wolfssl-w32/scripts/external.test

#!/bin/bash

# external.test

SCRIPT_DIR="$(dirname "$0")"

server=www.wolfssl.com
ca=./certs/wolfssl-website-ca.pem

[ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1

# www.wolfssl.com isn't using RFC 8446 yet but the draft instead.
if ! ./examples/client/client -V | grep -q 3; then
    echo 'skipping external.test because TLS1.2 is not available.' 1>&2
    exit 77
fi

# cloudflare seems to change CAs quickly, disabled by default
if test -n "$WOLFSSL_EXTERNAL_TEST"; then

    BUILD_FLAGS="$(./examples/client/client '-#')"
    if echo "$BUILD_FLAGS" | fgrep -q -e ' -DWOLFSSL_SNIFFER '; then
        echo 'skipping WOLFSSL_EXTERNAL_TEST because -DWOLFSSL_SNIFFER configuration of build is incompatible.'
        exit 77
    fi

    if echo "$BUILD_FLAGS" | fgrep -v -q -e ' -DHAVE_ECC '; then
        echo 'skipping WOLFSSL_EXTERNAL_TEST because -UHAVE_ECC configuration of build is incompatible.'
        exit 77
    fi

    echo "WOLFSSL_EXTERNAL_TEST set, running test..."
else
    echo "WOLFSSL_EXTERNAL_TEST NOT set, won't run"
    exit 77
fi

# is our desired server there?
"${SCRIPT_DIR}"/ping.test $server 2
RESULT=$?
[ $RESULT -ne 0 ] && exit 0

# client test against the server
./examples/client/client -X -C -h $server -p 443 -g -A $ca
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1

# test again, but using system CA certs to verify the server if support is enabled.
# We don't want to use --sys-ca-certs with static memory, as we don't know how
# much memory will be required to store an unbounded number of certs
BUILD_FLAGS="$(./examples/client/client '-#')"
if echo "$BUILD_FLAGS" | grep -q "WOLFSSL_SYS_CA_CERTS" && ! echo "$BUILD_FLAGS" | grep -q "WOLFSSL_STATIC_MEMORY"; then
    echo -e "\nConnecting using WOLFSSL_SYS_CA_CERTS..."
    ./examples/client/client -X -C -h $server -p 443 -g --sys-ca-certs
    RESULT=$?
    [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed when using WOLFSSL_SYS_CA_CERTS" && exit 1
fi

exit 0
Import from wolfssl-5.6.6 Upstream: https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.6-stable 2024-03-02 03:59:08 +00:00			`#!/bin/bash`

			`# external.test`

			`SCRIPT_DIR="$(dirname "$0")"`

			`server=www.wolfssl.com`
			`ca=./certs/wolfssl-website-ca.pem`

			`[ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1`

			`# www.wolfssl.com isn't using RFC 8446 yet but the draft instead.`
			`if ! ./examples/client/client -V \| grep -q 3; then`
			`echo 'skipping external.test because TLS1.2 is not available.' 1>&2`
			`exit 77`
			`fi`

			`# cloudflare seems to change CAs quickly, disabled by default`
			`if test -n "$WOLFSSL_EXTERNAL_TEST"; then`

			`BUILD_FLAGS="$(./examples/client/client '-#')"`
			`if echo "$BUILD_FLAGS" \| fgrep -q -e ' -DWOLFSSL_SNIFFER '; then`
			`echo 'skipping WOLFSSL_EXTERNAL_TEST because -DWOLFSSL_SNIFFER configuration of build is incompatible.'`
			`exit 77`
			`fi`

			`if echo "$BUILD_FLAGS" \| fgrep -v -q -e ' -DHAVE_ECC '; then`
			`echo 'skipping WOLFSSL_EXTERNAL_TEST because -UHAVE_ECC configuration of build is incompatible.'`
			`exit 77`
			`fi`

			`echo "WOLFSSL_EXTERNAL_TEST set, running test..."`
			`else`
			`echo "WOLFSSL_EXTERNAL_TEST NOT set, won't run"`
			`exit 77`
			`fi`

			`# is our desired server there?`
			`"${SCRIPT_DIR}"/ping.test $server 2`
			`RESULT=$?`
			`[ $RESULT -ne 0 ] && exit 0`

			`# client test against the server`
			`./examples/client/client -X -C -h $server -p 443 -g -A $ca`
			`RESULT=$?`
			`[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1`

			`# test again, but using system CA certs to verify the server if support is enabled.`
			`# We don't want to use --sys-ca-certs with static memory, as we don't know how`
			`# much memory will be required to store an unbounded number of certs`
			`BUILD_FLAGS="$(./examples/client/client '-#')"`
			`if echo "$BUILD_FLAGS" \| grep -q "WOLFSSL_SYS_CA_CERTS" && ! echo "$BUILD_FLAGS" \| grep -q "WOLFSSL_STATIC_MEMORY"; then`
			`echo -e "\nConnecting using WOLFSSL_SYS_CA_CERTS..."`
			`./examples/client/client -X -C -h $server -p 443 -g --sys-ca-certs`
			`RESULT=$?`
			`[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed when using WOLFSSL_SYS_CA_CERTS" && exit 1`
			`fi`

			`exit 0`