diff options
-rwxr-xr-x | tests/howsmyssl.sh | 67 | ||||
-rw-r--r-- | tests/local.mk | 3 |
2 files changed, 69 insertions, 1 deletions
diff --git a/tests/howsmyssl.sh b/tests/howsmyssl.sh new file mode 100755 index 0000000..2f7296d --- /dev/null +++ b/tests/howsmyssl.sh @@ -0,0 +1,67 @@ +# Tests using Jeff Hodges's How's My SSL? Web service +# +# Copyright (C) 2019 Patrick McDermott +# +# This file is part of wolfssl-util. +# +# wolfssl-util is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 2 of the License, or +# (at your option) any later version. +# +# wolfssl-util is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with wolfssl-util. If not, see <http://www.gnu.org/licenses/>. + +set -eu + +. "${TOP_SRCDIR}/tests/aux/tap-functions.sh" +JSON_SEPARATOR='/' JSON_DEBUG='' . "${TOP_SRCDIR}/tests/aux/json.sh" + +test_grep() +{ + printf '%s\n' "${members}" | grep "${@}" +} + +plan_ 7 + +json="$(printf 'GET /a/check HTTP/1.1\r\n'$(: \ + )'Host: www.howsmyssl.com:443\r\nConnection: close\r\n\r\n' | \ + "${TOP_BUILDDIR}/wolfssl-util" s_client \ + -connect www.howsmyssl.com:443 \ + -servername www.howsmyssl.com | \ + sed -n 's/\r$//; /^{/,$p')" +printf '%s\n' + +IFS=' +' +printf '# JSON:\n' +printf '# %s\n' ${json} +unset IFS + +members="$(printf '%s\n' "${json}" | json)" + +IFS=' +' +printf '# Parsed members:\n' +printf '# %s\n' ${members} +unset IFS + +command_ok_ 'Ephemeral keys supported' -- \ + test_grep -q '^/ephemeral_keys_supported boolean true$' +command_ok_ 'No TLS compression supported' -- \ + test_grep -q '^/tls_compression_supported boolean false$' +command_ok_ 'No unknown cipher suites supported' -- \ + test_grep -q '^/unknown_cipher_suite_supported boolean false$' +command_ok_ 'No BEAST vulnerability' -- \ + test_grep -q '^/beast_vuln boolean false$' +command_ok_ 'No weak cipher suites supported' -- \ + test_grep -vq '^/insecure_cipher_suites/' +command_ok_ 'TLS 1.2' -- \ + test_grep -q '^/tls_version string TLS 1.2$' +command_ok_ 'Probably OK' -- \ + test_grep -q '^/rating string Probably Okay$' diff --git a/tests/local.mk b/tests/local.mk index 288b9ad..5b5be3b 100644 --- a/tests/local.mk +++ b/tests/local.mk @@ -1,5 +1,6 @@ TESTS = \ - %reldir%/badssl.sh + %reldir%/badssl.sh \ + %reldir%/howsmyssl.sh TEST_EXTENSIONS = .sh SH_LOG_DRIVER = \ AM_TAP_AWK='$(AWK)' \ |