diff options
Diffstat (limited to 'tests')
-rw-r--r-- | tests/.gitignore | 2 | ||||
-rw-r--r-- | tests/aux/json.sh | 402 | ||||
-rw-r--r-- | tests/aux/tap-functions.sh | 229 | ||||
-rwxr-xr-x | tests/badssl.sh | 119 | ||||
-rwxr-xr-x | tests/howsmyssl.sh | 67 | ||||
-rw-r--r-- | tests/local.mk | 14 |
6 files changed, 0 insertions, 833 deletions
diff --git a/tests/.gitignore b/tests/.gitignore deleted file mode 100644 index 7e563b8..0000000 --- a/tests/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -*.log -*.trs diff --git a/tests/aux/json.sh b/tests/aux/json.sh deleted file mode 100644 index 3c9783f..0000000 --- a/tests/aux/json.sh +++ /dev/null @@ -1,402 +0,0 @@ -# `json.sh`, a pure-shell JSON parser. -# -# Copied from <lib/json.sh> in repository <https://github.com/rcrowley/json.sh>. -# -# Copyright 2011 Richard Crowley. All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are -# met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above -# copyright notice, this list of conditions and the following -# disclaimer in the documentation and/or other materials provided -# with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY RICHARD CROWLEY AS IS'' AND ANY EXPRESS -# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL RICHARD CROWLEY OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF -# THE POSSIBILITY OF SUCH DAMAGE. -# -# The views and conclusions contained in the software and documentation -# are those of the authors and should not be interpreted as representing -# official policies, either expressed or implied, of Richard Crowley. - -set -e - -# Most users will be happy with the default '/' separator that makes trees -# of keys look like filesystem paths but that breaks down if keys can -# contain slashes. In that case, set `JSON_SEPARATOR` to desired character. -[ -z "$JSON_SEPARATOR" ] && _J_S="/" || _J_S="$JSON_SEPARATOR" - -# File descriptor 3 is commandeered for debug output, which may end up being -# forwarded to standard error. -[ -z "$JSON_DEBUG" ] && exec 3>/dev/null || exec 3>&2 - -# File descriptor 4 is commandeered for use as a sink for literal and -# variable output of (inverted) sections that are not destined for standard -# output because their condition is not met. -exec 4>/dev/null - -# Consume standard input one character at a time to parse JSON. -json() { - - # Initialize the file descriptor to be used to emit characters. At - # times this value will be 4 to send output to `/dev/null`. - _J_FD=1 - - # Initialize storage for the "pathname", the concatenation of all - # the keys in the tree at any point in time, the current state of - # the machine, and the state to which the machine returns after - # completing a key or value. - _J_PATHNAME="$_J_S" _J_STATE="whitespace" _J_STATE_DEFAULT="whitespace" - - # IFS must only contain '\n' so as to be able to read space and tab - # characters from standard input one-at-a-time. The easiest way to - # convince it to actually contain the correct byte, and only the - # correct byte, is to use a single-quoted literal newline. - IFS=' -' - - # Consuming standard input one character at a time is quite a feat - # within the confines of POSIX shell. Bash's `read` builtin has - # `-n` for limiting the number of characters consumed. Here it is - # faked using `sed`(1) to place each character on its own line. - # The subtlety is that real newline characters are chomped so they - # must be indirectly detected by checking for zero-length - # characters, which is done as the character is emitted. - sed " - s/./&$(printf "\036")/g - s/\\\\/\\\\\\\\/g - " | tr "\036" "\n" | _json - - # TODO Replace the original value of IFS. Be careful if it's unset. - -} - -# Consume the one-character-per-line stream from `sed` via a state machine. -# This function will be called recursively in subshell environments to -# isolate values from their containing scope. -# -# The `read` builtin consumes one line at a time but by now each line -# contains only a single character. -_json() { - while read _J_C - do - _json_char - _J_PREV_C="$_J_C" - done -} - -# Consume a single character as stored in `_J_C`. This function is broken -# out from `_json` so it may be called to reconsume a character as is -# necessary following the end of any number since numbers do not have a -# well-known ending in the grammar. -# -# The state machine implemented here follows very naturally from the -# diagrams of the JSON grammar on <http://json.org>. -_json_char() { - echo " _J_C: $_J_C (${#_J_C}), _J_STATE: $_J_STATE" >&3 - case "$_J_STATE" in - - # The machine starts in the "whitespace" state and learns - # from leading characters what state to enter next. JSON's - # grammar doesn't contain any tokens that are ambiguous in - # their first character so the parser's job is relatively - # easier. - # - # Further whitespace characters are consumed and ignored. - # - # Arrays are unique in that their parsing rules are a strict - # superset of the rules in open whitespace. When an opening - # bracket is encountered, the remainder of the array is - # parsed in a subshell which goes around again when a comma - # is encountered and exits back to the containing scope when - # the closing bracket is encountered. - # - # Objects are not parsed as a superset of open whitespace but - # they are parsed in a subshell to protect the containing scope. - "array-0"|"array-even"|"array-odd"|"whitespace") - case "$_J_STATE" in - "array-0") - case "$_J_C" in - "]") exit;; - esac;; - "array-even") - case "$_J_C" in - ",") - _J_DIRNAME="${_J_PATHNAME%"$_J_S"*}" - [ "$_J_DIRNAME" = "$_J_S" ] && _J_DIRNAME="" - _J_BASENAME="${_J_PATHNAME##*"$_J_S"}" - _J_BASENAME="$(($_J_BASENAME + 1))" - _J_PATHNAME="$_J_DIRNAME$_J_S$_J_BASENAME" - _J_STATE="array-odd" - return;; - "]") exit;; - esac;; - esac - case "$_J_C" in - "\"") _J_STATE="string" _J_V="";; - "-") _J_STATE="number-negative" _J_V="$_J_C";; - 0) _J_STATE="number-leading-zero" _J_V="$_J_C";; - [1-9]) _J_STATE="number-leading-nonzero" _J_V="$_J_C";; - "[") - ( - [ "$_J_PATHNAME" = "/" ] && _J_PATHNAME="" - _J_PATHNAME="$_J_PATHNAME/0" - _J_STATE="array-0" _J_STATE_DEFAULT="array-even" - _json - ) - _J_STATE="$_J_STATE_DEFAULT" _J_V="";; - "f"|"t") _J_STATE="boolean" _J_V="$_J_C";; - "n") _J_STATE="null" _J_V="$_J_C";; - "{") - ( - _J_STATE="object-0" _J_STATE_DEFAULT="object-even" - _json - ) - _J_STATE="$_J_STATE_DEFAULT" _J_V="";; - " "|""|" ") ;; - *) _json_die "syntax: $_J_PATHNAME";; - esac;; - - # Boolean values are multicharacter literals but they're unique - # from their first character. This means the eventual value is - # already known when the "boolean" state is entered so we can - # raise syntax errors as soon as the input goes south. - "boolean") - case "$_J_V$_J_C" in - "f"|"fa"|"fal"|"fals"|"t"|"tr"|"tru") _J_V="$_J_V$_J_C";; - "false"|"true") - _J_STATE="$_J_STATE_DEFAULT" - echo "$_J_PATHNAME boolean $_J_V$_J_C" >&$_J_FD;; - *) _json_die "syntax: $_J_PATHNAME boolean $_J_V$_J_C";; - esac;; - - # Object values are relatively more complex than array values. - # They begin in the "object-0" state, which is almost but not - # quite a subset of the "whitespace" state for strings. When - # a string is encountered it is parsed as usual but the parser - # is set to return to the "object-value" state afterward. - # - # As in the "whitespace" state, extra whitespace characters - # are consumed and ignored. - # - # The parser will return to this "object" state later to - # either consume a comma and go around again or exit the - # subshell in which this object has been parsed. - "object-0") - case "$_J_C" in - "\"") - _J_FD=4 - _J_STATE="string" - _J_STATE_DEFAULT="object-value" - _J_V="";; - "}") exit;; - " "|""|" ") ;; - *) _json_die "syntax: $_J_PATHNAME";; - esac;; - - # "object-even" is like "object-0" but additionally commas are - # consumed to enforce the another key/value pair is coming. - "object-even") - case "$_J_C" in - "\"") - _J_FD=4 - _J_STATE="string" - _J_STATE_DEFAULT="object-value" - _J_V="";; - ",") _J_STATE="object-odd";; - "}") exit;; - " "|""|" ") ;; - *) _json_die "syntax: $_J_PATHNAME";; - esac;; - - # Object values have to return from whence they came. They use - # the "object-exit" state to signal the last character consumed - # to the containing scope. - "object-exit") #exit;; - case "$_J_C" in - ",") exit 101;; - "}") exit 102;; - *) exit 0;; - esac;; - - # "object-even" is like "object-0" but cannot consume a closing - # brace because it has just consumed a comma. - "object-odd") - case "$_J_C" in - "\"") - _J_FD=4 - _J_STATE="string" - _J_STATE_DEFAULT="object-value" - _J_V="";; - " "|""|" ") ;; - *) _json_die "syntax: $_J_PATHNAME";; - esac;; - - # After a string key has been consumed, the state machine - # progresses here where a colon and a value are parsed. The - # value is parsed in a subshell so the pathname can have the - # key appended to it before the parser continues. - "object-value") - case "$_J_C" in - ":") - _J_FD=1 - ( - [ "$_J_PATHNAME" = "/" ] && _J_PATHNAME="" - _J_PATHNAME="$_J_PATHNAME/$_J_V" - _J_STATE="whitespace" - _J_STATE_DEFAULT="object-exit" - _json - ) || case "$?" in - 101) _J_STATE="object-even" _J_C="," _json_char;; - 102) _J_STATE="object-even" _J_C="}" _json_char;; - esac - _J_STATE="object-even";; - " "|""|" ") ;; - *) _json_die "syntax: $_J_PATHNAME";; - esac;; - - # Null values work exactly like boolean values. See above. - "null") - case "$_J_V$_J_C" in - "n"|"nu"|"nul") _J_V="$_J_V$_J_C";; - "null") - _J_STATE="$_J_STATE_DEFAULT" - echo "$_J_PATHNAME null null" >&$_J_FD;; - *) _json_die "syntax: $_J_PATHNAME null $_J_V$_J_C";; - esac;; - - # Numbers that encounter a '.' become floating point and may - # continue consuming digits forever or may become - # scientific-notation. Any other character sends the parser - # back to its default state. - "number-float") - case "$_J_C" in - [0-9]) _J_V="$_J_V$_J_C";; - "E"|"e") _J_STATE="number-sci" _J_V="$_J_V$_J_C";; - *) - _J_STATE="$_J_STATE_DEFAULT" - echo "$_J_PATHNAME number $_J_V" >&$_J_FD - _json_char;; - esac;; - - # This is an entrypoint into parsing a number, used when - # the first digit consumed is non-zero. From here, a number - # may continue on a positive integer, become a floating-point - # number by consuming a '.', or become scientific-notation by - # consuming an 'E' or 'e'. Any other character sends the - # parser back to its default state. - "number-leading-nonzero") - case "$_J_C" in - ".") _J_STATE="number-float" _J_V="$_J_V$_J_C";; - [0-9]) _J_V="$_J_V$_J_C";; - "E"|"e") _J_STATE="number-sci" _J_V="$_J_V$_J_C";; - *) - _J_STATE="$_J_STATE_DEFAULT" - echo "$_J_PATHNAME number $_J_V" >&$_J_FD - _json_char;; - esac;; - - # This is an entrypoint into parsing a number, used when - # the first digit consumed is zero. From here, a number - # may remain zero, become a floating-point number by - # consuming a '.', or become scientific-notation by consuming - # an 'E' or 'e'. Any other character sends the parser back - # to its default state. - "number-leading-zero") - case "$_J_C" in - ".") _J_STATE="number-float" _J_V="$_J_V$_J_C";; - [0-9]) _json_die "syntax: $_J_PATHNAME number $_J_V$_J_C";; - "E"|"e") _J_STATE="number-sci" _J_V="$_J_V$_J_C";; - *) - _J_STATE="$_J_STATE_DEFAULT" - echo "$_J_PATHNAME number $_J_V" >&$_J_FD - _json_char;; - esac;; - - # This is an entrypoint into parsing a number, used when - # the first character consumed is a '-'. From here, a number - # may progress to the "number-leading-nonzero" or - # "number-leading-zero" states. Any other character sends - # the parser back to its default state. - "number-negative") - case "$_J_C" in - 0) _J_STATE="number-leading-zero" _J_V="$_J_V$_J_C";; - [1-9]) - _J_STATE="number-leading-nonzero" - _J_V="$_J_V$_J_C";; - *) - _J_STATE="$_J_STATE_DEFAULT" - echo "$_J_PATHNAME number $_J_V" >&$_J_FD - _json_char;; - esac;; - - # Numbers that encounter an 'E' or 'e' become - # scientific-notation and consume digits, optionally prefixed - # by a '+' or '-', forever. The actual consumption is - # delegated to the "number-sci-neg" and "number-sci-pos" - # states. Any other character immediately following the 'E' - # or 'e' is a syntax error. - "number-sci") - case "$_J_C" in - "+") _J_STATE="number-sci-pos" _J_V="$_J_V$_J_C";; - "-") _J_STATE="number-sci-neg" _J_V="$_J_V$_J_C";; - [0-9]) _J_STATE="number-sci-pos" _J_V="$_J_V$_J_C";; - *) _json_die "syntax: $_J_PATHNAME number $_J_V$_J_C";; - esac;; - - # Once in these states, numbers may consume digits forever. - # Any other character sends the parser back to its default - # state. - "number-sci-neg"|"number-sci-pos") - case "$_J_C" in - [0-9]) _J_V="$_J_V$_J_C";; - *) - _J_STATE="$_J_STATE_DEFAULT" - echo "$_J_PATHNAME number $_J_V" >&$_J_FD - _json_char;; - esac;; - - # Strings aren't as easy as they look. JSON supports several - # escape sequences that require the state machine to keep a - # history of its input. Basic backslash/newline/etc. escapes - # are simple because they only require one character of - # history. Unicode codepoint escapes require more. The - # strategy there is to add states to the machine. - # - # TODO It'd be nice to decode all escape sequences, including - # Unicode codepoints but that would definitely ruin the - # line-oriented thing we've got goin' on. - "string") - case "$_J_PREV_C$_J_C" in - "\\\""|"\\/"|"\\\\") _J_V="$_J_V$_J_C";; - "\\b"|"\\f"|"\\n"|"\\r") _J_V="$_J_V\\\\$_J_C";; - "\\u") _J_V="$_J_V\\\\$_J_C";; - *"\"") - _J_STATE="$_J_STATE_DEFAULT" - echo "$_J_PATHNAME string $_J_V" >&$_J_FD;; - *"\\") ;; - *) _J_V="$_J_V$_J_C";; - esac;; - - esac -} - -# Print an error message and GTFO. The message is the concatenation -# of all the arguments to this function. -_json_die() { - echo "json.sh: $*" >&2 - exit 1 -} diff --git a/tests/aux/tap-functions.sh b/tests/aux/tap-functions.sh deleted file mode 100644 index 29ff437..0000000 --- a/tests/aux/tap-functions.sh +++ /dev/null @@ -1,229 +0,0 @@ -# -*- shell-script -*- -# -# Copyright (C) 2011-2017 Free Software Foundation, Inc. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. - -# Helper functions used by TAP-producing tests of the Automake testsuite. - -# -# IMPORTANT: All the functions defined in this file can *not* be used -# from within a subshell, unless explicitly noted otherwise. -# - -# The counts of the TAP test results seen so far: total count and -# per-result counts. -tap_count_=0 -tap_pass_count_=0 -tap_skip_count_=0 -tap_fail_count_=0 -tap_xfail_count_=0 -tap_xpass_count_=0 - -# not COMMAND [ARGS...] -# --------------------- -# Run the given command and invert its exit status. -not () { ! "$@"; } - -# plan_ [unknown|later|lazy|now|NUMBER-OF-PLANNED-TESTS] -# ------------------------------------------------------ -# Print a TAP plan for the given number of tests. This must be called -# before reporting any test result. If called with the special argument -# "unknown" or "later", it will do nothing, expecting the calling script -# to declare the plan later. If called with the special argument "lazy" -# or "now", it will print a TAP plan that accounts for the number of tests -# seen so far. -plan_ () -{ - if test $# -eq 0; then - bailout_ "plan_: missing argument" - elif test $# -ge 2; then - bailout_ "plan_: too many arguments" - elif test x"$planned_" != x"none" && test x"$planned_" != x"later"; then - bailout_ "plan_: called to many times" - elif test x"$1" = x"unknown" || test x"$1" = x"later"; then - # This means we want to get back later to declaring the TAP plan. - planned_=later - return 0 - elif test x"$1" = x"lazy" || test x"$1" = x"now"; then - planned_=$tap_count_ # Number of test results seen so far. - elif test $1 -ge 0; then - planned_=$1 - else - bailout_ "plan_: invalid argument '$1'" - fi - echo "1..$planned_" -} -planned_=none - -# diag_ [EXPLANATION] -# ------------------ -# Report the given text as TAP diagnostic. Assumes the string denoting -# TAP diagnostic lines is stored in the '$diag_string_' variable; this is -# done to allow better interplay with TAP drivers that allow such a string -# to be configured. -diag_ () -{ - test $# -eq 0 || echo "$diag_string_ $*" -} - -# Used by the 'diag_' function above. User-overridable. -diag_string_="#" - -# warn_ [EXPLANATION] -# ------------------ -# Give a warning (using TAP diagnostic). -warn_ () -{ - case $# in - 0) diag_ "WARNING: (unknown warning)";; - *) diag_ "WARNING: $*";; - esac -} - -# result_ RESULT [-D DIRECTIVE] [-r REASON] [--] [DESCRIPTION...] -# --------------------------------------------------------------- -# Report a test case with the given RESULT (valid values are "ok" and -# "not ok") and the given DESCRIPTION (if any). If DIRECTIVE is given -# and non-empty (valid values being "TODO" and "SKIP"), it will be -# reported too, with the REASON (if given) appended. -result_ () -{ - test $# -gt 0 || bailout_ "result_: missing argument" - tap_result_=$1; shift - case $tap_result_ in - "ok"|"not ok") ;; - *) bailout_ "result_: invalid result '$tap_result'" ;; - esac - tap_directive_= tap_reason_= - while test $# -gt 0; do - case $1 in - -D|--directive) tap_directive_=$2; shift;; - -r|--reason) tap_reason_=$2; shift;; - --) shift; break;; - -*) bailout_ "result_: invalid option '$1'";; - *) break;; - esac - shift - done - case $tap_directive_ in - ""|TODO|SKIP) ;; - *) bailout_ "result_: invalid directive '$directive_'" ;; - esac - tap_count_=$(($tap_count_ + 1)) - case $tap_result_,$tap_directive_ in - ok,) # Passed. - tap_pass_count_=$(($tap_pass_count_ + 1)) ;; - not\ ok,TODO) # Expected failure. - tap_xfail_count_=$(($tap_xfail_count_ + 1)) ;; - not\ ok,*) # Failed. - tap_fail_count_=$(($tap_fail_count_ + 1)) ;; - ok,TODO) # Unexpected pass. - tap_xpass_count_=$(($tap_xpass_count_ + 1)) ;; - ok,SKIP) # Skipped. - tap_skip_count_=$(($tap_skip_count_ + 1)) ;; - *) # Can't happen. - bailout_ "internal error in 'result_'" ;; - esac - tap_text_="$tap_result_ $tap_count_" - if test x"$*" != x; then - tap_text_="$tap_text_ - $*" - fi - if test x"$tap_directive_" != x; then - tap_text_="$tap_text_ # $tap_directive_"${tap_reason_:+" $tap_reason_"} - fi - printf '%s\n' "$tap_text_" -} - -# Shorthands for common usages of 'result_'. -ok_ () { result_ 'ok' ${1+"$@"}; } -not_ok_ () { result_ 'not ok' ${1+"$@"}; } -skip_ () { result_ 'ok' -D SKIP ${1+"$@"}; } - -# skip_row_ COUNT [-r REASON] [--] [DESCRIPTION...] -# ------------------------------------------------- -# Report a COUNT of skipped test, with the given reason and descriptions -# (if any). Useful to avoid cascade failures in case a fair number of -# tests depend on an earlier one that failed. -skip_row_ () -{ - skip_count_=$1; shift - for i_ in $(seq_ $skip_count_); do skip_ ${1+"$@"}; done -} - -# skip_all_ [REASON ...] -# ---------------------- -# Skip all the tests in a test script. Must be used before calling 'plan_' -# or reporting any test result. Can't be used from within a subshell. -skip_all_ () -{ - echo "1..0 # SKIP" ${1+"$@"} - planned_=0 - exit 0 -} - -# bailout_ [REASON ...] -# --------------------- -# Stop the execution of the current test suite right now, due to an -# unrecoverable error. Can be called at any point, but cannot be used -# from within a subshell. -bailout_ () -{ - echo 'Bail out!' ${1+"$@"} - exit 99 -} - -# fatal_ [REASON ...] -# ------------------- -# Same as 'bailout_'; for compatibility with 'plain-functions.sh'. -fatal_ () -{ - bailout_ ${1+"$@"} -} - -# framework_failure_ [REASON ...] -# ------------------------------- -# Stop the execution of the current test suite right now, due to an -# unrecoverable error in the set-up of the test case. Can be called -# at any point, but cannot be used from within a subshell. -framework_failure_ () -{ - bailout_ "set-up failure"${1+": $*"} -} - -# command_ok_ TEST-DESCRIPTION [OPTIONS..] [--] CMD [ARGS...] -# ----------------------------------------------------------- -# Helper subroutine for when a TAP result must be determined by the -# outcome of a command. -command_ok_ () -{ - tap_directive_= tap_reason_= - test $# -gt 0 || bailout_ "command_ok_: missing argument" - tap_description_=$1; shift - while test $# -gt 0; do - case $1 in - -D|--directive) tap_directive_=$2; shift;; - -r|--reason) tap_reason_=$2; shift;; - --) shift; break;; - -*) bailout_ "command_ok_: invalid option '$1'";; - *) break;; - esac - shift - done - tap_result_="ok"; "$@" || tap_result_="not ok" - result_ "$tap_result_" -D "$tap_directive_" -r "$tap_reason_" \ - -- "$tap_description_" -} - -: diff --git a/tests/badssl.sh b/tests/badssl.sh deleted file mode 100755 index 90e1795..0000000 --- a/tests/badssl.sh +++ /dev/null @@ -1,119 +0,0 @@ -# Tests using Google's badssl.com Web service -# -# Copyright (C) 2019 Libiquity LLC -# -# This file is part of wolfutil. -# -# wolfutil is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 2 of the License, or -# (at your option) any later version. -# -# wolfutil is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with wolfutil. If not, see <http://www.gnu.org/licenses/>. - -set -eu - -. "${TOP_SRCDIR}/tests/aux/tap-functions.sh" - -do_test() -{ - local directive="${1}" - local ok="${2}" - local host="${3}" - local port="${4}" - shift 4 - local out= - local result= - - if out="$(${ok} "${TOP_BUILDDIR}/wolfutil" s_client \ - -connect "${host}.badssl.com:${port}" \ - -servername "${host}.badssl.com" 2>&1 \ - <<-EOF - GET / HTTP/1.1 - Host: ${host}.badssl.com:${port} - Connection: close - - EOF - )" - then - result='ok' - else - result='not ok' - fi - printf '%s\n' "${out}" | sed 's/^/ | /' - result_ "${result}" -D "${directive}" -- "${ok} ${host}" -} - -plan_ 38 - -# Certificate - -do_test '' 'not' 'expired' 443 -do_test '' 'not' 'wrong.host' 443 -do_test '' 'not' 'self-signed' 443 -do_test '' 'not' 'untrusted-root' 443 -do_test '' 'not' 'revoked' 443 - -do_test 'TODO' ' ' 'no-common-name' 443 -diag_ 'no-common-name fails since 2020-06-23 due to an expired certificate:' -diag_ 'https://github.com/chromium/badssl.com/issues/447' -do_test 'TODO' ' ' 'no-subject' 443 -diag_ 'no-subject fails since 2020-06-23 due to an expired certificate:' -diag_ 'https://github.com/chromium/badssl.com/issues/447' -do_test '' 'not' 'incomplete-chain' 443 - -do_test '' ' ' 'sha256' 443 -do_test '' ' ' 'sha384' 443 -do_test '' ' ' 'sha512' 443 - -do_test '' 'not' '1000-sans' 443 -do_test '' 'not' '10000-sans' 443 - -do_test '' ' ' 'ecc256' 443 -do_test '' ' ' 'ecc384' 443 - -do_test '' ' ' 'rsa2048' 443 -do_test '' ' ' 'rsa4096' 443 -do_test '' 'not' 'rsa8192' 443 - -do_test '' ' ' 'extended-validation' 443 - -# HTTP - -do_test '' 'not' 'http' 80 - -# Cipher Suite - -do_test '' 'not' 'cbc' 443 -do_test '' 'not' 'rc4-md5' 443 -do_test '' 'not' 'rc4' 443 -do_test '' 'not' '3des' 443 -do_test '' 'not' 'null' 443 - -do_test 'TODO' 'not' 'mozilla-old' 443 -do_test '' ' ' 'mozilla-intermediate' 443 -do_test '' ' ' 'mozilla-modern' 443 - -# Key Exchange - -do_test '' 'not' 'dh480' 443 -do_test '' 'not' 'dh512' 443 -do_test '' 'not' 'dh1024' 443 -do_test '' ' ' 'dh2048' 443 - -do_test 'TODO' 'not' 'dh-small-subgroup' 443 -do_test '' 'not' 'dh-compsite' 443 - -do_test '' 'not' 'static-rsa' 443 - -# Protocol - -do_test '' 'not' 'tls-v1-0' 1010 -do_test '' 'not' 'tls-v1-1' 1011 -do_test '' ' ' 'tls-v1-2' 1012 diff --git a/tests/howsmyssl.sh b/tests/howsmyssl.sh deleted file mode 100755 index d9ee89e..0000000 --- a/tests/howsmyssl.sh +++ /dev/null @@ -1,67 +0,0 @@ -# Tests using Jeff Hodges's How's My SSL? Web service -# -# Copyright (C) 2019 Libiquity LLC -# -# This file is part of wolfutil. -# -# wolfutil is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 2 of the License, or -# (at your option) any later version. -# -# wolfutil is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with wolfutil. If not, see <http://www.gnu.org/licenses/>. - -set -eu - -. "${TOP_SRCDIR}/tests/aux/tap-functions.sh" -JSON_SEPARATOR='/' JSON_DEBUG='' . "${TOP_SRCDIR}/tests/aux/json.sh" - -test_grep() -{ - printf '%s\n' "${members}" | grep "${@}" -} - -plan_ 7 - -json="$(printf 'GET /a/check HTTP/1.1\r\n'$(: \ - )'Host: www.howsmyssl.com:443\r\nConnection: close\r\n\r\n' | \ - "${TOP_BUILDDIR}/wolfutil" s_client \ - -connect www.howsmyssl.com:443 \ - -servername www.howsmyssl.com | \ - sed -n 's/\r$//; /^{/,$p')" -printf '%s\n' - -IFS=' -' -printf '# JSON:\n' -printf '# %s\n' ${json} -unset IFS - -members="$(printf '%s\n' "${json}" | json)" - -IFS=' -' -printf '# Parsed members:\n' -printf '# %s\n' ${members} -unset IFS - -command_ok_ 'Ephemeral keys supported' -- \ - test_grep -q '^/ephemeral_keys_supported boolean true$' -command_ok_ 'No TLS compression supported' -- \ - test_grep -q '^/tls_compression_supported boolean false$' -command_ok_ 'No unknown cipher suites supported' -- \ - test_grep -q '^/unknown_cipher_suite_supported boolean false$' -command_ok_ 'No BEAST vulnerability' -- \ - test_grep -q '^/beast_vuln boolean false$' -command_ok_ 'No weak cipher suites supported' -- \ - test_grep -vq '^/insecure_cipher_suites/' -command_ok_ 'TLS 1.2' -- \ - test_grep -q '^/tls_version string TLS 1.2$' -command_ok_ 'Probably OK' -- \ - test_grep -q '^/rating string Probably Okay$' diff --git a/tests/local.mk b/tests/local.mk deleted file mode 100644 index 5b5be3b..0000000 --- a/tests/local.mk +++ /dev/null @@ -1,14 +0,0 @@ -TESTS = \ - %reldir%/badssl.sh \ - %reldir%/howsmyssl.sh -TEST_EXTENSIONS = .sh -SH_LOG_DRIVER = \ - AM_TAP_AWK='$(AWK)' \ - TOP_SRCDIR="$(abs_top_srcdir)" \ - TOP_BUILDDIR="$(abs_top_builddir)" \ - $(SHELL) $(top_srcdir)/build-aux/tap-driver.sh -EXTRA_DIST += \ - $(TESTS) \ - build-aux/tap-driver.sh \ - tests/aux/tap-functions.sh \ - tests/aux/json.sh |