|
Packit |
aea12f |
#!/bin/sh
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
# Copyright (C) 2018 Red Hat, Inc.
|
|
Packit |
aea12f |
#
|
|
Packit |
aea12f |
# Author: Nikos Mavrogiannopoulos
|
|
Packit |
aea12f |
#
|
|
Packit |
aea12f |
# This file is part of GnuTLS.
|
|
Packit |
aea12f |
#
|
|
Packit |
aea12f |
# GnuTLS is free software; you can redistribute it and/or modify it
|
|
Packit |
aea12f |
# under the terms of the GNU General Public License as published by the
|
|
Packit |
aea12f |
# Free Software Foundation; either version 3 of the License, or (at
|
|
Packit |
aea12f |
# your option) any later version.
|
|
Packit |
aea12f |
#
|
|
Packit |
aea12f |
# GnuTLS is distributed in the hope that it will be useful, but
|
|
Packit |
aea12f |
# WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
aea12f |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
aea12f |
# General Public License for more details.
|
|
Packit |
aea12f |
#
|
|
Packit |
aea12f |
# You should have received a copy of the GNU Lesser General Public License
|
|
Packit |
aea12f |
# along with this program. If not, see <https://www.gnu.org/licenses/>
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
srcdir="${srcdir:-.}"
|
|
Packit |
aea12f |
SERV="${SERV:-../src/gnutls-serv${EXEEXT}}"
|
|
Packit |
aea12f |
CLI="${CLI:-../src/gnutls-cli${EXEEXT}}"
|
|
Packit |
aea12f |
unset RETCODE
|
|
Packit |
aea12f |
TMPFILE=crl-inv.$$.pem.tmp
|
|
Packit |
aea12f |
CAFILE=crl-inv-ca.$$.pem.tmp
|
|
Packit |
aea12f |
CRLFILE=crl-inv-crl.$$.pem.tmp
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if ! test -x "${SERV}"; then
|
|
Packit |
aea12f |
exit 77
|
|
Packit |
aea12f |
fi
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if ! test -x "${CLI}"; then
|
|
Packit |
aea12f |
exit 77
|
|
Packit |
aea12f |
fi
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if test "${WINDIR}" != ""; then
|
|
Packit |
aea12f |
exit 77
|
|
Packit |
aea12f |
fi
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
if ! test -z "${VALGRIND}"; then
|
|
Packit |
aea12f |
VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15"
|
|
Packit |
aea12f |
fi
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
SERV="${SERV} -q"
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
. "${srcdir}/scripts/common.sh"
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
check_for_datefudge
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
echo "Checking whether connecting to a server but with an invalid CRL provided, returns the expected error"
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
cat <<__EOF__ >${TMPFILE}
|
|
Packit |
aea12f |
-----BEGIN RSA PRIVATE KEY-----
|
|
Packit |
aea12f |
MIIEowIBAAKCAQEAxfNimQ1uOFXUSVCm0lBems4HpfLkW1Ykf5qLd9kdoHte7YAs
|
|
Packit |
aea12f |
BHjFPaPSdXitYI36YMwqVcXT6RDJa0mcAV3QmMMxAnpKq7LIDVC9BNgjc7Dq5ou5
|
|
Packit |
aea12f |
X2wNKrs3ygqg6HR87nJaw9TFqKetoP9mX37igBc2QWg5Fx6/Gem57hwD+mBEs+Hv
|
|
Packit |
aea12f |
jd7q4wDlLaNS/165DBECr5dDUAIVr0bh0+1s/rDzIpjuq1qtN7b0C1rmWlsyphYu
|
|
Packit |
aea12f |
aYm07X7x6hZcjvAoM3w5FLzbOnS6QrBeQOc2J6VBHqaHMKEVc+Dwt+Ggn0De0QCK
|
|
Packit |
aea12f |
ucQRUCO5DQDUZnVLZhUpObvm1cBvQd5Db15IiwIDAQABAoIBACUSqhqkC0p9uJ5q
|
|
Packit |
aea12f |
fnPRHYa8o24PCXmZrog/d3NgtE3EDUlJwfSscbRTpCzgBwiYTpYmZp9dx4xU2oQ/
|
|
Packit |
aea12f |
avpOiayykdE2+hkiCJmFz4DCwhD+x1+aN4OJhwXDvnUWfIBMoME/pYQbq1Ek5j3K
|
|
Packit |
aea12f |
1293IhB/SGgDjv2ngn7l6S6RDKWtYZry61oMEoVRy96FJ+88o5khlvfWE2zF2+M6
|
|
Packit |
aea12f |
T2qFbzO29oq++cDSIlgm9eSN6gG5uzZcxqTapEvWrRdKZfEqcyGJuysQbShrASvI
|
|
Packit |
aea12f |
GvJclewdnguBW2+X/bwABSEaG7AdPZJdfQJayk97gKJ8xpFZLY9auub7O/0z1CJi
|
|
Packit |
aea12f |
lFsj4LECgYEA5TY8Z73ODtR87HEE3uUqiix4wPO4yJXWfZUwxNAyet2Jx5e5HYvL
|
|
Packit |
aea12f |
iEkbZdadlKtSoPTnVSu6OZxhWZVBS5WoxxijBneDvh7I6gN8eVtch9EJVmJig6Eg
|
|
Packit |
aea12f |
kHTo5Z2ZwheGe/RxB3ml3IT2IAdr5+QE6CfVBNA0fzVTItCLgO3YI/8CgYEA3RXZ
|
|
Packit |
aea12f |
yskckcbCr1rceRmQ8CPbKg1bWGujLMpTILW0/Ii51PMredyG3E063G4kbMOFRmVj
|
|
Packit |
aea12f |
eI5AFgZX7w5N4vjaf8PbOhsqrQvQ/UglB1fD0tLX8LgF9xwh7P1Y4VLHFMEGJUy1
|
|
Packit |
aea12f |
PEGVCT0FIe2REGxAmyELaP8SSvW8fGjXJSp2K3UCgYBSlq5BOxTKJyo0D60Pm0cu
|
|
Packit |
aea12f |
rkN8UtUcAVFdwqnl4Javyq9gaXzb9okJvD3Q/fmdnfWR5WyNNcpOA9jX7H2wfGZq
|
|
Packit |
aea12f |
BqiHJf0kPfdqyoLJP3Ahx+IzbBPPFfmj01wvkA/c7ZkZhMRNSznGMWp1s/bfgTt7
|
|
Packit |
aea12f |
Yw7QQy0HQPGJs9bwR8L/hQKBgQCXFvvEbjSsG12pYTsTN7mpo5d/4ajvgH//eDXf
|
|
Packit |
aea12f |
QM7zVq1JLvYjTeaMX+s+Abe67NQEC/4ywWRiqOsnYGsyFkec0UjdKPu9TzoAHnHP
|
|
Packit |
aea12f |
1tbpGVaiF+Fbw0ocH/fB5URQlqmQjB+/kkI8EguT6DsfMhvk6GxX0Rm7SL0LeMqv
|
|
Packit |
aea12f |
h5lCkQKBgAR2U6cjbzJRhDyEOmUJH2keYHDwWUMx8ypvfhbPiPJyTC2sDcRrMrnO
|
|
Packit |
aea12f |
WB3NtiB88aLFPjZ7sFZYE5plCESGkxK4Y21/UJHlw3I7X4JKYslE7dMq8Qzbv58r
|
|
Packit |
aea12f |
23fZkHop4UJ1bHk7O4FRL3brU6KlIzZTOXzEeP+MRRehhwzkwpxf
|
|
Packit |
aea12f |
-----END RSA PRIVATE KEY-----
|
|
Packit |
aea12f |
-----BEGIN CERTIFICATE-----
|
|
Packit |
aea12f |
MIIDiTCCAkGgAwIBAgIUEOtG5aJHVFm4ARA8uv4bJ/OqL4YwPQYJKoZIhvcNAQEK
|
|
Packit |
aea12f |
MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC
|
|
Packit |
aea12f |
AUAwDzENMAsGA1UEAxMEQ0EtMDAgFw0xODA5MTgwNjQyMzdaGA85OTk5MTIzMTIz
|
|
Packit |
aea12f |
NTk1OVowEzERMA8GA1UEAxMIc2VydmVyLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
|
|
Packit |
aea12f |
DwAwggEKAoIBAQDF82KZDW44VdRJUKbSUF6azgel8uRbViR/mot32R2ge17tgCwE
|
|
Packit |
aea12f |
eMU9o9J1eK1gjfpgzCpVxdPpEMlrSZwBXdCYwzECekqrssgNUL0E2CNzsOrmi7lf
|
|
Packit |
aea12f |
bA0quzfKCqDodHzuclrD1MWop62g/2ZffuKAFzZBaDkXHr8Z6bnuHAP6YESz4e+N
|
|
Packit |
aea12f |
3urjAOUto1L/XrkMEQKvl0NQAhWvRuHT7Wz+sPMimO6rWq03tvQLWuZaWzKmFi5p
|
|
Packit |
aea12f |
ibTtfvHqFlyO8CgzfDkUvNs6dLpCsF5A5zYnpUEepocwoRVz4PC34aCfQN7RAIq5
|
|
Packit |
aea12f |
xBFQI7kNANRmdUtmFSk5u+bVwG9B3kNvXkiLAgMBAAGjdzB1MAwGA1UdEwEB/wQC
|
|
Packit |
aea12f |
MAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0O
|
|
Packit |
aea12f |
BBYEFJVJTYVERYv5/qI31HwTDqATv4GRMB8GA1UdIwQYMBaAFBnn35UaLvLuW/YH
|
|
Packit |
aea12f |
E3v2gKntMzNNMD0GCSqGSIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIBoRowGAYJKoZI
|
|
Packit |
aea12f |
hvcNAQEIMAsGCWCGSAFlAwQCAaIDAgFAA4IBAQCPVloFdhqdJqGjhxpl2Wv2ftD3
|
|
Packit |
aea12f |
w+IeHSqURyCeijUCIOkqMlA3085nuoULiJ0p1ryi8rRWOvNjRsRQ30/lnLsxfmMh
|
|
Packit |
aea12f |
oVR+g9uq0YZcFqkeRL5aDTrfJZWFeVSqXuuJvhyw1el5hs4bDSahMFB+dx2G+3zX
|
|
Packit |
aea12f |
Ycd4Sq3sXDkdLnfD9GSeVvvbzAb7Z7qD1cdh1HaEnX2fsXT69czsFiaTgknr3Vxc
|
|
Packit |
aea12f |
P0yFZVNCT360EVsduLkLWnCqZYVWWDFUlut7SOwhsYUx2ZOoM4RuBy+uDF2PM8BP
|
|
Packit |
aea12f |
BkgYEHeWFA31nnwBNePyvWrAZ1DguOvnETSMB/+8zDX3+teNZNNdTVTQ6ypQ
|
|
Packit |
aea12f |
-----END CERTIFICATE-----
|
|
Packit |
aea12f |
-----BEGIN CERTIFICATE-----
|
|
Packit |
aea12f |
MIIDgTCCAjmgAwIBAgIUE8klaC2IZj3Tr2/jEVEiJGj8piYwPQYJKoZIhvcNAQEK
|
|
Packit |
aea12f |
MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC
|
|
Packit |
aea12f |
AUAwDzENMAsGA1UEAxMEQ0EtMDAgFw0xODA5MTgwNjQyMzdaGA85OTk5MTIzMTIz
|
|
Packit |
aea12f |
NTk1OVowDzENMAsGA1UEAxMEQ0EtMDCCAVIwPQYJKoZIhvcNAQEKMDCgDTALBglg
|
|
Packit |
aea12f |
hkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCAUADggEPADCC
|
|
Packit |
aea12f |
AQoCggEBALUJWYFxTq3vWG+hZq8KsRe0YRf5pqftxR21uZ7MSr25Muo7/s69toZG
|
|
Packit |
aea12f |
7SaV1ZFp2n+Njm96nRLDqCc7cnaPLpKeMBFI84pQOYMdJs2mxs7wrBvejTBpxw3f
|
|
Packit |
aea12f |
o1L2cJWznXZwvDQd+iz3qt62kF53tjpUzQ0Cqn6AMU961+H99Tq39iONcAvmTYeT
|
|
Packit |
aea12f |
Bf+P4jhg3h5cOkdhsB4zrr0ek0OdgSdHiTIWvmYbEvizwhBc8pLOc007FkslqlQ5
|
|
Packit |
aea12f |
b7Fplx/B+v/etqUoW7/742phxJhTjhRW75BWoCiQyhglwUfpDv0tXnMXousXdwaQ
|
|
Packit |
aea12f |
Ao1EM1v/OCsYj/U2u10Bo/5y1q6Jjz8CAwEAAaNDMEEwDwYDVR0TAQH/BAUwAwEB
|
|
Packit |
aea12f |
/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBQZ59+VGi7y7lv2BxN79oCp7TMz
|
|
Packit |
aea12f |
TTA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDAL
|
|
Packit |
aea12f |
BglghkgBZQMEAgGiAwIBQAOCAQEAMAgvcHqmjz1Ox5USoup5pe6HWPKtOR5pVGX2
|
|
Packit |
aea12f |
1zAk1wq7GoTKvo5QA6HtNR0ex1A2//XhklAKcqsIv1ELEh/3K/L0dEuaN4Zs784e
|
|
Packit |
aea12f |
zaP0g/Ax6X3ClrHgARA4FA6MtaQblezj+7Zfc6cg1gKtfYleiOoK/Q+kk6JxOYAH
|
|
Packit |
aea12f |
Lz9MF/6bZ8mYJQv8DURSp2p5NVWSEjbQV5IG2dw/eknZtbFaN5b+db3eVtrK0ZeS
|
|
Packit |
aea12f |
l1e3hTwopCLNoh4qHUW/qKl0l1Gt7kPPxAsRReOxdcb1Pv73iuK7w5wbPyyWp0kM
|
|
Packit |
aea12f |
FQj9tqRIMQZIer3gaURWG8OZfntCAvtlSSwc1PjwLBXO9ZvNBw==
|
|
Packit |
aea12f |
-----END CERTIFICATE-----
|
|
Packit |
aea12f |
__EOF__
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
cat <<__EOF__ >${CRLFILE}
|
|
Packit |
aea12f |
-----BEGIN X509 CRL-----
|
|
Packit |
aea12f |
MIIB/TCBtgIBATA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqG
|
|
Packit |
aea12f |
SIb3DQEBCDALBglghkgBZQMEAgGiAwIBQDAPMQ0wCwYDVQQDEwRDQS0wFw0xODA5
|
|
Packit |
aea12f |
MTgwNjQyMzdaFw0xOTA5MTgwNjQyMzdaMACgQTA/MB8GA1UdIwQYMBaAFBnn35Ua
|
|
Packit |
aea12f |
LvLuW/YHE3v2gKntMzNNMBwGA1UdFAQVAhNboJ5dKaGvdv1Vo9o1XXTbeiMKMD0G
|
|
Packit |
aea12f |
CSqGSIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCG
|
|
Packit |
aea12f |
SAFlAwQCAaIDAgFAA4IBAQBgodBpVGTDHV4HBSgNPUnz7BH/BdRX1OPB8oYclDtv
|
|
Packit |
aea12f |
l0xTzRR4qm/dMU3N3iH7vMk2y8U/TwD7NueyUnumt0vATTfjR2cle5lu2czksYsR
|
|
Packit |
aea12f |
e4As9cI5cb4Sk+cf3/HyAVwnmZemTAA+cAJHkL6p7E+mSUoBVB6m8h8d6RH8jXmO
|
|
Packit |
aea12f |
BXBE3z1xVITqahDdD6sLaR5jpnOtg/1nBAW8Hzr2p8tjEwhI8TCfZXbL9Q6fZtTr
|
|
Packit |
aea12f |
apDrIx0D/G4hDKmmtQeY2q3RCOSJldg4YzUjjuhWs6BahHj9jDJpz02180ao7bda
|
|
Packit |
aea12f |
eoNetNEqNvBvFvkO9gtgSzOzS34taiMpkIBwBbCNkm4p
|
|
Packit |
aea12f |
-----END X509 CRL-----
|
|
Packit |
aea12f |
__EOF__
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
cat <<__EOF__ >${CAFILE}
|
|
Packit |
aea12f |
-----BEGIN CERTIFICATE-----
|
|
Packit |
aea12f |
MIIDgTCCAjmgAwIBAgIUE8klaC2IZj3Tr2/jEVEiJGj8piYwPQYJKoZIhvcNAQEK
|
|
Packit |
aea12f |
MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC
|
|
Packit |
aea12f |
AUAwDzENMAsGA1UEAxMEQ0EtMDAgFw0xODA5MTgwNjQyMzdaGA85OTk5MTIzMTIz
|
|
Packit |
aea12f |
NTk1OVowDzENMAsGA1UEAxMEQ0EtMDCCAVIwPQYJKoZIhvcNAQEKMDCgDTALBglg
|
|
Packit |
aea12f |
hkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCAUADggEPADCC
|
|
Packit |
aea12f |
AQoCggEBALUJWYFxTq3vWG+hZq8KsRe0YRf5pqftxR21uZ7MSr25Muo7/s69toZG
|
|
Packit |
aea12f |
7SaV1ZFp2n+Njm96nRLDqCc7cnaPLpKeMBFI84pQOYMdJs2mxs7wrBvejTBpxw3f
|
|
Packit |
aea12f |
o1L2cJWznXZwvDQd+iz3qt62kF53tjpUzQ0Cqn6AMU961+H99Tq39iONcAvmTYeT
|
|
Packit |
aea12f |
Bf+P4jhg3h5cOkdhsB4zrr0ek0OdgSdHiTIWvmYbEvizwhBc8pLOc007FkslqlQ5
|
|
Packit |
aea12f |
b7Fplx/B+v/etqUoW7/742phxJhTjhRW75BWoCiQyhglwUfpDv0tXnMXousXdwaQ
|
|
Packit |
aea12f |
Ao1EM1v/OCsYj/U2u10Bo/5y1q6Jjz8CAwEAAaNDMEEwDwYDVR0TAQH/BAUwAwEB
|
|
Packit |
aea12f |
/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBQZ59+VGi7y7lv2BxN79oCp7TMz
|
|
Packit |
aea12f |
TTA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDAL
|
|
Packit |
aea12f |
BglghkgBZQMEAgGiAwIBQAOCAQEAMAgvcHqmjz1Ox5USoup5pe6HWPKtOR5pVGX2
|
|
Packit |
aea12f |
1zAk1wq7GoTKvo5QA6HtNR0ex1A2//XhklAKcqsIv1ELEh/3K/L0dEuaN4Zs784e
|
|
Packit |
aea12f |
zaP0g/Ax6X3ClrHgARA4FA6MtaQblezj+7Zfc6cg1gKtfYleiOoK/Q+kk6JxOYAH
|
|
Packit |
aea12f |
Lz9MF/6bZ8mYJQv8DURSp2p5NVWSEjbQV5IG2dw/eknZtbFaN5b+db3eVtrK0ZeS
|
|
Packit |
aea12f |
l1e3hTwopCLNoh4qHUW/qKl0l1Gt7kPPxAsRReOxdcb1Pv73iuK7w5wbPyyWp0kM
|
|
Packit |
aea12f |
FQj9tqRIMQZIer3gaURWG8OZfntCAvtlSSwc1PjwLBXO9ZvNBw==
|
|
Packit |
aea12f |
-----END CERTIFICATE-----
|
|
Packit |
aea12f |
__EOF__
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
eval "${GETPORT}"
|
|
Packit |
aea12f |
launch_server $$ --echo --x509keyfile ${TMPFILE} --x509certfile ${TMPFILE}
|
|
Packit |
aea12f |
PID=$!
|
|
Packit |
aea12f |
wait_server ${PID}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
datefudge "2018-9-19" \
|
|
Packit |
aea12f |
${VALGRIND} "${CLI}" -p "${PORT}" localhost --x509crlfile ${CRLFILE} --x509cafile ${CAFILE} >${TMPFILE} 2>&1
|
|
Packit |
aea12f |
fail ${PID} "1. handshake should have failed!"
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
kill ${PID}
|
|
Packit |
aea12f |
wait
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
grep -E "Error setting the x509 CRL file: Error in the CRL verification.[[:space:]]*\$" ${TMPFILE}
|
|
Packit |
aea12f |
if ! test $? = 0;then
|
|
Packit |
aea12f |
echo "Did not find the expected error code"
|
|
Packit |
aea12f |
cat ${TMPFILE}
|
|
Packit |
aea12f |
exit 1
|
|
Packit |
aea12f |
fi
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
rm -f ${TMPFILE} ${CAFILE} ${CRLFILE}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
exit 0
|