[apple/security.git] / SecurityTests / clxutils / sslScripts / authClient

#! /bin/csh -f
#
# run client side of SSL client certificate test. Run this script
# after starting authServe script.
#
# In SSL_AUTO mode, we wait SSL_WAIT seconds between runs of sslServer from
# the protServe script to allow the sslServer to get initialized. 
# Otherwise we wait manually via the sh script doprompt.
#
set SSL_KEYCHAIN=localcert
set SSL_NEWROOT=localcert.cer
#
# set allow hostname spoof for use with numeric IP address (e.g., 10.0.61.6)
# if the server cert doesn't have a subjectAltName.
#
#set NAME_SPOOF=H
set NAME_SPOOF=

set SSL_HOST=localhost

set SSL_AUTO=0
set QUIET=
while ( $#argv > 0 )
    switch ( "$argv[1]" )
        case a:
            set SSL_AUTO = 1
            shift
            breaksw
        case q:
            set QUIET = q
            shift
            breaksw
        default:
            echo 'Usage: protClient [a(auto)]'
            exit(1)
    endsw
end
#
# options for every run of sslViewer
#
set STD_OPTS="$SSL_HOST a $SSL_NEWROOT $NAME_SPOOF"

echo ===== Server tries authentication, client refuses

runProtClient $QUIET $STD_OPTS P=1200 t T=r || exit(1)
doprompt $SSL_AUTO $QUIET

echo ===== Server tries authentication, client sends cert

runProtClient $QUIET $STD_OPTS P=1201 k=$SSL_KEYCHAIN t T=s || exit(1)
doprompt $SSL_AUTO $QUIET

echo ===== Server requires authentication, client refuses, expect error

runProtClient $QUIET e "Expect error due to auth requirement" \
	$STD_OPTS P=1202 t T=r || exit(1)
doprompt $SSL_AUTO $QUIET

echo ===== Server requires authentication, client refuses, SSL3, expect error

runProtClient $QUIET e "Expect error due to auth requirement" \
	$STD_OPTS P=1203 3 T=r || exit(1)
doprompt $SSL_AUTO $QUIET

echo ===== Server requires authentication, client sends cert

runProtClient $QUIET $STD_OPTS P=1204 k=$SSL_KEYCHAIN t T=s || exit(1)
doprompt $SSL_AUTO $QUIET

echo =====
echo ===== authClient success
echo =====
Commit	Line	Data
d8f41ccd A	1	#! /bin/csh -f
	2	#
	3	# run client side of SSL client certificate test. Run this script
	4	# after starting authServe script.
	5	#
	6	# In SSL_AUTO mode, we wait SSL_WAIT seconds between runs of sslServer from
	7	# the protServe script to allow the sslServer to get initialized.
	8	# Otherwise we wait manually via the sh script doprompt.
	9	#
	10	set SSL_KEYCHAIN=localcert
	11	set SSL_NEWROOT=localcert.cer
	12	#
	13	# set allow hostname spoof for use with numeric IP address (e.g., 10.0.61.6)
	14	# if the server cert doesn't have a subjectAltName.
	15	#
	16	#set NAME_SPOOF=H
	17	set NAME_SPOOF=
	18
	19	set SSL_HOST=localhost
	20
	21	set SSL_AUTO=0
	22	set QUIET=
	23	while ( $#argv > 0 )
	24	switch ( "$argv[1]" )
	25	case a:
	26	set SSL_AUTO = 1
	27	shift
	28	breaksw
	29	case q:
	30	set QUIET = q
	31	shift
	32	breaksw
	33	default:
	34	echo 'Usage: protClient [a(auto)]'
	35	exit(1)
	36	endsw
	37	end
	38	#
	39	# options for every run of sslViewer
	40	#
	41	set STD_OPTS="$SSL_HOST a $SSL_NEWROOT $NAME_SPOOF"
	42
	43	echo ===== Server tries authentication, client refuses
	44
	45	runProtClient $QUIET $STD_OPTS P=1200 t T=r \|\| exit(1)
	46	doprompt $SSL_AUTO $QUIET
	47
	48	echo ===== Server tries authentication, client sends cert
	49
	50	runProtClient $QUIET $STD_OPTS P=1201 k=$SSL_KEYCHAIN t T=s \|\| exit(1)
	51	doprompt $SSL_AUTO $QUIET
	52
	53	echo ===== Server requires authentication, client refuses, expect error
	54
	55	runProtClient $QUIET e "Expect error due to auth requirement" \
	56	$STD_OPTS P=1202 t T=r \|\| exit(1)
	57	doprompt $SSL_AUTO $QUIET
	58
	59	echo ===== Server requires authentication, client refuses, SSL3, expect error
	60
	61	runProtClient $QUIET e "Expect error due to auth requirement" \
	62	$STD_OPTS P=1203 3 T=r \|\| exit(1)
	63	doprompt $SSL_AUTO $QUIET
	64
65	echo ===== Server requires authentication, client sends cert
66
67	runProtClient $QUIET $STD_OPTS P=1204 k=$SSL_KEYCHAIN t T=s \|\| exit(1)
68	doprompt $SSL_AUTO $QUIET
69
70	echo =====
71	echo ===== authClient success
72	echo =====