1
0

crl-revoked.test 3.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118
  1. #!/bin/sh
  2. #crl.test
  3. revocation_code="-361"
  4. exit_code=1
  5. counter=0
  6. # need a unique resume port since may run the same time as testsuite
  7. # use server port zero hack to get one
  8. crl_port=0
  9. #no_pid tells us process was never started if -1
  10. no_pid=-1
  11. #server_pid captured on startup, stores the id of the server process
  12. server_pid=$no_pid
  13. # let's use absolute path to a local dir (make distcheck may be in sub dir)
  14. # also let's add some randomness by adding pid in case multiple 'make check's
  15. # per source tree
  16. ready_file=`pwd`/wolfssl_crl_ready$$
  17. remove_ready_file() {
  18. if test -e $ready_file; then
  19. echo -e "removing existing ready file"
  20. rm $ready_file
  21. fi
  22. }
  23. # trap this function so if user aborts with ^C or other kill signal we still
  24. # get an exit that will in turn clean up the file system
  25. abort_trap() {
  26. echo "script aborted"
  27. if [ $server_pid != $no_pid ]
  28. then
  29. echo "killing server"
  30. kill -9 $server_pid
  31. fi
  32. exit_code=2 #different exit code in case of user interrupt
  33. echo "got abort signal, exiting with $exit_code"
  34. exit $exit_code
  35. }
  36. trap abort_trap INT TERM
  37. # trap this function so that if we exit on an error the file system will still
  38. # be restored and the other tests may still pass. Never call this function
  39. # instead use "exit <some value>" and this function will run automatically
  40. restore_file_system() {
  41. remove_ready_file
  42. }
  43. trap restore_file_system EXIT
  44. run_test() {
  45. echo -e "\nStarting example server for crl test...\n"
  46. remove_ready_file
  47. # starts the server on crl_port, -R generates ready file to be used as a
  48. # mutex lock, -c loads the revoked certificate. We capture the processid
  49. # into the variable server_pid
  50. ./examples/server/server -R $ready_file -p $crl_port \
  51. -c certs/server-revoked-cert.pem -k certs/server-revoked-key.pem &
  52. server_pid=$!
  53. while [ ! -s $ready_file -a "$counter" -lt 20 ]; do
  54. echo -e "waiting for ready file..."
  55. sleep 0.1
  56. counter=$((counter+ 1))
  57. done
  58. if test -e $ready_file; then
  59. echo -e "found ready file, starting client..."
  60. else
  61. echo -e "NO ready file ending test..."
  62. exit 1
  63. fi
  64. # get created port 0 ephemeral port
  65. crl_port=`cat $ready_file`
  66. # starts client on crl_port and captures the output from client
  67. capture_out=$(./examples/client/client -p $crl_port 2>&1)
  68. client_result=$?
  69. wait $server_pid
  70. server_result=$?
  71. case "$capture_out" in
  72. *$revocation_code*)
  73. # only exit with zero on detection of the expected error code
  74. echo ""
  75. echo "Successful Revocation!!!!"
  76. echo ""
  77. exit_code=0
  78. echo "exiting with $exit_code"
  79. exit $exit_code
  80. ;;
  81. *)
  82. echo ""
  83. echo "Certificate was not revoked saw this instead: $capture_out"
  84. echo ""
  85. echo "configure with --enable-crl and run this script again"
  86. echo ""
  87. esac
  88. }
  89. ######### begin program #########
  90. # run the test
  91. run_test
  92. # If we get to this exit, exit_code will be a 1 signaling failure
  93. echo "exiting with $exit_code certificate was not revoked"
  94. exit $exit_code
  95. ########## end program ##########