1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/tests/all.sh Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,332 @@
1.4 +#!/bin/bash
1.5 +#
1.6 +# This Source Code Form is subject to the terms of the Mozilla Public
1.7 +# License, v. 2.0. If a copy of the MPL was not distributed with this
1.8 +# file, You can obtain one at http://mozilla.org/MPL/2.0/.
1.9 +
1.10 +########################################################################
1.11 +#
1.12 +# mozilla/security/nss/tests/all.sh
1.13 +#
1.14 +# Script to start selected available NSS QA suites on one machine
1.15 +# this script is called or sourced by NSS QA which runs on all required
1.16 +# platforms
1.17 +#
1.18 +# Needs to work on all Unix and Windows platforms
1.19 +#
1.20 +# Currently available NSS QA suites:
1.21 +# ----------------------------------
1.22 +# cipher.sh - tests NSS ciphers
1.23 +# libpkix.sh - tests PKIX functionality
1.24 +# cert.sh - exercises certutil and creates certs necessary for
1.25 +# all other tests
1.26 +# dbtests.sh - tests related to certificate databases
1.27 +# tools.sh - tests the majority of the NSS tools
1.28 +# fips.sh - tests basic functionallity of NSS in FIPS-compliant
1.29 +# - mode
1.30 +# sdr.sh - tests NSS SDR
1.31 +# crmf.sh - CRMF/CMMF testing
1.32 +# smime.sh - S/MIME testing
1.33 +# ssl.sh - tests SSL V2 SSL V3 and TLS
1.34 +# ocsp.sh - OCSP testing
1.35 +# merge.sh - tests merging old and new shareable databases
1.36 +# pkits.sh - NIST/PKITS tests
1.37 +# chains.sh - PKIX cert chains tests
1.38 +# dbupgrade.sh - upgrade databases to new shareable version (used
1.39 +# only in upgrade test cycle)
1.40 +# memleak.sh - memory leak testing (optional)
1.41 +#
1.42 +# NSS testing is now devided to 4 cycles:
1.43 +# ---------------------------------------
1.44 +# standard - run test suites with defaults settings
1.45 +# pkix - run test suites with PKIX enabled
1.46 +# upgradedb - upgrade existing certificate databases to shareable
1.47 +# format (creates them if doesn't exist yet) and run
1.48 +# test suites with those databases
1.49 +# sharedb - run test suites with shareable database format
1.50 +# enabled (databases are created directly to this
1.51 +# format)
1.52 +#
1.53 +# Mandatory environment variables (to be set before testing):
1.54 +# -----------------------------------------------------------
1.55 +# HOST - test machine host name
1.56 +# DOMSUF - test machine domain name
1.57 +#
1.58 +# Optional environment variables to specify build to use:
1.59 +# -------------------------------------------------------
1.60 +# BUILT_OPT - use optimized/debug build
1.61 +# USE_64 - use 64bit/32bit build
1.62 +#
1.63 +# Optional environment variables to enable specific NSS features:
1.64 +# ---------------------------------------------------------------
1.65 +# NSS_DISABLE_ECC - disable ECC
1.66 +# NSS_ECC_MORE_THAN_SUITE_B - enable extended ECC
1.67 +#
1.68 +# Optional environment variables to select which cycles/suites to test:
1.69 +# ---------------------------------------------------------------------
1.70 +# NSS_CYCLES - list of cycles to run (separated by space
1.71 +# character)
1.72 +# - by default all cycles are tested
1.73 +#
1.74 +# NSS_TESTS - list of all test suites to run (separated by space
1.75 +# character, without trailing .sh)
1.76 +# - this list can be reduced for individual test cycles
1.77 +#
1.78 +# NSS_SSL_TESTS - list of ssl tests to run (see ssl.sh)
1.79 +# NSS_SSL_RUN - list of ssl sub-tests to run (see ssl.sh)
1.80 +#
1.81 +# Testing schema:
1.82 +# ---------------
1.83 +# all.sh ~ (main)
1.84 +# | |
1.85 +# +------------+------------+-----------+ ~ run_cycles
1.86 +# | | | | |
1.87 +# standard pkix upgradedb sharedb ~ run_cycle_*
1.88 +# | |
1.89 +# +------+------+------+-----> ~ run_tests
1.90 +# | | | | |
1.91 +# cert tools fips ssl ... ~ . *.sh
1.92 +#
1.93 +# Special strings:
1.94 +# ----------------
1.95 +# FIXME ... known problems, search for this string
1.96 +# NOTE .... unexpected behavior
1.97 +#
1.98 +# NOTE:
1.99 +# -----
1.100 +# Unlike the old QA this is based on files sourcing each other
1.101 +# This is done to save time, since a great portion of time is lost
1.102 +# in calling and sourcing the same things multiple times over the
1.103 +# network. Also, this way all scripts have all shell function
1.104 +# available and a completely common environment
1.105 +#
1.106 +########################################################################
1.107 +
1.108 +############################## run_tests ###############################
1.109 +# run test suites defined in TESTS variable, skip scripts defined in
1.110 +# TESTS_SKIP variable
1.111 +########################################################################
1.112 +run_tests()
1.113 +{
1.114 + for TEST in ${TESTS}
1.115 + do
1.116 + echo "${TESTS_SKIP}" | grep "${TEST}" > /dev/null
1.117 + if [ $? -eq 0 ]; then
1.118 + continue
1.119 + fi
1.120 +
1.121 + SCRIPTNAME=${TEST}.sh
1.122 + echo "Running tests for ${TEST}"
1.123 + echo "TIMESTAMP ${TEST} BEGIN: `date`"
1.124 + (cd ${QADIR}/${TEST}; . ./${SCRIPTNAME} 2>&1)
1.125 + echo "TIMESTAMP ${TEST} END: `date`"
1.126 + done
1.127 +}
1.128 +
1.129 +########################## run_cycle_standard ##########################
1.130 +# run test suites with defaults settings (no PKIX, no sharedb)
1.131 +########################################################################
1.132 +run_cycle_standard()
1.133 +{
1.134 + TEST_MODE=STANDARD
1.135 +
1.136 + TESTS="${ALL_TESTS}"
1.137 + TESTS_SKIP=
1.138 +
1.139 + run_tests
1.140 +}
1.141 +
1.142 +############################ run_cycle_pkix ############################
1.143 +# run test suites with PKIX enabled
1.144 +########################################################################
1.145 +run_cycle_pkix()
1.146 +{
1.147 + TEST_MODE=PKIX
1.148 +
1.149 + TABLE_ARGS="bgcolor=cyan"
1.150 + html_head "Testing with PKIX"
1.151 + html "</TABLE><BR>"
1.152 +
1.153 + HOSTDIR="${HOSTDIR}/pkix"
1.154 + mkdir -p "${HOSTDIR}"
1.155 + init_directories
1.156 +
1.157 + NSS_ENABLE_PKIX_VERIFY="1"
1.158 + export NSS_ENABLE_PKIX_VERIFY
1.159 +
1.160 + TESTS="${ALL_TESTS}"
1.161 + TESTS_SKIP="cipher dbtests sdr crmf smime merge multinit"
1.162 +
1.163 + echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
1.164 + RET=$?
1.165 + NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/bypass//g" -e "s/fips//g" -e "s/_//g"`
1.166 + [ ${RET} -eq 0 ] && NSS_SSL_TESTS="${NSS_SSL_TESTS} bypass_bypass"
1.167 +
1.168 + run_tests
1.169 +}
1.170 +
1.171 +######################### run_cycle_upgrade_db #########################
1.172 +# upgrades certificate database to shareable format and run test suites
1.173 +# with those databases
1.174 +########################################################################
1.175 +run_cycle_upgrade_db()
1.176 +{
1.177 + TEST_MODE=UPGRADE_DB
1.178 +
1.179 + TABLE_ARGS="bgcolor=pink"
1.180 + html_head "Testing with upgraded library"
1.181 + html "</TABLE><BR>"
1.182 +
1.183 + OLDHOSTDIR="${HOSTDIR}"
1.184 + HOSTDIR="${HOSTDIR}/upgradedb"
1.185 + mkdir -p "${HOSTDIR}"
1.186 + init_directories
1.187 +
1.188 + if [ -r "${OLDHOSTDIR}/cert.log" ]; then
1.189 + DIRS="alicedir bobdir CA cert_extensions client clientCA dave eccurves eve ext_client ext_server fips SDR server serverCA stapling tools/copydir cert.log cert.done tests.*"
1.190 + for i in $DIRS
1.191 + do
1.192 + cp -r ${OLDHOSTDIR}/${i} ${HOSTDIR} #2> /dev/null
1.193 + done
1.194 + fi
1.195 +
1.196 + # upgrade certs dbs to shared db
1.197 + TESTS="dbupgrade"
1.198 + TESTS_SKIP=
1.199 +
1.200 + run_tests
1.201 +
1.202 + NSS_DEFAULT_DB_TYPE="sql"
1.203 + export NSS_DEFAULT_DB_TYPE
1.204 +
1.205 + # run the subset of tests with the upgraded database
1.206 + TESTS="${ALL_TESTS}"
1.207 + TESTS_SKIP="cipher libpkix cert dbtests sdr ocsp pkits chains"
1.208 +
1.209 + echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
1.210 + RET=$?
1.211 + NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/bypass//g" -e "s/fips//g" -e "s/_//g"`
1.212 + [ ${RET} -eq 0 ] && NSS_SSL_TESTS="${NSS_SSL_TESTS} bypass_bypass"
1.213 + NSS_SSL_RUN=`echo "${NSS_SSL_RUN}" | sed -e "s/cov//g" -e "s/auth//g"`
1.214 +
1.215 + run_tests
1.216 +}
1.217 +
1.218 +########################## run_cycle_shared_db #########################
1.219 +# run test suites with certificate databases set to shareable format
1.220 +########################################################################
1.221 +run_cycle_shared_db()
1.222 +{
1.223 + TEST_MODE=SHARED_DB
1.224 +
1.225 + TABLE_ARGS="bgcolor=yellow"
1.226 + html_head "Testing with shared library"
1.227 + html "</TABLE><BR>"
1.228 +
1.229 + HOSTDIR="${HOSTDIR}/sharedb"
1.230 + mkdir -p "${HOSTDIR}"
1.231 + init_directories
1.232 +
1.233 + NSS_DEFAULT_DB_TYPE="sql"
1.234 + export NSS_DEFAULT_DB_TYPE
1.235 +
1.236 + # run the tests for native sharedb support
1.237 + TESTS="${ALL_TESTS}"
1.238 + TESTS_SKIP="cipher libpkix dbupgrade sdr ocsp pkits"
1.239 +
1.240 + echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
1.241 + RET=$?
1.242 + NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/bypass//g" -e "s/fips//g" -e "s/_//g"`
1.243 + [ ${RET} -eq 0 ] && NSS_SSL_TESTS="${NSS_SSL_TESTS} bypass_bypass"
1.244 + NSS_SSL_RUN=`echo "${NSS_SSL_RUN}" | sed -e "s/cov//g" -e "s/auth//g"`
1.245 +
1.246 + run_tests
1.247 +}
1.248 +
1.249 +############################# run_cycles ###############################
1.250 +# run test cycles defined in CYCLES variable
1.251 +########################################################################
1.252 +run_cycles()
1.253 +{
1.254 + for CYCLE in ${CYCLES}
1.255 + do
1.256 + case "${CYCLE}" in
1.257 + "standard")
1.258 + run_cycle_standard
1.259 + ;;
1.260 + "pkix")
1.261 + run_cycle_pkix
1.262 + ;;
1.263 + "upgradedb")
1.264 + run_cycle_upgrade_db
1.265 + ;;
1.266 + "sharedb")
1.267 + run_cycle_shared_db
1.268 + ;;
1.269 + esac
1.270 + . ${ENV_BACKUP}
1.271 + done
1.272 +}
1.273 +
1.274 +############################## main code ###############################
1.275 +
1.276 +cycles="standard pkix upgradedb sharedb"
1.277 +CYCLES=${NSS_CYCLES:-$cycles}
1.278 +
1.279 +tests="cipher lowhash libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains"
1.280 +TESTS=${NSS_TESTS:-$tests}
1.281 +
1.282 +ALL_TESTS=${TESTS}
1.283 +
1.284 +nss_ssl_tests="crl bypass_normal normal_bypass fips_normal normal_fips iopr"
1.285 +NSS_SSL_TESTS="${NSS_SSL_TESTS:-$nss_ssl_tests}"
1.286 +
1.287 +nss_ssl_run="cov auth stapling stress"
1.288 +NSS_SSL_RUN="${NSS_SSL_RUN:-$nss_ssl_run}"
1.289 +
1.290 +SCRIPTNAME=all.sh
1.291 +CLEANUP="${SCRIPTNAME}"
1.292 +cd `dirname $0`
1.293 +
1.294 +# all.sh should be the first one to try to source the init
1.295 +if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
1.296 + cd common
1.297 + . ./init.sh
1.298 +fi
1.299 +
1.300 +# NOTE:
1.301 +# Since in make at the top level, modutil is the last file
1.302 +# created, we check for modutil to know whether the build
1.303 +# is complete. If a new file is created after that, the
1.304 +# following test for modutil should check for that instead.
1.305 +# Exception: when building softoken only, shlibsign is the
1.306 +# last file created.
1.307 +if [ ${NSS_BUILD_SOFTOKEN_ONLY} -eq "1" ]; then
1.308 + LAST_FILE_BUILT=shlibsign
1.309 +else
1.310 + LAST_FILE_BUILT=modutil
1.311 +fi
1.312 +
1.313 +if [ ! -f ${DIST}/${OBJDIR}/bin/${LAST_FILE_BUILT}${PROG_SUFFIX} ]; then
1.314 + echo "Build Incomplete. Aborting test." >> ${LOGFILE}
1.315 + html_head "Testing Initialization"
1.316 + Exit "Checking for build"
1.317 +fi
1.318 +
1.319 +# NOTE:
1.320 +# Lists of enabled tests and other settings are stored to ${ENV_BACKUP}
1.321 +# file and are are restored after every test cycle.
1.322 +
1.323 +ENV_BACKUP=${HOSTDIR}/env.sh
1.324 +env_backup > ${ENV_BACKUP}
1.325 +
1.326 +if [ "${O_CRON}" = "ON" ]; then
1.327 + run_cycles >> ${LOGFILE}
1.328 +else
1.329 + run_cycles | tee -a ${LOGFILE}
1.330 +fi
1.331 +
1.332 +SCRIPTNAME=all.sh
1.333 +
1.334 +. ${QADIR}/common/cleanup.sh
1.335 +
