2
0

external.test 2.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263
  1. #!/usr/bin/env bash
  2. # external.test
  3. SCRIPT_DIR="$(dirname "$0")"
  4. server=www.wolfssl.com
  5. ca=./certs/wolfssl-website-ca.pem
  6. [ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
  7. # www.wolfssl.com isn't using RFC 8446 yet but the draft instead.
  8. if ! ./examples/client/client -V | grep -q 3; then
  9. echo 'skipping external.test because TLS1.2 is not available.' 1>&2
  10. exit 77
  11. fi
  12. # cloudflare seems to change CAs quickly, disabled by default
  13. if ! test -n "$WOLFSSL_EXTERNAL_TEST"; then
  14. echo "WOLFSSL_EXTERNAL_TEST not set, won't run"
  15. exit 77
  16. fi
  17. if test "$WOLFSSL_EXTERNAL_TEST" == "0"; then
  18. echo "WOLFSSL_EXTERNAL_TEST is defined to zero, won't run"
  19. exit 77
  20. fi
  21. BUILD_FLAGS="$(./examples/client/client '-#')"
  22. if echo "$BUILD_FLAGS" | fgrep -q -e ' -DWOLFSSL_SNIFFER '; then
  23. echo 'skipping WOLFSSL_EXTERNAL_TEST because -DWOLFSSL_SNIFFER configuration of build is incompatible.'
  24. exit 77
  25. fi
  26. if echo "$BUILD_FLAGS" | fgrep -v -q -e ' -DHAVE_ECC '; then
  27. echo 'skipping WOLFSSL_EXTERNAL_TEST because -UHAVE_ECC configuration of build is incompatible.'
  28. exit 77
  29. fi
  30. echo "WOLFSSL_EXTERNAL_TEST set, running test..."
  31. # is our desired server there?
  32. "${SCRIPT_DIR}"/ping.test $server 2
  33. RESULT=$?
  34. [ $RESULT -ne 0 ] && exit 0
  35. # client test against the server
  36. ./examples/client/client -X -C -h $server -p 443 -g -A $ca
  37. RESULT=$?
  38. [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
  39. # test again, but using system CA certs to verify the server if support is enabled.
  40. # We don't want to use --sys-ca-certs with static memory, as we don't know how
  41. # much memory will be required to store an unbounded number of certs
  42. BUILD_FLAGS="$(./examples/client/client '-#')"
  43. if echo "$BUILD_FLAGS" | grep -q "WOLFSSL_SYS_CA_CERTS" && ! echo "$BUILD_FLAGS" | grep -q "WOLFSSL_STATIC_MEMORY"; then
  44. echo -e "\nConnecting using WOLFSSL_SYS_CA_CERTS..."
  45. ./examples/client/client -X -C -h $server -p 443 -g --sys-ca-certs
  46. RESULT=$?
  47. [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed when using WOLFSSL_SYS_CA_CERTS" && exit 1
  48. fi
  49. exit 0