1#! /bin/csh -f 2# 3# run sslViewer on a list of known sites, using sslViewer's 'verify 4# protocol' option. 5# Arguments to this script are passed on to sslViewer unmodified. 6# 7set ARG_LIST = 8while ( $#argv > 0 ) 9 set thisArg = "$argv[1]" 10 set ARG_LIST = "$ARG_LIST $thisArg" 11 shift 12end 13echo Starting verifyPing\; args: $ARG_LIST 14 15# 16# Sites which support all three protocols 17# 18# this flaked out yet agaqin... www.cduniverse.com 19# amazon v2 sends a cert which requires an intermediate 20set FULL_TLS_SITES = ( mypage.apple.com \ 21 gmail.google.com ) 22 23# 24# Sites which support SSLv2 and SSLv3 only 25# None known currently 26# 27set FULL_SSL_SITES = 28 29# 30# Sites which support SSLv2 only 31# 32# store.apple.com seems to have been permanently upgraded. 33# 34#set SSLV2_SITES = ( store.apple.com ) 35 36# 37# Sites which support only TLSv1 and SSLv3 38# remote.harpercollins.com asks for a client cert but works if you don't give it one 39# 40set TLS_SSL3_SITES = ( www.thawte.com \ 41 store.apple.com \ 42 digitalid.verisign.com \ 43 www.firstamlink.com \ 44 remote.harpercollins.com \ 45 mbanxonlinebanking.harrisbank.com \ 46 directory.umich.edu \ 47 weblogin.umich.edu \ 48 www.sun.com ) 49 50# 51# Sites which support all three protocols if 'r' option is specified for SSL2 only 52# I.e., these really need to be able to transmit an intermediate cert for us 53# to verify them, and SSLv2 doesn't allow that. 54# 55# 9/24/04 - secure.authorize.net keeps throwing SIGPIPE 56# secure.authorize.net 57# 58set FULL_TLS_ANYROOT_SITES = ( www.amazon.com \ 59 accounts.key.com \ 60 account.authorize.net ) 61 62# 63# Here's one which supports TLSv1 and SSLv2 only (!). It tests the Entrust root cert. 64# set TLS_SSL2_SITES = ( directory.umich.edu) 65# 66set TLS_SSL2_SITES = 67 68# SSLv3 only - try with TLSv1 69set SSL3_ONLY_SITES = ( www.verisign.com \ 70 www.cmarket.jp ) 71 72# 73# SSLv3 and TLS with any root set 74# office.bis.bonn.org sends a huge pile of certs per radar 3859283 and also asks 75# for a client cert 76# 77# 12/14/05 : office.bis.bonn.org is offline 78# 79# set TLS_SSL3_ANYROOT_SITES = ( office.bis.bonn.org ) 80set TLS_SSL3_ANYROOT_SITES = ( ) 81 82# 83# All three protocols. 84# One run with all three protocols using SSLv2-compatible Hello 85# One run for each of TLSv1 and SSLv3 ONLY using SLSv3 Hello 86# 87foreach site ($FULL_TLS_SITES); 88 $LOCAL_BUILD_DIR/sslViewer $site v L $ARG_LIST || exit(1); 89 $LOCAL_BUILD_DIR/sslViewer $site v t o $ARG_LIST || exit(1); 90 $LOCAL_BUILD_DIR/sslViewer $site v 3 o $ARG_LIST || exit(1); 91end 92 93# 94# SSLv3 only 95# Try with each of 96# TLSv1 w/SSLv2 Hello 97# SSLv3 w/SSLv3 Hello 98# 99foreach site ($SSL3_ONLY_SITES); 100 $LOCAL_BUILD_DIR/sslViewer $site v t m=3 $ARG_LIST || exit(1); 101 $LOCAL_BUILD_DIR/sslViewer $site v o 3 $ARG_LIST || exit(1); 102end 103 104# 105# SSLV2 seems to be obsolete in the real world 106# 107#foreach site ($SSLV2_SITES); 108# $LOCAL_BUILD_DIR/sslViewer $site m=2 $ARG_LIST || exit(1); 109# $LOCAL_BUILD_DIR/sslViewer $site 2 v $ARG_LIST || exit(1); 110#end 111 112# 113# All three protocols, but SSLv2 needs 'any root' 114# Test TLSv1 and SSLv3 with both SSLv3 and SSLv2 Hello 115# 116foreach site ($FULL_TLS_ANYROOT_SITES); 117 $LOCAL_BUILD_DIR/sslViewer $site v t $ARG_LIST || exit(1); 118 $LOCAL_BUILD_DIR/sslViewer $site v t o $ARG_LIST || exit(1); 119 $LOCAL_BUILD_DIR/sslViewer $site v 3 $ARG_LIST || exit(1); 120 $LOCAL_BUILD_DIR/sslViewer $site v 3 o $ARG_LIST || exit(1); 121 $LOCAL_BUILD_DIR/sslViewer $site v 2 r $ARG_LIST || exit(1); 122end 123 124# 125# No SSLv2 126# Test TLSv1 and SSLv3 with both SSLv3 and SSLv2 Hello 127# 128foreach site ($TLS_SSL3_SITES); 129 $LOCAL_BUILD_DIR/sslViewer $site v t $ARG_LIST || exit(1); 130 $LOCAL_BUILD_DIR/sslViewer $site v t o $ARG_LIST || exit(1); 131 $LOCAL_BUILD_DIR/sslViewer $site v 3 $ARG_LIST || exit(1); 132 $LOCAL_BUILD_DIR/sslViewer $site v 3 o $ARG_LIST || exit(1); 133end 134 135# try SSLv3 and expect SSLV2 136foreach site ($TLS_SSL2_SITES); 137 $LOCAL_BUILD_DIR/sslViewer $site v t $ARG_LIST || exit(1); 138 $LOCAL_BUILD_DIR/sslViewer $site v 3 m=2 $ARG_LIST || exit(1); 139end 140# TLS end SSLv3 with any root 141foreach site ($TLS_SSL3_ANYROOT_SITES); 142 $LOCAL_BUILD_DIR/sslViewer $site v t r $ARG_LIST || exit(1); 143 $LOCAL_BUILD_DIR/sslViewer $site v 3 r $ARG_LIST || exit(1); 144end 145