tests/ocsp-stapling.sh: New test script

2 files changed, 39 insertions, 1 deletions

diff --git a/tests/local.mk b/tests/local.mk
index 6d7980c..2049bbe 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -1,5 +1,6 @@
 TESTS = \
-	%reldir%/badssl.sh
+	%reldir%/badssl.sh \
+	%reldir%/ocsp-stapling.sh
 TEST_EXTENSIONS = .sh
 SH_LOG_DRIVER = \
 	AM_TAP_AWK='$(AWK)' \
diff --git a/tests/ocsp-stapling.sh b/tests/ocsp-stapling.sh
new file mode 100755
index 0000000..8ce1fa8
--- /dev/null
+++ b/tests/ocsp-stapling.sh
@@ -0,0 +1,37 @@
+# OCSP stapling test (requires strace)
+#
+# Copyright (C) 2019  Patrick McDermott
+#
+# This file is part of wolfssl-util.
+#
+# wolfssl-util is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+#
+# wolfssl-util is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with wolfssl-util.  If not, see <http://www.gnu.org/licenses/>.
+
+set -eu
+
+. "${TOP_SRCDIR}/tests/aux/tap-functions.sh"
+
+plan_ 1
+
+if printf 'HEAD / HTTP/1.1\r\nHost: letsencrypt.org:443\r\n'$(: \
+		)'Connection: close\r\n\r\n' | strace -f -e trace=network \
+		"${TOP_BUILDDIR}/wolfssl-util" s_client \
+		-connect letsencrypt.org:443 \
+		-servername letsencrypt.org 2>&1 | \
+		grep -F 'sin_port=htons(80)'; then
+	result='not ok'
+else
+	result='ok'
+fi
+printf '\n'
+result_ "${result}" -- 'OCSP stapling'