|
Packit Service |
4684c1 |
#!/bin/sh
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
# Copyright (C) 2017 Thomas Klute
|
|
Packit Service |
4684c1 |
#
|
|
Packit Service |
4684c1 |
# Author: Thomas Klute
|
|
Packit Service |
4684c1 |
#
|
|
Packit Service |
4684c1 |
# This file is part of GnuTLS.
|
|
Packit Service |
4684c1 |
#
|
|
Packit Service |
4684c1 |
# GnuTLS is free software; you can redistribute it and/or modify it
|
|
Packit Service |
4684c1 |
# under the terms of the GNU General Public License as published by the
|
|
Packit Service |
4684c1 |
# Free Software Foundation; either version 3 of the License, or (at
|
|
Packit Service |
4684c1 |
# your option) any later version.
|
|
Packit Service |
4684c1 |
#
|
|
Packit Service |
4684c1 |
# GnuTLS is distributed in the hope that it will be useful, but
|
|
Packit Service |
4684c1 |
# WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit Service |
4684c1 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit Service |
4684c1 |
# General Public License for more details.
|
|
Packit Service |
4684c1 |
#
|
|
Packit Service |
4684c1 |
# You should have received a copy of the GNU Lesser General Public License
|
|
Packit Service |
4684c1 |
# along with this program. If not, see <https://www.gnu.org/licenses/>
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
srcdir="${srcdir:-.}"
|
|
Packit Service |
4684c1 |
SERV="${SERV:-../src/gnutls-serv${EXEEXT}}"
|
|
Packit Service |
4684c1 |
CLI="${CLI:-../src/gnutls-cli${EXEEXT}}"
|
|
Packit Service |
4684c1 |
unset RETCODE
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if ! test -x "${SERV}"; then
|
|
Packit Service |
4684c1 |
exit 77
|
|
Packit Service |
4684c1 |
fi
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if ! test -x "${CLI}"; then
|
|
Packit Service |
4684c1 |
exit 77
|
|
Packit Service |
4684c1 |
fi
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if test "${WINDIR}" != ""; then
|
|
Packit Service |
4684c1 |
exit 77
|
|
Packit Service |
4684c1 |
fi
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if ! test -z "${VALGRIND}"; then
|
|
Packit Service |
4684c1 |
VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15"
|
|
Packit Service |
4684c1 |
fi
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
SERV="${SERV} -q"
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
. "${srcdir}/scripts/common.sh"
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
PRIORITY="NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+ANON-ECDH"
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
echo "Checking if the SNI extension is parsed in gnutls-serv during" \
|
|
Packit Service |
4684c1 |
"cache-based session resumption"
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
TMPFILE="servoutput.$$.tmp"
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
eval "${GETPORT}"
|
|
Packit Service |
4684c1 |
launch_server $$ --echo --priority ${PRIORITY} --sni-hostname-fatal \
|
|
Packit Service |
4684c1 |
--sni-hostname server.example.com --noticket 2>${TMPFILE}
|
|
Packit Service |
4684c1 |
PID=$!
|
|
Packit Service |
4684c1 |
wait_server ${PID}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --sni-hostname server.example.com \
|
|
Packit Service |
4684c1 |
--priority ${PRIORITY} </dev/null >/dev/null \
|
|
Packit Service |
4684c1 |
--resume \
|
|
Packit Service |
4684c1 |
|| fail ${PID} "connection and resumption should have succeeded!"
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
kill ${PID}
|
|
Packit Service |
4684c1 |
wait
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret=0
|
|
Packit Service |
4684c1 |
cat "${TMPFILE}"
|
|
Packit Service |
4684c1 |
# The --sni-hostname-fatal option rejects only clients which send a
|
|
Packit Service |
4684c1 |
# server name that does not match the expected one, not clients that
|
|
Packit Service |
4684c1 |
# do not send an SNI extension at all. Check if the server logged a
|
|
Packit Service |
4684c1 |
# missing extension.
|
|
Packit Service |
4684c1 |
if grep "client did not include SNI extension" "${TMPFILE}" >/dev/null; then
|
|
Packit Service |
4684c1 |
ret=1
|
|
Packit Service |
4684c1 |
echo "SNI data missing unexpectedly!"
|
|
Packit Service |
4684c1 |
fi
|
|
Packit Service |
4684c1 |
rm "${TMPFILE}"
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
exit ${ret}
|