Enable tests on Visual Studio

- add patch for aeadtest.c to undef IN
- add patch for ocsp_test.c to call BIO_sock_init() before getaddrinfo()
- define STDERR_FILENO in unistd.h to build pkcs7test.c
- add option ENABLE_VSTEST(default OFF) to enable test on Visual Studio
- modify to pass test data file as an argument (aeadtest, evptest)
- add Windows scripts (ocsptest, pq_test, ssltest, testdsa, testenc, testrsa)
- do not build pidwraptest on MSVC
- fix some indentations

13 files changed, 429 insertions, 28 deletions

diff --git a/CMakeLists.txt b/CMakeLists.txt
index fd2ef7b..93f3ff6 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -26,6 +26,7 @@ string(REGEX REPLACE "\\..*" "" TLS_MAJOR_VERSION ${TLS_VERSION})
 option(ENABLE_ASM "Enable assembly" ON)
 option(ENABLE_EXTRATESTS "Enable extra tests that may be unreliable on some platforms" OFF)
 option(ENABLE_NC "Enable installing TLS-enabled nc(1)" OFF)
+option(ENABLE_VSTEST "Enable test on Visual Studio" OFF)
 set(OPENSSLDIR ${OPENSSLDIR} CACHE PATH "Set the default openssl directory" FORCE)
 
 set(BUILD_NC true)
@@ -294,6 +295,8 @@ add_subdirectory(tls)
 add_subdirectory(include)
 if(NOT MSVC)
         add_subdirectory(man)
+endif()
+if(NOT MSVC OR ENABLE_VSTEST)
         add_subdirectory(tests)
 endif()
 
diff --git a/include/compat/unistd.h b/include/compat/unistd.h
index 6c83e76..52255bb 100644
--- a/include/compat/unistd.h
+++ b/include/compat/unistd.h
@@ -14,6 +14,8 @@
 #include <io.h>
 #include <process.h>
 
+#define STDERR_FILENO   2
+
 #define R_OK    4
 #define W_OK    2
 #define X_OK    0
diff --git a/patches/aeadtest.c.patch b/patches/aeadtest.c.patch
new file mode 100644
index 0000000..ce62107
--- /dev/null
+++ b/patches/aeadtest.c.patch
@@ -0,0 +1,15 @@
+--- tests/aeadtest.c.orig       2016-10-18 17:03:33.845870889 +0900
++++ tests/aeadtest.c    2016-10-18 17:11:19.880841283 +0900
+@@ -75,6 +75,12 @@
+ 
+ #define BUF_MAX 1024
+ 
++#ifdef _MSC_VER
++#ifdef IN
++#undef IN
++#endif
++#endif
++
+ /* These are the different types of line that are found in the input file. */
+ enum {
+        AEAD = 0,       /* name of the AEAD algorithm. */
diff --git a/patches/ocsp_test.c.patch b/patches/ocsp_test.c.patch
new file mode 100644
index 0000000..aa427db
--- /dev/null
+++ b/patches/ocsp_test.c.patch
@@ -0,0 +1,14 @@
+--- tests/ocsp_test.c.orig      2016-10-18 18:12:39.854607509 +0900
++++ tests/ocsp_test.c   2016-10-18 18:14:29.261600559 +0900
+@@ -16,6 +16,11 @@
+        hints.ai_family = AF_INET;
+        hints.ai_socktype = SOCK_STREAM;
+ 
++#ifdef _MSC_VER
++       if (BIO_sock_init() != 1)
++               exit(-1);
++#endif
++
+        error = getaddrinfo(host, port, &hints, &res);
+        if (error != 0) {
+                perror("getaddrinfo()");
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 80a248e..7957235 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -14,8 +14,7 @@ add_definitions(-D_PATH_SSL_CA_FILE=\"${CMAKE_CURRENT_SOURCE_DIR}/../apps/openss
 # aeadtest
 add_executable(aeadtest aeadtest.c)
 target_link_libraries(aeadtest ${OPENSSL_LIBS})
-add_test(aeadtest ${CMAKE_CURRENT_SOURCE_DIR}/aeadtest.sh)
-set_tests_properties(aeadtest PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
+add_test(aeadtest aeadtest ${CMAKE_CURRENT_SOURCE_DIR}/aeadtests.txt)
 
 # aes_wrap
 add_executable(aes_wrap aes_wrap.c)
@@ -25,9 +24,9 @@ add_test(aes_wrap aes_wrap)
 # arc4randomforktest
 # Windows/mingw does not have fork, but Cygwin does.
 if(NOT CMAKE_HOST_WIN32 AND NOT CMAKE_SYSTEM_NAME MATCHES "MINGW")
-add_executable(arc4randomforktest arc4randomforktest.c)
-target_link_libraries(arc4randomforktest ${OPENSSL_LIBS})
-add_test(arc4randomforktest ${CMAKE_CURRENT_SOURCE_DIR}/arc4randomforktest.sh)
+        add_executable(arc4randomforktest arc4randomforktest.c)
+        target_link_libraries(arc4randomforktest ${OPENSSL_LIBS})
+        add_test(arc4randomforktest ${CMAKE_CURRENT_SOURCE_DIR}/arc4randomforktest.sh)
 endif()
 
 # asn1test
@@ -136,19 +135,18 @@ add_test(enginetest enginetest)
 # evptest
 add_executable(evptest evptest.c)
 target_link_libraries(evptest ${OPENSSL_LIBS})
-add_test(evptest ${CMAKE_CURRENT_SOURCE_DIR}/evptest.sh)
-set_tests_properties(evptest PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
+add_test(evptest evptest ${CMAKE_CURRENT_SOURCE_DIR}/evptests.txt)
 
 # explicit_bzero
 # explicit_bzero relies on SA_ONSTACK, which is unavailable on Windows
 if(NOT CMAKE_HOST_WIN32)
-if(HAVE_MEMMEM)
-        add_executable(explicit_bzero explicit_bzero.c)
-else()
-        add_executable(explicit_bzero explicit_bzero.c memmem.c)
-endif()
-target_link_libraries(explicit_bzero ${OPENSSL_LIBS})
-add_test(explicit_bzero explicit_bzero)
+        if(HAVE_MEMMEM)
+                add_executable(explicit_bzero explicit_bzero.c)
+        else()
+                add_executable(explicit_bzero explicit_bzero.c memmem.c)
+        endif()
+        target_link_libraries(explicit_bzero ${OPENSSL_LIBS})
+        add_test(explicit_bzero explicit_bzero)
 endif()
 
 # exptest
@@ -200,7 +198,11 @@ add_test(mont mont)
 if(ENABLE_EXTRATESTS)
         add_executable(ocsp_test ocsp_test.c)
         target_link_libraries(ocsp_test ${OPENSSL_LIBS})
-        add_test(ocsptest ${CMAKE_CURRENT_SOURCE_DIR}/ocsptest.sh)
+        if(NOT MSVC)
+                add_test(ocsptest ${CMAKE_CURRENT_SOURCE_DIR}/ocsptest.sh)
+        else()
+                add_test(ocsptest ${CMAKE_CURRENT_SOURCE_DIR}/ocsptest.bat)
+        endif()
 endif()
 
 # optionstest
@@ -216,7 +218,7 @@ add_test(pbkdf2 pbkdf2)
 # pidwraptest
 # pidwraptest relies on an OS-specific way to give out pids and is generally
 # awkward on systems with slow fork
-if(ENABLE_EXTRATESTS)
+if(ENABLE_EXTRATESTS AND NOT MSVC)
         add_executable(pidwraptest pidwraptest.c)
         target_link_libraries(pidwraptest ${OPENSSL_LIBS})
         add_test(pidwraptest ${CMAKE_CURRENT_SOURCE_DIR}/pidwraptest.sh)
@@ -235,7 +237,11 @@ add_test(poly1305test poly1305test)
 # pq_test
 add_executable(pq_test pq_test.c)
 target_link_libraries(pq_test ${OPENSSL_LIBS})
-add_test(pq_test ${CMAKE_CURRENT_SOURCE_DIR}/pq_test.sh)
+if(NOT MSVC)
+        add_test(pq_test ${CMAKE_CURRENT_SOURCE_DIR}/pq_test.sh)
+else()
+        add_test(pq_test ${CMAKE_CURRENT_SOURCE_DIR}/pq_test.bat)
+endif()
 set_tests_properties(pq_test PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
 
 # randtest
@@ -285,19 +291,35 @@ add_test(sha512test sha512test)
 # ssltest
 add_executable(ssltest ssltest.c)
 target_link_libraries(ssltest ${OPENSSL_LIBS})
-add_test(ssltest ${CMAKE_CURRENT_SOURCE_DIR}/ssltest.sh)
+if(NOT MSVC)
+        add_test(ssltest ${CMAKE_CURRENT_SOURCE_DIR}/ssltest.sh)
+else()
+        add_test(ssltest ${CMAKE_CURRENT_SOURCE_DIR}/ssltest.bat)
+endif()
 set_tests_properties(ssltest PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
 
 # testdsa
-add_test(testdsa ${CMAKE_CURRENT_SOURCE_DIR}/testdsa.sh)
+if(NOT MSVC)
+        add_test(testdsa ${CMAKE_CURRENT_SOURCE_DIR}/testdsa.sh)
+else()
+        add_test(testdsa ${CMAKE_CURRENT_SOURCE_DIR}/testdsa.bat)
+endif()
 set_tests_properties(testdsa PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
 
 # testenc
-add_test(testenc ${CMAKE_CURRENT_SOURCE_DIR}/testenc.sh)
+if(NOT MSVC)
+        add_test(testenc ${CMAKE_CURRENT_SOURCE_DIR}/testenc.sh)
+else()
+        add_test(testenc ${CMAKE_CURRENT_SOURCE_DIR}/testenc.bat)
+endif()
 set_tests_properties(testenc PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
 
 # testrsa
-add_test(testrsa ${CMAKE_CURRENT_SOURCE_DIR}/testrsa.sh)
+if(NOT MSVC)
+        add_test(testrsa ${CMAKE_CURRENT_SOURCE_DIR}/testrsa.sh)
+else()
+        add_test(testrsa ${CMAKE_CURRENT_SOURCE_DIR}/testrsa.bat)
+endif()
 set_tests_properties(testrsa PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
 
 # timingsafe
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 5ba7b60..85720c2 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -215,7 +215,7 @@ TESTS += ocsptest.sh
 check_PROGRAMS += ocsp_test
 ocsp_test_SOURCES = ocsp_test.c
 endif
-EXTRA_DIST += ocsptest.sh
+EXTRA_DIST += ocsptest.sh ocsptest.bat
 
 # optionstest
 TESTS += optionstest
@@ -251,7 +251,7 @@ poly1305test_SOURCES = poly1305test.c
 TESTS += pq_test.sh
 check_PROGRAMS += pq_test
 pq_test_SOURCES = pq_test.c
-EXTRA_DIST += pq_test.sh
+EXTRA_DIST += pq_test.sh pq_test.bat
 EXTRA_DIST += pq_expected.txt
 
 # randtest
@@ -303,21 +303,21 @@ sha512test_SOURCES = sha512test.c
 TESTS += ssltest.sh
 check_PROGRAMS += ssltest
 ssltest_SOURCES = ssltest.c
-EXTRA_DIST += ssltest.sh
-EXTRA_DIST += testssl ca.pem server.pem
+EXTRA_DIST += ssltest.sh ssltest.bat
+EXTRA_DIST += testssl testssl.bat ca.pem server.pem
 
 # testdsa
 TESTS += testdsa.sh
-EXTRA_DIST += testdsa.sh
+EXTRA_DIST += testdsa.sh testdsa.bat
 EXTRA_DIST += openssl.cnf
 
 # testenc
 TESTS += testenc.sh
-EXTRA_DIST += testenc.sh
+EXTRA_DIST += testenc.sh testenc.bat
 
 # testrsa
 TESTS += testrsa.sh
-EXTRA_DIST += testrsa.sh
+EXTRA_DIST += testrsa.sh testrsa.bat
 
 # timingsafe
 TESTS += timingsafe
diff --git a/tests/ocsptest.bat b/tests/ocsptest.bat
new file mode 100644
index 0000000..fa0ae42
--- /dev/null
+++ b/tests/ocsptest.bat
@@ -0,0 +1,11 @@
+@echo off

+setlocal enabledelayedexpansion

+REM     ocsptest.bat

+

+set TEST=Debug\ocsp_test.exe

+if not exist %TEST% exit /b 1

+

+%TEST% www.amazon.com 443 & if !errorlevel! neq 0 exit /b 1

+%TEST% cloudflare.com 443 & if !errorlevel! neq 0 exit /b 1

+

+endlocal

diff --git a/tests/pq_test.bat b/tests/pq_test.bat
new file mode 100644
index 0000000..b665874
--- /dev/null
+++ b/tests/pq_test.bat
@@ -0,0 +1,14 @@
+@echo off

+setlocal enabledelayedexpansion

+REM     pq_test.bat

+

+set TEST=Debug\pq_test.exe

+if not exist %TEST% exit /b 1

+

+set pq_output=pq_output.txt

+if exist %pq_output% del %pq_output%

+

+%TEST% > %pq_output%

+fc /b %pq_output% %srcdir%\pq_expected.txt

+

+endlocal

diff --git a/tests/ssltest.bat b/tests/ssltest.bat
new file mode 100644
index 0000000..a7c3df5
--- /dev/null
+++ b/tests/ssltest.bat
@@ -0,0 +1,18 @@
+@echo off

+setlocal enabledelayedexpansion

+REM     ssltest.bat

+

+set ssltest_bin=Debug\ssltest.exe

+if not exist %ssltest_bin% exit /b 1

+

+set openssl_bin=..\apps\openssl\Debug\openssl.exe

+if not exist %openssl_bin% exit /b 1

+

+if "%srcdir%"=="" (

+        set srcdir=.

+)

+

+%srcdir%\testssl.bat %srcdir%\server.pem %srcdir%\server.pem %srcdir%\ca.pem ^

+    %ssltest_bin% %openssl_bin%

+

+endlocal

diff --git a/tests/testdsa.bat b/tests/testdsa.bat
new file mode 100644
index 0000000..9a9690e
--- /dev/null
+++ b/tests/testdsa.bat
@@ -0,0 +1,38 @@
+@echo off

+setlocal enabledelayedexpansion

+REM     testdsa.bat

+

+

+REM # Test DSA certificate generation of openssl

+

+set cmd=..\apps\openssl\Debug\openssl.exe

+if not exist %cmd% exit /b 1

+

+if "%srcdir%"=="" (

+        set srcdir=.

+)

+

+REM # Generate DSA paramter set

+%cmd% dsaparam 512 -out dsa512.pem

+if !errorlevel! neq 0 (

+        exit /b 1

+)

+

+

+REM # Generate a DSA certificate

+%cmd% req -config %srcdir%\openssl.cnf -x509 -newkey dsa:dsa512.pem -out testdsa.pem -keyout testdsa.key

+if !errorlevel! neq 0 (

+        exit /b 1

+)

+

+

+REM # Now check the certificate

+%cmd% x509 -text -in testdsa.pem

+if !errorlevel! neq 0 (

+        exit /b 1

+)

+

+del testdsa.key dsa512.pem testdsa.pem

+

+exit /b 0

+endlocal

diff --git a/tests/testenc.bat b/tests/testenc.bat
new file mode 100644
index 0000000..a925ec3
--- /dev/null
+++ b/tests/testenc.bat
@@ -0,0 +1,69 @@
+@echo off

+setlocal enabledelayedexpansion

+REM     testenc.bat

+

+set test=p

+set cmd=..\apps\openssl\Debug\openssl.exe

+if not exist %cmd% exit /b 1

+

+set srcdir=..\..\tests

+

+copy %srcdir%\openssl.cnf %test%

+

+echo cat

+%cmd% enc -in %test% -out %test%.cipher

+%cmd% enc -in %test%.cipher -out %test%.clear

+fc /b %test% %test%.clear

+if !errorlevel! neq 0 (

+        exit /b 1

+) else (

+        del %test%.cipher %test%.clear

+)

+

+echo base64

+%cmd% enc -a -e -in %test% -out %test%.cipher

+%cmd% enc -a -d -in %test%.cipher -out %test%.clear

+fc /b %test% %test%.clear

+if !errorlevel! neq 0 (

+        exit /b 1

+) else (

+        del %test%.cipher %test%.clear

+)

+

+for %%i in (

+        aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8

+        aes-128-ecb aes-128-ofb aes-192-cbc aes-192-cfb

+        aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb

+        aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8

+        aes-256-ecb aes-256-ofb

+        bf-cbc bf-cfb bf-ecb bf-ofb

+        cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb

+        des-cbc des-cfb des-cfb8 des-ecb des-ede

+        des-ede-cbc des-ede-cfb des-ede-ofb des-ede3

+        des-ede3-cbc des-ede3-cfb des-ede3-ofb des-ofb desx-cbc

+        rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb rc2-ecb rc2-ofb

+        rc4 rc4-40

+) do (

+        echo %%i

+        %cmd% %%i -e -k test -in %test% -out %test%.%%i.cipher

+        %cmd% %%i -d -k test -in %test%.%%i.cipher -out %test%.%%i.clear

+        fc /b %test% %test%.%%i.clear

+        if !errorlevel! neq 0 (

+                exit /b 1

+        ) else (

+                del %test%.%%i.cipher %test%.%%i.clear

+        )

+

+        echo %%i base64

+        %cmd% %%i -a -e -k test -in %test% -out %test%.%%i.cipher

+        %cmd% %%i -a -d -k test -in %test%.%%i.cipher -out %test%.%%i.clear

+        fc /b %test% %test%.%%i.clear

+        if !errorlevel! neq 0 (

+                exit /b 1

+        ) else (

+                del %test%.%%i.cipher %test%.%%i.clear

+        )

+)

+

+del %test%

+endlocal

diff --git a/tests/testrsa.bat b/tests/testrsa.bat
new file mode 100644
index 0000000..6d88d21
--- /dev/null
+++ b/tests/testrsa.bat
@@ -0,0 +1,38 @@
+@echo off

+setlocal enabledelayedexpansion

+REM     testrsa.bat

+

+

+REM # Test RSA certificate generation of openssl

+

+set cmd=..\apps\openssl\Debug\openssl.exe

+if not exist %cmd% exit /b 1

+

+if "%srcdir%"=="" (

+        set srcdir=.

+)

+

+REM # Generate RSA private key

+%cmd% genrsa -out rsakey.pem

+if !errorlevel! neq 0 (

+        exit /b 1

+)

+

+

+REM # Generate an RSA certificate

+%cmd% req -config %srcdir%\openssl.cnf -key rsakey.pem -new -x509 -days 365 -out rsacert.pem

+if !errorlevel! neq 0 (

+        exit /b 1

+)

+

+

+REM # Now check the certificate

+%cmd% x509 -text -in rsacert.pem

+if !errorlevel! neq 0 (

+        exit /b 1

+)

+

+del rsacert.pem rsakey.pem

+

+exit /b 0

+endlocal

diff --git a/tests/testssl.bat b/tests/testssl.bat
new file mode 100644
index 0000000..f164aeb
--- /dev/null
+++ b/tests/testssl.bat
@@ -0,0 +1,157 @@
+@echo off

+setlocal enabledelayedexpansion

+REM     testssl.bat

+

+set key=%1

+set cert=%2

+set CA=-CAfile %3

+set ssltest=%4 -key %key% -cert %cert% -c_key %key% -c_cert %cert%

+set openssl=%5

+set extra=%6

+

+%openssl% version & if !errorlevel! neq 0 exit /b 1

+

+for /f "usebackq" %%s in (`%openssl% x509 -in %cert% -text -noout ^| find /c "DSA Public Key"`) do set lines=%%s

+if %lines% gtr 0 (

+  set dsa_cert=YES

+) else (

+  set dsa_cert=NO

+)

+

+REM #########################################################################

+

+echo test sslv2/sslv3

+%ssltest% %extra% & if !errorlevel! neq 0 exit /b 1

+

+echo test sslv2/sslv3 with server authentication

+%ssltest% -server_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1

+

+echo test sslv2/sslv3 with client authentication

+%ssltest% -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1

+

+echo test sslv2/sslv3 with both client and server authentication

+%ssltest% -server_auth -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1

+

+echo test sslv2/sslv3 via BIO pair

+%ssltest% %extra% & if !errorlevel! neq 0 exit /b 1

+

+if %dsa_cert%==NO (

+  echo "test sslv2/sslv3 w/o (EC)DHE via BIO pair"

+  %ssltest% -bio_pair -no_dhe -no_ecdhe %extra% & if !errorlevel! neq 0 exit /b 1

+)

+

+echo test sslv2/sslv3 with 1024bit DHE via BIO pair

+%ssltest% -bio_pair -dhe1024dsa -v %extra% & if !errorlevel! neq 0 exit /b 1

+

+echo test sslv2/sslv3 with server authentication

+%ssltest% -bio_pair -server_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1

+

+echo test sslv2/sslv3 with client authentication via BIO pair

+%ssltest% -bio_pair -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1

+

+echo test sslv2/sslv3 with both client and server authentication via BIO pair

+%ssltest% -bio_pair -server_auth -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1

+

+echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify

+%ssltest% -bio_pair -server_auth -client_auth -app_verify %CA% %extra% & if !errorlevel! neq 0 exit /b 1

+

+echo "Testing ciphersuites"

+for %%p in ( TLSv1.2 ) do (

+  echo "Testing ciphersuites for %%p"

+  for /f "usebackq" %%c in (`%openssl% ciphers -v "%%p+aRSA"`) do (

+    echo "Testing %%c"

+    %ssltest% -cipher %%c

+    if !errorlevel! neq 0 (

+      echo "Failed %%c"

+      exit /b 1

+    )

+  )

+)

+

+REM ##########################################################################

+

+for /f "usebackq" %%s in (`%openssl% no-dh`) do set nodh=%%s

+if %nodh%==no-dh (

+  echo skipping anonymous DH tests

+) else (

+  echo test tls1 with 1024bit anonymous DH, multiple handshakes

+  %ssltest% -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time %extra% & if !errorlevel! neq 0 exit /b 1

+)

+

+REM #for /f "usebackq" %%s in (`%openssl% no-rsa`) do set norsa=%%s

+REM #if %norsa%==no-rsa (

+REM #  echo skipping RSA tests

+REM #) else (

+REM #  echo "test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes"

+REM #  %ssltest% -v -bio_pair -tls1 -cert ..\apps\server2.pem -no_dhe -no_ecdhe -num 10 -f -time %extra% & if !errorlevel! neq 0 exit /b 1

+REM #

+REM #  for /f "usebackq" %%s in (`%openssl% no-dh`) do set nodh=%%s

+REM #  if %nodh%==no-dh (

+REM #    echo skipping RSA+DHE tests

+REM #  ) else (

+REM #    echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes

+REM #    %ssltest% -v -bio_pair -tls1 -cert ..\apps\server2.pem -dhe1024dsa -num 10 -f -time %extra% & if !errorlevel! neq 0 exit /b 1

+REM #  )

+REM #)

+

+REM #

+REM # DTLS tests

+REM #

+

+echo test dtlsv1

+%ssltest% -dtls1 %extra% & if !errorlevel! neq 0 exit /b 1

+

+echo test dtlsv1 with server authentication

+%ssltest% -dtls1 -server_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1

+

+echo test dtlsv1 with client authentication

+%ssltest% -dtls1 -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1

+

+echo test dtlsv1 with both client and server authentication

+%ssltest% -dtls1 -server_auth -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1

+

+echo "Testing DTLS ciphersuites"

+for %%p in ( SSLv3 ) do (

+  echo "Testing ciphersuites for %%p"

+  for /f "usebackq" %%c in (`%openssl% ciphers -v "RSA+%%p:-RC4"`) do (

+    echo "Testing %%c"

+    %ssltest% -cipher %%c -dtls1

+    if !errorlevel! neq 0 (

+      echo "Failed %%c"

+      exit /b 1

+    )

+  )

+)

+

+REM #

+REM # Next Protocol Negotiation tests

+REM #

+echo "Testing NPN..."

+%ssltest% -bio_pair -tls1 -npn_client & if !errorlevel! neq 0 exit /b 1

+%ssltest% -bio_pair -tls1 -npn_server & if !errorlevel! neq 0 exit /b 1

+%ssltest% -bio_pair -tls1 -npn_server_reject & if !errorlevel! neq 0 exit /b 1

+%ssltest% -bio_pair -tls1 -npn_client -npn_server_reject & if !errorlevel! neq 0 exit /b 1

+%ssltest% -bio_pair -tls1 -npn_client -npn_server & if !errorlevel! neq 0 exit /b 1

+%ssltest% -bio_pair -tls1 -npn_client -npn_server -num 2 & if !errorlevel! neq 0 exit /b 1

+%ssltest% -bio_pair -tls1 -npn_client -npn_server -num 2 -reuse & if !errorlevel! neq 0 exit /b 1

+

+REM #

+REM # ALPN tests

+REM #

+echo "Testing ALPN..."

+%ssltest% -bio_pair -tls1 -alpn_client foo -alpn_server bar & if !errorlevel! neq 0 exit /b 1

+%ssltest% -bio_pair -tls1 -alpn_client foo -alpn_server foo ^

+  -alpn_expected foo & if !errorlevel! neq 0 exit /b 1

+%ssltest% -bio_pair -tls1 -alpn_client foo,bar -alpn_server foo ^

+  -alpn_expected foo & if !errorlevel! neq 0 exit /b 1

+%ssltest% -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo ^

+  -alpn_expected foo & if !errorlevel! neq 0 exit /b 1

+%ssltest% -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo,bar ^

+  -alpn_expected foo & if !errorlevel! neq 0 exit /b 1

+%ssltest% -bio_pair -tls1 -alpn_client bar,foo -alpn_server bar,foo ^

+  -alpn_expected bar & if !errorlevel! neq 0 exit /b 1

+%ssltest% -bio_pair -tls1 -alpn_client foo,bar -alpn_server bar,foo ^

+  -alpn_expected bar & if !errorlevel! neq 0 exit /b 1

+%ssltest% -bio_pair -tls1 -alpn_client baz -alpn_server bar,foo & if !errorlevel! neq 0 exit /b 1

+

+endlocal