From e2dd8c36a09c6c532cff6050cd81fc994c1b1f45 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Wed, 23 Aug 2023 10:45:09 -0400 Subject: [PATCH 01/11] specified bound equals destination size --- src/wp_ecc_kmgmt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wp_ecc_kmgmt.c b/src/wp_ecc_kmgmt.c index bdaa25e2..e94a58bc 100644 --- a/src/wp_ecc_kmgmt.c +++ b/src/wp_ecc_kmgmt.c @@ -1486,7 +1486,7 @@ static int wp_ecc_gen_set_template(wp_EccGenCtx* ctx, wp_Ecc* ecc) } if (ok) { XSTRNCPY(ctx->curveName, name, sizeof(ctx->curveName)-1); - ctx->curveName[WP_MAX_EC_GROUP_NAME_SZ-1] = '\0'; + ctx->curveName[sizeof(ctx->curveName)-1] = '\0'; } return ok; From f6bc34d709730c7be5453d0c46cbb3da706f3436 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Wed, 23 Aug 2023 11:34:26 -0400 Subject: [PATCH 02/11] Initialize variable --- src/wp_ecx_kmgmt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wp_ecx_kmgmt.c b/src/wp_ecx_kmgmt.c index feac8b3c..3a73eae6 100644 --- a/src/wp_ecx_kmgmt.c +++ b/src/wp_ecx_kmgmt.c @@ -730,7 +730,7 @@ static int wp_ecx_validate_pub_key(const wp_Ecx* ecx) { int ok = 1; int rc; - unsigned char key[WP_MAX_KEY_SIZE]; + unsigned char key[WP_MAX_KEY_SIZE] = {0}; word32 len = ecx->data->len; ok &= ecx->hasPub; From a78c72438a754118681238837785a468003ef2ed Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Wed, 23 Aug 2023 13:21:22 -0400 Subject: [PATCH 03/11] Print helpful reasons for failure --- test/unit.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/test/unit.c b/test/unit.c index 5c1c3693..9d905b8c 100644 --- a/test/unit.c +++ b/test/unit.c @@ -23,6 +23,7 @@ #endif #include +#include #include "unit.h" @@ -593,6 +594,7 @@ int main(int argc, char* argv[]) wpProv = OSSL_PROVIDER_load(wpLibCtx, name); if (wpProv == NULL) { PRINT_ERR_MSG("Failed to find wolf provider!\n"); + ERR_print_errors_fp(stderr); err = 1; } @@ -600,6 +602,7 @@ int main(int argc, char* argv[]) osslProv = OSSL_PROVIDER_load(osslLibCtx, "default"); if (osslProv == NULL) { PRINT_ERR_MSG("Failed to find default provider!\n"); + ERR_print_errors_fp(stderr); err = 1; } } From 30b578e4469fde08c6ac54e198d26d079514870e Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Wed, 23 Aug 2023 15:54:56 -0400 Subject: [PATCH 04/11] Clean up 'check_process_running' --- scripts/wp-cs-test.sh | 24 +++++++++--------------- 1 file changed, 9 insertions(+), 15 deletions(-) diff --git a/scripts/wp-cs-test.sh b/scripts/wp-cs-test.sh index a0ad722f..2130c4bc 100755 --- a/scripts/wp-cs-test.sh +++ b/scripts/wp-cs-test.sh @@ -32,16 +32,14 @@ OPENSSL_SERVER_PID=-1 WP_OPENSSL_SERVER_PID=-1 kill_servers() { - SERVER_PID=$OPENSSL_SERVER_PID - check_process_running + check_process_running $OPENSSL_SERVER_PID if [ "$PS_EXIT" = "0" ]; then - (kill -INT $SERVER_PID) >/dev/null 2>&1 + (kill -INT $OPENSSL_SERVER_PID) >/dev/null 2>&1 fi - SERVER_PID=$WP_OPENSSL_SERVER_PID - check_process_running + check_process_running $WP_OPENSSL_SERVER_PID if [ "$PS_EXIT" = "0" ]; then - (kill -INT $SERVER_PID) >/dev/null 2>&1 + (kill -INT $WP_OPENSSL_SERVER_PID) >/dev/null 2>&1 fi } @@ -144,7 +142,7 @@ TLS1_PSK_CIPHERS=( ) check_process_running() { - ps -p $SERVER_PID > /dev/null + ps -p $1 > /dev/null PS_EXIT=$? } @@ -167,8 +165,7 @@ start_openssl_server() { sleep 0.1 - SERVER_PID=$OPENSSL_SERVER_PID - check_process_running + check_process_running $OPENSSL_SERVER_PID if [ "$PS_EXIT" != "0" ]; then printf "OpenSSL server failed to start\n" do_cleanup @@ -191,8 +188,7 @@ start_wp_openssl_server() { sleep 0.1 - SERVER_PID=$WP_OPENSSL_SERVER_PID - check_process_running + check_process_running $WP_OPENSSL_SERVER_PID if [ "$PS_EXIT" != "0" ]; then printf "server failed to start\n" printf "OpenSSL server using wolfProvider failed to start\n" @@ -214,8 +210,7 @@ start_openssl_server() { sleep 0.1 - SERVER_PID=$OPENSSL_SERVER_PID - check_process_running + check_process_running $OPENSSL_SERVER_PID if [ "$PS_EXIT" != "0" ]; then printf "OpenSSL server failed to start\n" do_cleanup @@ -238,8 +233,7 @@ start_wp_openssl_server() { sleep 0.1 - SERVER_PID=$WP_OPENSSL_SERVER_PID - check_process_running + check_process_running $WP_OPENSSL_SERVER_PID if [ "$PS_EXIT" != "0" ]; then printf "server failed to start\n" printf "OpenSSL server using wolfProvider failed to start\n" From 7c4af2eeac80104b527a192c97c66ce1b864c2a7 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Wed, 23 Aug 2023 15:55:22 -0400 Subject: [PATCH 05/11] Remove duplicate definitions --- scripts/wp-cs-test.sh | 45 ------------------------------------------- 1 file changed, 45 deletions(-) diff --git a/scripts/wp-cs-test.sh b/scripts/wp-cs-test.sh index 2130c4bc..3788b82e 100755 --- a/scripts/wp-cs-test.sh +++ b/scripts/wp-cs-test.sh @@ -173,51 +173,6 @@ start_openssl_server() { fi } -start_wp_openssl_server() { - generate_port - export WP_OPENSSL_PORT=$port - - ($OPENSSL_BIN s_server -www \ - -provider-path $WOLFPROV_PATH -provider $WOLFPROV_NAME \ - -cert $CERT_DIR/server-cert.pem -key $CERT_DIR/server-key.pem \ - -dcert $CERT_DIR/server-ecc.pem -dkey $CERT_DIR/ecc-key.pem \ - -accept $WP_OPENSSL_PORT $OPENSSL_ALL_CIPHERS \ - >$LOG_WP_SERVER 2>&1 - ) & - WP_OPENSSL_SERVER_PID=$! - - sleep 0.1 - - check_process_running $WP_OPENSSL_SERVER_PID - if [ "$PS_EXIT" != "0" ]; then - printf "server failed to start\n" - printf "OpenSSL server using wolfProvider failed to start\n" - do_cleanup - exit 1 - fi -} -start_openssl_server() { - generate_port - export OPENSSL_PORT=$port - - ($OPENSSL_BIN s_server -www \ - -cert $CERT_DIR/server-cert.pem -key $CERT_DIR/server-key.pem \ - -dcert $CERT_DIR/server-ecc.pem -dkey $CERT_DIR/ecc-key.pem \ - -accept $OPENSSL_PORT $OPENSSL_ALL_CIPHERS \ - >$LOG_SERVER 2>&1 - ) & - OPENSSL_SERVER_PID=$! - - sleep 0.1 - - check_process_running $OPENSSL_SERVER_PID - if [ "$PS_EXIT" != "0" ]; then - printf "OpenSSL server failed to start\n" - do_cleanup - exit 1 - fi -} - start_wp_openssl_server() { generate_port export WP_OPENSSL_PORT=$port From a18374d4d658efa95a26023b35460424398e21df Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 24 Aug 2023 12:06:37 -0400 Subject: [PATCH 06/11] Simplify script by consolidating duplicate functions --- scripts/wp-cs-test.sh | 143 ++++++------------------------------------ 1 file changed, 18 insertions(+), 125 deletions(-) diff --git a/scripts/wp-cs-test.sh b/scripts/wp-cs-test.sh index 3788b82e..cbb12f49 100755 --- a/scripts/wp-cs-test.sh +++ b/scripts/wp-cs-test.sh @@ -29,24 +29,16 @@ LOG_CLIENT=$LOG_DIR/wp-cs-test-client.log TMP_LOG=$LOG_DIR/wp-cs-test-tmp.log OPENSSL_SERVER_PID=-1 -WP_OPENSSL_SERVER_PID=-1 kill_servers() { check_process_running $OPENSSL_SERVER_PID if [ "$PS_EXIT" = "0" ]; then (kill -INT $OPENSSL_SERVER_PID) >/dev/null 2>&1 fi - - check_process_running $WP_OPENSSL_SERVER_PID - if [ "$PS_EXIT" = "0" ]; then - (kill -INT $WP_OPENSSL_SERVER_PID) >/dev/null 2>&1 - fi } do_cleanup() { kill_servers - - rm -f $TMP_LOG } do_trap() { @@ -56,7 +48,6 @@ do_trap() { exit 1 } - trap do_trap INT TERM TLS13_ALL_CIPHERS="TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256" @@ -148,14 +139,13 @@ check_process_running() { # need a unique port since may run the same time as testsuite generate_port() { - port=$(($(od -An -N2 /dev/random) % (65535-49512) + 49512)) + echo $(($(od -An -N2 /dev/random) % (65535-49512) + 49512)) } -start_openssl_server() { - generate_port - export OPENSSL_PORT=$port +start_openssl_server() { # usage: start_openssl_server [extraArgs] + export OPENSSL_PORT=$(generate_port) - ($OPENSSL_BIN s_server -www \ + ($OPENSSL_BIN s_server -www $1 \ -cert $CERT_DIR/server-cert.pem -key $CERT_DIR/server-key.pem \ -dcert $CERT_DIR/server-ecc.pem -dkey $CERT_DIR/ecc-key.pem \ -accept $OPENSSL_PORT $OPENSSL_ALL_CIPHERS \ @@ -173,80 +163,21 @@ start_openssl_server() { fi } -start_wp_openssl_server() { - generate_port - export WP_OPENSSL_PORT=$port - - ($OPENSSL_BIN s_server -www \ - -provider-path $WOLFPROV_PATH -provider $WOLFPROV_NAME \ - -cert $CERT_DIR/server-cert.pem -key $CERT_DIR/server-key.pem \ - -dcert $CERT_DIR/server-ecc.pem -dkey $CERT_DIR/ecc-key.pem \ - -accept $WP_OPENSSL_PORT $OPENSSL_ALL_CIPHERS \ - >$LOG_WP_SERVER 2>&1 - ) & - WP_OPENSSL_SERVER_PID=$! - - sleep 0.1 - - check_process_running $WP_OPENSSL_SERVER_PID - if [ "$PS_EXIT" != "0" ]; then - printf "server failed to start\n" - printf "OpenSSL server using wolfProvider failed to start\n" - do_cleanup - exit 1 - fi -} - -do_wp_client() { +do_client() { # usage: do_client [extraArgs] printf "\t\t$CIPHER ... " if [ "$TLS_VERSION" != "-tls1_3" ]; then (echo -n | \ - $OPENSSL_BIN s_client \ - -provider-path $WOLFPROV_PATH \ - -provider $WOLFPROV_NAME \ + $OPENSSL_BIN s_client $1 \ -cipher $CIPHER $TLS_VERSION \ - -curves $CURVES \ -connect localhost:$OPENSSL_PORT \ - >$TMP_LOG 2>&1 - ) - else - (echo -n | \ - $OPENSSL_BIN s_client \ - -provider-path $WOLFPROV_PATH \ - -provider $WOLFPROV_NAME \ - -ciphersuites $CIPHER $TLS_VERSION \ - -curves $CURVES \ - -connect localhost:$OPENSSL_PORT \ - >$TMP_LOG 2>&1 - ) - fi - if [ "$?" = "0" ]; then - printf "pass\n" - else - printf "fail\n" - FAIL=$((FAIL+1)) - fi - - #check_log - - cat $TMP_LOG >>$LOG_CLIENT -} - -do_client() { - printf "\t\t$CIPHER ... " - if [ "$TLS_VERSION" != "-tls1_3" ]; then - (echo -n | \ - $OPENSSL_BIN s_client \ - -cipher $CIPHER $TLS_VERSION \ - -connect localhost:$WP_OPENSSL_PORT \ -curves $CURVES \ >>$LOG_CLIENT 2>&1 ) else (echo -n | \ - $OPENSSL_BIN s_client \ + $OPENSSL_BIN s_client $1 \ -ciphersuites $CIPHER $TLS_VERSION \ - -connect localhost:$WP_OPENSSL_PORT \ + -connect localhost:$OPENSSL_PORT \ -curves $CURVES \ >>$LOG_CLIENT 2>&1 ) @@ -257,81 +188,39 @@ do_client() { printf "fail\n" FAIL=$((FAIL+1)) fi - - NEW_LINES=`wc -l $LOG_WP_SERVER | awk '{print $1}'` - tail --lines=$((NEW_LINES-LOG_LINES)) $LOG_WP_SERVER >$TMP_LOG - - #check_log - - LOG_LINES=$NEW_LINES -} - -do_wp_client_test() { - printf "\tClient testing\n" - CHECK_CLIENT=1 - CHECK_SERVER= - - #TLS_VERSION=-tls1 - #printf "\t$TLS_VERSION\n" - #for CIPHER in ${TLS1_CIPHERS[@]} - #do - # do_wp_client - #done - - #TLS_VERSION=-tls1_1 - #printf "\t$TLS_VERSION\n" - #for CIPHER in ${TLS1_CIPHERS[@]} - #do - # do_wp_client - #done - - TLS_VERSION=-tls1_2 - printf "\t$TLS_VERSION\n" - for CIPHER in ${TLS12_CIPHERS[@]} - do - do_wp_client - done - - TLS_VERSION=-tls1_3 - printf "\t$TLS_VERSION\n" - for CIPHER in ${TLS13_CIPHERS[@]} - do - do_wp_client - done } do_client_test() { printf "\tServer testing\n" CHECK_CLIENT= CHECK_SERVER=1 - LOG_LINES=0 #TLS_VERSION=-tls1 #printf "\t$TLS_VERSION\n" #for CIPHER in ${TLS1_CIPHERS[@]} #do - # do_client + # do_client "$1" #done #TLS_VERSION=-tls1_1 #printf "\t$TLS_VERSION\n" #for CIPHER in ${TLS1_CIPHERS[@]} #do - # do_client + # do_client "$1" #done TLS_VERSION=-tls1_2 printf "\t$TLS_VERSION\n" for CIPHER in ${TLS12_CIPHERS[@]} do - do_client + do_client "$1" done TLS_VERSION=-tls1_3 printf "\t$TLS_VERSION\n" for CIPHER in ${TLS13_CIPHERS[@]} do - do_client + do_client "$1" done } @@ -368,11 +257,15 @@ rm -f $LOG_CLIENT CURVES=prime256v1 #CURVES=X25519 OPENSSL_ALL_CIPHERS="-cipher ALL -ciphersuites $TLS13_ALL_CIPHERS" + start_openssl_server -do_wp_client_test -start_wp_openssl_server +do_client_test "-provider-path $WOLFPROV_PATH -provider $WOLFPROV_NAME" +kill_servers + +start_openssl_server "-provider-path $WOLFPROV_PATH -provider $WOLFPROV_NAME" do_client_test kill_servers + do_cleanup if [ "$FAIL" = "0" ]; then From cd2bdbd6f40d5f453a488c1648ef143ce1b5af3b Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 24 Aug 2023 12:23:38 -0400 Subject: [PATCH 07/11] Clean up log file output --- scripts/wp-cs-test.sh | 38 ++++++++++++++++++-------------------- 1 file changed, 18 insertions(+), 20 deletions(-) diff --git a/scripts/wp-cs-test.sh b/scripts/wp-cs-test.sh index cbb12f49..0d94f430 100755 --- a/scripts/wp-cs-test.sh +++ b/scripts/wp-cs-test.sh @@ -21,18 +21,20 @@ SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" CERT_DIR=$SCRIPT_DIR/../certs -LOG_DIR=$SCRIPT_DIR/log -LOG_FILE=$LOG_DIR/wp-cs-test.log -LOG_SERVER=$LOG_DIR/wp-cs-test-server.log -LOG_WP_SERVER=$LOG_DIR/wp-cs-test-wp-server.log -LOG_CLIENT=$LOG_DIR/wp-cs-test-client.log -TMP_LOG=$LOG_DIR/wp-cs-test-tmp.log +LOG_FILE=$SCRIPT_DIR/wp-cs-test.log +LOG_SERVER=$SCRIPT_DIR/wp-cs-test-server.log +LOG_CLIENT=$SCRIPT_DIR/wp-cs-test-client.log +TMP_LOG=$SCRIPT_DIR/wp-cs-test-tmp.log OPENSSL_SERVER_PID=-1 +set -o pipefail # pass failures up the pipe +prepend() { # Usage: cmd 2>&1 | prepend "sometext " + while read line; do echo "${1}${line}"; done +} + kill_servers() { - check_process_running $OPENSSL_SERVER_PID - if [ "$PS_EXIT" = "0" ]; then + if [ $(check_process_running $OPENSSL_SERVER_PID) = "0" ]; then (kill -INT $OPENSSL_SERVER_PID) >/dev/null 2>&1 fi } @@ -134,7 +136,7 @@ TLS1_PSK_CIPHERS=( check_process_running() { ps -p $1 > /dev/null - PS_EXIT=$? + echo $? } # need a unique port since may run the same time as testsuite @@ -143,20 +145,17 @@ generate_port() { } start_openssl_server() { # usage: start_openssl_server [extraArgs] - export OPENSSL_PORT=$(generate_port) - ($OPENSSL_BIN s_server -www $1 \ -cert $CERT_DIR/server-cert.pem -key $CERT_DIR/server-key.pem \ -dcert $CERT_DIR/server-ecc.pem -dkey $CERT_DIR/ecc-key.pem \ -accept $OPENSSL_PORT $OPENSSL_ALL_CIPHERS \ - >$LOG_SERVER 2>&1 + 2>&1 | tee -a $LOG_SERVER | prepend "[server] " >>$LOG_FILE ) & OPENSSL_SERVER_PID=$! sleep 0.1 - check_process_running $OPENSSL_SERVER_PID - if [ "$PS_EXIT" != "0" ]; then + if [ $(check_process_running $OPENSSL_SERVER_PID) != "0" ]; then printf "OpenSSL server failed to start\n" do_cleanup exit 1 @@ -171,7 +170,7 @@ do_client() { # usage: do_client [extraArgs] -cipher $CIPHER $TLS_VERSION \ -connect localhost:$OPENSSL_PORT \ -curves $CURVES \ - >>$LOG_CLIENT 2>&1 + 2>&1 | tee -a $LOG_CLIENT | prepend "[client] " >>$LOG_FILE ) else (echo -n | \ @@ -179,7 +178,7 @@ do_client() { # usage: do_client [extraArgs] -ciphersuites $CIPHER $TLS_VERSION \ -connect localhost:$OPENSSL_PORT \ -curves $CURVES \ - >>$LOG_CLIENT 2>&1 + 2>&1 | tee -a $LOG_CLIENT | prepend "[client] " >>$LOG_FILE ) fi if [ "$?" = "0" ]; then @@ -191,10 +190,6 @@ do_client() { # usage: do_client [extraArgs] } do_client_test() { - printf "\tServer testing\n" - CHECK_CLIENT= - CHECK_SERVER=1 - #TLS_VERSION=-tls1 #printf "\t$TLS_VERSION\n" #for CIPHER in ${TLS1_CIPHERS[@]} @@ -257,11 +252,14 @@ rm -f $LOG_CLIENT CURVES=prime256v1 #CURVES=X25519 OPENSSL_ALL_CIPHERS="-cipher ALL -ciphersuites $TLS13_ALL_CIPHERS" +OPENSSL_PORT=$(generate_port) +printf "\tClient testing\n" start_openssl_server do_client_test "-provider-path $WOLFPROV_PATH -provider $WOLFPROV_NAME" kill_servers +printf "\tServer testing\n" start_openssl_server "-provider-path $WOLFPROV_PATH -provider $WOLFPROV_NAME" do_client_test kill_servers From 8cb1ae07544780bc2d25f2ab9eb6e5899118e5ef Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 24 Aug 2023 12:35:18 -0400 Subject: [PATCH 08/11] More simplification of log output --- scripts/wp-cs-test.sh | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/scripts/wp-cs-test.sh b/scripts/wp-cs-test.sh index 0d94f430..fdca0cfb 100755 --- a/scripts/wp-cs-test.sh +++ b/scripts/wp-cs-test.sh @@ -22,9 +22,6 @@ SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" CERT_DIR=$SCRIPT_DIR/../certs LOG_FILE=$SCRIPT_DIR/wp-cs-test.log -LOG_SERVER=$SCRIPT_DIR/wp-cs-test-server.log -LOG_CLIENT=$SCRIPT_DIR/wp-cs-test-client.log -TMP_LOG=$SCRIPT_DIR/wp-cs-test-tmp.log OPENSSL_SERVER_PID=-1 @@ -149,7 +146,7 @@ start_openssl_server() { # usage: start_openssl_server [extraArgs] -cert $CERT_DIR/server-cert.pem -key $CERT_DIR/server-key.pem \ -dcert $CERT_DIR/server-ecc.pem -dkey $CERT_DIR/ecc-key.pem \ -accept $OPENSSL_PORT $OPENSSL_ALL_CIPHERS \ - 2>&1 | tee -a $LOG_SERVER | prepend "[server] " >>$LOG_FILE + 2>&1 | prepend "[server] " >>$LOG_FILE ) & OPENSSL_SERVER_PID=$! @@ -164,13 +161,14 @@ start_openssl_server() { # usage: start_openssl_server [extraArgs] do_client() { # usage: do_client [extraArgs] printf "\t\t$CIPHER ... " + printf "\n$CIPHER ...\n" >>$LOG_FILE if [ "$TLS_VERSION" != "-tls1_3" ]; then (echo -n | \ $OPENSSL_BIN s_client $1 \ -cipher $CIPHER $TLS_VERSION \ -connect localhost:$OPENSSL_PORT \ -curves $CURVES \ - 2>&1 | tee -a $LOG_CLIENT | prepend "[client] " >>$LOG_FILE + 2>&1 | prepend "[client] " >>$LOG_FILE ) else (echo -n | \ @@ -178,13 +176,13 @@ do_client() { # usage: do_client [extraArgs] -ciphersuites $CIPHER $TLS_VERSION \ -connect localhost:$OPENSSL_PORT \ -curves $CURVES \ - 2>&1 | tee -a $LOG_CLIENT | prepend "[client] " >>$LOG_FILE + 2>&1 | prepend "[client] " >>$LOG_FILE ) fi if [ "$?" = "0" ]; then - printf "pass\n" + printf "pass\n" | tee -a $LOG_FILE else - printf "fail\n" + printf "fail\n" | tee -a $LOG_FILE FAIL=$((FAIL+1)) fi } @@ -247,19 +245,17 @@ FAIL=0 WOLFPROV_NAME="libwolfprov" WOLFPROV_PATH=$PWD/.libs -rm -f $LOG_CLIENT - CURVES=prime256v1 #CURVES=X25519 OPENSSL_ALL_CIPHERS="-cipher ALL -ciphersuites $TLS13_ALL_CIPHERS" OPENSSL_PORT=$(generate_port) -printf "\tClient testing\n" +printf "\tClient testing\n" | tee $LOG_FILE start_openssl_server do_client_test "-provider-path $WOLFPROV_PATH -provider $WOLFPROV_NAME" kill_servers -printf "\tServer testing\n" +printf "\tServer testing\n" | tee -a $LOG_FILE start_openssl_server "-provider-path $WOLFPROV_PATH -provider $WOLFPROV_NAME" do_client_test kill_servers From b0a55b6a12c6834bda8389d56188cf03ab7731f7 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 24 Aug 2023 12:39:29 -0400 Subject: [PATCH 09/11] Make sure all buffers are flushed before killing processes --- scripts/wp-cs-test.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/scripts/wp-cs-test.sh b/scripts/wp-cs-test.sh index fdca0cfb..d7828541 100755 --- a/scripts/wp-cs-test.sh +++ b/scripts/wp-cs-test.sh @@ -37,6 +37,7 @@ kill_servers() { } do_cleanup() { + sleep 0.5 # flush buffers kill_servers } @@ -142,7 +143,7 @@ generate_port() { } start_openssl_server() { # usage: start_openssl_server [extraArgs] - ($OPENSSL_BIN s_server -www $1 \ + (stdbuf -oL -eL $OPENSSL_BIN s_server -www $1 \ -cert $CERT_DIR/server-cert.pem -key $CERT_DIR/server-key.pem \ -dcert $CERT_DIR/server-ecc.pem -dkey $CERT_DIR/ecc-key.pem \ -accept $OPENSSL_PORT $OPENSSL_ALL_CIPHERS \ @@ -164,7 +165,7 @@ do_client() { # usage: do_client [extraArgs] printf "\n$CIPHER ...\n" >>$LOG_FILE if [ "$TLS_VERSION" != "-tls1_3" ]; then (echo -n | \ - $OPENSSL_BIN s_client $1 \ + stdbuf -oL -eL $OPENSSL_BIN s_client $1 \ -cipher $CIPHER $TLS_VERSION \ -connect localhost:$OPENSSL_PORT \ -curves $CURVES \ @@ -172,7 +173,7 @@ do_client() { # usage: do_client [extraArgs] ) else (echo -n | \ - $OPENSSL_BIN s_client $1 \ + stdbuf -oL -eL $OPENSSL_BIN s_client $1 \ -ciphersuites $CIPHER $TLS_VERSION \ -connect localhost:$OPENSSL_PORT \ -curves $CURVES \ From 6a95d6f3649d4c46ce41b95a0f4cc5540ee630a4 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 24 Aug 2023 12:44:17 -0400 Subject: [PATCH 10/11] More output to LOG_FILE --- scripts/wp-cs-test.sh | 36 ++++++++++++++++-------------------- 1 file changed, 16 insertions(+), 20 deletions(-) diff --git a/scripts/wp-cs-test.sh b/scripts/wp-cs-test.sh index d7828541..b52baf41 100755 --- a/scripts/wp-cs-test.sh +++ b/scripts/wp-cs-test.sh @@ -188,32 +188,28 @@ do_client() { # usage: do_client [extraArgs] fi } -do_client_test() { - #TLS_VERSION=-tls1 - #printf "\t$TLS_VERSION\n" - #for CIPHER in ${TLS1_CIPHERS[@]} - #do - # do_client "$1" - #done - - #TLS_VERSION=-tls1_1 - #printf "\t$TLS_VERSION\n" - #for CIPHER in ${TLS1_CIPHERS[@]} - #do - # do_client "$1" - #done +do_client_test() { # usage: do_client_test [extraArgs] +# TLS_VERSION=-tls1 +# printf "\t$TLS_VERSION\n" | tee -a $LOG_FILE +# for CIPHER in ${TLS1_CIPHERS[@]}; do +# do_client "$1" +# done +# +# TLS_VERSION=-tls1_1 +# printf "\t$TLS_VERSION\n" | tee -a $LOG_FILE +# for CIPHER in ${TLS1_CIPHERS[@]}; do +# do_client "$1" +# done TLS_VERSION=-tls1_2 - printf "\t$TLS_VERSION\n" - for CIPHER in ${TLS12_CIPHERS[@]} - do + printf "\t$TLS_VERSION\n" | tee -a $LOG_FILE + for CIPHER in ${TLS12_CIPHERS[@]}; do do_client "$1" done TLS_VERSION=-tls1_3 - printf "\t$TLS_VERSION\n" - for CIPHER in ${TLS13_CIPHERS[@]} - do + printf "\t$TLS_VERSION\n" | tee -a $LOG_FILE + for CIPHER in ${TLS13_CIPHERS[@]}; do do_client "$1" done } From 4fa1a7c3218e7176aecbede3a074fda274351eec Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 24 Aug 2023 13:09:30 -0400 Subject: [PATCH 11/11] Fix the detection of the server PID --- scripts/wp-cs-test.sh | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/scripts/wp-cs-test.sh b/scripts/wp-cs-test.sh index b52baf41..fe31ec57 100755 --- a/scripts/wp-cs-test.sh +++ b/scripts/wp-cs-test.sh @@ -32,7 +32,7 @@ prepend() { # Usage: cmd 2>&1 | prepend "sometext " kill_servers() { if [ $(check_process_running $OPENSSL_SERVER_PID) = "0" ]; then - (kill -INT $OPENSSL_SERVER_PID) >/dev/null 2>&1 + (kill -9 $OPENSSL_SERVER_PID) >/dev/null 2>&1 fi } @@ -143,13 +143,12 @@ generate_port() { } start_openssl_server() { # usage: start_openssl_server [extraArgs] - (stdbuf -oL -eL $OPENSSL_BIN s_server -www $1 \ + stdbuf -oL -eL $OPENSSL_BIN s_server -www $1 \ -cert $CERT_DIR/server-cert.pem -key $CERT_DIR/server-key.pem \ -dcert $CERT_DIR/server-ecc.pem -dkey $CERT_DIR/ecc-key.pem \ -accept $OPENSSL_PORT $OPENSSL_ALL_CIPHERS \ - 2>&1 | prepend "[server] " >>$LOG_FILE - ) & - OPENSSL_SERVER_PID=$! + 2>&1 | prepend "[server] " >>$LOG_FILE & + OPENSSL_SERVER_PID=$(($! - 1)) sleep 0.1