Accueil Explorer Aide
Connexion
RISCI_ATOM
/
wolfssl
miroir de https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Fichiers Tickets 14 Wiki
Aborescence: 0bf3a89992
Branches Tags
wolfssl
/
scripts
/
ocsp-stapling.test

ocsp-stapling.test 2.3 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. #!/bin/sh
    2. 

  2. 

  3. # ocsp-stapling.test
    4. 

  4. 

  5. trap 'for i in `jobs -p`; do pkill -TERM -P $i; done' EXIT
    6. 

  6. 

  7. server=login.live.com
    8. 

  8. ca=certs/external/baltimore-cybertrust-root.pem
    9. 

  9. 

  10. [ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
    11. 

  11. ./examples/client/client -? 2>&1 | grep -- 'Client not compiled in!'
    12. 

  12. if [ $? -eq 0 ]; then
    13. 

  13.     exit 0
    14. 

  14. fi
    15. 

  15. 

  16. # is our desired server there? - login.live.com doesn't answers PING
    17. 

  17. #./scripts/ping.test $server 2
    18. 

  18. 

  19. # client test against the server
    20. 

  20. ./examples/client/client -X -C -h $server -p 443 -A $ca -g -W 1
    21. 

  21. RESULT=$?
    22. 

  22. [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
    23. 

  23. 

  24. 

  25. # Test with example server
    26. 

  26. 

  27. ./examples/server/server -? 2>&1 | grep -- 'Server not compiled in!'
    28. 

  28. if [ $? -eq 0 ]; then
    29. 

  29.     exit 0
    30. 

  30. fi
    31. 

  31. 

  32. # setup ocsp responder
    33. 

  33. ./certs/ocsp/ocspd-intermediate1-ca-issued-certs.sh &
    34. 

  34. sleep 1
    35. 

  35. [ $(jobs -r | wc -l) -ne 1 ] && echo -e "\n\nSetup ocsp responder failed, skipping" && exit 0
    36. 

  36. 

  37. # client test against our own server - GOOD CERT
    38. 

  38. ./examples/server/server -c certs/ocsp/server1-cert.pem -k certs/ocsp/server1-key.pem &
    39. 

  39. sleep 1
    40. 

  40. ./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1
    41. 

  41. RESULT=$?
    42. 

  42. [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
    43. 

  43. 

  44. # client test against our own server - REVOKED CERT
    45. 

  45. ./examples/server/server -c certs/ocsp/server2-cert.pem -k certs/ocsp/server2-key.pem &
    46. 

  46. sleep 1
    47. 

  47. ./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1
    48. 

  48. RESULT=$?
    49. 

  49. [ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1
    50. 

  50. 

  51. 

  52. ./examples/client/client -v 4 2>&1 | grep -- 'Bad SSL version'
    53. 

  53. if [ $? -ne 0 ]; then
    54. 

  54.     # client test against our own server - GOOD CERT
    55. 

  55.     ./examples/server/server -c certs/ocsp/server1-cert.pem -k certs/ocsp/server1-key.pem -v 4 &
    56. 

  56.     sleep 1
    57. 

  57.     ./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -v 4 -F 1
    58. 

  58.     RESULT=$?
    59. 

  59.     [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
    60. 

  60. 

  61.     # client test against our own server - REVOKED CERT
    62. 

  62.     ./examples/server/server -c certs/ocsp/server2-cert.pem -k certs/ocsp/server2-key.pem -v 4 &
    63. 

  63.     sleep 1
    64. 

  64.     ./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -v 4 -F 1
    65. 

  65.     RESULT=$?
    66. 

  66.     [ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1
    67. 

  67. fi
    68. 

  68. 

  69. exit 0
    70.