psk.test 4.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166
  1. #!/bin/bash
  2. # psk.test
  3. # copyright wolfSSL 2016
  4. # if we can, isolate the network namespace to eliminate port collisions.
  5. if [[ -n "$NETWORK_UNSHARE_HELPER" ]]; then
  6. if [[ -z "$NETWORK_UNSHARE_HELPER_CALLED" ]]; then
  7. export NETWORK_UNSHARE_HELPER_CALLED=yes
  8. exec "$NETWORK_UNSHARE_HELPER" "$0" "$@" || exit $?
  9. fi
  10. elif [ "${AM_BWRAPPED-}" != "yes" ]; then
  11. bwrap_path="$(command -v bwrap)"
  12. if [ -n "$bwrap_path" ]; then
  13. export AM_BWRAPPED=yes
  14. exec "$bwrap_path" --unshare-net --dev-bind / / "$0" "$@"
  15. fi
  16. unset AM_BWRAPPED
  17. fi
  18. # getting unique port is modeled after resume.test script
  19. # need a unique port since may run the same time as testsuite
  20. # use server port zero hack to get one
  21. port=0
  22. no_pid=-1
  23. server_pid=$no_pid
  24. counter=0
  25. # let's use absolute path to a local dir (make distcheck may be in sub dir)
  26. # also let's add some randomness by adding pid in case multiple 'make check's
  27. # per source tree
  28. ready_file=`pwd`/wolfssl_psk_ready$$
  29. echo "ready file \"$ready_file\""
  30. create_port() {
  31. while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
  32. echo -e "waiting for ready file..."
  33. sleep 0.1
  34. counter=$((counter+ 1))
  35. done
  36. if test -e "$ready_file"; then
  37. echo -e "found ready file, starting client..."
  38. # sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
  39. sleep 0.1
  40. # get created port 0 ephemeral port
  41. port=`cat "$ready_file"`
  42. else
  43. echo -e "NO ready file ending test..."
  44. do_cleanup
  45. fi
  46. }
  47. remove_ready_file() {
  48. if test -e "$ready_file"; then
  49. echo -e "removing existing ready file"
  50. rm "$ready_file"
  51. fi
  52. }
  53. do_cleanup() {
  54. echo "in cleanup"
  55. if [ $server_pid != $no_pid ]
  56. then
  57. echo "killing server"
  58. kill -9 $server_pid
  59. fi
  60. remove_ready_file
  61. }
  62. do_trap() {
  63. echo "got trap"
  64. do_cleanup
  65. exit 1
  66. }
  67. trap do_trap INT TERM
  68. [ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
  69. ./examples/client/client '-?' 2>&1 | grep -- 'Client not compiled in!'
  70. if [ $? -eq 0 ]; then
  71. exit 0
  72. fi
  73. ./examples/server/server '-?' 2>&1 | grep -- 'Server not compiled in!'
  74. if [ $? -eq 0 ]; then
  75. exit 0
  76. fi
  77. # Usual psk server / psk client. This use case is tested in
  78. # tests/unit.test and is used here for just checking if PSK is enabled
  79. port=0
  80. ./examples/server/server -s -R "$ready_file" -p $port &
  81. server_pid=$!
  82. create_port
  83. ./examples/client/client -s -p $port
  84. RESULT=$?
  85. remove_ready_file
  86. # if fail here then is a settings issue so return 0
  87. if [ $RESULT -ne 0 ]; then
  88. echo -e "\n\nPSK not enabled"
  89. do_cleanup
  90. exit 0
  91. fi
  92. echo ""
  93. # client test against the server
  94. ###############################
  95. ./examples/client/client -v 3 2>&1 | grep -- 'Bad SSL version'
  96. if [ $? -ne 0 ]; then
  97. # Usual server / client. This use case is tested in
  98. # tests/unit.test and is used here for just checking if cipher suite
  99. # is available (one case for example is with disable-asn)
  100. port=0
  101. ./examples/server/server -R "$ready_file" -p $port -l DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA &
  102. server_pid=$!
  103. create_port
  104. ./examples/client/client -p $port
  105. RESULT=$?
  106. remove_ready_file
  107. # if fail here then is a settings issue so return 0
  108. if [ $RESULT -ne 0 ]; then
  109. echo -e "\n\nIssue with chosen non PSK suites"
  110. do_cleanup
  111. exit 0
  112. fi
  113. echo ""
  114. # psk server with non psk client
  115. port=0
  116. ./examples/server/server -j -R "$ready_file" -p $port &
  117. server_pid=$!
  118. create_port
  119. ./examples/client/client -p $port
  120. RESULT=$?
  121. remove_ready_file
  122. if [ $RESULT -ne 0 ]; then
  123. echo -e "\n\nClient connection failed"
  124. do_cleanup
  125. exit 1
  126. fi
  127. echo ""
  128. # check fail if no auth, psk server with non psk client
  129. echo "Checking fail when not sending peer cert"
  130. port=0
  131. ./examples/server/server -j -R "$ready_file" -p $port &
  132. server_pid=$!
  133. create_port
  134. ./examples/client/client -x -p $port
  135. RESULT=$?
  136. remove_ready_file
  137. if [ $RESULT -eq 0 ]; then
  138. echo -e "\n\nClient connected when supposed to fail"
  139. do_cleanup
  140. exit 1
  141. fi
  142. fi
  143. echo -e "\nALL Tests Passed"
  144. exit 0