From bc13451368cedb6411575f3ac9daba6c41f87a9e Mon Sep 17 00:00:00 2001
From: AJ ONeal <coolaj86@gmail.com>
Date: Sun, 4 Nov 2018 23:47:42 -0700
Subject: [PATCH] add quick and dirty domain-fronting test

---
 tests/domain-fronting.sh | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100755 tests/domain-fronting.sh

diff --git a/tests/domain-fronting.sh b/tests/domain-fronting.sh
new file mode 100755
index 0000000..0840adc
--- /dev/null
+++ b/tests/domain-fronting.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+set -e
+
+# This test is intended to run on a digital ocean instance on which all of the
+# following domains are listed on the same certificate as either subject or altnames:
+# test.ppl.family, www.test.ppl.family, test.greenlock.domains, www.test.greenlock.domains
+
+curl -sf https://test.ppl.family | grep -i Hello >/dev/null && echo "PASS no servername" || echo "FAIL no servername"
+curl -sf https://test.ppl.family -H "Host: test.ppl.family" | grep -i Hello >/dev/null && echo "PASS same servername" || echo "FAIL same servername"
+curl -sf https://test.ppl.family -H "Host: www.test.ppl.family" | grep -i Hello >/dev/null && echo "PASS similar altnames" || echo "FAIL similar altnames"
+curl -sf https://test.ppl.family -H "Host: www.test.greenlock.domains" | grep -i Hello >/dev/null && echo "PASS full altnames" || echo "FAIL full altnames"
+curl -s https://test.ppl.family -H "Host: example.com" | grep -i 'Domain Fronting' >/dev/null && echo "PASS detect fronting" || echo "FAIL detect fronting"
+echo "PASS ALL"