mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-01 06:35:42 +00:00
12f6bbbff2
--HG-- rename : security/nss/lib/freebl/sechash.h => security/nss/lib/cryptohi/sechash.h rename : security/nss/lib/softoken/secmodt.h => security/nss/lib/pk11wrap/secmodt.h rename : security/nss/lib/freebl/hasht.h => security/nss/lib/util/hasht.h extra : rebase_source : 7da6cd73ca2605a261085ad7fb3b90315e38ad6b
979 lines
39 KiB
Bash
Executable File
979 lines
39 KiB
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# This Source Code Form is subject to the terms of the Mozilla Public
|
|
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
#
|
|
# PRIOR TO RUNNING THIS SCRIPT
|
|
# you should adjust MAIL_COMMAND and QA_LIST
|
|
#
|
|
# External dependencies:
|
|
# - install the NISCC test files, e.g. at /niscc (readonly OK)
|
|
# - libfaketimeMT because the test certificates have expired
|
|
# - build environment for building NSS
|
|
# - gdb to analyze core files
|
|
# - a command line mail tool (e.g. mailx)
|
|
# - openssl to combine input PEM files into pkcs#12
|
|
# - curl for obtaining version information from the web
|
|
#
|
|
|
|
################################################################################
|
|
# Print script usage
|
|
################################################################################
|
|
usage()
|
|
{
|
|
cat << EOF
|
|
Usage: $0 [options]
|
|
|
|
Test NSS library against NISCC SMIME and TLS testcases.
|
|
|
|
Options:
|
|
-h, --help print this help message and exit
|
|
-v, --verbose enable extra verbose output
|
|
--niscc-home DIR use NISCC testcases from directory DIR (default /niscc)
|
|
--host HOST use host HOST (default '127.0.0.1')
|
|
--threads X set thread number to X (max. 10, default 10)
|
|
--out DIR set DIR as output directory (default '/out')
|
|
--mail ADDRESS send mail with test result to ADDRESS
|
|
--nss DIR set NSS directory to DIR (default '~/cvs/nss')
|
|
--nss-hack DIR set hacked NSS directory to DIR (default '~/cvs/nss_hack')
|
|
--log-store store all the logs (only summary by default)
|
|
--no-build-test don't pull and build tested NSS
|
|
--no-build-hack don't pull and build hacked NSS
|
|
--test-system test system installed NSS
|
|
--date DATE use DATE in log archive name and outgoing email
|
|
--libfaketime path.so use faketime library with LD_PRELOAD=path.so
|
|
--smallset test only a very small subset
|
|
|
|
All options are optional.
|
|
All options (and possibly more) can be also set through environment variables.
|
|
Commandline options have higher priority than environment variables.
|
|
For more information please refer to the source code of this script.
|
|
|
|
For a successfull run the script NEEDS the core file pattern to be 'core.*',
|
|
e.g. 'core.%t'. You can check the current pattern in
|
|
'/proc/sys/kernel/core_pattern'. Otherwise the test will be unable to detect
|
|
any failures and will pass every time.
|
|
|
|
It is recommended to use hacked and tested binaries in a location, where their
|
|
absolute path is max. 80 characters. If their path is longer and a core file is
|
|
generated, its properties may be incomplete.
|
|
|
|
Return value of the script indicates how many failures it experienced.
|
|
|
|
EOF
|
|
exit $1
|
|
}
|
|
|
|
################################################################################
|
|
# Process command-line arguments
|
|
################################################################################
|
|
process_args()
|
|
{
|
|
HELP="false"
|
|
args=`getopt -u -l "niscc-home:,host:,threads:,out:,verbose,mail:,nss:,nss-hack:,log-store,no-build-test,no-build-hack,help,test-system,date:,libfaketime:,smallset" -- "hv" $*`
|
|
[ "$?" != "0" ] && usage 1
|
|
set -- $args
|
|
for i; do
|
|
case "$i" in
|
|
-v|--verbose)
|
|
shift
|
|
VERBOSE="-v"
|
|
;;
|
|
--niscc-home)
|
|
shift
|
|
NISCC_HOME="$1"
|
|
shift
|
|
;;
|
|
--host)
|
|
shift
|
|
HOST="$1"
|
|
shift
|
|
;;
|
|
--threads)
|
|
shift
|
|
THREADS="$1"
|
|
shift
|
|
;;
|
|
--out)
|
|
shift
|
|
TEST_OUTPUT="$1"
|
|
shift
|
|
;;
|
|
--mail)
|
|
shift
|
|
USE_MAIL="true"
|
|
QA_LIST="$1"
|
|
shift
|
|
;;
|
|
--nss)
|
|
shift
|
|
LOCALDIST="$1"
|
|
shift
|
|
;;
|
|
--nss-hack)
|
|
shift
|
|
NSS_HACK="$1"
|
|
shift
|
|
;;
|
|
--log-store)
|
|
shift
|
|
LOG_STORE="true"
|
|
;;
|
|
--no-build-test)
|
|
shift
|
|
NO_BUILD_TEST="true"
|
|
;;
|
|
--no-build-hack)
|
|
shift
|
|
NO_BUILD_HACK="true"
|
|
;;
|
|
-h|--help)
|
|
shift
|
|
HELP="true"
|
|
;;
|
|
--test-system)
|
|
shift
|
|
TEST_SYSTEM="true"
|
|
;;
|
|
--date)
|
|
shift
|
|
DATE="$1"
|
|
shift
|
|
;;
|
|
--libfaketime)
|
|
shift
|
|
FAKETIMELIB="$1"
|
|
shift
|
|
;;
|
|
--smallset)
|
|
shift
|
|
SMALLSET="true"
|
|
;;
|
|
--)
|
|
;;
|
|
*)
|
|
;;
|
|
esac
|
|
done
|
|
[ $HELP = "true" ] && usage 0
|
|
}
|
|
|
|
################################################################################
|
|
# Create and set needed and useful environment variables
|
|
################################################################################
|
|
create_environment()
|
|
{
|
|
# Base location of NISCC testcases
|
|
export NISCC_HOME=${NISCC_HOME:-/niscc}
|
|
|
|
# Base location of NSS
|
|
export CVS=${CVS:-"$HOME/cvs"}
|
|
|
|
# NSS being tested
|
|
export LOCALDIST=${LOCALDIST:-"${CVS}/nss"}
|
|
|
|
# Hacked NSS - built with "NISCC_TEST=1"
|
|
export NSS_HACK=${NSS_HACK:-"${CVS}/nss_hack"}
|
|
|
|
# Hostname of the testmachine
|
|
export HOST=${HOST:-127.0.0.1}
|
|
|
|
# Whether to store logfiles
|
|
export LOG_STORE=${LOG_STORE:-"false"}
|
|
|
|
# Whether to mail the summary
|
|
export USE_MAIL=${USE_MAIL:-"false"}
|
|
|
|
# How to mail summary
|
|
export MAIL_COMMAND=${MAIL_COMMAND:-"mailx -S smtp=smtp://your.smtp.server:25 -r your+niscc@email.address"}
|
|
|
|
# List of mail addresses where to send summary
|
|
export QA_LIST=${QA_LIST:-"result@recipient.address"}
|
|
|
|
# Whether to use 64b build
|
|
export USE_64=${USE_64:-1}
|
|
|
|
# Directory where to write all the output data (around 650MiB for each run)
|
|
export TEST_OUTPUT=${TEST_OUTPUT:-"$HOME/out"}
|
|
|
|
# How many threads to use in selfserv and strsclnt (max. 10)
|
|
export THREADS=${THREADS:-10}
|
|
|
|
# If true, do not build tthe tested version of NSS
|
|
export NO_BUILD_TEST=${NO_BUILD_TEST:-"false"}
|
|
|
|
# If true, do not build the special NSS version for NISCC
|
|
export NO_BUILD_HACK=${NO_BUILD_HACK:-"false"}
|
|
|
|
# If true, do not rebuild client and server directories
|
|
export NO_SETUP=${NO_SETUP:-"false"}
|
|
|
|
# Location of NISCC SSL/TLS testcases
|
|
export TEST=${TEST:-"${NISCC_HOME}/NISCC_SSL_testcases"}
|
|
|
|
# If true, then be extra verbose
|
|
export VERBOSE=${VERBOSE:-""}
|
|
|
|
# If true, test the system installed NSS
|
|
export TEST_SYSTEM=${TEST_SYSTEM:-"false"}
|
|
[ "$TEST_SYSTEM" = "true" ] && export NO_BUILD_TEST="true"
|
|
|
|
[ ! -z "$VERBOSE" ] && set -xv
|
|
|
|
# Real date for naming of archives (system date must be 2002-11-18 .. 2007-11-18 due to certificate validity
|
|
DATE=${DATE:-`date`}
|
|
export DATE=`date -d "$DATE" +%Y%m%d`
|
|
|
|
FAKETIMELIB=${FAKETIMELIB:-""}
|
|
export DATE=`date -d "$DATE" +%Y%m%d`
|
|
|
|
# Whether to test only a very small subset
|
|
export SMALLSET=${SMALLSET:-"false"}
|
|
|
|
# Create output dir if it doesn't exist
|
|
mkdir -p ${TEST_OUTPUT}
|
|
}
|
|
|
|
################################################################################
|
|
# Do a cvs pull of NSS
|
|
################################################################################
|
|
cvs_pull()
|
|
{
|
|
# Tested NSS - by default using current CVS HEAD
|
|
if [ "$NO_BUILD_TEST" = "false" ]; then
|
|
echo "cloning NSS sources to be tested from CVS"
|
|
[ ! -d "$LOCALDIST" ] && mkdir -p "$LOCALDIST"
|
|
cd "$LOCALDIST"
|
|
cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r HEAD NSPR &>> $TEST_OUTPUT/nisccBuildLog
|
|
cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r HEAD NSS &>> $TEST_OUTPUT/nisccBuildLog
|
|
#find . -exec touch {} \;
|
|
fi
|
|
|
|
# Hacked NSS - by default using some RTM version.
|
|
# Do not use HEAD for hacked NSS - it needs to be stable and bug-free
|
|
if [ "$NO_BUILD_HACK" = "false" ]; then
|
|
echo "cloning NSS sources for a hacked build from CVS"
|
|
[ ! -d "$NSS_HACK" ] && mkdir -p "$NSS_HACK"
|
|
cd "$NSS_HACK"
|
|
NSPR_TAG=`curl http://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/nsprpub/TAG-INFO | head -1 | awk '{print $1}'`
|
|
NSS_TAG=`curl http://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/security/nss/TAG-INFO | head -1 | awk '{print $1}'`
|
|
cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r $NSPR_TAG NSPR &>> $TEST_OUTPUT/nisccBuildLogHack
|
|
cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co -r $NSS_TAG NSS &>> $TEST_OUTPUT/nisccBuildLogHack
|
|
#find . -exec touch {} \;
|
|
fi
|
|
}
|
|
|
|
################################################################################
|
|
# Build NSS after setting make variable NISCC_TEST
|
|
################################################################################
|
|
build_NSS()
|
|
{
|
|
# Tested NSS
|
|
if [ "$NO_BUILD_TEST" = "false" ]; then
|
|
echo "building NSS to be tested"
|
|
cd "$LOCALDIST"
|
|
unset NISCC_TEST
|
|
cd mozilla/security/nss
|
|
gmake nss_clean_all &>> $TEST_OUTPUT/nisccBuildLog
|
|
gmake nss_build_all &>> $TEST_OUTPUT/nisccBuildLog
|
|
fi
|
|
|
|
# Hacked NSS
|
|
if [ "$NO_BUILD_HACK" = "false" ]; then
|
|
echo "building hacked NSS"
|
|
cd "$NSS_HACK"
|
|
export NISCC_TEST=1
|
|
cd mozilla/security/nss
|
|
gmake nss_clean_all &>> $TEST_OUTPUT/nisccBuildLogHack
|
|
gmake nss_build_all &>> $TEST_OUTPUT/nisccBuildLogHack
|
|
fi
|
|
|
|
unset NISCC_TEST
|
|
}
|
|
|
|
################################################################################
|
|
# Set build dir, bin and lib directories
|
|
################################################################################
|
|
init()
|
|
{
|
|
# Enable useful core files to be generated in case of crash
|
|
ulimit -c unlimited
|
|
|
|
# Pattern of core files, they should be created in current directory
|
|
echo "core_pattern $(cat /proc/sys/kernel/core_pattern)" > "$TEST_OUTPUT/nisccLog00"
|
|
|
|
# gmake is needed in the path for this suite to run
|
|
echo "PATH $PATH" >> "$TEST_OUTPUT/nisccLog00"
|
|
|
|
# Find out hacked NSS version
|
|
DISTTYPE=`cd "$NSS_HACK/mozilla/security/nss/tests/common"; gmake objdir_name`
|
|
echo "NSS_HACK DISTTYPE $DISTTYPE" >> "$TEST_OUTPUT/nisccLog00"
|
|
export HACKBIN="$NSS_HACK/mozilla/dist/$DISTTYPE/bin"
|
|
export HACKLIB="$NSS_HACK/mozilla/dist/$DISTTYPE/lib"
|
|
|
|
if [ "$TEST_SYSTEM" = "false" ]; then
|
|
# Find out nss version
|
|
DISTTYPE=`cd "$LOCALDIST/mozilla/security/nss/tests/common"; gmake objdir_name`
|
|
echo "NSS DISTTYPE $DISTTYPE" >> "$TEST_OUTPUT/nisccLog00"
|
|
export TESTBIN="$LOCALDIST/mozilla/dist/$DISTTYPE/bin"
|
|
export TESTLIB="$LOCALDIST/mozilla/dist/$DISTTYPE/lib"
|
|
export TESTTOOLS="$TESTBIN"
|
|
else
|
|
# Using system installed NSS
|
|
echo "USING SYSTEM NSS" >> "$TEST_OUTPUT/nisccLog00"
|
|
export TESTBIN="/usr/bin"
|
|
if [ `uname -m` = "x86_64" ]; then
|
|
export TESTLIB="/usr/lib64"
|
|
export TESTTOOLS="/usr/lib64/nss/unsupported-tools"
|
|
else
|
|
export TESTLIB="/usr/lib"
|
|
export TESTTOOLS="/usr/lib/nss/unsupported-tools"
|
|
fi
|
|
fi
|
|
|
|
# Verify NISCC_TEST was set in the proper library
|
|
if strings "$HACKLIB/libssl3.so" | grep NISCC_TEST > /dev/null 2>&1; then
|
|
echo "$HACKLIB/libssl3.so contains NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
|
|
else
|
|
echo "$HACKLIB/libssl3.so does NOT contain NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
|
|
fi
|
|
|
|
if strings "$TESTLIB/libssl3.so" | grep NISCC_TEST > /dev/null 2>&1; then
|
|
echo "$TESTLIB/libssl3.so contains NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
|
|
else
|
|
echo "$TESTLIB/libssl3.so does NOT contain NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
|
|
fi
|
|
}
|
|
|
|
################################################################################
|
|
# Setup simple client and server directory
|
|
################################################################################
|
|
ssl_setup_dirs_simple()
|
|
{
|
|
[ "$NO_SETUP" = "true" ] && return
|
|
|
|
echo "Setting up working directories for SSL simple tests"
|
|
|
|
CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
|
|
SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
|
|
|
|
# Generate .p12 files
|
|
openssl pkcs12 -export -inkey "$TEST/client_key.pem" -in "$TEST/client_crt.pem" -out "$TEST_OUTPUT/client_crt.p12" -passout pass:testtest1 -name "client_crt"
|
|
openssl pkcs12 -export -inkey "$TEST/server_key.pem" -in "$TEST/server_crt.pem" -out "$TEST_OUTPUT/server_crt.p12" -passout pass:testtest1 -name "server_crt"
|
|
|
|
# Setup simple client directory
|
|
rm -rf "$CLIENT"
|
|
mkdir -p "$CLIENT"
|
|
echo test > "$CLIENT/password-is-test.txt"
|
|
export LD_LIBRARY_PATH="$TESTLIB"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -N -d "$CLIENT" -f "$CLIENT/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -A -d "$CLIENT" -n rootca -i "$TEST/rootca.crt" -t "C,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/pk12util" -i "$TEST_OUTPUT/client_crt.p12" -d "$CLIENT" -k "$CLIENT/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -L -d "$CLIENT" >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
|
|
# File containg message used for terminating the server
|
|
echo "GET /stop HTTP/1.0" > "$CLIENT/stop.txt"
|
|
echo "" >> "$CLIENT/stop.txt"
|
|
|
|
# Setup simple server directory
|
|
rm -rf "$SERVER"
|
|
mkdir -p "$SERVER"
|
|
echo test > "$SERVER/password-is-test.txt"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -N -d "$SERVER" -f "$SERVER/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -A -d "$SERVER" -n rootca -i "$TEST/rootca.crt" -t "TC,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/pk12util" -i "$TEST_OUTPUT/server_crt.p12" -d "$SERVER" -k "$SERVER/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -L -d "$SERVER" >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
|
|
unset LD_LIBRARY_PATH
|
|
}
|
|
|
|
################################################################################
|
|
# Setup resigned client and server directory
|
|
################################################################################
|
|
ssl_setup_dirs_resigned()
|
|
{
|
|
[ "$NO_SETUP" = "true" ] && return
|
|
|
|
echo "Setting up working directories for SSL resigned tests"
|
|
|
|
CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
|
|
SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
|
|
|
|
# Setup resigned client directory
|
|
rm -rf "$CLIENT"
|
|
mkdir -p "$CLIENT"
|
|
echo test > "$CLIENT/password-is-test.txt"
|
|
export LD_LIBRARY_PATH="$TESTLIB"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -N -d "$CLIENT" -f "$CLIENT/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -A -d "$CLIENT" -n rootca -i "$TEST/rootca.crt" -t "C,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/pk12util" -i "$TEST_OUTPUT/client_crt.p12" -d "$CLIENT" -k "$CLIENT/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -L -d "$CLIENT" >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
|
|
echo "GET /stop HTTP/1.0" > "$CLIENT/stop.txt"
|
|
echo "" >> "$CLIENT/stop.txt"
|
|
|
|
# Setup resigned server directory
|
|
rm -rf "$SERVER"
|
|
mkdir -p "$SERVER"
|
|
echo test > "$SERVER/password-is-test.txt"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -N -d "$SERVER" -f "$SERVER/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -A -d "$SERVER" -n rootca -i "$TEST/rootca.crt" -t "TC,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/pk12util" -i "$TEST_OUTPUT/server_crt.p12" -d "$SERVER" -k "$SERVER/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -L -d "$SERVER" >> "$TEST_OUTPUT/nisccLog00" 2>&1
|
|
|
|
unset LD_LIBRARY_PATH
|
|
}
|
|
|
|
################################################################################
|
|
# NISCC SMIME tests
|
|
################################################################################
|
|
niscc_smime()
|
|
{
|
|
cd "$TEST_OUTPUT"
|
|
DATA="$NISCC_HOME/NISCC_SMIME_testcases"
|
|
|
|
[ ! -d niscc_smime ] && mkdir -p niscc_smime
|
|
|
|
export SMIME_CERT_DB_DIR=envDB
|
|
export NSS_STRICT_SHUTDOWN=1
|
|
export NSS_DISABLE_ARENA_FREE_LIST=1
|
|
export LD_LIBRARY_PATH="$TESTLIB"
|
|
|
|
# Generate .p12 files
|
|
openssl pkcs12 -export -inkey "$DATA/Client.key" -in "$DATA/Client.crt" -out Client.p12 -passout pass:testtest1 &>/dev/null
|
|
openssl pkcs12 -export -inkey "$DATA/CA.key" -in "$DATA/CA.crt" -out CA.p12 -passout pass:testtest1 &>/dev/null
|
|
|
|
# Generate envDB if needed
|
|
if [ ! -d "$SMIME_CERT_DB_DIR" ]; then
|
|
mkdir -p "$SMIME_CERT_DB_DIR"
|
|
echo testtest1 > password-is-testtest1.txt
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -N -d "./$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt > /dev/null 2>&1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt -i "$DATA/CA.crt" -n CA -t "TC,C,"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt -i "$DATA/Client.crt" -n Client -t "TC,C,"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/pk12util" -i ./CA.p12 -d "$SMIME_CERT_DB_DIR" -k password-is-testtest1.txt -W testtest1
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/pk12util" -i ./Client.p12 -d "$SMIME_CERT_DB_DIR" -k password-is-testtest1.txt -W testtest1
|
|
fi
|
|
|
|
# if p7m-ed-m-files.txt does not exist, then generate it.
|
|
[ -f "$DATA/p7m-ed-m-files.txt" ] && sed "s|^|$DATA/|" "$DATA/p7m-ed-m-files.txt" > p7m-ed-m-files.txt
|
|
export P7M_ED_M_FILES=p7m-ed-m-files.txt
|
|
if [ "$SMALLSET" = "true" ]; then
|
|
[ ! -f "$P7M_ED_M_FILES" ] && find "$DATA"/p7m-ed-m-0* -type f -print | head -10 >> "$P7M_ED_M_FILES"
|
|
else
|
|
[ ! -f "$P7M_ED_M_FILES" ] && find "$DATA"/p7m-ed-m-0* -type f -print >> "$P7M_ED_M_FILES"
|
|
fi
|
|
|
|
# Test "p7m-ed-m*" testcases
|
|
echo "Testing SMIME enveloped data testcases"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/cmsutil" $VERBOSE -D -d "$SMIME_CERT_DB_DIR" -p testtest1 -b -i "$P7M_ED_M_FILES" > niscc_smime/p7m-ed-m-results.txt 2>&1
|
|
|
|
export SMIME_CERT_DB_DIR=sigDB
|
|
# Generate sigDB if needed
|
|
if [ ! -d "$SMIME_CERT_DB_DIR" ]; then
|
|
mkdir -p "$SMIME_CERT_DB_DIR"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -N -d "$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -i "$DATA/CA.crt" -n CA -t "TC,C,"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -i "$DATA/Client.crt" -n Client -t "TC,C,"
|
|
fi
|
|
|
|
# if p7m-sd-dt-files.txt does not exist, then generate it.
|
|
[ -f "$DATA/p7m-sd-dt-files.txt" ] && sed "s|^|$DATA/|" "$DATA/p7m-sd-dt-files.txt" > p7m-sd-dt-files.txt
|
|
export P7M_SD_DT_FILES=p7m-sd-dt-files.txt
|
|
if [ "$SMALLSET" = "true" ]; then
|
|
[ ! -f "$P7M_SD_DT_FILES" ] && find "$DATA"/p7m-sd-dt-[cm]-* -type f -print | head -10 >> "$P7M_SD_DT_FILES"
|
|
else
|
|
[ ! -f "$P7M_SD_DT_FILES" ] && find "$DATA"/p7m-sd-dt-[cm]-* -type f -print >> "$P7M_SD_DT_FILES"
|
|
fi
|
|
|
|
[ ! -f detached.txt ] && touch detached.txt
|
|
|
|
# Test "p7m-sd-dt*" testcases
|
|
echo "Testing SMIME detached signed data testcases"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/cmsutil" $VERBOSE -D -d "$SMIME_CERT_DB_DIR" -c detached.txt -b -i "$P7M_SD_DT_FILES" > niscc_smime/p7m-sd-dt-results.txt 2>&1
|
|
|
|
# if p7m-sd-op-files.txt does not exist, then generate it.
|
|
[ -f "$DATA/p7m-sd-op-files.txt" ] && sed "s|^|$DATA/|" "$DATA/p7m-sd-op-files.txt" > p7m-sd-op-files.txt
|
|
export P7M_SD_OP_FILES=p7m-sd-op-files.txt
|
|
if [ "$SMALLSET" = "true" ]; then
|
|
[ ! -f "$P7M_SD_OP_FILES" ] && find "$DATA"/p7m-sd-op-[cm]-* -type f -print | head -10 >> "$P7M_SD_OP_FILES"
|
|
else
|
|
[ ! -f "$P7M_SD_OP_FILES" ] && find "$DATA"/p7m-sd-op-[cm]-* -type f -print >> "$P7M_SD_OP_FILES"
|
|
fi
|
|
|
|
# Test "p7m-sd-op*" testcases
|
|
echo "Testing SMIME opaque signed data testcases"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTBIN}/cmsutil" $VERBOSE -D -d "$SMIME_CERT_DB_DIR" -b -i "$P7M_SD_OP_FILES" > niscc_smime/p7m-sd-op-results.txt 2>&1
|
|
|
|
unset LD_LIBRARY_PATH
|
|
}
|
|
|
|
################################################################################
|
|
# Set env variables for NISCC SSL tests
|
|
################################################################################
|
|
niscc_ssl_init()
|
|
{
|
|
export NSS_STRICT_SHUTDOWN=1
|
|
export NSS_DISABLE_ARENA_FREE_LIST=1
|
|
cd "$TEST_OUTPUT"
|
|
}
|
|
|
|
force_crash()
|
|
{
|
|
echo "int main(int argc, char *argv[]) { int *i; i = (int*)(void*)1; *i = 1; }" > "$TEST_OUTPUT/crashme.c"
|
|
gcc -g -o "$TEST_OUTPUT/crashme" "$TEST_OUTPUT/crashme.c"
|
|
"$TEST_OUTPUT/crashme"
|
|
}
|
|
|
|
################################################################################
|
|
# Do simple client auth tests
|
|
# Use an altered client against the server
|
|
################################################################################
|
|
ssl_simple_client_auth()
|
|
{
|
|
echo "Testing SSL simple client auth testcases"
|
|
export CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
|
|
export SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
|
|
export PORT=8443
|
|
export START_AT=1
|
|
if [ "$SMALLSET" = "true" ]; then
|
|
export STOP_AT=10
|
|
else
|
|
export STOP_AT=106160
|
|
fi
|
|
unset NISCC_TEST
|
|
export LD_LIBRARY_PATH="$TESTLIB"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTTOOLS}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -rr -t $THREADS -w test > "$TEST_OUTPUT/nisccLog01" 2>&1 &
|
|
|
|
export NISCC_TEST="$TEST/simple_client"
|
|
export LD_LIBRARY_PATH="$HACKLIB"
|
|
|
|
for START in `seq $START_AT $THREADS $STOP_AT`; do
|
|
START_AT=$START \
|
|
STOP_AT=$(($START+$THREADS)) \
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${HACKBIN}/strsclnt" $VERBOSE -d "$CLIENT" -n client_crt -p $PORT -t $THREADS -c $THREADS -o -N -w test $HOST >> "$TEST_OUTPUT/nisccLog02" 2>&1
|
|
done
|
|
|
|
unset NISCC_TEST
|
|
echo "starting tstclnt to shutdown simple client selfserv process"
|
|
for i in `seq 5`; do
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${HACKBIN}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog02" 2>&1
|
|
done
|
|
|
|
unset LD_LIBRARY_PATH
|
|
|
|
sleep 1
|
|
}
|
|
|
|
################################################################################
|
|
# Do simple server auth tests
|
|
# Use an altered server against the client
|
|
################################################################################
|
|
ssl_simple_server_auth()
|
|
{
|
|
echo "Testing SSL simple server auth testcases"
|
|
export CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
|
|
export SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
|
|
export PORT=8444
|
|
export START_AT=00000001
|
|
if [ "$SMALLSET" = "true" ]; then
|
|
export STOP_AT=00000010
|
|
else
|
|
export STOP_AT=00106167
|
|
fi
|
|
export LD_LIBRARY_PATH="$HACKLIB"
|
|
export NISCC_TEST="$TEST/simple_server"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog03" 2>&1 &
|
|
|
|
unset NISCC_TEST
|
|
export LD_LIBRARY_PATH="$TESTLIB"
|
|
for START in `seq $START_AT $THREADS $STOP_AT`; do
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog04" 2>&1
|
|
done
|
|
|
|
echo "starting tstclnt to shutdown simple server selfserv process"
|
|
for i in `seq 5`; do
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog04" 2>&1
|
|
done
|
|
|
|
unset LD_LIBRARY_PATH
|
|
|
|
sleep 1
|
|
}
|
|
|
|
################################################################################
|
|
# Do simple rootCA tests
|
|
# Use an altered server against the client
|
|
################################################################################
|
|
ssl_simple_rootca()
|
|
{
|
|
echo "Testing SSL simple rootCA testcases"
|
|
export CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
|
|
export SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
|
|
export PORT=8445
|
|
export START_AT=1
|
|
if [ "$SMALLSET" = "true" ]; then
|
|
export STOP_AT=10
|
|
else
|
|
export STOP_AT=106190
|
|
fi
|
|
export LD_LIBRARY_PATH="$HACKLIB"
|
|
export NISCC_TEST="$TEST/simple_rootca"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog05" 2>&1 &
|
|
|
|
unset NISCC_TEST
|
|
export LD_LIBRARY_PATH="$TESTLIB"
|
|
for START in `seq $START_AT $THREADS $STOP_AT`; do
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog06" 2>&1
|
|
done
|
|
|
|
echo "starting tstclnt to shutdown simple rootca selfserv process"
|
|
for i in `seq 5`; do
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog06" 2>&1
|
|
done
|
|
|
|
unset LD_LIBRARY_PATH
|
|
|
|
sleep 1
|
|
}
|
|
|
|
################################################################################
|
|
# Do resigned client auth tests
|
|
# Use an altered client against the server
|
|
################################################################################
|
|
ssl_resigned_client_auth()
|
|
{
|
|
echo "Testing SSL resigned client auth testcases"
|
|
export CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
|
|
export SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
|
|
export PORT=8446
|
|
export START_AT=0
|
|
if [ "$SMALLSET" = "true" ]; then
|
|
export STOP_AT=9
|
|
else
|
|
export STOP_AT=99981
|
|
fi
|
|
unset NISCC_TEST
|
|
export LD_LIBRARY_PATH="$TESTLIB"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTTOOLS}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -rr -t $THREADS -w test > "$TEST_OUTPUT/nisccLog07" 2>&1 &
|
|
|
|
export NISCC_TEST="$TEST/resigned_client"
|
|
export LD_LIBRARY_PATH="$HACKLIB"
|
|
|
|
for START in `seq $START_AT $THREADS $STOP_AT`; do
|
|
START_AT=$START \
|
|
STOP_AT=$(($START+$THREADS)) \
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${HACKBIN}/strsclnt" $VERBOSE -d "$CLIENT" -n client_crt -p $PORT -t $THREADS -c $THREADS -o -N -w test $HOST >> "$TEST_OUTPUT/nisccLog08" 2>&1
|
|
done
|
|
|
|
unset NISCC_TEST
|
|
echo "starting tstclnt to shutdown resigned client selfserv process"
|
|
for i in `seq 5`; do
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${HACKBIN}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog08" 2>&1
|
|
done
|
|
|
|
unset LD_LIBRARY_PATH
|
|
|
|
sleep 1
|
|
}
|
|
|
|
################################################################################
|
|
# Do resigned server auth tests
|
|
# Use an altered server against the client
|
|
################################################################################
|
|
ssl_resigned_server_auth()
|
|
{
|
|
echo "Testing SSL resigned server auth testcases"
|
|
export CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
|
|
export SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
|
|
export PORT=8447
|
|
export START_AT=0
|
|
if [ "$SMALLSET" = "true" ]; then
|
|
export STOP_AT=9
|
|
else
|
|
export STOP_AT=100068
|
|
fi
|
|
export LD_LIBRARY_PATH="$HACKLIB"
|
|
export NISCC_TEST="$TEST/resigned_server"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog09" 2>&1 &
|
|
|
|
unset NISCC_TEST
|
|
export LD_LIBRARY_PATH="$TESTLIB"
|
|
for START in `seq $START_AT $THREADS $STOP_AT`; do
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog10" 2>&1
|
|
done
|
|
|
|
echo "starting tstclnt to shutdown resigned server selfserv process"
|
|
for i in `seq 5`; do
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog10" 2>&1
|
|
done
|
|
|
|
unset LD_LIBRARY_PATH
|
|
|
|
sleep 1
|
|
}
|
|
|
|
################################################################################
|
|
# Do resigned rootCA tests
|
|
# Use an altered server against the client
|
|
################################################################################
|
|
ssl_resigned_rootca()
|
|
{
|
|
echo "Testing SSL resigned rootCA testcases"
|
|
export CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
|
|
export SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
|
|
export PORT=8448
|
|
export START_AT=0
|
|
if [ "$SMALLSET" = "true" ]; then
|
|
export STOP_AT=9
|
|
else
|
|
export STOP_AT=99959
|
|
fi
|
|
export LD_LIBRARY_PATH="$HACKLIB"
|
|
export NISCC_TEST="$TEST/resigned_rootca"
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog11" 2>&1 &
|
|
|
|
unset NISCC_TEST
|
|
export LD_LIBRARY_PATH="$TESTLIB"
|
|
for START in `seq $START_AT $THREADS $STOP_AT`; do
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog12" 2>&1
|
|
done
|
|
|
|
echo "starting tstclnt to shutdown resigned rootca selfserv process"
|
|
for i in `seq 5`; do
|
|
LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
|
|
"${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog12" 2>&1
|
|
done
|
|
|
|
unset LD_LIBRARY_PATH
|
|
|
|
sleep 1
|
|
}
|
|
|
|
################################################################################
|
|
# Email the test logfile, and if core found, notify of failure
|
|
################################################################################
|
|
mail_testLog()
|
|
{
|
|
pushd "$TEST_OUTPUT"
|
|
|
|
# remove mozilla nss build false positives and core stored in previous runs
|
|
find . -name "core*" -print | grep -v coreconf | grep -v core_watch | grep -v archive >> crashLog
|
|
export SIZE=`cat crashLog | wc -l`
|
|
|
|
[ "$USE_MAIL" = "false" ] && return
|
|
|
|
# mail text
|
|
MT=mailText
|
|
rm -f $MT
|
|
|
|
if [ "$SIZE" -ne 1 ]; then
|
|
echo "### FAILED ###" >> $MT
|
|
echo "### Exactly one crash is expected." >> $MT
|
|
echo "### Zero means: crash detection is broken, fix the script!" >> $MT
|
|
echo "### > 1 means: robustness test failure, fix the bug! (check the logs)" >> $MT
|
|
cat crashLog >> nisccLogSummary
|
|
SUBJ="FAILED: NISCC TESTS (check file: crashLog)"
|
|
else
|
|
echo ":) PASSED :)" >> $MT
|
|
SUBJ="PASSED: NISCC tests"
|
|
fi
|
|
|
|
echo "Date used during test run: $DATE" >> $MT
|
|
|
|
echo "Count of lines in files:" >> $MT
|
|
wc -l crashLog nisccBuildLog nisccBuildLogHack nisccLog[0-9]* p7m-* |grep -vw total >> $MT
|
|
NUM=`cat nisccLog0[123456789] nisccLog1[12] | egrep -ic "success/passed"`
|
|
echo "Number of times the SSL tests reported success/passed (low expected): $NUM" >> $MT
|
|
NUM=`cat nisccLog0[123456789] nisccLog1[12] | egrep -ic "problem|failed|error"`
|
|
echo "Number of times the SSL tests reported problem/failed/error (high expected): $NUM" >> $MT
|
|
NUM=`cat niscc_smime/p7m*results.txt | egrep -ic "success/passed"`
|
|
echo "Number of times the S/MIME tests reported success/passed (low expected): $NUM" >> $MT
|
|
NUM=`cat niscc_smime/p7m*results.txt | egrep -ic "problem|failed|error"`
|
|
echo "Number of times the S/MIME tests reported problem/failed/error (high expected): $NUM" >> $MT
|
|
echo "==== tail of nisccBuildLog ====" >> $MT
|
|
tail -20 nisccBuildLog >> $MT
|
|
echo "===============================" >> $MT
|
|
echo "==== tail of nisccBuildLogHack ====" >> $MT
|
|
tail -20 nisccBuildLogHack >> $MT
|
|
echo "===================================" >> $MT
|
|
|
|
#NUM=``
|
|
#echo "Number of : $NUM" >> $MT
|
|
|
|
cat $MT | $MAIL_COMMAND -s "$SUBJ" $QA_LIST
|
|
|
|
popd
|
|
}
|
|
|
|
################################################################################
|
|
# Summarize all logs
|
|
################################################################################
|
|
log_summary()
|
|
{
|
|
echo "Summarizing all logs"
|
|
# Move old logs
|
|
[ -f "$TEST_OUTPUT/nisccLogSummary" ] && mv nisccLogSummary nisccLogSummary.old
|
|
[ -f "$TEST_OUTPUT/crashLog" ] && mv crashLog crashLog.old
|
|
|
|
for a in $TEST_OUTPUT/nisccLog[0-9]*; do
|
|
echo ================================== "$a"
|
|
grep -v using "$a" | sort | uniq -c | sort -b -n +0 -1
|
|
done > $TEST_OUTPUT/nisccLogSummary
|
|
|
|
for a in $TEST_OUTPUT/niscc_smime/p7m-*-results.txt; do
|
|
echo ================================== "$a"
|
|
grep -v using "$a" | sort | uniq -c | sort -b -n +0 -1
|
|
done >> $TEST_OUTPUT/nisccLogSummary
|
|
}
|
|
|
|
################################################################################
|
|
# Process core files
|
|
################################################################################
|
|
core_process()
|
|
{
|
|
echo "Processing core files"
|
|
cd "$TEST_OUTPUT"
|
|
|
|
for CORE in `cat crashLog`; do
|
|
FILE=`file "$CORE" | sed "s/.* from '//" | sed "s/'.*//"`
|
|
BINARY=`strings "$CORE" | grep "^${FILE}" | tail -1`
|
|
gdb "$BINARY" "$CORE" << EOF_GDB > "$CORE.details"
|
|
where
|
|
quit
|
|
EOF_GDB
|
|
done
|
|
}
|
|
|
|
################################################################################
|
|
# Move the old log files to save them, delete extra log files
|
|
################################################################################
|
|
move_files()
|
|
{
|
|
echo "Moving and deleting log files"
|
|
cd "$TEST_OUTPUT"
|
|
|
|
rm -rf TRASH
|
|
mkdir TRASH
|
|
|
|
if [ "$LOG_STORE" = "true" ]; then
|
|
BRANCH=`echo $LOCALDIST | sed "s:.*/\(security.*\)/builds/.*:\1:"`
|
|
if [ "$BRANCH" = "$LOCALDIST" ]; then
|
|
ARCHIVE="$TEST_OUTPUT/archive"
|
|
else
|
|
ARCHIVE="$TEST_OUTPUT/archive/$BRANCH"
|
|
fi
|
|
|
|
# Check for archive directory
|
|
if [ ! -d "$ARCHIVE" ]; then
|
|
mkdir -p "$ARCHIVE"
|
|
fi
|
|
|
|
# Determine next log storage point
|
|
slot=`ls -1 "$ARCHIVE" | grep $DATE | wc -l`
|
|
slot=`expr $slot + 1`
|
|
location="$ARCHIVE/$DATE.$slot"
|
|
mkdir -p "$location"
|
|
|
|
# Archive the logs
|
|
mv nisccBuildLog "$location" 2> /dev/null
|
|
mv nisccBuildLogHack "$location" 2> /dev/null
|
|
mv nisccLogSummary "$location"
|
|
mv nisccLog* "$location"
|
|
mv niscc_smime/p7m-ed-m-results.txt "$location"
|
|
mv niscc_smime/p7m-sd-dt-results.txt "$location"
|
|
mv niscc_smime/p7m-sd-op-results.txt "$location"
|
|
|
|
# Archive any core files produced
|
|
for core in `cat "$TEST_OUTPUT/crashLog"`; do
|
|
mv "$core" "$location"
|
|
mv "$core.details" "$location"
|
|
done
|
|
mv crashLog "$location"
|
|
else
|
|
# Logs not stored => summaries, crashlog and corefiles not moved, other logs deleted
|
|
mv nisccLog00 nisccLog01 nisccLog02 nisccLog03 nisccLog04 nisccLog05 nisccLog06 nisccLog07 nisccLog08 nisccLog09 nisccLog10 nisccLog11 nisccLog12 TRASH/
|
|
mv niscc_smime/p7m-ed-m-results.txt niscc_smime/p7m-sd-dt-results.txt niscc_smime/p7m-sd-op-results.txt TRASH/
|
|
fi
|
|
mv envDB sigDB niscc_smime niscc_ssl TRASH/
|
|
mv CA.p12 Client.p12 client_crt.p12 server_crt.p12 TRASH/
|
|
mv p7m-ed-m-files.txt p7m-sd-dt-files.txt p7m-sd-op-files.txt password-is-testtest1.txt detached.txt TRASH/
|
|
mv crashme.c crashme TRASH/
|
|
}
|
|
|
|
################################################################################
|
|
# Main
|
|
################################################################################
|
|
process_args $*
|
|
create_environment
|
|
cvs_pull
|
|
build_NSS
|
|
init
|
|
niscc_smime
|
|
niscc_ssl_init
|
|
force_crash
|
|
ssl_setup_dirs_simple
|
|
ssl_simple_client_auth
|
|
ssl_simple_server_auth
|
|
ssl_simple_rootca
|
|
ssl_setup_dirs_resigned
|
|
ssl_resigned_client_auth
|
|
ssl_resigned_server_auth
|
|
ssl_resigned_rootca
|
|
# no idea what these commented-out lines are supposed to be!
|
|
#ssl_setup_dirs_update
|
|
# ssl_update_server_auth der
|
|
# ssl_update_client_auth der
|
|
# ssl_update_server_auth resigned-der
|
|
# ssl_update_client_auth resigned-der
|
|
log_summary
|
|
mail_testLog
|
|
core_process
|
|
move_files
|
|
exit $SIZE
|