3 # tlsproxy test "suite".
6 # Handle empty $srcdir.
7 [ "x$srcdir" = x ] && srcdir=.
16 gnutls-serv --http --port 4712 "$@" >/dev/null 2>/dev/null &
19 ./client ./proxy-ca.pem "$@" > tmp 2>&1
22 test_proxy_failure() {
23 grep 'proxy failure' tmp >/dev/null || abort
24 grep 'response: HTTP/1.0 503 Forwarding failure' tmp >/dev/null \
27 test_proxy_successful() {
28 grep 'response: HTTP/1.0 200 Connection established' tmp >/dev/null \
31 test_invalid_certificate() {
32 grep 'certificate invalid' tmp >/dev/null || abort
34 test_no_invalid_certificate() {
35 grep 'certificate invalid' tmp >/dev/null && abort
39 # Create necessary files.
40 $srcdir/../src/tlsproxy-setup >/dev/null 2>/dev/null
43 ../src/tlsproxy -d2 4711 >/dev/null &
44 server --x509certfile $srcdir/server.pem \
45 --x509keyfile $srcdir/server-key.pem
50 client unknown-host 80 - && abort
52 test_no_invalid_certificate
54 echo missing proxy and server certificate
55 client localhost 4712 invalid || abort
57 test_invalid_certificate
59 # Create the proxy certificate.
60 $srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \
61 >/dev/null 2>/dev/null
62 rm -f certificate-localhost-server.pem
64 echo missing server certificate
65 client localhost 4712 invalid || abort
67 test_invalid_certificate
69 # Create the proxy and server certificate.
70 $srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \
71 >/dev/null 2>/dev/null
73 echo normal connection
74 client localhost 4712 localhost || abort
76 test_no_invalid_certificate
79 # Stop server and try a "MITM" with a bad certificate.
82 server --x509certfile $srcdir/server-bad.pem \
83 --x509keyfile $srcdir/server-key.pem
87 echo mitm invalid hostname
88 client unknown-host 80 - && abort
90 test_no_invalid_certificate
92 echo mitm missing proxy and server certificate
93 client localhost 4712 invalid || abort
95 test_invalid_certificate
97 # Create the proxy certificate.
98 $srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \
99 >/dev/null 2>/dev/null
100 rm -f certificate-localhost-server.pem
102 echo mitm missing server certificate
103 client localhost 4712 invalid || abort
104 test_proxy_successful
105 test_invalid_certificate
107 # Create the proxy and server certificate.
108 $srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \
109 >/dev/null 2>/dev/null
111 echo mitm normal connection
112 client localhost 4712 invalid || abort
113 test_proxy_successful
114 test_invalid_certificate
121 certificate-localhost-proxy.pem certificate-localhost-server.pem \
122 proxy-ca-key.pem proxy-ca.pem proxy-invalid.pem proxy-key.pem