1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/tests/run_niscc.sh Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,982 @@
1.4 +#!/bin/bash
1.5 +#
1.6 +# This Source Code Form is subject to the terms of the Mozilla Public
1.7 +# License, v. 2.0. If a copy of the MPL was not distributed with this
1.8 +# file, You can obtain one at http://mozilla.org/MPL/2.0/.
1.9 +
1.10 +#
1.11 +# PRIOR TO RUNNING THIS SCRIPT
1.12 +# you should adjust MAIL_COMMAND and QA_LIST
1.13 +#
1.14 +# External dependencies:
1.15 +# - install the NISCC test files, e.g. at /niscc (readonly OK)
1.16 +# - libfaketimeMT because the test certificates have expired
1.17 +# - build environment for building NSS
1.18 +# - gdb to analyze core files
1.19 +# - a command line mail tool (e.g. mailx)
1.20 +# - openssl to combine input PEM files into pkcs#12
1.21 +# - curl for obtaining version information from the web
1.22 +#
1.23 +
1.24 +################################################################################
1.25 +# Print script usage
1.26 +################################################################################
1.27 +usage()
1.28 +{
1.29 + cat << EOF
1.30 +Usage: $0 [options]
1.31 +
1.32 +Test NSS library against NISCC SMIME and TLS testcases.
1.33 +
1.34 +Options:
1.35 + -h, --help print this help message and exit
1.36 + -v, --verbose enable extra verbose output
1.37 + --niscc-home DIR use NISCC testcases from directory DIR (default /niscc)
1.38 + --host HOST use host HOST (default '127.0.0.1')
1.39 + --threads X set thread number to X (max. 10, default 10)
1.40 + --out DIR set DIR as output directory (default '/out')
1.41 + --mail ADDRESS send mail with test result to ADDRESS
1.42 + --nss DIR set NSS directory to DIR (default '~/niscc-hg/nss')
1.43 + --nss-hack DIR set hacked NSS directory to DIR (default '~/niscc-hg/nss_hack')
1.44 + --log-store store all the logs (only summary by default)
1.45 + --no-build-test don't pull and build tested NSS
1.46 + --no-build-hack don't pull and build hacked NSS
1.47 + --test-system test system installed NSS
1.48 + --date DATE use DATE in log archive name and outgoing email
1.49 + --libfaketime path.so use faketime library with LD_PRELOAD=path.so
1.50 + --smallset test only a very small subset
1.51 +
1.52 +All options are optional.
1.53 +All options (and possibly more) can be also set through environment variables.
1.54 +Commandline options have higher priority than environment variables.
1.55 +For more information please refer to the source code of this script.
1.56 +
1.57 +For a successfull run the script NEEDS the core file pattern to be 'core.*',
1.58 +e.g. 'core.%t'. You can check the current pattern in
1.59 +'/proc/sys/kernel/core_pattern'. Otherwise the test will be unable to detect
1.60 +any failures and will pass every time.
1.61 +
1.62 +It is recommended to use hacked and tested binaries in a location, where their
1.63 +absolute path is max. 80 characters. If their path is longer and a core file is
1.64 +generated, its properties may be incomplete.
1.65 +
1.66 +Return value of the script indicates how many failures it experienced.
1.67 +
1.68 +EOF
1.69 + exit $1
1.70 +}
1.71 +
1.72 +################################################################################
1.73 +# Process command-line arguments
1.74 +################################################################################
1.75 +process_args()
1.76 +{
1.77 + HELP="false"
1.78 + args=`getopt -u -l "niscc-home:,host:,threads:,out:,verbose,mail:,nss:,nss-hack:,log-store,no-build-test,no-build-hack,help,test-system,date:,libfaketime:,smallset" -- "hv" $*`
1.79 + [ "$?" != "0" ] && usage 1
1.80 + set -- $args
1.81 + for i; do
1.82 + case "$i" in
1.83 + -v|--verbose)
1.84 + shift
1.85 + VERBOSE="-v"
1.86 + ;;
1.87 + --niscc-home)
1.88 + shift
1.89 + NISCC_HOME="$1"
1.90 + shift
1.91 + ;;
1.92 + --host)
1.93 + shift
1.94 + HOST="$1"
1.95 + shift
1.96 + ;;
1.97 + --threads)
1.98 + shift
1.99 + THREADS="$1"
1.100 + shift
1.101 + ;;
1.102 + --out)
1.103 + shift
1.104 + TEST_OUTPUT="$1"
1.105 + shift
1.106 + ;;
1.107 + --mail)
1.108 + shift
1.109 + USE_MAIL="true"
1.110 + QA_LIST="$1"
1.111 + shift
1.112 + ;;
1.113 + --nss)
1.114 + shift
1.115 + LOCALDIST="$1"
1.116 + shift
1.117 + ;;
1.118 + --nss-hack)
1.119 + shift
1.120 + NSS_HACK="$1"
1.121 + shift
1.122 + ;;
1.123 + --log-store)
1.124 + shift
1.125 + LOG_STORE="true"
1.126 + ;;
1.127 + --no-build-test)
1.128 + shift
1.129 + NO_BUILD_TEST="true"
1.130 + ;;
1.131 + --no-build-hack)
1.132 + shift
1.133 + NO_BUILD_HACK="true"
1.134 + ;;
1.135 + -h|--help)
1.136 + shift
1.137 + HELP="true"
1.138 + ;;
1.139 + --test-system)
1.140 + shift
1.141 + TEST_SYSTEM="true"
1.142 + ;;
1.143 + --date)
1.144 + shift
1.145 + DATE="$1"
1.146 + shift
1.147 + ;;
1.148 + --libfaketime)
1.149 + shift
1.150 + FAKETIMELIB="$1"
1.151 + shift
1.152 + ;;
1.153 + --smallset)
1.154 + shift
1.155 + SMALLSET="true"
1.156 + ;;
1.157 + --)
1.158 + ;;
1.159 + *)
1.160 + ;;
1.161 + esac
1.162 + done
1.163 + [ $HELP = "true" ] && usage 0
1.164 +}
1.165 +
1.166 +################################################################################
1.167 +# Create and set needed and useful environment variables
1.168 +################################################################################
1.169 +create_environment()
1.170 +{
1.171 + # Base location of NISCC testcases
1.172 + export NISCC_HOME=${NISCC_HOME:-/niscc}
1.173 +
1.174 + # Base location of NSS
1.175 + export HG=${HG:-"$HOME/niscc-hg"}
1.176 +
1.177 + # NSS being tested
1.178 + export LOCALDIST=${LOCALDIST:-"${HG}/nss"}
1.179 +
1.180 + # Hacked NSS - built with "NISCC_TEST=1"
1.181 + export NSS_HACK=${NSS_HACK:-"${HG}/nss_hack"}
1.182 +
1.183 + # Hostname of the testmachine
1.184 + export HOST=${HOST:-127.0.0.1}
1.185 +
1.186 + # Whether to store logfiles
1.187 + export LOG_STORE=${LOG_STORE:-"false"}
1.188 +
1.189 + # Whether to mail the summary
1.190 + export USE_MAIL=${USE_MAIL:-"false"}
1.191 +
1.192 + # How to mail summary
1.193 + export MAIL_COMMAND=${MAIL_COMMAND:-"mailx -S smtp=smtp://your.smtp.server:25 -r your+niscc@email.address"}
1.194 +
1.195 + # List of mail addresses where to send summary
1.196 + export QA_LIST=${QA_LIST:-"result@recipient.address"}
1.197 +
1.198 + # Whether to use 64b build
1.199 + export USE_64=${USE_64:-1}
1.200 +
1.201 + # Directory where to write all the output data (around 650MiB for each run)
1.202 + export TEST_OUTPUT=${TEST_OUTPUT:-"$HOME/out"}
1.203 +
1.204 + # How many threads to use in selfserv and strsclnt (max. 10)
1.205 + export THREADS=${THREADS:-10}
1.206 +
1.207 + # If true, do not build tthe tested version of NSS
1.208 + export NO_BUILD_TEST=${NO_BUILD_TEST:-"false"}
1.209 +
1.210 + # If true, do not build the special NSS version for NISCC
1.211 + export NO_BUILD_HACK=${NO_BUILD_HACK:-"false"}
1.212 +
1.213 + # If true, do not rebuild client and server directories
1.214 + export NO_SETUP=${NO_SETUP:-"false"}
1.215 +
1.216 + # Location of NISCC SSL/TLS testcases
1.217 + export TEST=${TEST:-"${NISCC_HOME}/NISCC_SSL_testcases"}
1.218 +
1.219 + # If true, then be extra verbose
1.220 + export VERBOSE=${VERBOSE:-""}
1.221 +
1.222 + # If true, test the system installed NSS
1.223 + export TEST_SYSTEM=${TEST_SYSTEM:-"false"}
1.224 + [ "$TEST_SYSTEM" = "true" ] && export NO_BUILD_TEST="true"
1.225 +
1.226 + [ ! -z "$VERBOSE" ] && set -xv
1.227 +
1.228 + # Real date for naming of archives (system date must be 2002-11-18 .. 2007-11-18 due to certificate validity
1.229 + DATE=${DATE:-`date`}
1.230 + export DATE=`date -d "$DATE" +%Y%m%d`
1.231 +
1.232 + FAKETIMELIB=${FAKETIMELIB:-""}
1.233 + export DATE=`date -d "$DATE" +%Y%m%d`
1.234 +
1.235 + # Whether to test only a very small subset
1.236 + export SMALLSET=${SMALLSET:-"false"}
1.237 +
1.238 + # Create output dir if it doesn't exist
1.239 + mkdir -p ${TEST_OUTPUT}
1.240 +}
1.241 +
1.242 +################################################################################
1.243 +# Do a HG pull of NSS
1.244 +################################################################################
1.245 +hg_pull()
1.246 +{
1.247 + # Tested NSS - by default using HG default tip
1.248 + if [ "$NO_BUILD_TEST" = "false" ]; then
1.249 + echo "cloning NSS sources to be tested from HG"
1.250 + [ ! -d "$LOCALDIST" ] && mkdir -p "$LOCALDIST"
1.251 + cd "$LOCALDIST"
1.252 + [ ! -d "$LOCALDIST/nspr" ] && hg clone --noupdate https://hg.mozilla.org/projects/nspr
1.253 + cd nspr; hg pull; hg update -C -r default; cd ..
1.254 + [ ! -d "$LOCALDIST/nss" ] && hg clone --noupdate https://hg.mozilla.org/projects/nss
1.255 + cd nss; hg pull; hg update -C -r default; cd ..
1.256 + #find . -exec touch {} \;
1.257 + fi
1.258 +
1.259 + # Hacked NSS - by default using some RTM version.
1.260 + # Do not use HEAD for hacked NSS - it needs to be stable and bug-free
1.261 + if [ "$NO_BUILD_HACK" = "false" ]; then
1.262 + echo "cloning NSS sources for a hacked build from HG"
1.263 + [ ! -d "$NSS_HACK" ] && mkdir -p "$NSS_HACK"
1.264 + cd "$NSS_HACK"
1.265 + NSPR_TAG=`curl --silent http://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/nsprpub/TAG-INFO | head -1 | sed --regexp-extended 's/[[:space:]]//g' | awk '{print $1}'`
1.266 + NSS_TAG=`curl --silent http://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/security/nss/TAG-INFO | head -1 | sed --regexp-extended 's/[[:space:]]//g' | awk '{print $1}'`
1.267 + [ ! -d "$NSS_HACK/nspr" ] && hg clone --noupdate https://hg.mozilla.org/projects/nspr
1.268 + cd nspr; hg pull; hg update -C -r "$NSPR_TAG"; cd ..
1.269 + [ ! -d "$NSS_HACK/nss" ] && hg clone --noupdate https://hg.mozilla.org/projects/nss
1.270 + cd nss; hg pull; hg update -C -r "$NSS_TAG"; cd ..
1.271 + #find . -exec touch {} \;
1.272 + fi
1.273 +}
1.274 +
1.275 +################################################################################
1.276 +# Build NSS after setting make variable NISCC_TEST
1.277 +################################################################################
1.278 +build_NSS()
1.279 +{
1.280 + # Tested NSS
1.281 + if [ "$NO_BUILD_TEST" = "false" ]; then
1.282 + echo "building NSS to be tested"
1.283 + cd "$LOCALDIST"
1.284 + unset NISCC_TEST
1.285 + cd nss
1.286 + gmake nss_clean_all &>> $TEST_OUTPUT/nisccBuildLog
1.287 + gmake nss_build_all &>> $TEST_OUTPUT/nisccBuildLog
1.288 + fi
1.289 +
1.290 + # Hacked NSS
1.291 + if [ "$NO_BUILD_HACK" = "false" ]; then
1.292 + echo "building hacked NSS"
1.293 + cd "$NSS_HACK"
1.294 + export NISCC_TEST=1
1.295 + cd nss
1.296 + gmake nss_clean_all &>> $TEST_OUTPUT/nisccBuildLogHack
1.297 + gmake nss_build_all &>> $TEST_OUTPUT/nisccBuildLogHack
1.298 + fi
1.299 +
1.300 + unset NISCC_TEST
1.301 +}
1.302 +
1.303 +################################################################################
1.304 +# Set build dir, bin and lib directories
1.305 +################################################################################
1.306 +init()
1.307 +{
1.308 + # Enable useful core files to be generated in case of crash
1.309 + ulimit -c unlimited
1.310 +
1.311 + # Pattern of core files, they should be created in current directory
1.312 + echo "core_pattern $(cat /proc/sys/kernel/core_pattern)" > "$TEST_OUTPUT/nisccLog00"
1.313 +
1.314 + # gmake is needed in the path for this suite to run
1.315 + echo "PATH $PATH" >> "$TEST_OUTPUT/nisccLog00"
1.316 +
1.317 + # Find out hacked NSS version
1.318 + DISTTYPE=`cd "$NSS_HACK/nss/tests/common"; gmake objdir_name`
1.319 + echo "NSS_HACK DISTTYPE $DISTTYPE" >> "$TEST_OUTPUT/nisccLog00"
1.320 + export HACKBIN="$NSS_HACK/dist/$DISTTYPE/bin"
1.321 + export HACKLIB="$NSS_HACK/dist/$DISTTYPE/lib"
1.322 +
1.323 + if [ "$TEST_SYSTEM" = "false" ]; then
1.324 + # Find out nss version
1.325 + DISTTYPE=`cd "$LOCALDIST/nss/tests/common"; gmake objdir_name`
1.326 + echo "NSS DISTTYPE $DISTTYPE" >> "$TEST_OUTPUT/nisccLog00"
1.327 + export TESTBIN="$LOCALDIST/dist/$DISTTYPE/bin"
1.328 + export TESTLIB="$LOCALDIST/dist/$DISTTYPE/lib"
1.329 + export TESTTOOLS="$TESTBIN"
1.330 + else
1.331 + # Using system installed NSS
1.332 + echo "USING SYSTEM NSS" >> "$TEST_OUTPUT/nisccLog00"
1.333 + export TESTBIN="/usr/bin"
1.334 + if [ `uname -m` = "x86_64" ]; then
1.335 + export TESTLIB="/usr/lib64"
1.336 + export TESTTOOLS="/usr/lib64/nss/unsupported-tools"
1.337 + else
1.338 + export TESTLIB="/usr/lib"
1.339 + export TESTTOOLS="/usr/lib/nss/unsupported-tools"
1.340 + fi
1.341 + fi
1.342 +
1.343 + # Verify NISCC_TEST was set in the proper library
1.344 + if strings "$HACKLIB/libssl3.so" | grep NISCC_TEST > /dev/null 2>&1; then
1.345 + echo "$HACKLIB/libssl3.so contains NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
1.346 + else
1.347 + echo "$HACKLIB/libssl3.so does NOT contain NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
1.348 + fi
1.349 +
1.350 + if strings "$TESTLIB/libssl3.so" | grep NISCC_TEST > /dev/null 2>&1; then
1.351 + echo "$TESTLIB/libssl3.so contains NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
1.352 + else
1.353 + echo "$TESTLIB/libssl3.so does NOT contain NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
1.354 + fi
1.355 +}
1.356 +
1.357 +################################################################################
1.358 +# Setup simple client and server directory
1.359 +################################################################################
1.360 +ssl_setup_dirs_simple()
1.361 +{
1.362 + [ "$NO_SETUP" = "true" ] && return
1.363 +
1.364 + echo "Setting up working directories for SSL simple tests"
1.365 +
1.366 + CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
1.367 + SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
1.368 +
1.369 + # Generate .p12 files
1.370 + openssl pkcs12 -export -inkey "$TEST/client_key.pem" -in "$TEST/client_crt.pem" -out "$TEST_OUTPUT/client_crt.p12" -passout pass:testtest1 -name "client_crt"
1.371 + openssl pkcs12 -export -inkey "$TEST/server_key.pem" -in "$TEST/server_crt.pem" -out "$TEST_OUTPUT/server_crt.p12" -passout pass:testtest1 -name "server_crt"
1.372 +
1.373 + # Setup simple client directory
1.374 + rm -rf "$CLIENT"
1.375 + mkdir -p "$CLIENT"
1.376 + echo test > "$CLIENT/password-is-test.txt"
1.377 + export LD_LIBRARY_PATH="$TESTLIB"
1.378 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.379 + "${TESTBIN}/certutil" -N -d "$CLIENT" -f "$CLIENT/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.380 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.381 + "${TESTBIN}/certutil" -A -d "$CLIENT" -n rootca -i "$TEST/rootca.crt" -t "C,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.382 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.383 + "${TESTBIN}/pk12util" -i "$TEST_OUTPUT/client_crt.p12" -d "$CLIENT" -k "$CLIENT/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.384 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.385 + "${TESTBIN}/certutil" -L -d "$CLIENT" >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.386 +
1.387 + # File containg message used for terminating the server
1.388 + echo "GET /stop HTTP/1.0" > "$CLIENT/stop.txt"
1.389 + echo "" >> "$CLIENT/stop.txt"
1.390 +
1.391 + # Setup simple server directory
1.392 + rm -rf "$SERVER"
1.393 + mkdir -p "$SERVER"
1.394 + echo test > "$SERVER/password-is-test.txt"
1.395 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.396 + "${TESTBIN}/certutil" -N -d "$SERVER" -f "$SERVER/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.397 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.398 + "${TESTBIN}/certutil" -A -d "$SERVER" -n rootca -i "$TEST/rootca.crt" -t "TC,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.399 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.400 + "${TESTBIN}/pk12util" -i "$TEST_OUTPUT/server_crt.p12" -d "$SERVER" -k "$SERVER/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.401 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.402 + "${TESTBIN}/certutil" -L -d "$SERVER" >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.403 +
1.404 + unset LD_LIBRARY_PATH
1.405 +}
1.406 +
1.407 +################################################################################
1.408 +# Setup resigned client and server directory
1.409 +################################################################################
1.410 +ssl_setup_dirs_resigned()
1.411 +{
1.412 + [ "$NO_SETUP" = "true" ] && return
1.413 +
1.414 + echo "Setting up working directories for SSL resigned tests"
1.415 +
1.416 + CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
1.417 + SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
1.418 +
1.419 + # Setup resigned client directory
1.420 + rm -rf "$CLIENT"
1.421 + mkdir -p "$CLIENT"
1.422 + echo test > "$CLIENT/password-is-test.txt"
1.423 + export LD_LIBRARY_PATH="$TESTLIB"
1.424 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.425 + "${TESTBIN}/certutil" -N -d "$CLIENT" -f "$CLIENT/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.426 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.427 + "${TESTBIN}/certutil" -A -d "$CLIENT" -n rootca -i "$TEST/rootca.crt" -t "C,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.428 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.429 + "${TESTBIN}/pk12util" -i "$TEST_OUTPUT/client_crt.p12" -d "$CLIENT" -k "$CLIENT/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.430 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.431 + "${TESTBIN}/certutil" -L -d "$CLIENT" >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.432 +
1.433 + echo "GET /stop HTTP/1.0" > "$CLIENT/stop.txt"
1.434 + echo "" >> "$CLIENT/stop.txt"
1.435 +
1.436 + # Setup resigned server directory
1.437 + rm -rf "$SERVER"
1.438 + mkdir -p "$SERVER"
1.439 + echo test > "$SERVER/password-is-test.txt"
1.440 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.441 + "${TESTBIN}/certutil" -N -d "$SERVER" -f "$SERVER/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.442 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.443 + "${TESTBIN}/certutil" -A -d "$SERVER" -n rootca -i "$TEST/rootca.crt" -t "TC,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.444 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.445 + "${TESTBIN}/pk12util" -i "$TEST_OUTPUT/server_crt.p12" -d "$SERVER" -k "$SERVER/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.446 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.447 + "${TESTBIN}/certutil" -L -d "$SERVER" >> "$TEST_OUTPUT/nisccLog00" 2>&1
1.448 +
1.449 + unset LD_LIBRARY_PATH
1.450 +}
1.451 +
1.452 +################################################################################
1.453 +# NISCC SMIME tests
1.454 +################################################################################
1.455 +niscc_smime()
1.456 +{
1.457 + cd "$TEST_OUTPUT"
1.458 + DATA="$NISCC_HOME/NISCC_SMIME_testcases"
1.459 +
1.460 + [ ! -d niscc_smime ] && mkdir -p niscc_smime
1.461 +
1.462 + export SMIME_CERT_DB_DIR=envDB
1.463 + export NSS_STRICT_SHUTDOWN=1
1.464 + export NSS_DISABLE_ARENA_FREE_LIST=1
1.465 + export LD_LIBRARY_PATH="$TESTLIB"
1.466 +
1.467 + # Generate .p12 files
1.468 + openssl pkcs12 -export -inkey "$DATA/Client.key" -in "$DATA/Client.crt" -out Client.p12 -passout pass:testtest1 &>/dev/null
1.469 + openssl pkcs12 -export -inkey "$DATA/CA.key" -in "$DATA/CA.crt" -out CA.p12 -passout pass:testtest1 &>/dev/null
1.470 +
1.471 + # Generate envDB if needed
1.472 + if [ ! -d "$SMIME_CERT_DB_DIR" ]; then
1.473 + mkdir -p "$SMIME_CERT_DB_DIR"
1.474 + echo testtest1 > password-is-testtest1.txt
1.475 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.476 + "${TESTBIN}/certutil" -N -d "./$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt > /dev/null 2>&1
1.477 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.478 + "${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt -i "$DATA/CA.crt" -n CA -t "TC,C,"
1.479 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.480 + "${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt -i "$DATA/Client.crt" -n Client -t "TC,C,"
1.481 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.482 + "${TESTBIN}/pk12util" -i ./CA.p12 -d "$SMIME_CERT_DB_DIR" -k password-is-testtest1.txt -W testtest1
1.483 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.484 + "${TESTBIN}/pk12util" -i ./Client.p12 -d "$SMIME_CERT_DB_DIR" -k password-is-testtest1.txt -W testtest1
1.485 + fi
1.486 +
1.487 + # if p7m-ed-m-files.txt does not exist, then generate it.
1.488 + [ -f "$DATA/p7m-ed-m-files.txt" ] && sed "s|^|$DATA/|" "$DATA/p7m-ed-m-files.txt" > p7m-ed-m-files.txt
1.489 + export P7M_ED_M_FILES=p7m-ed-m-files.txt
1.490 + if [ "$SMALLSET" = "true" ]; then
1.491 + [ ! -f "$P7M_ED_M_FILES" ] && find "$DATA"/p7m-ed-m-0* -type f -print | head -10 >> "$P7M_ED_M_FILES"
1.492 + else
1.493 + [ ! -f "$P7M_ED_M_FILES" ] && find "$DATA"/p7m-ed-m-0* -type f -print >> "$P7M_ED_M_FILES"
1.494 + fi
1.495 +
1.496 + # Test "p7m-ed-m*" testcases
1.497 + echo "Testing SMIME enveloped data testcases"
1.498 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.499 + "${TESTBIN}/cmsutil" $VERBOSE -D -d "$SMIME_CERT_DB_DIR" -p testtest1 -b -i "$P7M_ED_M_FILES" > niscc_smime/p7m-ed-m-results.txt 2>&1
1.500 +
1.501 + export SMIME_CERT_DB_DIR=sigDB
1.502 + # Generate sigDB if needed
1.503 + if [ ! -d "$SMIME_CERT_DB_DIR" ]; then
1.504 + mkdir -p "$SMIME_CERT_DB_DIR"
1.505 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.506 + "${TESTBIN}/certutil" -N -d "$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt
1.507 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.508 + "${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -i "$DATA/CA.crt" -n CA -t "TC,C,"
1.509 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.510 + "${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -i "$DATA/Client.crt" -n Client -t "TC,C,"
1.511 + fi
1.512 +
1.513 + # if p7m-sd-dt-files.txt does not exist, then generate it.
1.514 + [ -f "$DATA/p7m-sd-dt-files.txt" ] && sed "s|^|$DATA/|" "$DATA/p7m-sd-dt-files.txt" > p7m-sd-dt-files.txt
1.515 + export P7M_SD_DT_FILES=p7m-sd-dt-files.txt
1.516 + if [ "$SMALLSET" = "true" ]; then
1.517 + [ ! -f "$P7M_SD_DT_FILES" ] && find "$DATA"/p7m-sd-dt-[cm]-* -type f -print | head -10 >> "$P7M_SD_DT_FILES"
1.518 + else
1.519 + [ ! -f "$P7M_SD_DT_FILES" ] && find "$DATA"/p7m-sd-dt-[cm]-* -type f -print >> "$P7M_SD_DT_FILES"
1.520 + fi
1.521 +
1.522 + [ ! -f detached.txt ] && touch detached.txt
1.523 +
1.524 + # Test "p7m-sd-dt*" testcases
1.525 + echo "Testing SMIME detached signed data testcases"
1.526 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.527 + "${TESTBIN}/cmsutil" $VERBOSE -D -d "$SMIME_CERT_DB_DIR" -c detached.txt -b -i "$P7M_SD_DT_FILES" > niscc_smime/p7m-sd-dt-results.txt 2>&1
1.528 +
1.529 + # if p7m-sd-op-files.txt does not exist, then generate it.
1.530 + [ -f "$DATA/p7m-sd-op-files.txt" ] && sed "s|^|$DATA/|" "$DATA/p7m-sd-op-files.txt" > p7m-sd-op-files.txt
1.531 + export P7M_SD_OP_FILES=p7m-sd-op-files.txt
1.532 + if [ "$SMALLSET" = "true" ]; then
1.533 + [ ! -f "$P7M_SD_OP_FILES" ] && find "$DATA"/p7m-sd-op-[cm]-* -type f -print | head -10 >> "$P7M_SD_OP_FILES"
1.534 + else
1.535 + [ ! -f "$P7M_SD_OP_FILES" ] && find "$DATA"/p7m-sd-op-[cm]-* -type f -print >> "$P7M_SD_OP_FILES"
1.536 + fi
1.537 +
1.538 + # Test "p7m-sd-op*" testcases
1.539 + echo "Testing SMIME opaque signed data testcases"
1.540 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.541 + "${TESTBIN}/cmsutil" $VERBOSE -D -d "$SMIME_CERT_DB_DIR" -b -i "$P7M_SD_OP_FILES" > niscc_smime/p7m-sd-op-results.txt 2>&1
1.542 +
1.543 + unset LD_LIBRARY_PATH
1.544 +}
1.545 +
1.546 +################################################################################
1.547 +# Set env variables for NISCC SSL tests
1.548 +################################################################################
1.549 +niscc_ssl_init()
1.550 +{
1.551 + export NSS_STRICT_SHUTDOWN=1
1.552 + export NSS_DISABLE_ARENA_FREE_LIST=1
1.553 + cd "$TEST_OUTPUT"
1.554 +}
1.555 +
1.556 +force_crash()
1.557 +{
1.558 + echo "int main(int argc, char *argv[]) { int *i; i = (int*)(void*)1; *i = 1; }" > "$TEST_OUTPUT/crashme.c"
1.559 + gcc -g -o "$TEST_OUTPUT/crashme" "$TEST_OUTPUT/crashme.c"
1.560 + "$TEST_OUTPUT/crashme"
1.561 +}
1.562 +
1.563 +################################################################################
1.564 +# Do simple client auth tests
1.565 +# Use an altered client against the server
1.566 +################################################################################
1.567 +ssl_simple_client_auth()
1.568 +{
1.569 + echo "Testing SSL simple client auth testcases"
1.570 + export CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
1.571 + export SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
1.572 + export PORT=8443
1.573 + export START_AT=1
1.574 + if [ "$SMALLSET" = "true" ]; then
1.575 + export STOP_AT=10
1.576 + else
1.577 + export STOP_AT=106160
1.578 + fi
1.579 + unset NISCC_TEST
1.580 + export LD_LIBRARY_PATH="$TESTLIB"
1.581 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.582 + "${TESTTOOLS}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -rr -t $THREADS -w test > "$TEST_OUTPUT/nisccLog01" 2>&1 &
1.583 +
1.584 + export NISCC_TEST="$TEST/simple_client"
1.585 + export LD_LIBRARY_PATH="$HACKLIB"
1.586 +
1.587 + for START in `seq $START_AT $THREADS $STOP_AT`; do
1.588 + START_AT=$START \
1.589 + STOP_AT=$(($START+$THREADS)) \
1.590 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.591 + "${HACKBIN}/strsclnt" $VERBOSE -d "$CLIENT" -n client_crt -p $PORT -t $THREADS -c $THREADS -o -N -w test $HOST >> "$TEST_OUTPUT/nisccLog02" 2>&1
1.592 + done
1.593 +
1.594 + unset NISCC_TEST
1.595 + echo "starting tstclnt to shutdown simple client selfserv process"
1.596 + for i in `seq 5`; do
1.597 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.598 + "${HACKBIN}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog02" 2>&1
1.599 + done
1.600 +
1.601 + unset LD_LIBRARY_PATH
1.602 +
1.603 + sleep 1
1.604 +}
1.605 +
1.606 +################################################################################
1.607 +# Do simple server auth tests
1.608 +# Use an altered server against the client
1.609 +################################################################################
1.610 +ssl_simple_server_auth()
1.611 +{
1.612 + echo "Testing SSL simple server auth testcases"
1.613 + export CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
1.614 + export SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
1.615 + export PORT=8444
1.616 + export START_AT=00000001
1.617 + if [ "$SMALLSET" = "true" ]; then
1.618 + export STOP_AT=00000010
1.619 + else
1.620 + export STOP_AT=00106167
1.621 + fi
1.622 + export LD_LIBRARY_PATH="$HACKLIB"
1.623 + export NISCC_TEST="$TEST/simple_server"
1.624 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.625 + "${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog03" 2>&1 &
1.626 +
1.627 + unset NISCC_TEST
1.628 + export LD_LIBRARY_PATH="$TESTLIB"
1.629 + for START in `seq $START_AT $THREADS $STOP_AT`; do
1.630 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.631 + "${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog04" 2>&1
1.632 + done
1.633 +
1.634 + echo "starting tstclnt to shutdown simple server selfserv process"
1.635 + for i in `seq 5`; do
1.636 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.637 + "${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog04" 2>&1
1.638 + done
1.639 +
1.640 + unset LD_LIBRARY_PATH
1.641 +
1.642 + sleep 1
1.643 +}
1.644 +
1.645 +################################################################################
1.646 +# Do simple rootCA tests
1.647 +# Use an altered server against the client
1.648 +################################################################################
1.649 +ssl_simple_rootca()
1.650 +{
1.651 + echo "Testing SSL simple rootCA testcases"
1.652 + export CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
1.653 + export SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
1.654 + export PORT=8445
1.655 + export START_AT=1
1.656 + if [ "$SMALLSET" = "true" ]; then
1.657 + export STOP_AT=10
1.658 + else
1.659 + export STOP_AT=106190
1.660 + fi
1.661 + export LD_LIBRARY_PATH="$HACKLIB"
1.662 + export NISCC_TEST="$TEST/simple_rootca"
1.663 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.664 + "${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog05" 2>&1 &
1.665 +
1.666 + unset NISCC_TEST
1.667 + export LD_LIBRARY_PATH="$TESTLIB"
1.668 + for START in `seq $START_AT $THREADS $STOP_AT`; do
1.669 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.670 + "${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog06" 2>&1
1.671 + done
1.672 +
1.673 + echo "starting tstclnt to shutdown simple rootca selfserv process"
1.674 + for i in `seq 5`; do
1.675 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.676 + "${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog06" 2>&1
1.677 + done
1.678 +
1.679 + unset LD_LIBRARY_PATH
1.680 +
1.681 + sleep 1
1.682 +}
1.683 +
1.684 +################################################################################
1.685 +# Do resigned client auth tests
1.686 +# Use an altered client against the server
1.687 +################################################################################
1.688 +ssl_resigned_client_auth()
1.689 +{
1.690 + echo "Testing SSL resigned client auth testcases"
1.691 + export CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
1.692 + export SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
1.693 + export PORT=8446
1.694 + export START_AT=0
1.695 + if [ "$SMALLSET" = "true" ]; then
1.696 + export STOP_AT=9
1.697 + else
1.698 + export STOP_AT=99981
1.699 + fi
1.700 + unset NISCC_TEST
1.701 + export LD_LIBRARY_PATH="$TESTLIB"
1.702 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.703 + "${TESTTOOLS}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -rr -t $THREADS -w test > "$TEST_OUTPUT/nisccLog07" 2>&1 &
1.704 +
1.705 + export NISCC_TEST="$TEST/resigned_client"
1.706 + export LD_LIBRARY_PATH="$HACKLIB"
1.707 +
1.708 + for START in `seq $START_AT $THREADS $STOP_AT`; do
1.709 + START_AT=$START \
1.710 + STOP_AT=$(($START+$THREADS)) \
1.711 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.712 + "${HACKBIN}/strsclnt" $VERBOSE -d "$CLIENT" -n client_crt -p $PORT -t $THREADS -c $THREADS -o -N -w test $HOST >> "$TEST_OUTPUT/nisccLog08" 2>&1
1.713 + done
1.714 +
1.715 + unset NISCC_TEST
1.716 + echo "starting tstclnt to shutdown resigned client selfserv process"
1.717 + for i in `seq 5`; do
1.718 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.719 + "${HACKBIN}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog08" 2>&1
1.720 + done
1.721 +
1.722 + unset LD_LIBRARY_PATH
1.723 +
1.724 + sleep 1
1.725 +}
1.726 +
1.727 +################################################################################
1.728 +# Do resigned server auth tests
1.729 +# Use an altered server against the client
1.730 +################################################################################
1.731 +ssl_resigned_server_auth()
1.732 +{
1.733 + echo "Testing SSL resigned server auth testcases"
1.734 + export CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
1.735 + export SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
1.736 + export PORT=8447
1.737 + export START_AT=0
1.738 + if [ "$SMALLSET" = "true" ]; then
1.739 + export STOP_AT=9
1.740 + else
1.741 + export STOP_AT=100068
1.742 + fi
1.743 + export LD_LIBRARY_PATH="$HACKLIB"
1.744 + export NISCC_TEST="$TEST/resigned_server"
1.745 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.746 + "${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog09" 2>&1 &
1.747 +
1.748 + unset NISCC_TEST
1.749 + export LD_LIBRARY_PATH="$TESTLIB"
1.750 + for START in `seq $START_AT $THREADS $STOP_AT`; do
1.751 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.752 + "${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog10" 2>&1
1.753 + done
1.754 +
1.755 + echo "starting tstclnt to shutdown resigned server selfserv process"
1.756 + for i in `seq 5`; do
1.757 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.758 + "${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog10" 2>&1
1.759 + done
1.760 +
1.761 + unset LD_LIBRARY_PATH
1.762 +
1.763 + sleep 1
1.764 +}
1.765 +
1.766 +################################################################################
1.767 +# Do resigned rootCA tests
1.768 +# Use an altered server against the client
1.769 +################################################################################
1.770 +ssl_resigned_rootca()
1.771 +{
1.772 + echo "Testing SSL resigned rootCA testcases"
1.773 + export CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
1.774 + export SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
1.775 + export PORT=8448
1.776 + export START_AT=0
1.777 + if [ "$SMALLSET" = "true" ]; then
1.778 + export STOP_AT=9
1.779 + else
1.780 + export STOP_AT=99959
1.781 + fi
1.782 + export LD_LIBRARY_PATH="$HACKLIB"
1.783 + export NISCC_TEST="$TEST/resigned_rootca"
1.784 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.785 + "${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog11" 2>&1 &
1.786 +
1.787 + unset NISCC_TEST
1.788 + export LD_LIBRARY_PATH="$TESTLIB"
1.789 + for START in `seq $START_AT $THREADS $STOP_AT`; do
1.790 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.791 + "${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog12" 2>&1
1.792 + done
1.793 +
1.794 + echo "starting tstclnt to shutdown resigned rootca selfserv process"
1.795 + for i in `seq 5`; do
1.796 + LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
1.797 + "${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog12" 2>&1
1.798 + done
1.799 +
1.800 + unset LD_LIBRARY_PATH
1.801 +
1.802 + sleep 1
1.803 +}
1.804 +
1.805 +################################################################################
1.806 +# Email the test logfile, and if core found, notify of failure
1.807 +################################################################################
1.808 +mail_testLog()
1.809 +{
1.810 + pushd "$TEST_OUTPUT"
1.811 +
1.812 + # remove mozilla nss build false positives and core stored in previous runs
1.813 + find . -name "core*" -print | grep -v coreconf | grep -v core_watch | grep -v archive >> crashLog
1.814 + export SIZE=`cat crashLog | wc -l`
1.815 +
1.816 + [ "$USE_MAIL" = "false" ] && return
1.817 +
1.818 + # mail text
1.819 + MT=mailText
1.820 + rm -f $MT
1.821 +
1.822 + if [ "$SIZE" -ne 1 ]; then
1.823 + echo "### FAILED ###" >> $MT
1.824 + echo "### Exactly one crash is expected." >> $MT
1.825 + echo "### Zero means: crash detection is broken, fix the script!" >> $MT
1.826 + echo "### > 1 means: robustness test failure, fix the bug! (check the logs)" >> $MT
1.827 + cat crashLog >> nisccLogSummary
1.828 + SUBJ="FAILED: NISCC TESTS (check file: crashLog)"
1.829 + else
1.830 + echo ":) PASSED :)" >> $MT
1.831 + SUBJ="PASSED: NISCC tests"
1.832 + fi
1.833 +
1.834 + echo "Date used during test run: $DATE" >> $MT
1.835 +
1.836 + echo "Count of lines in files:" >> $MT
1.837 + wc -l crashLog nisccBuildLog nisccBuildLogHack nisccLog[0-9]* p7m-* |grep -vw total >> $MT
1.838 + NUM=`cat nisccLog0[123456789] nisccLog1[12] | egrep -ic "success/passed"`
1.839 + echo "Number of times the SSL tests reported success/passed (low expected): $NUM" >> $MT
1.840 + NUM=`cat nisccLog0[123456789] nisccLog1[12] | egrep -ic "problem|failed|error"`
1.841 + echo "Number of times the SSL tests reported problem/failed/error (high expected): $NUM" >> $MT
1.842 + NUM=`cat niscc_smime/p7m*results.txt | egrep -ic "success/passed"`
1.843 + echo "Number of times the S/MIME tests reported success/passed (low expected): $NUM" >> $MT
1.844 + NUM=`cat niscc_smime/p7m*results.txt | egrep -ic "problem|failed|error"`
1.845 + echo "Number of times the S/MIME tests reported problem/failed/error (high expected): $NUM" >> $MT
1.846 + echo "==== tail of nisccBuildLog ====" >> $MT
1.847 + tail -20 nisccBuildLog >> $MT
1.848 + echo "===============================" >> $MT
1.849 + echo "==== tail of nisccBuildLogHack ====" >> $MT
1.850 + tail -20 nisccBuildLogHack >> $MT
1.851 + echo "===================================" >> $MT
1.852 +
1.853 + #NUM=``
1.854 + #echo "Number of : $NUM" >> $MT
1.855 +
1.856 + cat $MT | $MAIL_COMMAND -s "$SUBJ" $QA_LIST
1.857 +
1.858 + popd
1.859 +}
1.860 +
1.861 +################################################################################
1.862 +# Summarize all logs
1.863 +################################################################################
1.864 +log_summary()
1.865 +{
1.866 + echo "Summarizing all logs"
1.867 + # Move old logs
1.868 + [ -f "$TEST_OUTPUT/nisccLogSummary" ] && mv nisccLogSummary nisccLogSummary.old
1.869 + [ -f "$TEST_OUTPUT/crashLog" ] && mv crashLog crashLog.old
1.870 +
1.871 + for a in $TEST_OUTPUT/nisccLog[0-9]*; do
1.872 + echo ================================== "$a"
1.873 + grep -v using "$a" | sort | uniq -c | sort -b -n +0 -1
1.874 + done > $TEST_OUTPUT/nisccLogSummary
1.875 +
1.876 + for a in $TEST_OUTPUT/niscc_smime/p7m-*-results.txt; do
1.877 + echo ================================== "$a"
1.878 + grep -v using "$a" | sort | uniq -c | sort -b -n +0 -1
1.879 + done >> $TEST_OUTPUT/nisccLogSummary
1.880 +}
1.881 +
1.882 +################################################################################
1.883 +# Process core files
1.884 +################################################################################
1.885 +core_process()
1.886 +{
1.887 + echo "Processing core files"
1.888 + cd "$TEST_OUTPUT"
1.889 +
1.890 + for CORE in `cat crashLog`; do
1.891 + FILE=`file "$CORE" | sed "s/.* from '//" | sed "s/'.*//"`
1.892 + BINARY=`strings "$CORE" | grep "^${FILE}" | tail -1`
1.893 + gdb "$BINARY" "$CORE" << EOF_GDB > "$CORE.details"
1.894 +where
1.895 +quit
1.896 +EOF_GDB
1.897 + done
1.898 +}
1.899 +
1.900 +################################################################################
1.901 +# Move the old log files to save them, delete extra log files
1.902 +################################################################################
1.903 +move_files()
1.904 +{
1.905 + echo "Moving and deleting log files"
1.906 + cd "$TEST_OUTPUT"
1.907 +
1.908 + rm -rf TRASH
1.909 + mkdir TRASH
1.910 +
1.911 + if [ "$LOG_STORE" = "true" ]; then
1.912 + BRANCH=`echo $LOCALDIST | sed "s:.*/\(security.*\)/builds/.*:\1:"`
1.913 + if [ "$BRANCH" = "$LOCALDIST" ]; then
1.914 + ARCHIVE="$TEST_OUTPUT/archive"
1.915 + else
1.916 + ARCHIVE="$TEST_OUTPUT/archive/$BRANCH"
1.917 + fi
1.918 +
1.919 + # Check for archive directory
1.920 + if [ ! -d "$ARCHIVE" ]; then
1.921 + mkdir -p "$ARCHIVE"
1.922 + fi
1.923 +
1.924 + # Determine next log storage point
1.925 + slot=`ls -1 "$ARCHIVE" | grep $DATE | wc -l`
1.926 + slot=`expr $slot + 1`
1.927 + location="$ARCHIVE/$DATE.$slot"
1.928 + mkdir -p "$location"
1.929 +
1.930 + # Archive the logs
1.931 + mv nisccBuildLog "$location" 2> /dev/null
1.932 + mv nisccBuildLogHack "$location" 2> /dev/null
1.933 + mv nisccLogSummary "$location"
1.934 + mv nisccLog* "$location"
1.935 + mv niscc_smime/p7m-ed-m-results.txt "$location"
1.936 + mv niscc_smime/p7m-sd-dt-results.txt "$location"
1.937 + mv niscc_smime/p7m-sd-op-results.txt "$location"
1.938 +
1.939 + # Archive any core files produced
1.940 + for core in `cat "$TEST_OUTPUT/crashLog"`; do
1.941 + mv "$core" "$location"
1.942 + mv "$core.details" "$location"
1.943 + done
1.944 + mv crashLog "$location"
1.945 + else
1.946 + # Logs not stored => summaries, crashlog and corefiles not moved, other logs deleted
1.947 + mv nisccLog00 nisccLog01 nisccLog02 nisccLog03 nisccLog04 nisccLog05 nisccLog06 nisccLog07 nisccLog08 nisccLog09 nisccLog10 nisccLog11 nisccLog12 TRASH/
1.948 + mv niscc_smime/p7m-ed-m-results.txt niscc_smime/p7m-sd-dt-results.txt niscc_smime/p7m-sd-op-results.txt TRASH/
1.949 + fi
1.950 + mv envDB sigDB niscc_smime niscc_ssl TRASH/
1.951 + mv CA.p12 Client.p12 client_crt.p12 server_crt.p12 TRASH/
1.952 + mv p7m-ed-m-files.txt p7m-sd-dt-files.txt p7m-sd-op-files.txt password-is-testtest1.txt detached.txt TRASH/
1.953 + mv crashme.c crashme TRASH/
1.954 +}
1.955 +
1.956 +################################################################################
1.957 +# Main
1.958 +################################################################################
1.959 +process_args $*
1.960 +create_environment
1.961 +hg_pull
1.962 +build_NSS
1.963 +init
1.964 +niscc_smime
1.965 +niscc_ssl_init
1.966 +force_crash
1.967 +ssl_setup_dirs_simple
1.968 + ssl_simple_client_auth
1.969 + ssl_simple_server_auth
1.970 + ssl_simple_rootca
1.971 +ssl_setup_dirs_resigned
1.972 + ssl_resigned_client_auth
1.973 + ssl_resigned_server_auth
1.974 + ssl_resigned_rootca
1.975 +# no idea what these commented-out lines are supposed to be!
1.976 +#ssl_setup_dirs_update
1.977 +# ssl_update_server_auth der
1.978 +# ssl_update_client_auth der
1.979 +# ssl_update_server_auth resigned-der
1.980 +# ssl_update_client_auth resigned-der
1.981 +log_summary
1.982 +mail_testLog
1.983 +core_process
1.984 +move_files
1.985 +exit $SIZE
