Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-31 04:41:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1789 from drwetter/skip_sometunittests

Browse Source 
Trying to reduced the runtime of travis
This commit is contained in:
Dirk Wetter 2020-11-27 15:24:06 +01:00 committed by GitHub
commit 849c031597
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 42 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
t/21_baseline_starttls.t
View File

@ -17,7 +17,7 @@ use Data::Dumper;
my $tests = 0; my $tests = 0;
my $prg="./testssl.sh"; my $prg="./testssl.sh";
my $check2run_smtp="--protocols --standard --fs --server-preference --headers --vulnerable --each-cipher -q --ip=one --color 0"; my $check2run_smtp="--protocols --standard --fs --server-preference --headers --vulnerable -q --ip=one --color 0";
my $check2run="-q --ip=one --color 0"; my $check2run="-q --ip=one --color 0";
my $uri=""; my $uri="";
my $socket_out=""; my $socket_out="";
@ -60,12 +60,14 @@ $socket_out = `./testssl.sh $check2run -t pop3 $uri 2>&1`;
unlike($socket_out, qr/$socket_regex_bl/, ""); unlike($socket_out, qr/$socket_regex_bl/, "");
$tests++; $tests++;
# commented out, bc of travis' limits
#
#printf "\n%s\n", "STARTTLS POP3 unit tests via OpenSSL --> $uri ...";
# unlink "tmp.json"; # unlink "tmp.json";
printf "\n%s\n", "STARTTLS POP3 unit tests via OpenSSL --> $uri ..."; #$openssl_out = `./testssl.sh --ssl-native $check2run -t pop3 $uri 2>&1`;
$openssl_out = `./testssl.sh --ssl-native $check2run -t pop3 $uri 2>&1`;
# $openssl_json = json('tmp.json'); # $openssl_json = json('tmp.json');
unlike($openssl_out, qr/$openssl_regex_bl/, ""); #unlike($openssl_out, qr/$openssl_regex_bl/, "");
$tests++; #$tests++;
$uri="imap.gmx.net:143"; $uri="imap.gmx.net:143";
@ -93,11 +95,13 @@ $socket_out = `./testssl.sh $check2run -t xmpp $uri 2>&1`;
unlike($openssl_out, qr/$openssl_regex_bl/, ""); unlike($openssl_out, qr/$openssl_regex_bl/, "");
$tests++; $tests++;
printf "\n%s\n", "STARTTLS XMPP unit tests via OpenSSL --> $uri ..."; # commented out, bc of travis' limits
$openssl_out = `./testssl.sh --ssl-native $check2run -t xmpp $uri 2>&1`; #
#printf "\n%s\n", "STARTTLS XMPP unit tests via OpenSSL --> $uri ...";
#$openssl_out = `./testssl.sh --ssl-native $check2run -t xmpp $uri 2>&1`;
# $openssl_json = json('tmp.json'); # $openssl_json = json('tmp.json');
unlike($openssl_out, qr/$openssl_regex_bl/, ""); #unlike($openssl_out, qr/$openssl_regex_bl/, "");
$tests++; #$tests++;
# $uri="jabber.ccc.de:5269"; # $uri="jabber.ccc.de:5269";
# printf "\n%s\n", "Quick STARTTLS XMPP S2S unit tests via sockets --> $uri ..."; # printf "\n%s\n", "Quick STARTTLS XMPP S2S unit tests via sockets --> $uri ...";
@ -118,13 +122,15 @@ $socket_out =~ s/ error querying OCSP responder .*\n//g;
unlike($socket_out, qr/$socket_regex_bl/, ""); unlike($socket_out, qr/$socket_regex_bl/, "");
$tests++; $tests++;
printf "\n%s\n", "STARTTLS FTP unit tests via OpenSSL --> $uri ..."; # commented out, bc of travis' limits
$openssl_out = `./testssl.sh --ssl-native $check2run -t ftp $uri 2>&1`; #
# printf "\n%s\n", "STARTTLS FTP unit tests via OpenSSL --> $uri ...";
# $openssl_out = `./testssl.sh --ssl-native $check2run -t ftp $uri 2>&1`;
# $openssl_json = json('tmp.json'); # $openssl_json = json('tmp.json');
# OCSP stapling fails sometimes with: 'offered, error querying OCSP responder (ERROR: No Status found)' # OCSP stapling fails sometimes with: 'offered, error querying OCSP responder (ERROR: No Status found)'
$openssl_out =~ s/ error querying OCSP responder .*\n//g; # $openssl_out =~ s/ error querying OCSP responder .*\n//g;
unlike($openssl_out, qr/$openssl_regex_bl/, ""); # unlike($openssl_out, qr/$openssl_regex_bl/, "");
$tests++; # $tests++;
# https://ldapwiki.com/wiki/Public%20LDAP%20Servers # https://ldapwiki.com/wiki/Public%20LDAP%20Servers
@ -146,11 +152,13 @@ $socket_out = `./testssl.sh $check2run -t nntp $uri 2>&1`;
unlike($socket_out, qr/$socket_regex_bl/, ""); unlike($socket_out, qr/$socket_regex_bl/, "");
$tests++; $tests++;
printf "\n%s\n", "STARTTLS NNTP unit tests via OpenSSL --> $uri ..."; # commented out, bc of travis' limits
$openssl_out = `./testssl.sh --ssl-native $check2run -t nntp $uri 2>&1`; #
#printf "\n%s\n", "STARTTLS NNTP unit tests via OpenSSL --> $uri ...";
#$openssl_out = `./testssl.sh --ssl-native $check2run -t nntp $uri 2>&1`;
# $openssl_json = json('tmp.json'); # $openssl_json = json('tmp.json');
unlike($openssl_out, qr/$openssl_regex_bl/, ""); #unlike($openssl_out, qr/$openssl_regex_bl/, "");
$tests++; #$tests++;
# IRC: missing # IRC: missing

12
t/23_client_simulation.t
View File

@ -53,12 +53,14 @@ $socket_out = `./testssl.sh $check2run -t smtp $uri 2>&1`;
unlike($socket_out, qr/$socket_regex_bl/, ""); unlike($socket_out, qr/$socket_regex_bl/, "");
$tests++; $tests++;
# commented out, bc of travis' limits
#
# unlink "tmp.json"; # unlink "tmp.json";
printf "\n%s\n", "STARTTLS: Client simulations unit test via OpenSSL --> $uri ..."; #printf "\n%s\n", "STARTTLS: Client simulations unit test via OpenSSL --> $uri ...";
$openssl_out = `./testssl.sh --ssl-native $check2run -t smtp $uri 2>&1`; #$openssl_out = `./testssl.sh --ssl-native $check2run -t smtp $uri 2>&1`;
# $openssl_json = json('tmp.json'); ## $openssl_json = json('tmp.json');
unlike($openssl_out, qr/$openssl_regex_bl/, ""); #unlike($openssl_out, qr/$openssl_regex_bl/, "");
$tests++; #$tests++;
done_testing($tests); done_testing($tests);
unlink "tmp.json"; unlink "tmp.json";

4
t/31_isJSON_valid.t
View File

@ -9,7 +9,7 @@ use JSON;
my $tests = 0; my $tests = 0;
my $prg="./testssl.sh"; my $prg="./testssl.sh";
my $check2run ="--ip=one -q --color 0"; my $check2run ="--ip=one --ids-friendly -q --color 0";
my $uri=""; my $uri="";
my $json=""; my $json="";
my $out=""; my $out="";
@ -44,7 +44,7 @@ $tests++;
#3 #3
# This testss.sh run deliberately does NOT work as travis-ci.org blocks port 25 egress. # This testssl.sh run deliberately does NOT work as travis-ci.org blocks port 25 egress.
# but the output should be fine. The idea is to have a unit test for a failed connection. # but the output should be fine. The idea is to have a unit test for a failed connection.
printf "%s\n", ".. plain JSON for a failed run: '--mx $uri' ..."; printf "%s\n", ".. plain JSON for a failed run: '--mx $uri' ...";
$out = `./testssl.sh --ssl-native --openssl-timeout=10 $check2run --jsonfile tmp.json --mx $uri`; $out = `./testssl.sh --ssl-native --openssl-timeout=10 $check2run --jsonfile tmp.json --mx $uri`;

2
t/32_isHTML_valid.t
View File

@ -15,7 +15,7 @@ my $out="";
my $html=""; my $html="";
my $debughtml=""; my $debughtml="";
my $edited_html=""; my $edited_html="";
my $check2run="--ip=one --color 0 --htmlfile tmp.html"; my $check2run="--ip=one --ids-friendly --color 0 --htmlfile tmp.html";
my $diff=""; my $diff="";
die "Unable to open $prg" unless -f $prg; die "Unable to open $prg" unless -f $prg;

4
t/33_isJSON_severitylevel_valid.t
View File

@ -21,7 +21,7 @@ unlink 'tmp.json';
#1 #1
pass(" .. running testssl.sh against badssl.com to create a JSON report with severity level equal greater than LOW (may take 2~3 minutes)"); $tests++; pass(" .. running testssl.sh against badssl.com to create a JSON report with severity level equal greater than LOW (may take 2~3 minutes)"); $tests++;
$out = `./testssl.sh -S -e -U --jsonfile tmp.json --severity LOW --color 0 badssl.com`; $out = `./testssl.sh -S -e -U --ids-friendly --jsonfile tmp.json --severity LOW --color 0 badssl.com`;
$json = json('tmp.json'); $json = json('tmp.json');
unlink 'tmp.json'; unlink 'tmp.json';
$found = 0; $found = 0;
@ -36,7 +36,7 @@ is($found,0,"We should not have any finding with INFO level"); $tests++;
#2 #2
pass(" .. running testssl.sh against badssl.com to create a JSON-PRETTY report with severity level equal greater than LOW (may take 2~3 minutes)"); $tests++; pass(" .. running testssl.sh against badssl.com to create a JSON-PRETTY report with severity level equal greater than LOW (may take 2~3 minutes)"); $tests++;
$out = `./testssl.sh -S -e -U --jsonfile-pretty tmp.json --severity LOW --color 0 badssl.com`; $out = `./testssl.sh -S -e -U --ids-friendly --jsonfile-pretty tmp.json --severity LOW --color 0 badssl.com`;
$json_pretty = json('tmp.json'); $json_pretty = json('tmp.json');
unlink 'tmp.json'; unlink 'tmp.json';
$found = 0; $found = 0;

2
t/51_badssl.com.t
View File

@ -14,7 +14,7 @@ my (
); );
# OK # OK
pass("Running testssl.sh against badssl.com to create a baseline (may take 2~3 minutes)"); $tests++; pass("Running testssl.sh against badssl.com to create a baseline (may take 2~3 minutes)"); $tests++;
my $okout = `./testssl.sh -S -e --freak --logjam --drown --rc4 --sweet32 --breach --crime --jsonfile tmp.json --color 0 badssl.com`; my $okout = `./testssl.sh -S -e --freak --logjam --drown --rc4 --sweet32 --breach --winshock --crime --jsonfile tmp.json --color 0 badssl.com`;
my $okjson = json('tmp.json'); my $okjson = json('tmp.json');
unlink 'tmp.json'; unlink 'tmp.json';
cmp_ok(@$okjson,'>',10,"We have more then 10 findings"); $tests++; cmp_ok(@$okjson,'>',10,"We have more then 10 findings"); $tests++;

4
t/61_diff_testsslsh.t
View File

@ -49,8 +49,8 @@ $master_socket_csv=~ s/HTTP_clock_skew.*\n//g;
# Compare the differences to the master file -- and print differences if there were detected. # Compare the differences to the master file -- and print differences if there were detected.
# Filtering takes place later, so if there will be a difference detected it'll also show HTTP_clock_skew :-( # Filtering takes place later, so if there will be a difference detected it'll also show HTTP_clock_skew :-(
# #
cmp_ok($socket_csv, "eq", $master_socket_csv, "Check whether CSV output matches master file from $uri") and cmp_ok($socket_csv, "eq", $master_socket_csv, "Check whether CSV output matches master file from $uri") or
printf "\n%s\n", "$diff"; diag ("\n%s\n", "$diff");
$tests++; $tests++;