From 76b8ab73cd09459805f76ac01ec3fec984d6f8d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Wed, 26 Mar 2014 09:31:35 +0100
Subject: [PATCH] ssl-opt.sh: address some robustness issues

---
 tests/data_files/server1-nospace.crt | 21 +++++++++++++++++++++
 tests/ssl-opt.sh                     | 16 ++++++++--------
 2 files changed, 29 insertions(+), 8 deletions(-)
 create mode 100644 tests/data_files/server1-nospace.crt

diff --git a/tests/data_files/server1-nospace.crt b/tests/data_files/server1-nospace.crt
new file mode 100644
index 000000000..932c236a5
--- /dev/null
+++ b/tests/data_files/server1-nospace.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDhDCCAmygAwIBAgIBHzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTQwMzI2MDkyMzEyWhcNMjQwMzIzMDkyMzEyWjA7MQswCQYDVQQGEwJOTDERMA8G
+A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEHBvbGFyc3NsLmV4YW1wbGUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpAh89QGrVVVOL/TbugmUuFWFeib+4
+6EWQ2+6IFlLT8UNQR5YSWWSHa/0r4Eb5c77dz5LhkVvtZqBviSl5RYDQg2rVQUN3
+Xzl8CQRHgrBXOXDto+wVGR6oMwhHwQVCqf1Mw7Tf3QYfTRBRQGdzEw9A+G2BJV8K
+sVPGMH4VOaz5Wu5/kp6mBVvnE5eFtSOS2dQkBtUJJYl1B92mGo8/CRm+rWUsZOuV
+m9z+QV4XptpsW2nMAroULBYknErczdD3Umdz8S2gI/1+9DHKLXDKiQsE2y6mT3Bu
+ns69WIniU1meblqSZeKIPwyUGaPd5eidlRPtKdurcBLcWsprF6tSglSxAgMBAAGj
+gZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw
+YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBD
+QYIBADANBgkqhkiG9w0BAQsFAAOCAQEAXs4vQqlIlxrMbE6IwAHLcGJuz17Ru/en
+H9bUnnSh1pxa+NHMKZHBG3GT0iaxsVtXf56/tXH4+HL7ntJjrczGN1PbhMGPyt94
+556ZgDxkHT9k7KjPAIs9BrjFHvl9NyIZzcbwkiC0qGvdzjSfe3AiSYuhXI/9/Hog
+uUwReH+T2U/ICEHQ5O8aV5nvpgqL3EeEmyx3bu+YXtZMWQUYzX+ya4TnKVPdqwbf
+ebr6v1hLXrUFl6rZ3wEJ6MqUW3SGZRkCVNZUOD6Ky3+EiLwYFhuKGdFqSS0JAAD7
+ZO3yPu5hu3BhAQYavK4Yyfi9IQmubBqxopPwyzjG1HPw2lj+oapH0w==
+-----END CERTIFICATE-----
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index c0645b25d..2ec39b794 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -129,11 +129,11 @@ run_test() {
 
     # run the commands
     echo "$SRV_CMD" > srv_out
-    $SHELL -c "$SRV_CMD" >> srv_out 2>&1 &
+    $SRV_CMD >> srv_out 2>&1 &
     SRV_PID=$!
     sleep 1
     echo "$CLI_CMD" > cli_out
-    $SHELL -c "$CLI_CMD" >> cli_out 2>&1
+    eval "$CLI_CMD" >> cli_out 2>&1
     CLI_EXIT=$?
     echo "EXIT: $CLI_EXIT" >> cli_out
 
@@ -714,7 +714,7 @@ run_test    "SNI #0 (no SNI callback)" \
 run_test    "SNI #1 (matching cert 1)" \
             "$P_SRV debug_level=4 server_addr=127.0.0.1 \
              crt_file=data_files/server5.crt key_file=data_files/server5.key \
-             sni='localhost,data_files/server2.crt,data_files/server2.key,PolarSSL Server 1,data_files/server1.crt,data_files/server1.key'" \
+             sni=localhost,data_files/server2.crt,data_files/server2.key,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key" \
             "$P_CLI debug_level=0 server_addr=127.0.0.1 \
              server_name=localhost" \
              0 \
@@ -725,20 +725,20 @@ run_test    "SNI #1 (matching cert 1)" \
 run_test    "SNI #2 (matching cert 2)" \
             "$P_SRV debug_level=4 server_addr=127.0.0.1 \
              crt_file=data_files/server5.crt key_file=data_files/server5.key \
-             sni='localhost,data_files/server2.crt,data_files/server2.key,PolarSSL Server 1,data_files/server1.crt,data_files/server1.key'" \
+             sni=localhost,data_files/server2.crt,data_files/server2.key,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key" \
             "$P_CLI debug_level=0 server_addr=127.0.0.1 \
-             server_name='PolarSSL Server 1'" \
+             server_name=polarssl.example" \
              0 \
              -s "parse ServerName extension" \
              -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
-             -c "subject name *: C=NL, O=PolarSSL, CN=PolarSSL Server 1"
+             -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
 
 run_test    "SNI #3 (no matching cert)" \
             "$P_SRV debug_level=4 server_addr=127.0.0.1 \
              crt_file=data_files/server5.crt key_file=data_files/server5.key \
-             sni='localhost,data_files/server2.crt,data_files/server2.key,PolarSSL Server 1,data_files/server1.crt,data_files/server1.key'" \
+             sni=localhost,data_files/server2.crt,data_files/server2.key,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key" \
             "$P_CLI debug_level=0 server_addr=127.0.0.1 \
-             server_name='PolarSSL Server 2'" \
+             server_name=nonesuch.example" \
              1 \
              -s "parse ServerName extension" \
              -s "ssl_sni_wrapper() returned" \