The Tor Browser: comparison security/nss/tests/all.sh

--1:000000000000
+:ec1905323951
+#!/bin/bash
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+########################################################################
+#
+# mozilla/security/nss/tests/all.sh
+#
+# Script to start selected available NSS QA suites on one machine
+# this script is called or sourced by NSS QA which runs on all required
+# platforms
+#
+# Needs to work on all Unix and Windows platforms
+#
+# Currently available NSS QA suites:
+# ----------------------------------
+#   cipher.sh    - tests NSS ciphers
+#   libpkix.sh   - tests PKIX functionality
+#   cert.sh      - exercises certutil and creates certs necessary for
+#                  all other tests
+#   dbtests.sh   - tests related to certificate databases
+#   tools.sh     - tests the majority of the NSS tools
+#   fips.sh      - tests basic functionallity of NSS in FIPS-compliant
+#                - mode
+#   sdr.sh       - tests NSS SDR
+#   crmf.sh      - CRMF/CMMF testing
+#   smime.sh     - S/MIME testing
+#   ssl.sh       - tests SSL V2 SSL V3 and TLS
+#   ocsp.sh      - OCSP testing
+#   merge.sh     - tests merging old and new shareable databases
+#   pkits.sh     - NIST/PKITS tests
+#   chains.sh    - PKIX cert chains tests
+#   dbupgrade.sh - upgrade databases to new shareable version (used
+#                  only in upgrade test cycle)
+#   memleak.sh   - memory leak testing (optional)
+#
+# NSS testing is now devided to 4 cycles:
+# ---------------------------------------
+#   standard     - run test suites with defaults settings
+#   pkix         - run test suites with PKIX enabled
+#   upgradedb    - upgrade existing certificate databases to shareable
+#                  format (creates them if doesn't exist yet) and run
+#                  test suites with those databases
+#   sharedb      - run test suites with shareable database format
+#                  enabled (databases are created directly to this
+#                  format)
+#
+# Mandatory environment variables (to be set before testing):
+# -----------------------------------------------------------
+#   HOST         - test machine host name
+#   DOMSUF       - test machine domain name
+#
+# Optional environment variables to specify build to use:
+# -------------------------------------------------------
+#   BUILT_OPT    - use optimized/debug build
+#   USE_64       - use 64bit/32bit build
+#
+# Optional environment variables to enable specific NSS features:
+# ---------------------------------------------------------------
+#   NSS_DISABLE_ECC             - disable ECC
+#   NSS_ECC_MORE_THAN_SUITE_B   - enable extended ECC
+#
+# Optional environment variables to select which cycles/suites to test:
+# ---------------------------------------------------------------------
+#   NSS_CYCLES     - list of cycles to run (separated by space
+#                    character)
+#                  - by default all cycles are tested
+#
+#   NSS_TESTS      - list of all test suites to run (separated by space
+#                    character, without trailing .sh)
+#                  - this list can be reduced for individual test cycles
+#
+#   NSS_SSL_TESTS  - list of ssl tests to run (see ssl.sh)
+#   NSS_SSL_RUN    - list of ssl sub-tests to run (see ssl.sh)
+#
+# Testing schema:
+# ---------------
+#                           all.sh                       ~  (main)
+#                              |                               |
+#          +------------+------------+-----------+       ~  run_cycles
+#          |            |            |           |             |
+#      standard       pkix       upgradedb     sharedb   ~  run_cycle_*
+#                       |                                      |
+#                +------+------+------+----->            ~  run_tests
+#                |      |      |      |                        |
+#              cert   tools   fips   ssl   ...           ~  . *.sh
+#
+# Special strings:
+# ----------------
+#   FIXME ... known problems, search for this string
+#   NOTE .... unexpected behavior
+#
+# NOTE:
+# -----
+#   Unlike the old QA this is based on files sourcing each other
+#   This is done to save time, since a great portion of time is lost
+#   in calling and sourcing the same things multiple times over the
+#   network. Also, this way all scripts have all shell function
+#   available and a completely common environment
+#
+########################################################################
+############################## run_tests ###############################
+# run test suites defined in TESTS variable, skip scripts defined in
+# TESTS_SKIP variable
+########################################################################
+run_tests()
+{
+for TEST in ${TESTS}
+do
+echo "${TESTS_SKIP}" | grep "${TEST}" > /dev/null
+if [ $? -eq 0 ]; then
+continue
+fi
+SCRIPTNAME=${TEST}.sh
+echo "Running tests for ${TEST}"
+echo "TIMESTAMP ${TEST} BEGIN: `date`"
+(cd ${QADIR}/${TEST}; . ./${SCRIPTNAME} 2>&1)
+echo "TIMESTAMP ${TEST} END: `date`"
+done
+}
+########################## run_cycle_standard ##########################
+# run test suites with defaults settings (no PKIX, no sharedb)
+########################################################################
+run_cycle_standard()
+{
+TEST_MODE=STANDARD
+TESTS="${ALL_TESTS}"
+TESTS_SKIP=
+run_tests
+}
+############################ run_cycle_pkix ############################
+# run test suites with PKIX enabled
+########################################################################
+run_cycle_pkix()
+{
+TEST_MODE=PKIX
+TABLE_ARGS="bgcolor=cyan"
+html_head "Testing with PKIX"
+html "</TABLE><BR>"
+HOSTDIR="${HOSTDIR}/pkix"
+mkdir -p "${HOSTDIR}"
+init_directories
+NSS_ENABLE_PKIX_VERIFY="1"
+export NSS_ENABLE_PKIX_VERIFY
+TESTS="${ALL_TESTS}"
+TESTS_SKIP="cipher dbtests sdr crmf smime merge multinit"
+echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
+RET=$?
+NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/bypass//g" -e "s/fips//g" -e "s/_//g"`
+[ ${RET} -eq 0 ] && NSS_SSL_TESTS="${NSS_SSL_TESTS} bypass_bypass"
+run_tests
+}
+######################### run_cycle_upgrade_db #########################
+# upgrades certificate database to shareable format and run test suites
+# with those databases
+########################################################################
+run_cycle_upgrade_db()
+{
+TEST_MODE=UPGRADE_DB
+TABLE_ARGS="bgcolor=pink"
+html_head "Testing with upgraded library"
+html "</TABLE><BR>"
+OLDHOSTDIR="${HOSTDIR}"
+HOSTDIR="${HOSTDIR}/upgradedb"
+mkdir -p "${HOSTDIR}"
+init_directories
+if [ -r "${OLDHOSTDIR}/cert.log" ]; then
+DIRS="alicedir bobdir CA cert_extensions client clientCA dave eccurves eve ext_client ext_server fips SDR server serverCA stapling tools/copydir cert.log cert.done tests.*"
+for i in $DIRS
+do
+cp -r ${OLDHOSTDIR}/${i} ${HOSTDIR} #2> /dev/null
+done
+fi
+# upgrade certs dbs to shared db
+TESTS="dbupgrade"
+TESTS_SKIP=
+run_tests
+NSS_DEFAULT_DB_TYPE="sql"
+export NSS_DEFAULT_DB_TYPE
+# run the subset of tests with the upgraded database
+TESTS="${ALL_TESTS}"
+TESTS_SKIP="cipher libpkix cert dbtests sdr ocsp pkits chains"
+echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
+RET=$?
+NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/bypass//g" -e "s/fips//g" -e "s/_//g"`
+[ ${RET} -eq 0 ] && NSS_SSL_TESTS="${NSS_SSL_TESTS} bypass_bypass"
+NSS_SSL_RUN=`echo "${NSS_SSL_RUN}" | sed -e "s/cov//g" -e "s/auth//g"`
+run_tests
+}
+########################## run_cycle_shared_db #########################
+# run test suites with certificate databases set to shareable format
+########################################################################
+run_cycle_shared_db()
+{
+TEST_MODE=SHARED_DB
+TABLE_ARGS="bgcolor=yellow"
+html_head "Testing with shared library"
+html "</TABLE><BR>"
+HOSTDIR="${HOSTDIR}/sharedb"
+mkdir -p "${HOSTDIR}"
+init_directories
+NSS_DEFAULT_DB_TYPE="sql"
+export NSS_DEFAULT_DB_TYPE
+# run the tests for native sharedb support
+TESTS="${ALL_TESTS}"
+TESTS_SKIP="cipher libpkix dbupgrade sdr ocsp pkits"
+echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
+RET=$?
+NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/bypass//g" -e "s/fips//g" -e "s/_//g"`
+[ ${RET} -eq 0 ] && NSS_SSL_TESTS="${NSS_SSL_TESTS} bypass_bypass"
+NSS_SSL_RUN=`echo "${NSS_SSL_RUN}" | sed -e "s/cov//g" -e "s/auth//g"`
+run_tests
+}
+############################# run_cycles ###############################
+# run test cycles defined in CYCLES variable
+########################################################################
+run_cycles()
+{
+for CYCLE in ${CYCLES}
+do
+case "${CYCLE}" in
+"standard")
+run_cycle_standard
+;;
+"pkix")
+run_cycle_pkix
+;;
+"upgradedb")
+run_cycle_upgrade_db
+;;
+"sharedb")
+run_cycle_shared_db
+;;
+esac
+. ${ENV_BACKUP}
+done
+}
+############################## main code ###############################
+cycles="standard pkix upgradedb sharedb"
+CYCLES=${NSS_CYCLES:-$cycles}
+tests="cipher lowhash libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains"
+TESTS=${NSS_TESTS:-$tests}
+ALL_TESTS=${TESTS}
+nss_ssl_tests="crl bypass_normal normal_bypass fips_normal normal_fips iopr"
+NSS_SSL_TESTS="${NSS_SSL_TESTS:-$nss_ssl_tests}"
+nss_ssl_run="cov auth stapling stress"
+NSS_SSL_RUN="${NSS_SSL_RUN:-$nss_ssl_run}"
+SCRIPTNAME=all.sh
+CLEANUP="${SCRIPTNAME}"
+cd `dirname $0`
+# all.sh should be the first one to try to source the init
+if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
+cd common
+. ./init.sh
+fi
+# NOTE:
+# Since in make at the top level, modutil is the last file
+# created, we check for modutil to know whether the build
+# is complete. If a new file is created after that, the
+# following test for modutil should check for that instead.
+# Exception: when building softoken only, shlibsign is the
+# last file created.
+if [ ${NSS_BUILD_SOFTOKEN_ONLY} -eq "1" ]; then
+LAST_FILE_BUILT=shlibsign
+else
+LAST_FILE_BUILT=modutil
+fi
+if [ ! -f ${DIST}/${OBJDIR}/bin/${LAST_FILE_BUILT}${PROG_SUFFIX} ]; then
+echo "Build Incomplete. Aborting test." >> ${LOGFILE}
+html_head "Testing Initialization"
+Exit "Checking for build"
+fi
+# NOTE:
+# Lists of enabled tests and other settings are stored to ${ENV_BACKUP}
+# file and are are restored after every test cycle.
+ENV_BACKUP=${HOSTDIR}/env.sh
+env_backup > ${ENV_BACKUP}
+if [ "${O_CRON}" = "ON" ]; then
+run_cycles >> ${LOGFILE}
+else
+run_cycles | tee -a ${LOGFILE}
+fi
+SCRIPTNAME=all.sh
+. ${QADIR}/common/cleanup.sh

The Tor Browser / file comparison

comparison: security/nss/tests/all.sh

security/nss/tests/all.sh