# Create necessary files.
cleanup
-"$srcdir/../src/tlsproxy-setup" >/dev/null 2>/dev/null
+tlsproxy_setup
# Normal tests.
-../src/tlsproxy -d2 -u 4711 >/dev/null &
+tlsproxy -u 4711
server --x509certfile "$srcdir/server.pem" \
--x509keyfile "$srcdir/server-key.pem"
-sleep 1
+wait_for_ports 4711 4712
echo invalid hostname
-client unknown-host 80 - && abort
+client unknown-host 80 - && abort 'client unknown-host 80 -'
test_proxy_failure
test_no_invalid_certificate
echo missing proxy and server certificate
-client localhost 4712 'test server' || abort
+client localhost 4712 'test server' || abort 'client localhost 4712 test server'
test_proxy_successful
test_invalid_certificate
# Create the proxy certificate.
-"$srcdir/../src/tlsproxy-add" localhost "$srcdir/server.pem" \
- >/dev/null 2>/dev/null
+tlsproxy_add localhost server.pem
echo missing server certificate
mv certificate-localhost-server.pem .pem
-client localhost 4712 'test server' || abort
+client localhost 4712 'test server' || abort 'client localhost 4712 test server'
mv .pem certificate-localhost-server.pem
test_proxy_successful
test_invalid_certificate
mv certificate-localhost-proxy.pem .pem
# "invalid" to prevent user error if the proxy certificate gets deleted (but
# the server certificate is still readable).
-client localhost 4712 invalid || abort
+client localhost 4712 invalid || abort 'client localhost 4712 invalid'
mv .pem certificate-localhost-proxy.pem
test_proxy_successful
test_invalid_certificate
echo normal connection
# 'localhost' is the CN of tlsproxy's certificate.
-client localhost 4712 localhost || abort
+client localhost 4712 localhost || abort 'client localhost 4712 localhost'
test_proxy_successful
test_no_invalid_certificate
# Stop server and try a "MITM" with a bad certificate.
echo
-pkill -n gnutls-serv
+kill $pid_server || echo 'failed to kill gnutls-serv'
server --x509certfile "$srcdir/server-bad.pem" \
--x509keyfile "$srcdir/server-key.pem"
-sleep 1
+wait_for_ports 4712
rm -f certificate-localhost-proxy.pem certificate-localhost-server.pem
echo mitm invalid hostname
-client unknown-host 80 - && abort
+client unknown-host 80 - && abort 'client unknown-host 80 -'
test_proxy_failure
test_no_invalid_certificate
echo mitm missing proxy and server certificate
-client localhost 4712 'test server bad' || abort
+client localhost 4712 'test server bad' || abort 'client localhost 4712 test server bad'
test_proxy_successful
test_invalid_certificate
# Create the proxy certificate.
-"$srcdir/../src/tlsproxy-add" localhost "$srcdir/server.pem" \
- >/dev/null 2>/dev/null
+tlsproxy_add localhost server.pem
echo mitm missing server certificate
mv certificate-localhost-server.pem .pem
-client localhost 4712 'test server bad' || abort
+client localhost 4712 'test server bad' || abort 'client localhost 4712 test server bad'
mv .pem certificate-localhost-server.pem
test_proxy_successful
test_invalid_certificate
mv certificate-localhost-proxy.pem .pem
# "invalid" to prevent user error if the proxy certificate gets deleted (but
# the server certificate is still readable).
-client localhost 4712 invalid || abort
+client localhost 4712 invalid || abort 'client localhost 4712 invalid'
mv .pem certificate-localhost-proxy.pem
test_proxy_successful
test_invalid_certificate
echo mitm normal connection
-client localhost 4712 invalid || abort
+client localhost 4712 invalid || abort 'client localhost 4712 invalid'
test_proxy_successful
test_invalid_certificate
-stop_servers
+# stop_servers in trap-handler
cleanup
-rm -f tmp
exit 0