security/nss/tests/iopr/ssl_iopr.sh@b8a032363ba2
security/nss/tests/iopr/ssl_iopr.sh
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rw-r--r--
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
1 #! /bin/bash
2 #
3 # This Source Code Form is subject to the terms of the Mozilla Public
4 # License, v. 2.0. If a copy of the MPL was not distributed with this
5 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
7 ########################################################################
8 #
9 # mozilla/security/nss/tests/iopr/ssl_iopr.sh
10 #
11 # NSS SSL interoperability QA. This file is included from ssl.sh
12 #
13 # needs to work on all Unix and Windows platforms
14 #
15 # special strings
16 # ---------------
17 # FIXME ... known problems, search for this string
18 # NOTE .... unexpected behavior
19 ########################################################################
20 IOPR_SSL_SOURCED=1
22 ########################################################################
23 # The functions works with variables defined in interoperability
24 # configuration file that was downloaded from a webserver.
25 # It tries to find unrevoked cert based on value of variable
26 # "SslClntValidCertName" defined in the configuration file.
27 # Params NONE.
28 # Returns 0 if found, 1 otherwise.
29 #
30 setValidCert() {
31 testUser=$SslClntValidCertName
32 [ -z "$testUser" ] && return 1
33 return 0
34 }
36 ########################################################################
37 # The funtions works with variables defined in interoperability
38 # configuration file that was downloaded from a webserver.
39 # The function sets port, url, param and description test parameters
40 # that was defind for a particular type of testing.
41 # Params:
42 # $1 - supported types of testing. Currently have maximum
43 # of two: forward and reverse. But more can be defined.
44 # No return value
45 #
46 setTestParam() {
47 type=$1
48 sslPort=`eval 'echo $'${type}Port`
49 sslUrl=`eval 'echo $'${type}Url`
50 testParam=`eval 'echo $'${type}Param`
51 testDescription=`eval 'echo $'${type}Descr`
52 [ -z "$sslPort" ] && sslPort=443
53 [ -z "$sslUrl" ] && sslUrl="/iopr_test/test_pg.html"
54 [ "$sslUrl" = "/" ] && sslUrl="/test_pg.html"
55 }
58 #######################################################################
59 # local shell function to perform SSL Cipher Suite Coverage tests
60 # in interoperability mode. Tests run against web server by using nss
61 # test client
62 # Params:
63 # $1 - supported type of testing.
64 # $2 - testing host
65 # $3 - nss db location
66 # No return value
67 #
68 ssl_iopr_cov_ext_server()
69 {
70 testType=$1
71 host=$2
72 dbDir=$3
74 setTestParam $testType
75 if [ "`echo $testParam | grep NOCOV`" != "" ]; then
76 echo "SSL Cipher Coverage of WebServ($IOPR_HOSTADDR) excluded from " \
77 "run by server configuration"
78 return 0
79 fi
81 html_head "SSL Cipher Coverage of WebServ($IOPR_HOSTADDR" \
82 "$BYPASS_STRING $NORM_EXT): $testDescription"
84 setValidCert; ret=$?
85 if [ $ret -ne 0 ]; then
86 html_failed "Fail to find valid test cert(ws: $host)"
87 return $ret
88 fi
90 SSL_REQ_FILE=${TMP}/sslreq.dat.$$
91 echo "GET $sslUrl HTTP/1.0" > $SSL_REQ_FILE
92 echo >> $SSL_REQ_FILE
94 while read ecc tls param testname therest; do
95 [ -z "$ecc" -o "$ecc" = "#" -o "`echo $testname | grep FIPS`" -o \
96 "$ecc" = "ECC" ] && continue;
98 echo "$SCRIPTNAME: running $testname ----------------------------"
99 TLS_FLAG=-T
100 if [ "$tls" = "TLS" ]; then
101 TLS_FLAG=""
102 fi
104 resFile=${TMP}/$HOST.tmpRes.$$
105 rm $resFile 2>/dev/null
107 echo "tstclnt -p ${sslPort} -h ${host} -c ${param} ${TLS_FLAG} \\"
108 echo " -n $testUser -v -w nss ${CLIEN_OPTIONS} -f \\"
109 echo " -d ${dbDir} < ${SSL_REQ_FILE} > $resFile"
111 ${BINDIR}/tstclnt -p ${sslPort} -h ${host} -c ${param} \
112 ${TLS_FLAG} ${CLIEN_OPTIONS} -f -n $testUser -v -w nss \
113 -d ${dbDir} < ${SSL_REQ_FILE} >$resFile 2>&1
114 ret=$?
115 grep "ACCESS=OK" $resFile
116 test $? -eq 0 -a $ret -eq 0
117 ret=$?
118 [ $ret -ne 0 ] && cat $resFile
119 rm -f $resFile 2>/dev/null
120 html_msg $ret 0 "${testname}"
121 done < ${SSLCOV}
122 rm -f $SSL_REQ_FILE 2>/dev/null
124 html "</TABLE><BR>"
125 }
127 #######################################################################
128 # local shell function to perform SSL Client Authentication tests
129 # in interoperability mode. Tests run against web server by using nss
130 # test client
131 # Params:
132 # $1 - supported type of testing.
133 # $2 - testing host
134 # $3 - nss db location
135 # No return value
136 #
137 ssl_iopr_auth_ext_server()
138 {
139 testType=$1
140 host=$2
141 dbDir=$3
143 setTestParam $testType
144 if [ "`echo $testParam | grep NOAUTH`" != "" ]; then
145 echo "SSL Client Authentication WebServ($IOPR_HOSTADDR) excluded from " \
146 "run by server configuration"
147 return 0
148 fi
150 html_head "SSL Client Authentication WebServ($IOPR_HOSTADDR $BYPASS_STRING $NORM_EXT):
151 $testDescription"
153 setValidCert;ret=$?
154 if [ $ret -ne 0 ]; then
155 html_failed "Fail to find valid test cert(ws: $host)"
156 return $ret
157 fi
159 SSL_REQ_FILE=${TMP}/sslreq.dat.$$
160 echo "GET $sslUrl HTTP/1.0" > $SSL_REQ_FILE
161 echo >> $SSL_REQ_FILE
163 SSLAUTH_TMP=${TMP}/authin.tl.tmp
164 grep -v "^#" ${SSLAUTH} | grep -- "-r_-r_-r_-r" > ${SSLAUTH_TMP}
166 while read ecc value sparam cparam testname; do
167 [ -z "$ecc" -o "$ecc" = "#" -o "$ecc" = "ECC" ] && continue;
169 cparam=`echo $cparam | sed -e 's;_; ;g' -e "s/TestUser/$testUser/g" `
171 echo "tstclnt -p ${sslPort} -h ${host} ${CLIEN_OPTIONS} -f ${cparam} \\"
172 echo " -d ${dbDir} -v < ${SSL_REQ_FILE}"
174 resFile=${TMP}/$HOST.tmp.$$
175 rm $rsFile 2>/dev/null
177 ${BINDIR}/tstclnt -p ${sslPort} -h ${host} ${CLIEN_OPTIONS} -f ${cparam} \
178 -d ${dbDir} -v < ${SSL_REQ_FILE} >$resFile 2>&1
179 ret=$?
180 grep "ACCESS=OK" $resFile
181 test $? -eq 0 -a $ret -eq 0
182 ret=$?
183 [ $ret -ne 0 ] && cat $resFile
184 rm $resFile 2>/dev/null
186 html_msg $ret $value "${testname}. Client params: $cparam"\
187 "produced a returncode of $ret, expected is $value"
188 done < ${SSLAUTH_TMP}
189 rm -f ${SSLAUTH_TMP} ${SSL_REQ_FILE}
191 html "</TABLE><BR>"
192 }
194 ########################################################################
195 # local shell function to perform SSL interoperability test with/out
196 # revoked certs tests. Tests run against web server by using nss
197 # test client
198 # Params:
199 # $1 - supported type of testing.
200 # $2 - testing host
201 # $3 - nss db location
202 # No return value
203 #
204 ssl_iopr_crl_ext_server()
205 {
206 testType=$1
207 host=$2
208 dbDir=$3
210 setTestParam $testType
211 if [ "`echo $testParam | grep NOCRL`" != "" ]; then
212 echo "CRL SSL Client Tests of WebServerv($IOPR_HOSTADDR) excluded from " \
213 "run by server configuration"
214 return 0
215 fi
217 html_head "CRL SSL Client Tests of WebServer($IOPR_HOSTADDR $BYPASS_STRING $NORM_EXT): $testDescription"
219 SSL_REQ_FILE=${TMP}/sslreq.dat.$$
220 echo "GET $sslUrl HTTP/1.0" > $SSL_REQ_FILE
221 echo >> $SSL_REQ_FILE
223 SSLAUTH_TMP=${TMP}/authin.tl.tmp
224 grep -v "^#" ${SSLAUTH} | grep -- "-r_-r_-r_-r" | grep -v bogus | \
225 grep -v none > ${SSLAUTH_TMP}
227 while read ecc value sparam _cparam testname; do
228 [ -z "$ecc" -o "$ecc" = "#" -o "$ecc" = "ECC" ] && continue;
230 rev_modvalue=254
231 for testUser in $SslClntValidCertName $SslClntRevokedCertName; do
232 cparam=`echo $_cparam | sed -e 's;_; ;g' -e "s/TestUser/$testUser/g" `
234 echo "tstclnt -p ${sslPort} -h ${host} ${CLIEN_OPTIONS} \\"
235 echo " -f -d ${dbDir} -v ${cparam} < ${SSL_REQ_FILE}"
236 resFile=${TMP}/$HOST.tmp.$$
237 rm -f $resFile 2>/dev/null
238 ${BINDIR}/tstclnt -p ${sslPort} -h ${host} ${CLIEN_OPTIONS} -f ${cparam} \
239 -d ${dbDir} -v < ${SSL_REQ_FILE} \
240 > $resFile 2>&1
241 ret=$?
242 grep "ACCESS=OK" $resFile
243 test $? -eq 0 -a $ret -eq 0
244 ret=$?
245 [ $ret -ne 0 ] && ret=$rev_modvalue;
246 [ $ret -ne 0 ] && cat $resFile
247 rm -f $resFile 2>/dev/null
249 if [ "`echo $SslClntRevokedCertName | grep $testUser`" != "" ]; then
250 modvalue=$rev_modvalue
251 testAddMsg="revoked"
252 else
253 testAddMsg="not revoked"
254 modvalue=$value
255 fi
256 html_msg $ret $modvalue "${testname} (cert ${testUser} - $testAddMsg)" \
257 "produced a returncode of $ret, expected is $modvalue"
258 done
259 done < ${SSLAUTH_TMP}
260 rm -f ${SSLAUTH_TMP} ${SSL_REQ_FILE}
262 html "</TABLE><BR>"
263 }
266 ########################################################################
267 # local shell function to perform SSL Cipher Coverage tests of nss server
268 # by invoking remote test client on web server side.
269 # Invoked only if reverse testing is supported by web server.
270 # Params:
271 # $1 - remote web server host
272 # $2 - open port to connect to invoke CGI script
273 # $3 - host where selfserv is running(name of the host nss tests
274 # are running)
275 # $4 - port where selfserv is running
276 # $5 - selfserv nss db location
277 # No return value
278 #
279 ssl_iopr_cov_ext_client()
280 {
281 host=$1
282 port=$2
283 sslHost=$3
284 sslPort=$4
285 serDbDir=$5
287 html_head "SSL Cipher Coverage of SelfServ $IOPR_HOSTADDR. $BYPASS_STRING $NORM_EXT"
289 setValidCert
290 ret=$?
291 if [ $res -ne 0 ]; then
292 html_failed "Fail to find valid test cert(ws: $host)"
293 return $ret
294 fi
296 # P_R_SERVERDIR switch require for selfserv to work.
297 # Will be restored after test
298 OR_P_R_SERVERDIR=$P_R_SERVERDIR
299 P_R_SERVERDIR=$serDbDir
300 OR_P_R_CLIENTDIR=$P_R_CLIENTDIR
301 P_R_CLIENTDIR=$serDbDir
302 testname=""
303 sparam="-vvvc ABCDEFcdefgijklmnvyz"
304 # Launch the server
305 start_selfserv
307 while read ecc tls param cipher therest; do
308 [ -z "$ecc" -o "$ecc" = "#" -o "$ecc" = "ECC" ] && continue;
309 echo "============= Beginning of the test ===================="
310 echo
312 is_selfserv_alive
314 TEST_IN=${TMP}/${HOST}_IN.tmp.$$
315 TEST_OUT=${TMP}/$HOST.tmp.$$
316 rm -f $TEST_IN $TEST_OUT 2>/dev/null
318 echo "GET $reverseRunCGIScript?host=$sslHost&port=$sslPort&cert=$testUser&cipher=$cipher HTTP/1.0" > $TEST_IN
319 echo >> $TEST_IN
321 echo "------- Request ----------------------"
322 cat $TEST_IN
323 echo "------- Command ----------------------"
324 echo tstclnt -d $serDbDir -v -w ${R_PWFILE} -o -p $port \
325 -h $host \< $TEST_IN \>\> $TEST_OUT
327 ${BINDIR}/tstclnt -d $serDbDir -v -w ${R_PWFILE} -o -p $port \
328 -h $host <$TEST_IN > $TEST_OUT
330 echo "------- Server output Begin ----------"
331 cat $TEST_OUT
332 echo "------- Server output End ----------"
334 echo "Checking for errors in log file..."
335 grep "SCRIPT=OK" $TEST_OUT 2>&1 >/dev/null
336 if [ $? -eq 0 ]; then
337 grep "cipher is not supported" $TEST_OUT 2>&1 >/dev/null
338 if [ $? -eq 0 ]; then
339 echo "Skiping test: no support for the cipher $cipher on server side"
340 continue
341 fi
343 grep -i "SERVER ERROR:" $TEST_OUT
344 ret=$?
345 if [ $ret -eq 0 ]; then
346 echo "Found problems. Reseting exit code to failure."
348 ret=1
349 else
350 ret=0
351 fi
352 else
353 echo "Script was not executed. Reseting exit code to failure."
354 ret=11
355 fi
357 html_msg $ret 0 "Test ${cipher}. Server params: $sparam " \
358 " produced a returncode of $ret, expected is 0"
359 rm -f $TEST_OUT $TEST_IN 2>&1 > /dev/null
360 done < ${SSLCOV}
361 kill_selfserv
363 P_R_SERVERDIR=$OR_P_R_SERVERDIR
364 P_R_CLIENTDIR=$OR_P_R_CLIENTDIR
366 rm -f ${TEST_IN} ${TEST_OUT}
367 html "</TABLE><BR>"
368 }
370 ########################################################################
371 # local shell function to perform SSL Authentication tests of nss server
372 # by invoking remove test client on web server side
373 # Invoked only if reverse testing is supported by web server.
374 # Params:
375 # $1 - remote web server host
376 # $2 - open port to connect to invoke CGI script
377 # $3 - host where selfserv is running(name of the host nss tests
378 # are running)
379 # $4 - port where selfserv is running
380 # $5 - selfserv nss db location
381 # No return value
382 #
383 ssl_iopr_auth_ext_client()
384 {
385 host=$1
386 port=$2
387 sslHost=$3
388 sslPort=$4
389 serDbDir=$5
391 html_head "SSL Client Authentication with Selfserv from $IOPR_HOSTADDR. $BYPASS_STRING $NORM_EXT"
393 setValidCert
394 ret=$?
395 if [ $res -ne 0 ]; then
396 html_failed "Fail to find valid test cert(ws: $host)"
397 return $ret
398 fi
400 OR_P_R_SERVERDIR=$P_R_SERVERDIR
401 P_R_SERVERDIR=${serDbDir}
402 OR_P_R_CLIENTDIR=$P_R_CLIENTDIR
403 P_R_CLIENTDIR=${serDbDir}
405 SSLAUTH_TMP=${TMP}/authin.tl.tmp
407 grep -v "^#" $SSLAUTH | grep "\s*0\s*" > ${SSLAUTH_TMP}
409 while read ecc value sparam cparam testname; do
410 [ -z "$ecc" -o "$ecc" = "#" -o "$ecc" = "ECC" ] && continue;
412 echo "Server params: $sparam"
413 sparam=$sparam" -vvvc ABCDEFcdefgijklmnvyz"
414 start_selfserv
416 TEST_IN=${TMP}/$HOST_IN.tmp.$$
417 TEST_OUT=${TMP}/$HOST.tmp.$$
418 rm -f $TEST_IN $TEST_OUT 2>/dev/null
420 echo "GET $reverseRunCGIScript?host=$sslHost&port=$sslPort&cert=$testUser HTTP/1.0" > $TEST_IN
421 echo >> $TEST_IN
423 echo "------- Request ----------------------"
424 cat $TEST_IN
425 echo "------- Command ----------------------"
426 echo tstclnt -d $serDbDir -v -w ${R_PWFILE} -o -p $port \
427 -h $host \< $TEST_IN \>\> $TEST_OUT
429 ${BINDIR}/tstclnt -d $serDbDir -v -w ${R_PWFILE} -o -p $port \
430 -h $host <$TEST_IN > $TEST_OUT
432 echo "------- Server output Begin ----------"
433 cat $TEST_OUT
434 echo "------- Server output End ----------"
436 echo "Checking for errors in log file..."
437 grep "SCRIPT=OK" $TEST_OUT 2>&1 >/dev/null
438 if [ $? -eq 0 ]; then
439 echo "Checking for error in log file..."
440 grep -i "SERVER ERROR:" $TEST_OUT
441 ret=$?
442 if [ $ret -eq 0 ]; then
443 echo "Found problems. Reseting exit code to failure."
444 ret=1
445 else
446 ret=0
447 fi
448 else
449 echo "Script was not executed. Reseting exit code to failure."
450 ret=11
451 fi
453 html_msg $ret $value "${testname}. Server params: $sparam"\
454 "produced a returncode of $ret, expected is $value"
455 kill_selfserv
456 rm -f $TEST_OUT $TEST_IN 2>&1 > /dev/null
457 done < ${SSLAUTH_TMP}
459 P_R_SERVERDIR=$OR_P_R_SERVERDIR
460 P_R_CLIENTDIR=$OR_P_R_CLIENTDIR
462 rm -f ${SSLAUTH_TMP} ${TEST_IN} ${TEST_OUT}
463 html "</TABLE><BR>"
464 }
466 #########################################################################
467 # local shell function to perform SSL CRL testing of nss server
468 # by invoking remote test client on web server side
469 # Invoked only if reverse testing is supported by web server.
470 # Params:
471 # $1 - remote web server host
472 # $2 - open port to connect to invoke CGI script
473 # $3 - host where selfserv is running(name of the host nss tests
474 # are running)
475 # $4 - port where selfserv is running
476 # $5 - selfserv nss db location
477 # No return value
478 #
479 ssl_iopr_crl_ext_client()
480 {
481 host=$1
482 port=$2
483 sslHost=$3
484 sslPort=$4
485 serDbDir=$5
487 html_head "CRL SSL Selfserv Tests from $IOPR_HOSTADDR. $BYPASS_STRING $NORM_EXT"
489 OR_P_R_SERVERDIR=$P_R_SERVERDIR
490 P_R_SERVERDIR=${serDbDir}
491 OR_P_R_CLIENTDIR=$P_R_CLIENTDIR
492 P_R_CLIENTDIR=$serDbDir
494 SSLAUTH_TMP=${TMP}/authin.tl.tmp
495 grep -v "^#" $SSLAUTH | grep "\s*0\s*" > ${SSLAUTH_TMP}
497 while read ecc value sparam _cparam testname; do
498 [ -z "$ecc" -o "$ecc" = "#" -o "$ecc" = "ECC" ] && continue;
499 sparam="$sparam -vvvc ABCDEFcdefgijklmnvyz"
500 start_selfserv
502 for testUser in $SslClntValidCertName $SslClntRevokedCertName; do
504 is_selfserv_alive
506 TEST_IN=${TMP}/${HOST}_IN.tmp.$$
507 TEST_OUT=${TMP}/$HOST.tmp.$$
508 rm -f $TEST_IN $TEST_OUT 2>/dev/null
510 echo "GET $reverseRunCGIScript?host=$sslHost&port=$sslPort&cert=$testUser HTTP/1.0" > $TEST_IN
511 echo >> $TEST_IN
513 echo "------- Request ----------------------"
514 cat $TEST_IN
515 echo "------- Command ----------------------"
516 echo tstclnt -d $serDbDir -v -w ${R_PWFILE} -o -p $port \
517 -h ${host} \< $TEST_IN \>\> $TEST_OUT
519 ${BINDIR}/tstclnt -d $serDbDir -v -w ${R_PWFILE} -o -p $port \
520 -h ${host} <$TEST_IN > $TEST_OUT
521 echo "------- Request ----------------------"
522 cat $TEST_IN
523 echo "------- Server output Begin ----------"
524 cat $TEST_OUT
525 echo "------- Server output End ----------"
527 echo "Checking for errors in log file..."
528 grep "SCRIPT=OK" $TEST_OUT 2>&1 >/dev/null
529 if [ $? -eq 0 ]; then
530 grep -i "SERVER ERROR:" $TEST_OUT
531 ret=$?
532 if [ $ret -eq 0 ]; then
533 echo "Found problems. Reseting exit code to failure."
534 ret=1
535 else
536 ret=0
537 fi
538 else
539 echo "Script was not executed. Reseting exit code to failure."
540 ret=11
541 fi
543 if [ "`echo $SslClntRevokedCertName | grep $testUser`" != "" ]; then
544 modvalue=1
545 testAddMsg="revoked"
546 else
547 testAddMsg="not revoked"
548 modvalue=0
549 fi
551 html_msg $ret $modvalue "${testname} (cert ${testUser} - $testAddMsg)" \
552 "produced a returncode of $ret, expected is $modvalue(selfserv args: $sparam)"
553 rm -f $TEST_OUT $TEST_IN 2>&1 > /dev/null
554 done
555 kill_selfserv
556 done < ${SSLAUTH_TMP}
558 P_R_SERVERDIR=$OR_P_R_SERVERDIR
559 P_R_CLIENTDIR=$OR_P_R_CLIENTDIR
561 rm -f ${SSLAUTH_TMP}
562 html "</TABLE><BR>"
563 }
565 #####################################################################
566 # Initial point for running ssl test againt multiple hosts involved in
567 # interoperability testing. Called from nss/tests/ssl/ssl.sh
568 # It will only proceed with test run for a specific host if environment variable
569 # IOPR_HOSTADDR_LIST was set, had the host name in the list
570 # and all needed file were successfully downloaded and installed for the host.
571 #
572 # Returns 1 if interoperability testing is off, 0 otherwise.
573 #
574 ssl_iopr_run() {
575 if [ "$IOPR" -ne 1 ]; then
576 return 1
577 fi
578 cd ${CLIENTDIR}
580 ORIG_ECC_CERT=${NO_ECC_CERTS}
581 NO_ECC_CERTS=1 # disable ECC for interoperability tests
583 NSS_SSL_ENABLE_RENEGOTIATION=u
584 export NSS_SSL_ENABLE_RENEGOTIATION
586 num=1
587 IOPR_HOST_PARAM=`echo "${IOPR_HOSTADDR_LIST} " | cut -f $num -d' '`
588 while [ "$IOPR_HOST_PARAM" ]; do
589 IOPR_HOSTADDR=`echo $IOPR_HOST_PARAM | cut -f 1 -d':'`
590 IOPR_OPEN_PORT=`echo "$IOPR_HOST_PARAM:" | cut -f 2 -d':'`
591 [ -z "$IOPR_OPEN_PORT" ] && IOPR_OPEN_PORT=443
593 . ${IOPR_CADIR}_${IOPR_HOSTADDR}/iopr_server.cfg
594 RES=$?
596 if [ $RES -ne 0 -o X`echo "$wsFlags" | grep NOIOPR` != X ]; then
597 num=`expr $num + 1`
598 IOPR_HOST_PARAM=`echo "${IOPR_HOSTADDR_LIST} " | cut -f $num -d' '`
599 continue
600 fi
602 #=======================================================
603 # Check if server is capable to run ssl tests
604 #
605 [ -z "`echo ${supportedTests_new} | grep -i ssl`" ] && continue;
607 # Testing directories defined by webserver.
608 echo "Testing ssl interoperability.
609 Client: local(tstclnt).
610 Server: remote($IOPR_HOSTADDR:$IOPR_OPEN_PORT)"
612 for sslTestType in ${supportedTests_new}; do
613 if [ -z "`echo $sslTestType | grep -i ssl`" ]; then
614 continue
615 fi
616 ssl_iopr_cov_ext_server $sslTestType ${IOPR_HOSTADDR} \
617 ${IOPR_SSL_CLIENTDIR}_${IOPR_HOSTADDR}
618 ssl_iopr_auth_ext_server $sslTestType ${IOPR_HOSTADDR} \
619 ${IOPR_SSL_CLIENTDIR}_${IOPR_HOSTADDR}
620 ssl_iopr_crl_ext_server $sslTestType ${IOPR_HOSTADDR} \
621 ${IOPR_SSL_CLIENTDIR}_${IOPR_HOSTADDR}
622 done
625 # Testing selfserv with client located at the webserver.
626 echo "Testing ssl interoperability.
627 Client: remote($IOPR_HOSTADDR:$PORT)
628 Server: local(selfserv)"
629 ssl_iopr_cov_ext_client ${IOPR_HOSTADDR} ${IOPR_OPEN_PORT} \
630 ${HOSTADDR} ${PORT} ${R_IOPR_SSL_SERVERDIR}_${IOPR_HOSTADDR}
631 ssl_iopr_auth_ext_client ${IOPR_HOSTADDR} ${IOPR_OPEN_PORT} \
632 ${HOSTADDR} ${PORT} ${R_IOPR_SSL_SERVERDIR}_${IOPR_HOSTADDR}
633 ssl_iopr_crl_ext_client ${IOPR_HOSTADDR} ${IOPR_OPEN_PORT} \
634 ${HOSTADDR} ${PORT} ${R_IOPR_SSL_SERVERDIR}_${IOPR_HOSTADDR}
635 echo "================================================"
636 echo "Done testing interoperability with $IOPR_HOSTADDR"
637 num=`expr $num + 1`
638 IOPR_HOST_PARAM=`echo "${IOPR_HOSTADDR_LIST} " | cut -f $num -d' '`
639 done
640 NO_ECC_CERTS=${ORIG_ECC_CERTS}
641 return 0
642 }
