diff options
| author | Daiki Ueno <ueno@gnu.org> | 2021-04-04 04:58:55 +0000 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2021-04-04 04:58:55 +0000 |
| commit | 5980d0d9a23b552703507625ba6437bca7f45005 (patch) | |
| tree | 641dfca6c467733c71e69a6449a44c7461db5caa | |
| parent | 5dd9a55040da54371807471bf3169d7a9a1f527e (diff) | |
| parent | 7f33b4013f91396af88805643578873110f389c1 (diff) | |
| download | gnutls-5980d0d9a23b552703507625ba6437bca7f45005.tar.gz | |
Merge branch 'wip/dueno/test-fixes-3.6' into 'gnutls_3_6_x'
testpkcs11: use datefudge to trick certificate expiry [3.6.x]
See merge request gnutls/gnutls!1409
| -rw-r--r-- | doc/gnutls.texi | 4 | ||||
| -rw-r--r-- | src/gl/override/modules/parse-datetime.diff | 128 | ||||
| -rw-r--r-- | tests/scripts/common.sh | 5 | ||||
| -rwxr-xr-x | tests/testpkcs11.sh | 12 | ||||
| -rwxr-xr-x | tests/tpmtool_test.sh | 37 |
5 files changed, 173 insertions, 13 deletions
diff --git a/doc/gnutls.texi b/doc/gnutls.texi index b2291a6867..4de9de79cf 100644 --- a/doc/gnutls.texi +++ b/doc/gnutls.texi @@ -16,8 +16,8 @@ This manual is last updated @value{UPDATED} for version @value{VERSION} of GnuTLS. -Copyright @copyright{} 2001-2020 Free Software Foundation, Inc.\\ -Copyright @copyright{} 2001-2020 Nikos Mavrogiannopoulos +Copyright @copyright{} 2001-2021 Free Software Foundation, Inc.\\ +Copyright @copyright{} 2001-2021 Nikos Mavrogiannopoulos @quotation Permission is granted to copy, distribute and/or modify this document diff --git a/src/gl/override/modules/parse-datetime.diff b/src/gl/override/modules/parse-datetime.diff new file mode 100644 index 0000000000..6f08605514 --- /dev/null +++ b/src/gl/override/modules/parse-datetime.diff @@ -0,0 +1,128 @@ +From b4953c24746af418aa005c4f64c80623af1c68ad Mon Sep 17 00:00:00 2001 +From: Bruno Haible <bruno@clisp.org> +Date: Wed, 29 Jul 2020 18:18:18 +0200 +Subject: [PATCH] parse-datetime: Fix compilation error with bison 3.7. + +* modules/parse-datetime (Makefile.am): Create a generated header file +parse-datetime-gen.h in the source directory. Correct #include and +--- + ChangeLog | 7 +++++++ + modules/parse-datetime | 18 ++++++++++++------ + 2 files changed, 19 insertions(+), 6 deletions(-) + +diff --git a/modules/parse-datetime b/modules/parse-datetime +index b4375fda43..39aaf6c592 100644 +--- a/modules/parse-datetime ++++ b/modules/parse-datetime +@@ -45,15 +45,21 @@ Makefile.am: + parse-datetime.c: parse-datetime.y + $(AM_V_YACC)$(PARSE_DATETIME_BISON) -d $(YFLAGS) $(AM_YFLAGS) $(srcdir)/parse-datetime.y \ + && test ':' = '$(PARSE_DATETIME_BISON)' || { \ +- sed -e 's|".*/parse-datetime.y"|"parse-datetime.y"|' < parse-datetime.tab.c > parse-datetime.c-t \ ++ sed -e 's|".*/parse-datetime\.y"|"parse-datetime.y"|' \ ++ -e 's|"parse-datetime\.tab\.c"|"parse-datetime.c"|' \ ++ -e 's|"parse-datetime\.tab\.h"|"parse-datetime-gen.h"|' \ ++ < parse-datetime.tab.c > parse-datetime.c-tmp \ ++ && sed -e 's|"parse-datetime\.tab\.h"|"parse-datetime-gen.h"|' \ ++ < parse-datetime.tab.h > parse-datetime-gen.h-tmp \ + && rm -f parse-datetime.tab.c parse-datetime.tab.h \ +- && mv parse-datetime.c-t $(srcdir)/parse-datetime.c; \ ++ && mv parse-datetime.c-tmp $(srcdir)/parse-datetime.c \ ++ && mv parse-datetime-gen.h-tmp $(srcdir)/parse-datetime-gen.h; \ + } + lib_SOURCES += parse-datetime.y +-BUILT_SOURCES += parse-datetime.c +-MOSTLYCLEANFILES += parse-datetime.tab.c parse-datetime.tab.h parse-datetime.c-t +-MAINTAINERCLEANFILES += parse-datetime.c +-EXTRA_DIST += parse-datetime.c ++BUILT_SOURCES += parse-datetime.c parse-datetime-gen.h ++MOSTLYCLEANFILES += parse-datetime.tab.c parse-datetime.tab.h parse-datetime.c-tmp parse-datetime-gen.h-tmp ++MAINTAINERCLEANFILES += parse-datetime.c parse-datetime-gen.h ++EXTRA_DIST += parse-datetime.c parse-datetime-gen.h + + Include: + "parse-datetime.h" +-- +2.30.2 + +From c6e65c2e9fc89cc1a3b743d370f69d222fbdb6bb Mon Sep 17 00:00:00 2001 +From: Bruno Haible <bruno@clisp.org> +Date: Sat, 1 Aug 2020 16:02:16 +0200 +Subject: [PATCH] parse-datetime: Fix wrong #line statements. + +* modules/parse-datetime (Makefile.am): Correct #line statements also in +parse-datetime-gen.h. +--- + ChangeLog | 6 ++++++ + modules/parse-datetime | 3 ++- + 2 files changed, 8 insertions(+), 1 deletion(-) + +diff --git a/modules/parse-datetime b/modules/parse-datetime +index 39aaf6c592..fb49ebb353 100644 +--- a/modules/parse-datetime ++++ b/modules/parse-datetime +@@ -49,7 +49,8 @@ parse-datetime.c: parse-datetime.y + -e 's|"parse-datetime\.tab\.c"|"parse-datetime.c"|' \ + -e 's|"parse-datetime\.tab\.h"|"parse-datetime-gen.h"|' \ + < parse-datetime.tab.c > parse-datetime.c-tmp \ +- && sed -e 's|"parse-datetime\.tab\.h"|"parse-datetime-gen.h"|' \ ++ && sed -e 's|".*/parse-datetime\.y"|"parse-datetime.y"|' \ ++ -e 's|"parse-datetime\.tab\.h"|"parse-datetime-gen.h"|' \ + < parse-datetime.tab.h > parse-datetime-gen.h-tmp \ + && rm -f parse-datetime.tab.c parse-datetime.tab.h \ + && mv parse-datetime.c-tmp $(srcdir)/parse-datetime.c \ +-- +2.30.2 + +From 8002ca7b56acb46b42eeac4a343e112a8ee283cf Mon Sep 17 00:00:00 2001 +From: Bruno Haible <bruno@clisp.org> +Date: Sun, 13 Sep 2020 22:03:16 +0200 +Subject: [PATCH] parse-datetime: Make the build rule work with parallel + 'make'. + +Reported by Daiki Ueno <ueno@gnu.org> in +<https://lists.gnu.org/archive/html/bug-gnulib/2020-09/msg00036.html>. + +* modules/parse-datetime (Makefile.am): Use a phony target and the +general idiom for rules that produce multiple files. +--- + ChangeLog | 8 ++++++++ + modules/parse-datetime | 12 +++++++++++- + 2 files changed, 19 insertions(+), 1 deletion(-) + + 2020-09-13 Ben Pfaff <blp@cs.stanford.edu> + + getpass: Check for nonnull prompt argument while avoiding warnings. +diff --git a/modules/parse-datetime b/modules/parse-datetime +index 14675194eb..a16b90f7d5 100644 +--- a/modules/parse-datetime ++++ b/modules/parse-datetime +@@ -43,7 +43,10 @@ Makefile.am: + # Additionally, here we assume GNU Bison and therefore don't need the ylwrap + # script. + # Therefore we override this rule. +-parse-datetime.c: parse-datetime.y ++# Since this is a rule that produces multiple files, we apply the idiom from ++# <https://lists.gnu.org/archive/html/bug-make/2020-09/msg00008.html>, so that ++# it works also in parallel 'make'. ++generate-parse-datetime: + $(AM_V_YACC)$(PARSE_DATETIME_BISON) -d $(YFLAGS) $(AM_YFLAGS) $(srcdir)/parse-datetime.y \ + && test ':' = '$(PARSE_DATETIME_BISON)' || { \ + sed -e 's|".*/parse-datetime\.y"|"parse-datetime.y"|' \ +@@ -57,6 +60,13 @@ parse-datetime.c: parse-datetime.y + && mv parse-datetime.c-tmp $(srcdir)/parse-datetime.c \ + && mv parse-datetime-gen.h-tmp $(srcdir)/parse-datetime-gen.h; \ + } ++.PHONY: generate-parse-datetime ++# The above rule will generate files with time stamp order ++# parse-datetime.y <= parse-datetime.c <= parse-datetime-gen.h. ++parse-datetime.c: parse-datetime.y ++ @{ test -f $(srcdir)/parse-datetime.c && test ! $(srcdir)/parse-datetime.c -ot $(srcdir)/parse-datetime.y; } || $(MAKE) generate-parse-datetime ++parse-datetime-gen.h: parse-datetime.c ++ @{ test -f $(srcdir)/parse-datetime-gen.h && test ! $(srcdir)/parse-datetime-gen.h -ot $(srcdir)/parse-datetime.c; } || $(MAKE) generate-parse-datetime + lib_SOURCES += parse-datetime.y + BUILT_SOURCES += parse-datetime.c parse-datetime-gen.h + MOSTLYCLEANFILES += parse-datetime.tab.c parse-datetime.tab.h parse-datetime.c-tmp parse-datetime-gen.h-tmp +-- +2.30.2 + diff --git a/tests/scripts/common.sh b/tests/scripts/common.sh index 6ae19fa586..69b5fd612a 100644 --- a/tests/scripts/common.sh +++ b/tests/scripts/common.sh @@ -187,6 +187,11 @@ launch_bare_server() { ${SERV} $* >${LOGFILE-/dev/null} & } +launch_bare_server2() { + wait_for_free_port "$PORT" + "$@" >${LOGFILE-/dev/null} & +} + wait_server() { local PID=$1 trap "test -n \"${PID}\" && kill ${PID};exit 1" 1 15 2 diff --git a/tests/testpkcs11.sh b/tests/testpkcs11.sh index 9458af2381..3d74bfea66 100755 --- a/tests/testpkcs11.sh +++ b/tests/testpkcs11.sh @@ -67,6 +67,8 @@ have_ed25519=0 P11TOOL="${VALGRIND} ${P11TOOL} --batch" SERV="${SERV} -q" +TESTDATE=2020-12-01 + . ${srcdir}/scripts/common.sh rm -f "${LOGFILE}" @@ -79,6 +81,8 @@ exit_error () { exit 1 } +skip_if_no_datefudge + # $1: token # $2: PIN # $3: filename @@ -523,6 +527,7 @@ write_certificate_test () { pubkey="$5" echo -n "* Generating client certificate... " + datefudge -s "$TESTDATE" \ "${CERTTOOL}" ${CERTTOOL_PARAM} ${ADDITIONAL_PARAM} --generate-certificate --load-ca-privkey "${cakey}" --load-ca-certificate "${cacert}" \ --template ${srcdir}/testpkcs11-certs/client-tmpl --load-privkey "${token};object=gnutls-client;object-type=private" \ --load-pubkey "$pubkey" --outfile tmp-client.crt >>"${LOGFILE}" 2>&1 @@ -900,7 +905,9 @@ use_certificate_test () { echo -n "* Using PKCS #11 with gnutls-cli (${txt})... " # start server eval "${GETPORT}" - launch_pkcs11_server $$ "${ADDITIONAL_PARAM}" --echo --priority NORMAL --x509certfile="${certfile}" \ + launch_bare_server2 datefudge -s "$TESTDATE" \ + $VALGRIND $SERV $DEBUG -p "$PORT" \ + ${ADDITIONAL_PARAM} --debug 10 --echo --priority NORMAL --x509certfile="${certfile}" \ --x509keyfile="$keyfile" --x509cafile="${cafile}" \ --verify-client-cert --require-client-cert >>"${LOGFILE}" 2>&1 @@ -908,13 +915,16 @@ use_certificate_test () { wait_server ${PID} # connect to server using SC + datefudge -s "$TESTDATE" \ ${VALGRIND} "${CLI}" ${ADDITIONAL_PARAM} -p "${PORT}" localhost --priority NORMAL --x509cafile="${cafile}" </dev/null >>"${LOGFILE}" 2>&1 && \ fail ${PID} "Connection should have failed!" + datefudge -s "$TESTDATE" \ ${VALGRIND} "${CLI}" ${ADDITIONAL_PARAM} -p "${PORT}" localhost --priority NORMAL --x509certfile="${certfile}" \ --x509keyfile="$keyfile" --x509cafile="${cafile}" </dev/null >>"${LOGFILE}" 2>&1 || \ fail ${PID} "Connection (with files) should have succeeded!" + datefudge -s "$TESTDATE" \ ${VALGRIND} "${CLI}" ${ADDITIONAL_PARAM} -p "${PORT}" localhost --priority NORMAL --x509certfile="${token};object=gnutls-client;object-type=cert" \ --x509keyfile="${token};object=gnutls-client;object-type=private" \ --x509cafile="${cafile}" </dev/null >>"${LOGFILE}" 2>&1 || \ diff --git a/tests/tpmtool_test.sh b/tests/tpmtool_test.sh index c6e4bc42ef..137552d621 100755 --- a/tests/tpmtool_test.sh +++ b/tests/tpmtool_test.sh @@ -138,6 +138,7 @@ start_tcsd() local tcsd_conf=$workdir/tcsd.conf local tcsd_system_ps_file=$workdir/system_ps_file local tcsd_pidfile=$workdir/tcsd.pid + local owner start_swtpm "$workdir" [ $? -ne 0 ] && return 1 @@ -146,20 +147,36 @@ start_tcsd() port = $TCSD_LISTEN_PORT system_ps_file = $tcsd_system_ps_file _EOF_ + # older versions of trousers require tss:tss ownership of the + # config file, later ones root:tss + for owner in tss root; do + if [ "$owner" = "tss" ]; then + chmod 0600 $tcsd_conf + else + chmod 0640 $tcsd_conf + fi + chown $owner:tss $tcsd_conf - chown tss:tss $tcsd_conf - chmod 0600 $tcsd_conf + bash -c "TCSD_USE_TCP_DEVICE=1 TCSD_TCP_DEVICE_PORT=$SWTPM_SERVER_PORT tcsd -c $tcsd_conf -e -f &>/dev/null & echo \$! > $tcsd_pidfile; wait" & + BASH_PID=$! - bash -c "TCSD_USE_TCP_DEVICE=1 TCSD_TCP_DEVICE_PORT=$SWTPM_SERVER_PORT tcsd -c $tcsd_conf -e -f &>/dev/null & echo \$! > $tcsd_pidfile; wait" & - BASH_PID=$! + if wait_for_file $tcsd_pidfile 3; then + echo "Could not get TCSD's PID file" + return 1 + fi - if wait_for_file $tcsd_pidfile 3; then - echo "Could not get TCSD's PID file" - return 1 - fi + sleep 0.5 + TCSD_PID=$(cat $tcsd_pidfile) + kill -0 "${TCSD_PID}" + if [ $? -ne 0 ]; then + # Try again with other owner + continue + fi + return 0 + done - TCSD_PID=$(cat $tcsd_pidfile) - return 0 + echo "TCSD could not be started" + return 1 } stop_tcsd() |