1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-04 15:53:12 +02:00

Add SSL/TLS tests.

This commit is contained in:
Bram Matthys
2019-01-11 10:06:21 +01:00
parent 7d68ea0570
commit 9873382e6b
3 changed files with 63 additions and 4 deletions
@@ -0,0 +1,33 @@
Target: 127.0.0.1:5900
prio ciphersuite protocols pfs curves
1 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1,prime256v1
2 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1,prime256v1
3 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1,prime256v1
4 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1,prime256v1
5 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1,prime256v1
6 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1,prime256v1
7 AES256-GCM-SHA384 TLSv1.2 None None
8 AES128-GCM-SHA256 TLSv1.2 None None
9 AES256-SHA256 TLSv1.2 None None
10 AES128-SHA256 TLSv1.2 None None
11 AES256-SHA TLSv1,TLSv1.1,TLSv1.2 None None
12 AES128-SHA TLSv1,TLSv1.1,TLSv1.2 None None
Certificate: untrusted, 4096 bits, sha256WithRSAEncryption signature
TLS ticket lifetime hint: None
NPN protocols: None
OCSP stapling: not supported
Cipher ordering: server
Curves ordering: server - fallback: no
Server supports secure renegotiation
Server supported compression methods: NONE
TLS Tolerance: yes
Intolerance to:
SSL 3.254 : absent
TLS 1.0 : absent
TLS 1.1 : absent
TLS 1.2 : absent
TLS 1.3 : absent
TLS 1.4 : absent
+2 -4
View File
@@ -51,10 +51,8 @@ cd -
# Do cipherscan test
sleep 2
cd ../cipherscan
./cipherscan --no-colors 127.0.0.1:5900
#./cipherscan --json 127.0.0.1:5900 >.........
sleep 5
cd ../extras/build-tests/nix
./tls-tests
cd -
# Back in unrealircd-tests, run the tests!
+28
View File
@@ -0,0 +1,28 @@
#!/bin/bash
# We assume we are executed from extras/build-tests/nix
CIPHERSCAN="cipherscan"
if [ -x /home/travis/build/unrealircd/unrealircd/cipherscan/cipherscan ]; then
CIPHERSCAN="/home/travis/build/unrealircd/unrealircd/cipherscan/cipherscan"
fi
$CIPHERSCAN --help >/dev/null || exit 1
$CIPHERSCAN --no-colors 127.0.0.1:5900|grep -vF '.....' >cipherscan.test.txt
diff -u cipherscan.expected.txt cipherscan.test.txt 1>/dev/null 2>&1
if [ "$?" -ne 0 ]; then
echo "*** Differences found between cipherscan scan and expected output ***"
echo "== EXPECTED OUTPUT =="
cat cipherscan.expected.txt
echo
echo "== ACTUAL TEST OUTPUT =="
cat cipherscan.test.txt
echo
echo "== DIFF =="
diff -u cipherscan.expected.txt cipherscan.test.txt
echo
echo "cipherscan test failed."
exit 1
fi