TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / cc7d6ae95fa344eea84c490e9c9588767df17755 / . / tests / opt-testcases / sample.sh
blob: bd800054fd5e3537ea6cd05ba4d3b0a2725fc6f7 [file] [log] [blame]
Gilles Peskinec3d1a1d2024-09-10 00:03:18 +0200[diff] [blame]1# Test that SSL sample programs can interoperate with each other
2# and with OpenSSL and GnuTLS.
Gilles Peskinea602a412024-09-04 16:04:42 +0200[diff] [blame]3
4# Copyright The Mbed TLS Contributors
5# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6
7: ${PROGRAMS_DIR:=../programs/ssl}
Gilles Peskine7985d452024-09-04 16:06:10 +0200[diff] [blame]8
Gilles Peskinec3d1a1d2024-09-10 00:03:18 +0200[diff] [blame]9run_test "Sample: ssl_client1, ssl_server2" \
10 -P 4433 \
11 "$PROGRAMS_DIR/ssl_server2" \
12 "$PROGRAMS_DIR/ssl_client1" \
13 0 \
14 -s "[1-9][0-9]* bytes read" \
15 -s "[1-9][0-9]* bytes written" \
16 -c "[1-9][0-9]* bytes read" \
17 -c "[1-9][0-9]* bytes written" \
18 -S "error" \
19 -C "error"
20
Gilles Peskine7985d452024-09-04 16:06:10 +0200[diff] [blame]21requires_protocol_version tls12
22run_test "Sample: ssl_client1, openssl server, TLS 1.2" \
23 -P 4433 \
24 "$O_SRV -tls1_2" \
25 "$PROGRAMS_DIR/ssl_client1" \
26 0 \
Gilles Peskine6ef52392024-09-04 23:33:36 +0200[diff] [blame]27 -c "Protocol.*TLSv1.2" \
Gilles Peskine7985d452024-09-04 16:06:10 +0200[diff] [blame]28 -S "ERROR" \
29 -C "error"
30
31requires_protocol_version tls12
32run_test "Sample: ssl_client1, gnutls server, TLS 1.2" \
33 -P 4433 \
34 "$G_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2" \
35 "$PROGRAMS_DIR/ssl_client1" \
36 0 \
37 -s "Version: TLS1.2" \
38 -c "<TD>Protocol version:</TD><TD>TLS1.2</TD>" \
39 -S "Error" \
40 -C "error"
41
42requires_protocol_version tls13
Gilles Peskine33388212024-09-04 23:32:42 +0200[diff] [blame]43requires_openssl_tls1_3
Gilles Peskine7985d452024-09-04 16:06:10 +0200[diff] [blame]44run_test "Sample: ssl_client1, openssl server, TLS 1.3" \
45 -P 4433 \
Gilles Peskine33388212024-09-04 23:32:42 +0200[diff] [blame]46 "$O_NEXT_SRV -tls1_3" \
Gilles Peskine7985d452024-09-04 16:06:10 +0200[diff] [blame]47 "$PROGRAMS_DIR/ssl_client1" \
48 0 \
49 -c "New, TLSv1.3, Cipher is" \
50 -S "ERROR" \
51 -C "error"
52
53requires_protocol_version tls13
Gilles Peskine8db2b792024-09-05 13:05:49 +0200[diff] [blame]54requires_gnutls_tls1_3
Gilles Peskine7985d452024-09-04 16:06:10 +0200[diff] [blame]55run_test "Sample: ssl_client1, gnutls server, TLS 1.3" \
56 -P 4433 \
Gilles Peskine8db2b792024-09-05 13:05:49 +0200[diff] [blame]57 "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3" \
Gilles Peskine7985d452024-09-04 16:06:10 +0200[diff] [blame]58 "$PROGRAMS_DIR/ssl_client1" \
59 0 \
60 -s "Version: TLS1.3" \
61 -c "<TD>Protocol version:</TD><TD>TLS1.3</TD>" \
62 -S "Error" \
63 -C "error"
Gilles Peskineae710c82024-09-04 16:07:56 +0200[diff] [blame]64
Gilles Peskinec3d1a1d2024-09-10 00:03:18 +0200[diff] [blame]65# The server complains of extra data after it closes the connection
66# because the client keeps sending data, so the server receives
67# more application data when it expects a new handshake. We consider
68# the test a success if both sides have sent and received application
69# data, no matter what happens afterwards.
70run_test "Sample: dtls_client, ssl_server2" \
71 -P 4433 \
72 "$PROGRAMS_DIR/ssl_server2 dtls=1 server_addr=localhost" \
73 "$PROGRAMS_DIR/dtls_client" \
74 0 \
75 -s "[1-9][0-9]* bytes read" \
76 -s "[1-9][0-9]* bytes written" \
77 -c "[1-9][0-9]* bytes read" \
78 -c "[1-9][0-9]* bytes written" \
79 -C "error"
80
Gilles Peskineae710c82024-09-04 16:07:56 +0200[diff] [blame]81requires_protocol_version dtls12
82run_test "Sample: dtls_client, openssl server, DTLS 1.2" \
83 -P 4433 \
84 "$O_SRV -dtls1_2" \
85 "$PROGRAMS_DIR/dtls_client" \
86 0 \
87 -s "Echo this" \
Gilles Peskineae710c82024-09-04 16:07:56 +0200[diff] [blame]88 -c "Echo this" \
89 -c "[1-9][0-9]* bytes written" \
90 -c "[1-9][0-9]* bytes read" \
91 -S "ERROR" \
92 -C "error"
93
94requires_protocol_version dtls12
95run_test "Sample: dtls_client, gnutls server, DTLS 1.2" \
96 -P 4433 \
97 "$G_SRV -u --echo --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2" \
98 "$PROGRAMS_DIR/dtls_client" \
99 0 \
100 -s "Server listening" \
101 -s "[1-9][0-9]* bytes command:" \
102 -c "Echo this" \
103 -c "[1-9][0-9]* bytes written" \
104 -c "[1-9][0-9]* bytes read" \
105 -S "Error" \
106 -C "error"
Gilles Peskinea21e8932024-09-04 16:30:32 +0200[diff] [blame]107
Gilles Peskinec3d1a1d2024-09-10 00:03:18 +0200[diff] [blame]108run_test "Sample: ssl_server, ssl_client2" \
109 -P 4433 \
110 "$PROGRAMS_DIR/ssl_server" \
111 "$PROGRAMS_DIR/ssl_client2" \
112 0 \
113 -s "[1-9][0-9]* bytes read" \
114 -s "[1-9][0-9]* bytes written" \
115 -c "[1-9][0-9]* bytes read" \
116 -c "[1-9][0-9]* bytes written" \
117 -S "error" \
118 -C "error"
119
120run_test "Sample: ssl_client1 with ssl_server" \
121 -P 4433 \
122 "$PROGRAMS_DIR/ssl_server" \
123 "$PROGRAMS_DIR/ssl_client1" \
124 0 \
125 -s "[1-9][0-9]* bytes read" \
126 -s "[1-9][0-9]* bytes written" \
127 -c "[1-9][0-9]* bytes read" \
128 -c "[1-9][0-9]* bytes written" \
129 -S "error" \
130 -C "error"
131
Gilles Peskinea21e8932024-09-04 16:30:32 +0200[diff] [blame]132requires_protocol_version tls12
133run_test "Sample: ssl_server, openssl client, TLS 1.2" \
134 -P 4433 \
135 "$PROGRAMS_DIR/ssl_server" \
136 "$O_CLI -tls1_2" \
137 0 \
138 -s "Successful connection using: TLS-" \
Gilles Peskine6ef52392024-09-04 23:33:36 +0200[diff] [blame]139 -c "Protocol.*TLSv1.2" \
Gilles Peskinea21e8932024-09-04 16:30:32 +0200[diff] [blame]140 -S "error" \
141 -C "ERROR"
142
143requires_protocol_version tls12
144run_test "Sample: ssl_server, gnutls client, TLS 1.2" \
145 -P 4433 \
146 "$PROGRAMS_DIR/ssl_server" \
147 "$G_CLI --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2 localhost" \
148 0 \
149 -s "Successful connection using: TLS-" \
150 -c "Description:.*TLS1.2" \
151 -S "error" \
152 -C "ERROR"
153
154requires_protocol_version tls13
Gilles Peskine33388212024-09-04 23:32:42 +0200[diff] [blame]155requires_openssl_tls1_3
Gilles Peskinea21e8932024-09-04 16:30:32 +0200[diff] [blame]156run_test "Sample: ssl_server, openssl client, TLS 1.3" \
157 -P 4433 \
158 "$PROGRAMS_DIR/ssl_server" \
Gilles Peskine33388212024-09-04 23:32:42 +0200[diff] [blame]159 "$O_NEXT_CLI -tls1_3" \
Gilles Peskinea21e8932024-09-04 16:30:32 +0200[diff] [blame]160 0 \
161 -s "Successful connection using: TLS1-3-" \
162 -c "New, TLSv1.3, Cipher is" \
163 -S "error" \
164 -C "ERROR"
165
166requires_protocol_version tls13
Gilles Peskine8db2b792024-09-05 13:05:49 +0200[diff] [blame]167requires_gnutls_tls1_3
Gilles Peskinea21e8932024-09-04 16:30:32 +0200[diff] [blame]168run_test "Sample: ssl_server, gnutls client, TLS 1.3" \
169 -P 4433 \
170 "$PROGRAMS_DIR/ssl_server" \
Gilles Peskine8db2b792024-09-05 13:05:49 +0200[diff] [blame]171 "$G_NEXT_CLI --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3 localhost" \
Gilles Peskinea21e8932024-09-04 16:30:32 +0200[diff] [blame]172 0 \
173 -s "Successful connection using: TLS1-3-" \
174 -c "Description:.*TLS1.3" \
175 -S "error" \
176 -C "ERROR"
Gilles Peskine3abca952024-09-04 16:31:06 +0200[diff] [blame]177
Gilles Peskinec3d1a1d2024-09-10 00:03:18 +0200[diff] [blame]178run_test "Sample: ssl_fork_server, ssl_client2" \
179 -P 4433 \
180 "$PROGRAMS_DIR/ssl_fork_server" \
181 "$PROGRAMS_DIR/ssl_client2" \
182 0 \
183 -s "[1-9][0-9]* bytes read" \
184 -s "[1-9][0-9]* bytes written" \
185 -c "[1-9][0-9]* bytes read" \
186 -c "[1-9][0-9]* bytes written" \
187 -S "error" \
188 -C "error"
189
190run_test "Sample: ssl_client1 with ssl_fork_server" \
191 -P 4433 \
192 "$PROGRAMS_DIR/ssl_fork_server" \
193 "$PROGRAMS_DIR/ssl_client1" \
194 0 \
195 -s "[1-9][0-9]* bytes read" \
196 -s "[1-9][0-9]* bytes written" \
197 -c "[1-9][0-9]* bytes read" \
198 -c "[1-9][0-9]* bytes written" \
199 -S "error" \
200 -C "error"
201
Gilles Peskine3abca952024-09-04 16:31:06 +0200[diff] [blame]202requires_protocol_version tls12
Gilles Peskinec83e56c2024-09-04 17:47:14 +0200[diff] [blame]203run_test "Sample: ssl_fork_server, openssl client, TLS 1.2" \
204 -P 4433 \
205 "$PROGRAMS_DIR/ssl_fork_server" \
206 "$O_CLI -tls1_2" \
207 0 \
208 -s "Successful connection using: TLS-" \
Gilles Peskine6ef52392024-09-04 23:33:36 +0200[diff] [blame]209 -c "Protocol.*TLSv1.2" \
Gilles Peskinec83e56c2024-09-04 17:47:14 +0200[diff] [blame]210 -S "error" \
211 -C "ERROR"
212
213requires_protocol_version tls12
214run_test "Sample: ssl_fork_server, gnutls client, TLS 1.2" \
215 -P 4433 \
216 "$PROGRAMS_DIR/ssl_fork_server" \
217 "$G_CLI --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2 localhost" \
218 0 \
219 -s "Successful connection using: TLS-" \
220 -c "Description:.*TLS1.2" \
221 -S "error" \
222 -C "ERROR"
223
224requires_protocol_version tls13
Gilles Peskine33388212024-09-04 23:32:42 +0200[diff] [blame]225requires_openssl_tls1_3
Gilles Peskinec83e56c2024-09-04 17:47:14 +0200[diff] [blame]226run_test "Sample: ssl_fork_server, openssl client, TLS 1.3" \
227 -P 4433 \
228 "$PROGRAMS_DIR/ssl_fork_server" \
Gilles Peskine33388212024-09-04 23:32:42 +0200[diff] [blame]229 "$O_NEXT_CLI -tls1_3" \
Gilles Peskinec83e56c2024-09-04 17:47:14 +0200[diff] [blame]230 0 \
231 -s "Successful connection using: TLS1-3-" \
232 -c "New, TLSv1.3, Cipher is" \
233 -S "error" \
234 -C "ERROR"
235
236requires_protocol_version tls13
Gilles Peskine8db2b792024-09-05 13:05:49 +0200[diff] [blame]237requires_gnutls_tls1_3
Gilles Peskinec83e56c2024-09-04 17:47:14 +0200[diff] [blame]238run_test "Sample: ssl_fork_server, gnutls client, TLS 1.3" \
239 -P 4433 \
240 "$PROGRAMS_DIR/ssl_fork_server" \
Gilles Peskine8db2b792024-09-05 13:05:49 +0200[diff] [blame]241 "$G_NEXT_CLI --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3 localhost" \
Gilles Peskinec83e56c2024-09-04 17:47:14 +0200[diff] [blame]242 0 \
243 -s "Successful connection using: TLS1-3-" \
244 -c "Description:.*TLS1.3" \
245 -S "error" \
246 -C "ERROR"
247
Gilles Peskinec3d1a1d2024-09-10 00:03:18 +0200[diff] [blame]248run_test "Sample: ssl_pthread_server, ssl_client2" \
249 -P 4433 \
250 "$PROGRAMS_DIR/ssl_pthread_server" \
251 "$PROGRAMS_DIR/ssl_client2" \
252 0 \
253 -s "[1-9][0-9]* bytes read" \
254 -s "[1-9][0-9]* bytes written" \
255 -c "[1-9][0-9]* bytes read" \
256 -c "[1-9][0-9]* bytes written" \
257 -S "error" \
258 -C "error"
259
260run_test "Sample: ssl_client1 with ssl_pthread_server" \
261 -P 4433 \
262 "$PROGRAMS_DIR/ssl_pthread_server" \
263 "$PROGRAMS_DIR/ssl_client1" \
264 0 \
265 -s "[1-9][0-9]* bytes read" \
266 -s "[1-9][0-9]* bytes written" \
267 -c "[1-9][0-9]* bytes read" \
268 -c "[1-9][0-9]* bytes written" \
269 -S "error" \
270 -C "error"
271
Gilles Peskinec83e56c2024-09-04 17:47:14 +0200[diff] [blame]272requires_protocol_version tls12
Gilles Peskine3abca952024-09-04 16:31:06 +0200[diff] [blame]273run_test "Sample: ssl_pthread_server, openssl client, TLS 1.2" \
274 -P 4433 \
275 "$PROGRAMS_DIR/ssl_pthread_server" \
276 "$O_CLI -tls1_2" \
277 0 \
278 -s "Successful connection using: TLS-" \
Gilles Peskine6ef52392024-09-04 23:33:36 +0200[diff] [blame]279 -c "Protocol.*TLSv1.2" \
Gilles Peskine3abca952024-09-04 16:31:06 +0200[diff] [blame]280 -S "error" \
281 -C "ERROR"
282
283requires_protocol_version tls12
284run_test "Sample: ssl_pthread_server, gnutls client, TLS 1.2" \
285 -P 4433 \
286 "$PROGRAMS_DIR/ssl_pthread_server" \
287 "$G_CLI --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2 localhost" \
288 0 \
289 -s "Successful connection using: TLS-" \
290 -c "Description:.*TLS1.2" \
291 -S "error" \
292 -C "ERROR"
293
294requires_protocol_version tls13
Gilles Peskine33388212024-09-04 23:32:42 +0200[diff] [blame]295requires_openssl_tls1_3
Gilles Peskine3abca952024-09-04 16:31:06 +0200[diff] [blame]296run_test "Sample: ssl_pthread_server, openssl client, TLS 1.3" \
297 -P 4433 \
298 "$PROGRAMS_DIR/ssl_pthread_server" \
Gilles Peskine33388212024-09-04 23:32:42 +0200[diff] [blame]299 "$O_NEXT_CLI -tls1_3" \
Gilles Peskine3abca952024-09-04 16:31:06 +0200[diff] [blame]300 0 \
301 -s "Successful connection using: TLS1-3-" \
302 -c "New, TLSv1.3, Cipher is" \
303 -S "error" \
304 -C "ERROR"
305
306requires_protocol_version tls13
Gilles Peskine8db2b792024-09-05 13:05:49 +0200[diff] [blame]307requires_gnutls_tls1_3
Gilles Peskine3abca952024-09-04 16:31:06 +0200[diff] [blame]308run_test "Sample: ssl_pthread_server, gnutls client, TLS 1.3" \
309 -P 4433 \
310 "$PROGRAMS_DIR/ssl_pthread_server" \
Gilles Peskine8db2b792024-09-05 13:05:49 +0200[diff] [blame]311 "$G_NEXT_CLI --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3 localhost" \
Gilles Peskine3abca952024-09-04 16:31:06 +0200[diff] [blame]312 0 \
313 -s "Successful connection using: TLS1-3-" \
314 -c "Description:.*TLS1.3" \
315 -S "error" \
316 -C "ERROR"
Gilles Peskine6b4d6932024-09-04 16:51:50 +0200[diff] [blame]317
Gilles Peskinec3d1a1d2024-09-10 00:03:18 +0200[diff] [blame]318# The server complains of extra data after it closes the connection
319# because the client keeps sending data, so the server receives
320# more application data when it expects a new handshake. We consider
321# the test a success if both sides have sent and received application
322# data, no matter what happens afterwards.
323run_test "Sample: dtls_client with dtls_server" \
324 -P 4433 \
325 "$PROGRAMS_DIR/dtls_server" \
326 "$PROGRAMS_DIR/dtls_client" \
327 0 \
328 -s "[1-9][0-9]* bytes read" \
329 -s "[1-9][0-9]* bytes written" \
330 -c "[1-9][0-9]* bytes read" \
331 -c "[1-9][0-9]* bytes written" \
332 -C "error"
333
334# The server complains of extra data after it closes the connection
335# because the client keeps sending data, so the server receives
336# more application data when it expects a new handshake. We consider
337# the test a success if both sides have sent and received application
338# data, no matter what happens afterwards.
339run_test "Sample: ssl_client2, dtls_server" \
340 -P 4433 \
341 "$PROGRAMS_DIR/dtls_server" \
342 "$PROGRAMS_DIR/ssl_client2 dtls=1" \
343 0 \
344 -s "[1-9][0-9]* bytes read" \
345 -s "[1-9][0-9]* bytes written" \
346 -c "[1-9][0-9]* bytes read" \
347 -c "[1-9][0-9]* bytes written" \
348 -C "error"
349
Gilles Peskine6b4d6932024-09-04 16:51:50 +0200[diff] [blame]350requires_protocol_version dtls12
351run_test "Sample: dtls_server, openssl client, DTLS 1.2" \
352 -P 4433 \
353 "$PROGRAMS_DIR/dtls_server" \
354 "$O_CLI -dtls1_2" \
355 0 \
356 -s "[1-9][0-9]* bytes read" \
357 -s "[1-9][0-9]* bytes written" \
Gilles Peskine6ef52392024-09-04 23:33:36 +0200[diff] [blame]358 -c "Protocol.*TLSv1.2" \
Gilles Peskine6b4d6932024-09-04 16:51:50 +0200[diff] [blame]359 -S "error" \
360 -C "ERROR"
361
362requires_protocol_version dtls12
363run_test "Sample: dtls_server, gnutls client, DTLS 1.2" \
364 -P 4433 \
365 "$PROGRAMS_DIR/dtls_server" \
366 "$G_CLI -u --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2 localhost" \
367 0 \
368 -s "[1-9][0-9]* bytes read" \
369 -s "[1-9][0-9]* bytes written" \
370 -c "Description:.*DTLS1.2" \
371 -S "error" \
372 -C "ERROR"