The Tor Browser: security/nss/tests/dbtests/dbtests.sh@b8a032363ba2 (annotated)

security/nss/tests/dbtests/dbtests.sh@b8a032363ba2 (annotated)

security/nss/tests/dbtests/dbtests.sh

Thu, 22 Jan 2015 13:21:57 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 22 Jan 2015 13:21:57 +0100
branch: TOR_BUG_9701
changeset 15: b8a032363ba2
permissions: -rwxr-xr-x

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

 #! /bin/bash
 #
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 ########################################################################
 #
 # mozilla/security/nss/tests/dbtest/dbtest.sh
 #
 # Certificate generating and handeling for NSS QA, can be included
 # multiple times from all.sh and the individual scripts
 #
 # needs to work on all Unix and Windows platforms
 #
 # included from (don't expect this to be up to date)
 # --------------------------------------------------
 #   all.sh
 #   ssl.sh
 #   smime.sh
 #   tools.sh
 #
 # special strings
 # ---------------
 #   FIXME ... known problems, search for this string
 #   NOTE .... unexpected behavior
 #
 # FIXME - Netscape - NSS
 ########################################################################
 ############################## dbtest_init ###############################
 # local shell function to initialize this script
 ########################################################################
 dbtest_init()
 {
   SCRIPTNAME="dbtests.sh"
   if [ -z "${CLEANUP}" ] ; then     # if nobody else is responsible for
       CLEANUP="${SCRIPTNAME}"       # cleaning this script will do it
   fi
   if [ -z "${INIT_SOURCED}" ] ; then
       cd ../common
       . ./init.sh
   fi
   if [ ! -r $CERT_LOG_FILE ]; then  # we need certificates here
       cd ../cert
       . ./cert.sh
   fi
   SCRIPTNAME="dbtests.sh"
   RONLY_DIR=${HOSTDIR}/ronlydir
   EMPTY_DIR=${HOSTDIR}/emptydir
   CONFLICT_DIR=${HOSTDIR}/conflictdir
   html_head "CERT and Key DB Tests"
 }
 ############################## dbtest_cleanup ############################
 # local shell function to finish this script (no exit since it might be
 # sourced)
 ########################################################################
 dbtest_cleanup()
 {
   html "</TABLE><BR>"
   cd ${QADIR}
   chmod a+rw $RONLY_DIR
   . common/cleanup.sh
 }
 Echo()
 {
     echo
     echo "---------------------------------------------------------------"
     echo "| $*"
     echo "---------------------------------------------------------------"
 }
 dbtest_main()
 {
     cd ${HOSTDIR}
     Echo "test opening the database read/write in a nonexisting directory"
     ${BINDIR}/certutil -L -X -d ./non_existent_dir
     ret=$?
     if [ $ret -ne 255 ]; then
       html_failed "Certutil succeeded in a nonexisting directory $ret"
     else
       html_passed "Certutil didn't work in a nonexisting dir $ret"
     fi
     ${BINDIR}/dbtest -r -d ./non_existent_dir
     ret=$?
     if [ $ret -ne 46 ]; then
       html_failed "Dbtest readonly succeeded in a nonexisting directory $ret"
     else
       html_passed "Dbtest readonly didn't work in a nonexisting dir $ret"
     fi
     Echo "test force opening the database in a nonexisting directory"
     ${BINDIR}/dbtest -f -d ./non_existent_dir
     ret=$?
     if [ $ret -ne 0 ]; then
       html_failed "Dbtest force failed in a nonexisting directory $ret"
     else
       html_passed "Dbtest force succeeded in a nonexisting dir $ret"
     fi
     Echo "test opening the database readonly in an empty directory"
     mkdir $EMPTY_DIR
     ${BINDIR}/tstclnt -h  ${HOST}  -d $EMPTY_DIR
     ret=$?
     if [ $ret -ne 1 ]; then
       html_failed "Tstclnt succeded in an empty directory $ret"
     else
       html_passed "Tstclnt didn't work in an empty dir $ret"
     fi
     ${BINDIR}/dbtest -r -d $EMPTY_DIR
     ret=$?
     if [ $ret -ne 46 ]; then
       html_failed "Dbtest readonly succeeded in an empty directory $ret"
     else
       html_passed "Dbtest readonly didn't work in an empty dir $ret"
     fi
     rm -rf $EMPTY_DIR/* 2>/dev/null
     ${BINDIR}/dbtest -i -d $EMPTY_DIR
     ret=$?
     if [ $ret -ne 0 ]; then
       html_failed "Dbtest logout after empty DB Init loses key $ret"
     else
       html_passed "Dbtest logout after empty DB Init has key"
     fi
     rm -rf $EMPTY_DIR/* 2>/dev/null
     ${BINDIR}/dbtest -i -p pass -d $EMPTY_DIR
     ret=$?
     if [ $ret -ne 0 ]; then
       html_failed "Dbtest password DB Init loses needlogin state $ret"
     else
       html_passed "Dbtest password DB Init maintains needlogin state"
     fi
     rm -rf $EMPTY_DIR/* 2>/dev/null
     ${BINDIR}/certutil -D -n xxxx -d $EMPTY_DIR #created DB
     ret=$?
     if [ $ret -ne 255 ]; then
         html_failed "Certutil succeeded in deleting a cert in an empty directory $ret"
     else
         html_passed "Certutil didn't work in an empty dir $ret"
     fi
     rm -rf $EMPTY_DIR/* 2>/dev/null
     Echo "test force opening the database  readonly in a empty directory"
     ${BINDIR}/dbtest -r -f -d $EMPTY_DIR
     ret=$?
     if [ $ret -ne 0 ]; then
       html_failed "Dbtest force readonly failed in an empty directory $ret"
     else
       html_passed "Dbtest force readonly succeeded in an empty dir $ret"
     fi
     Echo "test opening the database r/w in a readonly directory"
     mkdir $RONLY_DIR
     cp -r ${CLIENTDIR}/* $RONLY_DIR
     chmod -w $RONLY_DIR $RONLY_DIR/*
     # On Mac OS X 10.1, if we do a "chmod -w" on files in an
     # NFS-mounted directory, it takes several seconds for the
     # first open to see the files are readonly, but subsequent
     # opens immediately see the files are readonly.  As a
     # workaround we open the files once first.  (Bug 185074)
     if [ "${OS_ARCH}" = "Darwin" ]; then
         cat $RONLY_DIR/* > /dev/null
     fi
     ${BINDIR}/dbtest -d $RONLY_DIR
     ret=$?
     if [ $ret -ne 46 ]; then
       html_failed "Dbtest r/w succeeded in an readonly directory $ret"
     else
       html_passed "Dbtest r/w didn't work in an readonly dir $ret"
     fi
     ${BINDIR}/certutil -D -n "TestUser" -d .
     ret=$?
     if [ $ret -ne 255 ]; then
       html_failed "Certutil succeeded in deleting a cert in an readonly directory $ret"
     else
         html_passed "Certutil didn't work in an readonly dir $ret"
     fi
     Echo "test opening the database ronly in a readonly directory"
     ${BINDIR}/dbtest -d $RONLY_DIR -r
     ret=$?
     if [ $ret -ne 0 ]; then
       html_failed "Dbtest readonly failed in a readonly directory $ret"
     else
       html_passed "Dbtest readonly succeeded in a readonly dir $ret"
     fi
     Echo "test force opening the database  r/w in a readonly directory"
     ${BINDIR}/dbtest -d $RONLY_DIR -f
     ret=$?
     if [ $ret -ne 0 ]; then
       html_failed "Dbtest force failed in a readonly directory $ret"
     else
       html_passed "Dbtest force succeeded in a readonly dir $ret"
     fi
     Echo "ls -l $RONLY_DIR"
     ls -ld $RONLY_DIR $RONLY_DIR/*
     mkdir ${CONFLICT_DIR}
     Echo "test creating a new cert with a conflicting nickname"
     cd ${CONFLICT_DIR}
     pwd
     ${BINDIR}/certutil -N -d ${CONFLICT_DIR} -f ${R_PWFILE}
     ret=$?
     if [ $ret -ne 0 ]; then
       html_failed "Nicknane conflict test failed, couldn't create database $ret"
     else
       ${BINDIR}/certutil -A -n alice -t ,, -i ${R_ALICEDIR}/Alice.cert -d ${CONFLICT_DIR}
       ret=$?
       if [ $ret -ne 0 ]; then
         html_failed "Nicknane conflict test failed, couldn't import alice cert $ret"
       else
         ${BINDIR}/certutil -A -n alice -t ,, -i ${R_BOBDIR}/Bob.cert -d ${CONFLICT_DIR}
         ret=$?
         if [ $ret -eq 0 ]; then
           html_failed "Nicknane conflict test failed, could import conflict nickname $ret"
         else
           html_passed "Nicknane conflict test, could not import conflict nickname $ret"
         fi
       fi
     fi
     Echo "test importing an old cert to a conflicting nickname"
     # first, import the certificate
     ${BINDIR}/certutil -A -n bob -t ,, -i ${R_BOBDIR}/Bob.cert -d ${CONFLICT_DIR}
     # now import with a different nickname
     ${BINDIR}/certutil -A -n alice -t ,, -i ${R_BOBDIR}/Bob.cert -d ${CONFLICT_DIR}
     # the old one should still be there...
     ${BINDIR}/certutil -L -n bob -d ${CONFLICT_DIR}
     ret=$?
     if [ $ret -ne 0 ]; then
       html_failed "Nicknane conflict test-setting nickname conflict incorrectly worked"
     else
       html_passed "Nicknane conflict test-setting nickname conflict was correctly rejected"
     fi
 }
 ################## main #################################################
 dbtest_init
 dbtest_main 2>&1
 dbtest_cleanup

The Tor Browser / annotate

security/nss/tests/dbtests/dbtests.sh@b8a032363ba2 (annotated)

security/nss/tests/dbtests/dbtests.sh