3
# ***** BEGIN LICENSE BLOCK *****
4
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
6
# The contents of this file are subject to the Mozilla Public License Version
7
# 1.1 (the "License"); you may not use this file except in compliance with
8
# the License. You may obtain a copy of the License at
9
# http://www.mozilla.org/MPL/
11
# Software distributed under the License is distributed on an "AS IS" basis,
12
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
13
# for the specific language governing rights and limitations under the
16
# The Original Code is the Netscape security libraries.
18
# The Initial Developer of the Original Code is
19
# Netscape Communications Corporation.
20
# Portions created by the Initial Developer are Copyright (C) 1994-2000
21
# the Initial Developer. All Rights Reserved.
25
# Alternatively, the contents of this file may be used under the terms of
26
# either the GNU General Public License Version 2 or later (the "GPL"), or
27
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
28
# in which case the provisions of the GPL or the LGPL are applicable instead
29
# of those above. If you wish to allow use of your version of this file only
30
# under the terms of either the GPL or the LGPL, and not to allow others to
31
# use your version of this file under the terms of the MPL, indicate your
32
# decision by deleting the provisions above and replace them with the notice
33
# and other provisions required by the GPL or the LGPL. If you do not delete
34
# the provisions above, a recipient may use your version of this file under
35
# the terms of any one of the MPL, the GPL or the LGPL.
37
# ***** END LICENSE BLOCK *****
39
########################################################################
41
# mozilla/security/nss/tests/common/init.sh
43
# initialization for NSS QA, can be included multiple times
44
# from all.sh and the individual scripts
46
# variables, utilities and shellfunctions global to NSS QA
47
# needs to work on all Unix and Windows platforms
63
# FIXME ... known problems, search for this string
64
# NOTE .... unexpected behavior
68
# Unlike the old QA this is based on files sourcing each other
69
# This is done to save time, since a great portion of time is lost
70
# in calling and sourcing the same things multiple times over the
71
# network. Also, this way all scripts have all shell function available
72
# and a completely common environment
74
########################################################################
77
export NSS_STRICT_SHUTDOWN
79
if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
81
# Exit shellfunction to clean up at exit (error, regular or signal)
85
echo "$SCRIPTNAME: Exit: $*"
86
html_failed "<TR><TD>$*"
88
echo "</TABLE><BR>" >> ${RESULTS}
89
if [ -n "${SERVERPID}" -a -f "${SERVERPID}" ]; then
90
${KILL} `cat ${SERVERPID}`
107
[ ! -f $CORELIST_FILE ] && touch $CORELIST_FILE
108
mv $CORELIST_FILE ${CORELIST_FILE}.old
109
coreStr=`find $HOSTDIR -type f -name '*core*'`
111
if [ -n "$coreStr" ]; then
112
sum $coreStr > $CORELIST_FILE
113
res=`cat $CORELIST_FILE ${CORELIST_FILE}.old | sort | uniq -u | wc -l`
118
#html functions to give the resultfiles a consistant look
119
html() ######################### write the results.html file
120
{ # 3 functions so we can put targets in the output.log easier
125
html_detect_core "$@" || return
126
html "$* ${HTML_PASSED}"
130
html_detect_core "$@" || return
131
html "$* ${HTML_FAILED}"
136
if [ $? -ne 0 ]; then
137
echo "$*. Core file is detected."
138
html "$* ${HTML_FAILED_CORE}"
145
html "<TABLE BORDER=1><TR><TH COLSPAN=3>$*</TH></TR>"
146
html "<TR><TH width=500>Test Case</TH><TH width=50>Result</TH></TR>"
147
echo "$SCRIPTNAME: $* ==============================="
151
if [ "$1" -ne "$2" ] ; then
152
html_failed "<TR><TD>$3"
153
if [ -n "$4" ] ; then
154
echo "$SCRIPTNAME: $3 $4 FAILED"
157
html_passed "<TR><TD>$3"
158
if [ -n "$4" ] ; then
159
echo "$SCRIPTNAME: $3 $4 PASSED"
163
HTML_FAILED='</TD><TD bgcolor=red>Failed</TD><TR>'
164
HTML_FAILED_CORE='</TD><TD bgcolor=red>Failed Core</TD><TR>'
165
HTML_PASSED='</TD><TD bgcolor=lightGreen>Passed</TD><TR>'
171
mozilla_root=`(cd ../../../..; pwd)`
172
MOZILLA_ROOT=${MOZILLA_ROOT-$mozilla_root}
175
QADIR=${QADIR-$qadir}
177
common=${QADIR}/common
178
COMMON=${TEST_COMMON-$common}
181
DIST=${DIST-${MOZILLA_ROOT}/dist}
182
SECURITY_ROOT=${SECURITY_ROOT-${MOZILLA_ROOT}/security/nss}
183
TESTDIR=${TESTDIR-${MOZILLA_ROOT}/tests_results/security}
184
OBJDIR=`(cd $COMMON; gmake objdir_name)`
185
OS_ARCH=`(cd $COMMON; gmake os_arch)`
186
DLL_PREFIX=`(cd $COMMON; gmake dll_prefix)`
187
DLL_SUFFIX=`(cd $COMMON; gmake dll_suffix)`
188
OS_NAME=`uname -s | sed -e "s/-[0-9]*\.[0-9]*//"`
190
# Pathnames constructed from ${TESTDIR} are passed to NSS tools
191
# such as certutil, which don't understand Cygwin pathnames.
192
# So we need to convert ${TESTDIR} to a Windows pathname (with
194
if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "CYGWIN_NT" ]; then
195
TESTDIR=`cygpath -m ${TESTDIR}`
198
#in case of backward comp. tests the calling scripts set the
199
#PATH and LD_LIBRARY_PATH and do not want them to be changed
200
if [ -z "${DON_T_SET_PATHS}" -o "${DON_T_SET_PATHS}" != "TRUE" ] ; then
201
if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" != "CYGWIN_NT" ]; then
202
PATH=.\;${DIST}/${OBJDIR}/bin\;${DIST}/${OBJDIR}/lib\;$PATH
203
PATH=`perl ../path_uniq -d ';' "$PATH"`
205
PATH=.:${DIST}/${OBJDIR}/bin:${DIST}/${OBJDIR}/lib:/bin:/usr/bin:$PATH
206
# added /bin and /usr/bin in the beginning so a local perl will
208
PATH=`perl ../path_uniq -d ':' "$PATH"`
211
LD_LIBRARY_PATH=${DIST}/${OBJDIR}/lib:$LD_LIBRARY_PATH
212
SHLIB_PATH=${DIST}/${OBJDIR}/lib:$SHLIB_PATH
213
LIBPATH=${DIST}/${OBJDIR}/lib:$LIBPATH
214
DYLD_LIBRARY_PATH=${DIST}/${OBJDIR}/lib:$DYLD_LIBRARY_PATH
217
if [ ! -d "${TESTDIR}" ]; then
218
echo "$SCRIPTNAME init: Creating ${TESTDIR}"
222
#HOST and DOMSUF are needed for the server cert
225
HOST=`echo $HOST | sed -e "s/\..*//"`
233
HOST=`echo $HOST | sed -e "s/\..*//"`
238
echo "$SCRIPTNAME: Fatal HOST environment variable is not defined."
239
exit 1 #does not need to be Exit, very early in script
245
if [ -z "${DOMSUF}" ]; then
247
if [ -z "${DOMSUF}" ]; then
248
echo "$SCRIPTNAME: Fatal DOMSUF env. variable is not defined."
249
exit 1 #does not need to be Exit, very early in script
252
#HOSTADDR was a workaround for the dist. stress test, and is probably
253
#not needed anymore (purpose: be able to use IP address for the server
254
#cert instead of PC name which was not in the DNS because of dyn IP address
255
if [ -z "$USE_IP" -o "$USE_IP" != "TRUE" ] ; then
256
HOSTADDR=${HOST}.${DOMSUF}
258
HOSTADDR=${IP_ADDRESS}
261
#if running remote side of the distributed stress test we need to use
262
#the files that the server side gives us...
263
if [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
264
for w in `ls -rtd ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null |
265
sed -e "s/.*${HOST}.//"` ; do
268
HOSTDIR=${TESTDIR}/${HOST}.$version
269
echo "$SCRIPTNAME init: HOSTDIR $HOSTDIR"
271
if [ ! -d $HOSTDIR ] ; then
272
echo "$SCRIPTNAME: Fatal: Remote side of dist. stress test "
273
echo " - server HOSTDIR $HOSTDIR does not exist"
274
exit 1 #does not need to be Exit, very early in script
278
#find the HOSTDIR, where the results are supposed to go
279
if [ -n "${HOSTDIR}" ]; then
280
version=`echo $HOSTDIR | sed -e "s/.*${HOST}.//"`
282
if [ -f "${TESTDIR}/${HOST}" ]; then
283
version=`cat ${TESTDIR}/${HOST}`
287
#file has a tendency to disappear, messing up the rest of QA -
288
#workaround to find the next higher number if version file is not there
289
if [ -z "${version}" ]; then # for some strange reason this file
290
# gets truncated at times... Windos
291
for w in `ls -d ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null |
292
sort -t '.' -n | sed -e "s/.*${HOST}.//"` ; do
293
version=`expr $w + 1`
295
if [ -z "${version}" ]; then
299
expr $version + 1 > ${TESTDIR}/${HOST}
301
HOSTDIR=${TESTDIR}/${HOST}'.'$version
306
#result and log file and filename init,
307
if [ -z "${LOGFILE}" ]; then
308
LOGFILE=${HOSTDIR}/output.log
310
if [ ! -f "${LOGFILE}" ]; then
313
if [ -z "${RESULTS}" ]; then
314
RESULTS=${HOSTDIR}/results.html
316
if [ ! -f "${RESULTS}" ]; then
317
cp ${COMMON}/results_header.html ${RESULTS}
318
html "<H4>Platform: ${OBJDIR}<BR>"
319
html "Test Run: ${HOST}.$version</H4>"
324
echo "********************************************" | tee ${LOGFILE}
325
echo " Platform: ${OBJDIR}" | tee ${LOGFILE}
326
echo " Results: ${HOST}.$version" | tee ${LOGFILE}
327
echo "********************************************" | tee ${LOGFILE}
328
echo "$BC_ACTION" | tee ${LOGFILE}
329
#if running remote side of the distributed stress test let the user know who it is...
330
elif [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
331
echo "********************************************" | tee ${LOGFILE}
332
echo " Platform: ${OBJDIR}" | tee ${LOGFILE}
333
echo " Results: ${HOST}.$version" | tee ${LOGFILE}
334
echo " remote side of distributed stress test " | tee ${LOGFILE}
335
echo " `uname -n -s`" | tee ${LOGFILE}
336
echo "********************************************" | tee ${LOGFILE}
339
echo "$SCRIPTNAME init: Testing PATH $PATH against LIB $LD_LIBRARY_PATH" |
344
if [ `uname -s` = "SunOS" ]; then
349
#found 3 rsh's so far that do not work as expected - cygnus mks6
350
#(restricted sh) and mks 7 - if it is not in c:/winnt/system32 it
351
#needs to be set in the environ.ksh
352
if [ -z "$RSH" ]; then
353
if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "CYGWIN_NT" ]; then
354
RSH=/cygdrive/c/winnt/system32/rsh
355
elif [ "${OS_ARCH}" = "WINNT" ]; then
356
RSH=c:/winnt/system32/rsh
363
#more filename and directoryname init
366
CU_ACTION='Unknown certutil action'
368
# would like to preserve some tmp files, also easier to see if there
369
# are "leftovers" - another possibility ${HOSTDIR}/tmp
371
TMP=${HOSTDIR} #TMP=${TMP-/tmp}
376
SERVERDIR=${HOSTDIR}/server
377
CLIENTDIR=${HOSTDIR}/client
378
ALICEDIR=${HOSTDIR}/alicedir
379
BOBDIR=${HOSTDIR}/bobdir
380
DAVEDIR=${HOSTDIR}/dave
381
EVEDIR=${HOSTDIR}/eve
382
FIPSDIR=${HOSTDIR}/fips
383
ECCURVES_DIR=${HOSTDIR}/eccurves
385
SERVER_CADIR=${HOSTDIR}/serverCA
386
CLIENT_CADIR=${HOSTDIR}/clientCA
387
EXT_SERVERDIR=${HOSTDIR}/ext_server
388
EXT_CLIENTDIR=${HOSTDIR}/ext_client
390
CERT_EXTENSIONS_DIR=${HOSTDIR}/cert_extensions
392
PWFILE=${TMP}/tests.pw.$$
393
NOISE_FILE=${TMP}/tests_noise.$$
394
CORELIST_FILE=${TMP}/clist.$$
396
FIPSPWFILE=${TMP}/tests.fipspw.$$
397
FIPSBADPWFILE=${TMP}/tests.fipsbadpw.$$
398
FIPSP12PWFILE=${TMP}/tests.fipsp12pw.$$
399
FIPSCERTNICK="FIPS_PUB_140_Test_Certificate"
401
# domains to handle ipc based access to databases
402
D_CA="TestCA.$version"
403
D_ALICE="Alice.$version"
405
D_DAVE="Dave.$version"
407
D_SERVER_CA="ServerCA.$version"
408
D_CLIENT_CA="ClientCA.$version"
409
D_SERVER="Server.$version"
410
D_CLIENT="Client.$version"
411
D_FIPS="FIPS.$version"
412
D_ECCURVES="ECCURVES.$version"
413
D_EXT_SERVER="ExtendedServer.$version"
414
D_EXT_CLIENT="ExtendedClient.$version"
415
D_CERT_EXTENSTIONS="CertExtensions.$version"
417
# we need relative pathnames of these files abd directories, since our
418
# tools can't handle the unix style absolut pathnames on cygnus
421
R_SERVERDIR=../server
422
R_CLIENTDIR=../client
423
R_ALICEDIR=../alicedir
427
R_EXT_SERVERDIR=../ext_server
428
R_EXT_CLIENTDIR=../ext_client
429
R_CERT_EXT=../cert_extensions
432
# profiles are either paths or domains depending on the setting of
436
P_R_ALICEDIR=${R_ALICEDIR}
437
P_R_BOBDIR=${R_BOBDIR}
438
P_R_DAVEDIR=${R_DAVEDIR}
439
P_R_EVEDIR=${R_EVEDIR}
440
P_R_SERVERDIR=${R_SERVERDIR}
441
P_R_CLIENTDIR=${R_CLIENTDIR}
442
P_R_EXT_SERVERDIR=${R_EXT_SERVERDIR}
443
P_R_EXT_CLIENTDIR=${R_EXT_CLIENTDIR}
444
P_SERVER_CADIR=${SERVER_CADIR}
445
P_CLIENT_CADIR=${CLIENT_CADIR}
446
if [ -n "${MULTIACCESS_DBM}" ]; then
447
P_R_CADIR="multiaccess:${D_CA}"
448
P_R_ALICEDIR="multiaccess:${D_ALICE}"
449
P_R_BOBDIR="multiaccess:${D_BOB}"
450
P_R_DAVEDIR="multiaccess:${D_DAVE}"
451
P_R_EVEDIR="multiaccess:${D_EVE}"
452
P_R_SERVERDIR="multiaccess:${D_SERVER}"
453
P_R_CLIENTDIR="multiaccess:${D_CLIENT}"
454
P_R_EXT_SERVERDIR="multiaccess:${D_EXT_SERVER}"
455
P_R_EXT_CLIENTDIR="multiaccess:${D_EXT_CLIENT}"
456
P_SERVER_CADIR="multiaccess:${D_SERVER_CA}"
457
P_CLIENT_CADIR="multiaccess:${D_CLIENT_CA}"
460
R_PWFILE=../tests.pw.$$
461
R_NOISE_FILE=../tests_noise.$$
463
R_FIPSPWFILE=../tests.fipspw.$$
464
R_FIPSBADPWFILE=../tests.fipsbadpw.$$
465
R_FIPSP12PWFILE=../tests.fipsp12pw.$$
467
echo "fips140" > ${FIPSPWFILE}
468
echo "fips104" > ${FIPSBADPWFILE}
469
echo "pkcs12fips140" > ${FIPSP12PWFILE}
471
# a new log file, short - fast to search, mostly for tools to
472
# see if their portion of the cert has succeeded, also for me -
473
CERT_LOG_FILE=${HOSTDIR}/cert.log #the output.log is so crowded...
475
TEMPFILES="${PWFILE} ${NOISE_FILE}"
476
trap "Exit $0 Signal_caught" 2 3
478
export PATH LD_LIBRARY_PATH SHLIB_PATH LIBPATH DYLD_LIBRARY_PATH
479
export DOMSUF HOSTADDR
481
export MOZILLA_ROOT SECURITY_ROOT DIST TESTDIR OBJDIR HOSTDIR QADIR
482
export LOGFILE SCRIPTNAME
484
#used for the distributed stress test, the server generates certificates
485
#from GLOB_MIN_CERT to GLOB_MAX_CERT
486
# NOTE - this variable actually gets initialized by directly by the
487
# ssl_dist_stress.shs sl_ds_init() before init is called - need to change
488
# in both places. speaking of data encapsulatioN...
490
if [ -z "$GLOB_MIN_CERT" ] ; then
493
if [ -z "$GLOB_MAX_CERT" ] ; then
496
if [ -z "$MIN_CERT" ] ; then
497
MIN_CERT=$GLOB_MIN_CERT
499
if [ -z "$MAX_CERT" ] ; then
500
MAX_CERT=$GLOB_MAX_CERT
503
#################################################
504
# CRL SSL testing constatnts
510
UNREVOKED_CERT_GRP_1=41
514
UNREVOKED_CERT_GRP_2=46
518
UNREVOKED_CERT_GRP_3=51
520
TOTAL_CRL_RANGE=`expr ${CRL_GRP_1_RANGE} + ${CRL_GRP_2_RANGE} + \
528
INIT_SOURCED=TRUE #whatever one does - NEVER export this one please