X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/b04fe171f0375ecd5d8a24747ca1dff85720a0ca..6b200bc335dc93c5516ccb52f14bd896d8c7fad7:/SecurityTests/clxutils/sslScripts/protClient diff --git a/SecurityTests/clxutils/sslScripts/protClient b/SecurityTests/clxutils/sslScripts/protClient deleted file mode 100755 index 9b657393..00000000 --- a/SecurityTests/clxutils/sslScripts/protClient +++ /dev/null @@ -1,146 +0,0 @@ -#! /bin/csh -f -# -# run client side of SSL protocol version test. Run this script -# after starting protServe script. -# -#set SSL_NEWROOT=newcert.cer -set SSL_NEWROOT=localcert.cer -# -# set allow hostname spoof for use with numeric IP address (e.g., 10.0.61.6) -# if the server cert doesn't have a subjectAltName. -# -#set NAME_SPOOF=H -set NAME_SPOOF= -# -# In SSL_AUTO mode, we wait SSL_WAIT seconds between runs of sslServer from -# the protServe script to allow the sslServer to get initialized. -# Otherwise we wait manually via the sh script doprompt. -# -set SSL_AUTO=0 -# -set SSL_HOST=localhost -set QUIET= -while ( $#argv > 0 ) - switch ( "$argv[1]" ) - case a: - set SSL_AUTO = 1 - shift - breaksw - case q: - set QUIET = q - shift - breaksw - default: - echo 'Usage: protClient [a(auto)]' - exit(1) - endsw -end -# -# options for every run of sslViewer -# -set STD_OPTS="$SSL_HOST a $SSL_NEWROOT $NAME_SPOOF" - -echo ===== unrestricted server via SSLSetProtocolVersion -set SSL_PORT=1200 -runProtClient $QUIET $STD_OPTS P=$SSL_PORT t m=t || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT t o m=t || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 3 m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 3 o m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 2 m=2 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=2 m=2 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=3 m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=23 m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=23t m=t || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=2t m=t || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=3t m=t || exit(1) - -doprompt $SSL_AUTO $QUIET - -echo ===== server restricted to SSL2,3 via SSLSetProtocolVersion -set SSL_PORT=1201 -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 3 m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 2 m=2 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT t m=3 || exit(1) -runProtClient $QUIET e "Expect error due to server ssl3 restriction" \ - $STD_OPTS P=$SSL_PORT t o || exit(1) -runProtClient $QUIET e "Expect error due to server ssl3 restriction" \ - $STD_OPTS P=$SSL_PORT g=t || exit(1) - -doprompt $SSL_AUTO $QUIET - -echo ===== server restricted to SSL2 via SSLSetProtocolVersion -set SSL_PORT=1202 -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 2 m=2 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 3 m=2 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT t m=2 || exit(1) -runProtClient $QUIET e "Expect error due to server ssl2 restriction" \ - $STD_OPTS P=$SSL_PORT t o || exit(1) -runProtClient $QUIET e "Expect error due to server ssl2 restriction" \ - $STD_OPTS P=$SSL_PORT 3 o || exit(1) -runProtClient $QUIET e "Expect error due to server ssl2 restriction" \ - $STD_OPTS P=$SSL_PORT g=3t || exit(1) -runProtClient $QUIET e "Expect error due to server ssl2 restriction" \ - $STD_OPTS P=$SSL_PORT g=t || exit(1) -runProtClient $QUIET e "Expect error due to server ssl2 restriction" \ - $STD_OPTS P=$SSL_PORT g=3 || exit(1) - -doprompt $SSL_AUTO $QUIET - -echo ===== unrestricted server via SSLSetProtocolVersionEnabled -set SSL_PORT=1203 - -runProtClient $QUIET $STD_OPTS P=$SSL_PORT t m=t || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT t o m=t || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 3 m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 3 o m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 2 m=2 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=2 m=2 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=3 m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=23 m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=23t m=t || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=2t m=t || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=3t m=t || exit(1) - -doprompt $SSL_AUTO $QUIET - -echo ===== server restricted to SSL3, TLS1 via SSLSetProtocolVersionEnabled -set SSL_PORT=1204 -runProtClient $QUIET $STD_OPTS P=$SSL_PORT t m=t || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT t o m=t || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 3 m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 3 o m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=23t m=t || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=3t m=t || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=2t m=t || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=23 m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=3 m=3 || exit(1) -runProtClient $QUIET e "Expect error due to server SSL3,TLS1 restriction " \ - $STD_OPTS P=$SSL_PORT 2 || exit(1) -runProtClient $QUIET e "Expect error due to server SSL3,TLS1 restriction " \ - $STD_OPTS P=$SSL_PORT g=2 || exit(1) - -doprompt $SSL_AUTO $QUIET - -echo ===== server restricted to SSL2,3 via SSLSetProtocolVersionEnabled -set SSL_PORT=1205 - -runProtClient $QUIET $STD_OPTS P=$SSL_PORT t m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 3 m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 3 o m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT 2 m=2 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=23t m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=23 m=3 || exit(1) -runProtClient $QUIET $STD_OPTS P=$SSL_PORT g=3 m=3 || exit(1) -# -# Odd case, we try for TLS1, server should respond with 3, which -# we don't support -runProtClient $QUIET e "Expect error due to server SSL2,3 restriction" \ - $STD_OPTS P=$SSL_PORT g=2t || exit(1) -runProtClient $QUIET e "Expect error due to server SSL2,3 restriction" \ - $STD_OPTS P=$SSL_PORT t o || exit(1) -runProtClient $QUIET e "Expect error due to server SSL2,3 restriction" \ - $STD_OPTS P=$SSL_PORT g=t || exit(1) - -echo ===== -echo ===== protClient success -echo =====