From 5ba186f127258f0266c1fec02f2e71714a57bd2e Mon Sep 17 00:00:00 2001 From: Vijo Cherian Date: Fri, 21 Apr 2017 12:34:16 -0700 Subject: [PATCH] Added 8 SSL tests to make check * tests/Test-https-badcerts.px : New file * tests/Test-https-clientcert.px : New file * tests/Test-https-crl.px : New file * tests/Test-https-weboftrust.px : New file * tests/certs/interca.conf : New file * tests/certs/rootca.conf : New file * tests/certs/test-ca-key.pem : New file * tests/wgethosts : New file Added all new SSL / HTTPS tests to make check Added Test for SSL Web of Trust, accept only if CA chain of trust is intact. Added a test script for client certificate Added Test for crlfile option of wget Added test to make sure that wget doesn't accept expired or invalid certs Added wgethosts file to the repo rather than create it for every SSL Test. Since most of the testing of this change was done with openssl, if wget is not built with openssl, skip the SSL tests. Some clean up : 1, Removed cause of warnings from perl & other cosmetic changes 2, Fixes to test such that make -j 4 check passes --- tests/Makefile.am | 10 ++- tests/SSLServer.pm | 20 ++--- tests/SSLTest.pm | 1 + tests/Test-https-badcerts.px | 164 +++++++++++++++++++++++++++++++++++++++ tests/Test-https-clientcert.px | 159 ++++++++++++++++++++++++++++++++++++++ tests/Test-https-crl.px | 161 ++++++++++++++++++++++++++++++++++++++ tests/Test-https-pfs.px | 32 ++++++-- tests/Test-https-selfsigned.px | 55 +++++++++---- tests/Test-https-tlsv1.px | 32 ++++++-- tests/Test-https-tlsv1x.px | 32 ++++++-- tests/Test-https-weboftrust.px | 171 +++++++++++++++++++++++++++++++++++++++++ tests/WgetFeature.cfg | 1 + tests/certs/interca.conf | 64 +++++++++++++++ tests/certs/rootca.conf | 64 +++++++++++++++ tests/certs/test-ca-key.pem | 58 ++++++++++++++ tests/wgethosts | 1 + 16 files changed, 980 insertions(+), 45 deletions(-) create mode 100755 tests/Test-https-badcerts.px create mode 100755 tests/Test-https-clientcert.px create mode 100755 tests/Test-https-crl.px create mode 100755 tests/Test-https-weboftrust.px create mode 100644 tests/certs/interca.conf create mode 100644 tests/certs/rootca.conf create mode 100644 tests/certs/test-ca-key.pem create mode 100644 tests/wgethosts diff --git a/tests/Makefile.am b/tests/Makefile.am index c27c4ce..367a8c0 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -128,7 +128,15 @@ PX_TESTS = \ Test--start-pos--continue.px \ Test--httpsonly-r.px \ Test-204.px \ - Test-ftp-pasv-not-supported.px + Test-ftp-pasv-not-supported.px \ + Test-https-pfs.px \ + Test-https-tlsv1.px \ + Test-https-tlsv1x.px \ + Test-https-selfsigned.px \ + Test-https-weboftrust.px \ + Test-https-clientcert.px \ + Test-https-crl.px \ + Test-https-badcerts.px EXTRA_DIST = FTPServer.pm FTPTest.pm HTTPServer.pm HTTPTest.pm \ WgetTests.pm WgetFeature.pm WgetFeature.cfg $(PX_TESTS) \ diff --git a/tests/SSLServer.pm b/tests/SSLServer.pm index ed121b1..a123a28 100644 --- a/tests/SSLServer.pm +++ b/tests/SSLServer.pm @@ -30,12 +30,12 @@ my $sslsock; my $plaincon; my %args; -$HTTP::Daemon::DEBUG=5; +#$HTTP::Daemon::DEBUG=5; #*DEBUG = \$HTTP::Daemon::DEBUG; $args{SSL_error_trap} ||= \&ssl_error; -my $class = shift; +my $class = 'SSLServer'; my $self = {}; $self = bless $self, $class; @@ -46,6 +46,7 @@ sub init %ssl_params = %sargs; unless (exists($ssl_params{'lhostname'}) && + exists($ssl_params{'sslport'}) && exists($ssl_params{'ciphers'}) && exists($ssl_params{'cafile'}) && exists($ssl_params{'certfile'}) && @@ -57,7 +58,7 @@ sub init sub ssl_setup_conn { $sslsock = IO::Socket::SSL->new(LocalAddr => $ssl_params{'lhostname'}, - LocalPort => 55443, + LocalPort => $ssl_params{'sslport'}, Listen => 10, Timeout => 30, ReuseAddr => 1, @@ -67,7 +68,7 @@ sub ssl_setup_conn SSL_cert_file => $ssl_params{'certfile'}, SSL_key_file => $ssl_params{'keyfile'}); - $sslsock || warn $IO::Socket::SSL::ERROR; + $sslsock || die $IO::Socket::SSL::ERROR; return $sslsock; } @@ -86,7 +87,7 @@ sub accept if ($sock) { ${*$sock}{'httpd_daemon'} = $self; ${*$self}{'httpd_daemon'} = $sock; - my $fileno = ${*$self}{'_SSL_fileno'} = fileno($self); + my $fileno = ${*$self}{'_SSL_fileno'} = &fileno($self); my $f = $sock->fileno; return wantarray ? ($sock, $peer) : $sock; } @@ -157,19 +158,21 @@ sub run { my ($self, $urls, $synch_callback) = @_; my $initialized = 0; + my $sslsock; while (1) { if (!$initialized) { + $sslsock = $self->ssl_setup_conn(); + $sslsock || warn "Failed to get ssl sock"; + $initialized = 1; open (LOGFILE, '>', "/tmp/wgetserver.log"); LOGFILE->autoflush(1); print LOGFILE "Starting logging"; + $synch_callback->() if $synch_callback; } - my $sslsock = $self->ssl_setup_conn(); - $sslsock || warn "Failed to get ssl sock"; - $synch_callback->() if $synch_callback; my $con = $self->accept(); ${*$self}{'sslcon'} = $con; @@ -216,7 +219,6 @@ sub run print LOGFILE "Closing connection\n" if $log; close(LOGFILE); $con->close(); - last; } } diff --git a/tests/SSLTest.pm b/tests/SSLTest.pm index a38acfb..ec37c76 100644 --- a/tests/SSLTest.pm +++ b/tests/SSLTest.pm @@ -16,6 +16,7 @@ my %ssl_defaults = ( _cafile => "certs/test-ca-cert.pem", _ciphers => 'ALL', _lhostname => 'wgettestingserver', + _sslport => 55443, ); { diff --git a/tests/Test-https-badcerts.px b/tests/Test-https-badcerts.px new file mode 100755 index 0000000..9def1d7 --- /dev/null +++ b/tests/Test-https-badcerts.px @@ -0,0 +1,164 @@ +#!/usr/bin/env perl + +use strict; +use warnings; +use POSIX; +use Socket; +use WgetFeature qw(https ssl/openssl); +use SSLTest; + +############################################################################### + +# code, msg, headers, content +my %urls = ( + '/somefile.txt' => { + code => "200", + msg => "Dontcare", + headers => { + "Content-type" => "text/plain", + }, + content => "blabla", + }, +); + +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + +my $cdir = $ENV{'PWD'}; + +# HOSTALIASES env variable allows us to create hosts file alias. +my $testhostname = "WgetTestingServer"; +my $testhostfile = "$cdir/wgethosts"; +$ENV{'HOSTALIASES'} = "$cdir/wgethosts"; + +my $addr = gethostbyname($testhostname) or + exit 77; +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $testhostname"; + exit 77; +} + +# Create certindex +open CERTID, ">", "$cdir/certs/certindex" or + warn "Cannot overwrite file $cdir/certs/certindex"; +close CERTID; + +# Create certserial +open CERTSN, ">", "$cdir/certs/certserial" or + warn "Cannot overwrite file $cdir/certs/certserial"; +print CERTSN "1122"; +close CERTSN; + +# Create crlnumber +open CRLN, ">", "$cdir/certs/crlnumber" or + warn "Cannot overwrite file $cdir/certs/crlnumber"; +print CRLN "1122"; +close CRLN; + +my $caconf = "$cdir/certs/rootca.conf"; +my $cacrt = "$cdir/certs/test-ca-cert.pem"; +my $cakey = "$cdir/certs/test-ca-key.pem"; + +# Prepare expired server certificate +my $servercrt = "certs/tmpserver3.crt"; +my $serverkey = "certs/tmpserver3.key"; +my $servercsr = "$cdir/certs/tmpserver3.csr"; +my $enddate = strftime "%y%m%d%H%M%S%z", localtime(time-86400); +my $startdate = strftime "%y%m%d%H%M%S%z", localtime(time+86400); +my $serversubj = "/C=US/ST=CA/L=Server Mystery Spot/O=Serv/CN=". + "$testhostname/emailAddress=servertester"; +my $servercmd = "openssl genrsa -out $serverkey 4096 && openssl req -new". + " -sha256 -key $serverkey -out $servercsr -days 365 ". + " -subj \"$serversubj\" &&". + "openssl ca -batch -config $caconf -notext ". + "-enddate $enddate -in $servercsr". + " -out $servercrt"; +system($servercmd); + +my $servercheck =`(openssl x509 -noout -modulus -in $servercrt | openssl md5 ; + openssl rsa -noout -modulus -in $serverkey | openssl md5) | + uniq | wc -l`; +# Check if certificate and key are made correctly. +unless(-e $servercrt && -e $serverkey && $servercheck == 1) +{ + exit 77; # skip +} + +# Try Wget using SSL with expired cert. Expect Failure. +my $port = 60443; +my $cmdline = $WgetTest::WGETPATH . " --ca-certificate=$cacrt". + " https://$testhostname:$port/somefile.txt"; +my $expected_error_code = 5; +my %existing_files = ( +); + +my %expected_downloaded_files = ( + 'somefile.txt' => { + content => "blabla", + }, +); + +my $sslsock = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $servercrt, + keyfile => $serverkey, + lhostname => $testhostname, + sslport => $port); +if ($sslsock->run() == 0) +{ + exit -1; +} +print "Test successful.\n"; + +system("/bin/rm $servercrt $serverkey $servercsr"); +$servercmd = "openssl genrsa -out $serverkey 4096 && openssl req -new". + " -sha256 -key $serverkey -out $servercsr -days 365 ". + " -subj \"$serversubj\" &&". + "openssl ca -batch -config $caconf -notext ". + " -startdate $startdate -in $servercsr". + " -out $servercrt"; +system($servercmd); + +$servercheck =`(openssl x509 -noout -modulus -in $servercrt | openssl md5 ; + openssl rsa -noout -modulus -in $serverkey | openssl md5) | + uniq | wc -l`; +# Check if certificate and key are made correctly. +unless(-e $servercrt && -e $serverkey && $servercheck == 1) +{ + exit 77; # skip +} + + +# Retry the test with --no-check-certificate. expect success +$port = 50443; +$cmdline = $WgetTest::WGETPATH . " --ca-certificate=$cacrt". + " https://$testhostname:$port/somefile.txt"; + +$expected_error_code = 5; + +my $retryssl = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $servercrt, + keyfile => $serverkey, + lhostname => $testhostname, + sslport => $port); +if ($retryssl->run() == 0) +{ + exit 0; +} +else +{ + exit -1; +} +# vim: et ts=4 sw=4 diff --git a/tests/Test-https-clientcert.px b/tests/Test-https-clientcert.px new file mode 100755 index 0000000..a1c7c9b --- /dev/null +++ b/tests/Test-https-clientcert.px @@ -0,0 +1,159 @@ +#!/usr/bin/env perl + +use strict; +use warnings; +use Socket; +use WgetFeature qw(https); +use SSLTest; + +############################################################################### + +# code, msg, headers, content +my %urls = ( + '/somefile.txt' => { + code => "200", + msg => "Dontcare", + headers => { + "Content-type" => "text/plain", + }, + content => "blabla", + }, +); + +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + +my $cdir = $ENV{'PWD'}; + +# HOSTALIASES env variable allows us to create hosts file alias. +my $testhostname = "WgetTestingServer"; +my $testhostfile = "$cdir/wgethosts"; +$ENV{'HOSTALIASES'} = "$cdir/wgethosts"; + +my $addr = gethostbyname($testhostname) or + exit 77; +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $testhostname"; + exit 77; +} + +# Create certindex +open CERTID, ">", "$cdir/certs/certindex" or + warn "Cannot overwrite file $cdir/certs/certindex"; +close CERTID; + +# Create certserial +open CERTSN, ">", "$cdir/certs/certserial" or + warn "Cannot overwrite file $cdir/certs/certserial"; +print CERTSN "1122"; +close CERTSN; + +# Create crlnumber +open CRLN, ">", "$cdir/certs/crlnumber" or + warn "Cannot overwrite file $cdir/certs/crlnumber"; +close CRLN; + +my $caconf = "$cdir/certs/rootca.conf"; +my $cacrt = "$cdir/certs/test-ca-cert.pem"; +my $cakey = "$cdir/certs/test-ca-key.pem"; + +# Prepare server certificate +my $servercrt = "certs/tmpserver1.crt"; +my $serverkey = "certs/tmpserver1.key"; +my $servercsr = "$cdir/certs/tmpserver.csr"; +my $serversubj = "/C=US/ST=CA/L=Server Mystery Spot/O=Serv/CN=". + "$testhostname/emailAddress=servertester"; +my $servercmd = "openssl genrsa -out $serverkey 4096 && openssl req -new". + " -sha256 -key $serverkey -out $servercsr -days 365 ". + " -subj \"$serversubj\" &&". + "openssl ca -batch -config $caconf -notext -in $servercsr". + " -out $servercrt"; + +system($servercmd); +my $servercheck =`(openssl x509 -noout -modulus -in $servercrt | openssl md5 ; + openssl rsa -noout -modulus -in $serverkey | openssl md5) | + uniq | wc -l`; +# Check if certificate and key are made correctly. +unless(-e $servercrt && -e $serverkey && $servercheck == 1) +{ + exit 77; # skip +} + +# Prepare client certifcate +my $clientcert = "$cdir/certs/client.crt"; +my $clientkey = "$cdir/certs/client.key"; +my $clientcsr = "$cdir/certs/client.csr"; +my $clientsubj = "/C=US/ST=CA/L=Client Mystery Spot/O=Client/CN=". + "Client Tester/emailAddress=clienttester"; +my $clientcertcmd = "openssl genrsa -out $clientkey 4096 &&". + " openssl req -new -key $clientkey -out $clientcsr". + " -subj \"$clientsubj\" &&". + " openssl ca -config $caconf -in $clientcsr ". + " -out $clientcert -batch"; + +system($clientcertcmd); +my $clientcheck=`(openssl x509 -noout -modulus -in $clientcert | openssl md5 ; + openssl rsa -noout -modulus -in $clientkey | openssl md5) | + uniq | wc -l`; + +# Check if signed certificate and key are made correctly. +unless(-e $clientcert && -e $clientkey && $clientcheck == 1) +{ + exit 77; # skip +} + +# Try Wget using SSL with mismatched client cert & key . Expect error +my $port = 51443; +my $cmdline = $WgetTest::WGETPATH . " --certificate=$clientcert ". + " --private-key=$serverkey ". + " --ca-certificate=$cacrt". + " https://$testhostname:$port/somefile.txt"; +my $expected_error_code = 5; +my %existing_files = ( +); + +my %expected_downloaded_files = ( + 'somefile.txt' => { + content => "blabla", + }, +); + +my $sslsock = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $servercrt, + keyfile => $serverkey, + lhostname => $testhostname, + sslport => $port); +if ($sslsock->run() == 0) +{ + exit 0; +} + +# Retry wget using SSL with client certificate. Expect success +$port = 52443; +$cmdline = $WgetTest::WGETPATH . " --certificate=$clientcert". + " --private-key=$clientkey ". + " --ca-certificate=$cacrt". + " https://$testhostname:$port/somefile.txt"; + +$expected_error_code = 0; + +my $retryssl = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $servercrt, + keyfile => $serverkey, + lhostname => $testhostname, + sslport => $port); +exit $retryssl->run(); +# vim: et ts=4 sw=4 diff --git a/tests/Test-https-crl.px b/tests/Test-https-crl.px new file mode 100755 index 0000000..62456f9 --- /dev/null +++ b/tests/Test-https-crl.px @@ -0,0 +1,161 @@ +#!/usr/bin/env perl + +use strict; +use warnings; +use Socket; +use WgetFeature qw(https); +use SSLTest; + +############################################################################### + +# code, msg, headers, content +my %urls = ( + '/somefile.txt' => { + code => "200", + msg => "Dontcare", + headers => { + "Content-type" => "text/plain", + }, + content => "blabla", + }, +); + +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + +my $cdir = $ENV{'PWD'}; + +# HOSTALIASES env variable allows us to create hosts file alias. +my $testhostname = "WgetTestingServer"; +my $testhostfile = "$cdir/wgethosts"; +$ENV{'HOSTALIASES'} = "$cdir/wgethosts"; + +my $addr = gethostbyname($testhostname) or + exit 77; +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $testhostname"; + exit 77; +} + +# Create certindex +open CERTID, ">", "$cdir/certs/certindex" or + warn "Cannot overwrite file $cdir/certs/certindex"; +close CERTID; + +# Create certserial +open CERTSN, ">", "$cdir/certs/certserial" or + warn "Cannot overwrite file $cdir/certs/certserial"; +print CERTSN "1122"; +close CERTSN; + +# Create crlnumber +open CRLN, ">", "$cdir/certs/crlnumber" or + warn "Cannot overwrite file $cdir/certs/crlnumber"; +print CRLN "1122"; +close CRLN; + +my $caconf = "$cdir/certs/rootca.conf"; +my $cacrt = "$cdir/certs/test-ca-cert.pem"; +my $cakey = "$cdir/certs/test-ca-key.pem"; + +# Prepare server certificate +my $servercrt = "certs/tmpserver2.crt"; +my $serverkey = "certs/tmpserver2.key"; +my $servercsr = "$cdir/certs/tmpserver.csr"; +my $serversubj = "/C=US/ST=CA/L=Server Mystery Spot/O=Serv/CN=". + "$testhostname/emailAddress=servertester"; +my $servercmd = "openssl genrsa -out $serverkey 4096 && openssl req -new". + " -sha256 -key $serverkey -out $servercsr -days 365 ". + " -subj \"$serversubj\" &&". + "openssl ca -batch -config $caconf -notext -in $servercsr". + " -out $servercrt"; + +system($servercmd); + +my $servercheck =`(openssl x509 -noout -modulus -in $servercrt | openssl md5 ; + openssl rsa -noout -modulus -in $serverkey | openssl md5) | + uniq | wc -l`; +# Check if certificate and key are made correctly. +unless(-e $servercrt && -e $serverkey && $servercheck == 1) +{ + exit 77; # skip +} + +# Try Wget using SSL first without --no-check-certificate. Expect Success. +my $port = 62443; +my $cmdline = $WgetTest::WGETPATH . " --ca-certificate=$cacrt". + " https://$testhostname:$port/somefile.txt"; +my $expected_error_code = 0; +my %existing_files = ( +); + +my %expected_downloaded_files = ( + 'somefile.txt' => { + content => "blabla", + }, +); + +my $sslsock = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $servercrt, + keyfile => $serverkey, + lhostname => $testhostname, + sslport => $port); +if ($sslsock->run() != 0) +{ + exit -1; +} + +# Revoke the certificate +my $crlfile = "$cdir/certs/servercrl.pem"; +my $revokecmd = "openssl ca -config $caconf -revoke $servercrt && + openssl ca -config $caconf -gencrl -keyfile $cakey ". + "-cert $cacrt -out $crlfile"; + +system($revokecmd); +# Check if CRL file is generated. +unless(-e $crlfile) +{ + exit 77; # skip +} + +# To read a CRL file use the following command: +# openssl crl -text -in certs/root.crl.pem + +# Retry the test with CRL. Expect Failure. +$port = 53443; +$cmdline = $WgetTest::WGETPATH . " --crl-file=$crlfile ". + " --ca-certificate=$cacrt". + " https://$testhostname:$port/somefile.txt"; + +$expected_error_code = 5; + +my $retryssl = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $servercrt, + keyfile => $serverkey, + lhostname => $testhostname, + sslport => $port); +if ($retryssl->run() == 0) +{ + unlink "$cdir/certs/crlnumber"; + exit -1; +} +else +{ + unlink "$cdir/certs/crlnumber"; + print "Test successful.\n"; + exit 0; +} +# vim: et ts=4 sw=4 diff --git a/tests/Test-https-pfs.px b/tests/Test-https-pfs.px index f23dd37..0c9e202 100755 --- a/tests/Test-https-pfs.px +++ b/tests/Test-https-pfs.px @@ -2,7 +2,8 @@ use strict; use warnings; - +use Socket; +use WgetFeature qw(https); use SSLTest; ############################################################################### @@ -19,15 +20,31 @@ my %urls = ( }, ); +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + my $cdir = $ENV{'PWD'}; # HOSTALIASES env variable allows us to create hosts file alias. my $testhostname = "WgetTestingServer"; my $testhostfile = "$cdir/wgethosts"; -open(my $fh, '>', $testhostfile); -print $fh "$testhostname 127.0.0.1\n"; -close $fh; $ENV{'HOSTALIASES'} = "$cdir/wgethosts"; -my $cmdline = $WgetTest::WGETPATH . " --secure-protocol=PFS --ca-certificate=$cdir/certs/test-ca-cert.pem https://$testhostname:55443/somefile.txt"; + +my $addr = gethostbyname($testhostname) or + exit 77; +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $testhostname"; + exit 77; +} + +my $port = 54443; +my $cmdline = $WgetTest::WGETPATH . " --secure-protocol=PFS". + " --ca-certificate=$cdir/certs/test-ca-cert.pem". + " https://$testhostname:$port/somefile.txt"; my $expected_error_code = 0; @@ -44,7 +61,8 @@ my $sslsock = SSLTest->new(cmdline => $cmdline, input => \%urls, errcode => $expected_error_code, existing => \%existing_files, - output => \%expected_downloaded_files); -$sslsock->run(); + output => \%expected_downloaded_files, + sslport => $port); +exit $sslsock->run(); # vim: et ts=4 sw=4 diff --git a/tests/Test-https-selfsigned.px b/tests/Test-https-selfsigned.px index 30a6caa..05cbf4d 100755 --- a/tests/Test-https-selfsigned.px +++ b/tests/Test-https-selfsigned.px @@ -2,7 +2,8 @@ use strict; use warnings; - +use Socket; +use WgetFeature qw(https); use SSLTest; ############################################################################### @@ -19,32 +20,50 @@ my %urls = ( }, ); +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + my $cdir = $ENV{'PWD'}; # HOSTALIASES env variable allows us to create hosts file alias. -my $testhostname = "wgettesterr"; +my $testhostname = "WgetTestingServer"; my $testhostfile = "$cdir/wgethosts"; -open(my $fh, '>', $testhostfile); -print $fh "$testhostname 127.0.0.1\n"; -close $fh; $ENV{'HOSTALIASES'} = "$cdir/wgethosts"; +my $addr = gethostbyname($testhostname) or + exit 77; +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $testhostname"; + exit 77; +} + # Prepare self-signed certifcates my $certfile="tmpsscert.pem"; my $keyfile="tmpsskey.pem"; my $certsubj="/C=US/ST=CA/L=Mystery Spot/O=Dis/CN=$testhostname/emailAddress=tester"; -my $sscertcmd="openssl req -x509 -nodes -newkey rsa:4096 -keyout $keyfile -out $certfile -days 365 -subj \"$certsubj\""; +my $sscertcmd="openssl req -x509 -nodes -newkey rsa:4096 -keyout $keyfile ". + " -out $certfile -days 365 -subj \"$certsubj\""; system($sscertcmd); -my $sscheck=`(openssl x509 -noout -modulus -in $certfile | openssl md5 ; openssl rsa -noout -modulus -in $keyfile | openssl md5) | uniq|wc -l`; +my $sscheck=`(openssl x509 -noout -modulus -in $certfile | openssl md5 ; + openssl rsa -noout -modulus -in $keyfile | openssl md5) | + uniq|wc -l`; # Check if Self signed certificate and key are made correctly. -unless(-e $certfile && -e $keyfile && $sscheck == 1) { +unless(-e $certfile && -e $keyfile && $sscheck == 1) +{ exit 77; # skip } # Try Wget using SSL first without --no-check-certificate. expect error -my $cmdline = $WgetTest::WGETPATH . " --ca-certificate=$cdir/certs/test-ca-cert.pem https://$testhostname:55443/somefile.txt"; +my $port = 56443; +my $cmdline = $WgetTest::WGETPATH . " --ca-certificate=$cdir/certs/test-ca-cert.pem". + " https://$testhostname:$port/somefile.txt"; my $expected_error_code = 5; my %existing_files = ( ); @@ -62,11 +81,18 @@ my $sslsock = SSLTest->new(cmdline => $cmdline, output => \%expected_downloaded_files, certfile => $certfile, keyfile => $keyfile, - lhostname => $testhostname); -$sslsock->run(); + lhostname => $testhostname, + sslport => $port); +if ($sslsock->run() == 0) +{ + exit 0; +} # Retry the test with --no-check-certificate. expect success -$cmdline = $WgetTest::WGETPATH . " --no-check-certificate --ca-certificate=$cdir/certs/test-ca-cert.pem https://$testhostname:55443/somefile.txt"; +$port = 57443; +$cmdline = $WgetTest::WGETPATH . " --no-check-certificate ". + " --ca-certificate=$cdir/certs/test-ca-cert.pem". + " https://$testhostname:$port/somefile.txt"; $expected_error_code = 0; @@ -77,6 +103,7 @@ my $retryssl = SSLTest->new(cmdline => $cmdline, output => \%expected_downloaded_files, certfile => $certfile, keyfile => $keyfile, - lhostname => $testhostname); -$retryssl->run(); + lhostname => $testhostname, + sslport => $port); +exit $retryssl->run(); # vim: et ts=4 sw=4 diff --git a/tests/Test-https-tlsv1.px b/tests/Test-https-tlsv1.px index 22665f5..8bd58d0 100755 --- a/tests/Test-https-tlsv1.px +++ b/tests/Test-https-tlsv1.px @@ -2,7 +2,8 @@ use strict; use warnings; - +use Socket; +use WgetFeature qw(https); use SSLTest; ############################################################################### @@ -19,15 +20,31 @@ my %urls = ( }, ); +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + my $cdir = $ENV{'PWD'}; # HOSTALIASES env variable allows us to create hosts file alias. my $testhostname = "WgetTestingServer"; my $testhostfile = "$cdir/wgethosts"; -open(my $fh, '>', $testhostfile); -print $fh "$testhostname 127.0.0.1\n"; -close $fh; $ENV{'HOSTALIASES'} = "$cdir/wgethosts"; -my $cmdline = $WgetTest::WGETPATH . " --secure-protocol=TLSv1 --ca-certificate=$cdir/certs/test-ca-cert.pem https://$testhostname:55443/somefile.txt"; + +my $addr = gethostbyname($testhostname) or + exit 77; +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $testhostname"; + exit 77; +} + +my $port = 58443; +my $cmdline = $WgetTest::WGETPATH . " --secure-protocol=TLSv1". + " --ca-certificate=$cdir/certs/test-ca-cert.pem". + " https://$testhostname:$port/somefile.txt"; my $expected_error_code = 0; @@ -44,7 +61,8 @@ my $sslsock = SSLTest->new(cmdline => $cmdline, input => \%urls, errcode => $expected_error_code, existing => \%existing_files, - output => \%expected_downloaded_files); -$sslsock->run(); + output => \%expected_downloaded_files, + sslport => $port); +exit $sslsock->run(); # vim: et ts=4 sw=4 diff --git a/tests/Test-https-tlsv1x.px b/tests/Test-https-tlsv1x.px index 8dd57dc..9d31942 100755 --- a/tests/Test-https-tlsv1x.px +++ b/tests/Test-https-tlsv1x.px @@ -2,7 +2,8 @@ use strict; use warnings; - +use Socket; +use WgetFeature qw(https); use SSLTest; ############################################################################### @@ -19,15 +20,31 @@ my %urls = ( }, ); +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + my $cdir = $ENV{'PWD'}; # HOSTALIASES env variable allows us to create hosts file alias. my $testhostname = "WgetTestingServer"; my $testhostfile = "$cdir/wgethosts"; -open(my $fh, '>', $testhostfile); -print $fh "$testhostname 127.0.0.1\n"; -close $fh; $ENV{'HOSTALIASES'} = "$cdir/wgethosts"; -my $cmdline = $WgetTest::WGETPATH . " --secure-protocol=TLSv1_1 --ca-certificate=$cdir/certs/test-ca-cert.pem https://$testhostname:55443/somefile.txt"; + +my $addr = gethostbyname($testhostname) or + exit 77; +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $testhostname"; + exit 77; +} + +my $port = 59443; +my $cmdline = $WgetTest::WGETPATH . " --secure-protocol=TLSv1_1". + " --ca-certificate=$cdir/certs/test-ca-cert.pem". + " https://$testhostname:$port/somefile.txt"; my $expected_error_code = 0; @@ -44,7 +61,8 @@ my $sslsock = SSLTest->new(cmdline => $cmdline, input => \%urls, errcode => $expected_error_code, existing => \%existing_files, - output => \%expected_downloaded_files); -$sslsock->run(); + output => \%expected_downloaded_files, + sslport => $port); +exit $sslsock->run(); # vim: et ts=4 sw=4 diff --git a/tests/Test-https-weboftrust.px b/tests/Test-https-weboftrust.px new file mode 100755 index 0000000..f0cf6c8 --- /dev/null +++ b/tests/Test-https-weboftrust.px @@ -0,0 +1,171 @@ +#!/usr/bin/env perl + +use strict; +use warnings; +use Socket; +use WgetFeature qw(https); +use SSLTest; + +############################################################################### + +# code, msg, headers, content +my %urls = ( + '/somefile.txt' => { + code => "200", + msg => "Dontcare", + headers => { + "Content-type" => "text/plain", + }, + content => "blabla", + }, +); + +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + +my $cdir = $ENV{'PWD'}; + +# HOSTALIASES env variable allows us to create hosts file alias. +my $testhostname = "WgetTestingServer"; +my $testhostfile = "$cdir/wgethosts"; +$ENV{'HOSTALIASES'} = "$cdir/wgethosts"; + +my $addr = gethostbyname($testhostname) or + exit 77; +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $testhostname"; + exit 77; +} + +# Create certindex +open CERTID, ">", "$cdir/certs/certindex" or + warn "Cannot overwrite file $cdir/certs/certindex"; +close CERTID; + +# Create certserial +open CERTSN, ">", "$cdir/certs/certserial" or + warn "Cannot overwrite file $cdir/certs/certserial"; +print CERTSN "1122"; +close CERTSN; + +# Create crlnumber +open CRLN, ">", "$cdir/certs/crlnumber" or + warn "Cannot overwrite file $cdir/certs/crlnumber"; +close CRLN; + +# Create Intermediate CA +my $caconf = "certs/rootca.conf"; +my $icrtfile = "certs/interca.crt"; +my $ikeyfile = "certs/interca.key"; +my $icsrfile = "certs/interca.csr"; +my $icasubj = "/C=US/ST=CA/L=Intermediate Mystery Spot/O=Int/CN=". + "ica-$testhostname/emailAddress=icatester"; +my $icacmd = "openssl genrsa -out $ikeyfile 4096 && openssl req -new". + " -sha256 -key $ikeyfile -out $icsrfile -days 365 ". + " -subj \"$icasubj\" &&". + "openssl ca -batch -config $caconf -notext -in $icsrfile". + " -out $icrtfile"; + +system($icacmd); +my $icacheck=`(openssl x509 -noout -modulus -in $icrtfile | openssl md5 ; + openssl rsa -noout -modulus -in $ikeyfile | openssl md5) | + uniq | wc -l`; +# Check if certificate and key are made correctly. +unless(-e $icrtfile && -e $ikeyfile && $icacheck == 1) +{ + exit 77; # skip +} + +# Now create web of trust - Root CA + Intermediate CA +open WOT, ">", "$cdir/certs/wotca.pem" or + die "Cannot overwrite file $cdir/certs/wotca"; +open ICA, "<", $icrtfile or die "Cannot read file $icrtfile"; +while () +{ + print WOT $_; +} +print WOT "\n"; +close ICA; +open RCA, "<", "$cdir/certs/test-ca-cert.pem" or + die "Cannot read file $cdir/certs/test-ca-cert.pem"; +while () +{ + print WOT $_; +} +print WOT "\n"; +close RCA; +close WOT; + +# Create Test certificate using intermediate CA +my $icaconf = "certs/interca.conf"; +my $usrcrt = "certs/user.crt"; +my $usrkey = "certs/user.key"; +my $usrcsr = "certs/user.csr"; +my $usrsubj = "/C=US/ST=CA/L=User Mystery Spot/O=Int/CN=$testhostname/". + "emailAddress=usertester"; +my $usrcmd = "openssl genrsa -out $usrkey 4096 && ". + "openssl req -new -sha256 -key $usrkey -out $usrcsr -days". + " 365 -subj \"$usrsubj\" && ". + "openssl ca -batch -config $icaconf -notext -in $usrcsr ". + "-out $usrcrt"; + +system($usrcmd); +my $usrcheck=`(openssl x509 -noout -modulus -in $usrcrt | openssl md5 ; + openssl rsa -noout -modulus -in $usrkey | openssl md5) | + uniq | wc -l`; +# Check if certificate and key are made correctly. +unless(-e $usrcrt && -e $ikeyfile && $usrcheck == 1) +{ + exit 77; # skip +} + +# Try Wget using SSL using certificate signed by intermediate CA. Expect error. +my $port = 60443; +my $cmdline = $WgetTest::WGETPATH . " --ca-certificate=$cdir/certs/". + "test-ca-cert.pem https://$testhostname:$port/somefile.txt"; +my $expected_error_code = 5; +my %existing_files = ( +); + +my %expected_downloaded_files = ( + 'somefile.txt' => { + content => "blabla", + }, +); + +my $sslsock = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $usrcrt, + keyfile => $usrkey, + lhostname => $testhostname); +if ($sslsock->run() == 0) +{ + exit 0; +} + +# Retry the test with --no-check-certificate. expect success +$port = 61443; +$cmdline = $WgetTest::WGETPATH . " --ca-certificate=$cdir/certs/wotca.pem". + " https://$testhostname:$port/somefile.txt"; + +$expected_error_code = 0; + +my $retryssl = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $usrcrt, + keyfile => $usrkey, + lhostname => $testhostname, + sslport => $port); +exit $retryssl->run(); +# vim: et ts=4 sw=4 diff --git a/tests/WgetFeature.cfg b/tests/WgetFeature.cfg index a1176e0..1c4f461 100644 --- a/tests/WgetFeature.cfg +++ b/tests/WgetFeature.cfg @@ -1,5 +1,6 @@ %skip_messages = ( https => "Not running test: Wget under test doesn't support HTTPS.", + ssl/openssl => "Not running test: Wget doesn't use OpenSSL.", iri => "Not running test: Wget under test doesn't support IDN/IRI.", ); diff --git a/tests/certs/interca.conf b/tests/certs/interca.conf new file mode 100644 index 0000000..7e7576b --- /dev/null +++ b/tests/certs/interca.conf @@ -0,0 +1,64 @@ +[ ca ] +default_ca = myca + +[ crl_ext ] +issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always + + [ myca ] + dir = ./certs/ + new_certs_dir = $dir + unique_subject = no + certificate = $dir/interca.crt + database = $dir/certindex + private_key = $dir/interca.key + serial = $dir/certserial + default_days = 730 + default_md = sha1 + policy = myca_policy + x509_extensions = myca_extensions + crlnumber = $dir/crlnumber + default_crl_days = 730 + + [ myca_policy ] + commonName = supplied + stateOrProvinceName = supplied + countryName = optional + emailAddress = optional + organizationName = supplied + organizationalUnitName = optional + + [ myca_extensions ] + basicConstraints = critical,CA:TRUE + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [ v3_ca ] + basicConstraints = critical,CA:TRUE,pathlen:0 + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [alt_names] + DNS.0 = WgetTestingServer + + [crl_section] + URI.0 = http://intertest.wgettest.org/Bogus.crl + URI.1 = http://intertest.wgettest.org/Bogus.crl + + [ocsp_section] + caIssuers;URI.0 = http://intertest.wgettest.com/Bogus.crt + caIssuers;URI.1 = http://intertest.wgettest.com/Bogus.crt + OCSP;URI.0 = http://intertest.wgettest.com/ocsp/ + OCSP;URI.1 = http://intertest.wgettest.com/ocsp/ diff --git a/tests/certs/rootca.conf b/tests/certs/rootca.conf new file mode 100644 index 0000000..fc8dce7 --- /dev/null +++ b/tests/certs/rootca.conf @@ -0,0 +1,64 @@ +[ ca ] +default_ca = myca + +[ crl_ext ] +issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always + + [ myca ] + dir = ./certs/ + new_certs_dir = $dir + unique_subject = no + certificate = $dir/test-ca-cert.pem + database = $dir/certindex + private_key = $dir/test-ca-key.pem + serial = $dir/certserial + default_days = 730 + default_md = sha1 + policy = myca_policy + x509_extensions = myca_extensions + crlnumber = $dir/crlnumber + default_crl_days = 730 + + [ myca_policy ] + commonName = supplied + stateOrProvinceName = supplied + countryName = optional + emailAddress = optional + organizationName = supplied + organizationalUnitName = optional + + [ myca_extensions ] + basicConstraints = critical,CA:TRUE + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment,cRLSign,keyCertSign + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [ v3_ca ] + basicConstraints = critical,CA:TRUE,pathlen:0 + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment,cRLSign,keyCertSign + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [alt_names] + DNS.0 = WgetTestingServer + + [crl_section] + URI.0 = http://test.wgettest.org/Bogus.crl + URI.1 = http://test.wgettest.org/Bogus.crl + + [ocsp_section] + caIssuers;URI.0 = http://test.wgettest.com/Bogus.crt + caIssuers;URI.1 = http://test.wgettest.com/Bogus.crt + OCSP;URI.0 = http://test.wgettest.com/ocsp/ + OCSP;URI.1 = http://test.wgettest.com/ocsp/ diff --git a/tests/certs/test-ca-key.pem b/tests/certs/test-ca-key.pem new file mode 100644 index 0000000..0bef904 --- /dev/null +++ b/tests/certs/test-ca-key.pem @@ -0,0 +1,58 @@ +!!!!!DO NOT USE THIS KEY FOR ANYTHING !!!!!!! +!!!!THIS FILE IS FOR TESTING WGET ONLY!!!!!! + +-----BEGIN RSA PRIVATE KEY----- +MIIJKgIBAAKCAgEArx5p0JWOfE/z3GXkd57QaemGBC8ZmE463Yhy6WtR7ww5MGMl +QmlsYYvEeZj/3FLe2mdAazTAlU8uf3BM5f8PUVahESgwevGVNJLtgOGJgxXp5csl +LlWYZ+a3qL1FJYVqPKfiK/tb8BsgzzPyECmlCerXw1lQ+34Fc36bw5vFw6igegb8 +yz5N59yvZp3b9iooU1J5yRTGTpEmGhUrUNdUc2MEe2bwLiEgffVmX9oc2mIqLwfR +tFjJMvNb6Zr42yllWC5aVeSJ86tkIhuLRQRD/nmy3NR/Txne764BhNnJ+/INV16U +fJz1A2BeFBhbPdH7T6jQx3BxRDQew66Qe8ESGuWa6SsjWwhiCl/lJ1UeUWt9pjDN +qT4kfeWQzZKnbMoC7hwLMmmo9fsL65jPNR9iclf5FXBap39/gtWl9vobuTi+6yLJ +BGBvB4FsFsRNDVu0PM06wUew/d9oTP+3/GKI8UnqiT+76RlC3lcyRdAk5LKFofg9 +bPkNm/dw6aDFtfFTE4oNjRXrUK9w3SZsknne2oOveKoGOYg79T/wlgUo++Uwwa8N +yYujycVhEvqMdvX68awlrQIxMFSOcyeaiGVuZ/gWIq/7VZaDJGEpnm8vXkpkyxhD +Wa3qQcLqHKbydckEaLHc2BuNjI3yNiYZUxVr8MHRgrBarEXLHz0yarvNNUECAwEA +AQKCAgEApUnNkoU3QfqtMCA0bvvFt9IlHpneTLW6NhNucwdLBJjC+fr61h5vn/qu +bh+NkMXfdsHyOb5G8CcWuk6jJouCR8G+sVT/vWt862yrI/S9OK9cX/tIkt1Txu4r +9+b99xZgWfQUNHNCKfVRGIHtPngwQJYbJVWObHJcbtDX8N984Nqu7b7eqG+cVPcl +z3O8hDLycQLt1G/5ZXr3PbMxeVJlcavKNTfKB6BY7MrN4Dcc+LujGVUGCHWtIpw0 +6t/Nd/8wmvTVazEVTJs/HjplT7VhADaaLnmb2GuQ0yWoZV6zmUy0bvzkpmH3mUJC +SjFbHZSu4ldzCGwHXNrdFtITqdtoW81Tj+b3EsqNlB2u1I8DpOMR8vMGy5f0rYhs +Lf4Vmpvggw4bzLeu9A6XStxiB/wExn1QlQd54X1zfhssoF/pbu2RtCujn+y3zYCd +2c9gqdN5MaGsr1NSYUPilj39E4S4FwtGnZGIYhClglToy0sMB/8lQvGIz0WRRfSG +g+LUuiWuqn95ZrnSJvTSYCvsH0OB64IWpd9sHtu/P8Cjms3B/nIYjbG5gj68m319 +AsK1uFAqVmlGYVJVzgND9B9Egd4cODlTSsncEUQlS8PUZaym50FoBuO4vN+IYrZO +H/yL6+hq3l/va/xlr4ZMEiBdEAiSj7g6XqQGzTgOz47RJn1FAGECggEBAOi8Moix +SGHhxpJZgeHuL2FgBuNT9GVDoTNbUtEoZ7NsJd4BG3MjbZFluFoSfFiawAqJ3e6c +ptUSiZ1KXN1gvMwVkget3MyenEzohYczwYOQeREAeRVr25Wq8cegvLaDFejMclCs +ILC80BaGbVcAmJMdOBzLVqtY/7lps0LWpGd/6KYXTm41erhWJkvx+Vt0uPKVzGqx +Ijjh/DSc5eX5BIdn2bYHLRu/xqfnX2kSH37PSto55ROSu8D8YwjaOdyQ1Hha6+O1 +Q6E4d2HliYqv1WaDHjyAXjmlP/3ob5f3QdXbqpB1smGPimK3hiZB0sYgdUI3yW9c +NkynqGBeoTSPjG0CggEBAMCfyVJnG1fCnFZFCtPawYKK/IoMNyYzgIKomlcBdF/8 +J8Gwr6jcFBbdefT+VypVO0DywPrIFppDzjGEmZarFRgXsspGBenQQrZTPG1eUldY +U89ODTsYNk0AXdctkMvAFSfVbA/4pnXAiXzKeEDk2YOhDYP1Y/T9eZQ3AI+LNeGO +1Oqd9hGgsW0rqVgW+rCbUTezFE5J+2zbzMu2XnJieueG33iaVMpHzqnLLe27SYcI +7VmgttZL4eL6/klPHSKC8x3y1c2T88d+HAuW+mB+bQ2iQWYfM82SyxjTER/7jpTy +Zpj/mibgt2cQxVowWFmMMOLXczhpu/GOgRxxCXVQn6UCggEBAOa30vzxiskGMn1Y +4EpifnPw50MrMkfFEKRB70rL3GnhV3TK8jRlNbSC+4vHcZ/A4YpQ/EMU5sqp0uSs +GH2Z7e//nkGgmRf8UQRpKh5LL5bGfU5egqq6vveTfJajARGJyAl9zAGvccTjmQIL +h49NVvPYbo0VAzlgRDrBz2T+NgMoqTEmP6k/uQXO2a5GFiYVA1fxKrHGIh/z37sk +o0Aladj2Gby7RnuQ1VYUJ+CYh8KFqzXFWRPbTefWDDN1axD+PrOFpv2Y749+09Kn +438qKsqyRyJBO6e360VBzIcBJjHkzyTgmNLgopaUSxfX/yRMfxIDDd0os+ev+Vp3 +1SWu/M0CggEAWSvfZCFNPCRggWN27rpPaOJ0pGehRDMFY/cvc+W9fQ3bTcRAnXg8 +aJVg9vSjX3qTcq6ufaoRJJsNIklTXLeYjU2zPAaMiEAcEhGYYL0Qe1Ttf4OPhnLf ++GeaCZoTdO9YG9emLgKa9NoMC9QjNU98Dn6JJjR8cJbDKMUJomn8qI2ZrX8wwdpV +KMfUnm4M4aMVRybE2LVRCoT6WrfzIxrJ8NK0Mz2m0PnLBzmC6pIQKM4OKrbGzY/V +Y2F0RHW2dBqQ96VKKuA6M3kC/K6I/BCq5WvewKrjLWCuWrCjNd4blIJe0qdJMoRH +AxR1eBn3XIUUwH6i3VO9aMbiqEr/6OpI7QKCAQEAslqWEcRSL8bxXTVs1Jqip4wW +lbJoym+zXhMLiqxCbMukClkkCdaI+lxNVdxs4MpACHYRAhHwVvAujz5JcgiMjSRC +IK/JGu9uVkSriA/YJxmmMPvTYI1bmT1lT99HUqhzM5COuSFJh9D8cfpHJSUC+6rF +1U/YcdcrZAMl3UH30XdsJLc6l3L/0gyseohwWT76dSqqOOathvNM5PsE8jNzPEo7 +VUdfrrDpEw0dPjk4IF8cpC389H1j8lnwxkWQtHHhXZTXHJlC9xYPa3PRsRn18pJy +vxz9r76vJ3YJiQTxv8MKw/AaQrNDZng0Ff5kqQAqc/q/CvHdb2pur8NTsS/09w== +-----END RSA PRIVATE KEY----- +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!!!!!DO NOT USE THIS KEY FOR ANYTHING !!!!!!! +!!!!THIS FILE IS FOR TESTING WGET ONLY!!!!!! \ No newline at end of file diff --git a/tests/wgethosts b/tests/wgethosts new file mode 100644 index 0000000..1697b5f --- /dev/null +++ b/tests/wgethosts @@ -0,0 +1 @@ +WgetTestingServer 127.0.0.1 -- 2.7.4