Commit 1a339488 authored by Jannik Hoelling's avatar Jannik Hoelling
Browse files

use openssl-client for test2 and test3

parent 6a81093d
ARG VERSION=3.14
ARG VERSION=edge
FROM alpine:${VERSION}
RUN apk add \
git \
......
......@@ -14,11 +14,11 @@ $1 -h $2 -s tls-server -a http/1.1
results+=($?)
echo "------------ Test 2: SNI=example.com ALPN=http/1.1 ------------------"
$1 -h $2 -s example.com -a http/1.1
/openssl-client -h $2 -s example.com -a http/1.1
results+=($?)
echo "------------ Test 3: SNI=tls-server ALPN=invalid ------------------"
$1 -h $2 -s tls-server -a invalid
/openssl-client -h $2 -s tls-server -a invalid
results+=($?)
echo "------------ Test 4: wrong certificate by server ------------------"
......@@ -33,7 +33,7 @@ RED='\033[0;31m '
GREEN='\033[0;32m '
NC='\033[0m' # No Color
rm results
echo "" > results
for i in "${!results[@]}"; do
test=$((i+1))
......
# syntax=docker/dockerfile:1
FROM tls-baseimage as tls-bearssl
FROM tls-openssl as tls-bearssl
ARG VERSION=0.6
WORKDIR /build
RUN git clone --depth=1 --branch=v${VERSION} https://www.bearssl.org/git/BearSSL
......@@ -12,5 +12,6 @@ ADD CMakeLists.txt /build/CMakeLists.txt
RUN cmake . .. && make
RUN mv /build/server/server /
RUN mv /build/client/client /
COPY --from=tls-openssl /openssl-client /openssl-client
WORKDIR /
CMD ["/server"]
\ No newline at end of file
......@@ -8,10 +8,10 @@ services:
image: tls-bearssl
openssl-server-wrong-cn:
image: tls-openssl
command: [ "/server", "-k", "/etc/ssl/cert-data/wrong-server.key", "-c" , "/etc/ssl/cert-data/wrong-server-chain.crt"]
command: [ "/openssl-server", "-k", "/etc/ssl/cert-data/wrong-server.key", "-c" , "/etc/ssl/cert-data/wrong-server-chain.crt"]
openssl-malicious-alpn:
image: tls-openssl
command: [ "/server", "-m"]
command: [ "/openssl-server", "-m"]
bearssl-client:
image: tls-bearssl
command: [ "./client.sh", "/client", "bearssl-server", "openssl-server-wrong-cn", "openssl-malicious-alpn" ,"1"]
......
......@@ -19,5 +19,6 @@ WORKDIR /build
RUN cmake . .. && make
RUN mv /build/server/server /
RUN mv /build/client/client /
COPY --from=tls-openssl /openssl-client /openssl-client
WORKDIR /
CMD ["/server"]
......@@ -8,10 +8,10 @@ services:
image: tls-botan
openssl-server-wrong-cn:
image: tls-openssl
command: [ "/server", "-k", "/etc/ssl/cert-data/wrong-server.key", "-c" , "/etc/ssl/cert-data/wrong-server-chain.crt"]
command: [ "/openssl-server", "-k", "/etc/ssl/cert-data/wrong-server.key", "-c" , "/etc/ssl/cert-data/wrong-server-chain.crt"]
openssl-malicious-alpn:
image: tls-openssl
command: [ "/server", "-m"]
command: [ "/openssl-server", "-m"]
botan-client:
image: tls-botan
command: [ "/client.sh", "/client", "botan-server", "openssl-server-wrong-cn", "openssl-malicious-alpn" ,"1"]
......
#!/bin/bash
for d in ./*/ ; do
(cd "$d"
for library in baseimage openssl bearssl botan gnutls golang mbedtls wolfssl ; do
(cd "$library"
./build.sh);
done
......@@ -33,5 +33,6 @@ WORKDIR /build
RUN cmake . .. && make
RUN mv /build/server/server /
RUN mv /build/client/client /
COPY --from=tls-openssl /openssl-client /openssl-client
WORKDIR /
CMD ["/server"]
......@@ -8,10 +8,10 @@ services:
image: tls-gnutls
openssl-server-wrong-cn:
image: tls-openssl
command: [ "/server", "-k", "/etc/ssl/cert-data/wrong-server.key", "-c" , "/etc/ssl/cert-data/wrong-server-chain.crt"]
command: [ "/openssl-server", "-k", "/etc/ssl/cert-data/wrong-server.key", "-c" , "/etc/ssl/cert-data/wrong-server-chain.crt"]
openssl-malicious-alpn:
image: tls-openssl
command: [ "/server", "-m"]
command: [ "/openssl-server", "-m"]
gnutls-client:
image: tls-gnutls
command: [ "./client.sh", "/client", "gnutls-server", "openssl-server-wrong-cn", "openssl-malicious-alpn" ,"1"]
......
......@@ -10,4 +10,5 @@ WORKDIR /build/client
RUN go build client.go
RUN mv client /
WORKDIR /
COPY --from=tls-openssl /openssl-client /openssl-client
CMD ["/server"]
......@@ -8,14 +8,14 @@ services:
image: tls-golang
openssl-server-wrong-cn:
image: tls-openssl
command: [ "/server", "-k", "/etc/ssl/cert-data/wrong-server.key", "-c" , "/etc/ssl/cert-data/wrong-server-chain.crt"]
command: [ "/openssl-server", "-k", "/etc/ssl/cert-data/wrong-server.key", "-c" , "/etc/ssl/cert-data/wrong-server-chain.crt"]
openssl-malicious-alpn:
image: tls-openssl
command: [ "/server", "-m"]
command: [ "/openssl-server", "-m"]
golang-client:
image: tls-golang
depends_on:
- golang-server
- openssl-server-wrong-cn
- openssl-malicious-alpn
command: [ "/client.sh", "/client", "golang-server:4433", "openssl-server-wrong-cn:4433", "openssl-malicious-alpn:4433" ,"1"]
\ No newline at end of file
command: [ "/client.sh", "/client", "golang-server", "openssl-server-wrong-cn", "openssl-malicious-alpn" ,"1"]
\ No newline at end of file
......@@ -11,4 +11,5 @@ WORKDIR /server/bin
RUN javac -cp ../lib/java-getopt-1.0.14.jar -d . ../src/Server.java
RUN jar cmf ../manifest Server.jar Server.class
WORKDIR /
COPY --from=tls-openssl /openssl-client /openssl-client
CMD ["java", "-jar", "/server/bin/Server.jar"]
......@@ -8,10 +8,10 @@ services:
image: tls-java
openssl-server-wrong-cn:
image: tls-openssl
command: [ "/server", "-k", "/etc/ssl/cert-data/wrong-server.key", "-c" , "/etc/ssl/cert-data/wrong-server-chain.crt"]
command: [ "/openssl-server", "-k", "/etc/ssl/cert-data/wrong-server.key", "-c" , "/etc/ssl/cert-data/wrong-server-chain.crt"]
openssl-malicious-alpn:
image: tls-openssl
command: [ "/server", "-m"]
command: [ "/openssl-server", "-m"]
java-client:
image: tls-java
command: [ "/client.sh", "java -Djavax.net.ssl.trustStore=certs/ca.crt -jar /client/bin/Client.jar", "java-server", "openssl-server-wrong-cn", "openssl-malicious-alpn" ,"1"]
......
......@@ -13,5 +13,6 @@ ADD CMakeLists.txt /build/CMakeLists.txt
RUN cmake . .. && make
RUN mv /build/server/server /
RUN mv /build/client/client /
COPY --from=tls-openssl /openssl-client /openssl-client
WORKDIR /
CMD ["/server"]
\ No newline at end of file
......@@ -8,10 +8,10 @@ services:
image: tls-mbedtls
openssl-server-wrong-cn:
image: tls-openssl
command: [ "/server", "-k", "/etc/ssl/cert-data/wrong-server.key", "-c" , "/etc/ssl/cert-data/wrong-server-chain.crt"]
command: [ "/openssl-server", "-k", "/etc/ssl/cert-data/wrong-server.key", "-c" , "/etc/ssl/cert-data/wrong-server-chain.crt"]
openssl-malicious-alpn:
image: tls-openssl
command: [ "/server", "-m"]
command: [ "/openssl-server", "-m"]
mbedtls-client:
image: tls-mbedtls
command: [ "./client.sh", "/client", "mbedtls-server", "openssl-server-wrong-cn", "openssl-malicious-alpn" ,"1"]
......
......@@ -16,5 +16,6 @@ ADD CMakeLists.txt /build/CMakeLists.txt
RUN cmake . .. && make
RUN mv /build/server/server /
RUN mv /build/client/client /
COPY --from=tls-openssl /openssl-client /openssl-client
WORKDIR /
CMD ["/server"]
\ No newline at end of file
......@@ -15,7 +15,11 @@ ADD server /build/server
ADD client /build/client
ADD CMakeLists.txt /build/CMakeLists.txt
RUN cmake . .. && make
RUN mv /build/server/server /
RUN mv /build/client/client /
RUN mv /build/server/server /openssl-server
RUN mv /build/client/client /openssl-client
RUN rm -r /build/*
RUN rm -r /usr/include/openssl
RUN rm /lib/libcrypto.a
RUN rm /lib/libssl.a
WORKDIR /
CMD ["/server"]
\ No newline at end of file
CMD ["/openssl-server"]
\ No newline at end of file
version: "3.9"
networks:
default:
name: tls-network
internal: true
services:
openssl-server-wrong-cn:
image: tls-openssl
command:
[
"/openssl-server",
"-k",
"/etc/ssl/cert-data/wrong-server.key",
"-c",
"/etc/ssl/cert-data/wrong-server-chain.crt",
]
openssl-malicious-alpn:
image: tls-openssl
command: ["/openssl-server", "-m"]
boringssl-server:
image: tls-boringssl
boringssl-client:
image: tls-boringssl
depends_on:
- boringssl-server
- openssl-server-wrong-cn
- openssl-malicious-alpn
command:
[
"/client.sh",
"/client",
"boringssl-server",
"openssl-server-wrong-cn",
"openssl-malicious-alpn",
"6",
]
......@@ -4,27 +4,33 @@ networks:
name: tls-network
internal: true
services:
openssl-server:
openssl-server:
image: tls-openssl
openssl-server-wrong-cn:
openssl-server-wrong-cn:
image: tls-openssl
command: [ "/server", "-k", "/etc/ssl/cert-data/wrong-server.key", "-c" , "/etc/ssl/cert-data/wrong-server-chain.crt"]
openssl-malicious-alpn:
command:
[
"/openssl-server",
"-k",
"/etc/ssl/cert-data/wrong-server.key",
"-c",
"/etc/ssl/cert-data/wrong-server-chain.crt",
]
openssl-malicious-alpn:
image: tls-openssl
command: [ "/server", "-m"]
command: ["/openssl-server", "-m"]
openssl-client:
image: tls-openssl
depends_on:
- openssl-server
- openssl-server-wrong-cn
- openssl-malicious-alpn
command: [ "/client.sh", "/client", "openssl-server", "openssl-server-wrong-cn", "openssl-malicious-alpn" ,"1"]
boringssl-server:
image: tls-boringssl
boringssl-client:
image: tls-boringssl
depends_on:
- boringssl-server
- openssl-server-wrong-cn
- openssl-malicious-alpn
command: [ "/client.sh", "/client", "boringssl-server", "openssl-server-wrong-cn", "openssl-malicious-alpn", "6"]
command:
[
"/client.sh",
"/openssl-client",
"openssl-server",
"openssl-server-wrong-cn",
"openssl-malicious-alpn",
"1",
]
......@@ -13,9 +13,7 @@ GREEN='\033[0;32m '
NC='\033[0m' # No Color
cd baseimage
./build.sh
cd ..
./build-everything.sh
# go into every library folder
# 1. run containers and tests
......@@ -36,7 +34,7 @@ done
# boringssl is included in the openssl folder so we need to get the file manually
cd openssl
containerid=$(docker-compose ps -q boringssl-client)
containerid=$(docker-compose -f docker-compose-boringssl.yml -p "boringssl" ps -q boringssl-client)
echo "Getting results file from container :$containerid"
docker cp $containerid:/results results-temp
echo -e "${NC}boringssl" >> ../results
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment