TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 8c045ef8e4a01177df2f76fa4040a951e42ae471 / . / tests / compat.sh
blob: e29d29f9c1812bbb5534fa434f715b76b4678eeb [file] [log] [blame]
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]1#!/bin/bash
2
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]3# Test interop with OpenSSL and GnuTLS (and self-op while at it).
4#
5# Check each common ciphersuite, with each version, both ways (client/server),
6# with and without client authentication.
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100[diff] [blame]7
Manuel Pégourié-Gonnarda1a9f9a2014-03-25 18:04:59 +0100[diff] [blame]8# test if those two are set in the environment before assigning defaults
9if [ -n "$GNUTLS_CLI" -a -n "$GNUTLS_SERV" ]; then
10 GNUTLS_AVAILABLE=1
11else
12 GNUTLS_AVAILABLE=0
13fi
14
15# catch undefined variables from now on
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]16set -u
17
Manuel Pégourié-Gonnarda1a9f9a2014-03-25 18:04:59 +0100[diff] [blame]18# initialise counters
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]19let "tests = 0"
20let "failed = 0"
21let "skipped = 0"
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]22let "srvmem = 0"
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]23
Manuel Pégourié-Gonnarda1a9f9a2014-03-25 18:04:59 +0100[diff] [blame]24# default commands, can be overriden by the environment
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]25: ${P_SRV:=../programs/ssl/ssl_server2}
26: ${P_CLI:=../programs/ssl/ssl_client2}
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100[diff] [blame]27: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system
28: ${GNUTLS_CLI:=gnutls-cli}
29: ${GNUTLS_SERV:=gnutls-serv}
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]30
Manuel Pégourié-Gonnarda1a9f9a2014-03-25 18:04:59 +0100[diff] [blame]31# default values for options
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]32MODES="ssl3 tls1 tls1_1 tls1_2"
Paul Bakker1eeceae2012-11-23 14:25:34 +0100[diff] [blame]33VERIFIES="NO YES"
Manuel Pégourié-Gonnard7ebaf372013-08-27 21:03:33 +0200[diff] [blame]34TYPES="ECDSA RSA PSK"
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]35FILTER=""
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]36EXCLUDE='NULL\|DES-CBC-' # avoid plain DES but keep 3DES-EDE-CBC (PolarSSL), DES-CBC3 (OpenSSL)
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]37VERBOSE=""
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]38MEMCHECK=0
Manuel Pégourié-Gonnarda1a9f9a2014-03-25 18:04:59 +0100[diff] [blame]39# GnuTLS not enabled by default, 3.2.4 might not be available everywhere
40if [ "$GNUTLS_AVAILABLE" -gt 0 ]; then
41 PEERS="OpenSSL PolarSSL GnuTLS"
42else
43 PEERS="OpenSSL PolarSSL"
44fi
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]45
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]46print_usage() {
47 echo "Usage: $0"
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]48 echo -e " -h|--help\tPrint this help."
49 echo -e " -f|--filter\tOnly matching ciphersuites are tested (Default: '$FILTER')"
50 echo -e " -e|--exclude\tMatching ciphersuites are excluded (Default: '$EXCLUDE')"
51 echo -e " -m|--modes\tWhich modes to perform (Default: '$MODES')"
52 echo -e " -t|--types\tWhich key exchange type to perform (Default: '$TYPES')"
53 echo -e " -V|--verify\tWhich verification modes to perform (Default: '$VERIFIES')"
54 echo -e " -p|--peers\tWhich peers to use (Default: '$PEERS')"
55 echo -e " \tAlso available: GnuTLS (needs v3.2.4 or higher)"
56 echo -e " -M|--memcheck\tCheck memory leaks and errors."
57 echo -e " -v|--verbose\tSet verbose output."
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]58}
59
60get_options() {
61 while [ $# -gt 0 ]; do
62 case "$1" in
63 -f|--filter)
64 shift; FILTER=$1
65 ;;
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]66 -e|--exclude)
67 shift; EXCLUDE=$1
68 ;;
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]69 -m|--modes)
70 shift; MODES=$1
71 ;;
72 -t|--types)
73 shift; TYPES=$1
74 ;;
75 -V|--verify)
76 shift; VERIFIES=$1
77 ;;
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]78 -p|--peers)
79 shift; PEERS=$1
80 ;;
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]81 -v|--verbose)
82 VERBOSE=1
83 ;;
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]84 -M|--memcheck)
85 MEMCHECK=1
86 ;;
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]87 -h|--help)
88 print_usage
89 exit 0
90 ;;
91 *)
92 echo "Unknown argument: '$1'"
93 print_usage
94 exit 1
95 ;;
96 esac
97 shift
98 done
99}
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]100
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]101log() {
Paul Bakkeraccd4eb2013-07-19 13:41:51 +0200[diff] [blame]102 if [ "X" != "X$VERBOSE" ]; then
103 echo "$@"
104 fi
105}
Paul Bakker10cd2252012-04-12 21:26:34 +0000[diff] [blame]106
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]107filter()
108{
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]109 LIST="$1"
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]110 NEW_LIST=""
111
112 for i in $LIST;
113 do
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]114 NEW_LIST="$NEW_LIST $( echo "$i" | grep "$FILTER" | grep -v "$EXCLUDE" )"
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]115 done
116
Manuel Pégourié-Gonnard911622d2014-02-27 11:50:40 +0100[diff] [blame]117 # normalize whitespace
118 echo "$NEW_LIST" | sed -e 's/[[:space:]]\+/ /g' -e 's/^ //' -e 's/ $//'
Manuel Pégourié-Gonnarddfc8d5a2013-08-27 20:48:40 +0200[diff] [blame]119}
120
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]121filter_ciphersuites()
122{
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]123 if [ "X" != "X$FILTER" -o "X" != "X$EXCLUDE" ];
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]124 then
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]125 P_CIPHERS=$( filter "$P_CIPHERS" )
126 O_CIPHERS=$( filter "$O_CIPHERS" )
127 G_CIPHERS=$( filter "$G_CIPHERS" )
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]128 fi
129}
130
131reset_ciphersuites()
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]132{
133 P_CIPHERS=""
134 O_CIPHERS=""
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]135 G_CIPHERS=""
136}
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]137
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]138add_common_ciphersuites()
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]139{
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]140 case $TYPE in
141
142 "ECDSA")
143 if [ "$MODE" != "ssl3" ];
144 then
145 P_CIPHERS="$P_CIPHERS \
146 TLS-ECDHE-ECDSA-WITH-NULL-SHA \
147 TLS-ECDHE-ECDSA-WITH-RC4-128-SHA \
148 TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \
149 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \
150 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]151 "
152 G_CIPHERS="$G_CIPHERS \
153 +ECDHE-ECDSA:+NULL:+SHA1 \
154 +ECDHE-ECDSA:+ARCFOUR-128:+SHA1 \
155 +ECDHE-ECDSA:+3DES-CBC:+SHA1 \
156 +ECDHE-ECDSA:+AES-128-CBC:+SHA1 \
157 +ECDHE-ECDSA:+AES-256-CBC:+SHA1 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]158 "
159 O_CIPHERS="$O_CIPHERS \
160 ECDHE-ECDSA-NULL-SHA \
161 ECDHE-ECDSA-RC4-SHA \
162 ECDHE-ECDSA-DES-CBC3-SHA \
163 ECDHE-ECDSA-AES128-SHA \
164 ECDHE-ECDSA-AES256-SHA \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]165 "
166 fi
167 if [ "$MODE" = "tls1_2" ];
168 then
169 P_CIPHERS="$P_CIPHERS \
170 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
171 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \
172 TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
173 TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]174 "
175 G_CIPHERS="$G_CIPHERS \
176 +ECDHE-ECDSA:+AES-128-CBC:+SHA256 \
177 +ECDHE-ECDSA:+AES-256-CBC:+SHA384 \
178 +ECDHE-ECDSA:+AES-128-GCM:+AEAD \
179 +ECDHE-ECDSA:+AES-256-GCM:+AEAD \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]180 "
181 O_CIPHERS="$O_CIPHERS \
182 ECDHE-ECDSA-AES128-SHA256 \
183 ECDHE-ECDSA-AES256-SHA384 \
184 ECDHE-ECDSA-AES128-GCM-SHA256 \
185 ECDHE-ECDSA-AES256-GCM-SHA384 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]186 "
187 fi
188 ;;
189
190 "RSA")
191 P_CIPHERS="$P_CIPHERS \
192 TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
193 TLS-DHE-RSA-WITH-AES-256-CBC-SHA \
194 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA \
195 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA \
196 TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA \
197 TLS-RSA-WITH-AES-256-CBC-SHA \
198 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA \
199 TLS-RSA-WITH-AES-128-CBC-SHA \
200 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA \
201 TLS-RSA-WITH-3DES-EDE-CBC-SHA \
202 TLS-RSA-WITH-RC4-128-SHA \
203 TLS-RSA-WITH-RC4-128-MD5 \
204 TLS-RSA-WITH-NULL-MD5 \
205 TLS-RSA-WITH-NULL-SHA \
Manuel Pégourié-Gonnarde9a9a612014-03-26 08:56:24 +0100[diff] [blame]206 TLS-RSA-WITH-NULL-SHA256 \
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]207 "
208 G_CIPHERS="$G_CIPHERS \
209 +DHE-RSA:+AES-128-CBC:+SHA1 \
210 +DHE-RSA:+AES-256-CBC:+SHA1 \
211 +DHE-RSA:+CAMELLIA-128-CBC:+SHA1 \
212 +DHE-RSA:+CAMELLIA-256-CBC:+SHA1 \
213 +DHE-RSA:+3DES-CBC:+SHA1 \
214 +RSA:+AES-256-CBC:+SHA1 \
215 +RSA:+CAMELLIA-256-CBC:+SHA1 \
216 +RSA:+AES-128-CBC:+SHA1 \
217 +RSA:+CAMELLIA-128-CBC:+SHA1 \
218 +RSA:+3DES-CBC:+SHA1 \
219 +RSA:+ARCFOUR-128:+SHA1 \
220 +RSA:+ARCFOUR-128:+MD5 \
221 +RSA:+NULL:+MD5 \
222 +RSA:+NULL:+SHA1 \
Manuel Pégourié-Gonnarde9a9a612014-03-26 08:56:24 +0100[diff] [blame]223 +RSA:+NULL:+SHA256 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]224 "
225 O_CIPHERS="$O_CIPHERS \
226 DHE-RSA-AES128-SHA \
227 DHE-RSA-AES256-SHA \
228 DHE-RSA-CAMELLIA128-SHA \
229 DHE-RSA-CAMELLIA256-SHA \
230 EDH-RSA-DES-CBC3-SHA \
231 AES256-SHA \
232 CAMELLIA256-SHA \
233 AES128-SHA \
234 CAMELLIA128-SHA \
235 DES-CBC3-SHA \
236 RC4-SHA \
237 RC4-MD5 \
238 NULL-MD5 \
239 NULL-SHA \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]240 "
241 if [ "$MODE" != "ssl3" ];
242 then
243 P_CIPHERS="$P_CIPHERS \
244 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \
245 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA \
246 TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA \
247 TLS-ECDHE-RSA-WITH-RC4-128-SHA \
248 TLS-ECDHE-RSA-WITH-NULL-SHA \
249 "
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]250 G_CIPHERS="$G_CIPHERS \
251 +ECDHE-RSA:+AES-128-CBC:+SHA1 \
252 +ECDHE-RSA:+AES-256-CBC:+SHA1 \
253 +ECDHE-RSA:+3DES-CBC:+SHA1 \
254 +ECDHE-RSA:+ARCFOUR-128:+SHA1 \
255 +ECDHE-RSA:+NULL:+SHA1 \
256 "
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]257 O_CIPHERS="$O_CIPHERS \
258 ECDHE-RSA-AES256-SHA \
259 ECDHE-RSA-AES128-SHA \
260 ECDHE-RSA-DES-CBC3-SHA \
261 ECDHE-RSA-RC4-SHA \
262 ECDHE-RSA-NULL-SHA \
263 "
264 fi
265 if [ "$MODE" = "tls1_2" ];
266 then
267 P_CIPHERS="$P_CIPHERS \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]268 TLS-RSA-WITH-AES-128-CBC-SHA256 \
269 TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 \
270 TLS-RSA-WITH-AES-256-CBC-SHA256 \
271 TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \
272 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 \
273 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 \
274 TLS-RSA-WITH-AES-128-GCM-SHA256 \
275 TLS-RSA-WITH-AES-256-GCM-SHA384 \
276 TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \
277 TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \
278 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \
279 TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \
280 "
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]281 G_CIPHERS="$G_CIPHERS \
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]282 +RSA:+AES-128-CBC:+SHA256 \
283 +DHE-RSA:+AES-128-CBC:+SHA256 \
284 +RSA:+AES-256-CBC:+SHA256 \
285 +DHE-RSA:+AES-256-CBC:+SHA256 \
286 +ECDHE-RSA:+AES-128-CBC:+SHA256 \
287 +ECDHE-RSA:+AES-256-CBC:+SHA384 \
288 +RSA:+AES-128-GCM:+AEAD \
289 +RSA:+AES-256-GCM:+AEAD \
290 +DHE-RSA:+AES-128-GCM:+AEAD \
291 +DHE-RSA:+AES-256-GCM:+AEAD \
292 +ECDHE-RSA:+AES-128-GCM:+AEAD \
293 +ECDHE-RSA:+AES-256-GCM:+AEAD \
294 "
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]295 O_CIPHERS="$O_CIPHERS \
296 NULL-SHA256 \
297 AES128-SHA256 \
298 DHE-RSA-AES128-SHA256 \
299 AES256-SHA256 \
300 DHE-RSA-AES256-SHA256 \
301 ECDHE-RSA-AES128-SHA256 \
302 ECDHE-RSA-AES256-SHA384 \
303 AES128-GCM-SHA256 \
304 DHE-RSA-AES128-GCM-SHA256 \
305 AES256-GCM-SHA384 \
306 DHE-RSA-AES256-GCM-SHA384 \
307 ECDHE-RSA-AES128-GCM-SHA256 \
308 ECDHE-RSA-AES256-GCM-SHA384 \
309 "
310 fi
311 ;;
312
313 "PSK")
314 P_CIPHERS="$P_CIPHERS \
315 TLS-PSK-WITH-RC4-128-SHA \
316 TLS-PSK-WITH-3DES-EDE-CBC-SHA \
317 TLS-PSK-WITH-AES-128-CBC-SHA \
318 TLS-PSK-WITH-AES-256-CBC-SHA \
319 "
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]320 G_CIPHERS="$G_CIPHERS \
321 +PSK:+ARCFOUR-128:+SHA1 \
322 +PSK:+3DES-CBC:+SHA1 \
323 +PSK:+AES-128-CBC:+SHA1 \
324 +PSK:+AES-256-CBC:+SHA1 \
325 "
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]326 O_CIPHERS="$O_CIPHERS \
327 PSK-RC4-SHA \
328 PSK-3DES-EDE-CBC-SHA \
329 PSK-AES128-CBC-SHA \
330 PSK-AES256-CBC-SHA \
331 "
332 ;;
333 esac
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]334}
335
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]336add_openssl_ciphersuites()
337{
338 case $TYPE in
339
340 "ECDSA")
341 if [ "$MODE" != "ssl3" ];
342 then
343 P_CIPHERS="$P_CIPHERS \
344 TLS-ECDH-ECDSA-WITH-NULL-SHA \
345 TLS-ECDH-ECDSA-WITH-RC4-128-SHA \
346 TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA \
347 TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA \
348 TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA \
349 "
350 O_CIPHERS="$O_CIPHERS \
351 ECDH-ECDSA-NULL-SHA \
352 ECDH-ECDSA-RC4-SHA \
353 ECDH-ECDSA-DES-CBC3-SHA \
354 ECDH-ECDSA-AES128-SHA \
355 ECDH-ECDSA-AES256-SHA \
356 "
357 fi
358 if [ "$MODE" = "tls1_2" ];
359 then
360 P_CIPHERS="$P_CIPHERS \
361 TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 \
362 TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 \
363 TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 \
364 TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \
365 "
366 O_CIPHERS="$O_CIPHERS \
367 ECDH-ECDSA-AES128-SHA256 \
368 ECDH-ECDSA-AES256-SHA384 \
369 ECDH-ECDSA-AES128-GCM-SHA256 \
370 ECDH-ECDSA-AES256-GCM-SHA384 \
371 "
372 fi
373 ;;
374
375 "RSA")
376 P_CIPHERS="$P_CIPHERS \
377 TLS-RSA-WITH-DES-CBC-SHA \
378 TLS-DHE-RSA-WITH-DES-CBC-SHA \
379 "
380 O_CIPHERS="$O_CIPHERS \
381 DES-CBC-SHA \
382 EDH-RSA-DES-CBC-SHA \
383 "
384 ;;
385
386 "PSK")
387 ;;
388 esac
389}
390
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]391add_gnutls_ciphersuites()
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]392{
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]393 case $TYPE in
394
395 "ECDSA")
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]396 if [ "$MODE" = "tls1_2" ];
397 then
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]398 P_CIPHERS="$P_CIPHERS \
399 TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
400 TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]401 TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
402 TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]403 "
404 G_CIPHERS="$G_CIPHERS \
405 +ECDHE-ECDSA:+CAMELLIA-128-CBC:+SHA256 \
406 +ECDHE-ECDSA:+CAMELLIA-256-CBC:+SHA384 \
407 +ECDHE-ECDSA:+CAMELLIA-128-GCM:+AEAD \
408 +ECDHE-ECDSA:+CAMELLIA-256-GCM:+AEAD \
409 "
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]410 fi
411 ;;
412
413 "RSA")
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]414 if [ "$MODE" = "tls1_2" ];
415 then
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]416 P_CIPHERS="$P_CIPHERS \
417 TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
418 TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]419 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
420 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
421 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
422 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
423 TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
424 TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
425 TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
426 TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
427 TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
428 TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
429 "
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]430 G_CIPHERS="$G_CIPHERS \
431 +ECDHE-RSA:+CAMELLIA-128-CBC:+SHA256 \
432 +ECDHE-RSA:+CAMELLIA-256-CBC:+SHA384 \
433 +RSA:+CAMELLIA-128-CBC:+SHA256 \
434 +RSA:+CAMELLIA-256-CBC:+SHA256 \
435 +DHE-RSA:+CAMELLIA-128-CBC:+SHA256 \
436 +DHE-RSA:+CAMELLIA-256-CBC:+SHA256 \
437 +ECDHE-RSA:+CAMELLIA-128-GCM:+AEAD \
438 +ECDHE-RSA:+CAMELLIA-256-GCM:+AEAD \
439 +DHE-RSA:+CAMELLIA-128-GCM:+AEAD \
440 +DHE-RSA:+CAMELLIA-256-GCM:+AEAD \
441 +RSA:+CAMELLIA-128-GCM:+AEAD \
442 +RSA:+CAMELLIA-256-GCM:+AEAD \
443 "
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]444 fi
445 ;;
446
447 "PSK")
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]448 # GnuTLS 3.2.11 (2014-02-13) requires TLS 1.x for most *PSK suites
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]449 if [ "$MODE" != "ssl3" ];
450 then
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]451 P_CIPHERS="$P_CIPHERS \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]452 TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \
453 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
454 TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA \
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]455 TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \
456 TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
457 TLS-DHE-PSK-WITH-AES-256-CBC-SHA \
458 TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA \
459 TLS-RSA-PSK-WITH-AES-256-CBC-SHA \
460 TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]461 "
462 G_CIPHERS="$G_CIPHERS \
463 +ECDHE-PSK:+AES-256-CBC:+SHA1 \
464 +ECDHE-PSK:+AES-128-CBC:+SHA1 \
465 +ECDHE-PSK:+3DES-CBC:+SHA1 \
466 +DHE-PSK:+3DES-CBC:+SHA1 \
467 +DHE-PSK:+AES-128-CBC:+SHA1 \
468 +DHE-PSK:+AES-256-CBC:+SHA1 \
469 +RSA-PSK:+3DES-CBC:+SHA1 \
470 +RSA-PSK:+AES-256-CBC:+SHA1 \
471 +RSA-PSK:+AES-128-CBC:+SHA1 \
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]472 "
473 fi
474 if [ "$MODE" = "tls1_2" ];
475 then
476 P_CIPHERS="$P_CIPHERS \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]477 TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
478 TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
479 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
480 TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
481 TLS-ECDHE-PSK-WITH-NULL-SHA384 \
482 TLS-ECDHE-PSK-WITH-NULL-SHA256 \
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]483 TLS-PSK-WITH-AES-128-CBC-SHA256 \
484 TLS-PSK-WITH-AES-256-CBC-SHA384 \
485 TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
486 TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
487 TLS-PSK-WITH-NULL-SHA256 \
488 TLS-PSK-WITH-NULL-SHA384 \
489 TLS-DHE-PSK-WITH-NULL-SHA256 \
490 TLS-DHE-PSK-WITH-NULL-SHA384 \
491 TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
492 TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
493 TLS-RSA-PSK-WITH-NULL-SHA256 \
494 TLS-RSA-PSK-WITH-NULL-SHA384 \
495 TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
496 TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
497 TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
498 TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
499 TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
500 TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]501 TLS-PSK-WITH-AES-128-GCM-SHA256 \
502 TLS-PSK-WITH-AES-256-GCM-SHA384 \
503 TLS-DHE-PSK-WITH-AES-128-GCM-SHA256 \
504 TLS-DHE-PSK-WITH-AES-256-GCM-SHA384 \
505 TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
506 TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
507 TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
508 TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
509 TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
510 TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
511 TLS-RSA-PSK-WITH-AES-256-GCM-SHA384 \
512 TLS-RSA-PSK-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]513 "
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]514 G_CIPHERS="$G_CIPHERS \
515 +ECDHE-PSK:+AES-256-CBC:+SHA384 \
516 +ECDHE-PSK:+CAMELLIA-256-CBC:+SHA384 \
517 +ECDHE-PSK:+AES-128-CBC:+SHA256 \
518 +ECDHE-PSK:+CAMELLIA-128-CBC:+SHA256 \
519 +PSK:+AES-128-CBC:+SHA256 \
520 +PSK:+AES-256-CBC:+SHA384 \
521 +DHE-PSK:+AES-128-CBC:+SHA256 \
522 +DHE-PSK:+AES-256-CBC:+SHA384 \
523 +RSA-PSK:+AES-256-CBC:+SHA384 \
524 +RSA-PSK:+AES-128-CBC:+SHA256 \
525 +DHE-PSK:+CAMELLIA-128-CBC:+SHA256 \
526 +DHE-PSK:+CAMELLIA-256-CBC:+SHA384 \
527 +PSK:+CAMELLIA-128-CBC:+SHA256 \
528 +PSK:+CAMELLIA-256-CBC:+SHA384 \
529 +RSA-PSK:+CAMELLIA-256-CBC:+SHA384 \
530 +RSA-PSK:+CAMELLIA-128-CBC:+SHA256 \
531 +PSK:+AES-128-GCM:+AEAD \
532 +PSK:+AES-256-GCM:+AEAD \
533 +DHE-PSK:+AES-128-GCM:+AEAD \
534 +DHE-PSK:+AES-256-GCM:+AEAD \
535 +RSA-PSK:+CAMELLIA-128-GCM:+AEAD \
536 +RSA-PSK:+CAMELLIA-256-GCM:+AEAD \
537 +PSK:+CAMELLIA-128-GCM:+AEAD \
538 +PSK:+CAMELLIA-256-GCM:+AEAD \
539 +DHE-PSK:+CAMELLIA-128-GCM:+AEAD \
540 +DHE-PSK:+CAMELLIA-256-GCM:+AEAD \
541 +RSA-PSK:+AES-256-GCM:+AEAD \
542 +RSA-PSK:+AES-128-GCM:+AEAD \
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]543 +ECDHE-PSK:+NULL:+SHA384 \
544 +ECDHE-PSK:+NULL:+SHA256 \
545 +PSK:+NULL:+SHA256 \
546 +PSK:+NULL:+SHA384 \
547 +DHE-PSK:+NULL:+SHA256 \
548 +DHE-PSK:+NULL:+SHA384 \
549 +RSA-PSK:+NULL:+SHA256 \
550 +RSA-PSK:+NULL:+SHA384 \
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]551 "
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]552 fi
553 ;;
554 esac
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]555}
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]556
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]557add_polarssl_ciphersuites()
558{
559 case $TYPE in
560
561 "ECDSA")
562 if [ "$MODE" != "ssl3" ];
563 then
564 P_CIPHERS="$P_CIPHERS \
565 TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
566 TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
567 "
568 fi
569 if [ "$MODE" = "tls1_2" ];
570 then
571 P_CIPHERS="$P_CIPHERS \
572 TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
573 TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
574 "
575 fi
576 ;;
577
578 "RSA")
579 ;;
580
581 "PSK")
582 P_CIPHERS="$P_CIPHERS \
583 TLS-PSK-WITH-NULL-SHA \
584 TLS-DHE-PSK-WITH-RC4-128-SHA \
585 TLS-DHE-PSK-WITH-NULL-SHA \
586 TLS-RSA-PSK-WITH-RC4-128-SHA \
587 "
588 if [ "$MODE" != "ssl3" ];
589 then
590 P_CIPHERS="$P_CIPHERS \
591 TLS-ECDHE-PSK-WITH-RC4-128-SHA \
592 TLS-ECDHE-PSK-WITH-NULL-SHA \
593 "
594 fi
595 ;;
596 esac
Manuel Pégourié-Gonnard48f196c2014-02-19 13:51:58 +0100[diff] [blame]597}
598
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]599setup_arguments()
600{
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]601 case $MODE in
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]602 "ssl3")
603 G_PRIO_MODE="+VERS-SSL3.0"
604 ;;
605 "tls1")
606 G_PRIO_MODE="+VERS-TLS1.0"
607 ;;
608 "tls1_1")
609 G_PRIO_MODE="+VERS-TLS1.1"
610 ;;
611 "tls1_2")
612 G_PRIO_MODE="+VERS-TLS1.2"
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]613 ;;
614 *)
615 echo "error: invalid mode: $MODE" >&2
616 exit 1;
617 esac
618
619 P_SERVER_ARGS="server_addr=0.0.0.0 force_version=$MODE"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]620 O_SERVER_ARGS="-www -cipher NULL,ALL -$MODE"
621 G_SERVER_ARGS="-p 4433 --http"
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]622 G_SERVER_PRIO="EXPORT:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]623
624 P_CLIENT_ARGS="force_version=$MODE"
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]625 O_CLIENT_ARGS="-$MODE"
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]626 G_CLIENT_ARGS="-p 4433 --debug 3"
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]627 G_CLIENT_PRIO="NONE:$G_PRIO_MODE:+COMP-NULL:+CURVE-ALL:+SIGN-ALL"
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]628
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]629 if [ "X$VERIFY" = "XYES" ];
630 then
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]631 P_SERVER_ARGS="$P_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]632 O_SERVER_ARGS="$O_SERVER_ARGS -CAfile data_files/test-ca_cat12.crt -Verify 10"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]633 G_SERVER_ARGS="$G_SERVER_ARGS --x509cafile data_files/test-ca_cat12.crt --require-client-cert"
634
635 P_CLIENT_ARGS="$P_CLIENT_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
Manuel Pégourié-Gonnardda782c92014-02-21 10:10:20 +0100[diff] [blame]636 O_CLIENT_ARGS="$O_CLIENT_ARGS -CAfile data_files/test-ca_cat12.crt -verify 10"
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]637 G_CLIENT_ARGS="$G_CLIENT_ARGS --x509cafile data_files/test-ca_cat12.crt"
Manuel Pégourié-Gonnardda782c92014-02-21 10:10:20 +0100[diff] [blame]638 else
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]639 # don't request a client cert at all
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]640 P_SERVER_ARGS="$P_SERVER_ARGS ca_file=none auth_mode=none"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]641 G_SERVER_ARGS="$G_SERVER_ARGS --disable-client-cert"
642
Manuel Pégourié-Gonnard5de31ec2014-03-19 17:34:52 +0100[diff] [blame]643 P_CLIENT_ARGS="$P_CLIENT_ARGS ca_file=none auth_mode=none"
644 O_CLIENT_ARGS="$O_CLIENT_ARGS"
645 G_CLIENT_ARGS="$G_CLIENT_ARGS --insecure"
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]646 fi
647
648 case $TYPE in
649 "ECDSA")
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]650 P_SERVER_ARGS="$P_SERVER_ARGS crt_file=data_files/server5.crt key_file=data_files/server5.key"
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]651 O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server5.crt -key data_files/server5.key"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]652 G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
653
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]654 if [ "X$VERIFY" = "XYES" ]; then
655 P_CLIENT_ARGS="$P_CLIENT_ARGS crt_file=data_files/server6.crt key_file=data_files/server6.key"
656 O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server6.crt -key data_files/server6.key"
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]657 G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/server6.crt --x509keyfile data_files/server6.key"
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]658 else
659 P_CLIENT_ARGS="$P_CLIENT_ARGS crt_file=none key_file=none"
660 fi
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]661 ;;
662
663 "RSA")
Manuel Pégourié-Gonnardda782c92014-02-21 10:10:20 +0100[diff] [blame]664 P_SERVER_ARGS="$P_SERVER_ARGS crt_file=data_files/server2.crt key_file=data_files/server2.key"
Manuel Pégourié-Gonnardda782c92014-02-21 10:10:20 +0100[diff] [blame]665 O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server2.crt -key data_files/server2.key"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]666 G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2.crt --x509keyfile data_files/server2.key"
667
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]668 if [ "X$VERIFY" = "XYES" ]; then
669 P_CLIENT_ARGS="$P_CLIENT_ARGS crt_file=data_files/server1.crt key_file=data_files/server1.key"
670 O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server1.crt -key data_files/server1.key"
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]671 G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/server1.crt --x509keyfile data_files/server1.key"
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]672 else
673 P_CLIENT_ARGS="$P_CLIENT_ARGS crt_file=none key_file=none"
674 fi
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]675 ;;
676
677 "PSK")
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]678 # give RSA-PSK-capable server a RSA cert
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]679 # (should be a separate type, but harder to close with openssl)
680 P_SERVER_ARGS="$P_SERVER_ARGS psk=6162636465666768696a6b6c6d6e6f70 ca_file=none crt_file=data_files/server2.crt key_file=data_files/server2.key"
Manuel Pégourié-Gonnard1b149ef2014-02-27 14:38:29 +0100[diff] [blame]681 O_SERVER_ARGS="$O_SERVER_ARGS -psk 6162636465666768696a6b6c6d6e6f70 -nocert"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]682 G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2.crt --x509keyfile data_files/server2.key --pskpasswd data_files/passwd.psk"
683
684 P_CLIENT_ARGS="$P_CLIENT_ARGS psk=6162636465666768696a6b6c6d6e6f70 crt_file=none key_file=none"
Manuel Pégourié-Gonnard9ada01a2014-02-19 14:24:24 +0100[diff] [blame]685 O_CLIENT_ARGS="$O_CLIENT_ARGS -psk 6162636465666768696a6b6c6d6e6f70"
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]686 G_CLIENT_ARGS="$G_CLIENT_ARGS --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70"
Manuel Pégourié-Gonnardd941a792014-02-19 13:35:52 +0100[diff] [blame]687 ;;
688 esac
689}
690
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]691# is_polar <cmd_line>
692is_polar() {
693 echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null
694}
695
696# has_mem_err <log_file_name>
697has_mem_err() {
698 if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" &&
699 grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null
700 then
701 return 1 # false: does not have errors
702 else
703 return 0 # true: has errors
704 fi
705}
706
Manuel Pégourié-Gonnard304beef2014-02-19 14:45:00 +0100[diff] [blame]707# start_server <name>
708# also saves name and command
709start_server() {
Manuel Pégourié-Gonnard304beef2014-02-19 14:45:00 +0100[diff] [blame]710 case $1 in
711 [Oo]pen*)
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100[diff] [blame]712 SERVER_CMD="$OPENSSL_CMD s_server $O_SERVER_ARGS"
Manuel Pégourié-Gonnard304beef2014-02-19 14:45:00 +0100[diff] [blame]713 ;;
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]714 [Gg]nu*)
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100[diff] [blame]715 SERVER_CMD="$GNUTLS_SERV $G_SERVER_ARGS --priority $G_SERVER_PRIO"
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]716 ;;
Manuel Pégourié-Gonnard304beef2014-02-19 14:45:00 +0100[diff] [blame]717 [Pp]olar*)
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]718 SERVER_CMD="$P_SRV $P_SERVER_ARGS"
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]719 if [ "$MEMCHECK" -gt 0 ]; then
720 SERVER_CMD="valgrind --leak-check=full $SERVER_CMD"
721 fi
Manuel Pégourié-Gonnard304beef2014-02-19 14:45:00 +0100[diff] [blame]722 ;;
723 *)
724 echo "error: invalid server name: $1" >&2
725 exit 1
726 ;;
727 esac
728 SERVER_NAME=$1
729
730 log "$SERVER_CMD"
Manuel Pégourié-Gonnardba0b8442014-03-13 17:57:45 +0100[diff] [blame]731 echo "$SERVER_CMD" > srv_out
732 $SERVER_CMD >> srv_out 2>&1 &
Manuel Pégourié-Gonnard304beef2014-02-19 14:45:00 +0100[diff] [blame]733 PROCESS_ID=$!
734
735 sleep 1
736}
737
Manuel Pégourié-Gonnard911622d2014-02-27 11:50:40 +0100[diff] [blame]738# terminate the running server (closing it cleanly if it is ours)
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]739stop_server() {
Manuel Pégourié-Gonnardc57e98b2014-02-19 17:37:55 +0100[diff] [blame]740 case $SERVER_NAME in
741 [Pp]olar*)
Manuel Pégourié-Gonnard911622d2014-02-27 11:50:40 +0100[diff] [blame]742 # we must force a PSK suite when in PSK mode (otherwise client
Manuel Pégourié-Gonnard84fd6872014-03-13 18:35:10 +0100[diff] [blame]743 # auth will fail), so try every entry in $P_CIPHERS in turn (in
744 # case the first one is not implemented in this configuration)
745 for i in $P_CIPHERS; do
Manuel Pégourié-Gonnard5de31ec2014-03-19 17:34:52 +0100[diff] [blame]746 log "$P_CLI $P_CLIENT_ARGS request_page=SERVERQUIT auth_mode=none force_ciphersuite=$i"
Manuel Pégourié-Gonnard84fd6872014-03-13 18:35:10 +0100[diff] [blame]747 "$P_CLI" $P_CLIENT_ARGS request_page=SERVERQUIT auth_mode=none \
Manuel Pégourié-Gonnard84fd6872014-03-13 18:35:10 +0100[diff] [blame]748 force_ciphersuite=$i >/dev/null
749 if [ "$?" == 0 ]; then
750 break
751 fi
752 done
Manuel Pégourié-Gonnardc57e98b2014-02-19 17:37:55 +0100[diff] [blame]753 ;;
Manuel Pégourié-Gonnard911622d2014-02-27 11:50:40 +0100[diff] [blame]754 *)
755 kill $PROCESS_ID 2>/dev/null
Manuel Pégourié-Gonnardc57e98b2014-02-19 17:37:55 +0100[diff] [blame]756 esac
757
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]758 wait $PROCESS_ID 2>/dev/null
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]759
760 if [ "$MEMCHECK" -gt 0 ]; then
761 if is_polar "$SERVER_CMD" && has_mem_err srv_out; then
762 echo " ! Server had memory errors"
763 let "srvmem++"
764 return
765 fi
766 fi
767
Manuel Pégourié-Gonnard87ae3032014-02-27 11:12:30 +0100[diff] [blame]768 rm -f srv_out
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]769}
770
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +0100[diff] [blame]771# kill the running server (used when killed by signal)
772cleanup() {
Manuel Pégourié-Gonnard87ae3032014-02-27 11:12:30 +0100[diff] [blame]773 rm -f srv_out cli_out
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +0100[diff] [blame]774 kill $PROCESS_ID
775 exit 1
776}
777
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]778# run_client <name> <cipher>
779run_client() {
Manuel Pégourié-Gonnard87ae3032014-02-27 11:12:30 +0100[diff] [blame]780 # announce what we're going to do
781 let "tests++"
782 VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
Manuel Pégourié-Gonnarde01af4c2014-03-25 14:16:44 +0100[diff] [blame]783 TITLE="${1:0:1}->${SERVER_NAME:0:1} $MODE,$VERIF $2"
784 echo -n "$TITLE "
Manuel Pégourié-Gonnard87ae3032014-02-27 11:12:30 +0100[diff] [blame]785 LEN=`echo "$TITLE" | wc -c`
786 LEN=`echo 72 - $LEN | bc`
787 for i in `seq 1 $LEN`; do echo -n '.'; done; echo -n ' '
788
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]789 # run the command and interpret result
790 case $1 in
791 [Oo]pen*)
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100[diff] [blame]792 CLIENT_CMD="$OPENSSL_CMD s_client $O_CLIENT_ARGS -cipher $2"
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]793 log "$CLIENT_CMD"
Manuel Pégourié-Gonnardba0b8442014-03-13 17:57:45 +0100[diff] [blame]794 echo "$CLIENT_CMD" > cli_out
795 ( echo -e 'GET HTTP/1.0'; echo; ) | $CLIENT_CMD >> cli_out 2>&1
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]796 EXIT=$?
797
798 if [ "$EXIT" == "0" ]; then
799 RESULT=0
800 else
Manuel Pégourié-Gonnard87ae3032014-02-27 11:12:30 +0100[diff] [blame]801 if grep 'Cipher is (NONE)' cli_out >/dev/null; then
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]802 RESULT=1
803 else
804 RESULT=2
805 fi
806 fi
807 ;;
808
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]809 [Gg]nu*)
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100[diff] [blame]810 CLIENT_CMD="$GNUTLS_CLI $G_CLIENT_ARGS --priority $G_PRIO_MODE:$2 localhost"
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]811 log "$CLIENT_CMD"
Manuel Pégourié-Gonnardba0b8442014-03-13 17:57:45 +0100[diff] [blame]812 echo "$CLIENT_CMD" > cli_out
813 ( echo -e 'GET HTTP/1.0'; echo; ) | $CLIENT_CMD >> cli_out 2>&1
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]814 EXIT=$?
815
816 if [ "$EXIT" == "0" ]; then
817 RESULT=0
818 else
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]819 RESULT=2
820 # interpret early failure, with a handshake_failure alert
821 # before the server hello, as "no ciphersuite in common"
822 if grep -F 'Received alert [40]: Handshake failed' cli_out; then
823 if grep -i 'SERVER HELLO .* was received' cli_out; then :
824 else
825 RESULT=1
826 fi
827 fi >/dev/null
Manuel Pégourié-Gonnarda4371442014-03-13 16:21:59 +0100[diff] [blame]828 fi
829 ;;
830
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]831 [Pp]olar*)
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]832 CLIENT_CMD="$P_CLI $P_CLIENT_ARGS force_ciphersuite=$2"
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]833 if [ "$MEMCHECK" -gt 0 ]; then
834 CLIENT_CMD="valgrind --leak-check=full $CLIENT_CMD"
835 fi
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]836 log "$CLIENT_CMD"
Manuel Pégourié-Gonnardba0b8442014-03-13 17:57:45 +0100[diff] [blame]837 echo "$CLIENT_CMD" > cli_out
838 $CLIENT_CMD >> cli_out 2>&1
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]839 EXIT=$?
840
841 case $EXIT in
842 "0") RESULT=0 ;;
843 "2") RESULT=1 ;;
844 *) RESULT=2 ;;
845 esac
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]846
847 if [ "$MEMCHECK" -gt 0 ]; then
848 if is_polar "$CLIENT_CMD" && has_mem_err cli_out; then
849 RESULT=2
850 fi
851 fi
852
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]853 ;;
854
855 *)
856 echo "error: invalid client name: $1" >&2
857 exit 1
858 ;;
859 esac
860
Manuel Pégourié-Gonnarde01af4c2014-03-25 14:16:44 +0100[diff] [blame]861 echo "EXIT: $EXIT" >> cli_out
862
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]863 # report and count result
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]864 case $RESULT in
865 "0")
Manuel Pégourié-Gonnard4145b892014-02-24 13:20:14 +0100[diff] [blame]866 echo PASS
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]867 ;;
868 "1")
Manuel Pégourié-Gonnard4145b892014-02-24 13:20:14 +0100[diff] [blame]869 echo SKIP
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]870 let "skipped++"
871 ;;
872 "2")
Manuel Pégourié-Gonnard4145b892014-02-24 13:20:14 +0100[diff] [blame]873 echo FAIL
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]874 cp srv_out c-srv-${tests}.log
875 cp cli_out c-cli-${tests}.log
876 echo " ! outputs saved to c-srv-${tests}.log, c-cli-${tests}.log"
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]877 let "failed++"
878 ;;
879 esac
Manuel Pégourié-Gonnard87ae3032014-02-27 11:12:30 +0100[diff] [blame]880
881 rm -f cli_out
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]882}
883
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]884#
885# MAIN
886#
887
Manuel Pégourié-Gonnard3947d042014-03-14 18:13:53 +0100[diff] [blame]888get_options "$@"
889
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]890# sanity checks, avoid an avalanche of errors
891if [ ! -x "$P_SRV" ]; then
Manuel Pégourié-Gonnard3947d042014-03-14 18:13:53 +0100[diff] [blame]892 echo "Command '$P_SRV' is not an executable file" >&2
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]893 exit 1
894fi
895if [ ! -x "$P_CLI" ]; then
Manuel Pégourié-Gonnard3947d042014-03-14 18:13:53 +0100[diff] [blame]896 echo "Command '$P_CLI' is not an executable file" >&2
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]897 exit 1
898fi
Manuel Pégourié-Gonnard3947d042014-03-14 18:13:53 +0100[diff] [blame]899
900if echo "$PEERS" | grep -i openssl > /dev/null; then
901 if which "$OPENSSL_CMD" >/dev/null 2>&1; then :; else
902 echo "Command '$OPENSSL_CMD' not found" >&2
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100[diff] [blame]903 exit 1
904 fi
Manuel Pégourié-Gonnard3947d042014-03-14 18:13:53 +0100[diff] [blame]905fi
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100[diff] [blame]906
Manuel Pégourié-Gonnard3947d042014-03-14 18:13:53 +0100[diff] [blame]907if echo "$PEERS" | grep -i gnutls > /dev/null; then
908 for CMD in "$GNUTLS_CLI" "$GNUTLS_SERV"; do
909 if which "$CMD" >/dev/null 2>&1; then :; else
910 echo "Command '$CMD' not found" >&2
911 exit 1
912 fi
913 done
914fi
915
916for PEER in $PEERS; do
917 case "$PEER" in
918 [Pp]olar*|[Oo]pen*|[Gg]nu*)
919 ;;
920 *)
921 echo "Unknown peers: $PEER" >&2
922 exit 1
923 esac
924done
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100[diff] [blame]925
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]926killall -q gnutls-serv openssl ssl_server ssl_server2
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +0100[diff] [blame]927trap cleanup INT TERM HUP
928
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]929for VERIFY in $VERIFIES; do
930 for MODE in $MODES; do
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]931 for TYPE in $TYPES; do
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]932 for PEER in $PEERS; do
Paul Bakker7e5e7ca2013-04-17 19:27:58 +0200[diff] [blame]933
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]934 setup_arguments
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]935
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]936 case "$PEER" in
Manuel Pégourié-Gonnardd3313192013-09-13 19:20:37 +0200[diff] [blame]937
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]938 [Oo]pen*)
Paul Bakker398cb512012-04-10 08:22:31 +0000[diff] [blame]939
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]940 reset_ciphersuites
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]941 add_common_ciphersuites
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]942 add_openssl_ciphersuites
943 filter_ciphersuites
Manuel Pégourié-Gonnard330e4112014-02-19 15:23:21 +0100[diff] [blame]944
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]945 if [ "X" != "X$P_CIPHERS" ]; then
946 start_server "OpenSSL"
947 for i in $P_CIPHERS; do
948 run_client PolarSSL $i
949 done
950 stop_server
951 fi
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]952
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]953 if [ "X" != "X$O_CIPHERS" ]; then
954 start_server "PolarSSL"
955 for i in $O_CIPHERS; do
956 run_client OpenSSL $i
957 done
958 stop_server
959 fi
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]960
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]961 ;;
Manuel Pégourié-Gonnard5b2d7762014-02-28 12:42:57 +0100[diff] [blame]962
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]963 [Gg]nu*)
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]964
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]965 reset_ciphersuites
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]966 add_common_ciphersuites
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]967 add_gnutls_ciphersuites
968 filter_ciphersuites
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]969
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]970 if [ "X" != "X$P_CIPHERS" ]; then
971 start_server "GnuTLS"
972 for i in $P_CIPHERS; do
973 run_client PolarSSL $i
974 done
975 stop_server
976 fi
977
978 if [ "X" != "X$G_CIPHERS" ]; then
979 start_server "PolarSSL"
980 for i in $G_CIPHERS; do
981 run_client GnuTLS $i
982 done
983 stop_server
984 fi
985
986 ;;
987
988 [Pp]olar*)
989
990 reset_ciphersuites
Manuel Pégourié-Gonnard12b84722014-03-25 19:07:28 +0100[diff] [blame]991 add_common_ciphersuites
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]992 add_openssl_ciphersuites
993 add_gnutls_ciphersuites
994 add_polarssl_ciphersuites
995 filter_ciphersuites
996
997 if [ "X" != "X$P_CIPHERS" ]; then
998 start_server "PolarSSL"
999 for i in $P_CIPHERS; do
1000 run_client PolarSSL $i
1001 done
1002 stop_server
1003 fi
1004
1005 ;;
1006
Manuel Pégourié-Gonnarda1a9f9a2014-03-25 18:04:59 +0100[diff] [blame]1007 *)
1008 echo "Unkown peer: $PEER" >&2
1009 exit 1
1010 ;;
1011
Manuel Pégourié-Gonnard9edba772014-03-13 17:45:35 +0100[diff] [blame]1012 esac
1013
1014 done
Manuel Pégourié-Gonnard95957712014-02-19 15:29:38 +0100[diff] [blame]1015 done
1016 done
Manuel Pégourié-Gonnard9791a402013-08-27 19:57:15 +0200[diff] [blame]1017done
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]1018
Manuel Pégourié-Gonnard4145b892014-02-24 13:20:14 +0100[diff] [blame]1019echo "------------------------------------------------------------------------"
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]1020
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]1021if (( failed != 0 && srvmem != 0 ));
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]1022then
1023 echo -n "FAILED"
1024else
1025 echo -n "PASSED"
1026fi
1027
Manuel Pégourié-Gonnardba0b8442014-03-13 17:57:45 +0100[diff] [blame]1028if [ "$MEMCHECK" -gt 0 ]; then
1029 MEMREPORT=", $srvmem server memory errors"
1030else
1031 MEMREPORT=""
1032fi
1033
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]1034let "passed = tests - failed"
Manuel Pégourié-Gonnardba0b8442014-03-13 17:57:45 +0100[diff] [blame]1035echo " ($passed / $tests tests ($skipped skipped$MEMREPORT))"
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]1036
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100[diff] [blame]1037let "failed += srvmem"
Manuel Pégourié-Gonnard70064fd2013-08-27 22:00:47 +0200[diff] [blame]1038exit $failed