aboutsummaryrefslogtreecommitdiffstats
path: root/test/testssl.com
diff options
context:
space:
mode:
Diffstat (limited to 'test/testssl.com')
-rw-r--r--test/testssl.com153
1 files changed, 112 insertions, 41 deletions
diff --git a/test/testssl.com b/test/testssl.com
index 0b4b0a0ad3..ca087773be 100644
--- a/test/testssl.com
+++ b/test/testssl.com
@@ -2,114 +2,185 @@ $! TESTSSL.COM
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
-$ exe_dir := sys$disk:[-.'__arch'.exe.test]
-$
-$ copy/concatenate [-.certs]*.pem certs.tmp
+$ texe_dir := sys$disk:[-.'__arch'.exe.test]
+$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$ if p1 .eqs. ""
+$ then
+$ key="[-.apps]server.pem"
+$ else
+$ key=p1
+$ endif
+$ if p2 .eqs. ""
+$ then
+$ cert="[-.apps]server.pem"
+$ else
+$ cert=p2
+$ endif
+$ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
+$
+$ define/user sys$output test-ssltest-output.
+$ define/user sys$error nla0:
+$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
+$ set noon
+$ define/user sys$error nla0:
+$ search/output=nla0: testssl-ssltest-output. "DSA Public Key"/exact
+$ if $severity .eq. 1
+$ then
+$ dsa_cert := YES
+$ else
+$ dsa_cert := NO
+$ endif
+$ set on
+$ delete testssl-ssltest-output.;*
+$
+$ if p3 .eqs. ""
+$ then
+$ copy/concatenate [-.certs]*.pem certs.tmp
+$ CA = """-CAfile"" certs.tmp"
+$ else
+$ CA = """-CAfile"" "+p3
+$ endif
+$
+$!###########################################################################
$
$ write sys$output "test sslv2"
-$ mcr 'exe_dir'ssltest -ssl2
+$ 'ssltest' -ssl2
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with server authentication"
-$ mcr 'exe_dir'ssltest -ssl2 -server_auth "-CAfile" certs.tmp
+$ 'ssltest' -ssl2 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
-$ write sys$output "test sslv2 with client authentication"
-$ mcr 'exe_dir'ssltest -ssl2 -client_auth "-CAfile" certs.tmp
-$ if $severity .ne. 1 then goto exit3
+$ if .not. dsa_cert
+$ then
+$ write sys$output "test sslv2 with client authentication"
+$ 'ssltest' -ssl2 -client_auth 'CA'
+$ if $severity .ne. 1 then goto exit3
$
-$ write sys$output "test sslv2 with both client and server authentication"
-$ mcr 'exe_dir'ssltest -ssl2 -server_auth -client_auth "-CAfile" certs.tmp
-$ if $severity .ne. 1 then goto exit3
+$ write sys$output "test sslv2 with both client and server authentication"
+$ 'ssltest' -ssl2 -server_auth -client_auth 'CA'
+$ if $severity .ne. 1 then goto exit3
+$ endif
$
$ write sys$output "test sslv3"
-$ mcr 'exe_dir'ssltest -ssl3
+$ 'ssltest' -ssl3
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with server authentication"
-$ mcr 'exe_dir'ssltest -ssl3 -server_auth "-CAfile" certs.tmp
+$ 'ssltest' -ssl3 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with client authentication"
-$ mcr 'exe_dir'ssltest -ssl3 -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -ssl3 -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with both client and server authentication"
-$ mcr 'exe_dir'ssltest -ssl3 -server_auth -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -ssl3 -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3"
-$ mcr 'exe_dir'ssltest
+$ 'ssltest'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with server authentication"
-$ mcr 'exe_dir'ssltest -server_auth "-CAfile" certs.tmp
+$ 'ssltest' -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with client authentication"
-$ mcr 'exe_dir'ssltest -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with both client and server authentication"
-$ mcr 'exe_dir'ssltest -server_auth -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl2
-$ if $severity .ne. 1 then goto exit3
-$
-$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -dhe1024 -v
+$ 'ssltest' -bio_pair -ssl2
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with server authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
-$ write sys$output "test sslv2 with client authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -client_auth "-CAfile" certs.tmp
-$ if $severity .ne. 1 then goto exit3
+$ if .not. dsa_cert
+$ then
+$ write sys$output "test sslv2 with client authentication via BIO pair"
+$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA'
+$ if $severity .ne. 1 then goto exit3
$
-$ write sys$output "test sslv2 with both client and server authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth -client_auth "-CAfile" certs.tmp
-$ if $severity .ne. 1 then goto exit3
+$ write sys$output "test sslv2 with both client and server authentication via BIO pair"
+$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA'
+$ if $severity .ne. 1 then goto exit3
+$ endif
$
$ write sys$output "test sslv3 via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl3
+$ 'ssltest' -bio_pair -ssl3
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with server authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with client authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$ write sys$output "test sslv3 with both client and server authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 via BIO pair"
-$ mcr 'exe_dir'ssltest
+$ 'ssltest'
$ if $severity .ne. 1 then goto exit3
$
-$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -no_dhe
+$ if .not. dsa_cert
+$ then
+$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
+$ 'ssltest' -bio_pair -no_dhe
+$ if $severity .ne. 1 then goto exit3
+$ endif
+$
+$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
+$ 'ssltest' -bio_pair -dhe1024dsa -v
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with server authentication"
-$ mcr 'exe_dir'ssltest -bio_pair -server_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -server_auth -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
+$!###########################################################################
+$
+$ write sys$output "test tls1 with 1024bti anonymous SH, multiple handshakes"
+$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
+$ if $severity .ne. 1 then goto exit3
+$
+$ set noon
+$ define/user sys$output nla0:
+$ mcr 'exe_dir'openssl no-rsa
+$ save_severity=$SEVERITY
+$ set on
+$ if save_severity
+$ then
+$ write sys$output "skipping RSA tests"
+$ else
+$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
+$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
+$ if $severity .ne. 1 then goto exit3
+$
+$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
+$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
+$ if $severity .ne. 1 then goto exit3
+$ endif
+$
$ RET = 1
$ goto exit
$ exit3:
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-27 12:12:41 +0000