init.sh (26021B)
1 #! /bin/bash 2 # 3 # This Source Code Form is subject to the terms of the Mozilla Public 4 # License, v. 2.0. If a copy of the MPL was not distributed with this 5 # file, You can obtain one at http://mozilla.org/MPL/2.0/. 6 7 ######################################################################## 8 # 9 # mozilla/security/nss/tests/common/init.sh 10 # 11 # initialization for NSS QA, can be included multiple times 12 # from all.sh and the individual scripts 13 # 14 # variables, utilities and shellfunctions global to NSS QA 15 # needs to work on all Unix and Windows platforms 16 # 17 # included from 18 # ------------- 19 # all.sh 20 # ssl.sh 21 # sdr.sh 22 # cipher.sh 23 # perf.sh 24 # cert.sh 25 # smime.sh 26 # tools.sh 27 # fips.sh 28 # 29 # special strings 30 # --------------- 31 # FIXME ... known problems, search for this string 32 # NOTE .... unexpected behavior 33 # 34 # NOTE: 35 # ----- 36 # Unlike the old QA this is based on files sourcing each other 37 # This is done to save time, since a great portion of time is lost 38 # in calling and sourcing the same things multiple times over the 39 # network. Also, this way all scripts have all shell function available 40 # and a completely common environment 41 # 42 ######################################################################## 43 44 NSS_STRICT_SHUTDOWN=1 45 export NSS_STRICT_SHUTDOWN 46 47 # Init directories based on HOSTDIR variable 48 if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then 49 init_directories() 50 { 51 TMP=${HOSTDIR} #TMP=${TMP-/tmp} 52 TEMP=${TMP} 53 TMPDIR=${TMP} 54 55 CADIR=${HOSTDIR}/CA 56 SERVERDIR=${HOSTDIR}/server 57 CLIENTDIR=${HOSTDIR}/client 58 ALICEDIR=${HOSTDIR}/alicedir 59 BOBDIR=${HOSTDIR}/bobdir 60 DAVEDIR=${HOSTDIR}/dave 61 EVEDIR=${HOSTDIR}/eve 62 FIPSDIR=${HOSTDIR}/fips 63 DBPASSDIR=${HOSTDIR}/dbpass 64 ECCURVES_DIR=${HOSTDIR}/eccurves 65 DISTRUSTDIR=${HOSTDIR}/distrust 66 RSAPSSDIR=${HOSTDIR}/rsapss 67 68 SERVER_CADIR=${HOSTDIR}/serverCA 69 CLIENT_CADIR=${HOSTDIR}/clientCA 70 EXT_SERVERDIR=${HOSTDIR}/ext_server 71 EXT_CLIENTDIR=${HOSTDIR}/ext_client 72 IMPLICIT_INIT_DIR=${HOSTDIR}/implicit_init 73 74 IOPR_CADIR=${HOSTDIR}/CA_iopr 75 IOPR_SSL_SERVERDIR=${HOSTDIR}/server_ssl_iopr 76 IOPR_SSL_CLIENTDIR=${HOSTDIR}/client_ssl_iopr 77 IOPR_OCSP_CLIENTDIR=${HOSTDIR}/client_ocsp_iopr 78 79 CERT_EXTENSIONS_DIR=${HOSTDIR}/cert_extensions 80 STAPLINGDIR=${HOSTDIR}/stapling 81 NOLOGINDIR=${HOSTDIR}/nologin 82 SSLGTESTDIR=${HOSTDIR}/ssl_gtests 83 GTESTDIR=${HOSTDIR}/gtests 84 85 PWFILE=${HOSTDIR}/tests.pw 86 LONGPWFILE=${HOSTDIR}/tests.longpw 87 EMPTY_FILE=${HOSTDIR}/tests_empty 88 NOISE_FILE=${HOSTDIR}/tests_noise 89 CORELIST_FILE=${HOSTDIR}/clist 90 91 FIPSPWFILE=${HOSTDIR}/tests.fipspw 92 FIPSBADPWFILE=${HOSTDIR}/tests.fipsbadpw 93 FIPSP12PWFILE=${HOSTDIR}/tests.fipsp12pw 94 95 echo nss > ${PWFILE} 96 echo "nss123456789012345678901234567890123456789012345678901234567890_" > ${LONGPWFILE} 97 echo > ${EMPTY_FILE} 98 echo "fIps140" > ${FIPSPWFILE} 99 echo "fips104" > ${FIPSBADPWFILE} 100 echo "pKcs12fips140" > ${FIPSP12PWFILE} 101 102 noise 103 104 P_SERVER_CADIR=${SERVER_CADIR} 105 P_CLIENT_CADIR=${CLIENT_CADIR} 106 107 if [ -n "${MULTIACCESS_DBM}" ]; then 108 P_SERVER_CADIR="multiaccess:${D_SERVER_CA}" 109 P_CLIENT_CADIR="multiaccess:${D_CLIENT_CA}" 110 fi 111 112 113 # a new log file, short - fast to search, mostly for tools to 114 # see if their portion of the cert has succeeded, also for me - 115 CERT_LOG_FILE=${HOSTDIR}/cert.log #the output.log is so crowded... 116 117 TEMPFILES=foobar # keep "${PWFILE} ${NOISE_FILE}" around 118 119 export HOSTDIR 120 } 121 122 # Generate noise file 123 noise() 124 { 125 # NOTE: these keys are only suitable for testing, as this whole thing 126 # bypasses the entropy gathering. Don't use this method to generate 127 # keys and certs for product use or deployment. 128 ps -efl > ${NOISE_FILE} 2>&1 129 ps aux >> ${NOISE_FILE} 2>&1 130 date >> ${NOISE_FILE} 2>&1 131 } 132 133 # Print selected environment variable (used for backup) 134 env_backup() 135 { 136 echo "HOSTDIR=\"${HOSTDIR}\"" 137 echo "TABLE_ARGS=" 138 echo "NSS_TEST_DISABLE_CRL=${NSS_TEST_DISABLE_CRL}" 139 echo "NSS_SSL_TESTS=\"${NSS_SSL_TESTS}\"" 140 echo "NSS_SSL_RUN=\"${NSS_SSL_RUN}\"" 141 echo "NSS_DEFAULT_DB_TYPE=${NSS_DEFAULT_DB_TYPE}" 142 echo "export NSS_DEFAULT_DB_TYPE" 143 echo "NSS_DISABLE_PKIX_VERIFY=${NSS_DISABLE_PKIX_VERIFY}" 144 echo "export NSS_DISABLE_PKIX_VERIFY" 145 echo "init_directories" 146 } 147 148 # Exit shellfunction to clean up at exit (error, regular or signal) 149 Exit() 150 { 151 if [ -n "$1" ] ; then 152 echo "$SCRIPTNAME: Exit: $* - FAILED" 153 html_failed "$*" 154 fi 155 echo "</TABLE><BR>" >> ${RESULTS} 156 if [ -n "${SERVERPID}" -a -f "${SERVERPID}" ]; then 157 ${KILL} `cat ${SERVERPID}` 158 fi 159 cd ${QADIR} 160 . common/cleanup.sh 161 case $1 in 162 [0-4][0-9]|[0-9]) 163 exit $1; 164 ;; 165 *) 166 exit 1 167 ;; 168 esac 169 } 170 171 detect_core() 172 { 173 [ ! -f $CORELIST_FILE ] && touch $CORELIST_FILE 174 mv $CORELIST_FILE ${CORELIST_FILE}.old 175 coreStr=`find $HOSTDIR -type f -name '*core*'` 176 res=0 177 if [ -n "$coreStr" ]; then 178 sum $coreStr > $CORELIST_FILE 179 res=`cat $CORELIST_FILE ${CORELIST_FILE}.old | sort | uniq -u | wc -l` 180 fi 181 return $res 182 } 183 184 #html functions to give the resultfiles a consistant look 185 html() ######################### write the results.html file 186 { # 3 functions so we can put targets in the output.log easier 187 echo $* >>${RESULTS} 188 } 189 increase_msg_id() 190 { 191 MSG_ID=$(( ${MSG_ID} + 1 )) 192 } 193 html_passed_ignore_core() 194 { 195 increase_msg_id 196 html "<TR><TD>#${MSG_ID}: $1 ${HTML_PASSED}" 197 echo "${SCRIPTNAME}: #${MSG_ID}: $* - PASSED" 198 } 199 html_passed() 200 { 201 html_detect_core "$@" || return 202 html_passed_ignore_core "$@" 203 } 204 html_failed_ignore_core() 205 { 206 increase_msg_id 207 html "<TR><TD>#${MSG_ID}: $1 ${HTML_FAILED}" 208 echo "${SCRIPTNAME}: #${MSG_ID}: $* - FAILED" 209 } 210 html_failed() 211 { 212 html_detect_core "$@" || return 213 html_failed_ignore_core "$@" || return 214 } 215 html_unknown_ignore_core() 216 { 217 increase_msg_id 218 html "<TR><TD>#${MSG_ID}: $1 ${HTML_UNKNOWN}" 219 echo "${SCRIPTNAME}: #${MSG_ID}: $* - UNKNOWN" 220 } 221 html_unknown() 222 { 223 html_detect_core "$@" || return 224 increase_msg_id 225 html "<TR><TD>#${MSG_ID}: $1 ${HTML_UNKNOWN}" 226 echo "${SCRIPTNAME}: #${MSG_ID}: $* - UNKNOWN" 227 } 228 html_detect_core() 229 { 230 detect_core 231 if [ $? -ne 0 ]; then 232 increase_msg_id 233 html "<TR><TD>#${MSG_ID}: $* ${HTML_FAILED_CORE}" 234 echo "${SCRIPTNAME}: #${MSG_ID}: $* - Core file is detected - FAILED" 235 return 1 236 fi 237 return 0 238 } 239 html_head() 240 { 241 242 html "<TABLE BORDER=1 ${TABLE_ARGS}><TR><TH COLSPAN=3>$*</TH></TR>" 243 html "<TR><TH width=500>Test Case</TH><TH width=50>Result</TH></TR>" 244 echo "$SCRIPTNAME: $* ===============================" 245 } 246 html_msg() 247 { 248 if [ $1 -ne $2 ] ; then 249 html_failed "$3" "$4" 250 else 251 html_passed "$3" "$4" 252 fi 253 } 254 HTML_FAILED='</TD><TD bgcolor=red>Failed</TD><TR>' 255 HTML_FAILED_CORE='</TD><TD bgcolor=red>Failed Core</TD><TR>' 256 HTML_PASSED='</TD><TD bgcolor=lightGreen>Passed</TD><TR>' 257 HTML_UNKNOWN='</TD><TD>Unknown</TD><TR>' 258 TABLE_ARGS= 259 260 gtest_parse_report_helper() 261 { 262 # Check XML reports for normal test runs and failures. 263 local successes failures 264 successes=$(gtest_parse_report_xpath "//testcase[@status='run'][count(*)=0]" "$@" ) 265 failures=$(gtest_parse_report_xpath "//failure/.." "$@" ) 266 267 # Print all tests that succeeded. 268 while read result name; do 269 html_passed_ignore_core "$name" 270 done <<< "$successes" 271 272 # Print failing tests. 273 if [ -n "$failures" ]; then 274 printf "\nFAILURES:\n=========\n" 275 276 while read result name; do 277 html_failed_ignore_core "$name" 278 done <<< "$failures" 279 280 printf "\n" 281 fi 282 } 283 284 # This legacy report parser can't actually detect failures. It always relied 285 # on the binary's exit code. Print the tests we ran to keep the old behavior. 286 gtest_parse_report_legacy() 287 { 288 while read result name && [ -n "$name" ]; do 289 if [ "$result" = "notrun" ]; then 290 echo "$name" SKIPPED 291 elif [ "$result" = "run" ]; then 292 html_passed_ignore_core "$name" 293 else 294 html_failed_ignore_core "$name" 295 fi 296 done <<< "$(sed -f "${COMMON}/parsegtestreport.sed" "$@" )" 297 # here's how we would use bash if it wasn't so slow 298 # done <<< "$(sh "${COMMON}/parsegtestreport.sh" "$@" )" 299 } 300 301 gtest_parse_report_xpath() 302 { 303 # Query the XML report with the given XPath pattern. 304 xpath="$1" 305 shift 306 xmllint --xpath "${xpath}" "$@" 2>/dev/null | \ 307 # Insert newlines to help sed. 308 sed $'s/<testcase/\\\n<testcase/g' | \ 309 # Use sed to parse the report. 310 sed -f "${COMMON}/parsegtestreport.sed" 311 # here's how we would use bash if it wasn't so slow 312 #sh "${COMMON}/parsegtestreport.sh" 313 } 314 315 gtest_parse_report() 316 { 317 if type xmllint &>/dev/null; then 318 echo "DEBUG: Using xmllint to parse GTest XML report(s)" 319 gtest_parse_report_helper "$@" 320 else 321 echo "DEBUG: Falling back to legacy XML report parsing using only sed" 322 gtest_parse_report_legacy "$@" 323 fi 324 } 325 326 save_pkcs11() 327 { 328 outdir="$1" 329 cp ${outdir}/pkcs11.txt ${outdir}/pkcs11.txt.sav 330 } 331 332 restore_pkcs11() 333 { 334 outdir="$1" 335 cp ${outdir}/pkcs11.txt.sav ${outdir}/pkcs11.txt 336 } 337 338 # create a new pkcs11.txt with and explict policy. overwrites 339 # the existing pkcs11 340 setup_policy() 341 { 342 policy="$1" 343 outdir="$2" 344 OUTFILE="${outdir}/pkcs11.txt" 345 cat > "$OUTFILE" << ++EOF++ 346 library= 347 name=NSS Internal PKCS #11 Module 348 parameters=configdir='./client' certPrefix='' keyPrefix='' secmod='secmod.db' flags= updatedir='' updateCertPrefix='' updateKeyPrefix='' updateid='' updateTokenDescription='' 349 NSS=Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30}) 350 ++EOF++ 351 echo "config=${policy}" >> "$OUTFILE" 352 echo "" >> "$OUTFILE" 353 echo "library=${DIST}/${OBJDIR}/lib/libnssckbi.so" >> "$OUTFILE" 354 cat >> "$OUTFILE" << ++EOF++ 355 name=RootCerts 356 NSS=trustOrder=100 357 ++EOF++ 358 359 echo "******************************Testing $outdir with: " 360 cat "$OUTFILE" 361 echo "******************************" 362 } 363 364 ignore_blank_lines() 365 { 366 LC_ALL=C egrep -v '^[[:space:]]*(#|$)' "$1" 367 } 368 369 using_sql() 370 { 371 dbtype=$(nssdefaults --dbtype) 372 if [ ${dbtype##*: } = "sql" ]; then 373 return 0; # success case for bash 374 fi 375 return 1; # fail case for bash 376 } 377 378 #directory name init 379 SCRIPTNAME=init.sh 380 381 mozilla_root=`(cd ../../..; pwd)` 382 MOZILLA_ROOT=${MOZILLA_ROOT-$mozilla_root} 383 384 qadir=`(cd ..; pwd)` 385 QADIR=${QADIR-$qadir} 386 387 common=${QADIR}/common 388 COMMON=${TEST_COMMON-$common} 389 export COMMON 390 391 DIST=${DIST-${MOZILLA_ROOT}/dist} 392 TESTDIR=${TESTDIR-${MOZILLA_ROOT}/tests_results/security} 393 394 # Allow for override options from a config file 395 if [ -n "${OBJDIR}" -a -f ${DIST}/${OBJDIR}/platform.cfg ]; then 396 . ${DIST}/${OBJDIR}/platform.cfg 397 fi 398 399 # only need make if we don't already have certain variables set 400 if [ -z "${OBJDIR}" -o -z "${OS_ARCH}" -o -z "${DLL_PREFIX}" -o -z "${DLL_SUFFIX}" ]; then 401 MAKE=gmake 402 $MAKE -v >/dev/null 2>&1 || MAKE=make 403 $MAKE -v >/dev/null 2>&1 || MAKE=mozmake 404 $MAKE -v >/dev/null 2>&1 || { echo "You are missing make."; exit 5; } 405 MAKE="$MAKE --no-print-directory" 406 fi 407 408 if [ "${OBJDIR}" = "" ]; then 409 if [ -f ${DIST}/latest ]; then 410 OBJDIR=$(cat ${DIST}/latest) 411 else 412 OBJDIR=`($MAKE -s -C $COMMON objdir_name)` 413 fi 414 fi 415 if [ "${OS_ARCH}" = "" ]; then 416 OS_ARCH=`(cd $COMMON; $MAKE os_arch)` 417 fi 418 if [ "${DLL_PREFIX}" = "" ]; then 419 DLL_PREFIX=`(cd $COMMON; $MAKE dll_prefix)` 420 fi 421 if [ "${DLL_SUFFIX}" = "" ]; then 422 DLL_SUFFIX=`(cd $COMMON; $MAKE dll_suffix)` 423 fi 424 OS_NAME=`uname -s | sed -e "s/-[0-9.-]*//" | sed -e "s/-WOW64//"` 425 426 BINDIR="${DIST}/${OBJDIR}/bin" 427 428 # Pathnames constructed from ${TESTDIR} are passed to NSS tools 429 # such as certutil, which don't understand Cygwin pathnames. 430 # So we need to convert ${TESTDIR} to a Windows pathname (with 431 # regular slashes). 432 if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "CYGWIN_NT" ]; then 433 TESTDIR=`cygpath -m ${TESTDIR}` 434 QADIR=`cygpath -m ${QADIR}` 435 fi 436 437 # Same problem with MSYS/Mingw, except we need to start over with pwd -W 438 if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "MINGW32_NT" ]; then 439 mingw_mozilla_root=`(cd ../../..; pwd -W)` 440 MINGW_MOZILLA_ROOT=${MINGW_MOZILLA_ROOT-$mingw_mozilla_root} 441 TESTDIR=${MINGW_TESTDIR-${MINGW_MOZILLA_ROOT}/tests_results/security} 442 fi 443 444 # Same problem with MSYS/Mingw, except we need to start over with pwd -W 445 if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "MINGW32_NT" ]; then 446 mingw_mozilla_root=`(cd ../../..; pwd -W)` 447 MINGW_MOZILLA_ROOT=${MINGW_MOZILLA_ROOT-$mingw_mozilla_root} 448 TESTDIR=${MINGW_TESTDIR-${MINGW_MOZILLA_ROOT}/tests_results/security} 449 fi 450 echo testdir is $TESTDIR 451 452 #in case of backward comp. tests the calling scripts set the 453 #PATH and LD_LIBRARY_PATH and do not want them to be changed 454 if [ -z "${DON_T_SET_PATHS}" -o "${DON_T_SET_PATHS}" != "TRUE" ] ; then 455 if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" != "CYGWIN_NT" -a "$OS_NAME" != "MINGW32_NT" -a "$OS_NAME" != "MSYS_NT" ]; then 456 PATH=.\;${DIST}/${OBJDIR}/bin\;${DIST}/${OBJDIR}/lib\;$PATH 457 PATH=`perl ../path_uniq -d ';' "$PATH"` 458 elif [ "${OS_ARCH}" = "Android" ]; then 459 # android doesn't have perl, skip the uniq step 460 PATH=.:${DIST}/${OBJDIR}/bin:${DIST}/${OBJDIR}/lib:$PATH 461 else 462 PATH=.:${DIST}/${OBJDIR}/bin:${DIST}/${OBJDIR}/lib:/bin:/usr/bin:$PATH 463 # added /bin and /usr/bin in the beginning so a local perl will 464 # be used 465 PATH=`perl ../path_uniq -d ':' "$PATH"` 466 fi 467 468 LD_LIBRARY_PATH=${DIST}/${OBJDIR}/lib:$LD_LIBRARY_PATH 469 SHLIB_PATH=${DIST}/${OBJDIR}/lib:$SHLIB_PATH 470 LIBPATH=${DIST}/${OBJDIR}/lib:$LIBPATH 471 DYLD_LIBRARY_PATH=${DIST}/${OBJDIR}/lib:$DYLD_LIBRARY_PATH 472 fi 473 474 if [ ! -d "${TESTDIR}" ]; then 475 echo "$SCRIPTNAME init: Creating ${TESTDIR}" 476 mkdir -p ${TESTDIR} 477 fi 478 479 #HOST and DOMSUF are needed for the server cert 480 481 if [ -z "$DOMSUF" ] && hash domainname 2>/dev/null; then 482 DOMSUF=`domainname` 483 fi 484 # hostname -d and domainname both return (none) if hostname doesn't 485 # include a dot. Pretend we didn't get an answer. 486 if [ "$DOMSUF" = "(none)" ]; then 487 DOMSUF= 488 fi 489 490 if [ -z "$HOST" ]; then 491 HOST=`uname -n` 492 fi 493 case "$HOST" in 494 *\.*) 495 if [ -z "$DOMSUF" ]; then 496 DOMSUF="${HOST#*.}" 497 fi 498 HOST="${HOST%%.*}" 499 ;; 500 ?*) 501 ;; 502 *) 503 echo "$SCRIPTNAME: Fatal HOST environment variable is not defined." 504 exit 1 #does not need to be Exit, very early in script 505 ;; 506 esac 507 508 if [ -z "$DOMSUF" -a "$OS_ARCH" != "Android" ]; then 509 echo "$SCRIPTNAME: Fatal DOMSUF env. variable is not defined." 510 exit 1 #does not need to be Exit, very early in script 511 fi 512 513 #HOSTADDR was a workaround for the dist. stress test, and is probably 514 #not needed anymore (purpose: be able to use IP address for the server 515 #cert instead of PC name which was not in the DNS because of dyn IP address 516 if [ "$USE_IP" != "TRUE" ] ; then 517 if [ -z "$DOMSUF" ]; then 518 HOSTADDR=${HOST} 519 else 520 HOSTADDR=${HOST}.${DOMSUF} 521 fi 522 else 523 HOSTADDR=${IP_ADDRESS} 524 fi 525 526 #if running remote side of the distributed stress test we need to use 527 #the files that the server side gives us... 528 if [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then 529 for w in `ls -rtd ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null | 530 sed -e "s/.*${HOST}.//"` ; do 531 version=$w 532 done 533 HOSTDIR=${TESTDIR}/${HOST}.$version 534 echo "$SCRIPTNAME init: HOSTDIR $HOSTDIR" 535 echo $HOSTDIR 536 if [ ! -d $HOSTDIR ] ; then 537 echo "$SCRIPTNAME: Fatal: Remote side of dist. stress test " 538 echo " - server HOSTDIR $HOSTDIR does not exist" 539 exit 1 #does not need to be Exit, very early in script 540 fi 541 fi 542 543 #find the HOSTDIR, where the results are supposed to go 544 if [ -n "${HOSTDIR}" ]; then 545 version=`echo $HOSTDIR | sed -e "s/.*${HOST}.//"` 546 else 547 if [ -f "${TESTDIR}/${HOST}" ]; then 548 version=`cat ${TESTDIR}/${HOST}` 549 else 550 version=1 551 fi 552 #file has a tendency to disappear, messing up the rest of QA - 553 #workaround to find the next higher number if version file is not there 554 if [ -z "${version}" ]; then # for some strange reason this file 555 # gets truncated at times... Windos 556 for w in `ls -d ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null | 557 sort -t '.' -n | sed -e "s/.*${HOST}.//"` ; do 558 version=`expr $w + 1` 559 done 560 if [ -z "${version}" ]; then 561 version=1 562 fi 563 fi 564 expr $version + 1 > ${TESTDIR}/${HOST} 565 566 HOSTDIR=${TESTDIR}/${HOST}'.'$version 567 568 mkdir -p ${HOSTDIR} 569 fi 570 571 #result and log file and filename init, 572 if [ -z "${LOGFILE}" ]; then 573 LOGFILE=${HOSTDIR}/output.log 574 fi 575 if [ ! -f "${LOGFILE}" ]; then 576 touch ${LOGFILE} 577 fi 578 if [ -z "${RESULTS}" ]; then 579 RESULTS=${HOSTDIR}/results.html 580 fi 581 if [ ! -f "${RESULTS}" ]; then 582 cp ${COMMON}/results_header.html ${RESULTS} 583 html "<H4>Platform: ${OBJDIR}<BR>" 584 html "Test Run: ${HOST}.$version</H4>" 585 html "${BC_ACTION}" 586 html "<HR><BR>" 587 html "<HTML><BODY>" 588 589 echo "********************************************" | tee -a ${LOGFILE} 590 echo " Platform: ${OBJDIR}" | tee -a ${LOGFILE} 591 echo " Results: ${HOST}.$version" | tee -a ${LOGFILE} 592 echo "********************************************" | tee -a ${LOGFILE} 593 echo "$BC_ACTION" | tee -a ${LOGFILE} 594 #if running remote side of the distributed stress test 595 # let the user know who it is... 596 elif [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then 597 echo "********************************************" | tee -a ${LOGFILE} 598 echo " Platform: ${OBJDIR}" | tee -a ${LOGFILE} 599 echo " Results: ${HOST}.$version" | tee -a ${LOGFILE} 600 echo " remote side of distributed stress test " | tee -a ${LOGFILE} 601 echo " `uname -n -s`" | tee -a ${LOGFILE} 602 echo "********************************************" | tee -a ${LOGFILE} 603 fi 604 605 echo "$SCRIPTNAME init: Testing PATH $PATH against LIB $LD_LIBRARY_PATH" |\ 606 tee -a ${LOGFILE} 607 608 KILL="kill" 609 610 if [ `uname -s` = "SunOS" ]; then 611 PS="/usr/5bin/ps" 612 else 613 PS="ps" 614 fi 615 #found 3 rsh's so far that do not work as expected - cygnus mks6 616 #(restricted sh) and mks 7 - if it is not in c:/winnt/system32 it 617 #needs to be set in the environ.ksh 618 if [ -z "$RSH" ]; then 619 if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "CYGWIN_NT" ]; then 620 RSH=/cygdrive/c/winnt/system32/rsh 621 elif [ "${OS_ARCH}" = "WINNT" ]; then 622 RSH=c:/winnt/system32/rsh 623 else 624 RSH=rsh 625 fi 626 fi 627 628 629 #more filename and directoryname init 630 CURDIR=`pwd` 631 632 CU_ACTION='Unknown certutil action' 633 634 # would like to preserve some tmp files, also easier to see if there 635 # are "leftovers" - another possibility ${HOSTDIR}/tmp 636 637 init_directories 638 639 FIPSCERTNICK="FIPS_PUB_140_Test_Certificate" 640 641 # domains to handle ipc based access to databases 642 D_CA="TestCA.$version" 643 D_ALICE="Alice.$version" 644 D_BOB="Bob.$version" 645 D_DAVE="Dave.$version" 646 D_EVE="Eve.$version" 647 D_SERVER_CA="ServerCA.$version" 648 D_CLIENT_CA="ClientCA.$version" 649 D_SERVER="Server.$version" 650 D_CLIENT="Client.$version" 651 D_NOLOGIN="NoLogin.$version" 652 D_FIPS="FIPS.$version" 653 D_DBPASS="DBPASS.$version" 654 D_ECCURVES="ECCURVES.$version" 655 D_EXT_SERVER="ExtendedServer.$version" 656 D_EXT_CLIENT="ExtendedClient.$version" 657 D_IMPLICIT_INIT="ImplicitInit.$version" 658 D_CERT_EXTENSTIONS="CertExtensions.$version" 659 D_DISTRUST="Distrust.$version" 660 D_RSAPSS="RSAPSS.$version" 661 662 # we need relative pathnames of these files and directories, since our 663 # tools can't handle the unix style absolute pathnames on cygnus 664 665 R_CADIR=../CA 666 R_SERVERDIR=../server 667 R_CLIENTDIR=../client 668 R_IOPR_CADIR=../CA_iopr 669 R_IOPR_SSL_SERVERDIR=../server_ssl_iopr 670 R_IOPR_SSL_CLIENTDIR=../client_ssl_iopr 671 R_IOPR_OCSP_CLIENTDIR=../client_ocsp_iopr 672 R_ALICEDIR=../alicedir 673 R_BOBDIR=../bobdir 674 R_DAVEDIR=../dave 675 R_EVEDIR=../eve 676 R_EXT_SERVERDIR=../ext_server 677 R_EXT_CLIENTDIR=../ext_client 678 R_IMPLICIT_INIT_DIR=../implicit_init 679 R_CERT_EXT=../cert_extensions 680 R_STAPLINGDIR=../stapling 681 R_NOLOGINDIR=../nologin 682 R_SSLGTESTDIR=../ssl_gtests 683 R_GTESTDIR=../gtests 684 R_RSAPSSDIR=../rsapss 685 686 # 687 # profiles are either paths or domains depending on the setting of 688 # MULTIACCESS_DBM 689 # 690 P_R_CADIR=${R_CADIR} 691 P_R_ALICEDIR=${R_ALICEDIR} 692 P_R_BOBDIR=${R_BOBDIR} 693 P_R_DAVEDIR=${R_DAVEDIR} 694 P_R_EVEDIR=${R_EVEDIR} 695 P_R_SERVERDIR=${R_SERVERDIR} 696 P_R_CLIENTDIR=${R_CLIENTDIR} 697 P_R_NOLOGINDIR=${R_NOLOGINDIR} 698 P_R_EXT_SERVERDIR=${R_EXT_SERVERDIR} 699 P_R_EXT_CLIENTDIR=${R_EXT_CLIENTDIR} 700 P_R_IMPLICIT_INIT_DIR=${R_IMPLICIT_INIT_DIR} 701 P_R_RSAPSSDIR=${R_RSAPSSDIR} 702 if [ -n "${MULTIACCESS_DBM}" ]; then 703 P_R_CADIR="multiaccess:${D_CA}" 704 P_R_ALICEDIR="multiaccess:${D_ALICE}" 705 P_R_BOBDIR="multiaccess:${D_BOB}" 706 P_R_DAVEDIR="multiaccess:${D_DAVE}" 707 P_R_EVEDIR="multiaccess:${D_EVE}" 708 P_R_SERVERDIR="multiaccess:${D_SERVER}" 709 P_R_CLIENTDIR="multiaccess:${D_CLIENT}" 710 P_R_NOLOGINDIR="multiaccess:${D_NOLOGIN}" 711 P_R_EXT_SERVERDIR="multiaccess:${D_EXT_SERVER}" 712 P_R_EXT_CLIENTDIR="multiaccess:${D_EXT_CLIENT}" 713 P_R_IMPLICIT_INIT_DIR="multiaccess:${D_IMPLICIT_INIT}" 714 P_R_RSAPSSDIR="multiaccess:${D_RSAPSS}" 715 fi 716 717 R_PWFILE=../tests.pw 718 R_LONGPWFILE=../tests.longpw 719 R_EMPTY_FILE=../tests_empty 720 R_NOISE_FILE=../tests_noise 721 722 R_FIPSPWFILE=../tests.fipspw 723 R_FIPSBADPWFILE=../tests.fipsbadpw 724 R_FIPSP12PWFILE=../tests.fipsp12pw 725 726 trap "Exit $0 Signal_caught" 2 3 727 728 export PATH LD_LIBRARY_PATH SHLIB_PATH LIBPATH DYLD_LIBRARY_PATH 729 export DOMSUF HOSTADDR 730 export KILL PS 731 export MOZILLA_ROOT DIST TESTDIR OBJDIR QADIR 732 export LOGFILE SCRIPTNAME 733 734 #used for the distributed stress test, the server generates certificates 735 #from GLOB_MIN_CERT to GLOB_MAX_CERT 736 # NOTE - this variable actually gets initialized by directly by the 737 # ssl_dist_stress.shs sl_ds_init() before init is called - need to change 738 # in both places. speaking of data encapsulatioN... 739 740 if [ -z "$GLOB_MIN_CERT" ] ; then 741 GLOB_MIN_CERT=0 742 fi 743 if [ -z "$GLOB_MAX_CERT" ] ; then 744 GLOB_MAX_CERT=200 745 fi 746 if [ -z "$MIN_CERT" ] ; then 747 MIN_CERT=$GLOB_MIN_CERT 748 fi 749 if [ -z "$MAX_CERT" ] ; then 750 MAX_CERT=$GLOB_MAX_CERT 751 fi 752 753 ################################################# 754 # CRL SSL testing constatnts 755 # 756 757 758 CRL_GRP_1_BEGIN=40 759 CRL_GRP_1_RANGE=3 760 UNREVOKED_CERT_GRP_1=41 761 762 CRL_GRP_2_BEGIN=43 763 CRL_GRP_2_RANGE=6 764 UNREVOKED_CERT_GRP_2=46 765 766 CRL_GRP_3_BEGIN=49 767 CRL_GRP_3_RANGE=4 768 UNREVOKED_CERT_GRP_3=51 769 770 TOTAL_CRL_RANGE=`expr ${CRL_GRP_1_RANGE} + ${CRL_GRP_2_RANGE} + \ 771 ${CRL_GRP_3_RANGE}` 772 773 TOTAL_GRP_NUM=3 774 775 RELOAD_CRL=1 776 777 # if test mode isn't set, test scripts default to expecting sql 778 if [ "${TEST_MODE}" = "" ]; then 779 NSS_DEFAULT_DB_TYPE=${NSS_DEFAULT_DB_TYPE:-"sql"} 780 export NSS_DEFAULT_DB_TYPE 781 fi 782 783 MSG_ID=0 784 785 ################################################# 786 # Interoperability testing constatnts 787 # 788 # if suite is setup for testing, IOPR_HOSTADDR_LIST should have 789 # at least one host name(FQDN) 790 # Example IOPR_HOSTADDR_LIST="goa1.SFBay.Sun.COM" 791 792 if [ -z "`echo ${IOPR_HOSTADDR_LIST} | grep '[A-Za-z]'`" ]; then 793 IOPR=0 794 else 795 IOPR=1 796 fi 797 ################################################# 798 799 if [ "${OS_ARCH}" != "WINNT" -a "${OS_ARCH}" != "Android" ]; then 800 ulimit -c unlimited 801 fi 802 803 SCRIPTNAME=$0 804 INIT_SOURCED=TRUE #whatever one does - NEVER export this one please 805 fi