is a libev-based high performance SSL/TLS proxy that terminates TLS/SSL connections and forwards the unencrypted traffic to some backend.
| hitch_test.sh (hitch-1.5.2) | : | hitch_test.sh (hitch-1.6.0) |
|---|
| | |
| skipping to change at line 303 | | skipping to change at line 303 |
|---|
| | |
| #- | | #- |
| # Usage: [!] s_client [args...] | | # Usage: [!] s_client [args...] |
| # | | # |
| # Frontend to `openssl s_client` with the common options we usually need. It | | # Frontend to `openssl s_client` with the common options we usually need. It |
| # specifies the `-connect` option unless it was part of the arguments. A new | | # specifies the `-connect` option unless it was part of the arguments. A new |
| # line is sent via the standard input. It doesn't use `run_cmd` because some | | # line is sent via the standard input. It doesn't use `run_cmd` because some |
| # executions are expected to yield a non-zero exit status, in that case just | | # executions are expected to yield a non-zero exit status, in that case just |
| # negate the result. | | # negate the result. |
| # | | # |
|
| | # A special -delay=<seconds> option can be used as the first argument to |
| | # prevent races from `openssl s_client` that could lead to missing output. |
| | # |
| # Expect a success: | | # Expect a success: |
| # | | # |
| # s_client [...] | | # s_client [...] |
| # | | # |
| # Expect a failure: | | # Expect a failure: |
| # | | # |
| # ! s_client [...] | | # ! s_client [...] |
| # | | # |
|
| # When we expect a failure, it usually to then inspect the output, and for | | # When we expect a failure, it's usually to then inspect the output, and for |
| # convenience the standard error is redirected to the standard output. | | # convenience the standard error is redirected to the standard output. |
| # | | # |
| # Should not be used in a sub-shell. | | # Should not be used in a sub-shell. |
| | |
| s_client() { | | s_client() { |
| printf 'Running: s_client %s\n' "$*" >&2 | | printf 'Running: s_client %s\n' "$*" >&2 |
| | |
| HAS_CONNECT_OPT=false | | HAS_CONNECT_OPT=false |
|
| | DELAY=0 |
| | |
| for ARG | | for ARG |
| do | | do |
| # ignore non-option arguments | | # ignore non-option arguments |
| test "${ARG#-}" = "$ARG" && continue | | test "${ARG#-}" = "$ARG" && continue |
| | |
|
| | # ignore -delay=<seconds> homebrew option |
| | test "${ARG#-delay=}" != "$ARG" && continue |
| | |
| test "$ARG" = -connect && HAS_CONNECT_OPT=true | | test "$ARG" = -connect && HAS_CONNECT_OPT=true |
| | |
| openssl s_client -help 2>&1 | | | openssl s_client -help 2>&1 | |
| grep -q -e "$ARG" || | | grep -q -e "$ARG" || |
| skip "openssl s_client: unknown option $ARG" | | skip "openssl s_client: unknown option $ARG" |
| done | | done |
| | |
| if ! $HAS_CONNECT_OPT | | if ! $HAS_CONNECT_OPT |
| then | | then |
| HITCH_HOST=$(hitch_hosts | sed 1q) | | HITCH_HOST=$(hitch_hosts | sed 1q) |
| s_client "$@" -connect "$HITCH_HOST" | | s_client "$@" -connect "$HITCH_HOST" |
| return $? | | return $? |
| fi | | fi |
| | |
|
| printf '\n' | | | if [ "${1#-delay=}" != "$1" ] |
| | then |
| | DELAY=${1#-delay=} |
| | shift |
| | fi |
| | |
| | (sleep "$DELAY"; printf '\n') | |
| openssl s_client -prexit "$@" 2>&1 | | openssl s_client -prexit "$@" 2>&1 |
| } | | } |
| | |
| s_client_parse() { | | s_client_parse() { |
| | |
| # input examples we need to support here: | | # input examples we need to support here: |
| # | | # |
| # openssl < 1.1.1: | | # openssl < 1.1.1: |
| # subject=/CN=site1.example.com | | # subject=/CN=site1.example.com |
| # subject=/C=NO/ST=Oslo/O=Varnish Software/L=Oslo/CN=*.example.com/OU=Varn
ish Software/emailAddress=foobar@example.com | | # subject=/C=NO/ST=Oslo/O=Varnish Software/L=Oslo/CN=*.example.com/OU=Varn
ish Software/emailAddress=foobar@example.com |
| | | |
| End of changes. 5 change blocks. |
|---|
| 2 lines changed or deleted | | 15 lines changed or added |
|---|
"Fossies" - the Fresh Open Source Software Archive 