michael@0: #! /bin/bash
michael@0: #
michael@0: # This Source Code Form is subject to the terms of the Mozilla Public
michael@0: # License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0: # file, You can obtain one at http://mozilla.org/MPL/2.0/.
michael@0:
michael@0: ########################################################################
michael@0: #
michael@0: # mozilla/security/nss/tests/common/init.sh
michael@0: #
michael@0: # initialization for NSS QA, can be included multiple times
michael@0: # from all.sh and the individual scripts
michael@0: #
michael@0: # variables, utilities and shellfunctions global to NSS QA
michael@0: # needs to work on all Unix and Windows platforms
michael@0: #
michael@0: # included from
michael@0: # -------------
michael@0: # all.sh
michael@0: # ssl.sh
michael@0: # sdr.sh
michael@0: # cipher.sh
michael@0: # perf.sh
michael@0: # cert.sh
michael@0: # smime.sh
michael@0: # tools.sh
michael@0: # fips.sh
michael@0: #
michael@0: # special strings
michael@0: # ---------------
michael@0: # FIXME ... known problems, search for this string
michael@0: # NOTE .... unexpected behavior
michael@0: #
michael@0: # NOTE:
michael@0: # -----
michael@0: # Unlike the old QA this is based on files sourcing each other
michael@0: # This is done to save time, since a great portion of time is lost
michael@0: # in calling and sourcing the same things multiple times over the
michael@0: # network. Also, this way all scripts have all shell function available
michael@0: # and a completely common environment
michael@0: #
michael@0: ########################################################################
michael@0:
michael@0: NSS_STRICT_SHUTDOWN=1
michael@0: export NSS_STRICT_SHUTDOWN
michael@0:
michael@0: # Init directories based on HOSTDIR variable
michael@0: if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
michael@0: init_directories()
michael@0: {
michael@0: TMP=${HOSTDIR} #TMP=${TMP-/tmp}
michael@0: TEMP=${TMP}
michael@0: TMPDIR=${TMP}
michael@0:
michael@0: CADIR=${HOSTDIR}/CA
michael@0: SERVERDIR=${HOSTDIR}/server
michael@0: CLIENTDIR=${HOSTDIR}/client
michael@0: ALICEDIR=${HOSTDIR}/alicedir
michael@0: BOBDIR=${HOSTDIR}/bobdir
michael@0: DAVEDIR=${HOSTDIR}/dave
michael@0: EVEDIR=${HOSTDIR}/eve
michael@0: FIPSDIR=${HOSTDIR}/fips
michael@0: DBPASSDIR=${HOSTDIR}/dbpass
michael@0: ECCURVES_DIR=${HOSTDIR}/eccurves
michael@0: DISTRUSTDIR=${HOSTDIR}/distrust
michael@0:
michael@0: SERVER_CADIR=${HOSTDIR}/serverCA
michael@0: CLIENT_CADIR=${HOSTDIR}/clientCA
michael@0: EXT_SERVERDIR=${HOSTDIR}/ext_server
michael@0: EXT_CLIENTDIR=${HOSTDIR}/ext_client
michael@0:
michael@0: IOPR_CADIR=${HOSTDIR}/CA_iopr
michael@0: IOPR_SSL_SERVERDIR=${HOSTDIR}/server_ssl_iopr
michael@0: IOPR_SSL_CLIENTDIR=${HOSTDIR}/client_ssl_iopr
michael@0: IOPR_OCSP_CLIENTDIR=${HOSTDIR}/client_ocsp_iopr
michael@0:
michael@0: CERT_EXTENSIONS_DIR=${HOSTDIR}/cert_extensions
michael@0: STAPLINGDIR=${HOSTDIR}/stapling
michael@0:
michael@0: PWFILE=${HOSTDIR}/tests.pw
michael@0: NOISE_FILE=${HOSTDIR}/tests_noise
michael@0: CORELIST_FILE=${HOSTDIR}/clist
michael@0:
michael@0: FIPSPWFILE=${HOSTDIR}/tests.fipspw
michael@0: FIPSBADPWFILE=${HOSTDIR}/tests.fipsbadpw
michael@0: FIPSP12PWFILE=${HOSTDIR}/tests.fipsp12pw
michael@0:
michael@0: echo "fIps140" > ${FIPSPWFILE}
michael@0: echo "fips104" > ${FIPSBADPWFILE}
michael@0: echo "pKcs12fips140" > ${FIPSP12PWFILE}
michael@0:
michael@0: noise
michael@0:
michael@0: P_SERVER_CADIR=${SERVER_CADIR}
michael@0: P_CLIENT_CADIR=${CLIENT_CADIR}
michael@0:
michael@0: if [ -n "${MULTIACCESS_DBM}" ]; then
michael@0: P_SERVER_CADIR="multiaccess:${D_SERVER_CA}"
michael@0: P_CLIENT_CADIR="multiaccess:${D_CLIENT_CA}"
michael@0: fi
michael@0:
michael@0:
michael@0: # a new log file, short - fast to search, mostly for tools to
michael@0: # see if their portion of the cert has succeeded, also for me -
michael@0: CERT_LOG_FILE=${HOSTDIR}/cert.log #the output.log is so crowded...
michael@0:
michael@0: TEMPFILES=foobar # keep "${PWFILE} ${NOISE_FILE}" around
michael@0:
michael@0: export HOSTDIR
michael@0: }
michael@0:
michael@0: # Generate noise file
michael@0: noise()
michael@0: {
michael@0: # NOTE: these keys are only suitable for testing, as this whole thing
michael@0: # bypasses the entropy gathering. Don't use this method to generate
michael@0: # keys and certs for product use or deployment.
michael@0: ps -efl > ${NOISE_FILE} 2>&1
michael@0: ps aux >> ${NOISE_FILE} 2>&1
michael@0: date >> ${NOISE_FILE} 2>&1
michael@0: }
michael@0:
michael@0: # Print selected environment variable (used for backup)
michael@0: env_backup()
michael@0: {
michael@0: echo "HOSTDIR=\"${HOSTDIR}\""
michael@0: echo "TABLE_ARGS="
michael@0: echo "NSS_TEST_DISABLE_CRL=${NSS_TEST_DISABLE_CRL}"
michael@0: echo "NSS_SSL_TESTS=\"${NSS_SSL_TESTS}\""
michael@0: echo "NSS_SSL_RUN=\"${NSS_SSL_RUN}\""
michael@0: echo "NSS_DEFAULT_DB_TYPE=${NSS_DEFAULT_DB_TYPE}"
michael@0: echo "export NSS_DEFAULT_DB_TYPE"
michael@0: echo "NSS_ENABLE_PKIX_VERIFY=${NSS_ENABLE_PKIX_VERIFY}"
michael@0: echo "export NSS_ENABLE_PKIX_VERIFY"
michael@0: echo "init_directories"
michael@0: }
michael@0:
michael@0: # Exit shellfunction to clean up at exit (error, regular or signal)
michael@0: Exit()
michael@0: {
michael@0: if [ -n "$1" ] ; then
michael@0: echo "$SCRIPTNAME: Exit: $* - FAILED"
michael@0: html_failed "$*"
michael@0: fi
michael@0: echo "
" >> ${RESULTS}
michael@0: if [ -n "${SERVERPID}" -a -f "${SERVERPID}" ]; then
michael@0: ${KILL} `cat ${SERVERPID}`
michael@0: fi
michael@0: cd ${QADIR}
michael@0: . common/cleanup.sh
michael@0: case $1 in
michael@0: [0-4][0-9]|[0-9])
michael@0: exit $1;
michael@0: ;;
michael@0: *)
michael@0: exit 1
michael@0: ;;
michael@0: esac
michael@0: }
michael@0:
michael@0: detect_core()
michael@0: {
michael@0: [ ! -f $CORELIST_FILE ] && touch $CORELIST_FILE
michael@0: mv $CORELIST_FILE ${CORELIST_FILE}.old
michael@0: coreStr=`find $HOSTDIR -type f -name '*core*'`
michael@0: res=0
michael@0: if [ -n "$coreStr" ]; then
michael@0: sum $coreStr > $CORELIST_FILE
michael@0: res=`cat $CORELIST_FILE ${CORELIST_FILE}.old | sort | uniq -u | wc -l`
michael@0: fi
michael@0: return $res
michael@0: }
michael@0:
michael@0: #html functions to give the resultfiles a consistant look
michael@0: html() ######################### write the results.html file
michael@0: { # 3 functions so we can put targets in the output.log easier
michael@0: echo $* >>${RESULTS}
michael@0: }
michael@0: html_passed()
michael@0: {
michael@0: html_detect_core "$@" || return
michael@0: MSG_ID=`cat ${MSG_ID_FILE}`
michael@0: MSG_ID=`expr ${MSG_ID} + 1`
michael@0: echo ${MSG_ID} > ${MSG_ID_FILE}
michael@0: html "| #${MSG_ID}: $1 ${HTML_PASSED}"
michael@0: echo "${SCRIPTNAME}: #${MSG_ID}: $* - PASSED"
michael@0: }
michael@0: html_failed()
michael@0: {
michael@0: html_detect_core "$@" || return
michael@0: MSG_ID=`cat ${MSG_ID_FILE}`
michael@0: MSG_ID=`expr ${MSG_ID} + 1`
michael@0: echo ${MSG_ID} > ${MSG_ID_FILE}
michael@0: html " |
| #${MSG_ID}: $1 ${HTML_FAILED}"
michael@0: echo "${SCRIPTNAME}: #${MSG_ID}: $* - FAILED"
michael@0: }
michael@0: html_unknown()
michael@0: {
michael@0: html_detect_core "$@" || return
michael@0: MSG_ID=`cat ${MSG_ID_FILE}`
michael@0: MSG_ID=`expr ${MSG_ID} + 1`
michael@0: echo ${MSG_ID} > ${MSG_ID_FILE}
michael@0: html " |
| #${MSG_ID}: $1 ${HTML_UNKNOWN}"
michael@0: echo "${SCRIPTNAME}: #${MSG_ID}: $* - UNKNOWN"
michael@0: }
michael@0: html_detect_core()
michael@0: {
michael@0: detect_core
michael@0: if [ $? -ne 0 ]; then
michael@0: MSG_ID=`cat ${MSG_ID_FILE}`
michael@0: MSG_ID=`expr ${MSG_ID} + 1`
michael@0: echo ${MSG_ID} > ${MSG_ID_FILE}
michael@0: html " |
#${MSG_ID}: $* ${HTML_FAILED_CORE}"
michael@0: echo "${SCRIPTNAME}: #${MSG_ID}: $* - Core file is detected - FAILED"
michael@0: return 1
michael@0: fi
michael@0: return 0
michael@0: }
michael@0: html_head()
michael@0: {
michael@0:
michael@0: html "| $* |
|---|
"
michael@0: html "| Test Case | Result |
|---|
"
michael@0: echo "$SCRIPTNAME: $* ==============================="
michael@0: }
michael@0: html_msg()
michael@0: {
michael@0: if [ "$1" -ne "$2" ] ; then
michael@0: html_failed "$3" "$4"
michael@0: else
michael@0: html_passed "$3" "$4"
michael@0: fi
michael@0: }
michael@0: HTML_FAILED='Failed | '
michael@0: HTML_FAILED_CORE='| Failed Core | '
michael@0: HTML_PASSED='| Passed | '
michael@0: HTML_UNKNOWN='| Unknown/TD> | '
michael@0: TABLE_ARGS=
michael@0:
michael@0:
michael@0: #directory name init
michael@0: SCRIPTNAME=init.sh
michael@0:
michael@0: mozilla_root=`(cd ../../..; pwd)`
michael@0: MOZILLA_ROOT=${MOZILLA_ROOT-$mozilla_root}
michael@0:
michael@0: qadir=`(cd ..; pwd)`
michael@0: QADIR=${QADIR-$qadir}
michael@0:
michael@0: common=${QADIR}/common
michael@0: COMMON=${TEST_COMMON-$common}
michael@0: export COMMON
michael@0:
michael@0: DIST=${DIST-${MOZILLA_ROOT}/dist}
michael@0: TESTDIR=${TESTDIR-${MOZILLA_ROOT}/tests_results/security}
michael@0:
michael@0: # Allow for override options from a config file
michael@0: if [ -n "${OBJDIR}" -a -f ${DIST}/${OBJDIR}/platform.cfg ]; then
michael@0: . ${DIST}/${OBJDIR}/platform.cfg
michael@0: fi
michael@0:
michael@0: # only need make if we don't already have certain variables set
michael@0: if [ -z "${OBJDIR}" -o -z "${OS_ARCH}" -o -z "${DLL_PREFIX}" -o -z "${DLL_SUFFIX}" ]; then
michael@0: MAKE=gmake
michael@0: $MAKE -v >/dev/null 2>&1 || MAKE=make
michael@0: $MAKE -v >/dev/null 2>&1 || { echo "You are missing make."; exit 5; }
michael@0: MAKE="$MAKE --no-print-directory"
michael@0: fi
michael@0:
michael@0: if [ "${OBJDIR}" = "" ]; then
michael@0: OBJDIR=`(cd $COMMON; $MAKE objdir_name)`
michael@0: fi
michael@0: if [ "${OS_ARCH}" = "" ]; then
michael@0: OS_ARCH=`(cd $COMMON; $MAKE os_arch)`
michael@0: fi
michael@0: if [ "${DLL_PREFIX}" = "" ]; then
michael@0: DLL_PREFIX=`(cd $COMMON; $MAKE dll_prefix)`
michael@0: fi
michael@0: if [ "${DLL_SUFFIX}" = "" ]; then
michael@0: DLL_SUFFIX=`(cd $COMMON; $MAKE dll_suffix)`
michael@0: fi
michael@0: OS_NAME=`uname -s | sed -e "s/-[0-9]*\.[0-9]*//" | sed -e "s/-WOW64//"`
michael@0:
michael@0: BINDIR="${DIST}/${OBJDIR}/bin"
michael@0:
michael@0: # Pathnames constructed from ${TESTDIR} are passed to NSS tools
michael@0: # such as certutil, which don't understand Cygwin pathnames.
michael@0: # So we need to convert ${TESTDIR} to a Windows pathname (with
michael@0: # regular slashes).
michael@0: if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "CYGWIN_NT" ]; then
michael@0: TESTDIR=`cygpath -m ${TESTDIR}`
michael@0: QADIR=`cygpath -m ${QADIR}`
michael@0: fi
michael@0:
michael@0: # Same problem with MSYS/Mingw, except we need to start over with pwd -W
michael@0: if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "MINGW32_NT" ]; then
michael@0: mingw_mozilla_root=`(cd ../../..; pwd -W)`
michael@0: MINGW_MOZILLA_ROOT=${MINGW_MOZILLA_ROOT-$mingw_mozilla_root}
michael@0: TESTDIR=${MINGW_TESTDIR-${MINGW_MOZILLA_ROOT}/tests_results/security}
michael@0: fi
michael@0:
michael@0: # Same problem with MSYS/Mingw, except we need to start over with pwd -W
michael@0: if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "MINGW32_NT" ]; then
michael@0: mingw_mozilla_root=`(cd ../../..; pwd -W)`
michael@0: MINGW_MOZILLA_ROOT=${MINGW_MOZILLA_ROOT-$mingw_mozilla_root}
michael@0: TESTDIR=${MINGW_TESTDIR-${MINGW_MOZILLA_ROOT}/tests_results/security}
michael@0: fi
michael@0: echo testdir is $TESTDIR
michael@0:
michael@0: #in case of backward comp. tests the calling scripts set the
michael@0: #PATH and LD_LIBRARY_PATH and do not want them to be changed
michael@0: if [ -z "${DON_T_SET_PATHS}" -o "${DON_T_SET_PATHS}" != "TRUE" ] ; then
michael@0: if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" != "CYGWIN_NT" -a "$OS_NAME" != "MINGW32_NT" ]; then
michael@0: PATH=.\;${DIST}/${OBJDIR}/bin\;${DIST}/${OBJDIR}/lib\;$PATH
michael@0: PATH=`perl ../path_uniq -d ';' "$PATH"`
michael@0: elif [ "${OS_ARCH}" = "Android" ]; then
michael@0: # android doesn't have perl, skip the uniq step
michael@0: PATH=.:${DIST}/${OBJDIR}/bin:${DIST}/${OBJDIR}/lib:$PATH
michael@0: else
michael@0: PATH=.:${DIST}/${OBJDIR}/bin:${DIST}/${OBJDIR}/lib:/bin:/usr/bin:$PATH
michael@0: # added /bin and /usr/bin in the beginning so a local perl will
michael@0: # be used
michael@0: PATH=`perl ../path_uniq -d ':' "$PATH"`
michael@0: fi
michael@0:
michael@0: LD_LIBRARY_PATH=${DIST}/${OBJDIR}/lib:$LD_LIBRARY_PATH
michael@0: SHLIB_PATH=${DIST}/${OBJDIR}/lib:$SHLIB_PATH
michael@0: LIBPATH=${DIST}/${OBJDIR}/lib:$LIBPATH
michael@0: DYLD_LIBRARY_PATH=${DIST}/${OBJDIR}/lib:$DYLD_LIBRARY_PATH
michael@0: fi
michael@0:
michael@0: if [ ! -d "${TESTDIR}" ]; then
michael@0: echo "$SCRIPTNAME init: Creating ${TESTDIR}"
michael@0: mkdir -p ${TESTDIR}
michael@0: fi
michael@0:
michael@0: #HOST and DOMSUF are needed for the server cert
michael@0:
michael@0: DOMAINNAME=`which domainname`
michael@0: if [ -z "${DOMSUF}" -a $? -eq 0 -a -n "${DOMAINNAME}" ]; then
michael@0: DOMSUF=`domainname`
michael@0: fi
michael@0:
michael@0: case $HOST in
michael@0: *\.*)
michael@0: if [ -z "${DOMSUF}" ]; then
michael@0: DOMSUF=`echo $HOST | sed -e "s/^[^.]*\.//"`
michael@0: fi
michael@0: HOST=`echo $HOST | sed -e "s/\..*//"`
michael@0: ;;
michael@0: ?*)
michael@0: ;;
michael@0: *)
michael@0: HOST=`uname -n`
michael@0: case $HOST in
michael@0: *\.*)
michael@0: if [ -z "${DOMSUF}" ]; then
michael@0: DOMSUF=`echo $HOST | sed -e "s/^[^.]*\.//"`
michael@0: fi
michael@0: HOST=`echo $HOST | sed -e "s/\..*//"`
michael@0: ;;
michael@0: ?*)
michael@0: ;;
michael@0: *)
michael@0: echo "$SCRIPTNAME: Fatal HOST environment variable is not defined."
michael@0: exit 1 #does not need to be Exit, very early in script
michael@0: ;;
michael@0: esac
michael@0: ;;
michael@0: esac
michael@0:
michael@0: if [ -z "${DOMSUF}" -a "${OS_ARCH}" != "Android" ]; then
michael@0: echo "$SCRIPTNAME: Fatal DOMSUF env. variable is not defined."
michael@0: exit 1 #does not need to be Exit, very early in script
michael@0: fi
michael@0:
michael@0: #HOSTADDR was a workaround for the dist. stress test, and is probably
michael@0: #not needed anymore (purpose: be able to use IP address for the server
michael@0: #cert instead of PC name which was not in the DNS because of dyn IP address
michael@0: if [ -z "$USE_IP" -o "$USE_IP" != "TRUE" ] ; then
michael@0: if [ -z "${DOMSUF}" ]; then
michael@0: HOSTADDR=${HOST}
michael@0: else
michael@0: HOSTADDR=${HOST}.${DOMSUF}
michael@0: fi
michael@0: else
michael@0: HOSTADDR=${IP_ADDRESS}
michael@0: fi
michael@0:
michael@0: #if running remote side of the distributed stress test we need to use
michael@0: #the files that the server side gives us...
michael@0: if [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
michael@0: for w in `ls -rtd ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null |
michael@0: sed -e "s/.*${HOST}.//"` ; do
michael@0: version=$w
michael@0: done
michael@0: HOSTDIR=${TESTDIR}/${HOST}.$version
michael@0: echo "$SCRIPTNAME init: HOSTDIR $HOSTDIR"
michael@0: echo $HOSTDIR
michael@0: if [ ! -d $HOSTDIR ] ; then
michael@0: echo "$SCRIPTNAME: Fatal: Remote side of dist. stress test "
michael@0: echo " - server HOSTDIR $HOSTDIR does not exist"
michael@0: exit 1 #does not need to be Exit, very early in script
michael@0: fi
michael@0: fi
michael@0:
michael@0: #find the HOSTDIR, where the results are supposed to go
michael@0: if [ -n "${HOSTDIR}" ]; then
michael@0: version=`echo $HOSTDIR | sed -e "s/.*${HOST}.//"`
michael@0: else
michael@0: if [ -f "${TESTDIR}/${HOST}" ]; then
michael@0: version=`cat ${TESTDIR}/${HOST}`
michael@0: else
michael@0: version=1
michael@0: fi
michael@0: #file has a tendency to disappear, messing up the rest of QA -
michael@0: #workaround to find the next higher number if version file is not there
michael@0: if [ -z "${version}" ]; then # for some strange reason this file
michael@0: # gets truncated at times... Windos
michael@0: for w in `ls -d ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null |
michael@0: sort -t '.' -n | sed -e "s/.*${HOST}.//"` ; do
michael@0: version=`expr $w + 1`
michael@0: done
michael@0: if [ -z "${version}" ]; then
michael@0: version=1
michael@0: fi
michael@0: fi
michael@0: expr $version + 1 > ${TESTDIR}/${HOST}
michael@0:
michael@0: HOSTDIR=${TESTDIR}/${HOST}'.'$version
michael@0:
michael@0: mkdir -p ${HOSTDIR}
michael@0: fi
michael@0:
michael@0: #result and log file and filename init,
michael@0: if [ -z "${LOGFILE}" ]; then
michael@0: LOGFILE=${HOSTDIR}/output.log
michael@0: fi
michael@0: if [ ! -f "${LOGFILE}" ]; then
michael@0: touch ${LOGFILE}
michael@0: fi
michael@0: if [ -z "${RESULTS}" ]; then
michael@0: RESULTS=${HOSTDIR}/results.html
michael@0: fi
michael@0: if [ ! -f "${RESULTS}" ]; then
michael@0: cp ${COMMON}/results_header.html ${RESULTS}
michael@0: html "Platform: ${OBJDIR}
"
michael@0: html "Test Run: ${HOST}.$version"
michael@0: html "${BC_ACTION}"
michael@0: html "
"
michael@0: html ""
michael@0:
michael@0: echo "********************************************" | tee -a ${LOGFILE}
michael@0: echo " Platform: ${OBJDIR}" | tee -a ${LOGFILE}
michael@0: echo " Results: ${HOST}.$version" | tee -a ${LOGFILE}
michael@0: echo "********************************************" | tee -a ${LOGFILE}
michael@0: echo "$BC_ACTION" | tee -a ${LOGFILE}
michael@0: #if running remote side of the distributed stress test
michael@0: # let the user know who it is...
michael@0: elif [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
michael@0: echo "********************************************" | tee -a ${LOGFILE}
michael@0: echo " Platform: ${OBJDIR}" | tee -a ${LOGFILE}
michael@0: echo " Results: ${HOST}.$version" | tee -a ${LOGFILE}
michael@0: echo " remote side of distributed stress test " | tee -a ${LOGFILE}
michael@0: echo " `uname -n -s`" | tee -a ${LOGFILE}
michael@0: echo "********************************************" | tee -a ${LOGFILE}
michael@0: fi
michael@0:
michael@0: echo "$SCRIPTNAME init: Testing PATH $PATH against LIB $LD_LIBRARY_PATH" |\
michael@0: tee -a ${LOGFILE}
michael@0:
michael@0: KILL="kill"
michael@0:
michael@0: if [ `uname -s` = "SunOS" ]; then
michael@0: PS="/usr/5bin/ps"
michael@0: else
michael@0: PS="ps"
michael@0: fi
michael@0: #found 3 rsh's so far that do not work as expected - cygnus mks6
michael@0: #(restricted sh) and mks 7 - if it is not in c:/winnt/system32 it
michael@0: #needs to be set in the environ.ksh
michael@0: if [ -z "$RSH" ]; then
michael@0: if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "CYGWIN_NT" ]; then
michael@0: RSH=/cygdrive/c/winnt/system32/rsh
michael@0: elif [ "${OS_ARCH}" = "WINNT" ]; then
michael@0: RSH=c:/winnt/system32/rsh
michael@0: else
michael@0: RSH=rsh
michael@0: fi
michael@0: fi
michael@0:
michael@0:
michael@0: #more filename and directoryname init
michael@0: CURDIR=`pwd`
michael@0:
michael@0: CU_ACTION='Unknown certutil action'
michael@0:
michael@0: # would like to preserve some tmp files, also easier to see if there
michael@0: # are "leftovers" - another possibility ${HOSTDIR}/tmp
michael@0:
michael@0: init_directories
michael@0:
michael@0: FIPSCERTNICK="FIPS_PUB_140_Test_Certificate"
michael@0:
michael@0: # domains to handle ipc based access to databases
michael@0: D_CA="TestCA.$version"
michael@0: D_ALICE="Alice.$version"
michael@0: D_BOB="Bob.$version"
michael@0: D_DAVE="Dave.$version"
michael@0: D_EVE="Eve.$version"
michael@0: D_SERVER_CA="ServerCA.$version"
michael@0: D_CLIENT_CA="ClientCA.$version"
michael@0: D_SERVER="Server.$version"
michael@0: D_CLIENT="Client.$version"
michael@0: D_FIPS="FIPS.$version"
michael@0: D_DBPASS="DBPASS.$version"
michael@0: D_ECCURVES="ECCURVES.$version"
michael@0: D_EXT_SERVER="ExtendedServer.$version"
michael@0: D_EXT_CLIENT="ExtendedClient.$version"
michael@0: D_CERT_EXTENSTIONS="CertExtensions.$version"
michael@0: D_DISTRUST="Distrust.$version"
michael@0:
michael@0: # we need relative pathnames of these files abd directories, since our
michael@0: # tools can't handle the unix style absolut pathnames on cygnus
michael@0:
michael@0: R_CADIR=../CA
michael@0: R_SERVERDIR=../server
michael@0: R_CLIENTDIR=../client
michael@0: R_IOPR_CADIR=../CA_iopr
michael@0: R_IOPR_SSL_SERVERDIR=../server_ssl_iopr
michael@0: R_IOPR_SSL_CLIENTDIR=../client_ssl_iopr
michael@0: R_IOPR_OCSP_CLIENTDIR=../client_ocsp_iopr
michael@0: R_ALICEDIR=../alicedir
michael@0: R_BOBDIR=../bobdir
michael@0: R_DAVEDIR=../dave
michael@0: R_EVEDIR=../eve
michael@0: R_EXT_SERVERDIR=../ext_server
michael@0: R_EXT_CLIENTDIR=../ext_client
michael@0: R_CERT_EXT=../cert_extensions
michael@0: R_STAPLINGDIR=../stapling
michael@0:
michael@0: #
michael@0: # profiles are either paths or domains depending on the setting of
michael@0: # MULTIACCESS_DBM
michael@0: #
michael@0: P_R_CADIR=${R_CADIR}
michael@0: P_R_ALICEDIR=${R_ALICEDIR}
michael@0: P_R_BOBDIR=${R_BOBDIR}
michael@0: P_R_DAVEDIR=${R_DAVEDIR}
michael@0: P_R_EVEDIR=${R_EVEDIR}
michael@0: P_R_SERVERDIR=${R_SERVERDIR}
michael@0: P_R_CLIENTDIR=${R_CLIENTDIR}
michael@0: P_R_EXT_SERVERDIR=${R_EXT_SERVERDIR}
michael@0: P_R_EXT_CLIENTDIR=${R_EXT_CLIENTDIR}
michael@0: if [ -n "${MULTIACCESS_DBM}" ]; then
michael@0: P_R_CADIR="multiaccess:${D_CA}"
michael@0: P_R_ALICEDIR="multiaccess:${D_ALICE}"
michael@0: P_R_BOBDIR="multiaccess:${D_BOB}"
michael@0: P_R_DAVEDIR="multiaccess:${D_DAVE}"
michael@0: P_R_EVEDIR="multiaccess:${D_EVE}"
michael@0: P_R_SERVERDIR="multiaccess:${D_SERVER}"
michael@0: P_R_CLIENTDIR="multiaccess:${D_CLIENT}"
michael@0: P_R_EXT_SERVERDIR="multiaccess:${D_EXT_SERVER}"
michael@0: P_R_EXT_CLIENTDIR="multiaccess:${D_EXT_CLIENT}"
michael@0: fi
michael@0:
michael@0: R_PWFILE=../tests.pw
michael@0: R_NOISE_FILE=../tests_noise
michael@0:
michael@0: R_FIPSPWFILE=../tests.fipspw
michael@0: R_FIPSBADPWFILE=../tests.fipsbadpw
michael@0: R_FIPSP12PWFILE=../tests.fipsp12pw
michael@0:
michael@0: trap "Exit $0 Signal_caught" 2 3
michael@0:
michael@0: export PATH LD_LIBRARY_PATH SHLIB_PATH LIBPATH DYLD_LIBRARY_PATH
michael@0: export DOMSUF HOSTADDR
michael@0: export KILL PS
michael@0: export MOZILLA_ROOT DIST TESTDIR OBJDIR QADIR
michael@0: export LOGFILE SCRIPTNAME
michael@0:
michael@0: #used for the distributed stress test, the server generates certificates
michael@0: #from GLOB_MIN_CERT to GLOB_MAX_CERT
michael@0: # NOTE - this variable actually gets initialized by directly by the
michael@0: # ssl_dist_stress.shs sl_ds_init() before init is called - need to change
michael@0: # in both places. speaking of data encapsulatioN...
michael@0:
michael@0: if [ -z "$GLOB_MIN_CERT" ] ; then
michael@0: GLOB_MIN_CERT=0
michael@0: fi
michael@0: if [ -z "$GLOB_MAX_CERT" ] ; then
michael@0: GLOB_MAX_CERT=200
michael@0: fi
michael@0: if [ -z "$MIN_CERT" ] ; then
michael@0: MIN_CERT=$GLOB_MIN_CERT
michael@0: fi
michael@0: if [ -z "$MAX_CERT" ] ; then
michael@0: MAX_CERT=$GLOB_MAX_CERT
michael@0: fi
michael@0:
michael@0: #################################################
michael@0: # CRL SSL testing constatnts
michael@0: #
michael@0:
michael@0:
michael@0: CRL_GRP_1_BEGIN=40
michael@0: CRL_GRP_1_RANGE=3
michael@0: UNREVOKED_CERT_GRP_1=41
michael@0:
michael@0: CRL_GRP_2_BEGIN=43
michael@0: CRL_GRP_2_RANGE=6
michael@0: UNREVOKED_CERT_GRP_2=46
michael@0:
michael@0: CRL_GRP_3_BEGIN=49
michael@0: CRL_GRP_3_RANGE=4
michael@0: UNREVOKED_CERT_GRP_3=51
michael@0:
michael@0: TOTAL_CRL_RANGE=`expr ${CRL_GRP_1_RANGE} + ${CRL_GRP_2_RANGE} + \
michael@0: ${CRL_GRP_3_RANGE}`
michael@0:
michael@0: TOTAL_GRP_NUM=3
michael@0:
michael@0: RELOAD_CRL=1
michael@0:
michael@0: NSS_DEFAULT_DB_TYPE="dbm"
michael@0: export NSS_DEFAULT_DB_TYPE
michael@0:
michael@0: MSG_ID_FILE="${HOSTDIR}/id"
michael@0: MSG_ID=0
michael@0: echo ${MSG_ID} > ${MSG_ID_FILE}
michael@0:
michael@0: #################################################
michael@0: # Interoperability testing constatnts
michael@0: #
michael@0: # if suite is setup for testing, IOPR_HOSTADDR_LIST should have
michael@0: # at least one host name(FQDN)
michael@0: # Example IOPR_HOSTADDR_LIST="goa1.SFBay.Sun.COM"
michael@0:
michael@0: if [ -z "`echo ${IOPR_HOSTADDR_LIST} | grep '[A-Za-z]'`" ]; then
michael@0: IOPR=0
michael@0: else
michael@0: IOPR=1
michael@0: fi
michael@0: #################################################
michael@0:
michael@0: if [ "${OS_ARCH}" != "WINNT" -a "${OS_ARCH}" != "Android" ]; then
michael@0: ulimit -c unlimited
michael@0: fi
michael@0:
michael@0: SCRIPTNAME=$0
michael@0: INIT_SOURCED=TRUE #whatever one does - NEVER export this one please
michael@0: fi
|