|
Packit |
40b132 |
#!/bin/bash
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# This Source Code Form is subject to the terms of the Mozilla Public
|
|
Packit |
40b132 |
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
Packit |
40b132 |
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
########################################################################
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# mozilla/security/nss/tests/all.sh
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# Script to start selected available NSS QA suites on one machine
|
|
Packit |
40b132 |
# this script is called or sourced by NSS QA which runs on all required
|
|
Packit |
40b132 |
# platforms
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# Needs to work on all Unix and Windows platforms
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# Currently available NSS QA suites:
|
|
Packit |
40b132 |
# ----------------------------------
|
|
Packit |
40b132 |
# cipher.sh - tests NSS ciphers
|
|
Packit |
40b132 |
# libpkix.sh - tests PKIX functionality
|
|
Packit |
40b132 |
# cert.sh - exercises certutil and creates certs necessary for
|
|
Packit |
40b132 |
# all other tests
|
|
Packit |
40b132 |
# dbtests.sh - tests related to certificate databases
|
|
Packit |
40b132 |
# tools.sh - tests the majority of the NSS tools
|
|
Packit |
40b132 |
# fips.sh - tests basic functionallity of NSS in FIPS-compliant
|
|
Packit |
40b132 |
# - mode
|
|
Packit |
40b132 |
# sdr.sh - tests NSS SDR
|
|
Packit |
40b132 |
# crmf.sh - CRMF/CMMF testing
|
|
Packit |
40b132 |
# smime.sh - S/MIME testing
|
|
Packit |
40b132 |
# ssl.sh - tests SSL V2 SSL V3 and TLS
|
|
Packit |
40b132 |
# ocsp.sh - OCSP testing
|
|
Packit |
40b132 |
# merge.sh - tests merging old and new shareable databases
|
|
Packit |
40b132 |
# pkits.sh - NIST/PKITS tests
|
|
Packit |
40b132 |
# chains.sh - PKIX cert chains tests
|
|
Packit |
40b132 |
# dbupgrade.sh - upgrade databases to new shareable version (used
|
|
Packit |
40b132 |
# only in upgrade test cycle)
|
|
Packit |
40b132 |
# memleak.sh - memory leak testing (optional)
|
|
Packit |
40b132 |
# ssl_gtests.sh- Gtest based unit tests for ssl (optional)
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# NSS testing is now devided to 4 cycles:
|
|
Packit |
40b132 |
# ---------------------------------------
|
|
Packit |
40b132 |
# standard - run test suites with defaults settings
|
|
Packit |
40b132 |
# pkix - run test suites with PKIX enabled
|
|
Packit |
40b132 |
# upgradedb - upgrade existing certificate databases to shareable
|
|
Packit |
40b132 |
# format (creates them if doesn't exist yet) and run
|
|
Packit |
40b132 |
# test suites with those databases
|
|
Packit |
40b132 |
# sharedb - run test suites with shareable database format
|
|
Packit |
40b132 |
# enabled (databases are created directly to this
|
|
Packit |
40b132 |
# format)
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# Mandatory environment variables (to be set before testing):
|
|
Packit |
40b132 |
# -----------------------------------------------------------
|
|
Packit |
40b132 |
# HOST - test machine host name
|
|
Packit |
40b132 |
# DOMSUF - test machine domain name
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# Optional environment variables to specify build to use:
|
|
Packit |
40b132 |
# -------------------------------------------------------
|
|
Packit |
40b132 |
# BUILT_OPT - use optimized/debug build
|
|
Packit |
40b132 |
# USE_64 - use 64bit/32bit build
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# Optional environment variables to enable specific NSS features:
|
|
Packit |
40b132 |
# ---------------------------------------------------------------
|
|
Packit |
40b132 |
# NSS_DISABLE_ECC - disable ECC
|
|
Packit |
40b132 |
# NSS_ECC_MORE_THAN_SUITE_B - enable extended ECC
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# Optional environment variables to select which cycles/suites to test:
|
|
Packit |
40b132 |
# ---------------------------------------------------------------------
|
|
Packit |
40b132 |
# NSS_CYCLES - list of cycles to run (separated by space
|
|
Packit |
40b132 |
# character)
|
|
Packit |
40b132 |
# - by default all cycles are tested
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# NSS_TESTS - list of all test suites to run (separated by space
|
|
Packit |
40b132 |
# character, without trailing .sh)
|
|
Packit |
40b132 |
# - this list can be reduced for individual test cycles
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# NSS_SSL_TESTS - list of ssl tests to run (see ssl.sh)
|
|
Packit |
40b132 |
# NSS_SSL_RUN - list of ssl sub-tests to run (see ssl.sh)
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# Testing schema:
|
|
Packit |
40b132 |
# ---------------
|
|
Packit |
40b132 |
# all.sh ~ (main)
|
|
Packit |
40b132 |
# | |
|
|
Packit |
40b132 |
# +------------+------------+-----------+ ~ run_cycles
|
|
Packit |
40b132 |
# | | | | |
|
|
Packit |
40b132 |
# standard pkix upgradedb sharedb ~ run_cycle_*
|
|
Packit |
40b132 |
# | |
|
|
Packit |
40b132 |
# +------+------+------+-----> ~ run_tests
|
|
Packit |
40b132 |
# | | | | |
|
|
Packit |
40b132 |
# cert tools fips ssl ... ~ . *.sh
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# Special strings:
|
|
Packit |
40b132 |
# ----------------
|
|
Packit |
40b132 |
# FIXME ... known problems, search for this string
|
|
Packit |
40b132 |
# NOTE .... unexpected behavior
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
# NOTE:
|
|
Packit |
40b132 |
# -----
|
|
Packit |
40b132 |
# Unlike the old QA this is based on files sourcing each other
|
|
Packit |
40b132 |
# This is done to save time, since a great portion of time is lost
|
|
Packit |
40b132 |
# in calling and sourcing the same things multiple times over the
|
|
Packit |
40b132 |
# network. Also, this way all scripts have all shell function
|
|
Packit |
40b132 |
# available and a completely common environment
|
|
Packit |
40b132 |
#
|
|
Packit |
40b132 |
########################################################################
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
############################## run_tests ###############################
|
|
Packit |
40b132 |
# run test suites defined in TESTS variable, skip scripts defined in
|
|
Packit |
40b132 |
# TESTS_SKIP variable
|
|
Packit |
40b132 |
########################################################################
|
|
Packit |
40b132 |
run_tests()
|
|
Packit |
40b132 |
{
|
|
Packit |
40b132 |
for TEST in ${TESTS}
|
|
Packit |
40b132 |
do
|
|
Packit |
40b132 |
echo "${TESTS_SKIP}" | grep "${TEST}" > /dev/null
|
|
Packit |
40b132 |
if [ $? -eq 0 ]; then
|
|
Packit |
40b132 |
continue
|
|
Packit |
40b132 |
fi
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
SCRIPTNAME=${TEST}.sh
|
|
Packit |
40b132 |
echo "Running tests for ${TEST}"
|
|
Packit |
40b132 |
echo "TIMESTAMP ${TEST} BEGIN: `date`"
|
|
Packit |
40b132 |
(cd ${QADIR}/${TEST}; . ./${SCRIPTNAME} 2>&1)
|
|
Packit |
40b132 |
echo "TIMESTAMP ${TEST} END: `date`"
|
|
Packit |
40b132 |
done
|
|
Packit |
40b132 |
}
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
########################## run_cycle_standard ##########################
|
|
Packit |
40b132 |
# run test suites with defaults settings (no PKIX, no sharedb)
|
|
Packit |
40b132 |
########################################################################
|
|
Packit |
40b132 |
run_cycle_standard()
|
|
Packit |
40b132 |
{
|
|
Packit |
40b132 |
TEST_MODE=STANDARD
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
TESTS="${ALL_TESTS}"
|
|
Packit |
40b132 |
TESTS_SKIP=
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
run_tests
|
|
Packit |
40b132 |
}
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
############################ run_cycle_pkix ############################
|
|
Packit |
40b132 |
# run test suites with PKIX enabled
|
|
Packit |
40b132 |
########################################################################
|
|
Packit |
40b132 |
run_cycle_pkix()
|
|
Packit |
40b132 |
{
|
|
Packit |
40b132 |
TEST_MODE=PKIX
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
TABLE_ARGS="bgcolor=cyan"
|
|
Packit |
40b132 |
html_head "Testing with PKIX"
|
|
Packit |
40b132 |
html " "
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
HOSTDIR="${HOSTDIR}/pkix"
|
|
Packit |
40b132 |
mkdir -p "${HOSTDIR}"
|
|
Packit |
40b132 |
init_directories
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
NSS_ENABLE_PKIX_VERIFY="1"
|
|
Packit |
40b132 |
export NSS_ENABLE_PKIX_VERIFY
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
TESTS="${ALL_TESTS}"
|
|
Packit |
40b132 |
TESTS_SKIP="cipher dbtests sdr crmf smime merge multinit"
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
|
|
Packit |
40b132 |
RET=$?
|
|
Packit |
40b132 |
NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/bypass//g" -e "s/fips//g" -e "s/_//g"`
|
|
Packit |
40b132 |
[ ${RET} -eq 0 ] && NSS_SSL_TESTS="${NSS_SSL_TESTS} bypass_bypass"
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
run_tests
|
|
Packit |
40b132 |
}
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
######################### run_cycle_upgrade_db #########################
|
|
Packit |
40b132 |
# upgrades certificate database to shareable format and run test suites
|
|
Packit |
40b132 |
# with those databases
|
|
Packit |
40b132 |
########################################################################
|
|
Packit |
40b132 |
run_cycle_upgrade_db()
|
|
Packit |
40b132 |
{
|
|
Packit |
40b132 |
TEST_MODE=UPGRADE_DB
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
TABLE_ARGS="bgcolor=pink"
|
|
Packit |
40b132 |
html_head "Testing with upgraded library"
|
|
Packit |
40b132 |
html " "
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
OLDHOSTDIR="${HOSTDIR}"
|
|
Packit |
40b132 |
HOSTDIR="${HOSTDIR}/upgradedb"
|
|
Packit |
40b132 |
mkdir -p "${HOSTDIR}"
|
|
Packit |
40b132 |
init_directories
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
if [ -r "${OLDHOSTDIR}/cert.log" ]; then
|
|
Packit |
40b132 |
DIRS="alicedir bobdir CA cert_extensions client clientCA dave eccurves eve ext_client ext_server fips SDR server serverCA stapling tools/copydir cert.log cert.done tests.*"
|
|
Packit |
40b132 |
for i in $DIRS
|
|
Packit |
40b132 |
do
|
|
Packit |
40b132 |
cp -r ${OLDHOSTDIR}/${i} ${HOSTDIR} #2> /dev/null
|
|
Packit |
40b132 |
done
|
|
Packit |
40b132 |
fi
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
# upgrade certs dbs to shared db
|
|
Packit |
40b132 |
TESTS="dbupgrade"
|
|
Packit |
40b132 |
TESTS_SKIP=
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
run_tests
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
NSS_DEFAULT_DB_TYPE="sql"
|
|
Packit |
40b132 |
export NSS_DEFAULT_DB_TYPE
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
# run the subset of tests with the upgraded database
|
|
Packit |
40b132 |
TESTS="${ALL_TESTS}"
|
|
Packit |
40b132 |
TESTS_SKIP="cipher libpkix cert dbtests sdr ocsp pkits chains"
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
|
|
Packit |
40b132 |
RET=$?
|
|
Packit |
40b132 |
NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/bypass//g" -e "s/fips//g" -e "s/_//g"`
|
|
Packit |
40b132 |
[ ${RET} -eq 0 ] && NSS_SSL_TESTS="${NSS_SSL_TESTS} bypass_bypass"
|
|
Packit |
40b132 |
NSS_SSL_RUN=`echo "${NSS_SSL_RUN}" | sed -e "s/cov//g" -e "s/auth//g"`
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
run_tests
|
|
Packit |
40b132 |
}
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
########################## run_cycle_shared_db #########################
|
|
Packit |
40b132 |
# run test suites with certificate databases set to shareable format
|
|
Packit |
40b132 |
########################################################################
|
|
Packit |
40b132 |
run_cycle_shared_db()
|
|
Packit |
40b132 |
{
|
|
Packit |
40b132 |
TEST_MODE=SHARED_DB
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
TABLE_ARGS="bgcolor=yellow"
|
|
Packit |
40b132 |
html_head "Testing with shared library"
|
|
Packit |
40b132 |
html " "
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
HOSTDIR="${HOSTDIR}/sharedb"
|
|
Packit |
40b132 |
mkdir -p "${HOSTDIR}"
|
|
Packit |
40b132 |
init_directories
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
NSS_DEFAULT_DB_TYPE="sql"
|
|
Packit |
40b132 |
export NSS_DEFAULT_DB_TYPE
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
# run the tests for native sharedb support
|
|
Packit |
40b132 |
TESTS="${ALL_TESTS}"
|
|
Packit |
40b132 |
TESTS_SKIP="cipher libpkix dbupgrade sdr ocsp pkits"
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
echo "${NSS_SSL_TESTS}" | grep "_" > /dev/null
|
|
Packit |
40b132 |
RET=$?
|
|
Packit |
40b132 |
NSS_SSL_TESTS=`echo "${NSS_SSL_TESTS}" | sed -e "s/normal//g" -e "s/bypass//g" -e "s/fips//g" -e "s/_//g"`
|
|
Packit |
40b132 |
[ ${RET} -eq 0 ] && NSS_SSL_TESTS="${NSS_SSL_TESTS} bypass_bypass"
|
|
Packit |
40b132 |
NSS_SSL_RUN=`echo "${NSS_SSL_RUN}" | sed -e "s/cov//g" -e "s/auth//g"`
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
run_tests
|
|
Packit |
40b132 |
}
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
############################# run_cycles ###############################
|
|
Packit |
40b132 |
# run test cycles defined in CYCLES variable
|
|
Packit |
40b132 |
########################################################################
|
|
Packit |
40b132 |
run_cycles()
|
|
Packit |
40b132 |
{
|
|
Packit |
40b132 |
for CYCLE in ${CYCLES}
|
|
Packit |
40b132 |
do
|
|
Packit |
40b132 |
case "${CYCLE}" in
|
|
Packit |
40b132 |
"standard")
|
|
Packit |
40b132 |
run_cycle_standard
|
|
Packit |
40b132 |
;;
|
|
Packit |
40b132 |
"pkix")
|
|
Packit |
40b132 |
run_cycle_pkix
|
|
Packit |
40b132 |
;;
|
|
Packit |
40b132 |
"upgradedb")
|
|
Packit |
40b132 |
run_cycle_upgrade_db
|
|
Packit |
40b132 |
;;
|
|
Packit |
40b132 |
"sharedb")
|
|
Packit |
40b132 |
run_cycle_shared_db
|
|
Packit |
40b132 |
;;
|
|
Packit |
40b132 |
esac
|
|
Packit |
40b132 |
. ${ENV_BACKUP}
|
|
Packit |
40b132 |
done
|
|
Packit |
40b132 |
}
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
############################## main code ###############################
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
cycles="standard pkix upgradedb sharedb"
|
|
Packit |
40b132 |
CYCLES=${NSS_CYCLES:-$cycles}
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
tests="cipher lowhash libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains"
|
|
Packit |
40b132 |
TESTS=${NSS_TESTS:-$tests}
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
ALL_TESTS=${TESTS}
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
nss_ssl_tests="crl bypass_normal normal_bypass fips_normal normal_fips iopr"
|
|
Packit |
40b132 |
NSS_SSL_TESTS="${NSS_SSL_TESTS:-$nss_ssl_tests}"
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
nss_ssl_run="cov auth stapling stress"
|
|
Packit |
40b132 |
NSS_SSL_RUN="${NSS_SSL_RUN:-$nss_ssl_run}"
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
SCRIPTNAME=all.sh
|
|
Packit |
40b132 |
CLEANUP="${SCRIPTNAME}"
|
|
Packit |
40b132 |
cd `dirname $0`
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
# all.sh should be the first one to try to source the init
|
|
Packit |
40b132 |
if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
|
|
Packit |
40b132 |
cd common
|
|
Packit |
40b132 |
. ./init.sh
|
|
Packit |
40b132 |
fi
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
# NOTE:
|
|
Packit |
40b132 |
# Since in make at the top level, modutil is the last file
|
|
Packit |
40b132 |
# created, we check for modutil to know whether the build
|
|
Packit |
40b132 |
# is complete. If a new file is created after that, the
|
|
Packit |
40b132 |
# following test for modutil should check for that instead.
|
|
Packit |
40b132 |
# Exception: when building softoken only, shlibsign is the
|
|
Packit |
40b132 |
# last file created.
|
|
Packit |
40b132 |
if [ "${NSS_BUILD_SOFTOKEN_ONLY}" = "1" ]; then
|
|
Packit |
40b132 |
LAST_FILE_BUILT=shlibsign
|
|
Packit |
40b132 |
else
|
|
Packit |
40b132 |
LAST_FILE_BUILT=modutil
|
|
Packit |
40b132 |
fi
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
if [ ! -f ${DIST}/${OBJDIR}/bin/${LAST_FILE_BUILT}${PROG_SUFFIX} ]; then
|
|
Packit |
40b132 |
echo "Build Incomplete. Aborting test." >> ${LOGFILE}
|
|
Packit |
40b132 |
html_head "Testing Initialization"
|
|
Packit |
40b132 |
Exit "Checking for build"
|
|
Packit |
40b132 |
fi
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
# NOTE:
|
|
Packit |
40b132 |
# Lists of enabled tests and other settings are stored to ${ENV_BACKUP}
|
|
Packit |
40b132 |
# file and are are restored after every test cycle.
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
ENV_BACKUP=${HOSTDIR}/env.sh
|
|
Packit |
40b132 |
env_backup > ${ENV_BACKUP}
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
if [ "${O_CRON}" = "ON" ]; then
|
|
Packit |
40b132 |
run_cycles >> ${LOGFILE}
|
|
Packit |
40b132 |
else
|
|
Packit |
40b132 |
run_cycles | tee -a ${LOGFILE}
|
|
Packit |
40b132 |
fi
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
SCRIPTNAME=all.sh
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
. ${QADIR}/common/cleanup.sh
|
|
Packit |
40b132 |
|