Commit 1c7e7b92 authored by Nikos Mavrogiannopoulos's avatar Nikos Mavrogiannopoulos
Browse files

tests: added basic starttls functionality testing on gnutls-cli

parent a801a5c8
......@@ -78,13 +78,13 @@ and polarssl.
Debian/Ubuntu:
```
apt-get install -y valgrind libasan1 libubsan0 nodejs softhsm datefudge lcov libssl-dev libcmocka-dev
apt-get install -y dieharder libpolarssl-runtime openssl abi-compliance-checker
apt-get install -y dieharder libpolarssl-runtime openssl abi-compliance-checker socat
```
Fedora/RHEL:
```
yum install -y valgrind libasan libasan-static libubsan nodejs softhsm datefudge lcov openssl-devel
yum install -y dieharder mbedtls-utils openssl abi-compliance-checker libcmocka-devel
yum install -y dieharder mbedtls-utils openssl abi-compliance-checker libcmocka-devel socat
```
......
......@@ -33,7 +33,7 @@ EXTRA_DIST = suppressions.valgrind eagain-common.h cert-common.h test-chains.h \
system.prio pkcs11/softhsm.h pkcs11/pkcs11-pubkey-import.c gnutls-asan.supp \
rsa-md5-collision/MD5CollisionCA.cer rsa-md5-collision/TargetCollidingCertificate1.cer \
rsa-md5-collision/TargetCollidingCertificate2.cer rsa-md5-collision/README \
safe-renegotiation/README
safe-renegotiation/README starttls-smtp.txt
AM_CFLAGS = $(WARN_CFLAGS) $(WERROR_CFLAGS)
AM_CPPFLAGS = \
......@@ -253,7 +253,7 @@ check_PROGRAMS = $(ctests)
dist_check_SCRIPTS = rfc2253-escape-test rsa-md5-collision/rsa-md5-collision.sh
if !WINDOWS
dist_check_SCRIPTS += danetool.sh fastopen.sh
dist_check_SCRIPTS += danetool.sh fastopen.sh starttls.sh
endif
TESTS = $(ctests) $(dist_check_SCRIPTS)
......
'' '220 int.example.com ESMTP Sendmail 8.14.4/8.14.4; Mon, 22 Aug 2016 03:08:09-0400\r\n'
TIMEOUT 120
EHLO '250-int-example.com Hello [10.40.3.7], pleased to meet you\r\n250-ENHANCEDSTATUSCODES\r\n250-STARTTLS\r\n250 HELP\r\n' STARTTLS '220 2.0.0 Ready to start TLS\r\n'
#!/bin/bash
# Copyright (C) 2010-2016 Free Software Foundation, Inc.
#
# Author: Nikos Mavrogiannopoulos
#
# This file is part of GnuTLS.
#
# GnuTLS is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 3 of the License, or (at
# your option) any later version.
#
# GnuTLS is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with GnuTLS; if not, write to the Free Software Foundation,
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
srcdir="${srcdir:-.}"
SERV="${SERV:-../src/gnutls-serv${EXEEXT}} -q"
CLI="${CLI:-../src/gnutls-cli${EXEEXT}}"
unset RETCODE
if test "${WINDIR}" != ""; then
exit 77
fi
if ! test -z "${VALGRIND}"; then
VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15"
fi
if test ! -x /usr/bin/socat;then
exit 77
fi
. "${srcdir}/scripts/common.sh"
echo "Checking STARTTLS"
eval "${GETPORT}"
launch_server $$ --echo --priority "NORMAL:+ANON-ECDH"
PID=$!
wait_server ${PID}
${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls </dev/null >/dev/null || \
fail ${PID} "starttls connect should have succeeded!"
kill ${PID}
wait
echo "Checking STARTTLS over SMTP"
eval "${GETPORT}"
socat TCP-LISTEN:${PORT} EXEC:"chat -e -S -v -f ${srcdir}/starttls-smtp.txt",pty &
PID=$!
wait_server ${PID}
${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto smtp --verbose </dev/null >/dev/null
if test $? != 1;then
fail ${PID} "connect should have failed with error code 1"
fi
kill ${PID}
wait
exit 0
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment