summaryrefslogtreecommitdiff
path: root/security/nss/tests/run_niscc.sh
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/tests/run_niscc.sh')
-rwxr-xr-xsecurity/nss/tests/run_niscc.sh978
1 files changed, 0 insertions, 978 deletions
diff --git a/security/nss/tests/run_niscc.sh b/security/nss/tests/run_niscc.sh
deleted file mode 100755
index 3cb109cc7..000000000
--- a/security/nss/tests/run_niscc.sh
+++ /dev/null
@@ -1,978 +0,0 @@
-#!/bin/bash
-#
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0. If a copy of the MPL was not distributed with this
-# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
-#
-# PRIOR TO RUNNING THIS SCRIPT
-# you should adjust MAIL_COMMAND and QA_LIST
-#
-# External dependencies:
-# - install the NISCC test files, e.g. at /niscc (readonly OK)
-# - libfaketimeMT because the test certificates have expired
-# - build environment for building NSS
-# - gdb to analyze core files
-# - a command line mail tool (e.g. mailx)
-# - openssl to combine input PEM files into pkcs#12
-# - curl for obtaining version information from the web
-#
-
-################################################################################
-# Print script usage
-################################################################################
-usage()
-{
- cat << EOF
-Usage: $0 [options]
-
-Test NSS library against NISCC SMIME and TLS testcases.
-
-Options:
- -h, --help print this help message and exit
- -v, --verbose enable extra verbose output
- --niscc-home DIR use NISCC testcases from directory DIR (default /niscc)
- --host HOST use host HOST (default '127.0.0.1')
- --threads X set thread number to X (max. 10, default 10)
- --out DIR set DIR as output directory (default '/out')
- --mail ADDRESS send mail with test result to ADDRESS
- --nss DIR set NSS directory to DIR (default '~/cvs/nss')
- --nss-hack DIR set hacked NSS directory to DIR (default '~/cvs/nss_hack')
- --log-store store all the logs (only summary by default)
- --no-build-test don't pull and build tested NSS
- --no-build-hack don't pull and build hacked NSS
- --test-system test system installed NSS
- --date DATE use DATE in log archive name and outgoing email
- --libfaketime path.so use faketime library with LD_PRELOAD=path.so
- --smallset test only a very small subset
-
-All options are optional.
-All options (and possibly more) can be also set through environment variables.
-Commandline options have higher priority than environment variables.
-For more information please refer to the source code of this script.
-
-For a successfull run the script NEEDS the core file pattern to be 'core.*',
-e.g. 'core.%t'. You can check the current pattern in
-'/proc/sys/kernel/core_pattern'. Otherwise the test will be unable to detect
-any failures and will pass every time.
-
-It is recommended to use hacked and tested binaries in a location, where their
-absolute path is max. 80 characters. If their path is longer and a core file is
-generated, its properties may be incomplete.
-
-Return value of the script indicates how many failures it experienced.
-
-EOF
- exit $1
-}
-
-################################################################################
-# Process command-line arguments
-################################################################################
-process_args()
-{
- HELP="false"
- args=`getopt -u -l "niscc-home:,host:,threads:,out:,verbose,mail:,nss:,nss-hack:,log-store,no-build-test,no-build-hack,help,test-system,date:,libfaketime:,smallset" -- "hv" $*`
- [ "$?" != "0" ] && usage 1
- set -- $args
- for i; do
- case "$i" in
- -v|--verbose)
- shift
- VERBOSE="-v"
- ;;
- --niscc-home)
- shift
- NISCC_HOME="$1"
- shift
- ;;
- --host)
- shift
- HOST="$1"
- shift
- ;;
- --threads)
- shift
- THREADS="$1"
- shift
- ;;
- --out)
- shift
- TEST_OUTPUT="$1"
- shift
- ;;
- --mail)
- shift
- USE_MAIL="true"
- QA_LIST="$1"
- shift
- ;;
- --nss)
- shift
- LOCALDIST="$1"
- shift
- ;;
- --nss-hack)
- shift
- NSS_HACK="$1"
- shift
- ;;
- --log-store)
- shift
- LOG_STORE="true"
- ;;
- --no-build-test)
- shift
- NO_BUILD_TEST="true"
- ;;
- --no-build-hack)
- shift
- NO_BUILD_HACK="true"
- ;;
- -h|--help)
- shift
- HELP="true"
- ;;
- --test-system)
- shift
- TEST_SYSTEM="true"
- ;;
- --date)
- shift
- DATE="$1"
- shift
- ;;
- --libfaketime)
- shift
- FAKETIMELIB="$1"
- shift
- ;;
- --smallset)
- shift
- SMALLSET="true"
- ;;
- --)
- ;;
- *)
- ;;
- esac
- done
- [ $HELP = "true" ] && usage 0
-}
-
-################################################################################
-# Create and set needed and useful environment variables
-################################################################################
-create_environment()
-{
- # Base location of NISCC testcases
- export NISCC_HOME=${NISCC_HOME:-/niscc}
-
- # Base location of NSS
- export CVS=${CVS:-"$HOME/cvs"}
-
- # NSS being tested
- export LOCALDIST=${LOCALDIST:-"${CVS}/nss"}
-
- # Hacked NSS - built with "NISCC_TEST=1"
- export NSS_HACK=${NSS_HACK:-"${CVS}/nss_hack"}
-
- # Hostname of the testmachine
- export HOST=${HOST:-127.0.0.1}
-
- # Whether to store logfiles
- export LOG_STORE=${LOG_STORE:-"false"}
-
- # Whether to mail the summary
- export USE_MAIL=${USE_MAIL:-"false"}
-
- # How to mail summary
- export MAIL_COMMAND=${MAIL_COMMAND:-"mailx -S smtp=smtp://your.smtp.server:25 -r your+niscc@email.address"}
-
- # List of mail addresses where to send summary
- export QA_LIST=${QA_LIST:-"result@recipient.address"}
-
- # Whether to use 64b build
- export USE_64=${USE_64:-1}
-
- # Directory where to write all the output data (around 650MiB for each run)
- export TEST_OUTPUT=${TEST_OUTPUT:-"$HOME/out"}
-
- # How many threads to use in selfserv and strsclnt (max. 10)
- export THREADS=${THREADS:-10}
-
- # If true, do not build tthe tested version of NSS
- export NO_BUILD_TEST=${NO_BUILD_TEST:-"false"}
-
- # If true, do not build the special NSS version for NISCC
- export NO_BUILD_HACK=${NO_BUILD_HACK:-"false"}
-
- # If true, do not rebuild client and server directories
- export NO_SETUP=${NO_SETUP:-"false"}
-
- # Location of NISCC SSL/TLS testcases
- export TEST=${TEST:-"${NISCC_HOME}/NISCC_SSL_testcases"}
-
- # If true, then be extra verbose
- export VERBOSE=${VERBOSE:-""}
-
- # If true, test the system installed NSS
- export TEST_SYSTEM=${TEST_SYSTEM:-"false"}
- [ "$TEST_SYSTEM" = "true" ] && export NO_BUILD_TEST="true"
-
- [ ! -z "$VERBOSE" ] && set -xv
-
- # Real date for naming of archives (system date must be 2002-11-18 .. 2007-11-18 due to certificate validity
- DATE=${DATE:-`date`}
- export DATE=`date -d "$DATE" +%Y%m%d`
-
- FAKETIMELIB=${FAKETIMELIB:-""}
- export DATE=`date -d "$DATE" +%Y%m%d`
-
- # Whether to test only a very small subset
- export SMALLSET=${SMALLSET:-"false"}
-
- # Create output dir if it doesn't exist
- mkdir -p ${TEST_OUTPUT}
-}
-
-################################################################################
-# Do a cvs pull of NSS
-################################################################################
-cvs_pull()
-{
- # Tested NSS - by default using current CVS HEAD
- if [ "$NO_BUILD_TEST" = "false" ]; then
- echo "cloning NSS sources to be tested from CVS"
- [ ! -d "$LOCALDIST" ] && mkdir -p "$LOCALDIST"
- cd "$LOCALDIST"
- cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r HEAD NSPR &>> $TEST_OUTPUT/nisccBuildLog
- cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r HEAD NSS &>> $TEST_OUTPUT/nisccBuildLog
- #find . -exec touch {} \;
- fi
-
- # Hacked NSS - by default using some RTM version.
- # Do not use HEAD for hacked NSS - it needs to be stable and bug-free
- if [ "$NO_BUILD_HACK" = "false" ]; then
- echo "cloning NSS sources for a hacked build from CVS"
- [ ! -d "$NSS_HACK" ] && mkdir -p "$NSS_HACK"
- cd "$NSS_HACK"
- NSPR_TAG=`curl http://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/nsprpub/TAG-INFO | head -1 | awk '{print $1}'`
- NSS_TAG=`curl http://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/security/nss/TAG-INFO | head -1 | awk '{print $1}'`
- cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r $NSPR_TAG NSPR &>> $TEST_OUTPUT/nisccBuildLogHack
- cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r $NSS_TAG NSS &>> $TEST_OUTPUT/nisccBuildLogHack
- #find . -exec touch {} \;
- fi
-}
-
-################################################################################
-# Build NSS after setting make variable NISCC_TEST
-################################################################################
-build_NSS()
-{
- # Tested NSS
- if [ "$NO_BUILD_TEST" = "false" ]; then
- echo "building NSS to be tested"
- cd "$LOCALDIST"
- unset NISCC_TEST
- cd mozilla/security/nss
- gmake nss_clean_all &>> $TEST_OUTPUT/nisccBuildLog
- gmake nss_build_all &>> $TEST_OUTPUT/nisccBuildLog
- fi
-
- # Hacked NSS
- if [ "$NO_BUILD_HACK" = "false" ]; then
- echo "building hacked NSS"
- cd "$NSS_HACK"
- export NISCC_TEST=1
- cd mozilla/security/nss
- gmake nss_clean_all &>> $TEST_OUTPUT/nisccBuildLogHack
- gmake nss_build_all &>> $TEST_OUTPUT/nisccBuildLogHack
- fi
-
- unset NISCC_TEST
-}
-
-################################################################################
-# Set build dir, bin and lib directories
-################################################################################
-init()
-{
- # Enable useful core files to be generated in case of crash
- ulimit -c unlimited
-
- # Pattern of core files, they should be created in current directory
- echo "core_pattern $(cat /proc/sys/kernel/core_pattern)" > "$TEST_OUTPUT/nisccLog00"
-
- # gmake is needed in the path for this suite to run
- echo "PATH $PATH" >> "$TEST_OUTPUT/nisccLog00"
-
- # Find out hacked NSS version
- DISTTYPE=`cd "$NSS_HACK/mozilla/security/nss/tests/common"; gmake objdir_name`
- echo "NSS_HACK DISTTYPE $DISTTYPE" >> "$TEST_OUTPUT/nisccLog00"
- export HACKBIN="$NSS_HACK/mozilla/dist/$DISTTYPE/bin"
- export HACKLIB="$NSS_HACK/mozilla/dist/$DISTTYPE/lib"
-
- if [ "$TEST_SYSTEM" = "false" ]; then
- # Find out nss version
- DISTTYPE=`cd "$LOCALDIST/mozilla/security/nss/tests/common"; gmake objdir_name`
- echo "NSS DISTTYPE $DISTTYPE" >> "$TEST_OUTPUT/nisccLog00"
- export TESTBIN="$LOCALDIST/mozilla/dist/$DISTTYPE/bin"
- export TESTLIB="$LOCALDIST/mozilla/dist/$DISTTYPE/lib"
- export TESTTOOLS="$TESTBIN"
- else
- # Using system installed NSS
- echo "USING SYSTEM NSS" >> "$TEST_OUTPUT/nisccLog00"
- export TESTBIN="/usr/bin"
- if [ `uname -m` = "x86_64" ]; then
- export TESTLIB="/usr/lib64"
- export TESTTOOLS="/usr/lib64/nss/unsupported-tools"
- else
- export TESTLIB="/usr/lib"
- export TESTTOOLS="/usr/lib/nss/unsupported-tools"
- fi
- fi
-
- # Verify NISCC_TEST was set in the proper library
- if strings "$HACKLIB/libssl3.so" | grep NISCC_TEST > /dev/null 2>&1; then
- echo "$HACKLIB/libssl3.so contains NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
- else
- echo "$HACKLIB/libssl3.so does NOT contain NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
- fi
-
- if strings "$TESTLIB/libssl3.so" | grep NISCC_TEST > /dev/null 2>&1; then
- echo "$TESTLIB/libssl3.so contains NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
- else
- echo "$TESTLIB/libssl3.so does NOT contain NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
- fi
-}
-
-################################################################################
-# Setup simple client and server directory
-################################################################################
-ssl_setup_dirs_simple()
-{
- [ "$NO_SETUP" = "true" ] && return
-
- echo "Setting up working directories for SSL simple tests"
-
- CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
- SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
-
- # Generate .p12 files
- openssl pkcs12 -export -inkey "$TEST/client_key.pem" -in "$TEST/client_crt.pem" -out "$TEST_OUTPUT/client_crt.p12" -passout pass:testtest1 -name "client_crt"
- openssl pkcs12 -export -inkey "$TEST/server_key.pem" -in "$TEST/server_crt.pem" -out "$TEST_OUTPUT/server_crt.p12" -passout pass:testtest1 -name "server_crt"
-
- # Setup simple client directory
- rm -rf "$CLIENT"
- mkdir -p "$CLIENT"
- echo test > "$CLIENT/password-is-test.txt"
- export LD_LIBRARY_PATH="$TESTLIB"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -N -d "$CLIENT" -f "$CLIENT/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -A -d "$CLIENT" -n rootca -i "$TEST/rootca.crt" -t "C,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/pk12util" -i "$TEST_OUTPUT/client_crt.p12" -d "$CLIENT" -k "$CLIENT/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -L -d "$CLIENT" >> "$TEST_OUTPUT/nisccLog00" 2>&1
-
- # File containg message used for terminating the server
- echo "GET /stop HTTP/1.0" > "$CLIENT/stop.txt"
- echo "" >> "$CLIENT/stop.txt"
-
- # Setup simple server directory
- rm -rf "$SERVER"
- mkdir -p "$SERVER"
- echo test > "$SERVER/password-is-test.txt"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -N -d "$SERVER" -f "$SERVER/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -A -d "$SERVER" -n rootca -i "$TEST/rootca.crt" -t "TC,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/pk12util" -i "$TEST_OUTPUT/server_crt.p12" -d "$SERVER" -k "$SERVER/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -L -d "$SERVER" >> "$TEST_OUTPUT/nisccLog00" 2>&1
-
- unset LD_LIBRARY_PATH
-}
-
-################################################################################
-# Setup resigned client and server directory
-################################################################################
-ssl_setup_dirs_resigned()
-{
- [ "$NO_SETUP" = "true" ] && return
-
- echo "Setting up working directories for SSL resigned tests"
-
- CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
- SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
-
- # Setup resigned client directory
- rm -rf "$CLIENT"
- mkdir -p "$CLIENT"
- echo test > "$CLIENT/password-is-test.txt"
- export LD_LIBRARY_PATH="$TESTLIB"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -N -d "$CLIENT" -f "$CLIENT/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -A -d "$CLIENT" -n rootca -i "$TEST/rootca.crt" -t "C,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/pk12util" -i "$TEST_OUTPUT/client_crt.p12" -d "$CLIENT" -k "$CLIENT/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -L -d "$CLIENT" >> "$TEST_OUTPUT/nisccLog00" 2>&1
-
- echo "GET /stop HTTP/1.0" > "$CLIENT/stop.txt"
- echo "" >> "$CLIENT/stop.txt"
-
- # Setup resigned server directory
- rm -rf "$SERVER"
- mkdir -p "$SERVER"
- echo test > "$SERVER/password-is-test.txt"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -N -d "$SERVER" -f "$SERVER/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -A -d "$SERVER" -n rootca -i "$TEST/rootca.crt" -t "TC,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/pk12util" -i "$TEST_OUTPUT/server_crt.p12" -d "$SERVER" -k "$SERVER/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -L -d "$SERVER" >> "$TEST_OUTPUT/nisccLog00" 2>&1
-
- unset LD_LIBRARY_PATH
-}
-
-################################################################################
-# NISCC SMIME tests
-################################################################################
-niscc_smime()
-{
- cd "$TEST_OUTPUT"
- DATA="$NISCC_HOME/NISCC_SMIME_testcases"
-
- [ ! -d niscc_smime ] && mkdir -p niscc_smime
-
- export SMIME_CERT_DB_DIR=envDB
- export NSS_STRICT_SHUTDOWN=1
- export NSS_DISABLE_ARENA_FREE_LIST=1
- export LD_LIBRARY_PATH="$TESTLIB"
-
- # Generate .p12 files
- openssl pkcs12 -export -inkey "$DATA/Client.key" -in "$DATA/Client.crt" -out Client.p12 -passout pass:testtest1 &>/dev/null
- openssl pkcs12 -export -inkey "$DATA/CA.key" -in "$DATA/CA.crt" -out CA.p12 -passout pass:testtest1 &>/dev/null
-
- # Generate envDB if needed
- if [ ! -d "$SMIME_CERT_DB_DIR" ]; then
- mkdir -p "$SMIME_CERT_DB_DIR"
- echo testtest1 > password-is-testtest1.txt
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -N -d "./$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt > /dev/null 2>&1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt -i "$DATA/CA.crt" -n CA -t "TC,C,"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt -i "$DATA/Client.crt" -n Client -t "TC,C,"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/pk12util" -i ./CA.p12 -d "$SMIME_CERT_DB_DIR" -k password-is-testtest1.txt -W testtest1
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/pk12util" -i ./Client.p12 -d "$SMIME_CERT_DB_DIR" -k password-is-testtest1.txt -W testtest1
- fi
-
- # if p7m-ed-m-files.txt does not exist, then generate it.
- [ -f "$DATA/p7m-ed-m-files.txt" ] && sed "s|^|$DATA/|" "$DATA/p7m-ed-m-files.txt" > p7m-ed-m-files.txt
- export P7M_ED_M_FILES=p7m-ed-m-files.txt
- if [ "$SMALLSET" = "true" ]; then
- [ ! -f "$P7M_ED_M_FILES" ] && find "$DATA"/p7m-ed-m-0* -type f -print | head -10 >> "$P7M_ED_M_FILES"
- else
- [ ! -f "$P7M_ED_M_FILES" ] && find "$DATA"/p7m-ed-m-0* -type f -print >> "$P7M_ED_M_FILES"
- fi
-
- # Test "p7m-ed-m*" testcases
- echo "Testing SMIME enveloped data testcases"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/cmsutil" $VERBOSE -D -d "$SMIME_CERT_DB_DIR" -p testtest1 -b -i "$P7M_ED_M_FILES" > niscc_smime/p7m-ed-m-results.txt 2>&1
-
- export SMIME_CERT_DB_DIR=sigDB
- # Generate sigDB if needed
- if [ ! -d "$SMIME_CERT_DB_DIR" ]; then
- mkdir -p "$SMIME_CERT_DB_DIR"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -N -d "$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -i "$DATA/CA.crt" -n CA -t "TC,C,"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -i "$DATA/Client.crt" -n Client -t "TC,C,"
- fi
-
- # if p7m-sd-dt-files.txt does not exist, then generate it.
- [ -f "$DATA/p7m-sd-dt-files.txt" ] && sed "s|^|$DATA/|" "$DATA/p7m-sd-dt-files.txt" > p7m-sd-dt-files.txt
- export P7M_SD_DT_FILES=p7m-sd-dt-files.txt
- if [ "$SMALLSET" = "true" ]; then
- [ ! -f "$P7M_SD_DT_FILES" ] && find "$DATA"/p7m-sd-dt-[cm]-* -type f -print | head -10 >> "$P7M_SD_DT_FILES"
- else
- [ ! -f "$P7M_SD_DT_FILES" ] && find "$DATA"/p7m-sd-dt-[cm]-* -type f -print >> "$P7M_SD_DT_FILES"
- fi
-
- [ ! -f detached.txt ] && touch detached.txt
-
- # Test "p7m-sd-dt*" testcases
- echo "Testing SMIME detached signed data testcases"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/cmsutil" $VERBOSE -D -d "$SMIME_CERT_DB_DIR" -c detached.txt -b -i "$P7M_SD_DT_FILES" > niscc_smime/p7m-sd-dt-results.txt 2>&1
-
- # if p7m-sd-op-files.txt does not exist, then generate it.
- [ -f "$DATA/p7m-sd-op-files.txt" ] && sed "s|^|$DATA/|" "$DATA/p7m-sd-op-files.txt" > p7m-sd-op-files.txt
- export P7M_SD_OP_FILES=p7m-sd-op-files.txt
- if [ "$SMALLSET" = "true" ]; then
- [ ! -f "$P7M_SD_OP_FILES" ] && find "$DATA"/p7m-sd-op-[cm]-* -type f -print | head -10 >> "$P7M_SD_OP_FILES"
- else
- [ ! -f "$P7M_SD_OP_FILES" ] && find "$DATA"/p7m-sd-op-[cm]-* -type f -print >> "$P7M_SD_OP_FILES"
- fi
-
- # Test "p7m-sd-op*" testcases
- echo "Testing SMIME opaque signed data testcases"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTBIN}/cmsutil" $VERBOSE -D -d "$SMIME_CERT_DB_DIR" -b -i "$P7M_SD_OP_FILES" > niscc_smime/p7m-sd-op-results.txt 2>&1
-
- unset LD_LIBRARY_PATH
-}
-
-################################################################################
-# Set env variables for NISCC SSL tests
-################################################################################
-niscc_ssl_init()
-{
- export NSS_STRICT_SHUTDOWN=1
- export NSS_DISABLE_ARENA_FREE_LIST=1
- cd "$TEST_OUTPUT"
-}
-
-force_crash()
-{
- echo "int main(int argc, char *argv[]) { int *i; i = (int*)(void*)1; *i = 1; }" > "$TEST_OUTPUT/crashme.c"
- gcc -g -o "$TEST_OUTPUT/crashme" "$TEST_OUTPUT/crashme.c"
- "$TEST_OUTPUT/crashme"
-}
-
-################################################################################
-# Do simple client auth tests
-# Use an altered client against the server
-################################################################################
-ssl_simple_client_auth()
-{
- echo "Testing SSL simple client auth testcases"
- export CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
- export SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
- export PORT=8443
- export START_AT=1
- if [ "$SMALLSET" = "true" ]; then
- export STOP_AT=10
- else
- export STOP_AT=106160
- fi
- unset NISCC_TEST
- export LD_LIBRARY_PATH="$TESTLIB"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTTOOLS}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -rr -t $THREADS -w test > "$TEST_OUTPUT/nisccLog01" 2>&1 &
-
- export NISCC_TEST="$TEST/simple_client"
- export LD_LIBRARY_PATH="$HACKLIB"
-
- for START in `seq $START_AT $THREADS $STOP_AT`; do
- START_AT=$START \
- STOP_AT=$(($START+$THREADS)) \
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${HACKBIN}/strsclnt" $VERBOSE -d "$CLIENT" -n client_crt -p $PORT -t $THREADS -c $THREADS -o -N -w test $HOST >> "$TEST_OUTPUT/nisccLog02" 2>&1
- done
-
- unset NISCC_TEST
- echo "starting tstclnt to shutdown simple client selfserv process"
- for i in `seq 5`; do
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${HACKBIN}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog02" 2>&1
- done
-
- unset LD_LIBRARY_PATH
-
- sleep 1
-}
-
-################################################################################
-# Do simple server auth tests
-# Use an altered server against the client
-################################################################################
-ssl_simple_server_auth()
-{
- echo "Testing SSL simple server auth testcases"
- export CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
- export SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
- export PORT=8444
- export START_AT=00000001
- if [ "$SMALLSET" = "true" ]; then
- export STOP_AT=00000010
- else
- export STOP_AT=00106167
- fi
- export LD_LIBRARY_PATH="$HACKLIB"
- export NISCC_TEST="$TEST/simple_server"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog03" 2>&1 &
-
- unset NISCC_TEST
- export LD_LIBRARY_PATH="$TESTLIB"
- for START in `seq $START_AT $THREADS $STOP_AT`; do
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog04" 2>&1
- done
-
- echo "starting tstclnt to shutdown simple server selfserv process"
- for i in `seq 5`; do
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog04" 2>&1
- done
-
- unset LD_LIBRARY_PATH
-
- sleep 1
-}
-
-################################################################################
-# Do simple rootCA tests
-# Use an altered server against the client
-################################################################################
-ssl_simple_rootca()
-{
- echo "Testing SSL simple rootCA testcases"
- export CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
- export SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
- export PORT=8445
- export START_AT=1
- if [ "$SMALLSET" = "true" ]; then
- export STOP_AT=10
- else
- export STOP_AT=106190
- fi
- export LD_LIBRARY_PATH="$HACKLIB"
- export NISCC_TEST="$TEST/simple_rootca"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog05" 2>&1 &
-
- unset NISCC_TEST
- export LD_LIBRARY_PATH="$TESTLIB"
- for START in `seq $START_AT $THREADS $STOP_AT`; do
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog06" 2>&1
- done
-
- echo "starting tstclnt to shutdown simple rootca selfserv process"
- for i in `seq 5`; do
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog06" 2>&1
- done
-
- unset LD_LIBRARY_PATH
-
- sleep 1
-}
-
-################################################################################
-# Do resigned client auth tests
-# Use an altered client against the server
-################################################################################
-ssl_resigned_client_auth()
-{
- echo "Testing SSL resigned client auth testcases"
- export CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
- export SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
- export PORT=8446
- export START_AT=0
- if [ "$SMALLSET" = "true" ]; then
- export STOP_AT=9
- else
- export STOP_AT=99981
- fi
- unset NISCC_TEST
- export LD_LIBRARY_PATH="$TESTLIB"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTTOOLS}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -rr -t $THREADS -w test > "$TEST_OUTPUT/nisccLog07" 2>&1 &
-
- export NISCC_TEST="$TEST/resigned_client"
- export LD_LIBRARY_PATH="$HACKLIB"
-
- for START in `seq $START_AT $THREADS $STOP_AT`; do
- START_AT=$START \
- STOP_AT=$(($START+$THREADS)) \
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${HACKBIN}/strsclnt" $VERBOSE -d "$CLIENT" -n client_crt -p $PORT -t $THREADS -c $THREADS -o -N -w test $HOST >> "$TEST_OUTPUT/nisccLog08" 2>&1
- done
-
- unset NISCC_TEST
- echo "starting tstclnt to shutdown resigned client selfserv process"
- for i in `seq 5`; do
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${HACKBIN}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog08" 2>&1
- done
-
- unset LD_LIBRARY_PATH
-
- sleep 1
-}
-
-################################################################################
-# Do resigned server auth tests
-# Use an altered server against the client
-################################################################################
-ssl_resigned_server_auth()
-{
- echo "Testing SSL resigned server auth testcases"
- export CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
- export SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
- export PORT=8447
- export START_AT=0
- if [ "$SMALLSET" = "true" ]; then
- export STOP_AT=9
- else
- export STOP_AT=100068
- fi
- export LD_LIBRARY_PATH="$HACKLIB"
- export NISCC_TEST="$TEST/resigned_server"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog09" 2>&1 &
-
- unset NISCC_TEST
- export LD_LIBRARY_PATH="$TESTLIB"
- for START in `seq $START_AT $THREADS $STOP_AT`; do
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog10" 2>&1
- done
-
- echo "starting tstclnt to shutdown resigned server selfserv process"
- for i in `seq 5`; do
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog10" 2>&1
- done
-
- unset LD_LIBRARY_PATH
-
- sleep 1
-}
-
-################################################################################
-# Do resigned rootCA tests
-# Use an altered server against the client
-################################################################################
-ssl_resigned_rootca()
-{
- echo "Testing SSL resigned rootCA testcases"
- export CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
- export SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
- export PORT=8448
- export START_AT=0
- if [ "$SMALLSET" = "true" ]; then
- export STOP_AT=9
- else
- export STOP_AT=99959
- fi
- export LD_LIBRARY_PATH="$HACKLIB"
- export NISCC_TEST="$TEST/resigned_rootca"
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog11" 2>&1 &
-
- unset NISCC_TEST
- export LD_LIBRARY_PATH="$TESTLIB"
- for START in `seq $START_AT $THREADS $STOP_AT`; do
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog12" 2>&1
- done
-
- echo "starting tstclnt to shutdown resigned rootca selfserv process"
- for i in `seq 5`; do
- LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
- "${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog12" 2>&1
- done
-
- unset LD_LIBRARY_PATH
-
- sleep 1
-}
-
-################################################################################
-# Email the test logfile, and if core found, notify of failure
-################################################################################
-mail_testLog()
-{
- pushd "$TEST_OUTPUT"
-
- # remove mozilla nss build false positives and core stored in previous runs
- find . -name "core*" -print | grep -v coreconf | grep -v core_watch | grep -v archive >> crashLog
- export SIZE=`cat crashLog | wc -l`
-
- [ "$USE_MAIL" = "false" ] && return
-
- # mail text
- MT=mailText
- rm -f $MT
-
- if [ "$SIZE" -ne 1 ]; then
- echo "### FAILED ###" >> $MT
- echo "### Exactly one crash is expected." >> $MT
- echo "### Zero means: crash detection is broken, fix the script!" >> $MT
- echo "### > 1 means: robustness test failure, fix the bug! (check the logs)" >> $MT
- cat crashLog >> nisccLogSummary
- SUBJ="FAILED: NISCC TESTS (check file: crashLog)"
- else
- echo ":) PASSED :)" >> $MT
- SUBJ="PASSED: NISCC tests"
- fi
-
- echo "Date used during test run: $DATE" >> $MT
-
- echo "Count of lines in files:" >> $MT
- wc -l crashLog nisccBuildLog nisccBuildLogHack nisccLog[0-9]* p7m-* |grep -vw total >> $MT
- NUM=`cat nisccLog0[123456789] nisccLog1[12] | egrep -ic "success/passed"`
- echo "Number of times the SSL tests reported success/passed (low expected): $NUM" >> $MT
- NUM=`cat nisccLog0[123456789] nisccLog1[12] | egrep -ic "problem|failed|error"`
- echo "Number of times the SSL tests reported problem/failed/error (high expected): $NUM" >> $MT
- NUM=`cat niscc_smime/p7m*results.txt | egrep -ic "success/passed"`
- echo "Number of times the S/MIME tests reported success/passed (low expected): $NUM" >> $MT
- NUM=`cat niscc_smime/p7m*results.txt | egrep -ic "problem|failed|error"`
- echo "Number of times the S/MIME tests reported problem/failed/error (high expected): $NUM" >> $MT
- echo "==== tail of nisccBuildLog ====" >> $MT
- tail -20 nisccBuildLog >> $MT
- echo "===============================" >> $MT
- echo "==== tail of nisccBuildLogHack ====" >> $MT
- tail -20 nisccBuildLogHack >> $MT
- echo "===================================" >> $MT
-
- #NUM=``
- #echo "Number of : $NUM" >> $MT
-
- cat $MT | $MAIL_COMMAND -s "$SUBJ" $QA_LIST
-
- popd
-}
-
-################################################################################
-# Summarize all logs
-################################################################################
-log_summary()
-{
- echo "Summarizing all logs"
- # Move old logs
- [ -f "$TEST_OUTPUT/nisccLogSummary" ] && mv nisccLogSummary nisccLogSummary.old
- [ -f "$TEST_OUTPUT/crashLog" ] && mv crashLog crashLog.old
-
- for a in $TEST_OUTPUT/nisccLog[0-9]*; do
- echo ================================== "$a"
- grep -v using "$a" | sort | uniq -c | sort -b -n +0 -1
- done > $TEST_OUTPUT/nisccLogSummary
-
- for a in $TEST_OUTPUT/niscc_smime/p7m-*-results.txt; do
- echo ================================== "$a"
- grep -v using "$a" | sort | uniq -c | sort -b -n +0 -1
- done >> $TEST_OUTPUT/nisccLogSummary
-}
-
-################################################################################
-# Process core files
-################################################################################
-core_process()
-{
- echo "Processing core files"
- cd "$TEST_OUTPUT"
-
- for CORE in `cat crashLog`; do
- FILE=`file "$CORE" | sed "s/.* from '//" | sed "s/'.*//"`
- BINARY=`strings "$CORE" | grep "^${FILE}" | tail -1`
- gdb "$BINARY" "$CORE" << EOF_GDB > "$CORE.details"
-where
-quit
-EOF_GDB
- done
-}
-
-################################################################################
-# Move the old log files to save them, delete extra log files
-################################################################################
-move_files()
-{
- echo "Moving and deleting log files"
- cd "$TEST_OUTPUT"
-
- rm -rf TRASH
- mkdir TRASH
-
- if [ "$LOG_STORE" = "true" ]; then
- BRANCH=`echo $LOCALDIST | sed "s:.*/\(security.*\)/builds/.*:\1:"`
- if [ "$BRANCH" = "$LOCALDIST" ]; then
- ARCHIVE="$TEST_OUTPUT/archive"
- else
- ARCHIVE="$TEST_OUTPUT/archive/$BRANCH"
- fi
-
- # Check for archive directory
- if [ ! -d "$ARCHIVE" ]; then
- mkdir -p "$ARCHIVE"
- fi
-
- # Determine next log storage point
- slot=`ls -1 "$ARCHIVE" | grep $DATE | wc -l`
- slot=`expr $slot + 1`
- location="$ARCHIVE/$DATE.$slot"
- mkdir -p "$location"
-
- # Archive the logs
- mv nisccBuildLog "$location" 2> /dev/null
- mv nisccBuildLogHack "$location" 2> /dev/null
- mv nisccLogSummary "$location"
- mv nisccLog* "$location"
- mv niscc_smime/p7m-ed-m-results.txt "$location"
- mv niscc_smime/p7m-sd-dt-results.txt "$location"
- mv niscc_smime/p7m-sd-op-results.txt "$location"
-
- # Archive any core files produced
- for core in `cat "$TEST_OUTPUT/crashLog"`; do
- mv "$core" "$location"
- mv "$core.details" "$location"
- done
- mv crashLog "$location"
- else
- # Logs not stored => summaries, crashlog and corefiles not moved, other logs deleted
- mv nisccLog00 nisccLog01 nisccLog02 nisccLog03 nisccLog04 nisccLog05 nisccLog06 nisccLog07 nisccLog08 nisccLog09 nisccLog10 nisccLog11 nisccLog12 TRASH/
- mv niscc_smime/p7m-ed-m-results.txt niscc_smime/p7m-sd-dt-results.txt niscc_smime/p7m-sd-op-results.txt TRASH/
- fi
- mv envDB sigDB niscc_smime niscc_ssl TRASH/
- mv CA.p12 Client.p12 client_crt.p12 server_crt.p12 TRASH/
- mv p7m-ed-m-files.txt p7m-sd-dt-files.txt p7m-sd-op-files.txt password-is-testtest1.txt detached.txt TRASH/
- mv crashme.c crashme TRASH/
-}
-
-################################################################################
-# Main
-################################################################################
-process_args $*
-create_environment
-cvs_pull
-build_NSS
-init
-niscc_smime
-niscc_ssl_init
-force_crash
-ssl_setup_dirs_simple
- ssl_simple_client_auth
- ssl_simple_server_auth
- ssl_simple_rootca
-ssl_setup_dirs_resigned
- ssl_resigned_client_auth
- ssl_resigned_server_auth
- ssl_resigned_rootca
-# no idea what these commented-out lines are supposed to be!
-#ssl_setup_dirs_update
-# ssl_update_server_auth der
-# ssl_update_client_auth der
-# ssl_update_server_auth resigned-der
-# ssl_update_client_auth resigned-der
-log_summary
-mail_testLog
-core_process
-move_files
-exit $SIZE
View Lorry Controller Status