File: test_running_server.sh

package info (click to toggle)
golang-github-google-certificate-transparency 0.0~git20160709.0.0f6e3d1~ds1-3
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bullseye, buster
  • size: 5,676 kB
  • sloc: cpp: 35,278; python: 11,838; java: 1,911; sh: 1,885; makefile: 950; xml: 520; ansic: 225
file content (113 lines) | stat: -rwxr-xr-x 2,118 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
#!/usr/bin/env bash

# Test a running server. If the certificate directory does not exist,
# a new CA will be created in it.

# Fail on any error
set -e

PASSED=0
FAILED=0

if [ $# \< 2 ]
then
  echo "$0 <certificate directory> <CT server public key> [<server-url>]"
  exit 1
fi

CERT_DIR=$1
CT_KEY=$2
SERVER=${3:-"http://127.0.0.1:8124"}

echo $SERVER

. generate_certs.sh

if [ ! -e $CERT_DIR/ca-database ]
then
  echo "Initialise CA"
  ca_setup $CERT_DIR ca false
fi

# FIXME(benl): share with sslconnect_test.sh?
audit() {
  cert_dir=$1
  log_server=$2
  sct=$3

  set +e
  ../cpp/client/ct audit --ct_server="$SERVER" \
    --ct_server_public_key=$CT_KEY \
    --ssl_client_ct_data_in=$sct --logtostderr=true
  retcode=$?
  set -e
}

do_audit() {
  ct_data=$1
  T=`date +%s`
  T=`expr $T + 90`

  while true
  do
    audit $CERT_DIR ca $ct_data
    if [ $retcode -eq 0 ]; then
      echo "PASS"
      let PASSED=$PASSED+1
      break
    else
      if [ `date +%s` \> $T ]
      then
	echo "FAIL"
	let FAILED=$FAILED+1
	break
      fi
    fi
    sleep 1
  done
}

get_sth() {
  local file=$1

  ../cpp/client/ct sth --ct_server="$SERVER" \
    --ct_server_public_key=$CT_KEY --logtostderr=true \
    --ct_server_response_out=$file
}

consistency() {
  local file1=$1
  local file2=$2

  ../cpp/client/ct consistency --ct_server="$SERVER" \
    --ct_server_public_key=$CT_KEY --logtostderr=true \
    --sth1=$file1 --sth2=$file2
}

get_entries() {
  local first=$1
  local last=$2

  ../cpp/client/ct get_entries --ct_server="$SERVER" \
    --ct_server_public_key=$CT_KEY --logtostderr=true \
      --get_first=$first --get_last=$last --certificate_base=$CERT_DIR/cert.
}

get_sth $CERT_DIR/sth1

make_cert $CERT_DIR test ca $SERVER false $CT_KEY
make_embedded_cert $CERT_DIR test-embedded ca $SERVER true false $CT_KEY

# Do the audits together, quicker that way.
# test-*-cert.ctdata is made by make_cert.
do_audit $CERT_DIR/test-cert.ctdata
do_audit $CERT_DIR/test-embedded-cert.ctdata

get_sth $CERT_DIR/sth2

consistency $CERT_DIR/sth1 $CERT_DIR/sth2

get_entries 0 2

echo $PASSED passed
echo $FAILED failed