1*8657d445Sbeck#!/usr/bin/perl 2*8657d445Sbeck# 3*8657d445Sbeck# Copyright (c) 2021 Bob Beck <beck@openbsd.org> 4*8657d445Sbeck# 5*8657d445Sbeck# Permission to use, copy, modify, and distribute this software for any 6*8657d445Sbeck# purpose with or without fee is hereby granted, provided that the above 7*8657d445Sbeck# copyright notice and this permission notice appear in all copies. 8*8657d445Sbeck# 9*8657d445Sbeck# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10*8657d445Sbeck# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11*8657d445Sbeck# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12*8657d445Sbeck# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13*8657d445Sbeck# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14*8657d445Sbeck# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15*8657d445Sbeck# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16*8657d445Sbeck# 17*8657d445Sbeck 18*8657d445Sbeck# Validate that we call out with the same chain on the callback with the legacy 19*8657d445Sbeck# verifier as we do with the new verifier in compatibility mode. We ignore cases 20*8657d445Sbeck# where one of the tests does not succesd to find a chain, as the error paths 21*8657d445Sbeck# may be different. It's also ok for the new verifier to have signalled an 22*8657d445Sbeck# error before finding a chain since it may try something and then back up. 23*8657d445Sbeck 24*8657d445Sbeckmy $Test; 25*8657d445Sbeckmy $State = "Read"; 26*8657d445Sbeckmy @Legacy; 27*8657d445Sbeckmy @Modern; 28*8657d445Sbeckmy $Mfail; 29*8657d445Sbeckmy @Lfail; 30*8657d445Sbeckmy $Failures = ""; 31*8657d445Sbeck 32*8657d445Sbeckwhile (<>) { 33*8657d445Sbeck chomp; 34*8657d445Sbeck print "$_\n"; 35*8657d445Sbeck if ($State eq "Read") { 36*8657d445Sbeck if (/^== Test/) { 37*8657d445Sbeck $Test = $_; 38*8657d445Sbeck @Legacy = (); 39*8657d445Sbeck @Modern = (); 40*8657d445Sbeck $Mfail = 0; 41*8657d445Sbeck $Lfail = 0; 42*8657d445Sbeck $State = "Read"; 43*8657d445Sbeck next; 44*8657d445Sbeck } 45*8657d445Sbeck if (/^== Legacy/) { 46*8657d445Sbeck $State = "Legacy"; 47*8657d445Sbeck next; 48*8657d445Sbeck } 49*8657d445Sbeck if (/^== Modern/) { 50*8657d445Sbeck $State = "Modern"; 51*8657d445Sbeck next; 52*8657d445Sbeck } 53*8657d445Sbeck } 54*8657d445Sbeck if ($State eq "Legacy") { 55*8657d445Sbeck if (/^INFO/) { 56*8657d445Sbeck $State = "Read"; 57*8657d445Sbeck next; 58*8657d445Sbeck } 59*8657d445Sbeck if (/^FAIL/) { 60*8657d445Sbeck $Lfail = 1; 61*8657d445Sbeck $State = "Read"; 62*8657d445Sbeck next; 63*8657d445Sbeck } 64*8657d445Sbeck push @Legacy, ($_); 65*8657d445Sbeck } 66*8657d445Sbeck if ($State eq "Modern") { 67*8657d445Sbeck if (/^INFO/) { 68*8657d445Sbeck $State = "Process"; 69*8657d445Sbeck next; 70*8657d445Sbeck } 71*8657d445Sbeck if (/^FAIL/) { 72*8657d445Sbeck $Mfail = 1; 73*8657d445Sbeck $State = "Process"; 74*8657d445Sbeck next; 75*8657d445Sbeck } 76*8657d445Sbeck push @Modern, ($_); 77*8657d445Sbeck } 78*8657d445Sbeck if ($State eq "Process") { 79*8657d445Sbeck my $mlen = scalar(@Modern); 80*8657d445Sbeck my $llen = scalar(@Legacy); 81*8657d445Sbeck print "$Test has $llen legacy lines and $mlen modern lines\n"; 82*8657d445Sbeck while ($mlen > 0 && $llen > 0) { 83*8657d445Sbeck my $lline = $Legacy[$llen - 1]; 84*8657d445Sbeck my $mline = $Modern[$mlen - 1]; 85*8657d445Sbeck 86*8657d445Sbeck if (!@Mfail && !$Lfail && $mline =~ /error 0 cert/ && $lline =~ /error 0 cert/) { 87*8657d445Sbeck if ($lline ne $mline) { 88*8657d445Sbeck print "MISMATCH: $lline VS $mline\n"; 89*8657d445Sbeck $Failures .= "$Test "; 90*8657d445Sbeck } 91*8657d445Sbeck } 92*8657d445Sbeck $mlen--; 93*8657d445Sbeck $llen--; 94*8657d445Sbeck } 95*8657d445Sbeck $State = "Read"; 96*8657d445Sbeck next; 97*8657d445Sbeck } 98*8657d445Sbeck} 99*8657d445Sbeckprint "=============Test Summary============\n"; 100*8657d445Sbeckif ($Failures ne "") { 101*8657d445Sbeck print "FAIL: Mismatech on $Failures\n"; 102*8657d445Sbeck exit 1; 103*8657d445Sbeck} 104*8657d445Sbeckprint "Success: No Mismatches\n"; 105*8657d445Sbeckexit 0; 106