| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431 |
- #!/bin/sh
- # compat.sh
- #
- # Copyright The Mbed TLS Contributors
- # SPDX-License-Identifier: Apache-2.0
- #
- # Licensed under the Apache License, Version 2.0 (the "License"); you may
- # not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- #
- # Purpose
- #
- # Test interoperbility with OpenSSL, GnuTLS as well as itself.
- #
- # Check each common ciphersuite, with each version, both ways (client/server),
- # with and without client authentication.
- set -u
- # Limit the size of each log to 10 GiB, in case of failures with this script
- # where it may output seemingly unlimited length error logs.
- ulimit -f 20971520
- # initialise counters
- TESTS=0
- FAILED=0
- SKIPPED=0
- SRVMEM=0
- # default commands, can be overridden by the environment
- : ${M_SRV:=../programs/ssl/ssl_server2}
- : ${M_CLI:=../programs/ssl/ssl_client2}
- : ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system
- : ${GNUTLS_CLI:=gnutls-cli}
- : ${GNUTLS_SERV:=gnutls-serv}
- # do we have a recent enough GnuTLS?
- if ( which $GNUTLS_CLI && which $GNUTLS_SERV ) >/dev/null 2>&1; then
- G_VER="$( $GNUTLS_CLI --version | head -n1 )"
- if echo "$G_VER" | grep '@VERSION@' > /dev/null; then # git version
- PEER_GNUTLS=" GnuTLS"
- else
- eval $( echo $G_VER | sed 's/.* \([0-9]*\)\.\([0-9]\)*\.\([0-9]*\)$/MAJOR="\1" MINOR="\2" PATCH="\3"/' )
- if [ $MAJOR -lt 3 -o \
- \( $MAJOR -eq 3 -a $MINOR -lt 2 \) -o \
- \( $MAJOR -eq 3 -a $MINOR -eq 2 -a $PATCH -lt 15 \) ]
- then
- PEER_GNUTLS=""
- else
- PEER_GNUTLS=" GnuTLS"
- if [ $MINOR -lt 4 ]; then
- GNUTLS_MINOR_LT_FOUR='x'
- fi
- fi
- fi
- else
- PEER_GNUTLS=""
- fi
- # default values for options
- MODES="tls1 tls1_1 tls12 dtls1 dtls12"
- VERIFIES="NO YES"
- TYPES="ECDSA RSA PSK"
- FILTER=""
- # exclude:
- # - NULL: excluded from our default config
- # - RC4, single-DES: requires legacy OpenSSL/GnuTLS versions
- # avoid plain DES but keep 3DES-EDE-CBC (mbedTLS), DES-CBC3 (OpenSSL)
- # - ARIA: not in default config.h + requires OpenSSL >= 1.1.1
- # - ChachaPoly: requires OpenSSL >= 1.1.0
- # - 3DES: not in default config
- EXCLUDE='NULL\|DES\|RC4\|ARCFOUR\|ARIA\|CHACHA20-POLY1305'
- VERBOSE=""
- MEMCHECK=0
- PEERS="OpenSSL$PEER_GNUTLS mbedTLS"
- # hidden option: skip DTLS with OpenSSL
- # (travis CI has a version that doesn't work for us)
- : ${OSSL_NO_DTLS:=0}
- print_usage() {
- echo "Usage: $0"
- printf " -h|--help\tPrint this help.\n"
- printf " -f|--filter\tOnly matching ciphersuites are tested (Default: '%s')\n" "$FILTER"
- printf " -e|--exclude\tMatching ciphersuites are excluded (Default: '%s')\n" "$EXCLUDE"
- printf " -m|--modes\tWhich modes to perform (Default: '%s')\n" "$MODES"
- printf " -t|--types\tWhich key exchange type to perform (Default: '%s')\n" "$TYPES"
- printf " -V|--verify\tWhich verification modes to perform (Default: '%s')\n" "$VERIFIES"
- printf " -p|--peers\tWhich peers to use (Default: '%s')\n" "$PEERS"
- printf " \tAlso available: GnuTLS (needs v3.2.15 or higher)\n"
- printf " -M|--memcheck\tCheck memory leaks and errors.\n"
- printf " -v|--verbose\tSet verbose output.\n"
- }
- get_options() {
- while [ $# -gt 0 ]; do
- case "$1" in
- -f|--filter)
- shift; FILTER=$1
- ;;
- -e|--exclude)
- shift; EXCLUDE=$1
- ;;
- -m|--modes)
- shift; MODES=$1
- ;;
- -t|--types)
- shift; TYPES=$1
- ;;
- -V|--verify)
- shift; VERIFIES=$1
- ;;
- -p|--peers)
- shift; PEERS=$1
- ;;
- -v|--verbose)
- VERBOSE=1
- ;;
- -M|--memcheck)
- MEMCHECK=1
- ;;
- -h|--help)
- print_usage
- exit 0
- ;;
- *)
- echo "Unknown argument: '$1'"
- print_usage
- exit 1
- ;;
- esac
- shift
- done
- # sanitize some options (modes checked later)
- VERIFIES="$( echo $VERIFIES | tr [a-z] [A-Z] )"
- TYPES="$( echo $TYPES | tr [a-z] [A-Z] )"
- }
- log() {
- if [ "X" != "X$VERBOSE" ]; then
- echo ""
- echo "$@"
- fi
- }
- # is_dtls <mode>
- is_dtls()
- {
- test "$1" = "dtls1" -o "$1" = "dtls12"
- }
- # minor_ver <mode>
- minor_ver()
- {
- case "$1" in
- ssl3)
- echo 0
- ;;
- tls1)
- echo 1
- ;;
- tls1_1|dtls1)
- echo 2
- ;;
- tls12|dtls12)
- echo 3
- ;;
- *)
- echo "error: invalid mode: $MODE" >&2
- # exiting is no good here, typically called in a subshell
- echo -1
- esac
- }
- filter()
- {
- LIST="$1"
- NEW_LIST=""
- if is_dtls "$MODE"; then
- EXCLMODE="$EXCLUDE"'\|RC4\|ARCFOUR'
- else
- EXCLMODE="$EXCLUDE"
- fi
- for i in $LIST;
- do
- NEW_LIST="$NEW_LIST $( echo "$i" | grep "$FILTER" | grep -v "$EXCLMODE" )"
- done
- # normalize whitespace
- echo "$NEW_LIST" | sed -e 's/[[:space:]][[:space:]]*/ /g' -e 's/^ //' -e 's/ $//'
- }
- # OpenSSL 1.0.1h with -Verify wants a ClientCertificate message even for
- # PSK ciphersuites with DTLS, which is incorrect, so disable them for now
- check_openssl_server_bug()
- {
- if test "X$VERIFY" = "XYES" && is_dtls "$MODE" && \
- echo "$1" | grep "^TLS-PSK" >/dev/null;
- then
- SKIP_NEXT="YES"
- fi
- }
- filter_ciphersuites()
- {
- if [ "X" != "X$FILTER" -o "X" != "X$EXCLUDE" ];
- then
- # Ciphersuite for mbed TLS
- M_CIPHERS=$( filter "$M_CIPHERS" )
- # Ciphersuite for OpenSSL
- O_CIPHERS=$( filter "$O_CIPHERS" )
- # Ciphersuite for GnuTLS
- G_CIPHERS=$( filter "$G_CIPHERS" )
- fi
- # OpenSSL <1.0.2 doesn't support DTLS 1.2. Check what OpenSSL
- # supports from the s_server help. (The s_client help isn't
- # accurate as of 1.0.2g: it supports DTLS 1.2 but doesn't list it.
- # But the s_server help seems to be accurate.)
- if ! $OPENSSL_CMD s_server -help 2>&1 | grep -q "^ *-$MODE "; then
- M_CIPHERS=""
- O_CIPHERS=""
- fi
- # For GnuTLS client -> mbed TLS server,
- # we need to force IPv4 by connecting to 127.0.0.1 but then auth fails
- if [ "X$VERIFY" = "XYES" ] && is_dtls "$MODE"; then
- G_CIPHERS=""
- fi
- }
- reset_ciphersuites()
- {
- M_CIPHERS=""
- O_CIPHERS=""
- G_CIPHERS=""
- }
- # Ciphersuites that can be used with all peers.
- # Since we currently have three possible peers, each ciphersuite should appear
- # three times: in each peer's list (with the name that this peer uses).
- add_common_ciphersuites()
- {
- case $TYPE in
- "ECDSA")
- if [ `minor_ver "$MODE"` -gt 0 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDHE-ECDSA-WITH-NULL-SHA \
- TLS-ECDHE-ECDSA-WITH-RC4-128-SHA \
- TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \
- TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \
- TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \
- "
- G_CIPHERS="$G_CIPHERS \
- +ECDHE-ECDSA:+NULL:+SHA1 \
- +ECDHE-ECDSA:+ARCFOUR-128:+SHA1 \
- +ECDHE-ECDSA:+3DES-CBC:+SHA1 \
- +ECDHE-ECDSA:+AES-128-CBC:+SHA1 \
- +ECDHE-ECDSA:+AES-256-CBC:+SHA1 \
- "
- O_CIPHERS="$O_CIPHERS \
- ECDHE-ECDSA-NULL-SHA \
- ECDHE-ECDSA-RC4-SHA \
- ECDHE-ECDSA-DES-CBC3-SHA \
- ECDHE-ECDSA-AES128-SHA \
- ECDHE-ECDSA-AES256-SHA \
- "
- fi
- if [ `minor_ver "$MODE"` -ge 3 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
- TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \
- TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
- TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \
- "
- G_CIPHERS="$G_CIPHERS \
- +ECDHE-ECDSA:+AES-128-CBC:+SHA256 \
- +ECDHE-ECDSA:+AES-256-CBC:+SHA384 \
- +ECDHE-ECDSA:+AES-128-GCM:+AEAD \
- +ECDHE-ECDSA:+AES-256-GCM:+AEAD \
- "
- O_CIPHERS="$O_CIPHERS \
- ECDHE-ECDSA-AES128-SHA256 \
- ECDHE-ECDSA-AES256-SHA384 \
- ECDHE-ECDSA-AES128-GCM-SHA256 \
- ECDHE-ECDSA-AES256-GCM-SHA384 \
- "
- fi
- ;;
- "RSA")
- M_CIPHERS="$M_CIPHERS \
- TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
- TLS-DHE-RSA-WITH-AES-256-CBC-SHA \
- TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA \
- TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA \
- TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA \
- TLS-RSA-WITH-AES-256-CBC-SHA \
- TLS-RSA-WITH-CAMELLIA-256-CBC-SHA \
- TLS-RSA-WITH-AES-128-CBC-SHA \
- TLS-RSA-WITH-CAMELLIA-128-CBC-SHA \
- TLS-RSA-WITH-3DES-EDE-CBC-SHA \
- TLS-RSA-WITH-RC4-128-SHA \
- TLS-RSA-WITH-RC4-128-MD5 \
- TLS-RSA-WITH-NULL-MD5 \
- TLS-RSA-WITH-NULL-SHA \
- "
- G_CIPHERS="$G_CIPHERS \
- +DHE-RSA:+AES-128-CBC:+SHA1 \
- +DHE-RSA:+AES-256-CBC:+SHA1 \
- +DHE-RSA:+CAMELLIA-128-CBC:+SHA1 \
- +DHE-RSA:+CAMELLIA-256-CBC:+SHA1 \
- +DHE-RSA:+3DES-CBC:+SHA1 \
- +RSA:+AES-256-CBC:+SHA1 \
- +RSA:+CAMELLIA-256-CBC:+SHA1 \
- +RSA:+AES-128-CBC:+SHA1 \
- +RSA:+CAMELLIA-128-CBC:+SHA1 \
- +RSA:+3DES-CBC:+SHA1 \
- +RSA:+ARCFOUR-128:+SHA1 \
- +RSA:+ARCFOUR-128:+MD5 \
- +RSA:+NULL:+MD5 \
- +RSA:+NULL:+SHA1 \
- "
- O_CIPHERS="$O_CIPHERS \
- DHE-RSA-AES128-SHA \
- DHE-RSA-AES256-SHA \
- DHE-RSA-CAMELLIA128-SHA \
- DHE-RSA-CAMELLIA256-SHA \
- EDH-RSA-DES-CBC3-SHA \
- AES256-SHA \
- CAMELLIA256-SHA \
- AES128-SHA \
- CAMELLIA128-SHA \
- DES-CBC3-SHA \
- RC4-SHA \
- RC4-MD5 \
- NULL-MD5 \
- NULL-SHA \
- "
- if [ `minor_ver "$MODE"` -gt 0 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \
- TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA \
- TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA \
- TLS-ECDHE-RSA-WITH-RC4-128-SHA \
- TLS-ECDHE-RSA-WITH-NULL-SHA \
- "
- G_CIPHERS="$G_CIPHERS \
- +ECDHE-RSA:+AES-128-CBC:+SHA1 \
- +ECDHE-RSA:+AES-256-CBC:+SHA1 \
- +ECDHE-RSA:+3DES-CBC:+SHA1 \
- +ECDHE-RSA:+ARCFOUR-128:+SHA1 \
- +ECDHE-RSA:+NULL:+SHA1 \
- "
- O_CIPHERS="$O_CIPHERS \
- ECDHE-RSA-AES256-SHA \
- ECDHE-RSA-AES128-SHA \
- ECDHE-RSA-DES-CBC3-SHA \
- ECDHE-RSA-RC4-SHA \
- ECDHE-RSA-NULL-SHA \
- "
- fi
- if [ `minor_ver "$MODE"` -ge 3 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-RSA-WITH-AES-128-CBC-SHA256 \
- TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 \
- TLS-RSA-WITH-AES-256-CBC-SHA256 \
- TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \
- TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 \
- TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 \
- TLS-RSA-WITH-AES-128-GCM-SHA256 \
- TLS-RSA-WITH-AES-256-GCM-SHA384 \
- TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \
- TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \
- TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \
- TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \
- "
- G_CIPHERS="$G_CIPHERS \
- +RSA:+AES-128-CBC:+SHA256 \
- +DHE-RSA:+AES-128-CBC:+SHA256 \
- +RSA:+AES-256-CBC:+SHA256 \
- +DHE-RSA:+AES-256-CBC:+SHA256 \
- +ECDHE-RSA:+AES-128-CBC:+SHA256 \
- +ECDHE-RSA:+AES-256-CBC:+SHA384 \
- +RSA:+AES-128-GCM:+AEAD \
- +RSA:+AES-256-GCM:+AEAD \
- +DHE-RSA:+AES-128-GCM:+AEAD \
- +DHE-RSA:+AES-256-GCM:+AEAD \
- +ECDHE-RSA:+AES-128-GCM:+AEAD \
- +ECDHE-RSA:+AES-256-GCM:+AEAD \
- "
- O_CIPHERS="$O_CIPHERS \
- NULL-SHA256 \
- AES128-SHA256 \
- DHE-RSA-AES128-SHA256 \
- AES256-SHA256 \
- DHE-RSA-AES256-SHA256 \
- ECDHE-RSA-AES128-SHA256 \
- ECDHE-RSA-AES256-SHA384 \
- AES128-GCM-SHA256 \
- DHE-RSA-AES128-GCM-SHA256 \
- AES256-GCM-SHA384 \
- DHE-RSA-AES256-GCM-SHA384 \
- ECDHE-RSA-AES128-GCM-SHA256 \
- ECDHE-RSA-AES256-GCM-SHA384 \
- "
- fi
- ;;
- "PSK")
- M_CIPHERS="$M_CIPHERS \
- TLS-PSK-WITH-RC4-128-SHA \
- TLS-PSK-WITH-3DES-EDE-CBC-SHA \
- TLS-PSK-WITH-AES-128-CBC-SHA \
- TLS-PSK-WITH-AES-256-CBC-SHA \
- "
- G_CIPHERS="$G_CIPHERS \
- +PSK:+ARCFOUR-128:+SHA1 \
- +PSK:+3DES-CBC:+SHA1 \
- +PSK:+AES-128-CBC:+SHA1 \
- +PSK:+AES-256-CBC:+SHA1 \
- "
- O_CIPHERS="$O_CIPHERS \
- PSK-RC4-SHA \
- PSK-3DES-EDE-CBC-SHA \
- PSK-AES128-CBC-SHA \
- PSK-AES256-CBC-SHA \
- "
- ;;
- esac
- }
- # Ciphersuites usable only with Mbed TLS and OpenSSL
- # Each ciphersuite should appear two times, once with its OpenSSL name, once
- # with its Mbed TLS name.
- #
- # NOTE: for some reason RSA-PSK doesn't work with OpenSSL,
- # so RSA-PSK ciphersuites need to go in other sections, see
- # https://github.com/ARMmbed/mbedtls/issues/1419
- #
- # ChachaPoly suites are here rather than in "common", as they were added in
- # GnuTLS in 3.5.0 and the CI only has 3.4.x so far.
- add_openssl_ciphersuites()
- {
- case $TYPE in
- "ECDSA")
- if [ `minor_ver "$MODE"` -gt 0 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDH-ECDSA-WITH-NULL-SHA \
- TLS-ECDH-ECDSA-WITH-RC4-128-SHA \
- TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA \
- TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA \
- TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA \
- "
- O_CIPHERS="$O_CIPHERS \
- ECDH-ECDSA-NULL-SHA \
- ECDH-ECDSA-RC4-SHA \
- ECDH-ECDSA-DES-CBC3-SHA \
- ECDH-ECDSA-AES128-SHA \
- ECDH-ECDSA-AES256-SHA \
- "
- fi
- if [ `minor_ver "$MODE"` -ge 3 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 \
- TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 \
- TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 \
- TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \
- TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384 \
- TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256 \
- TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \
- "
- O_CIPHERS="$O_CIPHERS \
- ECDH-ECDSA-AES128-SHA256 \
- ECDH-ECDSA-AES256-SHA384 \
- ECDH-ECDSA-AES128-GCM-SHA256 \
- ECDH-ECDSA-AES256-GCM-SHA384 \
- ECDHE-ECDSA-ARIA256-GCM-SHA384 \
- ECDHE-ECDSA-ARIA128-GCM-SHA256 \
- ECDHE-ECDSA-CHACHA20-POLY1305 \
- "
- fi
- ;;
- "RSA")
- M_CIPHERS="$M_CIPHERS \
- TLS-RSA-WITH-DES-CBC-SHA \
- TLS-DHE-RSA-WITH-DES-CBC-SHA \
- "
- O_CIPHERS="$O_CIPHERS \
- DES-CBC-SHA \
- EDH-RSA-DES-CBC-SHA \
- "
- if [ `minor_ver "$MODE"` -ge 3 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384 \
- TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384 \
- TLS-RSA-WITH-ARIA-256-GCM-SHA384 \
- TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256 \
- TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256 \
- TLS-RSA-WITH-ARIA-128-GCM-SHA256 \
- TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \
- TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \
- "
- O_CIPHERS="$O_CIPHERS \
- ECDHE-ARIA256-GCM-SHA384 \
- DHE-RSA-ARIA256-GCM-SHA384 \
- ARIA256-GCM-SHA384 \
- ECDHE-ARIA128-GCM-SHA256 \
- DHE-RSA-ARIA128-GCM-SHA256 \
- ARIA128-GCM-SHA256 \
- DHE-RSA-CHACHA20-POLY1305 \
- ECDHE-RSA-CHACHA20-POLY1305 \
- "
- fi
- ;;
- "PSK")
- if [ `minor_ver "$MODE"` -ge 3 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384 \
- TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 \
- TLS-PSK-WITH-ARIA-256-GCM-SHA384 \
- TLS-PSK-WITH-ARIA-128-GCM-SHA256 \
- TLS-PSK-WITH-CHACHA20-POLY1305-SHA256 \
- TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \
- TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \
- "
- O_CIPHERS="$O_CIPHERS \
- DHE-PSK-ARIA256-GCM-SHA384 \
- DHE-PSK-ARIA128-GCM-SHA256 \
- PSK-ARIA256-GCM-SHA384 \
- PSK-ARIA128-GCM-SHA256 \
- DHE-PSK-CHACHA20-POLY1305 \
- ECDHE-PSK-CHACHA20-POLY1305 \
- PSK-CHACHA20-POLY1305 \
- "
- fi
- ;;
- esac
- }
- # Ciphersuites usable only with Mbed TLS and GnuTLS
- # Each ciphersuite should appear two times, once with its GnuTLS name, once
- # with its Mbed TLS name.
- add_gnutls_ciphersuites()
- {
- case $TYPE in
- "ECDSA")
- if [ `minor_ver "$MODE"` -ge 3 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
- TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
- TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
- TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
- TLS-ECDHE-ECDSA-WITH-AES-128-CCM \
- TLS-ECDHE-ECDSA-WITH-AES-256-CCM \
- TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \
- TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 \
- "
- G_CIPHERS="$G_CIPHERS \
- +ECDHE-ECDSA:+CAMELLIA-128-CBC:+SHA256 \
- +ECDHE-ECDSA:+CAMELLIA-256-CBC:+SHA384 \
- +ECDHE-ECDSA:+CAMELLIA-128-GCM:+AEAD \
- +ECDHE-ECDSA:+CAMELLIA-256-GCM:+AEAD \
- +ECDHE-ECDSA:+AES-128-CCM:+AEAD \
- +ECDHE-ECDSA:+AES-256-CCM:+AEAD \
- +ECDHE-ECDSA:+AES-128-CCM-8:+AEAD \
- +ECDHE-ECDSA:+AES-256-CCM-8:+AEAD \
- "
- fi
- ;;
- "RSA")
- if [ `minor_ver "$MODE"` -gt 0 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-RSA-WITH-NULL-SHA256 \
- "
- G_CIPHERS="$G_CIPHERS \
- +RSA:+NULL:+SHA256 \
- "
- fi
- if [ `minor_ver "$MODE"` -ge 3 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
- TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \
- TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
- TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
- TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
- TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
- TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
- TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
- TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
- TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
- TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
- TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
- TLS-RSA-WITH-AES-128-CCM \
- TLS-RSA-WITH-AES-256-CCM \
- TLS-DHE-RSA-WITH-AES-128-CCM \
- TLS-DHE-RSA-WITH-AES-256-CCM \
- TLS-RSA-WITH-AES-128-CCM-8 \
- TLS-RSA-WITH-AES-256-CCM-8 \
- TLS-DHE-RSA-WITH-AES-128-CCM-8 \
- TLS-DHE-RSA-WITH-AES-256-CCM-8 \
- "
- G_CIPHERS="$G_CIPHERS \
- +ECDHE-RSA:+CAMELLIA-128-CBC:+SHA256 \
- +ECDHE-RSA:+CAMELLIA-256-CBC:+SHA384 \
- +RSA:+CAMELLIA-128-CBC:+SHA256 \
- +RSA:+CAMELLIA-256-CBC:+SHA256 \
- +DHE-RSA:+CAMELLIA-128-CBC:+SHA256 \
- +DHE-RSA:+CAMELLIA-256-CBC:+SHA256 \
- +ECDHE-RSA:+CAMELLIA-128-GCM:+AEAD \
- +ECDHE-RSA:+CAMELLIA-256-GCM:+AEAD \
- +DHE-RSA:+CAMELLIA-128-GCM:+AEAD \
- +DHE-RSA:+CAMELLIA-256-GCM:+AEAD \
- +RSA:+CAMELLIA-128-GCM:+AEAD \
- +RSA:+CAMELLIA-256-GCM:+AEAD \
- +RSA:+AES-128-CCM:+AEAD \
- +RSA:+AES-256-CCM:+AEAD \
- +RSA:+AES-128-CCM-8:+AEAD \
- +RSA:+AES-256-CCM-8:+AEAD \
- +DHE-RSA:+AES-128-CCM:+AEAD \
- +DHE-RSA:+AES-256-CCM:+AEAD \
- +DHE-RSA:+AES-128-CCM-8:+AEAD \
- +DHE-RSA:+AES-256-CCM-8:+AEAD \
- "
- fi
- ;;
- "PSK")
- M_CIPHERS="$M_CIPHERS \
- TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \
- TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
- TLS-DHE-PSK-WITH-AES-256-CBC-SHA \
- TLS-DHE-PSK-WITH-RC4-128-SHA \
- "
- G_CIPHERS="$G_CIPHERS \
- +DHE-PSK:+3DES-CBC:+SHA1 \
- +DHE-PSK:+AES-128-CBC:+SHA1 \
- +DHE-PSK:+AES-256-CBC:+SHA1 \
- +DHE-PSK:+ARCFOUR-128:+SHA1 \
- "
- if [ `minor_ver "$MODE"` -gt 0 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \
- TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
- TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA \
- TLS-ECDHE-PSK-WITH-RC4-128-SHA \
- TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA \
- TLS-RSA-PSK-WITH-AES-256-CBC-SHA \
- TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
- TLS-RSA-PSK-WITH-RC4-128-SHA \
- "
- G_CIPHERS="$G_CIPHERS \
- +ECDHE-PSK:+3DES-CBC:+SHA1 \
- +ECDHE-PSK:+AES-128-CBC:+SHA1 \
- +ECDHE-PSK:+AES-256-CBC:+SHA1 \
- +ECDHE-PSK:+ARCFOUR-128:+SHA1 \
- +RSA-PSK:+3DES-CBC:+SHA1 \
- +RSA-PSK:+AES-256-CBC:+SHA1 \
- +RSA-PSK:+AES-128-CBC:+SHA1 \
- +RSA-PSK:+ARCFOUR-128:+SHA1 \
- "
- fi
- if [ `minor_ver "$MODE"` -ge 3 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
- TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
- TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
- TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
- TLS-ECDHE-PSK-WITH-NULL-SHA384 \
- TLS-ECDHE-PSK-WITH-NULL-SHA256 \
- TLS-PSK-WITH-AES-128-CBC-SHA256 \
- TLS-PSK-WITH-AES-256-CBC-SHA384 \
- TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
- TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
- TLS-PSK-WITH-NULL-SHA256 \
- TLS-PSK-WITH-NULL-SHA384 \
- TLS-DHE-PSK-WITH-NULL-SHA256 \
- TLS-DHE-PSK-WITH-NULL-SHA384 \
- TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
- TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
- TLS-RSA-PSK-WITH-NULL-SHA256 \
- TLS-RSA-PSK-WITH-NULL-SHA384 \
- TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
- TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
- TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
- TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
- TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
- TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
- TLS-PSK-WITH-AES-128-GCM-SHA256 \
- TLS-PSK-WITH-AES-256-GCM-SHA384 \
- TLS-DHE-PSK-WITH-AES-128-GCM-SHA256 \
- TLS-DHE-PSK-WITH-AES-256-GCM-SHA384 \
- TLS-PSK-WITH-AES-128-CCM \
- TLS-PSK-WITH-AES-256-CCM \
- TLS-DHE-PSK-WITH-AES-128-CCM \
- TLS-DHE-PSK-WITH-AES-256-CCM \
- TLS-PSK-WITH-AES-128-CCM-8 \
- TLS-PSK-WITH-AES-256-CCM-8 \
- TLS-DHE-PSK-WITH-AES-128-CCM-8 \
- TLS-DHE-PSK-WITH-AES-256-CCM-8 \
- TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
- TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
- TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
- TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
- TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
- TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
- TLS-RSA-PSK-WITH-AES-256-GCM-SHA384 \
- TLS-RSA-PSK-WITH-AES-128-GCM-SHA256 \
- "
- G_CIPHERS="$G_CIPHERS \
- +ECDHE-PSK:+AES-256-CBC:+SHA384 \
- +ECDHE-PSK:+CAMELLIA-256-CBC:+SHA384 \
- +ECDHE-PSK:+AES-128-CBC:+SHA256 \
- +ECDHE-PSK:+CAMELLIA-128-CBC:+SHA256 \
- +PSK:+AES-128-CBC:+SHA256 \
- +PSK:+AES-256-CBC:+SHA384 \
- +DHE-PSK:+AES-128-CBC:+SHA256 \
- +DHE-PSK:+AES-256-CBC:+SHA384 \
- +RSA-PSK:+AES-256-CBC:+SHA384 \
- +RSA-PSK:+AES-128-CBC:+SHA256 \
- +DHE-PSK:+CAMELLIA-128-CBC:+SHA256 \
- +DHE-PSK:+CAMELLIA-256-CBC:+SHA384 \
- +PSK:+CAMELLIA-128-CBC:+SHA256 \
- +PSK:+CAMELLIA-256-CBC:+SHA384 \
- +RSA-PSK:+CAMELLIA-256-CBC:+SHA384 \
- +RSA-PSK:+CAMELLIA-128-CBC:+SHA256 \
- +PSK:+AES-128-GCM:+AEAD \
- +PSK:+AES-256-GCM:+AEAD \
- +DHE-PSK:+AES-128-GCM:+AEAD \
- +DHE-PSK:+AES-256-GCM:+AEAD \
- +PSK:+AES-128-CCM:+AEAD \
- +PSK:+AES-256-CCM:+AEAD \
- +DHE-PSK:+AES-128-CCM:+AEAD \
- +DHE-PSK:+AES-256-CCM:+AEAD \
- +PSK:+AES-128-CCM-8:+AEAD \
- +PSK:+AES-256-CCM-8:+AEAD \
- +DHE-PSK:+AES-128-CCM-8:+AEAD \
- +DHE-PSK:+AES-256-CCM-8:+AEAD \
- +RSA-PSK:+CAMELLIA-128-GCM:+AEAD \
- +RSA-PSK:+CAMELLIA-256-GCM:+AEAD \
- +PSK:+CAMELLIA-128-GCM:+AEAD \
- +PSK:+CAMELLIA-256-GCM:+AEAD \
- +DHE-PSK:+CAMELLIA-128-GCM:+AEAD \
- +DHE-PSK:+CAMELLIA-256-GCM:+AEAD \
- +RSA-PSK:+AES-256-GCM:+AEAD \
- +RSA-PSK:+AES-128-GCM:+AEAD \
- +ECDHE-PSK:+NULL:+SHA384 \
- +ECDHE-PSK:+NULL:+SHA256 \
- +PSK:+NULL:+SHA256 \
- +PSK:+NULL:+SHA384 \
- +DHE-PSK:+NULL:+SHA256 \
- +DHE-PSK:+NULL:+SHA384 \
- +RSA-PSK:+NULL:+SHA256 \
- +RSA-PSK:+NULL:+SHA384 \
- "
- fi
- ;;
- esac
- }
- # Ciphersuites usable only with Mbed TLS (not currently supported by another
- # peer usable in this script). This provide only very rudimentaty testing, as
- # this is not interop testing, but it's better than nothing.
- add_mbedtls_ciphersuites()
- {
- case $TYPE in
- "ECDSA")
- if [ `minor_ver "$MODE"` -gt 0 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
- TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
- "
- fi
- if [ `minor_ver "$MODE"` -ge 3 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
- TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
- TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384 \
- TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256 \
- TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384 \
- TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256 \
- TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384 \
- TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256 \
- "
- fi
- ;;
- "RSA")
- if [ `minor_ver "$MODE"` -ge 3 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384 \
- TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384 \
- TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256 \
- TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256 \
- TLS-RSA-WITH-ARIA-256-CBC-SHA384 \
- TLS-RSA-WITH-ARIA-128-CBC-SHA256 \
- "
- fi
- ;;
- "PSK")
- # *PSK-NULL-SHA suites supported by GnuTLS 3.3.5 but not 3.2.15
- M_CIPHERS="$M_CIPHERS \
- TLS-PSK-WITH-NULL-SHA \
- TLS-DHE-PSK-WITH-NULL-SHA \
- "
- if [ `minor_ver "$MODE"` -gt 0 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-ECDHE-PSK-WITH-NULL-SHA \
- TLS-RSA-PSK-WITH-NULL-SHA \
- "
- fi
- if [ `minor_ver "$MODE"` -ge 3 ]
- then
- M_CIPHERS="$M_CIPHERS \
- TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384 \
- TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256 \
- TLS-PSK-WITH-ARIA-256-CBC-SHA384 \
- TLS-PSK-WITH-ARIA-128-CBC-SHA256 \
- TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384 \
- TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256 \
- TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384 \
- TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256 \
- TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384 \
- TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256 \
- TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256 \
- "
- fi
- ;;
- esac
- }
- setup_arguments()
- {
- G_MODE=""
- case "$MODE" in
- "ssl3")
- G_PRIO_MODE="+VERS-SSL3.0"
- ;;
- "tls1")
- G_PRIO_MODE="+VERS-TLS1.0"
- ;;
- "tls1_1")
- G_PRIO_MODE="+VERS-TLS1.1"
- ;;
- "tls12")
- G_PRIO_MODE="+VERS-TLS1.2"
- ;;
- "dtls1")
- G_PRIO_MODE="+VERS-DTLS1.0"
- G_MODE="-u"
- ;;
- "dtls12")
- G_PRIO_MODE="+VERS-DTLS1.2"
- G_MODE="-u"
- ;;
- *)
- echo "error: invalid mode: $MODE" >&2
- exit 1;
- esac
- # GnuTLS < 3.4 will choke if we try to allow CCM-8
- if [ -z "${GNUTLS_MINOR_LT_FOUR-}" ]; then
- G_PRIO_CCM="+AES-256-CCM-8:+AES-128-CCM-8:"
- else
- G_PRIO_CCM=""
- fi
- M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE arc4=1"
- O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE"
- G_SERVER_ARGS="-p $PORT --http $G_MODE"
- G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+ARCFOUR-128:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+SHA256:+SHA384:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
- # The default prime for `openssl s_server` depends on the version:
- # * OpenSSL <= 1.0.2a: 512-bit
- # * OpenSSL 1.0.2b to 1.1.1b: 1024-bit
- # * OpenSSL >= 1.1.1c: 2048-bit
- # Mbed TLS wants >=1024, so force that for older versions. Don't force
- # it for newer versions, which reject a 1024-bit prime. Indifferently
- # force it or not for intermediate versions.
- case $($OPENSSL_CMD version) in
- "OpenSSL 1.0"*)
- O_SERVER_ARGS="$O_SERVER_ARGS -dhparam data_files/dhparams.pem"
- ;;
- esac
- # with OpenSSL 1.0.1h, -www, -WWW and -HTTP break DTLS handshakes
- if is_dtls "$MODE"; then
- O_SERVER_ARGS="$O_SERVER_ARGS"
- else
- O_SERVER_ARGS="$O_SERVER_ARGS -www"
- fi
- M_CLIENT_ARGS="server_port=$PORT server_addr=127.0.0.1 force_version=$MODE"
- O_CLIENT_ARGS="-connect localhost:$PORT -$MODE"
- G_CLIENT_ARGS="-p $PORT --debug 3 $G_MODE"
- G_CLIENT_PRIO="NONE:$G_PRIO_MODE:+COMP-NULL:+CURVE-ALL:+SIGN-ALL"
- if [ "X$VERIFY" = "XYES" ];
- then
- M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
- O_SERVER_ARGS="$O_SERVER_ARGS -CAfile data_files/test-ca_cat12.crt -Verify 10"
- G_SERVER_ARGS="$G_SERVER_ARGS --x509cafile data_files/test-ca_cat12.crt --require-client-cert"
- M_CLIENT_ARGS="$M_CLIENT_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
- O_CLIENT_ARGS="$O_CLIENT_ARGS -CAfile data_files/test-ca_cat12.crt -verify 10"
- G_CLIENT_ARGS="$G_CLIENT_ARGS --x509cafile data_files/test-ca_cat12.crt"
- else
- # don't request a client cert at all
- M_SERVER_ARGS="$M_SERVER_ARGS ca_file=none auth_mode=none"
- G_SERVER_ARGS="$G_SERVER_ARGS --disable-client-cert"
- M_CLIENT_ARGS="$M_CLIENT_ARGS ca_file=none auth_mode=none"
- O_CLIENT_ARGS="$O_CLIENT_ARGS"
- G_CLIENT_ARGS="$G_CLIENT_ARGS --insecure"
- fi
- case $TYPE in
- "ECDSA")
- M_SERVER_ARGS="$M_SERVER_ARGS crt_file=data_files/server5.crt key_file=data_files/server5.key"
- O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server5.crt -key data_files/server5.key"
- G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
- if [ "X$VERIFY" = "XYES" ]; then
- M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=data_files/server6.crt key_file=data_files/server6.key"
- O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server6.crt -key data_files/server6.key"
- G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/server6.crt --x509keyfile data_files/server6.key"
- else
- M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=none key_file=none"
- fi
- ;;
- "RSA")
- M_SERVER_ARGS="$M_SERVER_ARGS crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key"
- O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server2-sha256.crt -key data_files/server2.key"
- G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key"
- if [ "X$VERIFY" = "XYES" ]; then
- M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=data_files/cert_sha256.crt key_file=data_files/server1.key"
- O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/cert_sha256.crt -key data_files/server1.key"
- G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/cert_sha256.crt --x509keyfile data_files/server1.key"
- else
- M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=none key_file=none"
- fi
- ;;
- "PSK")
- # give RSA-PSK-capable server a RSA cert
- # (should be a separate type, but harder to close with openssl)
- M_SERVER_ARGS="$M_SERVER_ARGS psk=6162636465666768696a6b6c6d6e6f70 ca_file=none crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key"
- O_SERVER_ARGS="$O_SERVER_ARGS -psk 6162636465666768696a6b6c6d6e6f70 -nocert"
- G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --pskpasswd data_files/passwd.psk"
- M_CLIENT_ARGS="$M_CLIENT_ARGS psk=6162636465666768696a6b6c6d6e6f70 crt_file=none key_file=none"
- O_CLIENT_ARGS="$O_CLIENT_ARGS -psk 6162636465666768696a6b6c6d6e6f70"
- G_CLIENT_ARGS="$G_CLIENT_ARGS --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70"
- ;;
- esac
- }
- # is_mbedtls <cmd_line>
- is_mbedtls() {
- echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null
- }
- # has_mem_err <log_file_name>
- has_mem_err() {
- if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" &&
- grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null
- then
- return 1 # false: does not have errors
- else
- return 0 # true: has errors
- fi
- }
- # Wait for process $2 to be listening on port $1
- if type lsof >/dev/null 2>/dev/null; then
- wait_server_start() {
- START_TIME=$(date +%s)
- if is_dtls "$MODE"; then
- proto=UDP
- else
- proto=TCP
- fi
- while ! lsof -a -n -b -i "$proto:$1" -p "$2" >/dev/null 2>/dev/null; do
- if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then
- echo "SERVERSTART TIMEOUT"
- echo "SERVERSTART TIMEOUT" >> $SRV_OUT
- break
- fi
- # Linux and *BSD support decimal arguments to sleep. On other
- # OSes this may be a tight loop.
- sleep 0.1 2>/dev/null || true
- done
- }
- else
- echo "Warning: lsof not available, wait_server_start = sleep"
- wait_server_start() {
- sleep 2
- }
- fi
- # start_server <name>
- # also saves name and command
- start_server() {
- case $1 in
- [Oo]pen*)
- SERVER_CMD="$OPENSSL_CMD s_server $O_SERVER_ARGS"
- ;;
- [Gg]nu*)
- SERVER_CMD="$GNUTLS_SERV $G_SERVER_ARGS --priority $G_SERVER_PRIO"
- ;;
- mbed*)
- SERVER_CMD="$M_SRV $M_SERVER_ARGS"
- if [ "$MEMCHECK" -gt 0 ]; then
- SERVER_CMD="valgrind --leak-check=full $SERVER_CMD"
- fi
- ;;
- *)
- echo "error: invalid server name: $1" >&2
- exit 1
- ;;
- esac
- SERVER_NAME=$1
- log "$SERVER_CMD"
- echo "$SERVER_CMD" > $SRV_OUT
- # for servers without -www or equivalent
- while :; do echo bla; sleep 1; done | $SERVER_CMD >> $SRV_OUT 2>&1 &
- PROCESS_ID=$!
- wait_server_start "$PORT" "$PROCESS_ID"
- }
- # terminate the running server
- stop_server() {
- kill $PROCESS_ID 2>/dev/null
- wait $PROCESS_ID 2>/dev/null
- if [ "$MEMCHECK" -gt 0 ]; then
- if is_mbedtls "$SERVER_CMD" && has_mem_err $SRV_OUT; then
- echo " ! Server had memory errors"
- SRVMEM=$(( $SRVMEM + 1 ))
- return
- fi
- fi
- rm -f $SRV_OUT
- }
- # kill the running server (used when killed by signal)
- cleanup() {
- rm -f $SRV_OUT $CLI_OUT
- kill $PROCESS_ID >/dev/null 2>&1
- kill $WATCHDOG_PID >/dev/null 2>&1
- exit 1
- }
- # wait for client to terminate and set EXIT
- # must be called right after starting the client
- wait_client_done() {
- CLI_PID=$!
- ( sleep "$DOG_DELAY"; echo "TIMEOUT" >> $CLI_OUT; kill $CLI_PID ) &
- WATCHDOG_PID=$!
- wait $CLI_PID
- EXIT=$?
- kill $WATCHDOG_PID
- wait $WATCHDOG_PID
- echo "EXIT: $EXIT" >> $CLI_OUT
- }
- # run_client <name> <cipher>
- run_client() {
- # announce what we're going to do
- TESTS=$(( $TESTS + 1 ))
- VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
- TITLE="`echo $1 | head -c1`->`echo $SERVER_NAME | head -c1`"
- TITLE="$TITLE $MODE,$VERIF $2"
- printf "%s " "$TITLE"
- LEN=$(( 72 - `echo "$TITLE" | wc -c` ))
- for i in `seq 1 $LEN`; do printf '.'; done; printf ' '
- # should we skip?
- if [ "X$SKIP_NEXT" = "XYES" ]; then
- SKIP_NEXT="NO"
- echo "SKIP"
- SKIPPED=$(( $SKIPPED + 1 ))
- return
- fi
- # run the command and interpret result
- case $1 in
- [Oo]pen*)
- CLIENT_CMD="$OPENSSL_CMD s_client $O_CLIENT_ARGS -cipher $2"
- log "$CLIENT_CMD"
- echo "$CLIENT_CMD" > $CLI_OUT
- printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 &
- wait_client_done
- if [ $EXIT -eq 0 ]; then
- RESULT=0
- else
- # If the cipher isn't supported...
- if grep 'Cipher is (NONE)' $CLI_OUT >/dev/null; then
- RESULT=1
- else
- RESULT=2
- fi
- fi
- ;;
- [Gg]nu*)
- # need to force IPv4 with UDP, but keep localhost for auth
- if is_dtls "$MODE"; then
- G_HOST="127.0.0.1"
- else
- G_HOST="localhost"
- fi
- CLIENT_CMD="$GNUTLS_CLI $G_CLIENT_ARGS --priority $G_PRIO_MODE:$2 $G_HOST"
- log "$CLIENT_CMD"
- echo "$CLIENT_CMD" > $CLI_OUT
- printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 &
- wait_client_done
- if [ $EXIT -eq 0 ]; then
- RESULT=0
- else
- RESULT=2
- # interpret early failure, with a handshake_failure alert
- # before the server hello, as "no ciphersuite in common"
- if grep -F 'Received alert [40]: Handshake failed' $CLI_OUT; then
- if grep -i 'SERVER HELLO .* was received' $CLI_OUT; then :
- else
- RESULT=1
- fi
- fi >/dev/null
- fi
- ;;
- mbed*)
- CLIENT_CMD="$M_CLI $M_CLIENT_ARGS force_ciphersuite=$2"
- if [ "$MEMCHECK" -gt 0 ]; then
- CLIENT_CMD="valgrind --leak-check=full $CLIENT_CMD"
- fi
- log "$CLIENT_CMD"
- echo "$CLIENT_CMD" > $CLI_OUT
- $CLIENT_CMD >> $CLI_OUT 2>&1 &
- wait_client_done
- case $EXIT in
- # Success
- "0") RESULT=0 ;;
- # Ciphersuite not supported
- "2") RESULT=1 ;;
- # Error
- *) RESULT=2 ;;
- esac
- if [ "$MEMCHECK" -gt 0 ]; then
- if is_mbedtls "$CLIENT_CMD" && has_mem_err $CLI_OUT; then
- RESULT=2
- fi
- fi
- ;;
- *)
- echo "error: invalid client name: $1" >&2
- exit 1
- ;;
- esac
- echo "EXIT: $EXIT" >> $CLI_OUT
- # report and count result
- case $RESULT in
- "0")
- echo PASS
- ;;
- "1")
- echo SKIP
- SKIPPED=$(( $SKIPPED + 1 ))
- ;;
- "2")
- echo FAIL
- cp $SRV_OUT c-srv-${TESTS}.log
- cp $CLI_OUT c-cli-${TESTS}.log
- echo " ! outputs saved to c-srv-${TESTS}.log, c-cli-${TESTS}.log"
- if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then
- echo " ! server output:"
- cat c-srv-${TESTS}.log
- echo " ! ==================================================="
- echo " ! client output:"
- cat c-cli-${TESTS}.log
- fi
- FAILED=$(( $FAILED + 1 ))
- ;;
- esac
- rm -f $CLI_OUT
- }
- #
- # MAIN
- #
- if cd $( dirname $0 ); then :; else
- echo "cd $( dirname $0 ) failed" >&2
- exit 1
- fi
- get_options "$@"
- # sanity checks, avoid an avalanche of errors
- if [ ! -x "$M_SRV" ]; then
- echo "Command '$M_SRV' is not an executable file" >&2
- exit 1
- fi
- if [ ! -x "$M_CLI" ]; then
- echo "Command '$M_CLI' is not an executable file" >&2
- exit 1
- fi
- if echo "$PEERS" | grep -i openssl > /dev/null; then
- if which "$OPENSSL_CMD" >/dev/null 2>&1; then :; else
- echo "Command '$OPENSSL_CMD' not found" >&2
- exit 1
- fi
- fi
- if echo "$PEERS" | grep -i gnutls > /dev/null; then
- for CMD in "$GNUTLS_CLI" "$GNUTLS_SERV"; do
- if which "$CMD" >/dev/null 2>&1; then :; else
- echo "Command '$CMD' not found" >&2
- exit 1
- fi
- done
- fi
- for PEER in $PEERS; do
- case "$PEER" in
- mbed*|[Oo]pen*|[Gg]nu*)
- ;;
- *)
- echo "Unknown peers: $PEER" >&2
- exit 1
- esac
- done
- # Pick a "unique" port in the range 10000-19999.
- PORT="0000$$"
- PORT="1$(echo $PORT | tail -c 5)"
- # Also pick a unique name for intermediate files
- SRV_OUT="srv_out.$$"
- CLI_OUT="cli_out.$$"
- # client timeout delay: be more patient with valgrind
- if [ "$MEMCHECK" -gt 0 ]; then
- DOG_DELAY=30
- else
- DOG_DELAY=10
- fi
- SKIP_NEXT="NO"
- trap cleanup INT TERM HUP
- for VERIFY in $VERIFIES; do
- for MODE in $MODES; do
- for TYPE in $TYPES; do
- for PEER in $PEERS; do
- setup_arguments
- case "$PEER" in
- [Oo]pen*)
- if test "$OSSL_NO_DTLS" -gt 0 && is_dtls "$MODE"; then
- continue;
- fi
- reset_ciphersuites
- add_common_ciphersuites
- add_openssl_ciphersuites
- filter_ciphersuites
- if [ "X" != "X$M_CIPHERS" ]; then
- start_server "OpenSSL"
- for i in $M_CIPHERS; do
- check_openssl_server_bug $i
- run_client mbedTLS $i
- done
- stop_server
- fi
- if [ "X" != "X$O_CIPHERS" ]; then
- start_server "mbedTLS"
- for i in $O_CIPHERS; do
- run_client OpenSSL $i
- done
- stop_server
- fi
- ;;
- [Gg]nu*)
- reset_ciphersuites
- add_common_ciphersuites
- add_gnutls_ciphersuites
- filter_ciphersuites
- if [ "X" != "X$M_CIPHERS" ]; then
- start_server "GnuTLS"
- for i in $M_CIPHERS; do
- run_client mbedTLS $i
- done
- stop_server
- fi
- if [ "X" != "X$G_CIPHERS" ]; then
- start_server "mbedTLS"
- for i in $G_CIPHERS; do
- run_client GnuTLS $i
- done
- stop_server
- fi
- ;;
- mbed*)
- reset_ciphersuites
- add_common_ciphersuites
- add_openssl_ciphersuites
- add_gnutls_ciphersuites
- add_mbedtls_ciphersuites
- filter_ciphersuites
- if [ "X" != "X$M_CIPHERS" ]; then
- start_server "mbedTLS"
- for i in $M_CIPHERS; do
- run_client mbedTLS $i
- done
- stop_server
- fi
- ;;
- *)
- echo "Unknown peer: $PEER" >&2
- exit 1
- ;;
- esac
- done
- done
- done
- done
- echo "------------------------------------------------------------------------"
- if [ $FAILED -ne 0 -o $SRVMEM -ne 0 ];
- then
- printf "FAILED"
- else
- printf "PASSED"
- fi
- if [ "$MEMCHECK" -gt 0 ]; then
- MEMREPORT=", $SRVMEM server memory errors"
- else
- MEMREPORT=""
- fi
- PASSED=$(( $TESTS - $FAILED ))
- echo " ($PASSED / $TESTS tests ($SKIPPED skipped$MEMREPORT))"
- FAILED=$(( $FAILED + $SRVMEM ))
- exit $FAILED
|
