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NONE:-CIPHER-ALL:+AES-128-CCM-8:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-RSA${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -303,7 +303,7 @@ run_server_suite() { wait #echo "${PREFIX}Check TLS 1.2 with DHE-DSS ciphersuite" - #launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-DSS${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${DH_PARAMS}" + #launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-DSS${ADD}" --x509certfile "${SERV_DSA_CERT}" --x509keyfile "${SERV_DSA_KEY}" --dhparams "${DH_PARAMS}" #PID=$! #wait_server ${PID} # @@ -315,7 +315,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with ECDHE-RSA ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-RSA:+CURVE-ALL${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -329,7 +329,7 @@ run_server_suite() { if test ${ALL_CURVES} = 1; then eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP224R1)" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC224_CERT}" --x509keyfile "${ECC224_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -343,7 +343,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP256R1)" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC256_CERT}" --x509keyfile "${ECC256_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -356,7 +356,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP384R1)" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC384_CERT}" --x509keyfile "${ECC384_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -369,7 +369,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with ECDHE-ECDSA ciphersuite (SECP521R1)" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-ECDSA:+CURVE-ALL${ADD}" --x509certfile "${ECC521_CERT}" --x509keyfile "${ECC521_KEY}" --x509cafile "${CA_ECC_CERT}" PID=$! wait_server ${PID} @@ -382,7 +382,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with PSK ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -395,7 +395,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with DHE-PSK ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+DHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -408,7 +408,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with ECDHE-PSK ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+ECDHE-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} @@ -421,7 +421,7 @@ run_server_suite() { eval "${GETPORT}" echo "${PREFIX}Check TLS 1.2 with RSA-PSK ciphersuite" - launch_server $$ --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+RSA-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" + launch_server --priority "NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.2:+RSA-PSK:+CURVE-ALL${ADD}" --pskpasswd "${SERV_PSK}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" PID=$! wait_server ${PID} diff --git a/tests/suite/testcompat-oldgnutls.sh b/tests/suite/testcompat-oldgnutls.sh index f2e405aa06..b8700a7300 100755 --- a/tests/suite/testcompat-oldgnutls.sh +++ b/tests/suite/testcompat-oldgnutls.sh @@ -86,7 +86,7 @@ run_client_suite() { fi eval "${GETPORT}" - LD_LIBRARY_PATH=$LDPATH launch_server $$ --priority "NORMAL:+SHA256${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + LD_LIBRARY_PATH=$LDPATH launch_server --priority "NORMAL:+SHA256${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} @@ -150,7 +150,7 @@ run_server_suite() { fi eval "${GETPORT}" - launch_server $$ --priority "NORMAL:+SHA256${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" + launch_server --priority "NORMAL:+SHA256${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" --dhparams "${DH_PARAMS}" PID=$! wait_server ${PID} diff --git a/tests/suite/testcompat-tls13-openssl.sh b/tests/suite/testcompat-tls13-openssl.sh index ef24469b54..fc3d8e0d41 100755 --- a/tests/suite/testcompat-tls13-openssl.sh +++ b/tests/suite/testcompat-tls13-openssl.sh @@ -86,7 +86,7 @@ run_client_suite() { eval "${GETPORT}" - launch_bare_server $$ s_server -ciphersuites ${OCIPHERSUITES} -groups 'X25519:P-256:X448:P-521:P-384' -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" + launch_bare_server s_server -ciphersuites ${OCIPHERSUITES} -groups 'X25519:P-256:X448:P-521:P-384' -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" PID=$! wait_server ${PID} @@ -119,7 +119,7 @@ run_client_suite() { #test PSK ciphersuites # disabled as I do not seem to be able to connect to openssl s_server with PSK eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -psk_identity ${PSKID} -psk ${PSKKEY} -nocert + launch_bare_server s_server -quiet -www -accept "${PORT}" -psk_identity ${PSKID} -psk ${PSKKEY} -nocert PID=$! wait_server ${PID} @@ -141,7 +141,7 @@ run_client_suite() { #test client certificates eval "${GETPORT}" - launch_bare_server $$ s_server -cipher "ALL" -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" >>${OUTPUT} 2>&1 + launch_bare_server s_server -cipher "ALL" -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -Verify 1 -CAfile "${CA_CERT}" >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -168,7 +168,7 @@ run_client_suite() { echo_cmd "${PREFIX}Checking TLS 1.3 with Ed25519 certificate..." eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${ED25519_KEY}" -cert "${ED25519_CERT}" -CAfile "${CA_CERT}" + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${ED25519_KEY}" -cert "${ED25519_CERT}" -CAfile "${CA_CERT}" PID=$! wait_server ${PID} @@ -180,7 +180,7 @@ run_client_suite() { echo_cmd "${PREFIX}Checking TLS 1.3 with Ed448 certificate..." eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${ED448_KEY}" -cert "${ED448_CERT}" -CAfile "${CA_CERT}" + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${ED448_KEY}" -cert "${ED448_CERT}" -CAfile "${CA_CERT}" PID=$! wait_server ${PID} @@ -192,7 +192,7 @@ run_client_suite() { echo_cmd "${PREFIX}Checking TLS 1.3 with secp256r1 certificate..." eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${ECC_KEY}" -cert "${ECC_CERT}" -CAfile "${CA_CERT}" + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${ECC_KEY}" -cert "${ECC_CERT}" -CAfile "${CA_CERT}" PID=$! wait_server ${PID} @@ -204,7 +204,7 @@ run_client_suite() { echo_cmd "${PREFIX}Checking TLS 1.3 with RSA-PSS certificate..." eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_PSS_KEY}" -cert "${RSA_PSS_CERT}" -CAfile "${CA_CERT}" + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_PSS_KEY}" -cert "${RSA_PSS_CERT}" -CAfile "${CA_CERT}" PID=$! wait_server ${PID} @@ -218,7 +218,7 @@ run_client_suite() { echo_cmd "${PREFIX}Checking TLS 1.3 with resumption..." testdir=`create_testdir tls13-openssl-resumption` eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" + launch_bare_server s_server -quiet -www -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" PID=$! wait_server ${PID} @@ -232,7 +232,7 @@ run_client_suite() { # Try resumption with HRR echo_cmd "${PREFIX}Checking TLS 1.3 with resumption and HRR..." eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -www -accept "${PORT}" -groups 'X25519:P-256' -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" + launch_bare_server s_server -quiet -www -accept "${PORT}" -groups 'X25519:P-256' -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" PID=$! wait_server ${PID} @@ -247,7 +247,7 @@ run_client_suite() { echo_cmd "${PREFIX}Checking TLS 1.3 with resumption with early data..." testdir=`create_testdir tls13-openssl-resumption` eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" -early_data + launch_bare_server s_server -quiet -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" -early_data PID=$! wait_server ${PID} @@ -263,7 +263,7 @@ run_client_suite() { echo_cmd "${PREFIX}Checking TLS 1.3 with resumption with early data..." testdir=`create_testdir tls13-openssl-resumption` eval "${GETPORT}" - launch_bare_server $$ s_server -quiet -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" -early_data -max_early_data 1 + launch_bare_server s_server -quiet -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" -early_data -max_early_data 1 PID=$! wait_server ${PID} @@ -282,7 +282,7 @@ run_client_suite() { testdir=`create_testdir tls13-openssl-keymatexport` eval "${GETPORT}" LOGFILE="${testdir}/server.out" - launch_bare_server $$ s_server -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" -keymatexport label -keymatexportlen 20 + launch_bare_server s_server -accept "${PORT}" -keyform pem -certform pem ${OPENSSL_DH_PARAMS_OPT} -key "${RSA_KEY}" -cert "${RSA_CERT}" -CAfile "${CA_CERT}" -keymatexport label -keymatexportlen 20 unset LOGFILE PID=$! wait_server ${PID} @@ -326,7 +326,7 @@ run_server_suite() { echo_cmd "${PREFIX}Checking TLS 1.3 with ${i}..." eval "${GETPORT}" - launch_server $$ --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+${i}${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 + launch_server --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+${i}${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -342,7 +342,7 @@ run_server_suite() { echo_cmd "${PREFIX}Checking TLS 1.3 with ${i}..." eval "${GETPORT}" - launch_server $$ --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+${i}${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 + launch_server --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+${i}${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -355,7 +355,7 @@ run_server_suite() { echo_cmd "${PREFIX}Checking TLS 1.3 with HRR..." eval "${GETPORT}" - launch_server $$ --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 + launch_server --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -389,7 +389,7 @@ _EOF_ # client certificates eval "${GETPORT}" - launch_server $$ --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --require-client-cert --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 + launch_server --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --require-client-cert --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -419,7 +419,7 @@ _EOF_ echo_cmd "${PREFIX}Checking TLS 1.3 with post handshake auth..." eval "${GETPORT}" - launch_server $$ --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 + launch_server --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${SERV_CERT}" --x509keyfile "${SERV_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -460,7 +460,7 @@ _EOF_ echo_cmd "${PREFIX}Checking TLS 1.3 with Ed25519 certificate..." eval "${GETPORT}" - launch_server $$ --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${ED25519_CERT}" --x509keyfile "${ED25519_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 + launch_server --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${ED25519_CERT}" --x509keyfile "${ED25519_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -473,7 +473,7 @@ _EOF_ echo_cmd "${PREFIX}Checking TLS 1.3 with Ed448 certificate..." eval "${GETPORT}" - launch_server $$ --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${ED448_CERT}" --x509keyfile "${ED448_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 + launch_server --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${ED448_CERT}" --x509keyfile "${ED448_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -486,7 +486,7 @@ _EOF_ echo_cmd "${PREFIX}Checking TLS 1.3 with secp256r1 certificate..." eval "${GETPORT}" - launch_server $$ --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${ECC_CERT}" --x509keyfile "${ECC_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 + launch_server --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${ECC_CERT}" --x509keyfile "${ECC_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -499,7 +499,7 @@ _EOF_ echo_cmd "${PREFIX}Checking TLS 1.3 with RSA-PSS certificate..." eval "${GETPORT}" - launch_server $$ --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${RSA_PSS_CERT}" --x509keyfile "${RSA_PSS_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 + launch_server --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${RSA_PSS_CERT}" --x509keyfile "${RSA_PSS_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -515,7 +515,7 @@ _EOF_ echo_cmd "${PREFIX}Checking TLS 1.3 with ${i}..." eval "${GETPORT}" - launch_server $$ --pskpasswd "${SERV_PSK}" --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+${i}${ADD}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 + launch_server --pskpasswd "${SERV_PSK}" --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+${i}${ADD}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -530,7 +530,7 @@ _EOF_ echo_cmd "${PREFIX}Checking TLS 1.3 with resumption..." testdir=`create_testdir tls13-openssl-resumption` eval "${GETPORT}" - launch_server $$ --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${RSA_CERT}" --x509keyfile "${RSA_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 + launch_server --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${RSA_CERT}" --x509keyfile "${RSA_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -548,7 +548,7 @@ _EOF_ echo_cmd "${PREFIX}Checking TLS 1.3 with resumption and HRR..." eval "${GETPORT}" - launch_server $$ --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM:-GROUP-ALL:+GROUP-SECP384R1${ADD}" --x509certfile "${RSA_CERT}" --x509keyfile "${RSA_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 + launch_server --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM:-GROUP-ALL:+GROUP-SECP384R1${ADD}" --x509certfile "${RSA_CERT}" --x509keyfile "${RSA_KEY}" --x509cafile "${CA_CERT}" >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -567,7 +567,7 @@ _EOF_ echo_cmd "${PREFIX}Checking TLS 1.3 with resumption and early data..." testdir=`create_testdir tls13-openssl-resumption` eval "${GETPORT}" - launch_server $$ --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${RSA_CERT}" --x509keyfile "${RSA_KEY}" --x509cafile "${CA_CERT}" --earlydata >>${OUTPUT} 2>&1 + launch_server --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${RSA_CERT}" --x509keyfile "${RSA_KEY}" --x509cafile "${CA_CERT}" --earlydata >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} @@ -587,7 +587,7 @@ _EOF_ echo_cmd "${PREFIX}Checking TLS 1.3 with resumption and early data with small limit..." testdir=`create_testdir tls13-openssl-resumption` eval "${GETPORT}" - launch_server $$ --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${RSA_CERT}" --x509keyfile "${RSA_KEY}" --x509cafile "${CA_CERT}" --earlydata --maxearlydata 1 >>${OUTPUT} 2>&1 + launch_server --priority "NORMAL:-VERS-ALL:+VERS-TLS1.3${ADD}" --x509certfile "${RSA_CERT}" --x509keyfile "${RSA_KEY}" --x509cafile "${CA_CERT}" --earlydata --maxearlydata 1 >>${OUTPUT} 2>&1 PID=$! wait_server ${PID} diff --git a/tests/system-override-curves.sh b/tests/system-override-curves.sh index 5e8cbcef25..b4bcb2517a 100755 --- a/tests/system-override-curves.sh +++ b/tests/system-override-curves.sh @@ -76,7 +76,7 @@ CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem unset GNUTLS_SYSTEM_PRIORITY_FILE eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.3" --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.3" --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} @@ -97,7 +97,7 @@ KEY1=${srcdir}/../doc/credentials/x509/key-rsa.pem CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL" --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --priority "NORMAL" --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} diff --git a/tests/system-override-default-priority-string.sh b/tests/system-override-default-priority-string.sh index 9af06ce0a7..da262c8542 100755 --- a/tests/system-override-default-priority-string.sh +++ b/tests/system-override-default-priority-string.sh @@ -48,7 +48,7 @@ CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem # Try whether a client connection with priority string None succeeds export GNUTLS_SYSTEM_PRIORITY_FILE="${srcdir}/system-override-default-priority-string.none.config" eval "${GETPORT}" -launch_server $$ --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} @@ -61,7 +61,7 @@ wait # Try whether a client connection to an tls1.3 only server succeeds export GNUTLS_SYSTEM_PRIORITY_FILE="${srcdir}/system-override-default-priority-string.only-tls13.config" eval "${GETPORT}" -launch_server $$ --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} @@ -80,7 +80,7 @@ wait export GNUTLS_SYSTEM_PRIORITY_FILE="${srcdir}/system-override-default-priority-string.bad.config" unset GNUTLS_SYSTEM_PRIORITY_FAIL_ON_INVALID eval "${GETPORT}" -launch_server $$ --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} diff --git a/tests/system-override-kx.sh b/tests/system-override-kx.sh index 5c91703b41..642ff0b794 100755 --- a/tests/system-override-kx.sh +++ b/tests/system-override-kx.sh @@ -60,7 +60,7 @@ CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem unset GNUTLS_SYSTEM_PRIORITY_FILE eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2" --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2" --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} @@ -89,7 +89,7 @@ KEY1=${srcdir}/../doc/credentials/x509/key-rsa.pem CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2" --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2" --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} diff --git a/tests/system-override-profiles.sh b/tests/system-override-profiles.sh index 86ae558378..1b03bdb598 100755 --- a/tests/system-override-profiles.sh +++ b/tests/system-override-profiles.sh @@ -47,7 +47,7 @@ CERT="${srcdir}/certs/cert-ecc256.pem" KEY="${srcdir}/certs/ecc256.pem" eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL" --x509keyfile ${KEY} --x509certfile ${CERT} +launch_server --echo --priority "NORMAL" --x509keyfile ${KEY} --x509certfile ${CERT} PID=$! wait_server ${PID} diff --git a/tests/system-override-tls.sh b/tests/system-override-tls.sh index 9f8acc365d..a0ad3d0e4d 100755 --- a/tests/system-override-tls.sh +++ b/tests/system-override-tls.sh @@ -46,7 +46,7 @@ CERT="${srcdir}/certs/cert-ecc256.pem" KEY="${srcdir}/certs/ecc256.pem" eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL:+SHA256" --x509keyfile ${KEY} --x509certfile ${CERT} +launch_server --echo --priority "NORMAL:+SHA256" --x509keyfile ${KEY} --x509certfile ${CERT} PID=$! wait_server ${PID} diff --git a/tests/system-override-versions.sh b/tests/system-override-versions.sh index a1701bfdd0..a9999cce0c 100755 --- a/tests/system-override-versions.sh +++ b/tests/system-override-versions.sh @@ -73,7 +73,7 @@ CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem unset GNUTLS_SYSTEM_PRIORITY_FILE eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.3" --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.3" --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} @@ -91,7 +91,7 @@ KEY1=${srcdir}/../doc/credentials/x509/key-rsa.pem CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem eval "${GETPORT}" -launch_server $$ --echo --priority "NORMAL" --x509keyfile ${KEY1} --x509certfile ${CERT1} +launch_server --echo --priority "NORMAL" --x509keyfile ${KEY1} --x509certfile ${CERT1} PID=$! wait_server ${PID} diff --git a/tests/testpkcs11.sh b/tests/testpkcs11.sh index dcbf17530e..95b585ab6f 100755 --- a/tests/testpkcs11.sh +++ b/tests/testpkcs11.sh @@ -900,7 +900,7 @@ use_certificate_test () { echo -n "* Using PKCS #11 with gnutls-cli (${txt})... " # start server eval "${GETPORT}" - launch_pkcs11_server $$ "${ADDITIONAL_PARAM}" --echo --priority NORMAL --x509certfile="${certfile}" \ + launch_pkcs11_server "${ADDITIONAL_PARAM}" --echo --priority NORMAL --x509certfile="${certfile}" \ --x509keyfile="$keyfile" --x509cafile="${cafile}" \ --verify-client-cert --require-client-cert >>"${LOGFILE}" 2>&1 |