michael@0: #!/bin/bash
michael@0: #
michael@0: # This Source Code Form is subject to the terms of the Mozilla Public
michael@0: # License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0: # file, You can obtain one at http://mozilla.org/MPL/2.0/.
michael@0:
michael@0: ########################################################################
michael@0: #
michael@0: # mozilla/security/nss/tests/all.sh
michael@0: #
michael@0: # Script to start selected available NSS QA suites on one machine
michael@0: # this script is called or sourced by NSS QA which runs on all required
michael@0: # platforms
michael@0: #
michael@0: # Needs to work on all Unix and Windows platforms
michael@0: #
michael@0: # Currently available NSS QA suites:
michael@0: # ----------------------------------
michael@0: # cipher.sh - tests NSS ciphers
michael@0: # libpkix.sh - tests PKIX functionality
michael@0: # cert.sh - exercises certutil and creates certs necessary for
michael@0: # all other tests
michael@0: # dbtests.sh - tests related to certificate databases
michael@0: # tools.sh - tests the majority of the NSS tools
michael@0: # fips.sh - tests basic functionallity of NSS in FIPS-compliant
michael@0: # - mode
michael@0: # sdr.sh - tests NSS SDR
michael@0: # crmf.sh - CRMF/CMMF testing
michael@0: # smime.sh - S/MIME testing
michael@0: # ssl.sh - tests SSL V2 SSL V3 and TLS
michael@0: # ocsp.sh - OCSP testing
michael@0: # merge.sh - tests merging old and new shareable databases
michael@0: # pkits.sh - NIST/PKITS tests
michael@0: # chains.sh - PKIX cert chains tests
michael@0: # dbupgrade.sh - upgrade databases to new shareable version (used
michael@0: # only in upgrade test cycle)
michael@0: # memleak.sh - memory leak testing (optional)
michael@0: #
michael@0: # NSS testing is now devided to 4 cycles:
michael@0: # ---------------------------------------
michael@0: # standard - run test suites with defaults settings
michael@0: # pkix - run test suites with PKIX enabled
michael@0: # upgradedb - upgrade existing certificate databases to shareable
michael@0: # format (creates them if doesn't exist yet) and run
michael@0: # test suites with those databases
michael@0: # sharedb - run test suites with shareable database format
michael@0: # enabled (databases are created directly to this
michael@0: # format)
michael@0: #
michael@0: # Mandatory environment variables (to be set before testing):
michael@0: # -----------------------------------------------------------
michael@0: # HOST - test machine host name
michael@0: # DOMSUF - test machine domain name
michael@0: #
michael@0: # Optional environment variables to specify build to use:
michael@0: # -------------------------------------------------------
michael@0: # BUILT_OPT - use optimized/debug build
michael@0: # USE_64 - use 64bit/32bit build
michael@0: #
michael@0: # Optional environment variables to enable specific NSS features:
michael@0: # ---------------------------------------------------------------
michael@0: # NSS_DISABLE_ECC - disable ECC
michael@0: # NSS_ECC_MORE_THAN_SUITE_B - enable extended ECC
michael@0: #
michael@0: # Optional environment variables to select which cycles/suites to test:
michael@0: # ---------------------------------------------------------------------
michael@0: # NSS_CYCLES - list of cycles to run (separated by space
michael@0: # character)
michael@0: # - by default all cycles are tested
michael@0: #
michael@0: # NSS_TESTS - list of all test suites to run (separated by space
michael@0: # character, without trailing .sh)
michael@0: # - this list can be reduced for individual test cycles
michael@0: #
michael@0: # NSS_SSL_TESTS - list of ssl tests to run (see ssl.sh)
michael@0: # NSS_SSL_RUN - list of ssl sub-tests to run (see ssl.sh)
michael@0: #
michael@0: # Testing schema:
michael@0: # ---------------
michael@0: # all.sh ~ (main)
michael@0: # | |
michael@0: # +------------+------------+-----------+ ~ run_cycles
michael@0: # | | | | |
michael@0: # standard pkix upgradedb sharedb ~ run_cycle_*
michael@0: # | |
michael@0: # +------+------+------+-----> ~ run_tests
michael@0: # | | | | |
michael@0: # cert tools fips ssl ... ~ . *.sh
michael@0: #
michael@0: # Special strings:
michael@0: # ----------------
michael@0: # FIXME ... known problems, search for this string
michael@0: # NOTE .... unexpected behavior
michael@0: #
michael@0: # NOTE:
michael@0: # -----
michael@0: # Unlike the old QA this is based on files sourcing each other
michael@0: # This is done to save time, since a great portion of time is lost
michael@0: # in calling and sourcing the same things multiple times over the
michael@0: # network. Also, this way all scripts have all shell function
michael@0: # available and a completely common environment
michael@0: #
michael@0: ########################################################################
michael@0:
michael@0: ############################## run_tests ###############################
michael@0: # run test suites defined in TESTS variable, skip scripts defined in
michael@0: # TESTS_SKIP variable
michael@0: ########################################################################
michael@0: run_tests()
michael@0: {
michael@0: for TEST in ${TESTS}
michael@0: do
michael@0: echo "${TESTS_SKIP}" | grep "${TEST}" > /dev/null
michael@0: if [ $? -eq 0 ]; then
michael@0: continue
michael@0: fi
michael@0:
michael@0: SCRIPTNAME=${TEST}.sh
michael@0: echo "Running tests for ${TEST}"
michael@0: echo "TIMESTAMP ${TEST} BEGIN: `date`"
michael@0: (cd ${QADIR}/${TEST}; . ./${SCRIPTNAME} 2>&1)
michael@0: echo "TIMESTAMP ${TEST} END: `date`"
michael@0: done
michael@0: }
michael@0:
michael@0: ########################## run_cycle_standard ##########################
michael@0: # run test suites with defaults settings (no PKIX, no sharedb)
michael@0: ########################################################################
michael@0: run_cycle_standard()
michael@0: {
michael@0: TEST_MODE=STANDARD
michael@0:
michael@0: TESTS="${ALL_TESTS}"
michael@0: TESTS_SKIP=
michael@0:
michael@0: run_tests
michael@0: }
michael@0:
michael@0: ############################ run_cycle_pkix ############################
michael@0: # run test suites with PKIX enabled
michael@0: ########################################################################
michael@0: run_cycle_pkix()
michael@0: {
michael@0: TEST_MODE=PKIX
michael@0:
michael@0: TABLE_ARGS="bgcolor=cyan"
michael@0: html_head "Testing with PKIX"
michael@0: html "
"
michael@0:
michael@0: HOSTDIR="${HOSTDIR}/pkix"
michael@0: mkdir -p "${HOSTDIR}"
michael@0: init_directories
michael@0:
michael@0: NSS_ENABLE_PKIX_VERIFY="1"
michael@0: export NSS_ENABLE_PKIX_VERIFY
michael@0:
michael@0: TESTS="${ALL_TESTS}"
michael@0: TESTS_SKIP="cipher dbtests sdr crmf smime merge multinit"
michael@0:
michael@0: echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
michael@0: RET=$?
michael@0: NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/bypass//g" -e "s/fips//g" -e "s/_//g"`
michael@0: [ ${RET} -eq 0 ] && NSS_SSL_TESTS="${NSS_SSL_TESTS} bypass_bypass"
michael@0:
michael@0: run_tests
michael@0: }
michael@0:
michael@0: ######################### run_cycle_upgrade_db #########################
michael@0: # upgrades certificate database to shareable format and run test suites
michael@0: # with those databases
michael@0: ########################################################################
michael@0: run_cycle_upgrade_db()
michael@0: {
michael@0: TEST_MODE=UPGRADE_DB
michael@0:
michael@0: TABLE_ARGS="bgcolor=pink"
michael@0: html_head "Testing with upgraded library"
michael@0: html "
"
michael@0:
michael@0: OLDHOSTDIR="${HOSTDIR}"
michael@0: HOSTDIR="${HOSTDIR}/upgradedb"
michael@0: mkdir -p "${HOSTDIR}"
michael@0: init_directories
michael@0:
michael@0: if [ -r "${OLDHOSTDIR}/cert.log" ]; then
michael@0: DIRS="alicedir bobdir CA cert_extensions client clientCA dave eccurves eve ext_client ext_server fips SDR server serverCA stapling tools/copydir cert.log cert.done tests.*"
michael@0: for i in $DIRS
michael@0: do
michael@0: cp -r ${OLDHOSTDIR}/${i} ${HOSTDIR} #2> /dev/null
michael@0: done
michael@0: fi
michael@0:
michael@0: # upgrade certs dbs to shared db
michael@0: TESTS="dbupgrade"
michael@0: TESTS_SKIP=
michael@0:
michael@0: run_tests
michael@0:
michael@0: NSS_DEFAULT_DB_TYPE="sql"
michael@0: export NSS_DEFAULT_DB_TYPE
michael@0:
michael@0: # run the subset of tests with the upgraded database
michael@0: TESTS="${ALL_TESTS}"
michael@0: TESTS_SKIP="cipher libpkix cert dbtests sdr ocsp pkits chains"
michael@0:
michael@0: echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
michael@0: RET=$?
michael@0: NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/bypass//g" -e "s/fips//g" -e "s/_//g"`
michael@0: [ ${RET} -eq 0 ] && NSS_SSL_TESTS="${NSS_SSL_TESTS} bypass_bypass"
michael@0: NSS_SSL_RUN=`echo "${NSS_SSL_RUN}" | sed -e "s/cov//g" -e "s/auth//g"`
michael@0:
michael@0: run_tests
michael@0: }
michael@0:
michael@0: ########################## run_cycle_shared_db #########################
michael@0: # run test suites with certificate databases set to shareable format
michael@0: ########################################################################
michael@0: run_cycle_shared_db()
michael@0: {
michael@0: TEST_MODE=SHARED_DB
michael@0:
michael@0: TABLE_ARGS="bgcolor=yellow"
michael@0: html_head "Testing with shared library"
michael@0: html "
"
michael@0:
michael@0: HOSTDIR="${HOSTDIR}/sharedb"
michael@0: mkdir -p "${HOSTDIR}"
michael@0: init_directories
michael@0:
michael@0: NSS_DEFAULT_DB_TYPE="sql"
michael@0: export NSS_DEFAULT_DB_TYPE
michael@0:
michael@0: # run the tests for native sharedb support
michael@0: TESTS="${ALL_TESTS}"
michael@0: TESTS_SKIP="cipher libpkix dbupgrade sdr ocsp pkits"
michael@0:
michael@0: echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
michael@0: RET=$?
michael@0: NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/bypass//g" -e "s/fips//g" -e "s/_//g"`
michael@0: [ ${RET} -eq 0 ] && NSS_SSL_TESTS="${NSS_SSL_TESTS} bypass_bypass"
michael@0: NSS_SSL_RUN=`echo "${NSS_SSL_RUN}" | sed -e "s/cov//g" -e "s/auth//g"`
michael@0:
michael@0: run_tests
michael@0: }
michael@0:
michael@0: ############################# run_cycles ###############################
michael@0: # run test cycles defined in CYCLES variable
michael@0: ########################################################################
michael@0: run_cycles()
michael@0: {
michael@0: for CYCLE in ${CYCLES}
michael@0: do
michael@0: case "${CYCLE}" in
michael@0: "standard")
michael@0: run_cycle_standard
michael@0: ;;
michael@0: "pkix")
michael@0: run_cycle_pkix
michael@0: ;;
michael@0: "upgradedb")
michael@0: run_cycle_upgrade_db
michael@0: ;;
michael@0: "sharedb")
michael@0: run_cycle_shared_db
michael@0: ;;
michael@0: esac
michael@0: . ${ENV_BACKUP}
michael@0: done
michael@0: }
michael@0:
michael@0: ############################## main code ###############################
michael@0:
michael@0: cycles="standard pkix upgradedb sharedb"
michael@0: CYCLES=${NSS_CYCLES:-$cycles}
michael@0:
michael@0: tests="cipher lowhash libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains"
michael@0: TESTS=${NSS_TESTS:-$tests}
michael@0:
michael@0: ALL_TESTS=${TESTS}
michael@0:
michael@0: nss_ssl_tests="crl bypass_normal normal_bypass fips_normal normal_fips iopr"
michael@0: NSS_SSL_TESTS="${NSS_SSL_TESTS:-$nss_ssl_tests}"
michael@0:
michael@0: nss_ssl_run="cov auth stapling stress"
michael@0: NSS_SSL_RUN="${NSS_SSL_RUN:-$nss_ssl_run}"
michael@0:
michael@0: SCRIPTNAME=all.sh
michael@0: CLEANUP="${SCRIPTNAME}"
michael@0: cd `dirname $0`
michael@0:
michael@0: # all.sh should be the first one to try to source the init
michael@0: if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
michael@0: cd common
michael@0: . ./init.sh
michael@0: fi
michael@0:
michael@0: # NOTE:
michael@0: # Since in make at the top level, modutil is the last file
michael@0: # created, we check for modutil to know whether the build
michael@0: # is complete. If a new file is created after that, the
michael@0: # following test for modutil should check for that instead.
michael@0: # Exception: when building softoken only, shlibsign is the
michael@0: # last file created.
michael@0: if [ ${NSS_BUILD_SOFTOKEN_ONLY} -eq "1" ]; then
michael@0: LAST_FILE_BUILT=shlibsign
michael@0: else
michael@0: LAST_FILE_BUILT=modutil
michael@0: fi
michael@0:
michael@0: if [ ! -f ${DIST}/${OBJDIR}/bin/${LAST_FILE_BUILT}${PROG_SUFFIX} ]; then
michael@0: echo "Build Incomplete. Aborting test." >> ${LOGFILE}
michael@0: html_head "Testing Initialization"
michael@0: Exit "Checking for build"
michael@0: fi
michael@0:
michael@0: # NOTE:
michael@0: # Lists of enabled tests and other settings are stored to ${ENV_BACKUP}
michael@0: # file and are are restored after every test cycle.
michael@0:
michael@0: ENV_BACKUP=${HOSTDIR}/env.sh
michael@0: env_backup > ${ENV_BACKUP}
michael@0:
michael@0: if [ "${O_CRON}" = "ON" ]; then
michael@0: run_cycles >> ${LOGFILE}
michael@0: else
michael@0: run_cycles | tee -a ${LOGFILE}
michael@0: fi
michael@0:
michael@0: SCRIPTNAME=all.sh
michael@0:
michael@0: . ${QADIR}/common/cleanup.sh
michael@0: