summaryrefslogtreecommitdiff
path: root/cpp/test/IceSSL/configuration/AllTests.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'cpp/test/IceSSL/configuration/AllTests.cpp')
-rw-r--r--cpp/test/IceSSL/configuration/AllTests.cpp151
1 files changed, 0 insertions, 151 deletions
diff --git a/cpp/test/IceSSL/configuration/AllTests.cpp b/cpp/test/IceSSL/configuration/AllTests.cpp
index 9d245f28ed5..f90ecf63cbf 100644
--- a/cpp/test/IceSSL/configuration/AllTests.cpp
+++ b/cpp/test/IceSSL/configuration/AllTests.cpp
@@ -2835,157 +2835,6 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12)
}
# endif
- //
- // No DSA support in Secure Transport / AIX 7.1
- //
-# if !defined(ICE_USE_SECURE_TRANSPORT) && !defined(_AIX) && !defined(ICE_USE_SCHANNEL)
- {
- //
- // DSA PEM keys are not supported with SChannel. Since Windows 10
- // Creator Update DHE_DSS is also disabled by default so DSA keys
- // can no longer be used.
- //
-
- //
- // Configure a server with RSA and DSA certificates.
- //
- // First try a client with a DSA certificate.
- //
- const string ciphers = openSSLVersion >= 0x10100000L ? "DHE:DSS:@SECLEVEL=0" : "DHE:DSS";
- InitializationData initData;
- initData.properties = createClientProps(defaultProps, p12, "c_dsa_ca1", "cacert1");
- initData.properties->setProperty("IceSSL.Ciphers", ciphers);
- CommunicatorPtr comm = initialize(initData);
- Test::ServerFactoryPrxPtr fact = ICE_CHECKED_CAST(Test::ServerFactoryPrx, comm->stringToProxy(factoryRef));
- test(fact);
- Test::Properties d = createServerProps(defaultProps, p12, "s_dsa_ca1", "cacert1");
- d["IceSSL.Ciphers"] = ciphers;
- d["IceSSL.VerifyPeer"] = "1";
-
- Test::ServerPrxPtr server = fact->createServer(d);
- try
- {
- server->ice_ping();
- }
- catch(const LocalException& ex)
- {
- cerr << ex << endl;
- test(false);
- }
- fact->destroyServer(server);
- comm->destroy();
- //
- // Next try a client with an RSA certificate.
- //
- initData.properties = createClientProps(defaultProps, p12, "c_rsa_ca1", "cacert1");
- comm = initialize(initData);
- fact = ICE_CHECKED_CAST(Test::ServerFactoryPrx, comm->stringToProxy(factoryRef));
- test(fact);
- d = createServerProps(defaultProps, p12, "", "cacert1");
- if(p12)
- {
- d["IceSSL.CertFile"] = "s_rsa_ca1.p12" + sep + "s_dsa_ca1.p12";
- }
- else
- {
- d["IceSSL.CertFile"] = "s_rsa_ca1_pub.pem" + sep + "s_dsa_ca1_pub.pem";
- d["IceSSL.KeyFile"] = "s_rsa_ca1_priv.pem" + sep + "s_dsa_ca1_priv.pem";
- }
- d["IceSSL.Ciphers"] = "DEFAULT:DSS";
- d["IceSSL.VerifyPeer"] = "1";
- server = fact->createServer(d);
-
- try
- {
- server->ice_ping();
- }
- catch(const LocalException& ex)
- {
- cerr << ex << endl;
- test(false);
- }
- fact->destroyServer(server);
- comm->destroy();
-
- //
- // Next try a client with ADH. This should fail.
- //
- initData.properties = createClientProps(defaultProps, p12);
- initData.properties->setProperty("IceSSL.Ciphers", "ADH");
-#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x1010100fL
- //
- // With OpenSSL 1.1 disable tls1.3 so that client and server negotiate
- // an anon cipher
- //
- initData.properties->setProperty("IceSSL.Protocols", "tls1_2,tls1_1");
-#endif
- comm = initialize(initData);
- fact = ICE_CHECKED_CAST(Test::ServerFactoryPrx, comm->stringToProxy(factoryRef));
- test(fact);
- d = createServerProps(defaultProps, p12, "", "cacert1");
- d["IceSSL.CertFile"] = "s_rsa_ca1_pub.pem" + sep + "s_dsa_ca1_pub.pem";
- d["IceSSL.KeyFile"] = "s_rsa_ca1_priv.pem" + sep + "s_dsa_ca1_priv.pem";
- d["IceSSL.Ciphers"] = "DEFAULT:DSS";
- d["IceSSL.VerifyPeer"] = "1";
- server = fact->createServer(d);
- try
- {
- server->ice_ping();
- test(false);
- }
- catch(const ProtocolException&)
- {
- // Expected.
- }
- catch(const LocalException& ex)
- {
- cerr << ex << endl;
- test(false);
- }
- fact->destroyServer(server);
- comm->destroy();
- }
-
- {
- //
- // Configure a server with RSA and a client with DSA. This should fail.
- //
- InitializationData initData;
- initData.properties = createClientProps(defaultProps, p12, "c_dsa_ca1", "cacert1");
- initData.properties->setProperty("IceSSL.Ciphers", "DSS");
-
- CommunicatorPtr comm = initialize(initData);
- Test::ServerFactoryPrxPtr fact = ICE_CHECKED_CAST(Test::ServerFactoryPrx, comm->stringToProxy(factoryRef));
- test(fact);
- Test::Properties d = createServerProps(defaultProps, p12, "s_rsa_ca1", "cacert1");
- d["IceSSL.VerifyPeer"] = "2";
-
- Test::ServerPrxPtr server = fact->createServer(d);
- try
- {
- server->ice_ping();
- test(false);
- }
- catch(const ProtocolException&)
- {
- // Expected.
- }
- catch(const ConnectionLostException&)
- {
- // Expected.
- }
- catch(const LocalException& ex)
- {
- cerr << ex << endl;
- test(false);
- }
- fact->destroyServer(server);
- comm->destroy();
- }
-# endif
- cout << "ok" << endl;
-#endif
-
cout << "testing IceSSL.TrustOnly... " << flush;
//
// UWP only provides the Subject and Issuer CN and not the full Subject and Issuer DNs,
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-03 16:50:04 +0000