michael@0: #! /bin/bash michael@0: # michael@0: # This Source Code Form is subject to the terms of the Mozilla Public michael@0: # License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: # file, You can obtain one at http://mozilla.org/MPL/2.0/. michael@0: michael@0: ######################################################################## michael@0: # michael@0: # mozilla/security/nss/tests/dbtest/dbtest.sh michael@0: # michael@0: # Certificate generating and handeling for NSS QA, can be included michael@0: # multiple times from all.sh and the individual scripts michael@0: # michael@0: # needs to work on all Unix and Windows platforms michael@0: # michael@0: # included from (don't expect this to be up to date) michael@0: # -------------------------------------------------- michael@0: # all.sh michael@0: # ssl.sh michael@0: # smime.sh michael@0: # tools.sh michael@0: # michael@0: # special strings michael@0: # --------------- michael@0: # FIXME ... known problems, search for this string michael@0: # NOTE .... unexpected behavior michael@0: # michael@0: # FIXME - Netscape - NSS michael@0: ######################################################################## michael@0: michael@0: ############################## dbtest_init ############################### michael@0: # local shell function to initialize this script michael@0: ######################################################################## michael@0: dbtest_init() michael@0: { michael@0: SCRIPTNAME="dbtests.sh" michael@0: if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for michael@0: CLEANUP="${SCRIPTNAME}" # cleaning this script will do it michael@0: fi michael@0: if [ -z "${INIT_SOURCED}" ] ; then michael@0: cd ../common michael@0: . ./init.sh michael@0: fi michael@0: if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here michael@0: cd ../cert michael@0: . ./cert.sh michael@0: fi michael@0: michael@0: SCRIPTNAME="dbtests.sh" michael@0: RONLY_DIR=${HOSTDIR}/ronlydir michael@0: EMPTY_DIR=${HOSTDIR}/emptydir michael@0: CONFLICT_DIR=${HOSTDIR}/conflictdir michael@0: michael@0: html_head "CERT and Key DB Tests" michael@0: michael@0: } michael@0: michael@0: ############################## dbtest_cleanup ############################ michael@0: # local shell function to finish this script (no exit since it might be michael@0: # sourced) michael@0: ######################################################################## michael@0: dbtest_cleanup() michael@0: { michael@0: html "
" michael@0: cd ${QADIR} michael@0: chmod a+rw $RONLY_DIR michael@0: . common/cleanup.sh michael@0: } michael@0: michael@0: Echo() michael@0: { michael@0: echo michael@0: echo "---------------------------------------------------------------" michael@0: echo "| $*" michael@0: echo "---------------------------------------------------------------" michael@0: } michael@0: dbtest_main() michael@0: { michael@0: cd ${HOSTDIR} michael@0: michael@0: michael@0: Echo "test opening the database read/write in a nonexisting directory" michael@0: ${BINDIR}/certutil -L -X -d ./non_existent_dir michael@0: ret=$? michael@0: if [ $ret -ne 255 ]; then michael@0: html_failed "Certutil succeeded in a nonexisting directory $ret" michael@0: else michael@0: html_passed "Certutil didn't work in a nonexisting dir $ret" michael@0: fi michael@0: ${BINDIR}/dbtest -r -d ./non_existent_dir michael@0: ret=$? michael@0: if [ $ret -ne 46 ]; then michael@0: html_failed "Dbtest readonly succeeded in a nonexisting directory $ret" michael@0: else michael@0: html_passed "Dbtest readonly didn't work in a nonexisting dir $ret" michael@0: fi michael@0: michael@0: Echo "test force opening the database in a nonexisting directory" michael@0: ${BINDIR}/dbtest -f -d ./non_existent_dir michael@0: ret=$? michael@0: if [ $ret -ne 0 ]; then michael@0: html_failed "Dbtest force failed in a nonexisting directory $ret" michael@0: else michael@0: html_passed "Dbtest force succeeded in a nonexisting dir $ret" michael@0: fi michael@0: michael@0: Echo "test opening the database readonly in an empty directory" michael@0: mkdir $EMPTY_DIR michael@0: ${BINDIR}/tstclnt -h ${HOST} -d $EMPTY_DIR michael@0: ret=$? michael@0: if [ $ret -ne 1 ]; then michael@0: html_failed "Tstclnt succeded in an empty directory $ret" michael@0: else michael@0: html_passed "Tstclnt didn't work in an empty dir $ret" michael@0: fi michael@0: ${BINDIR}/dbtest -r -d $EMPTY_DIR michael@0: ret=$? michael@0: if [ $ret -ne 46 ]; then michael@0: html_failed "Dbtest readonly succeeded in an empty directory $ret" michael@0: else michael@0: html_passed "Dbtest readonly didn't work in an empty dir $ret" michael@0: fi michael@0: rm -rf $EMPTY_DIR/* 2>/dev/null michael@0: ${BINDIR}/dbtest -i -d $EMPTY_DIR michael@0: ret=$? michael@0: if [ $ret -ne 0 ]; then michael@0: html_failed "Dbtest logout after empty DB Init loses key $ret" michael@0: else michael@0: html_passed "Dbtest logout after empty DB Init has key" michael@0: fi michael@0: rm -rf $EMPTY_DIR/* 2>/dev/null michael@0: ${BINDIR}/dbtest -i -p pass -d $EMPTY_DIR michael@0: ret=$? michael@0: if [ $ret -ne 0 ]; then michael@0: html_failed "Dbtest password DB Init loses needlogin state $ret" michael@0: else michael@0: html_passed "Dbtest password DB Init maintains needlogin state" michael@0: fi michael@0: rm -rf $EMPTY_DIR/* 2>/dev/null michael@0: ${BINDIR}/certutil -D -n xxxx -d $EMPTY_DIR #created DB michael@0: ret=$? michael@0: if [ $ret -ne 255 ]; then michael@0: html_failed "Certutil succeeded in deleting a cert in an empty directory $ret" michael@0: else michael@0: html_passed "Certutil didn't work in an empty dir $ret" michael@0: fi michael@0: rm -rf $EMPTY_DIR/* 2>/dev/null michael@0: Echo "test force opening the database readonly in a empty directory" michael@0: ${BINDIR}/dbtest -r -f -d $EMPTY_DIR michael@0: ret=$? michael@0: if [ $ret -ne 0 ]; then michael@0: html_failed "Dbtest force readonly failed in an empty directory $ret" michael@0: else michael@0: html_passed "Dbtest force readonly succeeded in an empty dir $ret" michael@0: fi michael@0: michael@0: Echo "test opening the database r/w in a readonly directory" michael@0: mkdir $RONLY_DIR michael@0: cp -r ${CLIENTDIR}/* $RONLY_DIR michael@0: chmod -w $RONLY_DIR $RONLY_DIR/* michael@0: michael@0: # On Mac OS X 10.1, if we do a "chmod -w" on files in an michael@0: # NFS-mounted directory, it takes several seconds for the michael@0: # first open to see the files are readonly, but subsequent michael@0: # opens immediately see the files are readonly. As a michael@0: # workaround we open the files once first. (Bug 185074) michael@0: if [ "${OS_ARCH}" = "Darwin" ]; then michael@0: cat $RONLY_DIR/* > /dev/null michael@0: fi michael@0: michael@0: ${BINDIR}/dbtest -d $RONLY_DIR michael@0: ret=$? michael@0: if [ $ret -ne 46 ]; then michael@0: html_failed "Dbtest r/w succeeded in an readonly directory $ret" michael@0: else michael@0: html_passed "Dbtest r/w didn't work in an readonly dir $ret" michael@0: fi michael@0: ${BINDIR}/certutil -D -n "TestUser" -d . michael@0: ret=$? michael@0: if [ $ret -ne 255 ]; then michael@0: html_failed "Certutil succeeded in deleting a cert in an readonly directory $ret" michael@0: else michael@0: html_passed "Certutil didn't work in an readonly dir $ret" michael@0: fi michael@0: michael@0: Echo "test opening the database ronly in a readonly directory" michael@0: michael@0: ${BINDIR}/dbtest -d $RONLY_DIR -r michael@0: ret=$? michael@0: if [ $ret -ne 0 ]; then michael@0: html_failed "Dbtest readonly failed in a readonly directory $ret" michael@0: else michael@0: html_passed "Dbtest readonly succeeded in a readonly dir $ret" michael@0: fi michael@0: michael@0: Echo "test force opening the database r/w in a readonly directory" michael@0: ${BINDIR}/dbtest -d $RONLY_DIR -f michael@0: ret=$? michael@0: if [ $ret -ne 0 ]; then michael@0: html_failed "Dbtest force failed in a readonly directory $ret" michael@0: else michael@0: html_passed "Dbtest force succeeded in a readonly dir $ret" michael@0: fi michael@0: michael@0: Echo "ls -l $RONLY_DIR" michael@0: ls -ld $RONLY_DIR $RONLY_DIR/* michael@0: michael@0: mkdir ${CONFLICT_DIR} michael@0: Echo "test creating a new cert with a conflicting nickname" michael@0: cd ${CONFLICT_DIR} michael@0: pwd michael@0: ${BINDIR}/certutil -N -d ${CONFLICT_DIR} -f ${R_PWFILE} michael@0: ret=$? michael@0: if [ $ret -ne 0 ]; then michael@0: html_failed "Nicknane conflict test failed, couldn't create database $ret" michael@0: else michael@0: ${BINDIR}/certutil -A -n alice -t ,, -i ${R_ALICEDIR}/Alice.cert -d ${CONFLICT_DIR} michael@0: ret=$? michael@0: if [ $ret -ne 0 ]; then michael@0: html_failed "Nicknane conflict test failed, couldn't import alice cert $ret" michael@0: else michael@0: ${BINDIR}/certutil -A -n alice -t ,, -i ${R_BOBDIR}/Bob.cert -d ${CONFLICT_DIR} michael@0: ret=$? michael@0: if [ $ret -eq 0 ]; then michael@0: html_failed "Nicknane conflict test failed, could import conflict nickname $ret" michael@0: else michael@0: html_passed "Nicknane conflict test, could not import conflict nickname $ret" michael@0: fi michael@0: fi michael@0: fi michael@0: michael@0: Echo "test importing an old cert to a conflicting nickname" michael@0: # first, import the certificate michael@0: ${BINDIR}/certutil -A -n bob -t ,, -i ${R_BOBDIR}/Bob.cert -d ${CONFLICT_DIR} michael@0: # now import with a different nickname michael@0: ${BINDIR}/certutil -A -n alice -t ,, -i ${R_BOBDIR}/Bob.cert -d ${CONFLICT_DIR} michael@0: # the old one should still be there... michael@0: ${BINDIR}/certutil -L -n bob -d ${CONFLICT_DIR} michael@0: ret=$? michael@0: if [ $ret -ne 0 ]; then michael@0: html_failed "Nicknane conflict test-setting nickname conflict incorrectly worked" michael@0: else michael@0: html_passed "Nicknane conflict test-setting nickname conflict was correctly rejected" michael@0: fi michael@0: michael@0: } michael@0: michael@0: ################## main ################################################# michael@0: michael@0: dbtest_init michael@0: dbtest_main 2>&1 michael@0: dbtest_cleanup