TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / 8520dac292912e1559d7ec3b4fddfdce15d4adf8 / . / tests / ssl-opt.sh
blob: 83c4d2a74de2c8325cc26830f5a9351b1973eba8 [file] [log] [blame]
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]1#!/bin/sh
2
3# Test various options that are not covered by compat.sh
4#
5# Here the goal is not to cover every ciphersuite/version, but
6# rather specific options (max fragment length, truncated hmac, etc)
7# or procedures (session resumption from cache or ticket, renego, etc).
8#
9# Assumes all options are compiled in.
10
11PROGS_DIR='../programs/ssl'
12SRV_CMD="$PROGS_DIR/ssl_server2"
13CLI_CMD="$PROGS_DIR/ssl_client2"
14
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100[diff] [blame]15TESTS=0
16FAILS=0
17
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100[diff] [blame]18# print_name <name>
19print_name() {
20 echo -n "$1 "
21 LEN=`echo "$1" | wc -c`
22 LEN=`echo 72 - $LEN | bc`
23 for i in `seq 1 $LEN`; do echo -n '.'; done
24 echo -n ' '
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100[diff] [blame]25
26 TESTS=`echo $TESTS + 1 | bc`
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100[diff] [blame]27}
28
29# fail <message>
30fail() {
31 echo "FAIL"
32 echo " $1"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100[diff] [blame]33
34 cp srv_out srv-${TESTS}.log
35 cp cli_out cli-${TESTS}.log
36 echo " outputs saved to srv-${TESTS}.log and cli-${TESTS}.log"
37
38 FAILS=`echo $FAILS + 1 | bc`
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100[diff] [blame]39}
40
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]41# Usage: run_test name srv_args cli_args cli_exit [option [...]]
42# Options: -s pattern pattern that must be present in server output
43# -c pattern pattern that must be present in client output
44# -S pattern pattern that must be absent in server output
45# -C pattern pattern that must be absent in client output
46run_test() {
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100[diff] [blame]47 print_name "$1"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]48 shift
49
50 # run the commands
51 $SRV_CMD $1 > srv_out &
52 SRV_PID=$!
53 sleep 1
54 $CLI_CMD $2 > cli_out
55 CLI_EXIT=$?
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +0100[diff] [blame^]56 echo SERVERQUIT | openssl s_client -no_ticket \
57 -cert data_files/cli2.crt -key data_files/cli2.key \
58 >/dev/null 2>&1
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]59 wait $SRV_PID
60 shift 2
61
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100[diff] [blame]62 # check server exit code
63 if [ $? != 0 ]; then
64 fail "server fail"
65 return
66 fi
67
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]68 # check client exit code
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +0100[diff] [blame]69 if [ \( "$1" = 0 -a "$CLI_EXIT" != 0 \) -o \
70 \( "$1" != 0 -a "$CLI_EXIT" = 0 \) ]
71 then
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +0100[diff] [blame^]72 fail "bad client exit code"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]73 return
74 fi
75 shift
76
77 # check options
78 while [ $# -gt 0 ]
79 do
80 case $1 in
81 "-s")
82 if grep "$2" srv_out >/dev/null; then :; else
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100[diff] [blame]83 fail "-s $2"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]84 return
85 fi
86 ;;
87
88 "-c")
89 if grep "$2" cli_out >/dev/null; then :; else
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100[diff] [blame]90 fail "-c $2"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]91 return
92 fi
93 ;;
94
95 "-S")
96 if grep "$2" srv_out >/dev/null; then
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100[diff] [blame]97 fail "-S $2"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]98 return
99 fi
100 ;;
101
102 "-C")
103 if grep "$2" cli_out >/dev/null; then
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100[diff] [blame]104 fail "-C $2"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]105 return
106 fi
107 ;;
108
109 *)
110 echo "Unkown test: $1" >&2
111 exit 1
112 esac
113 shift 2
114 done
115
116 # if we're here, everything is ok
117 echo "PASS"
118 rm -r srv_out cli_out
119}
120
121killall -q openssl ssl_server ssl_server2
122
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +0100[diff] [blame]123# Tests for Truncated HMAC extension
124
125run_test "Truncated HMAC #0" \
126 "debug_level=5" \
127 "trunc_hmac=0 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
128 0 \
129 -s "dumping 'computed mac' (20 bytes)"
130
131run_test "Truncated HMAC #1" \
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]132 "debug_level=5" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +0100[diff] [blame]133 "trunc_hmac=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]134 0 \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +0100[diff] [blame]135 -s "dumping 'computed mac' (10 bytes)"
136
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +0100[diff] [blame]137# Tests for Session Tickets
138
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +0100[diff] [blame]139run_test "Session resume using tickets #1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +0100[diff] [blame]140 "debug_level=4 tickets=1" \
Manuel Pégourié-Gonnarddbe1ee12014-02-21 09:18:13 +0100[diff] [blame]141 "debug_level=4 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +0100[diff] [blame]142 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +0100[diff] [blame]143 -c "client hello, adding session ticket extension" \
144 -s "found session ticket extension" \
145 -s "server hello, adding session ticket extension" \
146 -c "found session_ticket extension" \
147 -c "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +0100[diff] [blame]148 -S "session successfully restored from cache" \
149 -s "session successfully restored from ticket" \
150 -s "a session has been resumed" \
151 -c "a session has been resumed"
152
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +0100[diff] [blame]153run_test "Session resume using tickets #2" \
154 "debug_level=4 tickets=1 cache_max=0" \
Manuel Pégourié-Gonnarddbe1ee12014-02-21 09:18:13 +0100[diff] [blame]155 "debug_level=4 tickets=1 reconnect=1" \
156 0 \
157 -c "client hello, adding session ticket extension" \
158 -s "found session ticket extension" \
159 -s "server hello, adding session ticket extension" \
160 -c "found session_ticket extension" \
161 -c "parse new session ticket" \
162 -S "session successfully restored from cache" \
163 -s "session successfully restored from ticket" \
164 -s "a session has been resumed" \
165 -c "a session has been resumed"
166
167run_test "Session resume using tickets #3" \
168 "debug_level=4 tickets=1 cache_max=0 ticket_timeout=1" \
169 "debug_level=4 tickets=1 reconnect=1 reco_delay=2" \
170 0 \
171 -c "client hello, adding session ticket extension" \
172 -s "found session ticket extension" \
173 -s "server hello, adding session ticket extension" \
174 -c "found session_ticket extension" \
175 -c "parse new session ticket" \
176 -S "session successfully restored from cache" \
177 -S "session successfully restored from ticket" \
178 -S "a session has been resumed" \
179 -C "a session has been resumed"
180
181run_test "Session resume using tickets #4" \
182 "debug_level=4 tickets=1 cache_max=0 ticket_timeout=2" \
183 "debug_level=4 tickets=1 reconnect=1 reco_delay=0" \
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +0100[diff] [blame]184 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +0100[diff] [blame]185 -c "client hello, adding session ticket extension" \
186 -s "found session ticket extension" \
187 -s "server hello, adding session ticket extension" \
188 -c "found session_ticket extension" \
189 -c "parse new session ticket" \
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +0100[diff] [blame]190 -S "session successfully restored from cache" \
191 -s "session successfully restored from ticket" \
192 -s "a session has been resumed" \
193 -c "a session has been resumed"
194
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +0100[diff] [blame]195# Tests for Session Resume based on session-ID and cache
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +0100[diff] [blame]196
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +0100[diff] [blame]197run_test "Session resume using cache #1 (tickets enabled on client)" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +0100[diff] [blame]198 "debug_level=4 tickets=0" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +0100[diff] [blame]199 "debug_level=4 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +0100[diff] [blame]200 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +0100[diff] [blame]201 -c "client hello, adding session ticket extension" \
202 -s "found session ticket extension" \
203 -S "server hello, adding session ticket extension" \
204 -C "found session_ticket extension" \
205 -C "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +0100[diff] [blame]206 -s "session successfully restored from cache" \
207 -S "session successfully restored from ticket" \
208 -s "a session has been resumed" \
209 -c "a session has been resumed"
210
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +0100[diff] [blame]211run_test "Session resume using cache #2 (tickets enabled on server)" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +0100[diff] [blame]212 "debug_level=4 tickets=1" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +0100[diff] [blame]213 "debug_level=4 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +0100[diff] [blame]214 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +0100[diff] [blame]215 -C "client hello, adding session ticket extension" \
216 -S "found session ticket extension" \
217 -S "server hello, adding session ticket extension" \
218 -C "found session_ticket extension" \
219 -C "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +0100[diff] [blame]220 -s "session successfully restored from cache" \
221 -S "session successfully restored from ticket" \
222 -s "a session has been resumed" \
223 -c "a session has been resumed"
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +0100[diff] [blame]224
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +0100[diff] [blame]225run_test "Session resume using cache #3 (cache_max=0)" \
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +0100[diff] [blame]226 "debug_level=4 tickets=0 cache_max=0" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +0100[diff] [blame]227 "debug_level=4 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +0100[diff] [blame]228 0 \
229 -S "session successfully restored from cache" \
230 -S "session successfully restored from ticket" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +0100[diff] [blame]231 -S "a session has been resumed" \
232 -C "a session has been resumed"
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +0100[diff] [blame]233
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +0100[diff] [blame]234run_test "Session resume using cache #4 (cache_max=1)" \
235 "debug_level=4 tickets=0 cache_max=1" \
236 "debug_level=4 tickets=0 reconnect=1" \
237 0 \
238 -s "session successfully restored from cache" \
239 -S "session successfully restored from ticket" \
240 -s "a session has been resumed" \
241 -c "a session has been resumed"
242
243run_test "Session resume using cache #5 (timemout > delay)" \
244 "debug_level=4 tickets=0 cache_timeout=1" \
245 "debug_level=4 tickets=0 reconnect=1 reco_delay=0" \
246 0 \
247 -s "session successfully restored from cache" \
248 -S "session successfully restored from ticket" \
249 -s "a session has been resumed" \
250 -c "a session has been resumed"
251
252run_test "Session resume using cache #6 (timeout < delay)" \
253 "debug_level=4 tickets=0 cache_timeout=1" \
254 "debug_level=4 tickets=0 reconnect=1 reco_delay=2" \
255 0 \
256 -S "session successfully restored from cache" \
257 -S "session successfully restored from ticket" \
258 -S "a session has been resumed" \
259 -C "a session has been resumed"
260
261run_test "Session resume using cache #7 (no timeout)" \
262 "debug_level=4 tickets=0 cache_timeout=0" \
263 "debug_level=4 tickets=0 reconnect=1 reco_delay=2" \
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +0100[diff] [blame]264 0 \
265 -s "session successfully restored from cache" \
266 -S "session successfully restored from ticket" \
267 -s "a session has been resumed" \
268 -c "a session has been resumed"
269
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +0100[diff] [blame]270# Tests for Max Fragment Length extension
271
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +0100[diff] [blame]272run_test "Max fragment length #1" \
273 "debug_level=4" \
274 "debug_level=4" \
275 0 \
276 -C "client hello, adding max_fragment_length extension" \
277 -S "found max fragment length extension" \
278 -S "server hello, max_fragment_length extension" \
279 -C "found max_fragment_length extension"
280
281run_test "Max fragment length #2" \
282 "debug_level=4" \
283 "debug_level=4 max_frag_len=4096" \
284 0 \
285 -c "client hello, adding max_fragment_length extension" \
286 -s "found max fragment length extension" \
287 -s "server hello, max_fragment_length extension" \
288 -c "found max_fragment_length extension"
289
290run_test "Max fragment length #3" \
291 "debug_level=4 max_frag_len=4096" \
292 "debug_level=4" \
293 0 \
294 -C "client hello, adding max_fragment_length extension" \
295 -S "found max fragment length extension" \
296 -S "server hello, max_fragment_length extension" \
297 -C "found max_fragment_length extension"
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +0100[diff] [blame]298
299# Tests for renegotiation
300
301run_test "Renegotiation #0 (none)" \
302 "debug_level=4" \
303 "debug_level=4" \
304 0 \
305 -C "client hello, adding renegotiation extension" \
306 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
307 -S "found renegotiation extension" \
308 -s "server hello, secure renegotiation extension" \
309 -c "found renegotiation extension" \
310 -C "renegotiate" \
311 -S "renegotiate" \
312 -S "write hello request"
313
314run_test "Renegotiation #1 (enabled, client-initiated)" \
315 "debug_level=4" \
316 "debug_level=4 renegotiate=1" \
317 0 \
318 -c "client hello, adding renegotiation extension" \
319 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
320 -s "found renegotiation extension" \
321 -s "server hello, secure renegotiation extension" \
322 -c "found renegotiation extension" \
323 -c "renegotiate" \
324 -s "renegotiate" \
325 -S "write hello request"
326
327run_test "Renegotiation #2 (enabled, server-initiated)" \
328 "debug_level=4 renegotiate=1" \
329 "debug_level=4" \
330 0 \
331 -c "client hello, adding renegotiation extension" \
332 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
333 -s "found renegotiation extension" \
334 -s "server hello, secure renegotiation extension" \
335 -c "found renegotiation extension" \
336 -c "renegotiate" \
337 -s "renegotiate" \
338 -s "write hello request"
339
340run_test "Renegotiation #3 (enabled, double)" \
341 "debug_level=4 renegotiate=1" \
342 "debug_level=4 renegotiate=1" \
343 0 \
344 -c "client hello, adding renegotiation extension" \
345 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
346 -s "found renegotiation extension" \
347 -s "server hello, secure renegotiation extension" \
348 -c "found renegotiation extension" \
349 -c "renegotiate" \
350 -s "renegotiate" \
351 -s "write hello request"
352
353run_test "Renegotiation #4 (client-initiated, server-rejected)" \
354 "debug_level=4 renegotiation=0" \
355 "debug_level=4 renegotiate=1" \
356 1 \
357 -c "client hello, adding renegotiation extension" \
358 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
359 -S "found renegotiation extension" \
360 -s "server hello, secure renegotiation extension" \
361 -c "found renegotiation extension" \
362 -c "renegotiate" \
363 -S "renegotiate" \
364 -S "write hello request"
365
366run_test "Renegotiation #5 (server-initiated, client-rejected)" \
367 "debug_level=4 renegotiate=1" \
368 "debug_level=4 renegotiation=0" \
369 0 \
370 -C "client hello, adding renegotiation extension" \
371 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
372 -S "found renegotiation extension" \
373 -s "server hello, secure renegotiation extension" \
374 -c "found renegotiation extension" \
375 -C "renegotiate" \
376 -S "renegotiate" \
377 -s "write hello request" \
378 -s "SSL - An unexpected message was received from our peer" \
379 -s "failed"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100[diff] [blame]380
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +0100[diff] [blame^]381# Tests for auth_mode
382
383run_test "Authentication #1 (server badcert, client required)" \
384 "crt_file=data_files/server5-badsign.crt \
385 key_file=data_files/server5.key" \
386 "debug_level=2 auth_mode=required" \
387 1 \
388 -c "x509_verify_cert() returned" \
389 -c "! self-signed or not signed by a trusted CA" \
390 -c "! ssl_handshake returned" \
391 -c "X509 - Certificate verification failed"
392
393run_test "Authentication #2 (server badcert, client optional)" \
394 "crt_file=data_files/server5-badsign.crt \
395 key_file=data_files/server5.key" \
396 "debug_level=2 auth_mode=optional" \
397 0 \
398 -c "x509_verify_cert() returned" \
399 -c "! self-signed or not signed by a trusted CA" \
400 -C "! ssl_handshake returned" \
401 -C "X509 - Certificate verification failed"
402
403run_test "Authentication #3 (server badcert, client none)" \
404 "crt_file=data_files/server5-badsign.crt \
405 key_file=data_files/server5.key" \
406 "debug_level=2 auth_mode=none" \
407 0 \
408 -C "x509_verify_cert() returned" \
409 -C "! self-signed or not signed by a trusted CA" \
410 -C "! ssl_handshake returned" \
411 -C "X509 - Certificate verification failed"
412
413run_test "Authentication #4 (client badcert, server required)" \
414 "debug_level=4 auth_mode=required" \
415 "debug_level=4 crt_file=data_files/server5-badsign.crt \
416 key_file=data_files/server5.key" \
417 1 \
418 -S "skip write certificate request" \
419 -C "skip parse certificate request" \
420 -c "got a certificate request" \
421 -C "skip write certificate" \
422 -C "skip write certificate verify" \
423 -S "skip parse certificate verify" \
424 -s "x509_verify_cert() returned" \
425 -S "! self-signed or not signed by a trusted CA" \
426 -s "! ssl_handshake returned" \
427 -c "! ssl_handshake returned" \
428 -s "X509 - Certificate verification failed"
429
430run_test "Authentication #5 (client badcert, server optional)" \
431 "debug_level=4 auth_mode=optional" \
432 "debug_level=4 crt_file=data_files/server5-badsign.crt \
433 key_file=data_files/server5.key" \
434 0 \
435 -S "skip write certificate request" \
436 -C "skip parse certificate request" \
437 -c "got a certificate request" \
438 -C "skip write certificate" \
439 -C "skip write certificate verify" \
440 -S "skip parse certificate verify" \
441 -s "x509_verify_cert() returned" \
442 -s "! self-signed or not signed by a trusted CA" \
443 -S "! ssl_handshake returned" \
444 -C "! ssl_handshake returned" \
445 -S "X509 - Certificate verification failed"
446
447run_test "Authentication #6 (client badcert, server none)" \
448 "debug_level=4 auth_mode=none" \
449 "debug_level=4 crt_file=data_files/server5-badsign.crt \
450 key_file=data_files/server5.key" \
451 0 \
452 -s "skip write certificate request" \
453 -C "skip parse certificate request" \
454 -c "got no certificate request" \
455 -c "skip write certificate" \
456 -c "skip write certificate verify" \
457 -s "skip parse certificate verify" \
458 -S "x509_verify_cert() returned" \
459 -S "! self-signed or not signed by a trusted CA" \
460 -S "! ssl_handshake returned" \
461 -C "! ssl_handshake returned" \
462 -S "X509 - Certificate verification failed"
463
464# Final report
465
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100[diff] [blame]466echo "------------------------------------------------------------------------"
467
468if [ $FAILS = 0 ]; then
469 echo -n "PASSED"
470else
471 echo -n "FAILED"
472fi
473PASSES=`echo $TESTS - $FAILS | bc`
474echo " ($PASSES / $TESTS)"
475
476exit $FAILS