3
# This Source Code Form is subject to the terms of the Mozilla Public
4
# License, v. 2.0. If a copy of the MPL was not distributed with this
5
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
7
########################################################################
9
# mozilla/security/nss/tests/dbtest/dbtest.sh
11
# Certificate generating and handeling for NSS QA, can be included
12
# multiple times from all.sh and the individual scripts
14
# needs to work on all Unix and Windows platforms
16
# included from (don't expect this to be up to date)
17
# --------------------------------------------------
25
# FIXME ... known problems, search for this string
26
# NOTE .... unexpected behavior
28
# FIXME - Netscape - NSS
29
########################################################################
31
############################## dbtest_init ###############################
32
# local shell function to initialize this script
33
########################################################################
36
SCRIPTNAME="dbtests.sh"
37
if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
38
CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
40
if [ -z "${INIT_SOURCED}" ] ; then
44
if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
49
SCRIPTNAME="dbtests.sh"
50
RONLY_DIR=${HOSTDIR}/ronlydir
51
EMPTY_DIR=${HOSTDIR}/emptydir
52
CONFLICT_DIR=${HOSTDIR}/conflictdir
54
html_head "CERT and Key DB Tests"
58
############################## dbtest_cleanup ############################
59
# local shell function to finish this script (no exit since it might be
61
########################################################################
73
echo "---------------------------------------------------------------"
75
echo "---------------------------------------------------------------"
82
Echo "test opening the database read/write in a nonexisting directory"
83
${BINDIR}/certutil -L -X -d ./non_existent_dir
85
if [ $ret -ne 255 ]; then
86
html_failed "Certutil succeeded in a nonexisting directory $ret"
88
html_passed "Certutil didn't work in a nonexisting dir $ret"
90
${BINDIR}/dbtest -r -d ./non_existent_dir
92
if [ $ret -ne 46 ]; then
93
html_failed "Dbtest readonly succeeded in a nonexisting directory $ret"
95
html_passed "Dbtest readonly didn't work in a nonexisting dir $ret"
98
Echo "test force opening the database in a nonexisting directory"
99
${BINDIR}/dbtest -f -d ./non_existent_dir
101
if [ $ret -ne 0 ]; then
102
html_failed "Dbtest force failed in a nonexisting directory $ret"
104
html_passed "Dbtest force succeeded in a nonexisting dir $ret"
107
Echo "test opening the database readonly in an empty directory"
109
${BINDIR}/tstclnt -h ${HOST} -d $EMPTY_DIR
111
if [ $ret -ne 1 ]; then
112
html_failed "Tstclnt succeded in an empty directory $ret"
114
html_passed "Tstclnt didn't work in an empty dir $ret"
116
${BINDIR}/dbtest -r -d $EMPTY_DIR
118
if [ $ret -ne 46 ]; then
119
html_failed "Dbtest readonly succeeded in an empty directory $ret"
121
html_passed "Dbtest readonly didn't work in an empty dir $ret"
123
rm -rf $EMPTY_DIR/* 2>/dev/null
124
${BINDIR}/dbtest -i -d $EMPTY_DIR
126
if [ $ret -ne 0 ]; then
127
html_failed "Dbtest logout after empty DB Init loses key $ret"
129
html_passed "Dbtest logout after empty DB Init has key"
131
rm -rf $EMPTY_DIR/* 2>/dev/null
132
${BINDIR}/dbtest -i -p pass -d $EMPTY_DIR
134
if [ $ret -ne 0 ]; then
135
html_failed "Dbtest password DB Init loses needlogin state $ret"
137
html_passed "Dbtest password DB Init maintains needlogin state"
139
rm -rf $EMPTY_DIR/* 2>/dev/null
140
${BINDIR}/certutil -D -n xxxx -d $EMPTY_DIR #created DB
142
if [ $ret -ne 255 ]; then
143
html_failed "Certutil succeeded in deleting a cert in an empty directory $ret"
145
html_passed "Certutil didn't work in an empty dir $ret"
147
rm -rf $EMPTY_DIR/* 2>/dev/null
148
Echo "test force opening the database readonly in a empty directory"
149
${BINDIR}/dbtest -r -f -d $EMPTY_DIR
151
if [ $ret -ne 0 ]; then
152
html_failed "Dbtest force readonly failed in an empty directory $ret"
154
html_passed "Dbtest force readonly succeeded in an empty dir $ret"
157
Echo "test opening the database r/w in a readonly directory"
159
cp -r ${CLIENTDIR}/* $RONLY_DIR
160
chmod -w $RONLY_DIR $RONLY_DIR/*
162
# On Mac OS X 10.1, if we do a "chmod -w" on files in an
163
# NFS-mounted directory, it takes several seconds for the
164
# first open to see the files are readonly, but subsequent
165
# opens immediately see the files are readonly. As a
166
# workaround we open the files once first. (Bug 185074)
167
if [ "${OS_ARCH}" = "Darwin" ]; then
168
cat $RONLY_DIR/* > /dev/null
171
${BINDIR}/dbtest -d $RONLY_DIR
173
if [ $ret -ne 46 ]; then
174
html_failed "Dbtest r/w succeeded in an readonly directory $ret"
176
html_passed "Dbtest r/w didn't work in an readonly dir $ret"
178
${BINDIR}/certutil -D -n "TestUser" -d .
180
if [ $ret -ne 255 ]; then
181
html_failed "Certutil succeeded in deleting a cert in an readonly directory $ret"
183
html_passed "Certutil didn't work in an readonly dir $ret"
186
Echo "test opening the database ronly in a readonly directory"
188
${BINDIR}/dbtest -d $RONLY_DIR -r
190
if [ $ret -ne 0 ]; then
191
html_failed "Dbtest readonly failed in a readonly directory $ret"
193
html_passed "Dbtest readonly succeeded in a readonly dir $ret"
196
Echo "test force opening the database r/w in a readonly directory"
197
${BINDIR}/dbtest -d $RONLY_DIR -f
199
if [ $ret -ne 0 ]; then
200
html_failed "Dbtest force failed in a readonly directory $ret"
202
html_passed "Dbtest force succeeded in a readonly dir $ret"
205
Echo "ls -l $RONLY_DIR"
206
ls -ld $RONLY_DIR $RONLY_DIR/*
208
mkdir ${CONFLICT_DIR}
209
Echo "test creating a new cert with a conflicting nickname"
212
${BINDIR}/certutil -N -d ${CONFLICT_DIR} -f ${R_PWFILE}
214
if [ $ret -ne 0 ]; then
215
html_failed "Nicknane conflict test failed, couldn't create database $ret"
217
${BINDIR}/certutil -A -n alice -t ,, -i ${R_ALICEDIR}/Alice.cert -d ${CONFLICT_DIR}
219
if [ $ret -ne 0 ]; then
220
html_failed "Nicknane conflict test failed, couldn't import alice cert $ret"
222
${BINDIR}/certutil -A -n alice -t ,, -i ${R_BOBDIR}/Bob.cert -d ${CONFLICT_DIR}
224
if [ $ret -eq 0 ]; then
225
html_failed "Nicknane conflict test failed, could import conflict nickname $ret"
227
html_passed "Nicknane conflict test, could not import conflict nickname $ret"
232
Echo "test importing an old cert to a conflicting nickname"
233
# first, import the certificate
234
${BINDIR}/certutil -A -n bob -t ,, -i ${R_BOBDIR}/Bob.cert -d ${CONFLICT_DIR}
235
# now import with a different nickname
236
${BINDIR}/certutil -A -n alice -t ,, -i ${R_BOBDIR}/Bob.cert -d ${CONFLICT_DIR}
237
# the old one should still be there...
238
${BINDIR}/certutil -L -n bob -d ${CONFLICT_DIR}
240
if [ $ret -ne 0 ]; then
241
html_failed "Nicknane conflict test-setting nickname conflict incorrectly worked"
243
html_passed "Nicknane conflict test-setting nickname conflict was correctly rejected"
248
################## main #################################################