From 1a0a9de9c65b62bdd8d43841aa28767e69587fc9 Mon Sep 17 00:00:00 2001 From: kaleb-himes Date: Thu, 23 Jul 2015 14:11:10 -0600 Subject: [PATCH] changes post review crl-revoked dash compliant. revoked-cert has unique fields new print statements --- certs/crl/crl.pem | 54 ++++++++-------- certs/gen_revoked.sh | 4 +- certs/renewcerts.sh | 2 +- certs/server-revoked-cert.pem | 83 ++++++++++++------------ scripts/{crl.test => crl-revoked.test} | 90 ++++++++++++++------------ scripts/include.am | 10 ++- 6 files changed, 128 insertions(+), 115 deletions(-) rename scripts/{crl.test => crl-revoked.test} (54%) diff --git a/certs/crl/crl.pem b/certs/crl/crl.pem index caef4cd7a..20610ef60 100644 --- a/certs/crl/crl.pem +++ b/certs/crl/crl.pem @@ -2,40 +2,40 @@ Certificate Revocation List (CRL): Version 2 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Last Update: Jul 22 16:17:45 2015 GMT - Next Update: Apr 17 16:17:45 2018 GMT + Last Update: Jul 23 22:05:10 2015 GMT + Next Update: Apr 18 22:05:10 2018 GMT CRL extensions: X509v3 CRL Number: - 6 + 1 Revoked Certificates: Serial Number: 02 - Revocation Date: Jul 22 16:17:45 2015 GMT + Revocation Date: Jul 23 22:05:10 2015 GMT Signature Algorithm: sha256WithRSAEncryption - 7c:5c:fe:a6:cb:e9:78:ed:10:48:59:4a:e6:d9:96:68:ea:30: - 43:ba:b8:99:d1:8b:96:5e:d9:52:4c:58:3f:c1:d4:98:f1:20: - 46:02:0f:a3:25:7b:9c:06:c7:3d:5a:f1:00:bf:d2:d6:70:5c: - 45:ee:dc:fa:22:58:36:f2:14:06:c4:18:c9:b4:f8:ff:54:56: - cf:ff:71:00:cd:a1:9a:3c:52:dc:6f:a6:c1:fa:67:2f:a9:4d: - 7e:f7:da:c0:4c:29:34:53:8d:27:31:02:ad:05:35:3e:7d:8d: - ea:f7:2a:f8:57:cb:7f:da:27:54:3d:0b:c4:69:a7:40:8f:b3: - cb:fe:dc:76:90:57:aa:62:23:22:61:8a:d5:aa:f4:43:aa:30: - bd:9d:97:df:84:58:7c:f1:d6:78:9d:a9:4f:69:7a:a2:b5:0f: - a2:61:d0:53:93:ea:d1:0f:35:ea:d4:49:09:a1:53:7d:64:ed: - 2a:c0:f3:78:d6:ad:07:38:01:56:d5:bb:66:cc:02:e7:a4:f6: - 9f:65:64:98:f8:db:0d:ed:fc:29:2e:f6:e5:e9:d8:d7:68:97: - 84:05:99:8e:e2:ad:1c:e6:ba:0d:05:46:5c:9a:6f:60:69:b3: - 03:d1:af:b9:3c:52:de:08:48:20:1a:3c:86:49:a8:06:49:b8: - 03:da:ba:89 + 68:55:84:c7:53:54:06:ea:3e:f2:d0:3d:e6:30:84:d5:12:82: + 55:5b:4c:74:60:49:5d:4f:73:cd:cc:5f:42:bf:0d:93:93:a6: + 81:60:9d:0c:7f:c6:75:f0:77:77:1f:81:cf:02:4a:7f:2e:e3: + 1b:c4:b0:eb:0f:25:53:3d:78:7b:3e:8f:16:5e:37:c6:fd:f5: + 93:bb:9a:d7:f1:78:eb:78:9f:5d:44:85:e0:5e:14:8b:b5:2b: + c5:af:23:43:82:27:0b:db:de:12:4a:1a:23:a7:f3:d9:3a:3f: + 6f:23:e2:53:a0:ef:1e:b5:f2:da:c8:00:d2:f0:57:78:af:5d: + e3:8e:c4:06:27:7d:3d:ee:04:06:96:7a:9b:34:d9:e9:bc:a3: + 2d:6c:01:36:c4:5d:bf:c5:7f:74:f3:bb:55:75:ff:a1:a9:66: + cc:b2:e0:a0:f6:0b:05:e1:ac:69:42:3f:df:b4:dd:8f:37:5c: + f5:09:4f:a7:c3:d6:ae:a2:c6:63:f3:ed:03:df:3c:ee:58:c1: + 45:e8:85:7b:99:aa:fc:7d:ae:69:94:b9:50:0a:76:7d:b9:fd: + 74:55:b8:b1:37:75:7d:f7:e6:1a:91:cd:68:b6:49:37:cb:c8: + e1:69:57:1b:c6:ef:ec:0a:fa:d3:72:92:95:ec:f1:c1:c3:53: + 7d:fb:d0:66 -----BEGIN X509 CRL----- MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x -HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE1MDcyMjE2MTc0NVoX -DTE4MDQxNzE2MTc0NVowFDASAgECFw0xNTA3MjIxNjE3NDVaoA4wDDAKBgNVHRQE -AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAfFz+psvpeO0QSFlK5tmWaOowQ7q4mdGL -ll7ZUkxYP8HUmPEgRgIPoyV7nAbHPVrxAL/S1nBcRe7c+iJYNvIUBsQYybT4/1RW -z/9xAM2hmjxS3G+mwfpnL6lNfvfawEwpNFONJzECrQU1Pn2N6vcq+FfLf9onVD0L -xGmnQI+zy/7cdpBXqmIjImGK1ar0Q6owvZ2X34RYfPHWeJ2pT2l6orUPomHQU5Pq -0Q816tRJCaFTfWTtKsDzeNatBzgBVtW7ZswC56T2n2VkmPjbDe38KS725enY12iX -hAWZjuKtHOa6DQVGXJpvYGmzA9GvuTxS3ghIIBo8hkmoBkm4A9q6iQ== +HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE1MDcyMzIyMDUxMFoX +DTE4MDQxODIyMDUxMFowFDASAgECFw0xNTA3MjMyMjA1MTBaoA4wDDAKBgNVHRQE +AwIBATANBgkqhkiG9w0BAQsFAAOCAQEAaFWEx1NUBuo+8tA95jCE1RKCVVtMdGBJ +XU9zzcxfQr8Nk5OmgWCdDH/GdfB3dx+BzwJKfy7jG8Sw6w8lUz14ez6PFl43xv31 +k7ua1/F463ifXUSF4F4Ui7Urxa8jQ4InC9veEkoaI6fz2To/byPiU6DvHrXy2sgA +0vBXeK9d447EBid9Pe4EBpZ6mzTZ6byjLWwBNsRdv8V/dPO7VXX/oalmzLLgoPYL +BeGsaUI/37Tdjzdc9QlPp8PWrqLGY/PtA9887ljBReiFe5mq/H2uaZS5UAp2fbn9 +dFW4sTd1fffmGpHNaLZJN8vI4WlXG8bv7Ar603KSlezxwcNTffvQZg== -----END X509 CRL----- diff --git a/certs/gen_revoked.sh b/certs/gen_revoked.sh index e42073d70..143f2bc6a 100755 --- a/certs/gen_revoked.sh +++ b/certs/gen_revoked.sh @@ -4,9 +4,9 @@ echo "Updating server-revoked-cert.pem" echo "" #pipe the following arguments to openssl req... - echo -e "US\nMontana\nBozeman\nwolfSSL\nSupport\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key server-revoked-key.pem -nodes > server-revoked-req.pem + echo -e "US\nMontana\nBozeman\nwolfSSL_revoked\nSupport_revoked\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key server-revoked-key.pem -nodes > server-revoked-req.pem - openssl x509 -req -in server-revoked-req.pem -extfile wolfssl.cnf -extensions wolfssl_opts -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 02 > server-revoked-cert.pem + openssl x509 -req -in server-revoked-req.pem -extfile renewcerts/wolfssl.cnf -extensions wolfssl_opts -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 02 > server-revoked-cert.pem rm server-revoked-req.pem diff --git a/certs/renewcerts.sh b/certs/renewcerts.sh index c163dcab9..d021258f3 100755 --- a/certs/renewcerts.sh +++ b/certs/renewcerts.sh @@ -104,7 +104,7 @@ function run_renewcerts(){ echo "Updating server-revoked-cert.pem" echo "" #pipe the following arguments to openssl req... - echo -e "US\nMontana\nBozeman\nwolfSSL\nSupport\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key server-revoked-key.pem -nodes > server-revoked-req.pem + echo -e "US\nMontana\nBozeman\nwolfSSL_revoked\nSupport_revoked\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key server-revoked-key.pem -nodes > server-revoked-req.pem openssl x509 -req -in server-revoked-req.pem -extfile wolfssl.cnf -extensions wolfssl_opts -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 02 > server-revoked-cert.pem diff --git a/certs/server-revoked-cert.pem b/certs/server-revoked-cert.pem index c4d4cc68d..65028f3b0 100644 --- a/certs/server-revoked-cert.pem +++ b/certs/server-revoked-cert.pem @@ -5,9 +5,9 @@ Certificate: Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Validity - Not Before: Jul 22 16:17:13 2015 GMT - Not After : Apr 17 16:17:13 2018 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Jul 23 22:04:57 2015 GMT + Not After : Apr 18 22:04:57 2018 GMT + Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_revoked, OU=Support_revoked, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) @@ -42,47 +42,48 @@ Certificate: X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha256WithRSAEncryption - 9a:f1:4a:20:31:d1:06:ac:6f:88:ff:c5:c1:db:85:cf:a1:bc: - 25:6a:04:12:9a:5e:23:31:ab:d1:aa:cb:a2:a7:0e:8f:9a:2d: - f2:84:5b:40:05:6f:fb:9c:88:e8:a7:92:a4:95:aa:34:c3:7a: - 8c:95:6f:a1:30:9a:a7:0c:1c:57:e0:76:ad:4b:53:c1:71:b3: - 8d:11:96:59:0c:c9:2b:92:69:bb:5a:48:55:23:77:dd:26:0b: - 34:ec:25:98:7a:3b:a5:de:ed:0b:d0:05:80:cc:d2:db:9e:3c: - 9e:b2:49:97:38:06:28:48:44:a8:75:88:43:2c:bc:44:44:4f: - 9a:33:08:8f:dc:8a:51:ce:7e:0f:d6:10:95:01:e1:b4:65:0f: - 0a:9f:23:b0:76:e8:10:c4:ac:80:97:e4:93:1a:ce:1a:a4:ea: - 9d:5d:89:93:ca:83:c0:b0:19:eb:c9:58:f7:bf:22:c0:6f:7d: - 4e:1f:44:69:47:b0:d0:3c:07:db:dc:95:7c:cf:32:fc:3b:4d: - 43:42:c0:c4:cc:af:5a:f0:4e:e1:65:15:12:7d:bd:bc:68:72: - 4c:ae:e5:8a:81:21:fb:1a:45:3f:89:f3:2a:a3:c1:e0:49:8b: - c1:2b:9f:fd:99:54:d4:84:5f:ec:2a:8e:ba:06:23:85:3f:a1: - d9:57:c0:ee + 34:66:48:5b:30:5c:6e:fa:76:c9:6a:ce:07:79:d9:99:fa:7a: + 9d:80:2d:fc:51:78:71:c4:31:2c:40:28:c8:63:26:6f:d2:39: + 63:97:3f:00:d3:d0:69:10:3f:a9:00:07:7b:59:44:85:29:03: + 31:0a:d8:ed:88:e5:1e:fa:e0:8c:9b:e0:7e:6e:d6:fb:7c:cc: + cf:bd:43:0a:df:15:bd:8f:2a:6f:b2:51:19:b8:2a:64:0e:25: + 68:75:af:43:5a:bf:40:2b:69:9c:27:81:0c:5d:78:a1:55:a4: + 21:a0:87:9e:a2:aa:60:ac:da:2f:30:f5:d5:c9:c1:22:6b:c1: + 06:c2:42:c7:56:35:13:cd:af:5f:c9:89:bf:e9:30:b3:92:bc: + 21:6d:b8:23:85:46:44:3f:52:72:a4:7b:95:41:1a:b1:03:92: + aa:0c:5c:2e:16:95:c5:60:7a:6c:6b:f8:ae:9b:b7:08:c9:1f: + 0d:85:91:e0:7f:bc:0d:0d:c7:69:2d:5f:99:b7:88:06:be:c5: + d3:84:1a:46:b6:cb:53:04:27:e9:71:36:72:41:f6:63:9b:cb: + 25:6f:16:8b:0e:ef:42:db:b5:27:45:cf:a7:3e:3e:ae:78:7c: + d8:6b:a8:f6:52:e4:a7:93:b7:8c:94:d2:4a:93:04:20:67:aa: + c3:ea:24:f9 -----BEGIN CERTIFICATE----- -MIIEnjCCA4agAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIErjCCA5agAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUwNzIy -MTYxNzEzWhcNMTgwNDE3MTYxNzEzWjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM -B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO -BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG -SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBALAUFjpD3eFQRU/PgLPdZpbH6fTc3rZrJBt2SKzGI6Wn5AUZvbf2 -3vr/7Vs8eYqp1fH768ix5LKrUnKJkyJcus2KNios0UDsqGYOw3bN57OjCh7dSgeC -F4G63lfOtjKBx70Ru+kVIk7iFqzj1MBoiGwR/MK9G9sd/eZDxxszuPTlG1k5EjhN -LZtkaJj8jXISkfIkJWxMSkhXkgDMftjUPbgd8p7qsiMPUQ8RQRz1JwAbCHoSOgVb -AyT+sXsg+uSoWMbKzn++lQESnQXmORMbwD5WLiufdjfe3pvgDXpjDaciWNsxx/e0 -Rly6tktIsRiaaLNjR/2vEl8v/hDLWCszaIUCAwEAAaOB/DCB+TAdBgNVHQ4EFgQU -2AkrWeEq7tnuQKqcq/BdKAlPIrswgckGA1UdIwSBwTCBvoAUJ45nEXTDJh0/7TNj -s6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5h -MRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwK -Q29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN -AQkBFhBpbmZvQHdvbGZzc2wuY29tggkA2YA6w9L02jcwDAYDVR0TBAUwAwEB/zAN -BgkqhkiG9w0BAQsFAAOCAQEAmvFKIDHRBqxviP/FwduFz6G8JWoEEppeIzGr0arL -oqcOj5ot8oRbQAVv+5yI6KeSpJWqNMN6jJVvoTCapwwcV+B2rUtTwXGzjRGWWQzJ -K5Jpu1pIVSN33SYLNOwlmHo7pd7tC9AFgMzS2548nrJJlzgGKEhEqHWIQyy8RERP -mjMIj9yKUc5+D9YQlQHhtGUPCp8jsHboEMSsgJfkkxrOGqTqnV2Jk8qDwLAZ68lY -978iwG99Th9EaUew0DwH29yVfM8y/DtNQ0LAxMyvWvBO4WUVEn29vGhyTK7lioEh -+xpFP4nzKqPB4EmLwSuf/ZlU1IRf7CqOugYjhT+h2VfA7g== +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUwNzIz +MjIwNDU3WhcNMTgwNDE4MjIwNDU3WjCBoDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM +B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGDAWBgNVBAoMD3dvbGZTU0xfcmV2 +b2tlZDEYMBYGA1UECwwPU3VwcG9ydF9yZXZva2VkMRgwFgYDVQQDDA93d3cud29s +ZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwFBY6Q93hUEVPz4Cz3WaWx+n03N62 +ayQbdkisxiOlp+QFGb239t76/+1bPHmKqdXx++vIseSyq1JyiZMiXLrNijYqLNFA +7KhmDsN2zeezowoe3UoHgheBut5XzrYygce9EbvpFSJO4has49TAaIhsEfzCvRvb +Hf3mQ8cbM7j05RtZORI4TS2bZGiY/I1yEpHyJCVsTEpIV5IAzH7Y1D24HfKe6rIj +D1EPEUEc9ScAGwh6EjoFWwMk/rF7IPrkqFjGys5/vpUBEp0F5jkTG8A+Vi4rn3Y3 +3t6b4A16Yw2nIljbMcf3tEZcurZLSLEYmmizY0f9rxJfL/4Qy1grM2iFAgMBAAGj +gfwwgfkwHQYDVR0OBBYEFNgJK1nhKu7Z7kCqnKvwXSgJTyK7MIHJBgNVHSMEgcEw +gb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQ +MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 +dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns +LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJANmAOsPS9No3 +MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADRmSFswXG76dslqzgd5 +2Zn6ep2ALfxReHHEMSxAKMhjJm/SOWOXPwDT0GkQP6kAB3tZRIUpAzEK2O2I5R76 +4Iyb4H5u1vt8zM+9QwrfFb2PKm+yURm4KmQOJWh1r0Nav0AraZwngQxdeKFVpCGg +h56iqmCs2i8w9dXJwSJrwQbCQsdWNRPNr1/Jib/pMLOSvCFtuCOFRkQ/UnKke5VB +GrEDkqoMXC4WlcVgemxr+K6btwjJHw2FkeB/vA0Nx2ktX5m3iAa+xdOEGka2y1ME +J+lxNnJB9mObyyVvFosO70LbtSdFz6c+Pq54fNhrqPZS5KeTt4yU0kqTBCBnqsPq +JPk= -----END CERTIFICATE----- Certificate: Data: diff --git a/scripts/crl.test b/scripts/crl-revoked.test similarity index 54% rename from scripts/crl.test rename to scripts/crl-revoked.test index 421359520..ea72750ee 100755 --- a/scripts/crl.test +++ b/scripts/crl-revoked.test @@ -1,35 +1,36 @@ -#!/bin/bash +#!/bin/sh #crl.test -log_file="scripts/client_result.txt" -success_line="err = -361, CRL Cert revoked" -exit_code=-1 - +revocation_code="-361" +exit_code=1 +counter=0 crl_port=11113 #no_pid tells us process was never started if -1 no_pid=-1 #server_pid captured on startup, stores the id of the server process server_pid=$no_pid -function remove_ready_file() { +remove_ready_file() { if test -e /tmp/wolfssl_server_ready; then echo -e "removing exisitng server_ready file" rm /tmp/wolfssl_server_ready fi } -function remove_log_file() { - if test -e $log_file; then - echo -e "removing client log file" - rm $log_file - fi -} - # trap this function so if user aborts with ^C or other kill signal we still # get an exit that will in turn clean up the file system -function abort_trap() { - exit_code=-2 #different exit code in case of user interrupt +abort_trap() { + echo "script aborted" + + if [ $server_pid != $no_pid ] + then + echo "killing server" + kill -9 $server_pid + fi + + exit_code=2 #different exit code in case of user interrupt + echo "got abort signal, exiting with $exit_code" exit $exit_code } @@ -39,20 +40,12 @@ trap abort_trap INT TERM # trap this function so that if we exit on an error the file system will still # be restored and the other tests may still pass. Never call this function # instead use "exit " and this function will run automatically -function restore_file_system() { - echo "in cleanup" - - if [ $server_pid != $no_pid ] - then - echo "killing server" - kill -9 $server_pid - fi +restore_file_system() { remove_ready_file - remove_log_file } trap restore_file_system EXIT -function run_test() { +run_test() { echo -e "\nStarting example server for crl test...\n" remove_ready_file @@ -60,28 +53,42 @@ function run_test() { # starts the server on crl_port, -R generates ready file to be used as a # mutex lock, -c loads the revoked certificate. We capture the processid # into the variable server_pid - ./examples/server/server -R -p $crl_port -c certs/server-revoked-cert.pem & + ./examples/server/server -R -p $crl_port -c certs/server-revoked-cert.pem \ + -k certs/server-revoked-key.pem & server_pid=$! - while [ ! -s /tmp/wolfssl_server_ready ]; do + while [ ! -s /tmp/wolfssl_server_ready -a "$counter" -lt 20 ]; do echo -e "waiting for server_ready file..." sleep 0.1 + counter=$((counter+ 1)) done - # starts client on crl_port and redirects output to log_file - ./examples/client/client -p $crl_port &> $log_file + # starts client on crl_port and captures the output from client + capture_out=$(./examples/client/client -p $crl_port 2>&1) client_result=$? - if test -e $log_file - then - while read line; - do - if [[ "x$success_line" == "x$line" ]] - then - echo "Successful Revocation!!!!" - fi - done < $log_file - fi + wait $server_pid + server_result=$? + + # look up wild-card match + # read about "job control" + case "$capture_out" in + *$revocation_code*) + # only exit with zero on detection of the expected error code + echo "" + echo "Successful Revocation!!!!" + echo "" + exit_code=0 + echo "exiting with $exit_code" + exit $exit_code + ;; + *) + echo "" + echo "Certificate was not revoked saw this instead: $capture_out" + echo "" + echo "configure with --enable-crl and run this script again" + echo "" + esac } @@ -89,7 +96,8 @@ function run_test() { # run the test run_test -exit_code=0 -echo "exiting with $exit_code" + +# If we get to this exit, exit_code will be a -1 signaling failure +echo "exiting with $exit_code certificate was not revoked" exit $exit_code ########## end program ########## diff --git a/scripts/include.am b/scripts/include.am index 95ddbb4dd..4b1b105c5 100644 --- a/scripts/include.am +++ b/scripts/include.am @@ -10,14 +10,18 @@ endif if BUILD_EXAMPLES dist_noinst_SCRIPTS+= scripts/resume.test + +if BUILD_CRL +# make revoked test rely on completion of resume test +dist_noinst_SCRIPTS+= scripts/crl-revoked.test +scripts/crl-revoked.log: scripts/resume.log +endif + if !BUILD_IPV6 dist_noinst_SCRIPTS+= scripts/external.test dist_noinst_SCRIPTS+= scripts/google.test endif endif -if BUILD_CRL -dist_noinst_SCRIPTS+= scripts/crl.test -endif EXTRA_DIST += scripts/testsuite.pcap