From abfc788389e68deb40a76f5501daa6a64fea2951 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Wed, 9 Mar 2022 12:28:22 -0600 Subject: [PATCH] script cleanup: use #!/bin/bash on all scripts that use "echo -e" (/bin/sh is sometimes a non-Bourne/non-POSIX shell, e.g. dash/ash, with no support for "echo -e"); fix whitespace. --- async-check.sh | 4 +-- autogen.sh | 6 ++-- certs/ecc/genecc.sh | 36 +++++++++---------- certs/gen_revoked.sh | 2 +- certs/intermediate/genintcerts.sh | 18 +++++----- certs/test-pathlen/assemble-chains.sh | 2 +- certs/test/gen-testcerts.sh | 12 +++---- commit-tests.sh | 2 +- pre-commit.sh | 4 +-- pre-push.sh | 2 +- scripts/crl-revoked.test | 9 +++-- scripts/external.test | 20 +++++------ scripts/google.test | 2 +- scripts/memtest.sh | 16 ++++----- .../ocsp-stapling-with-ca-as-responder.test | 32 ++++++++--------- scripts/ocsp-stapling.test | 34 +++++++++--------- scripts/ocsp-stapling2.test | 34 +++++++++--------- scripts/ocsp.test | 12 +++---- scripts/openssl.test | 2 +- scripts/ping.test | 2 +- scripts/pkcallbacks.test | 2 +- scripts/psk.test | 2 +- scripts/resume.test | 2 +- scripts/sniffer-testsuite.test | 2 +- scripts/sniffer-tls13-gen.sh | 2 +- scripts/tls13.test | 7 ++-- scripts/unit.test.in | 6 ++-- src/ssl.c | 2 +- wrapper/python/wolfssl/.ubuntu-provisioner.sh | 2 +- 29 files changed, 138 insertions(+), 140 deletions(-) diff --git a/async-check.sh b/async-check.sh index 37c99a2c1..3d70ddee8 100755 --- a/async-check.sh +++ b/async-check.sh @@ -2,7 +2,7 @@ # async-check.sh -# This script creates symbolic links to the required asynchronous +# This script creates symbolic links to the required asynchronous # file for using the asynchronous simulator and make check # # $ ./async-check [keep] @@ -32,7 +32,7 @@ then else # make a clone of the wolfAsyncCrypt repository git clone --depth 1 $ASYNC_REPO async - [ $? -ne 0 ] && echo "\n\nCouldn't checkout the wolfAsyncCrypt repository\n\n" && exit 1 + [ $? -ne 0 ] && echo "\n\nCouldn't checkout the wolfAsyncCrypt repository\n\n" && exit 1 fi # setup auto-conf diff --git a/autogen.sh b/autogen.sh index af9b8acae..c5d55d0d0 100755 --- a/autogen.sh +++ b/autogen.sh @@ -6,13 +6,13 @@ # Git hooks should come before autoreconf. if [ -d .git ]; then if [ ! -d .git/hooks ]; then - mkdir .git/hooks || exit $? + mkdir .git/hooks || exit $? fi if [ ! -e .git/hooks/pre-commit ]; then - ln -s ../../pre-commit.sh .git/hooks/pre-commit || exit $? + ln -s ../../pre-commit.sh .git/hooks/pre-commit || exit $? fi if [ ! -e .git/hooks/pre-push ]; then - ln -s ../../pre-push.sh .git/hooks/pre-push || exit $? + ln -s ../../pre-push.sh .git/hooks/pre-push || exit $? fi fi diff --git a/certs/ecc/genecc.sh b/certs/ecc/genecc.sh index 3ecb01092..e17ad4463 100755 --- a/certs/ecc/genecc.sh +++ b/certs/ecc/genecc.sh @@ -14,11 +14,11 @@ echo 2000 > ./certs/ecc/crlnumber # generate ECC 256-bit CA if [ -f ./certs/ca-ecc-key.pem ]; then openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -key ./certs/ca-ecc-key.pem -out ./certs/ca-ecc-cert.pem -sha256 \ - -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com" + -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com" else openssl ecparam -out ./certs/ca-ecc-key.par -name prime256v1 openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc-key.par -keyout ./certs/ca-ecc-key.pem -out ./certs/ca-ecc-cert.pem -sha256 \ - -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com" + -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com" fi openssl x509 -in ./certs/ca-ecc-cert.pem -inform PEM -out ./certs/ca-ecc-cert.der -outform DER @@ -43,18 +43,18 @@ openssl x509 -in ./certs/server-ecc.pem -outform der -out ./certs/server-ecc.der openssl x509 -req -in ./certs/server-ecc-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions server_cert -signkey ./certs/ecc-key.pem -text -out ./certs/server-ecc-self.pem openssl x509 -inform pem -in ./certs/server-ecc-self.pem -outform der -out ./certs/server-ecc-self.der -rm ./certs/server-ecc-req.pem +rm ./certs/server-ecc-req.pem # generate ECC 384-bit CA if [ -f ./certs/ca-ecc384-key.pem ]; then openssl req -config ./certs/ecc/wolfssl_384.cnf -extensions v3_ca -x509 -nodes -key ./certs/ca-ecc384-key.pem -out ./certs/ca-ecc384-cert.pem -sha384 \ - -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com" + -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com" else openssl ecparam -out ./certs/ca-ecc384-key.par -name secp384r1 openssl req -config ./certs/ecc/wolfssl_384.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc384-key.par -keyout ./certs/ca-ecc384-key.pem -out ./certs/ca-ecc384-cert.pem -sha384 \ - -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com" + -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com" fi openssl x509 -in ./certs/ca-ecc384-cert.pem -inform PEM -out ./certs/ca-ecc384-cert.der -outform DER @@ -70,48 +70,48 @@ openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -gencrl -crldays 1000 -out # Generate ECC 384-bit server cert if [ -f ./certs/server-ecc384-key.pem ]; then openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -key ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \ - -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" + -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" else openssl ecparam -out ./certs/server-ecc384-key.par -name secp384r1 openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/server-ecc384-key.par -keyout ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \ - -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" + -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" fi openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \ - -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" + -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" openssl ec -in ./certs/server-ecc384-key.pem -inform PEM -out ./certs/server-ecc384-key.der -outform DER # Sign server certificate openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -extensions server_cert -days 10950 -notext -md sha384 -in ./certs/server-ecc384-req.pem -out ./certs/server-ecc384-cert.pem openssl x509 -in ./certs/server-ecc384-cert.pem -outform der -out ./certs/server-ecc384-cert.der -rm ./certs/server-ecc384-req.pem +rm ./certs/server-ecc384-req.pem rm ./certs/server-ecc384-key.par # Generate ECC 384-bit client cert if [ -f ./certs/client-ecc384-key.pem ]; then openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -key ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \ - -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" + -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" else openssl ecparam -out ./certs/client-ecc384-key.par -name secp384r1 openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/client-ecc384-key.par -keyout ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \ - -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" + -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" fi openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \ - -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Clit/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" + -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Clit/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" openssl ec -in ./certs/client-ecc384-key.pem -inform PEM -out ./certs/client-ecc384-key.der -outform DER # Sign client certificate openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -extensions usr_cert -days 10950 -notext -md sha384 -in ./certs/client-ecc384-req.pem -out ./certs/client-ecc384-cert.pem openssl x509 -in ./certs/client-ecc384-cert.pem -outform der -out ./certs/client-ecc384-cert.der -rm ./certs/client-ecc384-req.pem +rm ./certs/client-ecc384-req.pem rm ./certs/client-ecc384-key.par # Generate ECC Kerberos Keys if [ -f ./certs/ecc/secp256k1-key.pem ]; then - openssl ecparam -name secp256k1 -genkey -noout -out ./certs/ecc/secp256k1-key.pem - openssl ec -in ./certs/ecc/secp256k1-key.pem -inform PEM -out ./certs/ecc/secp256k1-key.der -outform DER + openssl ecparam -name secp256k1 -genkey -noout -out ./certs/ecc/secp256k1-key.pem + openssl ec -in ./certs/ecc/secp256k1-key.pem -inform PEM -out ./certs/ecc/secp256k1-key.der -outform DER fi # Create self-signed ECC Kerberos certificates openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/secp256k1-key.pem -out ./certs/ecc/server-secp256k1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256K1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" @@ -126,8 +126,8 @@ rm ./certs/ecc/client-secp256k1-req.pem # Generate ECC Brainpool Keys if [ -f ./certs/ecc/bp256r1-key.pem ]; then - openssl ecparam -name brainpoolP256r1 -genkey -noout -out ./certs/ecc/bp256r1-key.pem - openssl ec -in ./certs/ecc/bp256r1-key.pem -inform PEM -out ./certs/ecc/bp256r1-key.der -outform DER + openssl ecparam -name brainpoolP256r1 -genkey -noout -out ./certs/ecc/bp256r1-key.pem + openssl ec -in ./certs/ecc/bp256r1-key.pem -inform PEM -out ./certs/ecc/bp256r1-key.der -outform DER fi # Create self-signed ECC Brainpool certificates openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/bp256r1-key.pem -out ./certs/ecc/server-bp256r1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256BPR1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" @@ -143,7 +143,7 @@ rm ./certs/ecc/client-bp256r1-req.pem # update bad certificate with last byte in signature changed cp ./certs/server-ecc.der ./certs/test/server-cert-ecc-badsig.der -sed '$s/.$/W/' ./certs/test/server-cert-ecc-badsig.der >> ./certs/test/server-cert-ecc-badsig-altered.der +sed '$s/.$/W/' ./certs/test/server-cert-ecc-badsig.der >> ./certs/test/server-cert-ecc-badsig-altered.der mv ./certs/test/server-cert-ecc-badsig-altered.der ./certs/test/server-cert-ecc-badsig.der openssl x509 -inform der -in ./certs/test/server-cert-ecc-badsig.der -outform pem -out ./certs/test/server-cert-ecc-badsig.pem diff --git a/certs/gen_revoked.sh b/certs/gen_revoked.sh index 484f99428..dfb649110 100755 --- a/certs/gen_revoked.sh +++ b/certs/gen_revoked.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash ########################################################### ########## update and sign server-revoked-key.pem ################ diff --git a/certs/intermediate/genintcerts.sh b/certs/intermediate/genintcerts.sh index 5eb299a5b..21eecccc6 100755 --- a/certs/intermediate/genintcerts.sh +++ b/certs/intermediate/genintcerts.sh @@ -6,9 +6,9 @@ # RSA Server # ROOT: ./certs/ca-cert.pem # C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com) -# INTERMEDIATE: ./certs/intermediate/ca-int-cert.pem +# INTERMEDIATE: ./certs/intermediate/ca-int-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate CA/emailAddress=info@wolfssl.com -# INTERMEDIATE2: ./certs/intermediate/ca-int2-cert.pem +# INTERMEDIATE2: ./certs/intermediate/ca-int2-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate2 CA/emailAddress=info@wolfssl.com # SERVER: ./certs/intermediate/server-int-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Server Chain/emailAddress=info@wolfssl.com @@ -16,9 +16,9 @@ # RSA Client # ROOT: ./certs/ca-cert.pem # C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com) -# INTERMEDIATE: ./certs/intermediate/ca-int-cert.pem +# INTERMEDIATE: ./certs/intermediate/ca-int-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate CA/emailAddress=info@wolfssl.com -# INTERMEDIATE: ./certs/intermediate/ca-int2-cert.pem +# INTERMEDIATE: ./certs/intermediate/ca-int2-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate2 CA/emailAddress=info@wolfssl.com # CLIENT: ./certs/intermediate/client-int-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Client Chain/emailAddress=info@wolfssl.com @@ -26,9 +26,9 @@ # ECC Server # ROOT: ./certs/ca-ecc-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com -# INTERMEDIATE: ./certs/intermediate/ca-int-ecc-cert.pem +# INTERMEDIATE: ./certs/intermediate/ca-int-ecc-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate CA ECC/emailAddress=info@wolfssl.com -# INTERMEDIATE2: ./certs/intermediate/ca-int-ecc-cert.pem +# INTERMEDIATE2: ./certs/intermediate/ca-int-ecc-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate2 CA ECC/emailAddress=info@wolfssl.com # SERVER: ./certs/intermediate/server-int-ecc-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Server Chain ECC/emailAddress=info@wolfssl.com @@ -36,9 +36,9 @@ # ECC Client # ROOT: ./certs/ca-ecc-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com -# INTERMEDIATE: ./certs/intermediate/ca-int-ecc-cert.pem +# INTERMEDIATE: ./certs/intermediate/ca-int-ecc-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate CA ECC/emailAddress=info@wolfssl.com -# INTERMEDIATE2: ./certs/intermediate/ca-int2-ecc-cert.pem +# INTERMEDIATE2: ./certs/intermediate/ca-int2-ecc-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate2 CA ECC/emailAddress=info@wolfssl.com # CLIENT: ./certs/intermediate/client-int-ecc-cert.pem # C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Client Chain ECC/emailAddress=info@wolfssl.com @@ -203,7 +203,7 @@ fi # Make sure required CA files exist and are populated rm -f ./certs/intermediate/index.* -touch ./certs/intermediate/index.txt +touch ./certs/intermediate/index.txt if [ ! -f ./certs/intermediate/serial ]; then echo 1000 > ./certs/intermediate/serial fi diff --git a/certs/test-pathlen/assemble-chains.sh b/certs/test-pathlen/assemble-chains.sh index 8f8a067da..ff917cece 100755 --- a/certs/test-pathlen/assemble-chains.sh +++ b/certs/test-pathlen/assemble-chains.sh @@ -147,7 +147,7 @@ create_an_entity "chainJ" "chainJ-ICA1-no_pathlen.pem" "chainJ-ICA1-key.pem" ########################################################### # Success: PathLen of 0 ## chainA-ICA1-pathlen0.pem: signed by ca-cert.pem -## chainA-entity.pem: signed by chainA-ICA1-pathlen0.pem +## chainA-entity.pem: signed by chainA-ICA1-pathlen0.pem cat chainA-entity.pem chainA-ICA1-pathlen0.pem > chainA-assembled.pem # Success: PathLen of 1 diff --git a/certs/test/gen-testcerts.sh b/certs/test/gen-testcerts.sh index a3c42134f..264408942 100755 --- a/certs/test/gen-testcerts.sh +++ b/certs/test/gen-testcerts.sh @@ -54,16 +54,16 @@ build_test_cert_conf() { echo "" >> "$1".conf if [ -n "$3" ]; then echo "[ req_ext ]" >> "$1".conf - case "$3" in - *DER*) + case "$3" in + *DER*) echo "subjectAltName = $3" >> "$1".conf - ;; - *) + ;; + *) echo "subjectAltName = @alt_names" >> "$1".conf echo "[alt_names]" >> "$1".conf echo "DNS.1 = $3" >> "$1".conf - ;; - esac + ;; + esac fi } diff --git a/commit-tests.sh b/commit-tests.sh index e111f7ada..ab5b5010d 100755 --- a/commit-tests.sh +++ b/commit-tests.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash #commit-tests.sh diff --git a/pre-commit.sh b/pre-commit.sh index 9c76f4b30..a426d0d37 100755 --- a/pre-commit.sh +++ b/pre-commit.sh @@ -6,7 +6,7 @@ # save current config echo "\n\nSaving current config\n\n" cp config.status tmp.status -cp wolfssl/options.h tmp.options.h +cp wolfssl/options.h tmp.options.h # stash modified files, if any, that are not part of this commit, don't test # them @@ -35,7 +35,7 @@ echo "\nRestoring current config\n" mv tmp.status config.status # don't show output in case error from above ./config.status >/dev/null 2>&1 -mv tmp.options.h wolfssl/options.h +mv tmp.options.h wolfssl/options.h make clean >/dev/null 2>&1 make -j 8 >/dev/null 2>&1 diff --git a/pre-push.sh b/pre-push.sh index f53b27c23..2251bd33c 100755 --- a/pre-push.sh +++ b/pre-push.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # # # Our "pre-push" hook. diff --git a/scripts/crl-revoked.test b/scripts/crl-revoked.test index 483c62223..ba16db02e 100755 --- a/scripts/crl-revoked.test +++ b/scripts/crl-revoked.test @@ -143,7 +143,7 @@ run_hashdir_test() { fi ln -s ./crl/crl.pem "$crl_hash_name".r0 popd - + # starts the server on crl_port, -R generates ready file to be used as a # mutex lock, -c loads the revoked certificate. We capture the processid # into the variable server_pid @@ -159,11 +159,11 @@ run_hashdir_test() { # get created port 0 ephemeral port crl_port="$(cat "$ready_file")" - + # starts client on crl_port and captures the output from client capture_out=$(./examples/client/client -p $crl_port -9 2>&1) client_result=$? - + wait $server_pid server_result=$? @@ -183,7 +183,7 @@ run_hashdir_test() { echo "" exit_hash_dir_code=1 esac - + # clean up hashed cert and crl pushd ${CERT_DIR} rm "$ca_hash_name".0 @@ -213,4 +213,3 @@ run_test echo "exiting with $exit_code certificate was not revoked" exit $exit_code ########## end program ########## - diff --git a/scripts/external.test b/scripts/external.test index b794c73c2..a6a045ce1 100755 --- a/scripts/external.test +++ b/scripts/external.test @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # external.test @@ -16,16 +16,16 @@ if [ $? -ne 0 ]; then # cloudflare seems to change CAs quickly, disabled by default if test -n "$WOLFSSL_EXTERNAL_TEST"; then - BUILD_FLAGS="$(./examples/client/client '-#')" - if echo "$BUILD_FLAGS" | fgrep -q -e ' -DWOLFSSL_SNIFFER '; then - echo 'skipping WOLFSSL_EXTERNAL_TEST because -DWOLFSSL_SNIFFER configuration of build is incompatible.' - exit 0 - fi + BUILD_FLAGS="$(./examples/client/client '-#')" + if echo "$BUILD_FLAGS" | fgrep -q -e ' -DWOLFSSL_SNIFFER '; then + echo 'skipping WOLFSSL_EXTERNAL_TEST because -DWOLFSSL_SNIFFER configuration of build is incompatible.' + exit 0 + fi - if echo "$BUILD_FLAGS" | fgrep -v -q -e ' -DHAVE_ECC '; then - echo 'skipping WOLFSSL_EXTERNAL_TEST because -UHAVE_ECC configuration of build is incompatible.' - exit 0 - fi + if echo "$BUILD_FLAGS" | fgrep -v -q -e ' -DHAVE_ECC '; then + echo 'skipping WOLFSSL_EXTERNAL_TEST because -UHAVE_ECC configuration of build is incompatible.' + exit 0 + fi echo "WOLFSSL_EXTERNAL_TEST set, running test..." else diff --git a/scripts/google.test b/scripts/google.test index b55026a94..ef6af4208 100755 --- a/scripts/google.test +++ b/scripts/google.test @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # google.test diff --git a/scripts/memtest.sh b/scripts/memtest.sh index 7f3e99cf6..34e6b07df 100755 --- a/scripts/memtest.sh +++ b/scripts/memtest.sh @@ -4,21 +4,21 @@ ./autogen.sh ./configure --enable-debug --disable-shared --enable-memtest \ - --enable-opensslextra --enable-des3 --enable-dh --enable-ecc --enable-aesgcm --enable-aesccm \ - --enable-sniffer --enable-psk --enable-camellia --enable-sha512 --enable-crl --enable-ocsp --enable-savesession \ - --enable-savecert --enable-atomicuser --enable-pkcallbacks --enable-scep; + --enable-opensslextra --enable-des3 --enable-dh --enable-ecc --enable-aesgcm --enable-aesccm \ + --enable-sniffer --enable-psk --enable-camellia --enable-sha512 --enable-crl --enable-ocsp --enable-savesession \ + --enable-savecert --enable-atomicuser --enable-pkcallbacks --enable-scep; - #DTLS has issue with trapping client/server failure disconnect since its stateless. Need to find way to communicate failure through file system. - #--enable-dtls + #DTLS has issue with trapping client/server failure disconnect since its stateless. Need to find way to communicate failure through file system. + #--enable-dtls make for i in {1..1000} do echo "Trying $i...\n" - ./tests/unit.test > ./scripts/memtest.txt 2>&1 + ./tests/unit.test > ./scripts/memtest.txt 2>&1 - RESULT=$? - [ $RESULT -eq 139 ] && echo "Mem Seg Fault" && exit 1 + RESULT=$? + [ $RESULT -eq 139 ] && echo "Mem Seg Fault" && exit 1 done echo "Loop SUCCESS" diff --git a/scripts/ocsp-stapling-with-ca-as-responder.test b/scripts/ocsp-stapling-with-ca-as-responder.test index 6a8fbf5e1..8f6b29b7c 100755 --- a/scripts/ocsp-stapling-with-ca-as-responder.test +++ b/scripts/ocsp-stapling-with-ca-as-responder.test @@ -52,12 +52,12 @@ wait_for_readyFile(){ counter=0 while [ ! -s "$1" -a "$counter" -lt 20 ]; do - if [[ -n "${2-}" ]]; then - if ! kill -0 $2 2>&-; then - echo "pid $2 for port ${3-} exited before creating ready file. bailing..." - exit 1 - fi - fi + if [[ -n "${2-}" ]]; then + if ! kill -0 $2 2>&-; then + echo "pid $2 for port ${3-} exited before creating ready file. bailing..." + exit 1 + fi + fi echo -e "waiting for ready file..." sleep 0.1 counter=$((counter+ 1)) @@ -159,9 +159,9 @@ cleanup() rm -r "$WORKSPACE" || return 1 if [[ ("$exit_status" == 1) && ($RETRIES_REMAINING -gt 0) ]]; then - echo "retrying..." - RETRIES_REMAINING=$((RETRIES_REMAINING - 1)) - exec $0 "$@" + echo "retrying..." + RETRIES_REMAINING=$((RETRIES_REMAINING - 1)) + exec $0 "$@" fi } trap cleanup EXIT INT TERM HUP @@ -179,13 +179,13 @@ ca=certs/external/baltimore-cybertrust-root.pem get_first_free_port() { local ret="$1" while :; do - if [[ "$ret" -ge 65536 ]]; then - ret=1024 - fi - if ! nc -z 127.0.0.1 "$ret"; then - break - fi - ret=$((ret+1)) + if [[ "$ret" -ge 65536 ]]; then + ret=1024 + fi + if ! nc -z 127.0.0.1 "$ret"; then + break + fi + ret=$((ret+1)) done echo "$ret" return 0 diff --git a/scripts/ocsp-stapling.test b/scripts/ocsp-stapling.test index bf7cc2233..de5cef8d4 100755 --- a/scripts/ocsp-stapling.test +++ b/scripts/ocsp-stapling.test @@ -27,7 +27,7 @@ fi if ./examples/client/client '-#' | fgrep -q -e ' -DTEST_IPV6 '; then if [[ "$IPV6_SUPPORTED" == "no" ]]; then echo 'Skipping IPV6 test in environment lacking IPV6 support.' - exit 0 + exit 0 fi LOCALHOST='[::1]' LOCALHOST_FOR_NC='::1' @@ -69,12 +69,12 @@ wait_for_readyFile(){ counter=0 while [ ! -s "$1" -a "$counter" -lt 20 ]; do - if [[ -n "${2-}" ]]; then - if ! kill -0 $2 2>&-; then - echo "pid $2 for port ${3-} exited before creating ready file. bailing..." - exit 1 - fi - fi + if [[ -n "${2-}" ]]; then + if ! kill -0 $2 2>&-; then + echo "pid $2 for port ${3-} exited before creating ready file. bailing..." + exit 1 + fi + fi echo -e "waiting for ready file..." sleep 0.1 counter=$((counter+ 1)) @@ -175,9 +175,9 @@ cleanup() rm -r "$WORKSPACE" || return 1 if [[ ("$exit_status" == 1) && ($RETRIES_REMAINING -gt 0) ]]; then - echo "retrying..." - RETRIES_REMAINING=$((RETRIES_REMAINING - 1)) - exec $0 "$@" + echo "retrying..." + RETRIES_REMAINING=$((RETRIES_REMAINING - 1)) + exec $0 "$@" fi } trap cleanup EXIT INT TERM HUP @@ -207,13 +207,13 @@ fi get_first_free_port() { local ret="$1" while :; do - if [[ "$ret" -ge 65536 ]]; then - ret=1024 - fi - if ! nc -z $V4V6_FLAG $LOCALHOST_FOR_NC "$ret"; then - break - fi - ret=$((ret+1)) + if [[ "$ret" -ge 65536 ]]; then + ret=1024 + fi + if ! nc -z $V4V6_FLAG $LOCALHOST_FOR_NC "$ret"; then + break + fi + ret=$((ret+1)) done echo "$ret" return 0 diff --git a/scripts/ocsp-stapling2.test b/scripts/ocsp-stapling2.test index 93f33e6ca..33d07522a 100755 --- a/scripts/ocsp-stapling2.test +++ b/scripts/ocsp-stapling2.test @@ -35,7 +35,7 @@ fi if ./examples/client/client '-#' | fgrep -q -e ' -DTEST_IPV6 '; then if [[ "$IPV6_SUPPORTED" == "no" ]]; then echo 'Skipping IPV6 test in environment lacking IPV6 support.' - exit 0 + exit 0 fi LOCALHOST='[::1]' LOCALHOST_FOR_NC='-6 ::1' @@ -78,12 +78,12 @@ wait_for_readyFile(){ counter=0 while [ ! -s $1 -a "$counter" -lt 20 ]; do - if [[ -n "${2-}" ]]; then - if ! kill -0 $2 2>&-; then - echo "pid $2 for port ${3-} exited before creating ready file. bailing..." - exit 1 - fi - fi + if [[ -n "${2-}" ]]; then + if ! kill -0 $2 2>&-; then + echo "pid $2 for port ${3-} exited before creating ready file. bailing..." + exit 1 + fi + fi echo -e "waiting for ready file..." sleep 0.1 counter=$((counter+ 1)) @@ -196,9 +196,9 @@ cleanup() rm -r "$WORKSPACE" || return 1 if [[ ("$exit_status" == 1) && ($RETRIES_REMAINING -gt 0) ]]; then - echo "retrying..." - RETRIES_REMAINING=$((RETRIES_REMAINING - 1)) - exec $0 "$@" + echo "retrying..." + RETRIES_REMAINING=$((RETRIES_REMAINING - 1)) + exec $0 "$@" fi } trap cleanup EXIT INT TERM HUP @@ -226,13 +226,13 @@ fi get_first_free_port() { local ret="$1" while :; do - if [[ "$ret" -ge 65536 ]]; then - ret=1024 - fi - if ! nc -z ${LOCALHOST_FOR_NC} "$ret"; then - break - fi - ret=$((ret+1)) + if [[ "$ret" -ge 65536 ]]; then + ret=1024 + fi + if ! nc -z ${LOCALHOST_FOR_NC} "$ret"; then + break + fi + ret=$((ret+1)) done echo "$ret" return 0 diff --git a/scripts/ocsp.test b/scripts/ocsp.test index 325ef9e44..1058fe7e9 100755 --- a/scripts/ocsp.test +++ b/scripts/ocsp.test @@ -27,14 +27,14 @@ if [ "$OUTPUT" = "SNI is: ON" ]; then printf '\n\n%s\n\n' "SNI is on, proceed with globalsign test" if [ "$AM_BWRAPPED" != "yes" ]; then - # is our desired server there? - "${SCRIPT_DIR}/ping.test" $server 2 - RESULT=$? - if [ $RESULT -ne 0 ]; then + # is our desired server there? + "${SCRIPT_DIR}/ping.test" $server 2 + RESULT=$? + if [ $RESULT -ne 0 ]; then GL_UNREACHABLE=1 - fi + fi else - RESULT=0 + RESULT=0 fi if [ $RESULT -eq 0 ]; then diff --git a/scripts/openssl.test b/scripts/openssl.test index 179adc5d2..ea1fc7646 100755 --- a/scripts/openssl.test +++ b/scripts/openssl.test @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash #openssl.test diff --git a/scripts/ping.test b/scripts/ping.test index f1049d48e..c823492e3 100755 --- a/scripts/ping.test +++ b/scripts/ping.test @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # ping.test diff --git a/scripts/pkcallbacks.test b/scripts/pkcallbacks.test index 49095e179..c0ac1c364 100755 --- a/scripts/pkcallbacks.test +++ b/scripts/pkcallbacks.test @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash #pkcallbacks.test diff --git a/scripts/psk.test b/scripts/psk.test index 5444bcf43..5dc2e821c 100755 --- a/scripts/psk.test +++ b/scripts/psk.test @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # psk.test # copyright wolfSSL 2016 diff --git a/scripts/resume.test b/scripts/resume.test index 4aa4f3b09..a76202851 100755 --- a/scripts/resume.test +++ b/scripts/resume.test @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash #resume.test diff --git a/scripts/sniffer-testsuite.test b/scripts/sniffer-testsuite.test index d01bf6e8b..a3e596892 100755 --- a/scripts/sniffer-testsuite.test +++ b/scripts/sniffer-testsuite.test @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash #sniffer-testsuite.test diff --git a/scripts/sniffer-tls13-gen.sh b/scripts/sniffer-tls13-gen.sh index b3421a785..ab680239c 100755 --- a/scripts/sniffer-tls13-gen.sh +++ b/scripts/sniffer-tls13-gen.sh @@ -62,7 +62,7 @@ fi # Run ./scripts/sniffer-tls13-gen.sh hrr if [ "$1" == "hrr" ]; then - # TLS v1.3 Hello Retry Request + # TLS v1.3 Hello Retry Request ./examples/server/server -v 4 -i -x -g & sleep 0.1 diff --git a/scripts/tls13.test b/scripts/tls13.test index 099e1513c..71dadb144 100755 --- a/scripts/tls13.test +++ b/scripts/tls13.test @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # tls13.test # Copyright wolfSSL 2016-2021 @@ -138,9 +138,9 @@ fi do_cleanup echo "" -cat ./wolfssl/options.h | grep -F -e 'NO_CERTS' +grep -F -e 'NO_CERTS' ./wolfssl/options.h NO_CERTS=$? -cat ./wolfssl/options.h | grep -F -e 'WOLFSSL_NO_CLIENT_AUTH' +grep -F -e 'WOLFSSL_NO_CLIENT_AUTH' ./wolfssl/options.h NO_CLIENT_AUTH=$? if [ $NO_CERTS -ne 0 -a $NO_CLIENT_AUTH -ne 0 ]; then # TLS 1.3 mutual auth required but client doesn't send certificates. @@ -312,4 +312,3 @@ do_cleanup echo -e "\nALL Tests Passed" exit 0 - diff --git a/scripts/unit.test.in b/scripts/unit.test.in index e954e75a6..8e5e4f02f 100644 --- a/scripts/unit.test.in +++ b/scripts/unit.test.in @@ -3,10 +3,10 @@ if [ "${AM_BWRAPPED-}" != "yes" ]; then bwrap_path="$(command -v bwrap)" if [ -n "$bwrap_path" ]; then - exec "$bwrap_path" --unshare-net --dev-bind / / "@builddir@/tests/unit.test" "$@" + exec "$bwrap_path" --unshare-net --dev-bind / / "@builddir@/tests/unit.test" "$@" else - exec "@builddir@/tests/unit.test" "$@" + exec "@builddir@/tests/unit.test" "$@" fi else - exec "@builddir@/tests/unit.test" "$@" + exec "@builddir@/tests/unit.test" "$@" fi diff --git a/src/ssl.c b/src/ssl.c index 9a95704ed..a8063ddd8 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -17573,7 +17573,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) rd->flags |= WOLFSSL_BIO_FLAG_READ; if (wr && !(wr->flags & WOLFSSL_BIO_FLAG_WRITE)) wr->flags |= WOLFSSL_BIO_FLAG_WRITE; - + ssl->biord = rd; ssl->biowr = wr; diff --git a/wrapper/python/wolfssl/.ubuntu-provisioner.sh b/wrapper/python/wolfssl/.ubuntu-provisioner.sh index 23e4683e1..b446427fe 100644 --- a/wrapper/python/wolfssl/.ubuntu-provisioner.sh +++ b/wrapper/python/wolfssl/.ubuntu-provisioner.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash [ "$(whoami)" != "root" ] && echo "Sorry, you are not root." && exit 1