wolfssl-sys 4.0.0

#!/usr/bin/env bash

# psk.test
# copyright wolfSSL 2016

# if we can, isolate the network namespace to eliminate port collisions.
if [[ -n "$NETWORK_UNSHARE_HELPER" ]]; then
     if [[ -z "$NETWORK_UNSHARE_HELPER_CALLED" ]]; then
         export NETWORK_UNSHARE_HELPER_CALLED=yes
         exec "$NETWORK_UNSHARE_HELPER" "$0" "$@" || exit $?
     fi
elif [ "${AM_BWRAPPED-}" != "yes" ]; then
    bwrap_path="$(command -v bwrap)"
    if [ -n "$bwrap_path" ]; then
        export AM_BWRAPPED=yes
        exec "$bwrap_path" --unshare-net --dev-bind / / "$0" "$@"
    fi
    unset AM_BWRAPPED
fi

# getting unique port is modeled after resume.test script
# need a unique port since may run the same time as testsuite
# use server port zero hack to get one
port=0
no_pid=-1
server_pid=$no_pid
counter=0
# let's use absolute path to a local dir (make distcheck may be in sub dir)
# also let's add some randomness by adding pid in case multiple 'make check's
# per source tree
ready_file=`pwd`/wolfssl_psk_ready$$

echo "ready file \"$ready_file\""

create_port() {
    while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do
        echo -e "waiting for ready file..."
        sleep 0.1
        counter=$((counter+ 1))
    done

    if test -e "$ready_file"; then
        echo -e "found ready file, starting client..."

        # sleep for an additional 0.1 to mitigate race on write/read of $ready_file:
        sleep 0.1

        # get created port 0 ephemeral port
        port=`cat "$ready_file"`
    else
        echo -e "NO ready file ending test..."
        do_cleanup
    fi
}

remove_ready_file() {
    if test -e "$ready_file"; then
        echo -e "removing existing ready file"
    rm "$ready_file"
    fi
}

do_cleanup() {
    echo "in cleanup"

    if  [ $server_pid != $no_pid ]
    then
        echo "killing server"
        kill -9 $server_pid
    fi
    remove_ready_file
}

do_trap() {
    echo "got trap"
    do_cleanup
    exit 1
}

trap do_trap INT TERM

[ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
./examples/client/client '-?' 2>&1 | grep -- 'Client not compiled in!'
if [ $? -eq 0 ]; then
    exit 0
fi
./examples/server/server '-?' 2>&1 | grep -- 'Server not compiled in!'
if [ $? -eq 0 ]; then
    exit 0
fi
./examples/client/client '-?' 2>&1 | grep -- 'Disable client cert/key loading'
if [ $? -eq 0 ]; then
    CLIENT_AUTH_ENABLED=1
fi

# Usual psk server / psk client. This use case is tested in
# tests/unit.test and is used here for just checking if PSK is enabled
port=0
./examples/server/server -s -R "$ready_file" -p $port &
server_pid=$!
create_port
./examples/client/client -s -p $port
RESULT=$?
remove_ready_file
# if fail here then is a settings issue so return 0
if [ $RESULT -ne 0 ]; then
    echo -e "\n\nPSK not enabled"
    do_cleanup
    exit 0
fi
echo ""

# client test against the server
###############################

./examples/client/client -v 3 2>&1 | grep -- 'Bad SSL version'
if [ $? -ne 0 ]; then
    # Usual server / client. This use case is tested in
    # tests/unit.test and is used here for just checking if cipher suite
    # is available (one case for example is with disable-asn)
    port=0
    ./examples/server/server -R "$ready_file" -p $port -l DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA &
    server_pid=$!
    create_port
    ./examples/client/client -p $port
    RESULT=$?
    remove_ready_file
    # if fail here then is a settings issue so return 0
    if [ $RESULT -ne 0 ]; then
        echo -e "\n\nIssue with chosen non PSK suites"
        do_cleanup
        exit 0
    fi
    echo ""

    # psk server with non psk client
    port=0
    ./examples/server/server -j -R "$ready_file" -p $port &
    server_pid=$!
    create_port
    ./examples/client/client -p $port
    RESULT=$?
    remove_ready_file
    if [ $RESULT -ne 0 ]; then
        echo -e "\n\nClient connection failed"
        do_cleanup
        exit 1
    fi
    echo ""

    if [ "$CLIENT_AUTH_ENABLED" != "" ]; then
        # check fail if no auth, psk server with non psk client
        echo "Checking fail when not sending peer cert"
        port=0
        ./examples/server/server -j -R "$ready_file" -p $port &
        server_pid=$!
        create_port
        ./examples/client/client -x -p $port
        RESULT=$?
        remove_ready_file
        if [ $RESULT -eq 0 ]; then
            echo -e "\n\nClient connected when supposed to fail"
            do_cleanup
            exit 1
        fi
    fi
fi

echo -e "\nALL Tests Passed"

exit 0