#! /bin/csh -f # # run client side of SSL client certificate test. Run this script # after starting authServe script. # # In SSL_AUTO mode, we wait SSL_WAIT seconds between runs of sslServer from # the protServe script to allow the sslServer to get initialized. # Otherwise we wait manually via the sh script doprompt. # set SSL_KEYCHAIN=localcert set SSL_NEWROOT=localcert.cer # # set allow hostname spoof for use with numeric IP address (e.g., 10.0.61.6) # if the server cert doesn't have a subjectAltName. # #set NAME_SPOOF=H set NAME_SPOOF= set SSL_HOST=localhost set SSL_AUTO=0 set QUIET= while ( $#argv > 0 ) switch ( "$argv[1]" ) case a: set SSL_AUTO = 1 shift breaksw case q: set QUIET = q shift breaksw default: echo 'Usage: protClient [a(auto)]' exit(1) endsw end # # options for every run of sslViewer # set STD_OPTS="$SSL_HOST a $SSL_NEWROOT $NAME_SPOOF" echo ===== Server tries authentication, client refuses runProtClient $QUIET $STD_OPTS P=1200 t T=r || exit(1) doprompt $SSL_AUTO $QUIET echo ===== Server tries authentication, client sends cert runProtClient $QUIET $STD_OPTS P=1201 k=$SSL_KEYCHAIN t T=s || exit(1) doprompt $SSL_AUTO $QUIET echo ===== Server requires authentication, client refuses, expect error runProtClient $QUIET e "Expect error due to auth requirement" \ $STD_OPTS P=1202 t T=r || exit(1) doprompt $SSL_AUTO $QUIET echo ===== Server requires authentication, client refuses, SSL3, expect error runProtClient $QUIET e "Expect error due to auth requirement" \ $STD_OPTS P=1203 3 T=r || exit(1) doprompt $SSL_AUTO $QUIET echo ===== Server requires authentication, client sends cert runProtClient $QUIET $STD_OPTS P=1204 k=$SSL_KEYCHAIN t T=s || exit(1) doprompt $SSL_AUTO $QUIET echo ===== echo ===== authClient success echo =====