diff --git a/extras/build-tests/nix/cipherscan.expected.txt b/extras/build-tests/nix/cipherscan.expected.txt new file mode 100644 index 000000000..461d3396c --- /dev/null +++ b/extras/build-tests/nix/cipherscan.expected.txt @@ -0,0 +1,33 @@ +Target: 127.0.0.1:5900 + +prio ciphersuite protocols pfs curves +1 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1,prime256v1 +2 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1,prime256v1 +3 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1,prime256v1 +4 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1,prime256v1 +5 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1,prime256v1 +6 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1,prime256v1 +7 AES256-GCM-SHA384 TLSv1.2 None None +8 AES128-GCM-SHA256 TLSv1.2 None None +9 AES256-SHA256 TLSv1.2 None None +10 AES128-SHA256 TLSv1.2 None None +11 AES256-SHA TLSv1,TLSv1.1,TLSv1.2 None None +12 AES128-SHA TLSv1,TLSv1.1,TLSv1.2 None None + +Certificate: untrusted, 4096 bits, sha256WithRSAEncryption signature +TLS ticket lifetime hint: None +NPN protocols: None +OCSP stapling: not supported +Cipher ordering: server +Curves ordering: server - fallback: no +Server supports secure renegotiation +Server supported compression methods: NONE +TLS Tolerance: yes + +Intolerance to: + SSL 3.254 : absent + TLS 1.0 : absent + TLS 1.1 : absent + TLS 1.2 : absent + TLS 1.3 : absent + TLS 1.4 : absent diff --git a/extras/build-tests/nix/run-tests b/extras/build-tests/nix/run-tests index f6857b890..a294bdb52 100755 --- a/extras/build-tests/nix/run-tests +++ b/extras/build-tests/nix/run-tests @@ -51,10 +51,8 @@ cd - # Do cipherscan test sleep 2 -cd ../cipherscan -./cipherscan --no-colors 127.0.0.1:5900 -#./cipherscan --json 127.0.0.1:5900 >......... -sleep 5 +cd ../extras/build-tests/nix +./tls-tests cd - # Back in unrealircd-tests, run the tests! diff --git a/extras/build-tests/nix/tls-tests b/extras/build-tests/nix/tls-tests new file mode 100755 index 000000000..1f6e026c4 --- /dev/null +++ b/extras/build-tests/nix/tls-tests @@ -0,0 +1,28 @@ +#!/bin/bash + +# We assume we are executed from extras/build-tests/nix + +CIPHERSCAN="cipherscan" +if [ -x /home/travis/build/unrealircd/unrealircd/cipherscan/cipherscan ]; then + CIPHERSCAN="/home/travis/build/unrealircd/unrealircd/cipherscan/cipherscan" +fi + +$CIPHERSCAN --help >/dev/null || exit 1 + +$CIPHERSCAN --no-colors 127.0.0.1:5900|grep -vF '.....' >cipherscan.test.txt + +diff -u cipherscan.expected.txt cipherscan.test.txt 1>/dev/null 2>&1 +if [ "$?" -ne 0 ]; then + echo "*** Differences found between cipherscan scan and expected output ***" + echo "== EXPECTED OUTPUT ==" + cat cipherscan.expected.txt + echo + echo "== ACTUAL TEST OUTPUT ==" + cat cipherscan.test.txt + echo + echo "== DIFF ==" + diff -u cipherscan.expected.txt cipherscan.test.txt + echo + echo "cipherscan test failed." + exit 1 +fi