TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 542eac5abaaf313c411134e36cf7eae39c313cd7 / . / tests / compat.sh
blob: 89764f52af052f42784d75406626d27a7f6ca3b2 [file] [log] [blame]
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]1#!/bin/bash
2
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]3# Test interop with OpenSSL and GnuTLS (and self-op while at it).
4#
5# Check each common ciphersuite, with each version, both ways (client/server),
6# with and without client authentication.
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]7
Manuel Pégourié-Gonnard913030c2014-03-28 10:12:38 +0100[diff] [blame]8set -u
9
Manuel Pégourié-Gonnarda1a9f9a2014-03-25 18:04:59 +0100[diff] [blame]10# test if those two are set in the environment before assigning defaults
Manuel Pégourié-Gonnard913030c2014-03-28 10:12:38 +0100[diff] [blame]11if [ -n "${GNUTLS_CLI:-}" -a -n "${GNUTLS_SERV:-}" ]; then
Manuel Pégourié-Gonnarda1a9f9a2014-03-25 18:04:59 +0100[diff] [blame]12 GNUTLS_AVAILABLE=1
13else
14 GNUTLS_AVAILABLE=0
15fi
16
Manuel Pégourié-Gonnarda1a9f9a2014-03-25 18:04:59 +0100[diff] [blame]17# initialise counters
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]18let "tests = 0"
19let "failed = 0"
20let "skipped = 0"
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]21let "srvmem = 0"
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]22
Manuel Pégourié-Gonnarda1a9f9a2014-03-25 18:04:59 +0100[diff] [blame]23# default commands, can be overriden by the environment
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]24: ${P_SRV:=../programs/ssl/ssl_server2}
25: ${P_CLI:=../programs/ssl/ssl_client2}
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100[diff] [blame]26: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system
27: ${GNUTLS_CLI:=gnutls-cli}
28: ${GNUTLS_SERV:=gnutls-serv}
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]29
Manuel Pégourié-Gonnarda1a9f9a2014-03-25 18:04:59 +0100[diff] [blame]30# default values for options
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]31MODES="ssl3 tls1 tls1_1 tls1_2"
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]32VERIFIES="NO YES"
Manuel Pégourié-Gonnard7ebaf372013-08-27 21:03:33 +0200[diff] [blame]33TYPES="ECDSA RSA PSK"
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]34FILTER=""
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]35EXCLUDE='NULL\|DES-CBC-' # avoid plain DES but keep 3DES-EDE-CBC (PolarSSL), DES-CBC3 (OpenSSL)
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]36VERBOSE=""
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]37MEMCHECK=0
Manuel Pégourié-Gonnarda1a9f9a2014-03-25 18:04:59 +0100[diff] [blame]38# GnuTLS not enabled by default, 3.2.4 might not be available everywhere
39if [ "$GNUTLS_AVAILABLE" -gt 0 ]; then
40 PEERS="OpenSSL PolarSSL GnuTLS"
41else
42 PEERS="OpenSSL PolarSSL"
43fi
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]44
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]45print_usage() {
46 echo "Usage: $0"
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]47 echo -e " -h|--help\tPrint this help."
48 echo -e " -f|--filter\tOnly matching ciphersuites are tested (Default: '$FILTER')"
49 echo -e " -e|--exclude\tMatching ciphersuites are excluded (Default: '$EXCLUDE')"
50 echo -e " -m|--modes\tWhich modes to perform (Default: '$MODES')"
51 echo -e " -t|--types\tWhich key exchange type to perform (Default: '$TYPES')"
52 echo -e " -V|--verify\tWhich verification modes to perform (Default: '$VERIFIES')"
53 echo -e " -p|--peers\tWhich peers to use (Default: '$PEERS')"
54 echo -e " \tAlso available: GnuTLS (needs v3.2.4 or higher)"
55 echo -e " -M|--memcheck\tCheck memory leaks and errors."
56 echo -e " -v|--verbose\tSet verbose output."
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]57}
58
59get_options() {
60 while [ $# -gt 0 ]; do
61 case "$1" in
62 -f|--filter)
63 shift; FILTER=$1
64 ;;
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]65 -e|--exclude)
66 shift; EXCLUDE=$1
67 ;;
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]68 -m|--modes)
69 shift; MODES=$1
70 ;;
71 -t|--types)
72 shift; TYPES=$1
73 ;;
74 -V|--verify)
75 shift; VERIFIES=$1
76 ;;
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]77 -p|--peers)
78 shift; PEERS=$1
79 ;;
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]80 -v|--verbose)
81 VERBOSE=1
82 ;;
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]83 -M|--memcheck)
84 MEMCHECK=1
85 ;;
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]86 -h|--help)
87 print_usage
88 exit 0
89 ;;
90 *)
91 echo "Unknown argument: '$1'"
92 print_usage
93 exit 1
94 ;;
95 esac
96 shift
97 done
98}
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]99
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]100log() {
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]101 if [ "X" != "X$VERBOSE" ]; then
102 echo "$@"
103 fi
104}
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]105
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]106filter()
107{
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]108 LIST="$1"
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]109 NEW_LIST=""
110
111 for i in $LIST;
112 do
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]113 NEW_LIST="$NEW_LIST $( echo "$i" | grep "$FILTER" | grep -v "$EXCLUDE" )"
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]114 done
115
Manuel Pégourié-Gonnard911622d2014-02-27 11:50:40 +0100[diff] [blame]116 # normalize whitespace
117 echo "$NEW_LIST" | sed -e 's/[[:space:]]\+/ /g' -e 's/^ //' -e 's/ $//'
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]118}
119
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]120filter_ciphersuites()
121{
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]122 if [ "X" != "X$FILTER" -o "X" != "X$EXCLUDE" ];
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]123 then
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]124 P_CIPHERS=$( filter "$P_CIPHERS" )
125 O_CIPHERS=$( filter "$O_CIPHERS" )
126 G_CIPHERS=$( filter "$G_CIPHERS" )
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]127 fi
128}
129
130reset_ciphersuites()
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]131{
132 P_CIPHERS=""
133 O_CIPHERS=""
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]134 G_CIPHERS=""
135}
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]136
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]137add_common_ciphersuites()
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]138{
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]139 case $TYPE in
140
141 "ECDSA")
142 if [ "$MODE" != "ssl3" ];
143 then
144 P_CIPHERS="$P_CIPHERS \
145 TLS-ECDHE-ECDSA-WITH-NULL-SHA \
146 TLS-ECDHE-ECDSA-WITH-RC4-128-SHA \
147 TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \
148 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \
149 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]150 "
151 G_CIPHERS="$G_CIPHERS \
152 +ECDHE-ECDSA:+NULL:+SHA1 \
153 +ECDHE-ECDSA:+ARCFOUR-128:+SHA1 \
154 +ECDHE-ECDSA:+3DES-CBC:+SHA1 \
155 +ECDHE-ECDSA:+AES-128-CBC:+SHA1 \
156 +ECDHE-ECDSA:+AES-256-CBC:+SHA1 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]157 "
158 O_CIPHERS="$O_CIPHERS \
159 ECDHE-ECDSA-NULL-SHA \
160 ECDHE-ECDSA-RC4-SHA \
161 ECDHE-ECDSA-DES-CBC3-SHA \
162 ECDHE-ECDSA-AES128-SHA \
163 ECDHE-ECDSA-AES256-SHA \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]164 "
165 fi
166 if [ "$MODE" = "tls1_2" ];
167 then
168 P_CIPHERS="$P_CIPHERS \
169 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
170 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \
171 TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
172 TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]173 "
174 G_CIPHERS="$G_CIPHERS \
175 +ECDHE-ECDSA:+AES-128-CBC:+SHA256 \
176 +ECDHE-ECDSA:+AES-256-CBC:+SHA384 \
177 +ECDHE-ECDSA:+AES-128-GCM:+AEAD \
178 +ECDHE-ECDSA:+AES-256-GCM:+AEAD \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]179 "
180 O_CIPHERS="$O_CIPHERS \
181 ECDHE-ECDSA-AES128-SHA256 \
182 ECDHE-ECDSA-AES256-SHA384 \
183 ECDHE-ECDSA-AES128-GCM-SHA256 \
184 ECDHE-ECDSA-AES256-GCM-SHA384 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]185 "
186 fi
187 ;;
188
189 "RSA")
190 P_CIPHERS="$P_CIPHERS \
191 TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
192 TLS-DHE-RSA-WITH-AES-256-CBC-SHA \
193 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA \
194 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA \
195 TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA \
196 TLS-RSA-WITH-AES-256-CBC-SHA \
197 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA \
198 TLS-RSA-WITH-AES-128-CBC-SHA \
199 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA \
200 TLS-RSA-WITH-3DES-EDE-CBC-SHA \
201 TLS-RSA-WITH-RC4-128-SHA \
202 TLS-RSA-WITH-RC4-128-MD5 \
203 TLS-RSA-WITH-NULL-MD5 \
204 TLS-RSA-WITH-NULL-SHA \
Manuel Pégourié-Gonnarde9a9a612014-03-26 08:56:24 +0100[diff] [blame]205 TLS-RSA-WITH-NULL-SHA256 \
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]206 "
207 G_CIPHERS="$G_CIPHERS \
208 +DHE-RSA:+AES-128-CBC:+SHA1 \
209 +DHE-RSA:+AES-256-CBC:+SHA1 \
210 +DHE-RSA:+CAMELLIA-128-CBC:+SHA1 \
211 +DHE-RSA:+CAMELLIA-256-CBC:+SHA1 \
212 +DHE-RSA:+3DES-CBC:+SHA1 \
213 +RSA:+AES-256-CBC:+SHA1 \
214 +RSA:+CAMELLIA-256-CBC:+SHA1 \
215 +RSA:+AES-128-CBC:+SHA1 \
216 +RSA:+CAMELLIA-128-CBC:+SHA1 \
217 +RSA:+3DES-CBC:+SHA1 \
218 +RSA:+ARCFOUR-128:+SHA1 \
219 +RSA:+ARCFOUR-128:+MD5 \
220 +RSA:+NULL:+MD5 \
221 +RSA:+NULL:+SHA1 \
Manuel Pégourié-Gonnarde9a9a612014-03-26 08:56:24 +0100[diff] [blame]222 +RSA:+NULL:+SHA256 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]223 "
224 O_CIPHERS="$O_CIPHERS \
225 DHE-RSA-AES128-SHA \
226 DHE-RSA-AES256-SHA \
227 DHE-RSA-CAMELLIA128-SHA \
228 DHE-RSA-CAMELLIA256-SHA \
229 EDH-RSA-DES-CBC3-SHA \
230 AES256-SHA \
231 CAMELLIA256-SHA \
232 AES128-SHA \
233 CAMELLIA128-SHA \
234 DES-CBC3-SHA \
235 RC4-SHA \
236 RC4-MD5 \
237 NULL-MD5 \
238 NULL-SHA \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]239 "
240 if [ "$MODE" != "ssl3" ];
241 then
242 P_CIPHERS="$P_CIPHERS \
243 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \
244 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA \
245 TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA \
246 TLS-ECDHE-RSA-WITH-RC4-128-SHA \
247 TLS-ECDHE-RSA-WITH-NULL-SHA \
248 "
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]249 G_CIPHERS="$G_CIPHERS \
250 +ECDHE-RSA:+AES-128-CBC:+SHA1 \
251 +ECDHE-RSA:+AES-256-CBC:+SHA1 \
252 +ECDHE-RSA:+3DES-CBC:+SHA1 \
253 +ECDHE-RSA:+ARCFOUR-128:+SHA1 \
254 +ECDHE-RSA:+NULL:+SHA1 \
255 "
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]256 O_CIPHERS="$O_CIPHERS \
257 ECDHE-RSA-AES256-SHA \
258 ECDHE-RSA-AES128-SHA \
259 ECDHE-RSA-DES-CBC3-SHA \
260 ECDHE-RSA-RC4-SHA \
261 ECDHE-RSA-NULL-SHA \
262 "
263 fi
264 if [ "$MODE" = "tls1_2" ];
265 then
266 P_CIPHERS="$P_CIPHERS \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]267 TLS-RSA-WITH-AES-128-CBC-SHA256 \
268 TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 \
269 TLS-RSA-WITH-AES-256-CBC-SHA256 \
270 TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \
271 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 \
272 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 \
273 TLS-RSA-WITH-AES-128-GCM-SHA256 \
274 TLS-RSA-WITH-AES-256-GCM-SHA384 \
275 TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \
276 TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \
277 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \
278 TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \
279 "
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]280 G_CIPHERS="$G_CIPHERS \
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]281 +RSA:+AES-128-CBC:+SHA256 \
282 +DHE-RSA:+AES-128-CBC:+SHA256 \
283 +RSA:+AES-256-CBC:+SHA256 \
284 +DHE-RSA:+AES-256-CBC:+SHA256 \
285 +ECDHE-RSA:+AES-128-CBC:+SHA256 \
286 +ECDHE-RSA:+AES-256-CBC:+SHA384 \
287 +RSA:+AES-128-GCM:+AEAD \
288 +RSA:+AES-256-GCM:+AEAD \
289 +DHE-RSA:+AES-128-GCM:+AEAD \
290 +DHE-RSA:+AES-256-GCM:+AEAD \
291 +ECDHE-RSA:+AES-128-GCM:+AEAD \
292 +ECDHE-RSA:+AES-256-GCM:+AEAD \
293 "
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]294 O_CIPHERS="$O_CIPHERS \
295 NULL-SHA256 \
296 AES128-SHA256 \
297 DHE-RSA-AES128-SHA256 \
298 AES256-SHA256 \
299 DHE-RSA-AES256-SHA256 \
300 ECDHE-RSA-AES128-SHA256 \
301 ECDHE-RSA-AES256-SHA384 \
302 AES128-GCM-SHA256 \
303 DHE-RSA-AES128-GCM-SHA256 \
304 AES256-GCM-SHA384 \
305 DHE-RSA-AES256-GCM-SHA384 \
306 ECDHE-RSA-AES128-GCM-SHA256 \
307 ECDHE-RSA-AES256-GCM-SHA384 \
308 "
309 fi
310 ;;
311
312 "PSK")
313 P_CIPHERS="$P_CIPHERS \
314 TLS-PSK-WITH-RC4-128-SHA \
315 TLS-PSK-WITH-3DES-EDE-CBC-SHA \
316 TLS-PSK-WITH-AES-128-CBC-SHA \
317 TLS-PSK-WITH-AES-256-CBC-SHA \
318 "
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]319 G_CIPHERS="$G_CIPHERS \
320 +PSK:+ARCFOUR-128:+SHA1 \
321 +PSK:+3DES-CBC:+SHA1 \
322 +PSK:+AES-128-CBC:+SHA1 \
323 +PSK:+AES-256-CBC:+SHA1 \
324 "
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]325 O_CIPHERS="$O_CIPHERS \
326 PSK-RC4-SHA \
327 PSK-3DES-EDE-CBC-SHA \
328 PSK-AES128-CBC-SHA \
329 PSK-AES256-CBC-SHA \
330 "
331 ;;
332 esac
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]333}
334
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]335add_openssl_ciphersuites()
336{
337 case $TYPE in
338
339 "ECDSA")
340 if [ "$MODE" != "ssl3" ];
341 then
342 P_CIPHERS="$P_CIPHERS \
343 TLS-ECDH-ECDSA-WITH-NULL-SHA \
344 TLS-ECDH-ECDSA-WITH-RC4-128-SHA \
345 TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA \
346 TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA \
347 TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA \
348 "
349 O_CIPHERS="$O_CIPHERS \
350 ECDH-ECDSA-NULL-SHA \
351 ECDH-ECDSA-RC4-SHA \
352 ECDH-ECDSA-DES-CBC3-SHA \
353 ECDH-ECDSA-AES128-SHA \
354 ECDH-ECDSA-AES256-SHA \
355 "
356 fi
357 if [ "$MODE" = "tls1_2" ];
358 then
359 P_CIPHERS="$P_CIPHERS \
360 TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 \
361 TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 \
362 TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 \
363 TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \
364 "
365 O_CIPHERS="$O_CIPHERS \
366 ECDH-ECDSA-AES128-SHA256 \
367 ECDH-ECDSA-AES256-SHA384 \
368 ECDH-ECDSA-AES128-GCM-SHA256 \
369 ECDH-ECDSA-AES256-GCM-SHA384 \
370 "
371 fi
372 ;;
373
374 "RSA")
375 P_CIPHERS="$P_CIPHERS \
376 TLS-RSA-WITH-DES-CBC-SHA \
377 TLS-DHE-RSA-WITH-DES-CBC-SHA \
378 "
379 O_CIPHERS="$O_CIPHERS \
380 DES-CBC-SHA \
381 EDH-RSA-DES-CBC-SHA \
382 "
383 ;;
384
385 "PSK")
386 ;;
387 esac
388}
389
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]390add_gnutls_ciphersuites()
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]391{
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]392 case $TYPE in
393
394 "ECDSA")
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]395 if [ "$MODE" = "tls1_2" ];
396 then
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]397 P_CIPHERS="$P_CIPHERS \
398 TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
399 TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]400 TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
401 TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]402 "
403 G_CIPHERS="$G_CIPHERS \
404 +ECDHE-ECDSA:+CAMELLIA-128-CBC:+SHA256 \
405 +ECDHE-ECDSA:+CAMELLIA-256-CBC:+SHA384 \
406 +ECDHE-ECDSA:+CAMELLIA-128-GCM:+AEAD \
407 +ECDHE-ECDSA:+CAMELLIA-256-GCM:+AEAD \
408 "
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]409 fi
410 ;;
411
412 "RSA")
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]413 if [ "$MODE" = "tls1_2" ];
414 then
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]415 P_CIPHERS="$P_CIPHERS \
416 TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
417 TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]418 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
419 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
420 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
421 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
422 TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
423 TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
424 TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
425 TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
426 TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
427 TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
428 "
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]429 G_CIPHERS="$G_CIPHERS \
430 +ECDHE-RSA:+CAMELLIA-128-CBC:+SHA256 \
431 +ECDHE-RSA:+CAMELLIA-256-CBC:+SHA384 \
432 +RSA:+CAMELLIA-128-CBC:+SHA256 \
433 +RSA:+CAMELLIA-256-CBC:+SHA256 \
434 +DHE-RSA:+CAMELLIA-128-CBC:+SHA256 \
435 +DHE-RSA:+CAMELLIA-256-CBC:+SHA256 \
436 +ECDHE-RSA:+CAMELLIA-128-GCM:+AEAD \
437 +ECDHE-RSA:+CAMELLIA-256-GCM:+AEAD \
438 +DHE-RSA:+CAMELLIA-128-GCM:+AEAD \
439 +DHE-RSA:+CAMELLIA-256-GCM:+AEAD \
440 +RSA:+CAMELLIA-128-GCM:+AEAD \
441 +RSA:+CAMELLIA-256-GCM:+AEAD \
442 "
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]443 fi
444 ;;
445
446 "PSK")
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]447 # GnuTLS 3.2.11 (2014-02-13) requires TLS 1.x for most *PSK suites
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]448 if [ "$MODE" != "ssl3" ];
449 then
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]450 P_CIPHERS="$P_CIPHERS \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]451 TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \
452 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
453 TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA \
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]454 TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \
455 TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
456 TLS-DHE-PSK-WITH-AES-256-CBC-SHA \
457 TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA \
458 TLS-RSA-PSK-WITH-AES-256-CBC-SHA \
459 TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]460 "
461 G_CIPHERS="$G_CIPHERS \
462 +ECDHE-PSK:+AES-256-CBC:+SHA1 \
463 +ECDHE-PSK:+AES-128-CBC:+SHA1 \
464 +ECDHE-PSK:+3DES-CBC:+SHA1 \
465 +DHE-PSK:+3DES-CBC:+SHA1 \
466 +DHE-PSK:+AES-128-CBC:+SHA1 \
467 +DHE-PSK:+AES-256-CBC:+SHA1 \
468 +RSA-PSK:+3DES-CBC:+SHA1 \
469 +RSA-PSK:+AES-256-CBC:+SHA1 \
470 +RSA-PSK:+AES-128-CBC:+SHA1 \
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]471 "
472 fi
473 if [ "$MODE" = "tls1_2" ];
474 then
475 P_CIPHERS="$P_CIPHERS \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]476 TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
477 TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
478 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
479 TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
480 TLS-ECDHE-PSK-WITH-NULL-SHA384 \
481 TLS-ECDHE-PSK-WITH-NULL-SHA256 \
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]482 TLS-PSK-WITH-AES-128-CBC-SHA256 \
483 TLS-PSK-WITH-AES-256-CBC-SHA384 \
484 TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
485 TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
486 TLS-PSK-WITH-NULL-SHA256 \
487 TLS-PSK-WITH-NULL-SHA384 \
488 TLS-DHE-PSK-WITH-NULL-SHA256 \
489 TLS-DHE-PSK-WITH-NULL-SHA384 \
490 TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
491 TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
492 TLS-RSA-PSK-WITH-NULL-SHA256 \
493 TLS-RSA-PSK-WITH-NULL-SHA384 \
494 TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
495 TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
496 TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
497 TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
498 TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
499 TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]500 TLS-PSK-WITH-AES-128-GCM-SHA256 \
501 TLS-PSK-WITH-AES-256-GCM-SHA384 \
502 TLS-DHE-PSK-WITH-AES-128-GCM-SHA256 \
503 TLS-DHE-PSK-WITH-AES-256-GCM-SHA384 \
504 TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
505 TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
506 TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
507 TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
508 TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
509 TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
510 TLS-RSA-PSK-WITH-AES-256-GCM-SHA384 \
511 TLS-RSA-PSK-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]512 "
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]513 G_CIPHERS="$G_CIPHERS \
514 +ECDHE-PSK:+AES-256-CBC:+SHA384 \
515 +ECDHE-PSK:+CAMELLIA-256-CBC:+SHA384 \
516 +ECDHE-PSK:+AES-128-CBC:+SHA256 \
517 +ECDHE-PSK:+CAMELLIA-128-CBC:+SHA256 \
518 +PSK:+AES-128-CBC:+SHA256 \
519 +PSK:+AES-256-CBC:+SHA384 \
520 +DHE-PSK:+AES-128-CBC:+SHA256 \
521 +DHE-PSK:+AES-256-CBC:+SHA384 \
522 +RSA-PSK:+AES-256-CBC:+SHA384 \
523 +RSA-PSK:+AES-128-CBC:+SHA256 \
524 +DHE-PSK:+CAMELLIA-128-CBC:+SHA256 \
525 +DHE-PSK:+CAMELLIA-256-CBC:+SHA384 \
526 +PSK:+CAMELLIA-128-CBC:+SHA256 \
527 +PSK:+CAMELLIA-256-CBC:+SHA384 \
528 +RSA-PSK:+CAMELLIA-256-CBC:+SHA384 \
529 +RSA-PSK:+CAMELLIA-128-CBC:+SHA256 \
530 +PSK:+AES-128-GCM:+AEAD \
531 +PSK:+AES-256-GCM:+AEAD \
532 +DHE-PSK:+AES-128-GCM:+AEAD \
533 +DHE-PSK:+AES-256-GCM:+AEAD \
534 +RSA-PSK:+CAMELLIA-128-GCM:+AEAD \
535 +RSA-PSK:+CAMELLIA-256-GCM:+AEAD \
536 +PSK:+CAMELLIA-128-GCM:+AEAD \
537 +PSK:+CAMELLIA-256-GCM:+AEAD \
538 +DHE-PSK:+CAMELLIA-128-GCM:+AEAD \
539 +DHE-PSK:+CAMELLIA-256-GCM:+AEAD \
540 +RSA-PSK:+AES-256-GCM:+AEAD \
541 +RSA-PSK:+AES-128-GCM:+AEAD \
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]542 +ECDHE-PSK:+NULL:+SHA384 \
543 +ECDHE-PSK:+NULL:+SHA256 \
544 +PSK:+NULL:+SHA256 \
545 +PSK:+NULL:+SHA384 \
546 +DHE-PSK:+NULL:+SHA256 \
547 +DHE-PSK:+NULL:+SHA384 \
548 +RSA-PSK:+NULL:+SHA256 \
549 +RSA-PSK:+NULL:+SHA384 \
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]550 "
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]551 fi
552 ;;
553 esac
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]554}
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]555
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]556add_polarssl_ciphersuites()
557{
558 case $TYPE in
559
560 "ECDSA")
561 if [ "$MODE" != "ssl3" ];
562 then
563 P_CIPHERS="$P_CIPHERS \
564 TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
565 TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
566 "
567 fi
568 if [ "$MODE" = "tls1_2" ];
569 then
570 P_CIPHERS="$P_CIPHERS \
571 TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
572 TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
573 "
574 fi
575 ;;
576
577 "RSA")
578 ;;
579
580 "PSK")
581 P_CIPHERS="$P_CIPHERS \
582 TLS-PSK-WITH-NULL-SHA \
583 TLS-DHE-PSK-WITH-RC4-128-SHA \
584 TLS-DHE-PSK-WITH-NULL-SHA \
585 TLS-RSA-PSK-WITH-RC4-128-SHA \
586 "
587 if [ "$MODE" != "ssl3" ];
588 then
589 P_CIPHERS="$P_CIPHERS \
590 TLS-ECDHE-PSK-WITH-RC4-128-SHA \
591 TLS-ECDHE-PSK-WITH-NULL-SHA \
592 "
593 fi
594 ;;
595 esac
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]596}
597
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]598setup_arguments()
599{
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]600 case $MODE in
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]601 "ssl3")
602 G_PRIO_MODE="+VERS-SSL3.0"
603 ;;
604 "tls1")
605 G_PRIO_MODE="+VERS-TLS1.0"
606 ;;
607 "tls1_1")
608 G_PRIO_MODE="+VERS-TLS1.1"
609 ;;
610 "tls1_2")
611 G_PRIO_MODE="+VERS-TLS1.2"
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]612 ;;
613 *)
614 echo "error: invalid mode: $MODE" >&2
615 exit 1;
616 esac
617
618 P_SERVER_ARGS="server_addr=0.0.0.0 force_version=$MODE"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]619 O_SERVER_ARGS="-www -cipher NULL,ALL -$MODE"
620 G_SERVER_ARGS="-p 4433 --http"
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]621 G_SERVER_PRIO="EXPORT:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]622
623 P_CLIENT_ARGS="force_version=$MODE"
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]624 O_CLIENT_ARGS="-$MODE"
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]625 G_CLIENT_ARGS="-p 4433 --debug 3"
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]626 G_CLIENT_PRIO="NONE:$G_PRIO_MODE:+COMP-NULL:+CURVE-ALL:+SIGN-ALL"
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]627
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]628 if [ "X$VERIFY" = "XYES" ];
629 then
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]630 P_SERVER_ARGS="$P_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]631 O_SERVER_ARGS="$O_SERVER_ARGS -CAfile data_files/test-ca_cat12.crt -Verify 10"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]632 G_SERVER_ARGS="$G_SERVER_ARGS --x509cafile data_files/test-ca_cat12.crt --require-client-cert"
633
634 P_CLIENT_ARGS="$P_CLIENT_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
Manuel Pégourié-Gonnardda782c92014-02-21 10:10:20 +0100[diff] [blame]635 O_CLIENT_ARGS="$O_CLIENT_ARGS -CAfile data_files/test-ca_cat12.crt -verify 10"
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]636 G_CLIENT_ARGS="$G_CLIENT_ARGS --x509cafile data_files/test-ca_cat12.crt"
Manuel Pégourié-Gonnardda782c92014-02-21 10:10:20 +0100[diff] [blame]637 else
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]638 # don't request a client cert at all
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]639 P_SERVER_ARGS="$P_SERVER_ARGS ca_file=none auth_mode=none"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]640 G_SERVER_ARGS="$G_SERVER_ARGS --disable-client-cert"
641
Manuel Pégourié-Gonnard5de31ec2014-03-19 17:34:52 +0100[diff] [blame]642 P_CLIENT_ARGS="$P_CLIENT_ARGS ca_file=none auth_mode=none"
643 O_CLIENT_ARGS="$O_CLIENT_ARGS"
644 G_CLIENT_ARGS="$G_CLIENT_ARGS --insecure"
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]645 fi
646
647 case $TYPE in
648 "ECDSA")
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]649 P_SERVER_ARGS="$P_SERVER_ARGS crt_file=data_files/server5.crt key_file=data_files/server5.key"
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]650 O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server5.crt -key data_files/server5.key"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]651 G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
652
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]653 if [ "X$VERIFY" = "XYES" ]; then
654 P_CLIENT_ARGS="$P_CLIENT_ARGS crt_file=data_files/server6.crt key_file=data_files/server6.key"
655 O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server6.crt -key data_files/server6.key"
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]656 G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/server6.crt --x509keyfile data_files/server6.key"
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]657 else
658 P_CLIENT_ARGS="$P_CLIENT_ARGS crt_file=none key_file=none"
659 fi
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]660 ;;
661
662 "RSA")
Manuel Pégourié-Gonnardda782c92014-02-21 10:10:20 +0100[diff] [blame]663 P_SERVER_ARGS="$P_SERVER_ARGS crt_file=data_files/server2.crt key_file=data_files/server2.key"
Manuel Pégourié-Gonnardda782c92014-02-21 10:10:20 +0100[diff] [blame]664 O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server2.crt -key data_files/server2.key"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]665 G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2.crt --x509keyfile data_files/server2.key"
666
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]667 if [ "X$VERIFY" = "XYES" ]; then
668 P_CLIENT_ARGS="$P_CLIENT_ARGS crt_file=data_files/server1.crt key_file=data_files/server1.key"
669 O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server1.crt -key data_files/server1.key"
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]670 G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/server1.crt --x509keyfile data_files/server1.key"
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]671 else
672 P_CLIENT_ARGS="$P_CLIENT_ARGS crt_file=none key_file=none"
673 fi
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]674 ;;
675
676 "PSK")
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]677 # give RSA-PSK-capable server a RSA cert
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]678 # (should be a separate type, but harder to close with openssl)
679 P_SERVER_ARGS="$P_SERVER_ARGS psk=6162636465666768696a6b6c6d6e6f70 ca_file=none crt_file=data_files/server2.crt key_file=data_files/server2.key"
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]680 O_SERVER_ARGS="$O_SERVER_ARGS -psk 6162636465666768696a6b6c6d6e6f70 -nocert"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]681 G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2.crt --x509keyfile data_files/server2.key --pskpasswd data_files/passwd.psk"
682
683 P_CLIENT_ARGS="$P_CLIENT_ARGS psk=6162636465666768696a6b6c6d6e6f70 crt_file=none key_file=none"
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]684 O_CLIENT_ARGS="$O_CLIENT_ARGS -psk 6162636465666768696a6b6c6d6e6f70"
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]685 G_CLIENT_ARGS="$G_CLIENT_ARGS --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70"
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]686 ;;
687 esac
688}
689
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]690# is_polar <cmd_line>
691is_polar() {
692 echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null
693}
694
695# has_mem_err <log_file_name>
696has_mem_err() {
697 if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" &&
698 grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null
699 then
700 return 1 # false: does not have errors
701 else
702 return 0 # true: has errors
703 fi
704}
705
Manuel Pégourié-Gonnard304beef2014-02-19 14:45:00 +0100[diff] [blame]706# start_server <name>
707# also saves name and command
708start_server() {
Manuel Pégourié-Gonnard304beef2014-02-19 14:45:00 +0100[diff] [blame]709 case $1 in
710 [Oo]pen*)
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100[diff] [blame]711 SERVER_CMD="$OPENSSL_CMD s_server $O_SERVER_ARGS"
Manuel Pégourié-Gonnard304beef2014-02-19 14:45:00 +0100[diff] [blame]712 ;;
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]713 [Gg]nu*)
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100[diff] [blame]714 SERVER_CMD="$GNUTLS_SERV $G_SERVER_ARGS --priority $G_SERVER_PRIO"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]715 ;;
Manuel Pégourié-Gonnard304beef2014-02-19 14:45:00 +0100[diff] [blame]716 [Pp]olar*)
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]717 SERVER_CMD="$P_SRV $P_SERVER_ARGS"
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]718 if [ "$MEMCHECK" -gt 0 ]; then
719 SERVER_CMD="valgrind --leak-check=full $SERVER_CMD"
720 fi
Manuel Pégourié-Gonnard304beef2014-02-19 14:45:00 +0100[diff] [blame]721 ;;
722 *)
723 echo "error: invalid server name: $1" >&2
724 exit 1
725 ;;
726 esac
727 SERVER_NAME=$1
728
729 log "$SERVER_CMD"
Manuel Pégourié-Gonnardba0b8442014-03-13 17:57:45 +0100[diff] [blame]730 echo "$SERVER_CMD" > srv_out
731 $SERVER_CMD >> srv_out 2>&1 &
Manuel Pégourié-Gonnard304beef2014-02-19 14:45:00 +0100[diff] [blame]732 PROCESS_ID=$!
733
734 sleep 1
735}
736
Manuel Pégourié-Gonnard911622d2014-02-27 11:50:40 +0100[diff] [blame]737# terminate the running server (closing it cleanly if it is ours)
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]738stop_server() {
Manuel Pégourié-Gonnardc57e98b2014-02-19 17:37:55 +0100[diff] [blame]739 case $SERVER_NAME in
740 [Pp]olar*)
Manuel Pégourié-Gonnard911622d2014-02-27 11:50:40 +0100[diff] [blame]741 # we must force a PSK suite when in PSK mode (otherwise client
Manuel Pégourié-Gonnard84fd6872014-03-13 18:35:10 +0100[diff] [blame]742 # auth will fail), so try every entry in $P_CIPHERS in turn (in
743 # case the first one is not implemented in this configuration)
744 for i in $P_CIPHERS; do
Manuel Pégourié-Gonnard5de31ec2014-03-19 17:34:52 +0100[diff] [blame]745 log "$P_CLI $P_CLIENT_ARGS request_page=SERVERQUIT auth_mode=none force_ciphersuite=$i"
Manuel Pégourié-Gonnard84fd6872014-03-13 18:35:10 +0100[diff] [blame]746 "$P_CLI" $P_CLIENT_ARGS request_page=SERVERQUIT auth_mode=none \
Manuel Pégourié-Gonnard84fd6872014-03-13 18:35:10 +0100[diff] [blame]747 force_ciphersuite=$i >/dev/null
748 if [ "$?" == 0 ]; then
749 break
750 fi
751 done
Manuel Pégourié-Gonnardc57e98b2014-02-19 17:37:55 +0100[diff] [blame]752 ;;
Manuel Pégourié-Gonnard911622d2014-02-27 11:50:40 +0100[diff] [blame]753 *)
754 kill $PROCESS_ID 2>/dev/null
Manuel Pégourié-Gonnardc57e98b2014-02-19 17:37:55 +0100[diff] [blame]755 esac
756
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]757 wait $PROCESS_ID 2>/dev/null
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]758
759 if [ "$MEMCHECK" -gt 0 ]; then
760 if is_polar "$SERVER_CMD" && has_mem_err srv_out; then
761 echo " ! Server had memory errors"
762 let "srvmem++"
763 return
764 fi
765 fi
766
Manuel Pégourié-Gonnard87ae3032014-02-27 11:12:30 +0100[diff] [blame]767 rm -f srv_out
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]768}
769
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +0100[diff] [blame]770# kill the running server (used when killed by signal)
771cleanup() {
Manuel Pégourié-Gonnard87ae3032014-02-27 11:12:30 +0100[diff] [blame]772 rm -f srv_out cli_out
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +0100[diff] [blame]773 kill $PROCESS_ID
774 exit 1
775}
776
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]777# run_client <name> <cipher>
778run_client() {
Manuel Pégourié-Gonnard87ae3032014-02-27 11:12:30 +0100[diff] [blame]779 # announce what we're going to do
780 let "tests++"
781 VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
Manuel Pégourié-Gonnarde01af4c2014-03-25 14:16:44 +0100[diff] [blame]782 TITLE="${1:0:1}->${SERVER_NAME:0:1} $MODE,$VERIF $2"
783 echo -n "$TITLE "
Manuel Pégourié-Gonnard87ae3032014-02-27 11:12:30 +0100[diff] [blame]784 LEN=`echo "$TITLE" | wc -c`
785 LEN=`echo 72 - $LEN | bc`
786 for i in `seq 1 $LEN`; do echo -n '.'; done; echo -n ' '
787
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]788 # run the command and interpret result
789 case $1 in
790 [Oo]pen*)
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100[diff] [blame]791 CLIENT_CMD="$OPENSSL_CMD s_client $O_CLIENT_ARGS -cipher $2"
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]792 log "$CLIENT_CMD"
Manuel Pégourié-Gonnardba0b8442014-03-13 17:57:45 +0100[diff] [blame]793 echo "$CLIENT_CMD" > cli_out
794 ( echo -e 'GET HTTP/1.0'; echo; ) | $CLIENT_CMD >> cli_out 2>&1
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]795 EXIT=$?
796
797 if [ "$EXIT" == "0" ]; then
798 RESULT=0
799 else
Manuel Pégourié-Gonnard87ae3032014-02-27 11:12:30 +0100[diff] [blame]800 if grep 'Cipher is (NONE)' cli_out >/dev/null; then
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]801 RESULT=1
802 else
803 RESULT=2
804 fi
805 fi
806 ;;
807
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]808 [Gg]nu*)
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100[diff] [blame]809 CLIENT_CMD="$GNUTLS_CLI $G_CLIENT_ARGS --priority $G_PRIO_MODE:$2 localhost"
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]810 log "$CLIENT_CMD"
Manuel Pégourié-Gonnardba0b8442014-03-13 17:57:45 +0100[diff] [blame]811 echo "$CLIENT_CMD" > cli_out
812 ( echo -e 'GET HTTP/1.0'; echo; ) | $CLIENT_CMD >> cli_out 2>&1
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]813 EXIT=$?
814
815 if [ "$EXIT" == "0" ]; then
816 RESULT=0
817 else
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]818 RESULT=2
819 # interpret early failure, with a handshake_failure alert
820 # before the server hello, as "no ciphersuite in common"
821 if grep -F 'Received alert [40]: Handshake failed' cli_out; then
822 if grep -i 'SERVER HELLO .* was received' cli_out; then :
823 else
824 RESULT=1
825 fi
826 fi >/dev/null
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]827 fi
828 ;;
829
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]830 [Pp]olar*)
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]831 CLIENT_CMD="$P_CLI $P_CLIENT_ARGS force_ciphersuite=$2"
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]832 if [ "$MEMCHECK" -gt 0 ]; then
833 CLIENT_CMD="valgrind --leak-check=full $CLIENT_CMD"
834 fi
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]835 log "$CLIENT_CMD"
Manuel Pégourié-Gonnardba0b8442014-03-13 17:57:45 +0100[diff] [blame]836 echo "$CLIENT_CMD" > cli_out
837 $CLIENT_CMD >> cli_out 2>&1
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]838 EXIT=$?
839
840 case $EXIT in
841 "0") RESULT=0 ;;
842 "2") RESULT=1 ;;
843 *) RESULT=2 ;;
844 esac
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]845
846 if [ "$MEMCHECK" -gt 0 ]; then
847 if is_polar "$CLIENT_CMD" && has_mem_err cli_out; then
848 RESULT=2
849 fi
850 fi
851
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]852 ;;
853
854 *)
855 echo "error: invalid client name: $1" >&2
856 exit 1
857 ;;
858 esac
859
Manuel Pégourié-Gonnarde01af4c2014-03-25 14:16:44 +0100[diff] [blame]860 echo "EXIT: $EXIT" >> cli_out
861
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]862 # report and count result
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]863 case $RESULT in
864 "0")
Manuel Pégourié-Gonnard4145b892014-02-24 13:20:14 +0100[diff] [blame]865 echo PASS
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]866 ;;
867 "1")
Manuel Pégourié-Gonnard4145b892014-02-24 13:20:14 +0100[diff] [blame]868 echo SKIP
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]869 let "skipped++"
870 ;;
871 "2")
Manuel Pégourié-Gonnard4145b892014-02-24 13:20:14 +0100[diff] [blame]872 echo FAIL
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]873 cp srv_out c-srv-${tests}.log
874 cp cli_out c-cli-${tests}.log
875 echo " ! outputs saved to c-srv-${tests}.log, c-cli-${tests}.log"
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]876 let "failed++"
877 ;;
878 esac
Manuel Pégourié-Gonnard87ae3032014-02-27 11:12:30 +0100[diff] [blame]879
880 rm -f cli_out
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]881}
882
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]883#
884# MAIN
885#
886
Manuel Pégourié-Gonnard3947d042014-03-14 18:13:53 +0100[diff] [blame]887get_options "$@"
888
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]889# sanity checks, avoid an avalanche of errors
890if [ ! -x "$P_SRV" ]; then
Manuel Pégourié-Gonnard3947d042014-03-14 18:13:53 +0100[diff] [blame]891 echo "Command '$P_SRV' is not an executable file" >&2
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]892 exit 1
893fi
894if [ ! -x "$P_CLI" ]; then
Manuel Pégourié-Gonnard3947d042014-03-14 18:13:53 +0100[diff] [blame]895 echo "Command '$P_CLI' is not an executable file" >&2
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]896 exit 1
897fi
Manuel Pégourié-Gonnard3947d042014-03-14 18:13:53 +0100[diff] [blame]898
899if echo "$PEERS" | grep -i openssl > /dev/null; then
900 if which "$OPENSSL_CMD" >/dev/null 2>&1; then :; else
901 echo "Command '$OPENSSL_CMD' not found" >&2
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100[diff] [blame]902 exit 1
903 fi
Manuel Pégourié-Gonnard3947d042014-03-14 18:13:53 +0100[diff] [blame]904fi
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]905
Manuel Pégourié-Gonnard3947d042014-03-14 18:13:53 +0100[diff] [blame]906if echo "$PEERS" | grep -i gnutls > /dev/null; then
907 for CMD in "$GNUTLS_CLI" "$GNUTLS_SERV"; do
908 if which "$CMD" >/dev/null 2>&1; then :; else
909 echo "Command '$CMD' not found" >&2
910 exit 1
911 fi
912 done
913fi
914
915for PEER in $PEERS; do
916 case "$PEER" in
917 [Pp]olar*|[Oo]pen*|[Gg]nu*)
918 ;;
919 *)
920 echo "Unknown peers: $PEER" >&2
921 exit 1
922 esac
923done
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]924
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]925killall -q gnutls-serv openssl ssl_server ssl_server2
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +0100[diff] [blame]926trap cleanup INT TERM HUP
927
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]928for VERIFY in $VERIFIES; do
929 for MODE in $MODES; do
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]930 for TYPE in $TYPES; do
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]931 for PEER in $PEERS; do
Paul Bakker7e5e7ca2013-04-17 19:27:58 +0200[diff] [blame]932
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]933 setup_arguments
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]934
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]935 case "$PEER" in
Manuel Pégourié-Gonnardd3313192013-09-13 19:20:37 +0200[diff] [blame]936
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]937 [Oo]pen*)
Paul Bakker398cb512012-04-10 08:22:31 +0000[diff] [blame]938
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]939 reset_ciphersuites
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]940 add_common_ciphersuites
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]941 add_openssl_ciphersuites
942 filter_ciphersuites
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]943
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]944 if [ "X" != "X$P_CIPHERS" ]; then
945 start_server "OpenSSL"
946 for i in $P_CIPHERS; do
947 run_client PolarSSL $i
948 done
949 stop_server
950 fi
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]951
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]952 if [ "X" != "X$O_CIPHERS" ]; then
953 start_server "PolarSSL"
954 for i in $O_CIPHERS; do
955 run_client OpenSSL $i
956 done
957 stop_server
958 fi
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]959
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]960 ;;
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]961
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]962 [Gg]nu*)
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]963
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]964 reset_ciphersuites
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]965 add_common_ciphersuites
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]966 add_gnutls_ciphersuites
967 filter_ciphersuites
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]968
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]969 if [ "X" != "X$P_CIPHERS" ]; then
970 start_server "GnuTLS"
971 for i in $P_CIPHERS; do
972 run_client PolarSSL $i
973 done
974 stop_server
975 fi
976
977 if [ "X" != "X$G_CIPHERS" ]; then
978 start_server "PolarSSL"
979 for i in $G_CIPHERS; do
980 run_client GnuTLS $i
981 done
982 stop_server
983 fi
984
985 ;;
986
987 [Pp]olar*)
988
989 reset_ciphersuites
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]990 add_common_ciphersuites
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]991 add_openssl_ciphersuites
992 add_gnutls_ciphersuites
993 add_polarssl_ciphersuites
994 filter_ciphersuites
995
996 if [ "X" != "X$P_CIPHERS" ]; then
997 start_server "PolarSSL"
998 for i in $P_CIPHERS; do
999 run_client PolarSSL $i
1000 done
1001 stop_server
1002 fi
1003
1004 ;;
1005
Manuel Pégourié-Gonnarda1a9f9a2014-03-25 18:04:59 +0100[diff] [blame]1006 *)
1007 echo "Unkown peer: $PEER" >&2
1008 exit 1
1009 ;;
1010
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]1011 esac
1012
1013 done
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]1014 done
1015 done
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]1016done
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]1017
Manuel Pégourié-Gonnard4145b892014-02-24 13:20:14 +0100[diff] [blame]1018echo "------------------------------------------------------------------------"
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]1019
Manuel Pégourié-Gonnard563ad022014-04-08 11:56:35 +0200[diff] [blame]1020if (( failed != 0 || srvmem != 0 ));
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]1021then
1022 echo -n "FAILED"
1023else
1024 echo -n "PASSED"
1025fi
1026
Manuel Pégourié-Gonnardba0b8442014-03-13 17:57:45 +0100[diff] [blame]1027if [ "$MEMCHECK" -gt 0 ]; then
1028 MEMREPORT=", $srvmem server memory errors"
1029else
1030 MEMREPORT=""
1031fi
1032
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]1033let "passed = tests - failed"
Manuel Pégourié-Gonnardba0b8442014-03-13 17:57:45 +0100[diff] [blame]1034echo " ($passed / $tests tests ($skipped skipped$MEMREPORT))"
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]1035
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]1036let "failed += srvmem"
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]1037exit $failed