diff options
| author | Daiki Ueno <ueno@gnu.org> | 2020-12-29 12:28:32 +0000 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2020-12-29 12:28:32 +0000 |
| commit | 9a90c810d3ab37951bb67a4337a2b7b355642833 (patch) | |
| tree | a1e5cb79b9bc28fac9b07165aba303f6876bafce | |
| parent | af9c60d64218086c1b8ae9d83ed8fe06f506e068 (diff) | |
| parent | 8259a1dc8503ad760c0887eb95278f9957a00667 (diff) | |
| download | gnutls-9a90c810d3ab37951bb67a4337a2b7b355642833.tar.gz | |
Merge branch 'wip/dueno/test-fixes' into 'master'
fix CI failures on recent Fedora 33 image
Closes #1136 and #1135
See merge request gnutls/gnutls!1371
| -rwxr-xr-x | tests/suite/testcompat-main-openssl | 2 | ||||
| -rwxr-xr-x | tests/testpkcs11.sh | 12 | ||||
| -rwxr-xr-x | tests/tpmtool_test.sh | 37 |
3 files changed, 39 insertions, 12 deletions
diff --git a/tests/suite/testcompat-main-openssl b/tests/suite/testcompat-main-openssl index f0fd6fb512..bc5a602d17 100755 --- a/tests/suite/testcompat-main-openssl +++ b/tests/suite/testcompat-main-openssl @@ -896,7 +896,7 @@ run_server_suite() { wait_udp_server ${PID} - ${OPENSSL} s_client -host localhost -port "${PORT}" -cipher 'ALL:@SECLEVEL=1' -dtls1 -cert "${CLI_CERT}" -key "${CLI_KEY}" -CAfile "${CA_CERT}" </dev/null 2>&1 | grep "\:error\:" && \ + ${OPENSSL} s_client -host localhost -port "${PORT}" -cipher 'ALL:@SECLEVEL=1' -sigalgs "$SIGALGS" -dtls1 -cert "${CLI_CERT}" -key "${CLI_KEY}" -CAfile "${CA_CERT}" </dev/null 2>&1 | grep "\:error\:" && \ fail ${PID} "Failed" kill ${PID} diff --git a/tests/testpkcs11.sh b/tests/testpkcs11.sh index 38b9585bc0..09a6274776 100755 --- a/tests/testpkcs11.sh +++ b/tests/testpkcs11.sh @@ -67,6 +67,8 @@ have_ed25519=0 P11TOOL="${VALGRIND} ${P11TOOL} --batch" SERV="${SERV} -q" +TESTDATE=2020-12-01 + . ${srcdir}/scripts/common.sh rm -f "${LOGFILE}" @@ -79,6 +81,8 @@ exit_error () { exit 1 } +skip_if_no_datefudge + # $1: token # $2: PIN # $3: filename @@ -523,6 +527,7 @@ write_certificate_test () { pubkey="$5" echo -n "* Generating client certificate... " + datefudge -s "$TESTDATE" \ "${CERTTOOL}" ${CERTTOOL_PARAM} ${ADDITIONAL_PARAM} --generate-certificate --load-ca-privkey "${cakey}" --load-ca-certificate "${cacert}" \ --template ${srcdir}/testpkcs11-certs/client-tmpl --load-privkey "${token};object=gnutls-client;object-type=private" \ --load-pubkey "$pubkey" --outfile tmp-client.crt >>"${LOGFILE}" 2>&1 @@ -900,7 +905,9 @@ use_certificate_test () { echo -n "* Using PKCS #11 with gnutls-cli (${txt})... " # start server eval "${GETPORT}" - launch_server ${ADDITIONAL_PARAM} --echo --priority NORMAL --x509certfile="${certfile}" \ + launch_bare_server datefudge -s "$TESTDATE" \ + $VALGRIND $SERV $DEBUG -p "$PORT" \ + ${ADDITIONAL_PARAM} --debug 10 --echo --priority NORMAL --x509certfile="${certfile}" \ --x509keyfile="$keyfile" --x509cafile="${cafile}" \ --verify-client-cert --require-client-cert >>"${LOGFILE}" 2>&1 @@ -908,13 +915,16 @@ use_certificate_test () { wait_server ${PID} # connect to server using SC + datefudge -s "$TESTDATE" \ ${VALGRIND} "${CLI}" ${ADDITIONAL_PARAM} -p "${PORT}" localhost --priority NORMAL --x509cafile="${cafile}" </dev/null >>"${LOGFILE}" 2>&1 && \ fail ${PID} "Connection should have failed!" + datefudge -s "$TESTDATE" \ ${VALGRIND} "${CLI}" ${ADDITIONAL_PARAM} -p "${PORT}" localhost --priority NORMAL --x509certfile="${certfile}" \ --x509keyfile="$keyfile" --x509cafile="${cafile}" </dev/null >>"${LOGFILE}" 2>&1 || \ fail ${PID} "Connection (with files) should have succeeded!" + datefudge -s "$TESTDATE" \ ${VALGRIND} "${CLI}" ${ADDITIONAL_PARAM} -p "${PORT}" localhost --priority NORMAL --x509certfile="${token};object=gnutls-client;object-type=cert" \ --x509keyfile="${token};object=gnutls-client;object-type=private" \ --x509cafile="${cafile}" </dev/null >>"${LOGFILE}" 2>&1 || \ diff --git a/tests/tpmtool_test.sh b/tests/tpmtool_test.sh index eba502612a..77fe17e593 100755 --- a/tests/tpmtool_test.sh +++ b/tests/tpmtool_test.sh @@ -138,6 +138,7 @@ start_tcsd() local tcsd_conf=$workdir/tcsd.conf local tcsd_system_ps_file=$workdir/system_ps_file local tcsd_pidfile=$workdir/tcsd.pid + local owner start_swtpm "$workdir" [ $? -ne 0 ] && return 1 @@ -146,20 +147,36 @@ start_tcsd() port = $TCSD_LISTEN_PORT system_ps_file = $tcsd_system_ps_file _EOF_ + # older versions of trousers require tss:tss ownership of the + # config file, later ones root:tss + for owner in tss root; do + if [ "$owner" = "tss" ]; then + chmod 0600 $tcsd_conf + else + chmod 0640 $tcsd_conf + fi + chown $owner:tss $tcsd_conf - chown tss:tss $tcsd_conf - chmod 0600 $tcsd_conf + bash -c "TCSD_USE_TCP_DEVICE=1 TCSD_TCP_DEVICE_PORT=$SWTPM_SERVER_PORT tcsd -c $tcsd_conf -e -f &>/dev/null & echo \$! > $tcsd_pidfile; wait" & + BASH_PID=$! - bash -c "TCSD_USE_TCP_DEVICE=1 TCSD_TCP_DEVICE_PORT=$SWTPM_SERVER_PORT tcsd -c $tcsd_conf -e -f &>/dev/null & echo \$! > $tcsd_pidfile; wait" & - BASH_PID=$! + if wait_for_file $tcsd_pidfile 3; then + echo "Could not get TCSD's PID file" + return 1 + fi - if wait_for_file $tcsd_pidfile 3; then - echo "Could not get TCSD's PID file" - return 1 - fi + sleep 0.5 + TCSD_PID=$(cat $tcsd_pidfile) + kill -0 "${TCSD_PID}" + if [ $? -ne 0 ]; then + # Try again with other owner + continue + fi + return 0 + done - TCSD_PID=$(cat $tcsd_pidfile) - return 0 + echo "TCSD could not be started" + return 1 } stop_tcsd() |