From 387b5239a029fafec08be1d22359702847ee13fd Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Thu, 30 Mar 2017 20:56:01 +0200 Subject: tests: added unit test for gnutls_priority_get_cipher_suite_index Signed-off-by: Nikos Mavrogiannopoulos --- tests/cipher-listings.sh | 85 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 85 insertions(+) create mode 100755 tests/cipher-listings.sh (limited to 'tests/cipher-listings.sh') diff --git a/tests/cipher-listings.sh b/tests/cipher-listings.sh new file mode 100755 index 0000000000..eb0e330b16 --- /dev/null +++ b/tests/cipher-listings.sh @@ -0,0 +1,85 @@ +#!/bin/sh + +# Copyright (C) 2010-2016 Free Software Foundation, Inc. +# +# Author: Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +srcdir="${srcdir:-.}" +CLI="${CLI:-../src/gnutls-cli${EXEEXT}}" +DIFF="${DIFF:-diff -b -B}" +unset RETCODE + +TMPFILE=cipher-listings.$$.tmp +TMPFILE2=cipher-listings2.$$.tmp + +if ! test -x "${CLI}"; then + exit 77 +fi + +if test "${WINDIR}" != ""; then + exit 77 +fi + +if ! test -z "${VALGRIND}"; then + VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15" +fi + + +. "${srcdir}/scripts/common.sh" + +echo "Checking ciphersuite listings" + +check() +{ + prio=$2 + name=$1 + echo checking $prio + "${CLI}" --list --priority $prio|grep -v ^Certificate|grep -v ^Ciphers|grep -v ^MACs|grep -v ^Key|grep -v Compression|grep -v ^Elliptic|sed -e 's/\tSSL3.0$//g' -e 's/\tTLS1.0$//g'|grep -v ^PK>$TMPFILE + cat ${srcdir}/data/listings-$name|sed 's/\tSSL3.0$//g' >$TMPFILE2 + ${DIFF} ${TMPFILE} ${TMPFILE2} + if test $? != 0;then + echo Error checking $prio with $name + echo output in ${TMPFILE} + exit 1 + fi +} + +${CLI} --fips140-mode +if test $? = 0;then + echo "Cannot run this test in FIPS140-2 mode" + exit 77 +fi + +# We check whether the ciphersuites listed by gnutls-cli +# for specific (legacy) protocols remain constant. We +# don't check newer protocols as these change more often. + +# This is a unit test for gnutls_priority_get_cipher_suite_index + +if test "${ENABLE_SSL3}" = "1";then +check SSL3.0 "NORMAL:-VERS-ALL:+VERS-SSL3.0:+ARCFOUR-128" +fi +check TLS1.0 "NORMAL:-VERS-ALL:+VERS-TLS1.0" +check TLS1.1 "NORMAL:-VERS-ALL:+VERS-TLS1.1" +check SSL3.0-TLS1.1 "NORMAL:-VERS-ALL:+VERS-TLS1.0:+VERS-SSL3.0:+VERS-TLS1.1" +check DTLS1.0 "NORMAL:-VERS-ALL:+VERS-DTLS1.0" + +rm -f ${TMPFILE} +rm -f ${TMPFILE2} +exit 0 -- cgit v1.2.1