X-Git-Url: https://ruderich.org/simon/gitweb/?a=blobdiff_plain;f=tests%2Ftests-normal.sh;fp=tests%2Ftests-normal.sh;h=41b6e36817d478b34c8cafec50325ba912917e54;hb=c955255347f4ca514f26ad96a12524b38d235dee;hp=0000000000000000000000000000000000000000;hpb=d3ee0e4a91df6a73d93db8f1b0e70d2c528fc7b8;p=tlsproxy%2Ftlsproxy.git

diff --git a/tests/tests-normal.sh b/tests/tests-normal.sh
new file mode 100755
index 0000000..41b6e36
--- /dev/null
+++ b/tests/tests-normal.sh
@@ -0,0 +1,112 @@
+#!/bin/sh
+
+# Normal tlsproxy tests.
+#
+# Copyright (C) 2011  Simon Ruderich
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+
+# Handle empty $srcdir.
+[ "x$srcdir" = x ] && srcdir=.
+
+. $srcdir/common.sh
+
+
+# Create necessary files.
+$srcdir/../src/tlsproxy-setup >/dev/null 2>/dev/null
+
+# Normal tests.
+../src/tlsproxy -d2 4711 >/dev/null &
+server --x509certfile $srcdir/server.pem \
+       --x509keyfile $srcdir/server-key.pem
+sleep 1
+
+
+echo invalid hostname
+client unknown-host 80 - && abort
+test_proxy_failure
+test_no_invalid_certificate
+
+echo missing proxy and server certificate
+client localhost 4712 invalid || abort
+test_proxy_successful
+test_invalid_certificate
+
+# Create the proxy certificate.
+$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \
+    >/dev/null 2>/dev/null
+rm -f certificate-localhost-server.pem
+
+echo missing server certificate
+client localhost 4712 invalid || abort
+test_proxy_successful
+test_invalid_certificate
+
+# Create the proxy and server certificate.
+$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \
+    >/dev/null 2>/dev/null
+
+echo normal connection
+client localhost 4712 localhost || abort
+test_proxy_successful
+test_no_invalid_certificate
+
+
+# Stop server and try a "MITM" with a bad certificate.
+echo
+pkill -n gnutls-serv
+server --x509certfile $srcdir/server-bad.pem \
+       --x509keyfile $srcdir/server-key.pem
+sleep 1
+
+
+echo mitm invalid hostname
+client unknown-host 80 - && abort
+test_proxy_failure
+test_no_invalid_certificate
+
+echo mitm missing proxy and server certificate
+client localhost 4712 invalid || abort
+test_proxy_successful
+test_invalid_certificate
+
+# Create the proxy certificate.
+$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \
+    >/dev/null 2>/dev/null
+rm -f certificate-localhost-server.pem
+
+echo mitm missing server certificate
+client localhost 4712 invalid || abort
+test_proxy_successful
+test_invalid_certificate
+
+# Create the proxy and server certificate.
+$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \
+    >/dev/null 2>/dev/null
+
+echo mitm normal connection
+client localhost 4712 invalid || abort
+test_proxy_successful
+test_invalid_certificate
+
+
+pkill -n gnutls-serv
+pkill -n tlsproxy
+
+rm -f tmp \
+    certificate-localhost-proxy.pem certificate-localhost-server.pem \
+    proxy-ca-key.pem proxy-ca.pem proxy-invalid.pem proxy-key.pem
+
+exit 0