c89a0a5f3a
Prepare framework for testing tls-tris as client against other servers. Currently only boringssl is implemented, but the idea is to add support for others too (NSS, OpenSSL, picotls, tris, ...). To test multiple certificate types, copy ecdsa.pem and rsa.pem from tris-localserver for boringssl. The boringssl image is reused for the server since the binaries were built anyway. Revision is bumped to something to fix a build error and make the -loop and -www options work.
59 lines
2.0 KiB
Bash
Executable File
59 lines
2.0 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -xeuo pipefail
|
|
|
|
if [ "$1" = "INSTALL" ]; then
|
|
# INSTALL <client> [<revision>]
|
|
if [ -n "${3:-}" ]; then
|
|
REVISION="--build-arg REVISION=$3"
|
|
else
|
|
REVISION=""
|
|
fi
|
|
docker build $REVISION -t tls-tris:$2 _dev/$2
|
|
|
|
elif [ "$1" = "RUN" ]; then
|
|
# RUN <client>
|
|
IP=$(docker inspect -f '{{ .NetworkSettings.IPAddress }}' tris-localserver)
|
|
|
|
docker run --rm tls-tris:$2 $IP:1443 | tee output.txt # RSA
|
|
grep "Hello TLS 1.3" output.txt | grep -v "resumed" | grep -v "0-RTT"
|
|
grep "Hello TLS 1.3" output.txt | grep "resumed" | grep -v "0-RTT"
|
|
|
|
docker run --rm tls-tris:$2 $IP:2443 | tee output.txt # ECDSA
|
|
grep "Hello TLS 1.3" output.txt | grep -v "resumed" | grep -v "0-RTT"
|
|
grep "Hello TLS 1.3" output.txt | grep "resumed" | grep -v "0-RTT"
|
|
|
|
elif [ "$1" = "0-RTT" ]; then
|
|
# 0-RTT <client>
|
|
IP=$(docker inspect -f '{{ .NetworkSettings.IPAddress }}' tris-localserver)
|
|
|
|
docker run --rm tls-tris:$2 $IP:3443 | tee output.txt # rejecting 0-RTT
|
|
grep "Hello TLS 1.3" output.txt | grep "resumed" | grep -v "0-RTT"
|
|
|
|
docker run --rm tls-tris:$2 $IP:4443 | tee output.txt # accepting 0-RTT
|
|
grep "Hello TLS 1.3" output.txt | grep "resumed" | grep "0-RTT"
|
|
|
|
docker run --rm tls-tris:$2 $IP:5443 | tee output.txt # confirming 0-RTT
|
|
grep "Hello TLS 1.3" output.txt | grep "resumed" | grep "0-RTT confirmed"
|
|
|
|
elif [ "$1" = "INSTALL-CLIENT" ]; then
|
|
cd "$(dirname "$0")/tris-testclient"
|
|
./build.sh
|
|
|
|
elif [ "$1" = "RUN-CLIENT" ]; then
|
|
# RUN-CLIENT <target-server>
|
|
cd "$(dirname "$0")/tris-testclient"
|
|
|
|
servername="$2-localserver"
|
|
docker run --rm --detach --name "$servername" \
|
|
--entrypoint /server.sh \
|
|
--expose 1443 --expose 2443 \
|
|
tls-tris:$2
|
|
IP=$(docker inspect -f '{{ .NetworkSettings.IPAddress }}' "$servername")
|
|
# Obtain information and stop server on exit
|
|
trap 'docker ps -a; docker logs "$servername"; docker kill "$servername"' EXIT
|
|
|
|
docker run --rm tris-testclient -ecdsa=false $IP:1443 # RSA
|
|
docker run --rm tris-testclient -rsa=false $IP:2443 # ECDSA
|
|
# TODO maybe check server logs for expected output?
|
|
fi
|