tempfile=`mktemp` || exit 1
die() {
- rm -f $tempfile
+ rm -f "$tempfile"
exit 1
}
# Generate server certificate for given host.
-echo 'organization = tlsproxy' > $tempfile
-echo "cn = $1" >> $tempfile
-echo tls_www_server >> $tempfile
-echo encryption_key >> $tempfile
-echo signing_key >> $tempfile
+echo 'organization = tlsproxy' > "$tempfile"
+echo "cn = $1" >> "$tempfile"
+echo tls_www_server >> "$tempfile"
+echo encryption_key >> "$tempfile"
+echo signing_key >> "$tempfile"
certtool --generate-certificate \
--load-privkey proxy-key.pem \
--load-ca-certificate proxy-ca.pem \
--load-ca-privkey proxy-ca-key.pem \
- --template $tempfile \
+ --template "$tempfile" \
--outfile "certificate-$1-proxy.pem" || die
-rm $tempfile
+rm "$tempfile"
if [ "x$2" = x ]; then
echo please enter server certificate
tempfile=`mktemp` || exit 1
die() {
- rm -f $tempfile
+ rm -f "$tempfile"
exit 1
}
# Generate proxy CA key file.
certtool --generate-privkey > proxy-ca-key.pem || die
# Generate proxy CA.
-echo 'cn = tlsproxy CA' > $tempfile
-echo ca >> $tempfile
-echo cert_signing_key >> $tempfile
+echo 'cn = tlsproxy CA' > "$tempfile"
+echo ca >> "$tempfile"
+echo cert_signing_key >> "$tempfile"
certtool --generate-self-signed \
--load-privkey proxy-ca-key.pem \
- --template $tempfile \
+ --template "$tempfile" \
--outfile proxy-ca.pem || die
# Generate proxy key file.
# Generate proxy "invalid" server certificate. It's used for problematic
# connections.
-echo 'organization = tlsproxy' > $tempfile
-echo 'cn = invalid' >> $tempfile
-echo tls_www_server >> $tempfile
-echo encryption_key >> $tempfile
-echo signing_key >> $tempfile
+echo 'organization = tlsproxy' > "$tempfile"
+echo 'cn = invalid' >> "$tempfile"
+echo tls_www_server >> "$tempfile"
+echo encryption_key >> "$tempfile"
+echo signing_key >> "$tempfile"
certtool --generate-self-signed \
--load-privkey proxy-key.pem \
- --template $tempfile \
+ --template "$tempfile" \
--outfile proxy-invalid.pem || die
-rm $tempfile
+rm "$tempfile"
echo done
# Handle empty $srcdir.
[ "x$srcdir" = x ] && srcdir=.
-. $srcdir/common.sh
+. "$srcdir/common.sh"
# Create necessary files.
cleanup
-$srcdir/../src/tlsproxy-setup >/dev/null 2>/dev/null
+"$srcdir/../src/tlsproxy-setup" >/dev/null 2>/dev/null
# Normal tests.
../src/tlsproxy -d2 4711 >/dev/null &
-server --x509certfile $srcdir/server.pem \
- --x509keyfile $srcdir/server-key.pem
+server --x509certfile "$srcdir/server.pem" \
+ --x509keyfile "$srcdir/server-key.pem"
sleep 1
test_invalid_certificate
# Create the proxy certificate.
-$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \
+"$srcdir/../src/tlsproxy-add" localhost "$srcdir/server.pem" \
>/dev/null 2>/dev/null
echo missing server certificate
# Stop server and try a "MITM" with a bad certificate.
echo
pkill -n gnutls-serv
-server --x509certfile $srcdir/server-bad.pem \
- --x509keyfile $srcdir/server-key.pem
+server --x509certfile "$srcdir/server-bad.pem" \
+ --x509keyfile "$srcdir/server-key.pem"
sleep 1
rm -f certificate-localhost-proxy.pem certificate-localhost-server.pem
test_invalid_certificate
# Create the proxy certificate.
-$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \
+"$srcdir/../src/tlsproxy-add" localhost "$srcdir/server.pem" \
>/dev/null 2>/dev/null
echo mitm missing server certificate
# Handle empty $srcdir.
[ "x$srcdir" = x ] && srcdir=.
-. $srcdir/common.sh
+. "$srcdir/common.sh"
# Create necessary files.
cleanup
-$srcdir/../src/tlsproxy-setup >/dev/null 2>/dev/null
+"$srcdir/../src/tlsproxy-setup" >/dev/null 2>/dev/null
# Normal tests.
../src/tlsproxy -d2 -u 4711 >/dev/null &
-server --x509certfile $srcdir/server.pem \
- --x509keyfile $srcdir/server-key.pem
+server --x509certfile "$srcdir/server.pem" \
+ --x509keyfile "$srcdir/server-key.pem"
sleep 1
test_invalid_certificate
# Create the proxy certificate.
-$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \
+"$srcdir/../src/tlsproxy-add" localhost "$srcdir/server.pem" \
>/dev/null 2>/dev/null
echo missing server certificate
# Stop server and try a "MITM" with a bad certificate.
echo
pkill -n gnutls-serv
-server --x509certfile $srcdir/server-bad.pem \
- --x509keyfile $srcdir/server-key.pem
+server --x509certfile "$srcdir/server-bad.pem" \
+ --x509keyfile "$srcdir/server-key.pem"
sleep 1
rm -f certificate-localhost-proxy.pem certificate-localhost-server.pem
test_invalid_certificate
# Create the proxy certificate.
-$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \
+"$srcdir/../src/tlsproxy-add" localhost "$srcdir/server.pem" \
>/dev/null 2>/dev/null
echo mitm missing server certificate
[ "x$srcdir" = x ] && srcdir=.
echo "RUNNING NORMAL TESTS"
-$srcdir/tests-normal.sh || exit 1
+"$srcdir/tests-normal.sh" || exit 1
echo
echo "RUNNING PASSTHROUGH (-u) TESTS"
-$srcdir/tests-passthrough.sh || exit 1
+"$srcdir/tests-passthrough.sh" || exit 1