The Tor Browser / annotate

security/nss/tests/common/init.sh@b8a032363ba2 (annotated)

security/nss/tests/common/init.sh

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0 1 #! /bin/bash
michael@0 2 #
michael@0 3 # This Source Code Form is subject to the terms of the Mozilla Public
michael@0 4 # License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 5 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
michael@0 6
michael@0 7 ########################################################################
michael@0 8 #
michael@0 9 # mozilla/security/nss/tests/common/init.sh
michael@0 10 #
michael@0 11 # initialization for NSS QA, can be included multiple times
michael@0 12 # from all.sh and the individual scripts
michael@0 13 #
michael@0 14 # variables, utilities and shellfunctions global to NSS QA
michael@0 15 # needs to work on all Unix and Windows platforms
michael@0 16 #
michael@0 17 # included from
michael@0 18 # -------------
michael@0 19 # all.sh
michael@0 20 # ssl.sh
michael@0 21 # sdr.sh
michael@0 22 # cipher.sh
michael@0 23 # perf.sh
michael@0 24 # cert.sh
michael@0 25 # smime.sh
michael@0 26 # tools.sh
michael@0 27 # fips.sh
michael@0 28 #
michael@0 29 # special strings
michael@0 30 # ---------------
michael@0 31 # FIXME ... known problems, search for this string
michael@0 32 # NOTE .... unexpected behavior
michael@0 33 #
michael@0 34 # NOTE:
michael@0 35 # -----
michael@0 36 # Unlike the old QA this is based on files sourcing each other
michael@0 37 # This is done to save time, since a great portion of time is lost
michael@0 38 # in calling and sourcing the same things multiple times over the
michael@0 39 # network. Also, this way all scripts have all shell function available
michael@0 40 # and a completely common environment
michael@0 41 #
michael@0 42 ########################################################################
michael@0 43
michael@0 44 NSS_STRICT_SHUTDOWN=1
michael@0 45 export NSS_STRICT_SHUTDOWN
michael@0 46
michael@0 47 # Init directories based on HOSTDIR variable
michael@0 48 if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
michael@0 49 init_directories()
michael@0 50 {
michael@0 51 TMP=${HOSTDIR} #TMP=${TMP-/tmp}
michael@0 52 TEMP=${TMP}
michael@0 53 TMPDIR=${TMP}
michael@0 54
michael@0 55 CADIR=${HOSTDIR}/CA
michael@0 56 SERVERDIR=${HOSTDIR}/server
michael@0 57 CLIENTDIR=${HOSTDIR}/client
michael@0 58 ALICEDIR=${HOSTDIR}/alicedir
michael@0 59 BOBDIR=${HOSTDIR}/bobdir
michael@0 60 DAVEDIR=${HOSTDIR}/dave
michael@0 61 EVEDIR=${HOSTDIR}/eve
michael@0 62 FIPSDIR=${HOSTDIR}/fips
michael@0 63 DBPASSDIR=${HOSTDIR}/dbpass
michael@0 64 ECCURVES_DIR=${HOSTDIR}/eccurves
michael@0 65 DISTRUSTDIR=${HOSTDIR}/distrust
michael@0 66
michael@0 67 SERVER_CADIR=${HOSTDIR}/serverCA
michael@0 68 CLIENT_CADIR=${HOSTDIR}/clientCA
michael@0 69 EXT_SERVERDIR=${HOSTDIR}/ext_server
michael@0 70 EXT_CLIENTDIR=${HOSTDIR}/ext_client
michael@0 71
michael@0 72 IOPR_CADIR=${HOSTDIR}/CA_iopr
michael@0 73 IOPR_SSL_SERVERDIR=${HOSTDIR}/server_ssl_iopr
michael@0 74 IOPR_SSL_CLIENTDIR=${HOSTDIR}/client_ssl_iopr
michael@0 75 IOPR_OCSP_CLIENTDIR=${HOSTDIR}/client_ocsp_iopr
michael@0 76
michael@0 77 CERT_EXTENSIONS_DIR=${HOSTDIR}/cert_extensions
michael@0 78 STAPLINGDIR=${HOSTDIR}/stapling
michael@0 79
michael@0 80 PWFILE=${HOSTDIR}/tests.pw
michael@0 81 NOISE_FILE=${HOSTDIR}/tests_noise
michael@0 82 CORELIST_FILE=${HOSTDIR}/clist
michael@0 83
michael@0 84 FIPSPWFILE=${HOSTDIR}/tests.fipspw
michael@0 85 FIPSBADPWFILE=${HOSTDIR}/tests.fipsbadpw
michael@0 86 FIPSP12PWFILE=${HOSTDIR}/tests.fipsp12pw
michael@0 87
michael@0 88 echo "fIps140" > ${FIPSPWFILE}
michael@0 89 echo "fips104" > ${FIPSBADPWFILE}
michael@0 90 echo "pKcs12fips140" > ${FIPSP12PWFILE}
michael@0 91
michael@0 92 noise
michael@0 93
michael@0 94 P_SERVER_CADIR=${SERVER_CADIR}
michael@0 95 P_CLIENT_CADIR=${CLIENT_CADIR}
michael@0 96
michael@0 97 if [ -n "${MULTIACCESS_DBM}" ]; then
michael@0 98 P_SERVER_CADIR="multiaccess:${D_SERVER_CA}"
michael@0 99 P_CLIENT_CADIR="multiaccess:${D_CLIENT_CA}"
michael@0 100 fi
michael@0 101
michael@0 102
michael@0 103 # a new log file, short - fast to search, mostly for tools to
michael@0 104 # see if their portion of the cert has succeeded, also for me -
michael@0 105 CERT_LOG_FILE=${HOSTDIR}/cert.log #the output.log is so crowded...
michael@0 106
michael@0 107 TEMPFILES=foobar # keep "${PWFILE} ${NOISE_FILE}" around
michael@0 108
michael@0 109 export HOSTDIR
michael@0 110 }
michael@0 111
michael@0 112 # Generate noise file
michael@0 113 noise()
michael@0 114 {
michael@0 115 # NOTE: these keys are only suitable for testing, as this whole thing
michael@0 116 # bypasses the entropy gathering. Don't use this method to generate
michael@0 117 # keys and certs for product use or deployment.
michael@0 118 ps -efl > ${NOISE_FILE} 2>&1
michael@0 119 ps aux >> ${NOISE_FILE} 2>&1
michael@0 120 date >> ${NOISE_FILE} 2>&1
michael@0 121 }
michael@0 122
michael@0 123 # Print selected environment variable (used for backup)
michael@0 124 env_backup()
michael@0 125 {
michael@0 126 echo "HOSTDIR=\"${HOSTDIR}\""
michael@0 127 echo "TABLE_ARGS="
michael@0 128 echo "NSS_TEST_DISABLE_CRL=${NSS_TEST_DISABLE_CRL}"
michael@0 129 echo "NSS_SSL_TESTS=\"${NSS_SSL_TESTS}\""
michael@0 130 echo "NSS_SSL_RUN=\"${NSS_SSL_RUN}\""
michael@0 131 echo "NSS_DEFAULT_DB_TYPE=${NSS_DEFAULT_DB_TYPE}"
michael@0 132 echo "export NSS_DEFAULT_DB_TYPE"
michael@0 133 echo "NSS_ENABLE_PKIX_VERIFY=${NSS_ENABLE_PKIX_VERIFY}"
michael@0 134 echo "export NSS_ENABLE_PKIX_VERIFY"
michael@0 135 echo "init_directories"
michael@0 136 }
michael@0 137
michael@0 138 # Exit shellfunction to clean up at exit (error, regular or signal)
michael@0 139 Exit()
michael@0 140 {
michael@0 141 if [ -n "$1" ] ; then
michael@0 142 echo "$SCRIPTNAME: Exit: $* - FAILED"
michael@0 143 html_failed "$*"
michael@0 144 fi
michael@0 145 echo "</TABLE><BR>" >> ${RESULTS}
michael@0 146 if [ -n "${SERVERPID}" -a -f "${SERVERPID}" ]; then
michael@0 147 ${KILL} `cat ${SERVERPID}`
michael@0 148 fi
michael@0 149 cd ${QADIR}
michael@0 150 . common/cleanup.sh
michael@0 151 case $1 in
michael@0 152 [0-4][0-9]|[0-9])
michael@0 153 exit $1;
michael@0 154 ;;
michael@0 155 *)
michael@0 156 exit 1
michael@0 157 ;;
michael@0 158 esac
michael@0 159 }
michael@0 160
michael@0 161 detect_core()
michael@0 162 {
michael@0 163 [ ! -f $CORELIST_FILE ] && touch $CORELIST_FILE
michael@0 164 mv $CORELIST_FILE ${CORELIST_FILE}.old
michael@0 165 coreStr=`find $HOSTDIR -type f -name '*core*'`
michael@0 166 res=0
michael@0 167 if [ -n "$coreStr" ]; then
michael@0 168 sum $coreStr > $CORELIST_FILE
michael@0 169 res=`cat $CORELIST_FILE ${CORELIST_FILE}.old | sort | uniq -u | wc -l`
michael@0 170 fi
michael@0 171 return $res
michael@0 172 }
michael@0 173
michael@0 174 #html functions to give the resultfiles a consistant look
michael@0 175 html() ######################### write the results.html file
michael@0 176 { # 3 functions so we can put targets in the output.log easier
michael@0 177 echo $* >>${RESULTS}
michael@0 178 }
michael@0 179 html_passed()
michael@0 180 {
michael@0 181 html_detect_core "$@" || return
michael@0 182 MSG_ID=`cat ${MSG_ID_FILE}`
michael@0 183 MSG_ID=`expr ${MSG_ID} + 1`
michael@0 184 echo ${MSG_ID} > ${MSG_ID_FILE}
michael@0 185 html "<TR><TD>#${MSG_ID}: $1 ${HTML_PASSED}"
michael@0 186 echo "${SCRIPTNAME}: #${MSG_ID}: $* - PASSED"
michael@0 187 }
michael@0 188 html_failed()
michael@0 189 {
michael@0 190 html_detect_core "$@" || return
michael@0 191 MSG_ID=`cat ${MSG_ID_FILE}`
michael@0 192 MSG_ID=`expr ${MSG_ID} + 1`
michael@0 193 echo ${MSG_ID} > ${MSG_ID_FILE}
michael@0 194 html "<TR><TD>#${MSG_ID}: $1 ${HTML_FAILED}"
michael@0 195 echo "${SCRIPTNAME}: #${MSG_ID}: $* - FAILED"
michael@0 196 }
michael@0 197 html_unknown()
michael@0 198 {
michael@0 199 html_detect_core "$@" || return
michael@0 200 MSG_ID=`cat ${MSG_ID_FILE}`
michael@0 201 MSG_ID=`expr ${MSG_ID} + 1`
michael@0 202 echo ${MSG_ID} > ${MSG_ID_FILE}
michael@0 203 html "<TR><TD>#${MSG_ID}: $1 ${HTML_UNKNOWN}"
michael@0 204 echo "${SCRIPTNAME}: #${MSG_ID}: $* - UNKNOWN"
michael@0 205 }
michael@0 206 html_detect_core()
michael@0 207 {
michael@0 208 detect_core
michael@0 209 if [ $? -ne 0 ]; then
michael@0 210 MSG_ID=`cat ${MSG_ID_FILE}`
michael@0 211 MSG_ID=`expr ${MSG_ID} + 1`
michael@0 212 echo ${MSG_ID} > ${MSG_ID_FILE}
michael@0 213 html "<TR><TD>#${MSG_ID}: $* ${HTML_FAILED_CORE}"
michael@0 214 echo "${SCRIPTNAME}: #${MSG_ID}: $* - Core file is detected - FAILED"
michael@0 215 return 1
michael@0 216 fi
michael@0 217 return 0
michael@0 218 }
michael@0 219 html_head()
michael@0 220 {
michael@0 221
michael@0 222 html "<TABLE BORDER=1 ${TABLE_ARGS}><TR><TH COLSPAN=3>$*</TH></TR>"
michael@0 223 html "<TR><TH width=500>Test Case</TH><TH width=50>Result</TH></TR>"
michael@0 224 echo "$SCRIPTNAME: $* ==============================="
michael@0 225 }
michael@0 226 html_msg()
michael@0 227 {
michael@0 228 if [ "$1" -ne "$2" ] ; then
michael@0 229 html_failed "$3" "$4"
michael@0 230 else
michael@0 231 html_passed "$3" "$4"
michael@0 232 fi
michael@0 233 }
michael@0 234 HTML_FAILED='</TD><TD bgcolor=red>Failed</TD><TR>'
michael@0 235 HTML_FAILED_CORE='</TD><TD bgcolor=red>Failed Core</TD><TR>'
michael@0 236 HTML_PASSED='</TD><TD bgcolor=lightGreen>Passed</TD><TR>'
michael@0 237 HTML_UNKNOWN='</TD><TD>Unknown/TD><TR>'
michael@0 238 TABLE_ARGS=
michael@0 239
michael@0 240
michael@0 241 #directory name init
michael@0 242 SCRIPTNAME=init.sh
michael@0 243
michael@0 244 mozilla_root=`(cd ../../..; pwd)`
michael@0 245 MOZILLA_ROOT=${MOZILLA_ROOT-$mozilla_root}
michael@0 246
michael@0 247 qadir=`(cd ..; pwd)`
michael@0 248 QADIR=${QADIR-$qadir}
michael@0 249
michael@0 250 common=${QADIR}/common
michael@0 251 COMMON=${TEST_COMMON-$common}
michael@0 252 export COMMON
michael@0 253
michael@0 254 DIST=${DIST-${MOZILLA_ROOT}/dist}
michael@0 255 TESTDIR=${TESTDIR-${MOZILLA_ROOT}/tests_results/security}
michael@0 256
michael@0 257 # Allow for override options from a config file
michael@0 258 if [ -n "${OBJDIR}" -a -f ${DIST}/${OBJDIR}/platform.cfg ]; then
michael@0 259 . ${DIST}/${OBJDIR}/platform.cfg
michael@0 260 fi
michael@0 261
michael@0 262 # only need make if we don't already have certain variables set
michael@0 263 if [ -z "${OBJDIR}" -o -z "${OS_ARCH}" -o -z "${DLL_PREFIX}" -o -z "${DLL_SUFFIX}" ]; then
michael@0 264 MAKE=gmake
michael@0 265 $MAKE -v >/dev/null 2>&1 || MAKE=make
michael@0 266 $MAKE -v >/dev/null 2>&1 || { echo "You are missing make."; exit 5; }
michael@0 267 MAKE="$MAKE --no-print-directory"
michael@0 268 fi
michael@0 269
michael@0 270 if [ "${OBJDIR}" = "" ]; then
michael@0 271 OBJDIR=`(cd $COMMON; $MAKE objdir_name)`
michael@0 272 fi
michael@0 273 if [ "${OS_ARCH}" = "" ]; then
michael@0 274 OS_ARCH=`(cd $COMMON; $MAKE os_arch)`
michael@0 275 fi
michael@0 276 if [ "${DLL_PREFIX}" = "" ]; then
michael@0 277 DLL_PREFIX=`(cd $COMMON; $MAKE dll_prefix)`
michael@0 278 fi
michael@0 279 if [ "${DLL_SUFFIX}" = "" ]; then
michael@0 280 DLL_SUFFIX=`(cd $COMMON; $MAKE dll_suffix)`
michael@0 281 fi
michael@0 282 OS_NAME=`uname -s | sed -e "s/-[0-9]*\.[0-9]*//" | sed -e "s/-WOW64//"`
michael@0 283
michael@0 284 BINDIR="${DIST}/${OBJDIR}/bin"
michael@0 285
michael@0 286 # Pathnames constructed from ${TESTDIR} are passed to NSS tools
michael@0 287 # such as certutil, which don't understand Cygwin pathnames.
michael@0 288 # So we need to convert ${TESTDIR} to a Windows pathname (with
michael@0 289 # regular slashes).
michael@0 290 if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "CYGWIN_NT" ]; then
michael@0 291 TESTDIR=`cygpath -m ${TESTDIR}`
michael@0 292 QADIR=`cygpath -m ${QADIR}`
michael@0 293 fi
michael@0 294
michael@0 295 # Same problem with MSYS/Mingw, except we need to start over with pwd -W
michael@0 296 if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "MINGW32_NT" ]; then
michael@0 297 mingw_mozilla_root=`(cd ../../..; pwd -W)`
michael@0 298 MINGW_MOZILLA_ROOT=${MINGW_MOZILLA_ROOT-$mingw_mozilla_root}
michael@0 299 TESTDIR=${MINGW_TESTDIR-${MINGW_MOZILLA_ROOT}/tests_results/security}
michael@0 300 fi
michael@0 301
michael@0 302 # Same problem with MSYS/Mingw, except we need to start over with pwd -W
michael@0 303 if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "MINGW32_NT" ]; then
michael@0 304 mingw_mozilla_root=`(cd ../../..; pwd -W)`
michael@0 305 MINGW_MOZILLA_ROOT=${MINGW_MOZILLA_ROOT-$mingw_mozilla_root}
michael@0 306 TESTDIR=${MINGW_TESTDIR-${MINGW_MOZILLA_ROOT}/tests_results/security}
michael@0 307 fi
michael@0 308 echo testdir is $TESTDIR
michael@0 309
michael@0 310 #in case of backward comp. tests the calling scripts set the
michael@0 311 #PATH and LD_LIBRARY_PATH and do not want them to be changed
michael@0 312 if [ -z "${DON_T_SET_PATHS}" -o "${DON_T_SET_PATHS}" != "TRUE" ] ; then
michael@0 313 if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" != "CYGWIN_NT" -a "$OS_NAME" != "MINGW32_NT" ]; then
michael@0 314 PATH=.\;${DIST}/${OBJDIR}/bin\;${DIST}/${OBJDIR}/lib\;$PATH
michael@0 315 PATH=`perl ../path_uniq -d ';' "$PATH"`
michael@0 316 elif [ "${OS_ARCH}" = "Android" ]; then
michael@0 317 # android doesn't have perl, skip the uniq step
michael@0 318 PATH=.:${DIST}/${OBJDIR}/bin:${DIST}/${OBJDIR}/lib:$PATH
michael@0 319 else
michael@0 320 PATH=.:${DIST}/${OBJDIR}/bin:${DIST}/${OBJDIR}/lib:/bin:/usr/bin:$PATH
michael@0 321 # added /bin and /usr/bin in the beginning so a local perl will
michael@0 322 # be used
michael@0 323 PATH=`perl ../path_uniq -d ':' "$PATH"`
michael@0 324 fi
michael@0 325
michael@0 326 LD_LIBRARY_PATH=${DIST}/${OBJDIR}/lib:$LD_LIBRARY_PATH
michael@0 327 SHLIB_PATH=${DIST}/${OBJDIR}/lib:$SHLIB_PATH
michael@0 328 LIBPATH=${DIST}/${OBJDIR}/lib:$LIBPATH
michael@0 329 DYLD_LIBRARY_PATH=${DIST}/${OBJDIR}/lib:$DYLD_LIBRARY_PATH
michael@0 330 fi
michael@0 331
michael@0 332 if [ ! -d "${TESTDIR}" ]; then
michael@0 333 echo "$SCRIPTNAME init: Creating ${TESTDIR}"
michael@0 334 mkdir -p ${TESTDIR}
michael@0 335 fi
michael@0 336
michael@0 337 #HOST and DOMSUF are needed for the server cert
michael@0 338
michael@0 339 DOMAINNAME=`which domainname`
michael@0 340 if [ -z "${DOMSUF}" -a $? -eq 0 -a -n "${DOMAINNAME}" ]; then
michael@0 341 DOMSUF=`domainname`
michael@0 342 fi
michael@0 343
michael@0 344 case $HOST in
michael@0 345 *\.*)
michael@0 346 if [ -z "${DOMSUF}" ]; then
michael@0 347 DOMSUF=`echo $HOST | sed -e "s/^[^.]*\.//"`
michael@0 348 fi
michael@0 349 HOST=`echo $HOST | sed -e "s/\..*//"`
michael@0 350 ;;
michael@0 351 ?*)
michael@0 352 ;;
michael@0 353 *)
michael@0 354 HOST=`uname -n`
michael@0 355 case $HOST in
michael@0 356 *\.*)
michael@0 357 if [ -z "${DOMSUF}" ]; then
michael@0 358 DOMSUF=`echo $HOST | sed -e "s/^[^.]*\.//"`
michael@0 359 fi
michael@0 360 HOST=`echo $HOST | sed -e "s/\..*//"`
michael@0 361 ;;
michael@0 362 ?*)
michael@0 363 ;;
michael@0 364 *)
michael@0 365 echo "$SCRIPTNAME: Fatal HOST environment variable is not defined."
michael@0 366 exit 1 #does not need to be Exit, very early in script
michael@0 367 ;;
michael@0 368 esac
michael@0 369 ;;
michael@0 370 esac
michael@0 371
michael@0 372 if [ -z "${DOMSUF}" -a "${OS_ARCH}" != "Android" ]; then
michael@0 373 echo "$SCRIPTNAME: Fatal DOMSUF env. variable is not defined."
michael@0 374 exit 1 #does not need to be Exit, very early in script
michael@0 375 fi
michael@0 376
michael@0 377 #HOSTADDR was a workaround for the dist. stress test, and is probably
michael@0 378 #not needed anymore (purpose: be able to use IP address for the server
michael@0 379 #cert instead of PC name which was not in the DNS because of dyn IP address
michael@0 380 if [ -z "$USE_IP" -o "$USE_IP" != "TRUE" ] ; then
michael@0 381 if [ -z "${DOMSUF}" ]; then
michael@0 382 HOSTADDR=${HOST}
michael@0 383 else
michael@0 384 HOSTADDR=${HOST}.${DOMSUF}
michael@0 385 fi
michael@0 386 else
michael@0 387 HOSTADDR=${IP_ADDRESS}
michael@0 388 fi
michael@0 389
michael@0 390 #if running remote side of the distributed stress test we need to use
michael@0 391 #the files that the server side gives us...
michael@0 392 if [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
michael@0 393 for w in `ls -rtd ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null |
michael@0 394 sed -e "s/.*${HOST}.//"` ; do
michael@0 395 version=$w
michael@0 396 done
michael@0 397 HOSTDIR=${TESTDIR}/${HOST}.$version
michael@0 398 echo "$SCRIPTNAME init: HOSTDIR $HOSTDIR"
michael@0 399 echo $HOSTDIR
michael@0 400 if [ ! -d $HOSTDIR ] ; then
michael@0 401 echo "$SCRIPTNAME: Fatal: Remote side of dist. stress test "
michael@0 402 echo " - server HOSTDIR $HOSTDIR does not exist"
michael@0 403 exit 1 #does not need to be Exit, very early in script
michael@0 404 fi
michael@0 405 fi
michael@0 406
michael@0 407 #find the HOSTDIR, where the results are supposed to go
michael@0 408 if [ -n "${HOSTDIR}" ]; then
michael@0 409 version=`echo $HOSTDIR | sed -e "s/.*${HOST}.//"`
michael@0 410 else
michael@0 411 if [ -f "${TESTDIR}/${HOST}" ]; then
michael@0 412 version=`cat ${TESTDIR}/${HOST}`
michael@0 413 else
michael@0 414 version=1
michael@0 415 fi
michael@0 416 #file has a tendency to disappear, messing up the rest of QA -
michael@0 417 #workaround to find the next higher number if version file is not there
michael@0 418 if [ -z "${version}" ]; then # for some strange reason this file
michael@0 419 # gets truncated at times... Windos
michael@0 420 for w in `ls -d ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null |
michael@0 421 sort -t '.' -n | sed -e "s/.*${HOST}.//"` ; do
michael@0 422 version=`expr $w + 1`
michael@0 423 done
michael@0 424 if [ -z "${version}" ]; then
michael@0 425 version=1
michael@0 426 fi
michael@0 427 fi
michael@0 428 expr $version + 1 > ${TESTDIR}/${HOST}
michael@0 429
michael@0 430 HOSTDIR=${TESTDIR}/${HOST}'.'$version
michael@0 431
michael@0 432 mkdir -p ${HOSTDIR}
michael@0 433 fi
michael@0 434
michael@0 435 #result and log file and filename init,
michael@0 436 if [ -z "${LOGFILE}" ]; then
michael@0 437 LOGFILE=${HOSTDIR}/output.log
michael@0 438 fi
michael@0 439 if [ ! -f "${LOGFILE}" ]; then
michael@0 440 touch ${LOGFILE}
michael@0 441 fi
michael@0 442 if [ -z "${RESULTS}" ]; then
michael@0 443 RESULTS=${HOSTDIR}/results.html
michael@0 444 fi
michael@0 445 if [ ! -f "${RESULTS}" ]; then
michael@0 446 cp ${COMMON}/results_header.html ${RESULTS}
michael@0 447 html "<H4>Platform: ${OBJDIR}<BR>"
michael@0 448 html "Test Run: ${HOST}.$version</H4>"
michael@0 449 html "${BC_ACTION}"
michael@0 450 html "<HR><BR>"
michael@0 451 html "<HTML><BODY>"
michael@0 452
michael@0 453 echo "********************************************" | tee -a ${LOGFILE}
michael@0 454 echo " Platform: ${OBJDIR}" | tee -a ${LOGFILE}
michael@0 455 echo " Results: ${HOST}.$version" | tee -a ${LOGFILE}
michael@0 456 echo "********************************************" | tee -a ${LOGFILE}
michael@0 457 echo "$BC_ACTION" | tee -a ${LOGFILE}
michael@0 458 #if running remote side of the distributed stress test
michael@0 459 # let the user know who it is...
michael@0 460 elif [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
michael@0 461 echo "********************************************" | tee -a ${LOGFILE}
michael@0 462 echo " Platform: ${OBJDIR}" | tee -a ${LOGFILE}
michael@0 463 echo " Results: ${HOST}.$version" | tee -a ${LOGFILE}
michael@0 464 echo " remote side of distributed stress test " | tee -a ${LOGFILE}
michael@0 465 echo " `uname -n -s`" | tee -a ${LOGFILE}
michael@0 466 echo "********************************************" | tee -a ${LOGFILE}
michael@0 467 fi
michael@0 468
michael@0 469 echo "$SCRIPTNAME init: Testing PATH $PATH against LIB $LD_LIBRARY_PATH" |\
michael@0 470 tee -a ${LOGFILE}
michael@0 471
michael@0 472 KILL="kill"
michael@0 473
michael@0 474 if [ `uname -s` = "SunOS" ]; then
michael@0 475 PS="/usr/5bin/ps"
michael@0 476 else
michael@0 477 PS="ps"
michael@0 478 fi
michael@0 479 #found 3 rsh's so far that do not work as expected - cygnus mks6
michael@0 480 #(restricted sh) and mks 7 - if it is not in c:/winnt/system32 it
michael@0 481 #needs to be set in the environ.ksh
michael@0 482 if [ -z "$RSH" ]; then
michael@0 483 if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "CYGWIN_NT" ]; then
michael@0 484 RSH=/cygdrive/c/winnt/system32/rsh
michael@0 485 elif [ "${OS_ARCH}" = "WINNT" ]; then
michael@0 486 RSH=c:/winnt/system32/rsh
michael@0 487 else
michael@0 488 RSH=rsh
michael@0 489 fi
michael@0 490 fi
michael@0 491
michael@0 492
michael@0 493 #more filename and directoryname init
michael@0 494 CURDIR=`pwd`
michael@0 495
michael@0 496 CU_ACTION='Unknown certutil action'
michael@0 497
michael@0 498 # would like to preserve some tmp files, also easier to see if there
michael@0 499 # are "leftovers" - another possibility ${HOSTDIR}/tmp
michael@0 500
michael@0 501 init_directories
michael@0 502
michael@0 503 FIPSCERTNICK="FIPS_PUB_140_Test_Certificate"
michael@0 504
michael@0 505 # domains to handle ipc based access to databases
michael@0 506 D_CA="TestCA.$version"
michael@0 507 D_ALICE="Alice.$version"
michael@0 508 D_BOB="Bob.$version"
michael@0 509 D_DAVE="Dave.$version"
michael@0 510 D_EVE="Eve.$version"
michael@0 511 D_SERVER_CA="ServerCA.$version"
michael@0 512 D_CLIENT_CA="ClientCA.$version"
michael@0 513 D_SERVER="Server.$version"
michael@0 514 D_CLIENT="Client.$version"
michael@0 515 D_FIPS="FIPS.$version"
michael@0 516 D_DBPASS="DBPASS.$version"
michael@0 517 D_ECCURVES="ECCURVES.$version"
michael@0 518 D_EXT_SERVER="ExtendedServer.$version"
michael@0 519 D_EXT_CLIENT="ExtendedClient.$version"
michael@0 520 D_CERT_EXTENSTIONS="CertExtensions.$version"
michael@0 521 D_DISTRUST="Distrust.$version"
michael@0 522
michael@0 523 # we need relative pathnames of these files abd directories, since our
michael@0 524 # tools can't handle the unix style absolut pathnames on cygnus
michael@0 525
michael@0 526 R_CADIR=../CA
michael@0 527 R_SERVERDIR=../server
michael@0 528 R_CLIENTDIR=../client
michael@0 529 R_IOPR_CADIR=../CA_iopr
michael@0 530 R_IOPR_SSL_SERVERDIR=../server_ssl_iopr
michael@0 531 R_IOPR_SSL_CLIENTDIR=../client_ssl_iopr
michael@0 532 R_IOPR_OCSP_CLIENTDIR=../client_ocsp_iopr
michael@0 533 R_ALICEDIR=../alicedir
michael@0 534 R_BOBDIR=../bobdir
michael@0 535 R_DAVEDIR=../dave
michael@0 536 R_EVEDIR=../eve
michael@0 537 R_EXT_SERVERDIR=../ext_server
michael@0 538 R_EXT_CLIENTDIR=../ext_client
michael@0 539 R_CERT_EXT=../cert_extensions
michael@0 540 R_STAPLINGDIR=../stapling
michael@0 541
michael@0 542 #
michael@0 543 # profiles are either paths or domains depending on the setting of
michael@0 544 # MULTIACCESS_DBM
michael@0 545 #
michael@0 546 P_R_CADIR=${R_CADIR}
michael@0 547 P_R_ALICEDIR=${R_ALICEDIR}
michael@0 548 P_R_BOBDIR=${R_BOBDIR}
michael@0 549 P_R_DAVEDIR=${R_DAVEDIR}
michael@0 550 P_R_EVEDIR=${R_EVEDIR}
michael@0 551 P_R_SERVERDIR=${R_SERVERDIR}
michael@0 552 P_R_CLIENTDIR=${R_CLIENTDIR}
michael@0 553 P_R_EXT_SERVERDIR=${R_EXT_SERVERDIR}
michael@0 554 P_R_EXT_CLIENTDIR=${R_EXT_CLIENTDIR}
michael@0 555 if [ -n "${MULTIACCESS_DBM}" ]; then
michael@0 556 P_R_CADIR="multiaccess:${D_CA}"
michael@0 557 P_R_ALICEDIR="multiaccess:${D_ALICE}"
michael@0 558 P_R_BOBDIR="multiaccess:${D_BOB}"
michael@0 559 P_R_DAVEDIR="multiaccess:${D_DAVE}"
michael@0 560 P_R_EVEDIR="multiaccess:${D_EVE}"
michael@0 561 P_R_SERVERDIR="multiaccess:${D_SERVER}"
michael@0 562 P_R_CLIENTDIR="multiaccess:${D_CLIENT}"
michael@0 563 P_R_EXT_SERVERDIR="multiaccess:${D_EXT_SERVER}"
michael@0 564 P_R_EXT_CLIENTDIR="multiaccess:${D_EXT_CLIENT}"
michael@0 565 fi
michael@0 566
michael@0 567 R_PWFILE=../tests.pw
michael@0 568 R_NOISE_FILE=../tests_noise
michael@0 569
michael@0 570 R_FIPSPWFILE=../tests.fipspw
michael@0 571 R_FIPSBADPWFILE=../tests.fipsbadpw
michael@0 572 R_FIPSP12PWFILE=../tests.fipsp12pw
michael@0 573
michael@0 574 trap "Exit $0 Signal_caught" 2 3
michael@0 575
michael@0 576 export PATH LD_LIBRARY_PATH SHLIB_PATH LIBPATH DYLD_LIBRARY_PATH
michael@0 577 export DOMSUF HOSTADDR
michael@0 578 export KILL PS
michael@0 579 export MOZILLA_ROOT DIST TESTDIR OBJDIR QADIR
michael@0 580 export LOGFILE SCRIPTNAME
michael@0 581
michael@0 582 #used for the distributed stress test, the server generates certificates
michael@0 583 #from GLOB_MIN_CERT to GLOB_MAX_CERT
michael@0 584 # NOTE - this variable actually gets initialized by directly by the
michael@0 585 # ssl_dist_stress.shs sl_ds_init() before init is called - need to change
michael@0 586 # in both places. speaking of data encapsulatioN...
michael@0 587
michael@0 588 if [ -z "$GLOB_MIN_CERT" ] ; then
michael@0 589 GLOB_MIN_CERT=0
michael@0 590 fi
michael@0 591 if [ -z "$GLOB_MAX_CERT" ] ; then
michael@0 592 GLOB_MAX_CERT=200
michael@0 593 fi
michael@0 594 if [ -z "$MIN_CERT" ] ; then
michael@0 595 MIN_CERT=$GLOB_MIN_CERT
michael@0 596 fi
michael@0 597 if [ -z "$MAX_CERT" ] ; then
michael@0 598 MAX_CERT=$GLOB_MAX_CERT
michael@0 599 fi
michael@0 600
michael@0 601 #################################################
michael@0 602 # CRL SSL testing constatnts
michael@0 603 #
michael@0 604
michael@0 605
michael@0 606 CRL_GRP_1_BEGIN=40
michael@0 607 CRL_GRP_1_RANGE=3
michael@0 608 UNREVOKED_CERT_GRP_1=41
michael@0 609
michael@0 610 CRL_GRP_2_BEGIN=43
michael@0 611 CRL_GRP_2_RANGE=6
michael@0 612 UNREVOKED_CERT_GRP_2=46
michael@0 613
michael@0 614 CRL_GRP_3_BEGIN=49
michael@0 615 CRL_GRP_3_RANGE=4
michael@0 616 UNREVOKED_CERT_GRP_3=51
michael@0 617
michael@0 618 TOTAL_CRL_RANGE=`expr ${CRL_GRP_1_RANGE} + ${CRL_GRP_2_RANGE} + \
michael@0 619 ${CRL_GRP_3_RANGE}`
michael@0 620
michael@0 621 TOTAL_GRP_NUM=3
michael@0 622
michael@0 623 RELOAD_CRL=1
michael@0 624
michael@0 625 NSS_DEFAULT_DB_TYPE="dbm"
michael@0 626 export NSS_DEFAULT_DB_TYPE
michael@0 627
michael@0 628 MSG_ID_FILE="${HOSTDIR}/id"
michael@0 629 MSG_ID=0
michael@0 630 echo ${MSG_ID} > ${MSG_ID_FILE}
michael@0 631
michael@0 632 #################################################
michael@0 633 # Interoperability testing constatnts
michael@0 634 #
michael@0 635 # if suite is setup for testing, IOPR_HOSTADDR_LIST should have
michael@0 636 # at least one host name(FQDN)
michael@0 637 # Example IOPR_HOSTADDR_LIST="goa1.SFBay.Sun.COM"
michael@0 638
michael@0 639 if [ -z "`echo ${IOPR_HOSTADDR_LIST} | grep '[A-Za-z]'`" ]; then
michael@0 640 IOPR=0
michael@0 641 else
michael@0 642 IOPR=1
michael@0 643 fi
michael@0 644 #################################################
michael@0 645
michael@0 646 if [ "${OS_ARCH}" != "WINNT" -a "${OS_ARCH}" != "Android" ]; then
michael@0 647 ulimit -c unlimited
michael@0 648 fi
michael@0 649
michael@0 650 SCRIPTNAME=$0
michael@0 651 INIT_SOURCED=TRUE #whatever one does - NEVER export this one please
michael@0 652 fi

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial