2019-05-04 13:51:20 +02:00
|
|
|
#!/usr/bin/env perl
|
|
|
|
|
2020-01-24 17:42:17 +01:00
|
|
|
# baseline test for testssl, screen and JSON output
|
|
|
|
|
|
|
|
# This is referred by the documentation.
|
|
|
|
|
|
|
|
# We could also inspect the JSON for any problems for
|
2019-05-04 13:51:20 +02:00
|
|
|
# "id" : "scanProblem"
|
|
|
|
# "finding" : "Scan interrupted"
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
use Test::More;
|
|
|
|
use Data::Dumper;
|
2020-01-24 17:42:17 +01:00
|
|
|
use JSON;
|
2019-05-04 13:51:20 +02:00
|
|
|
|
|
|
|
my $tests = 0;
|
2019-05-06 11:14:51 +02:00
|
|
|
my $prg="./testssl.sh";
|
2020-04-14 15:53:05 +02:00
|
|
|
my $check2run="-p -s -P --fs -S -h -U -q --ip=one --color 0";
|
2020-01-24 17:42:17 +01:00
|
|
|
my $uri="google.com";
|
2019-05-06 11:14:51 +02:00
|
|
|
my $socket_out="";
|
|
|
|
my $openssl_out="";
|
|
|
|
# Blacklists we use to trigger an error:
|
2020-11-26 13:41:44 +01:00
|
|
|
my $socket_regex_bl='(e|E)rror|\.\/testssl\.sh: line |(f|F)atal|(c|C)ommand not found';
|
|
|
|
my $openssl_regex_bl='(e|E)rror|(f|F)atal|\.\/testssl\.sh: line |Oops|s_client connect problem|(c|C)ommand not found';
|
2020-01-24 17:42:17 +01:00
|
|
|
my $json_regex_bl='(id".*:\s"scanProblem"|severity".*:\s"FATAL"|"Scan interrupted")';
|
2019-05-06 11:14:51 +02:00
|
|
|
|
2020-01-24 17:42:17 +01:00
|
|
|
my $socket_json="";
|
|
|
|
my $openssl_json="";
|
|
|
|
$check2run="--jsonfile tmp.json $check2run";
|
2019-05-04 13:51:20 +02:00
|
|
|
|
2019-05-06 11:14:51 +02:00
|
|
|
die "Unable to open $prg" unless -f $prg;
|
2019-05-04 13:51:20 +02:00
|
|
|
|
2020-01-24 17:42:17 +01:00
|
|
|
# Provide proper start conditions
|
|
|
|
unlink "tmp.json";
|
2019-05-04 13:51:20 +02:00
|
|
|
|
2020-01-24 17:42:17 +01:00
|
|
|
# Title
|
|
|
|
printf "\n%s\n", "Baseline unit test IPv4 against \"$uri\"";
|
2019-05-04 13:51:20 +02:00
|
|
|
|
2020-01-24 17:42:17 +01:00
|
|
|
#1
|
|
|
|
$socket_out = `$prg $check2run $uri 2>&1`;
|
|
|
|
$socket_json = json('tmp.json');
|
|
|
|
unlink "tmp.json";
|
|
|
|
unlike($socket_out, qr/$socket_regex_bl/, "via sockets, terminal output");
|
|
|
|
$tests++;
|
|
|
|
unlike($socket_json, qr/$json_regex_bl/, "via sockets JSON output");
|
2019-05-04 13:51:20 +02:00
|
|
|
$tests++;
|
|
|
|
|
2020-01-24 17:42:17 +01:00
|
|
|
#2
|
|
|
|
$openssl_out = `$prg --ssl-native $check2run $uri 2>&1`;
|
|
|
|
$openssl_json = json('tmp.json');
|
2019-05-04 13:51:20 +02:00
|
|
|
unlink "tmp.json";
|
2020-01-24 17:42:17 +01:00
|
|
|
# With Google only we somtimes encounter an error as they return a 0 char with openssl, so we white list this pattern here:
|
|
|
|
# It should be fixed in the code though so we comment this out
|
|
|
|
# $openssl_out =~ s/testssl.*warning: command substitution: ignored null byte in input\n//g;
|
|
|
|
unlike($openssl_out, qr/$openssl_regex_bl/, "via OpenSSL");
|
|
|
|
$tests++;
|
|
|
|
unlike($openssl_json, qr/$json_regex_bl/, "via OpenSSL JSON output");
|
|
|
|
$tests++;
|
2019-05-04 13:51:20 +02:00
|
|
|
|
2020-01-24 17:42:17 +01:00
|
|
|
done_testing($tests);
|
|
|
|
printf "\n";
|
2019-05-04 13:51:20 +02:00
|
|
|
|
|
|
|
|
|
|
|
sub json($) {
|
|
|
|
my $file = shift;
|
|
|
|
$file = `cat $file`;
|
|
|
|
unlink $file;
|
|
|
|
return from_json($file);
|
|
|
|
}
|
|
|
|
|