1 files changed, 157 insertions, 0 deletions

diff --git a/src/rts.sslperl b/src/rts.sslperl
new file mode 100644
index 0000000..3d1e560
--- /dev/null
+++ b/src/rts.sslperl
@@ -0,0 +1,157 @@
+# Assumptions:
+#   available TCP ports on 127.0.0.1: 50022
+
+echo 'package Embedded::test;
+my $n = 0;
+$| = 1;
+sub server (@) {
+  ++$n;
+  print STDERR "log: Hello, World! ($n): @_\n";
+  print "Hello, World! ($n): @_\n";
+
+  $n > 1  and  exit(0);
+}
+1;
+' > hello.pm
+
+sanitize() {
+  sed -e 's/^SSL_SESSION_ID=.*/SSL_SESSION_ID=.../' \
+      -e 's/^SSLREMOTEPORT=.*/SSLREMOTEPORT=.../' \
+      -e 's/^SSLLOCALPORT=.*/SSLLOCALPORT=.../' \
+      -e 's/^TCPREMOTEPORT=.*/TCPREMOTEPORT=.../' \
+      -e 's/^TCP6REMOTEPORT=.*/TCP6REMOTEPORT=.../' \
+      -e 's/^TCPLOCALPORT=.*/TCPLOCALPORT=.../' \
+      -e 's/^SSL_VERSION_LIBRARY=.*/SSL_VERSION_LIBRARY=.../' \
+      -e 's/^SSL_CIPHER_USEKEYSIZE=.*/SSL_CIPHER_USEKEYSIZE=.../' \
+      -e 's/^SSL_CIPHER_ALGKEYSIZE=.*/SSL_CIPHER_ALGKEYSIZE=.../' \
+      -e 's/^SSL_CIPHER=.*/SSL_CIPHER=.../' \
+      -e 's/^SSL_PROTOCOL=TLSv1.*/SSL_PROTOCOL=TLSv1.../'
+}
+
+sslperl -w 2 \
+-s -c 1 -Bsslperl -vo -D -1 -3 -Xx rules.cdb -Rt5 -hp -l Localserver -b 2 \
+-a -A \
+127.0.0.1 50022 hello.pm 'Embedded::test::server' here you are \
+3< $CADIR/127.0.0.1.pw >log.50022 2>&1 &
+pid_50022=$!
+sleep 2
+
+echo '--- sslperl works'
+{ sslclient -R -N -H -T 10 -l Local -a "$CAFILE" -4 0 50022 sh -c 'cat <&6'
+  echo $?
+} | sanitize
+{ sslclient -R -N -H -T 10 -l Local -a "$CAFILE" -4 0 50022 sh -c 'cat <&6'
+  echo $?
+} | sanitize
+{ sslclient -R -N -H -T 10 -l Local -a "$CAFILE" -4 0 50022 sh -c 'cat <&6'
+  echo $?
+} | sanitize
+{ sslclient -R -N -H -T 10 -l Local -X -4 0 50022 sh -c 'cat <&6'
+  echo $?
+} | sanitize
+
+echo '--- sslperl prints usage message without enough arguments'
+sslperl 0; echo $?
+
+echo '--- sslperl prints error message with unknown port name'
+sslperl 0 nonexistentport echo wrong; echo $?
+
+echo '--- sslperl prints error message with unknown host name'
+sslperl nonexistent.local. 016 echo wrong; echo $?
+
+echo '--- sslperl prints error message with unresolvable host name'
+sslperl thislabelistoolongbecausednshasalimitof63charactersinasinglelabel. 50022 echo wrong; echo $?
+
+echo '--- sslperl prints error message with non-local host name'
+( sslperl 1.2.3.4 016 echo wrong 2>&1
+  echo $?
+) | sed -e 's/unable to bind: .*$/unable to bind: .../'
+
+kill -TERM $pid_50022
+wait $pid_50022
+
+echo '--- sslperl preserves environment'
+echo 'package Embedded::test;
+my $n = 0;
+$| = 1;
+sub server () {
+  print STDERR "log: NOW=$ENV{NOW}\n";
+  print STDERR "log: changed environment\n";
+  print " changed environment\n";
+  $ENV{'HERE'} = 'NOW';
+}
+1;
+' > hello.pm
+
+sslperl -w 2 \
+-s -c 1 -Bsslperl -vo -D -1 -3 -Xx rules.cdb -Rt5 -hp -l Localserver -b 2 \
+-a -A \
+127.0.0.1 50022 hello.pm 'Embedded::test::server' here you are \
+3< $CADIR/127.0.0.1.pw >>log.50022 2>&1 &
+pid_50022=$!
+sleep 2
+
+{ sslclient -R -N -H -T 10 -l Local -a "$CAFILE" -4 0 50022 sh -c 'cat <&6'
+  echo $?
+} | sanitize
+
+kill -TERM $pid_50022
+wait $pid_50022
+
+echo '--- sslperl handles larger requests'
+echo 'package Embedded::test;
+my $n = 0;
+$| = 1;
+sub server (@) {
+  print @_;
+  while(<>) {
+    print $_;
+  }
+}
+1;
+' > echo.pm
+
+sslperl -w 2 \
+-s -c 1 -Bsslperl -vo -D -1 -3 -Xx rules.cdb -Rt5 -hp -l Localserver -b 2 \
+-a -A \
+127.0.0.1  50022 echo.pm 'Embedded::test::server' here you are \
+3< $CADIR/127.0.0.1.pw >>log.50022 2>&1 &
+pid_50022=$!
+sleep 2
+
+( exec 2>&1
+  exec 3< $CADIR/localhost.pw
+  { for i in 0 1 2 3 4 5 6 7 8 9
+    do
+      for j in 0 1 2 3 4 5 6 7 8 9
+      do
+	for k in 0 1 2 3 4 5 6 7 8 9
+	do
+	  echo "abcdefghijklmnopqrstuvwxyz"
+	  echo "abcdefghijklmnopqrstuvwxyz"
+	  echo "abcdefghijklmnopqrstuvwxyz"
+	  echo "abcdefghijklmnopqrstuvwxyz"
+	done
+      done
+    done
+  } | sslconnect 127.0.0.1 50022 -v -s \
+    -a "$CAFILE" -c "$CCERTFILE" -k "$CKEYFILE" -3 >/dev/null
+  echo $?
+) | sanitize
+
+kill -TERM $pid_50022
+wait $pid_50022
+
+echo '--- sslserver -1v prints proper messages'
+cat log.50022 | \
+sed -e 's/::.*/::x/' -e 's/ [0-9]* / x /' \
+  -e 's} cafile x .*/\([^/]*\)} cafile x xxx/\1}' \
+  -e 's} ccafile x .*/\([^/]*\)} ccafile x xxx/\1}' \
+  -e 's} cadir x .*/\([^/]*\)} cadir x xxx/\1}' \
+  -e 's} cert x .*/\([^/]*\)} cert x xxx/\1}' \
+  -e 's} key x .*/\([^/]*\)} key x xxx/\1}' \
+  -e 's/ dhparam x .*/ dhparam x xxx/' \
+  -e 's/ ecdhparam x .*/ ecdhparam x xxx/' \
+  -e 's/ speak TLS: .*/ speak TLS: .../' \
+  -e 's/ accept TLS: .*/ accept TLS: .../' \
+ -e 's/ done [0-9]*$/ done .../'