summaryrefslogtreecommitdiffstats
path: root/security/nss/tests/run_niscc.sh
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/tests/run_niscc.sh')
-rwxr-xr-xsecurity/nss/tests/run_niscc.sh982
1 files changed, 982 insertions, 0 deletions
diff --git a/security/nss/tests/run_niscc.sh b/security/nss/tests/run_niscc.sh
new file mode 100755
index 000000000..def3fd07e
--- /dev/null
+++ b/security/nss/tests/run_niscc.sh
@@ -0,0 +1,982 @@
+#!/bin/bash
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#
+# PRIOR TO RUNNING THIS SCRIPT
+# you should adjust MAIL_COMMAND and QA_LIST
+#
+# External dependencies:
+# - install the NISCC test files, e.g. at /niscc (readonly OK)
+# - libfaketimeMT because the test certificates have expired
+# - build environment for building NSS
+# - gdb to analyze core files
+# - a command line mail tool (e.g. mailx)
+# - openssl to combine input PEM files into pkcs#12
+# - curl for obtaining version information from the web
+#
+
+################################################################################
+# Print script usage
+################################################################################
+usage()
+{
+ cat << EOF
+Usage: $0 [options]
+
+Test NSS library against NISCC SMIME and TLS testcases.
+
+Options:
+ -h, --help print this help message and exit
+ -v, --verbose enable extra verbose output
+ --niscc-home DIR use NISCC testcases from directory DIR (default /niscc)
+ --host HOST use host HOST (default '127.0.0.1')
+ --threads X set thread number to X (max. 10, default 10)
+ --out DIR set DIR as output directory (default '/out')
+ --mail ADDRESS send mail with test result to ADDRESS
+ --nss DIR set NSS directory to DIR (default '~/niscc-hg/nss')
+ --nss-hack DIR set hacked NSS directory to DIR (default '~/niscc-hg/nss_hack')
+ --log-store store all the logs (only summary by default)
+ --no-build-test don't pull and build tested NSS
+ --no-build-hack don't pull and build hacked NSS
+ --test-system test system installed NSS
+ --date DATE use DATE in log archive name and outgoing email
+ --libfaketime path.so use faketime library with LD_PRELOAD=path.so
+ --smallset test only a very small subset
+
+All options are optional.
+All options (and possibly more) can be also set through environment variables.
+Commandline options have higher priority than environment variables.
+For more information please refer to the source code of this script.
+
+For a successfull run the script NEEDS the core file pattern to be 'core.*',
+e.g. 'core.%t'. You can check the current pattern in
+'/proc/sys/kernel/core_pattern'. Otherwise the test will be unable to detect
+any failures and will pass every time.
+
+It is recommended to use hacked and tested binaries in a location, where their
+absolute path is max. 80 characters. If their path is longer and a core file is
+generated, its properties may be incomplete.
+
+Return value of the script indicates how many failures it experienced.
+
+EOF
+ exit $1
+}
+
+################################################################################
+# Process command-line arguments
+################################################################################
+process_args()
+{
+ HELP="false"
+ args=`getopt -u -l "niscc-home:,host:,threads:,out:,verbose,mail:,nss:,nss-hack:,log-store,no-build-test,no-build-hack,help,test-system,date:,libfaketime:,smallset" -- "hv" $*`
+ [ "$?" != "0" ] && usage 1
+ set -- $args
+ for i; do
+ case "$i" in
+ -v|--verbose)
+ shift
+ VERBOSE="-v"
+ ;;
+ --niscc-home)
+ shift
+ NISCC_HOME="$1"
+ shift
+ ;;
+ --host)
+ shift
+ HOST="$1"
+ shift
+ ;;
+ --threads)
+ shift
+ THREADS="$1"
+ shift
+ ;;
+ --out)
+ shift
+ TEST_OUTPUT="$1"
+ shift
+ ;;
+ --mail)
+ shift
+ USE_MAIL="true"
+ QA_LIST="$1"
+ shift
+ ;;
+ --nss)
+ shift
+ LOCALDIST="$1"
+ shift
+ ;;
+ --nss-hack)
+ shift
+ NSS_HACK="$1"
+ shift
+ ;;
+ --log-store)
+ shift
+ LOG_STORE="true"
+ ;;
+ --no-build-test)
+ shift
+ NO_BUILD_TEST="true"
+ ;;
+ --no-build-hack)
+ shift
+ NO_BUILD_HACK="true"
+ ;;
+ -h|--help)
+ shift
+ HELP="true"
+ ;;
+ --test-system)
+ shift
+ TEST_SYSTEM="true"
+ ;;
+ --date)
+ shift
+ DATE="$1"
+ shift
+ ;;
+ --libfaketime)
+ shift
+ FAKETIMELIB="$1"
+ shift
+ ;;
+ --smallset)
+ shift
+ SMALLSET="true"
+ ;;
+ --)
+ ;;
+ *)
+ ;;
+ esac
+ done
+ [ $HELP = "true" ] && usage 0
+}
+
+################################################################################
+# Create and set needed and useful environment variables
+################################################################################
+create_environment()
+{
+ # Base location of NISCC testcases
+ export NISCC_HOME=${NISCC_HOME:-/niscc}
+
+ # Base location of NSS
+ export HG=${HG:-"$HOME/niscc-hg"}
+
+ # NSS being tested
+ export LOCALDIST=${LOCALDIST:-"${HG}/nss"}
+
+ # Hacked NSS - built with "NISCC_TEST=1"
+ export NSS_HACK=${NSS_HACK:-"${HG}/nss_hack"}
+
+ # Hostname of the testmachine
+ export HOST=${HOST:-127.0.0.1}
+
+ # Whether to store logfiles
+ export LOG_STORE=${LOG_STORE:-"false"}
+
+ # Whether to mail the summary
+ export USE_MAIL=${USE_MAIL:-"false"}
+
+ # How to mail summary
+ export MAIL_COMMAND=${MAIL_COMMAND:-"mailx -S smtp=smtp://your.smtp.server:25 -r your+niscc@email.address"}
+
+ # List of mail addresses where to send summary
+ export QA_LIST=${QA_LIST:-"result@recipient.address"}
+
+ # Whether to use 64b build
+ export USE_64=${USE_64:-1}
+
+ # Directory where to write all the output data (around 650MiB for each run)
+ export TEST_OUTPUT=${TEST_OUTPUT:-"$HOME/out"}
+
+ # How many threads to use in selfserv and strsclnt (max. 10)
+ export THREADS=${THREADS:-10}
+
+ # If true, do not build tthe tested version of NSS
+ export NO_BUILD_TEST=${NO_BUILD_TEST:-"false"}
+
+ # If true, do not build the special NSS version for NISCC
+ export NO_BUILD_HACK=${NO_BUILD_HACK:-"false"}
+
+ # If true, do not rebuild client and server directories
+ export NO_SETUP=${NO_SETUP:-"false"}
+
+ # Location of NISCC SSL/TLS testcases
+ export TEST=${TEST:-"${NISCC_HOME}/NISCC_SSL_testcases"}
+
+ # If true, then be extra verbose
+ export VERBOSE=${VERBOSE:-""}
+
+ # If true, test the system installed NSS
+ export TEST_SYSTEM=${TEST_SYSTEM:-"false"}
+ [ "$TEST_SYSTEM" = "true" ] && export NO_BUILD_TEST="true"
+
+ [ ! -z "$VERBOSE" ] && set -xv
+
+ # Real date for naming of archives (system date must be 2002-11-18 .. 2007-11-18 due to certificate validity
+ DATE=${DATE:-`date`}
+ export DATE=`date -d "$DATE" +%Y%m%d`
+
+ FAKETIMELIB=${FAKETIMELIB:-""}
+ export DATE=`date -d "$DATE" +%Y%m%d`
+
+ # Whether to test only a very small subset
+ export SMALLSET=${SMALLSET:-"false"}
+
+ # Create output dir if it doesn't exist
+ mkdir -p ${TEST_OUTPUT}
+}
+
+################################################################################
+# Do a HG pull of NSS
+################################################################################
+hg_pull()
+{
+ # Tested NSS - by default using HG default tip
+ if [ "$NO_BUILD_TEST" = "false" ]; then
+ echo "cloning NSS sources to be tested from HG"
+ [ ! -d "$LOCALDIST" ] && mkdir -p "$LOCALDIST"
+ cd "$LOCALDIST"
+ [ ! -d "$LOCALDIST/nspr" ] && hg clone --noupdate https://hg.mozilla.org/projects/nspr
+ cd nspr; hg pull; hg update -C -r default; cd ..
+ [ ! -d "$LOCALDIST/nss" ] && hg clone --noupdate https://hg.mozilla.org/projects/nss
+ cd nss; hg pull; hg update -C -r default; cd ..
+ #find . -exec touch {} \;
+ fi
+
+ # Hacked NSS - by default using some RTM version.
+ # Do not use HEAD for hacked NSS - it needs to be stable and bug-free
+ if [ "$NO_BUILD_HACK" = "false" ]; then
+ echo "cloning NSS sources for a hacked build from HG"
+ [ ! -d "$NSS_HACK" ] && mkdir -p "$NSS_HACK"
+ cd "$NSS_HACK"
+ NSPR_TAG=`curl --silent http://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/nsprpub/TAG-INFO | head -1 | sed --regexp-extended 's/[[:space:]]//g' | awk '{print $1}'`
+ NSS_TAG=`curl --silent http://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/security/nss/TAG-INFO | head -1 | sed --regexp-extended 's/[[:space:]]//g' | awk '{print $1}'`
+ [ ! -d "$NSS_HACK/nspr" ] && hg clone --noupdate https://hg.mozilla.org/projects/nspr
+ cd nspr; hg pull; hg update -C -r "$NSPR_TAG"; cd ..
+ [ ! -d "$NSS_HACK/nss" ] && hg clone --noupdate https://hg.mozilla.org/projects/nss
+ cd nss; hg pull; hg update -C -r "$NSS_TAG"; cd ..
+ #find . -exec touch {} \;
+ fi
+}
+
+################################################################################
+# Build NSS after setting make variable NISCC_TEST
+################################################################################
+build_NSS()
+{
+ # Tested NSS
+ if [ "$NO_BUILD_TEST" = "false" ]; then
+ echo "building NSS to be tested"
+ cd "$LOCALDIST"
+ unset NISCC_TEST
+ cd nss
+ gmake nss_clean_all &>> $TEST_OUTPUT/nisccBuildLog
+ gmake nss_build_all &>> $TEST_OUTPUT/nisccBuildLog
+ fi
+
+ # Hacked NSS
+ if [ "$NO_BUILD_HACK" = "false" ]; then
+ echo "building hacked NSS"
+ cd "$NSS_HACK"
+ export NISCC_TEST=1
+ cd nss
+ gmake nss_clean_all &>> $TEST_OUTPUT/nisccBuildLogHack
+ gmake nss_build_all &>> $TEST_OUTPUT/nisccBuildLogHack
+ fi
+
+ unset NISCC_TEST
+}
+
+################################################################################
+# Set build dir, bin and lib directories
+################################################################################
+init()
+{
+ # Enable useful core files to be generated in case of crash
+ ulimit -c unlimited
+
+ # Pattern of core files, they should be created in current directory
+ echo "core_pattern $(cat /proc/sys/kernel/core_pattern)" > "$TEST_OUTPUT/nisccLog00"
+
+ # gmake is needed in the path for this suite to run
+ echo "PATH $PATH" >> "$TEST_OUTPUT/nisccLog00"
+
+ # Find out hacked NSS version
+ DISTTYPE=`cd "$NSS_HACK/nss/tests/common"; gmake objdir_name`
+ echo "NSS_HACK DISTTYPE $DISTTYPE" >> "$TEST_OUTPUT/nisccLog00"
+ export HACKBIN="$NSS_HACK/dist/$DISTTYPE/bin"
+ export HACKLIB="$NSS_HACK/dist/$DISTTYPE/lib"
+
+ if [ "$TEST_SYSTEM" = "false" ]; then
+ # Find out nss version
+ DISTTYPE=`cd "$LOCALDIST/nss/tests/common"; gmake objdir_name`
+ echo "NSS DISTTYPE $DISTTYPE" >> "$TEST_OUTPUT/nisccLog00"
+ export TESTBIN="$LOCALDIST/dist/$DISTTYPE/bin"
+ export TESTLIB="$LOCALDIST/dist/$DISTTYPE/lib"
+ export TESTTOOLS="$TESTBIN"
+ else
+ # Using system installed NSS
+ echo "USING SYSTEM NSS" >> "$TEST_OUTPUT/nisccLog00"
+ export TESTBIN="/usr/bin"
+ if [ `uname -m` = "x86_64" ]; then
+ export TESTLIB="/usr/lib64"
+ export TESTTOOLS="/usr/lib64/nss/unsupported-tools"
+ else
+ export TESTLIB="/usr/lib"
+ export TESTTOOLS="/usr/lib/nss/unsupported-tools"
+ fi
+ fi
+
+ # Verify NISCC_TEST was set in the proper library
+ if strings "$HACKLIB/libssl3.so" | grep NISCC_TEST > /dev/null 2>&1; then
+ echo "$HACKLIB/libssl3.so contains NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
+ else
+ echo "$HACKLIB/libssl3.so does NOT contain NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
+ fi
+
+ if strings "$TESTLIB/libssl3.so" | grep NISCC_TEST > /dev/null 2>&1; then
+ echo "$TESTLIB/libssl3.so contains NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
+ else
+ echo "$TESTLIB/libssl3.so does NOT contain NISCC_TEST" >> "$TEST_OUTPUT/nisccLog00"
+ fi
+}
+
+################################################################################
+# Setup simple client and server directory
+################################################################################
+ssl_setup_dirs_simple()
+{
+ [ "$NO_SETUP" = "true" ] && return
+
+ echo "Setting up working directories for SSL simple tests"
+
+ CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
+ SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
+
+ # Generate .p12 files
+ openssl pkcs12 -export -inkey "$TEST/client_key.pem" -in "$TEST/client_crt.pem" -out "$TEST_OUTPUT/client_crt.p12" -passout pass:testtest1 -name "client_crt"
+ openssl pkcs12 -export -inkey "$TEST/server_key.pem" -in "$TEST/server_crt.pem" -out "$TEST_OUTPUT/server_crt.p12" -passout pass:testtest1 -name "server_crt"
+
+ # Setup simple client directory
+ rm -rf "$CLIENT"
+ mkdir -p "$CLIENT"
+ echo test > "$CLIENT/password-is-test.txt"
+ export LD_LIBRARY_PATH="$TESTLIB"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -N -d "$CLIENT" -f "$CLIENT/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -A -d "$CLIENT" -n rootca -i "$TEST/rootca.crt" -t "C,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/pk12util" -i "$TEST_OUTPUT/client_crt.p12" -d "$CLIENT" -k "$CLIENT/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -L -d "$CLIENT" >> "$TEST_OUTPUT/nisccLog00" 2>&1
+
+ # File containg message used for terminating the server
+ echo "GET /stop HTTP/1.0" > "$CLIENT/stop.txt"
+ echo "" >> "$CLIENT/stop.txt"
+
+ # Setup simple server directory
+ rm -rf "$SERVER"
+ mkdir -p "$SERVER"
+ echo test > "$SERVER/password-is-test.txt"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -N -d "$SERVER" -f "$SERVER/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -A -d "$SERVER" -n rootca -i "$TEST/rootca.crt" -t "TC,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/pk12util" -i "$TEST_OUTPUT/server_crt.p12" -d "$SERVER" -k "$SERVER/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -L -d "$SERVER" >> "$TEST_OUTPUT/nisccLog00" 2>&1
+
+ unset LD_LIBRARY_PATH
+}
+
+################################################################################
+# Setup resigned client and server directory
+################################################################################
+ssl_setup_dirs_resigned()
+{
+ [ "$NO_SETUP" = "true" ] && return
+
+ echo "Setting up working directories for SSL resigned tests"
+
+ CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
+ SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
+
+ # Setup resigned client directory
+ rm -rf "$CLIENT"
+ mkdir -p "$CLIENT"
+ echo test > "$CLIENT/password-is-test.txt"
+ export LD_LIBRARY_PATH="$TESTLIB"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -N -d "$CLIENT" -f "$CLIENT/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -A -d "$CLIENT" -n rootca -i "$TEST/rootca.crt" -t "C,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/pk12util" -i "$TEST_OUTPUT/client_crt.p12" -d "$CLIENT" -k "$CLIENT/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -L -d "$CLIENT" >> "$TEST_OUTPUT/nisccLog00" 2>&1
+
+ echo "GET /stop HTTP/1.0" > "$CLIENT/stop.txt"
+ echo "" >> "$CLIENT/stop.txt"
+
+ # Setup resigned server directory
+ rm -rf "$SERVER"
+ mkdir -p "$SERVER"
+ echo test > "$SERVER/password-is-test.txt"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -N -d "$SERVER" -f "$SERVER/password-is-test.txt" >> "$TEST_OUTPUT/nisccLog00" 2>&1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -A -d "$SERVER" -n rootca -i "$TEST/rootca.crt" -t "TC,C," >> "$TEST_OUTPUT/nisccLog00" 2>&1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/pk12util" -i "$TEST_OUTPUT/server_crt.p12" -d "$SERVER" -k "$SERVER/password-is-test.txt" -W testtest1 >> "$TEST_OUTPUT/nisccLog00" 2>&1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -L -d "$SERVER" >> "$TEST_OUTPUT/nisccLog00" 2>&1
+
+ unset LD_LIBRARY_PATH
+}
+
+################################################################################
+# NISCC SMIME tests
+################################################################################
+niscc_smime()
+{
+ cd "$TEST_OUTPUT"
+ DATA="$NISCC_HOME/NISCC_SMIME_testcases"
+
+ [ ! -d niscc_smime ] && mkdir -p niscc_smime
+
+ export SMIME_CERT_DB_DIR=envDB
+ export NSS_STRICT_SHUTDOWN=1
+ export NSS_DISABLE_ARENA_FREE_LIST=1
+ export LD_LIBRARY_PATH="$TESTLIB"
+
+ # Generate .p12 files
+ openssl pkcs12 -export -inkey "$DATA/Client.key" -in "$DATA/Client.crt" -out Client.p12 -passout pass:testtest1 &>/dev/null
+ openssl pkcs12 -export -inkey "$DATA/CA.key" -in "$DATA/CA.crt" -out CA.p12 -passout pass:testtest1 &>/dev/null
+
+ # Generate envDB if needed
+ if [ ! -d "$SMIME_CERT_DB_DIR" ]; then
+ mkdir -p "$SMIME_CERT_DB_DIR"
+ echo testtest1 > password-is-testtest1.txt
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -N -d "./$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt > /dev/null 2>&1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt -i "$DATA/CA.crt" -n CA -t "TC,C,"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt -i "$DATA/Client.crt" -n Client -t "TC,C,"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/pk12util" -i ./CA.p12 -d "$SMIME_CERT_DB_DIR" -k password-is-testtest1.txt -W testtest1
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/pk12util" -i ./Client.p12 -d "$SMIME_CERT_DB_DIR" -k password-is-testtest1.txt -W testtest1
+ fi
+
+ # if p7m-ed-m-files.txt does not exist, then generate it.
+ [ -f "$DATA/p7m-ed-m-files.txt" ] && sed "s|^|$DATA/|" "$DATA/p7m-ed-m-files.txt" > p7m-ed-m-files.txt
+ export P7M_ED_M_FILES=p7m-ed-m-files.txt
+ if [ "$SMALLSET" = "true" ]; then
+ [ ! -f "$P7M_ED_M_FILES" ] && find "$DATA"/p7m-ed-m-0* -type f -print | head -10 >> "$P7M_ED_M_FILES"
+ else
+ [ ! -f "$P7M_ED_M_FILES" ] && find "$DATA"/p7m-ed-m-0* -type f -print >> "$P7M_ED_M_FILES"
+ fi
+
+ # Test "p7m-ed-m*" testcases
+ echo "Testing SMIME enveloped data testcases"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/cmsutil" $VERBOSE -D -d "$SMIME_CERT_DB_DIR" -p testtest1 -b -i "$P7M_ED_M_FILES" > niscc_smime/p7m-ed-m-results.txt 2>&1
+
+ export SMIME_CERT_DB_DIR=sigDB
+ # Generate sigDB if needed
+ if [ ! -d "$SMIME_CERT_DB_DIR" ]; then
+ mkdir -p "$SMIME_CERT_DB_DIR"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -N -d "$SMIME_CERT_DB_DIR" -f password-is-testtest1.txt
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -i "$DATA/CA.crt" -n CA -t "TC,C,"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/certutil" -A -d "$SMIME_CERT_DB_DIR" -i "$DATA/Client.crt" -n Client -t "TC,C,"
+ fi
+
+ # if p7m-sd-dt-files.txt does not exist, then generate it.
+ [ -f "$DATA/p7m-sd-dt-files.txt" ] && sed "s|^|$DATA/|" "$DATA/p7m-sd-dt-files.txt" > p7m-sd-dt-files.txt
+ export P7M_SD_DT_FILES=p7m-sd-dt-files.txt
+ if [ "$SMALLSET" = "true" ]; then
+ [ ! -f "$P7M_SD_DT_FILES" ] && find "$DATA"/p7m-sd-dt-[cm]-* -type f -print | head -10 >> "$P7M_SD_DT_FILES"
+ else
+ [ ! -f "$P7M_SD_DT_FILES" ] && find "$DATA"/p7m-sd-dt-[cm]-* -type f -print >> "$P7M_SD_DT_FILES"
+ fi
+
+ [ ! -f detached.txt ] && touch detached.txt
+
+ # Test "p7m-sd-dt*" testcases
+ echo "Testing SMIME detached signed data testcases"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/cmsutil" $VERBOSE -D -d "$SMIME_CERT_DB_DIR" -c detached.txt -b -i "$P7M_SD_DT_FILES" > niscc_smime/p7m-sd-dt-results.txt 2>&1
+
+ # if p7m-sd-op-files.txt does not exist, then generate it.
+ [ -f "$DATA/p7m-sd-op-files.txt" ] && sed "s|^|$DATA/|" "$DATA/p7m-sd-op-files.txt" > p7m-sd-op-files.txt
+ export P7M_SD_OP_FILES=p7m-sd-op-files.txt
+ if [ "$SMALLSET" = "true" ]; then
+ [ ! -f "$P7M_SD_OP_FILES" ] && find "$DATA"/p7m-sd-op-[cm]-* -type f -print | head -10 >> "$P7M_SD_OP_FILES"
+ else
+ [ ! -f "$P7M_SD_OP_FILES" ] && find "$DATA"/p7m-sd-op-[cm]-* -type f -print >> "$P7M_SD_OP_FILES"
+ fi
+
+ # Test "p7m-sd-op*" testcases
+ echo "Testing SMIME opaque signed data testcases"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTBIN}/cmsutil" $VERBOSE -D -d "$SMIME_CERT_DB_DIR" -b -i "$P7M_SD_OP_FILES" > niscc_smime/p7m-sd-op-results.txt 2>&1
+
+ unset LD_LIBRARY_PATH
+}
+
+################################################################################
+# Set env variables for NISCC SSL tests
+################################################################################
+niscc_ssl_init()
+{
+ export NSS_STRICT_SHUTDOWN=1
+ export NSS_DISABLE_ARENA_FREE_LIST=1
+ cd "$TEST_OUTPUT"
+}
+
+force_crash()
+{
+ echo "int main(int argc, char *argv[]) { int *i; i = (int*)(void*)1; *i = 1; }" > "$TEST_OUTPUT/crashme.c"
+ gcc -g -o "$TEST_OUTPUT/crashme" "$TEST_OUTPUT/crashme.c"
+ "$TEST_OUTPUT/crashme"
+}
+
+################################################################################
+# Do simple client auth tests
+# Use an altered client against the server
+################################################################################
+ssl_simple_client_auth()
+{
+ echo "Testing SSL simple client auth testcases"
+ export CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
+ export SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
+ export PORT=8443
+ export START_AT=1
+ if [ "$SMALLSET" = "true" ]; then
+ export STOP_AT=10
+ else
+ export STOP_AT=106160
+ fi
+ unset NISCC_TEST
+ export LD_LIBRARY_PATH="$TESTLIB"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTTOOLS}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -rr -t $THREADS -w test > "$TEST_OUTPUT/nisccLog01" 2>&1 &
+
+ export NISCC_TEST="$TEST/simple_client"
+ export LD_LIBRARY_PATH="$HACKLIB"
+
+ for START in `seq $START_AT $THREADS $STOP_AT`; do
+ START_AT=$START \
+ STOP_AT=$(($START+$THREADS)) \
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${HACKBIN}/strsclnt" $VERBOSE -d "$CLIENT" -n client_crt -p $PORT -t $THREADS -c $THREADS -o -N -w test $HOST >> "$TEST_OUTPUT/nisccLog02" 2>&1
+ done
+
+ unset NISCC_TEST
+ echo "starting tstclnt to shutdown simple client selfserv process"
+ for i in `seq 5`; do
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${HACKBIN}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog02" 2>&1
+ done
+
+ unset LD_LIBRARY_PATH
+
+ sleep 1
+}
+
+################################################################################
+# Do simple server auth tests
+# Use an altered server against the client
+################################################################################
+ssl_simple_server_auth()
+{
+ echo "Testing SSL simple server auth testcases"
+ export CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
+ export SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
+ export PORT=8444
+ export START_AT=00000001
+ if [ "$SMALLSET" = "true" ]; then
+ export STOP_AT=00000010
+ else
+ export STOP_AT=00106167
+ fi
+ export LD_LIBRARY_PATH="$HACKLIB"
+ export NISCC_TEST="$TEST/simple_server"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog03" 2>&1 &
+
+ unset NISCC_TEST
+ export LD_LIBRARY_PATH="$TESTLIB"
+ for START in `seq $START_AT $THREADS $STOP_AT`; do
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog04" 2>&1
+ done
+
+ echo "starting tstclnt to shutdown simple server selfserv process"
+ for i in `seq 5`; do
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog04" 2>&1
+ done
+
+ unset LD_LIBRARY_PATH
+
+ sleep 1
+}
+
+################################################################################
+# Do simple rootCA tests
+# Use an altered server against the client
+################################################################################
+ssl_simple_rootca()
+{
+ echo "Testing SSL simple rootCA testcases"
+ export CLIENT="$TEST_OUTPUT/niscc_ssl/simple_client"
+ export SERVER="$TEST_OUTPUT/niscc_ssl/simple_server"
+ export PORT=8445
+ export START_AT=1
+ if [ "$SMALLSET" = "true" ]; then
+ export STOP_AT=10
+ else
+ export STOP_AT=106190
+ fi
+ export LD_LIBRARY_PATH="$HACKLIB"
+ export NISCC_TEST="$TEST/simple_rootca"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog05" 2>&1 &
+
+ unset NISCC_TEST
+ export LD_LIBRARY_PATH="$TESTLIB"
+ for START in `seq $START_AT $THREADS $STOP_AT`; do
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog06" 2>&1
+ done
+
+ echo "starting tstclnt to shutdown simple rootca selfserv process"
+ for i in `seq 5`; do
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog06" 2>&1
+ done
+
+ unset LD_LIBRARY_PATH
+
+ sleep 1
+}
+
+################################################################################
+# Do resigned client auth tests
+# Use an altered client against the server
+################################################################################
+ssl_resigned_client_auth()
+{
+ echo "Testing SSL resigned client auth testcases"
+ export CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
+ export SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
+ export PORT=8446
+ export START_AT=0
+ if [ "$SMALLSET" = "true" ]; then
+ export STOP_AT=9
+ else
+ export STOP_AT=99981
+ fi
+ unset NISCC_TEST
+ export LD_LIBRARY_PATH="$TESTLIB"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTTOOLS}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -rr -t $THREADS -w test > "$TEST_OUTPUT/nisccLog07" 2>&1 &
+
+ export NISCC_TEST="$TEST/resigned_client"
+ export LD_LIBRARY_PATH="$HACKLIB"
+
+ for START in `seq $START_AT $THREADS $STOP_AT`; do
+ START_AT=$START \
+ STOP_AT=$(($START+$THREADS)) \
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${HACKBIN}/strsclnt" $VERBOSE -d "$CLIENT" -n client_crt -p $PORT -t $THREADS -c $THREADS -o -N -w test $HOST >> "$TEST_OUTPUT/nisccLog08" 2>&1
+ done
+
+ unset NISCC_TEST
+ echo "starting tstclnt to shutdown resigned client selfserv process"
+ for i in `seq 5`; do
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${HACKBIN}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog08" 2>&1
+ done
+
+ unset LD_LIBRARY_PATH
+
+ sleep 1
+}
+
+################################################################################
+# Do resigned server auth tests
+# Use an altered server against the client
+################################################################################
+ssl_resigned_server_auth()
+{
+ echo "Testing SSL resigned server auth testcases"
+ export CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
+ export SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
+ export PORT=8447
+ export START_AT=0
+ if [ "$SMALLSET" = "true" ]; then
+ export STOP_AT=9
+ else
+ export STOP_AT=100068
+ fi
+ export LD_LIBRARY_PATH="$HACKLIB"
+ export NISCC_TEST="$TEST/resigned_server"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog09" 2>&1 &
+
+ unset NISCC_TEST
+ export LD_LIBRARY_PATH="$TESTLIB"
+ for START in `seq $START_AT $THREADS $STOP_AT`; do
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog10" 2>&1
+ done
+
+ echo "starting tstclnt to shutdown resigned server selfserv process"
+ for i in `seq 5`; do
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog10" 2>&1
+ done
+
+ unset LD_LIBRARY_PATH
+
+ sleep 1
+}
+
+################################################################################
+# Do resigned rootCA tests
+# Use an altered server against the client
+################################################################################
+ssl_resigned_rootca()
+{
+ echo "Testing SSL resigned rootCA testcases"
+ export CLIENT="$TEST_OUTPUT/niscc_ssl/resigned_client"
+ export SERVER="$TEST_OUTPUT/niscc_ssl/resigned_server"
+ export PORT=8448
+ export START_AT=0
+ if [ "$SMALLSET" = "true" ]; then
+ export STOP_AT=9
+ else
+ export STOP_AT=99959
+ fi
+ export LD_LIBRARY_PATH="$HACKLIB"
+ export NISCC_TEST="$TEST/resigned_rootca"
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${HACKBIN}/selfserv" $VERBOSE -p $PORT -d "$SERVER" -n server_crt -t $THREADS -w test > "$TEST_OUTPUT/nisccLog11" 2>&1 &
+
+ unset NISCC_TEST
+ export LD_LIBRARY_PATH="$TESTLIB"
+ for START in `seq $START_AT $THREADS $STOP_AT`; do
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTTOOLS}/strsclnt" $VERBOSE -d "$CLIENT" -p $PORT -t $THREADS -c $THREADS -o -N $HOST >> "$TEST_OUTPUT/nisccLog12" 2>&1
+ done
+
+ echo "starting tstclnt to shutdown resigned rootca selfserv process"
+ for i in `seq 5`; do
+ LD_PRELOAD=${FAKETIMELIB} NO_FAKE_STAT=1 FAKETIME="@2004-03-29 14:14:14" \
+ "${TESTTOOLS}/tstclnt" -h $HOST -p $PORT -d "$CLIENT" -n client_crt -o -f -w test < "$CLIENT/stop.txt" >> "$TEST_OUTPUT/nisccLog12" 2>&1
+ done
+
+ unset LD_LIBRARY_PATH
+
+ sleep 1
+}
+
+################################################################################
+# Email the test logfile, and if core found, notify of failure
+################################################################################
+mail_testLog()
+{
+ pushd "$TEST_OUTPUT"
+
+ # remove mozilla nss build false positives and core stored in previous runs
+ find . -name "core*" -print | grep -v coreconf | grep -v core_watch | grep -v archive >> crashLog
+ export SIZE=`cat crashLog | wc -l`
+
+ [ "$USE_MAIL" = "false" ] && return
+
+ # mail text
+ MT=mailText
+ rm -f $MT
+
+ if [ "$SIZE" -ne 1 ]; then
+ echo "### FAILED ###" >> $MT
+ echo "### Exactly one crash is expected." >> $MT
+ echo "### Zero means: crash detection is broken, fix the script!" >> $MT
+ echo "### > 1 means: robustness test failure, fix the bug! (check the logs)" >> $MT
+ cat crashLog >> nisccLogSummary
+ SUBJ="FAILED: NISCC TESTS (check file: crashLog)"
+ else
+ echo ":) PASSED :)" >> $MT
+ SUBJ="PASSED: NISCC tests"
+ fi
+
+ echo "Date used during test run: $DATE" >> $MT
+
+ echo "Count of lines in files:" >> $MT
+ wc -l crashLog nisccBuildLog nisccBuildLogHack nisccLog[0-9]* p7m-* |grep -vw total >> $MT
+ NUM=`cat nisccLog0[123456789] nisccLog1[12] | egrep -ic "success/passed"`
+ echo "Number of times the SSL tests reported success/passed (low expected): $NUM" >> $MT
+ NUM=`cat nisccLog0[123456789] nisccLog1[12] | egrep -ic "problem|failed|error"`
+ echo "Number of times the SSL tests reported problem/failed/error (high expected): $NUM" >> $MT
+ NUM=`cat niscc_smime/p7m*results.txt | egrep -ic "success/passed"`
+ echo "Number of times the S/MIME tests reported success/passed (low expected): $NUM" >> $MT
+ NUM=`cat niscc_smime/p7m*results.txt | egrep -ic "problem|failed|error"`
+ echo "Number of times the S/MIME tests reported problem/failed/error (high expected): $NUM" >> $MT
+ echo "==== tail of nisccBuildLog ====" >> $MT
+ tail -20 nisccBuildLog >> $MT
+ echo "===============================" >> $MT
+ echo "==== tail of nisccBuildLogHack ====" >> $MT
+ tail -20 nisccBuildLogHack >> $MT
+ echo "===================================" >> $MT
+
+ #NUM=``
+ #echo "Number of : $NUM" >> $MT
+
+ cat $MT | $MAIL_COMMAND -s "$SUBJ" $QA_LIST
+
+ popd
+}
+
+################################################################################
+# Summarize all logs
+################################################################################
+log_summary()
+{
+ echo "Summarizing all logs"
+ # Move old logs
+ [ -f "$TEST_OUTPUT/nisccLogSummary" ] && mv nisccLogSummary nisccLogSummary.old
+ [ -f "$TEST_OUTPUT/crashLog" ] && mv crashLog crashLog.old
+
+ for a in $TEST_OUTPUT/nisccLog[0-9]*; do
+ echo ================================== "$a"
+ grep -v using "$a" | sort | uniq -c | sort -b -n +0 -1
+ done > $TEST_OUTPUT/nisccLogSummary
+
+ for a in $TEST_OUTPUT/niscc_smime/p7m-*-results.txt; do
+ echo ================================== "$a"
+ grep -v using "$a" | sort | uniq -c | sort -b -n +0 -1
+ done >> $TEST_OUTPUT/nisccLogSummary
+}
+
+################################################################################
+# Process core files
+################################################################################
+core_process()
+{
+ echo "Processing core files"
+ cd "$TEST_OUTPUT"
+
+ for CORE in `cat crashLog`; do
+ FILE=`file "$CORE" | sed "s/.* from '//" | sed "s/'.*//"`
+ BINARY=`strings "$CORE" | grep "^${FILE}" | tail -1`
+ gdb "$BINARY" "$CORE" << EOF_GDB > "$CORE.details"
+where
+quit
+EOF_GDB
+ done
+}
+
+################################################################################
+# Move the old log files to save them, delete extra log files
+################################################################################
+move_files()
+{
+ echo "Moving and deleting log files"
+ cd "$TEST_OUTPUT"
+
+ rm -rf TRASH
+ mkdir TRASH
+
+ if [ "$LOG_STORE" = "true" ]; then
+ BRANCH=`echo $LOCALDIST | sed "s:.*/\(security.*\)/builds/.*:\1:"`
+ if [ "$BRANCH" = "$LOCALDIST" ]; then
+ ARCHIVE="$TEST_OUTPUT/archive"
+ else
+ ARCHIVE="$TEST_OUTPUT/archive/$BRANCH"
+ fi
+
+ # Check for archive directory
+ if [ ! -d "$ARCHIVE" ]; then
+ mkdir -p "$ARCHIVE"
+ fi
+
+ # Determine next log storage point
+ slot=`ls -1 "$ARCHIVE" | grep $DATE | wc -l`
+ slot=`expr $slot + 1`
+ location="$ARCHIVE/$DATE.$slot"
+ mkdir -p "$location"
+
+ # Archive the logs
+ mv nisccBuildLog "$location" 2> /dev/null
+ mv nisccBuildLogHack "$location" 2> /dev/null
+ mv nisccLogSummary "$location"
+ mv nisccLog* "$location"
+ mv niscc_smime/p7m-ed-m-results.txt "$location"
+ mv niscc_smime/p7m-sd-dt-results.txt "$location"
+ mv niscc_smime/p7m-sd-op-results.txt "$location"
+
+ # Archive any core files produced
+ for core in `cat "$TEST_OUTPUT/crashLog"`; do
+ mv "$core" "$location"
+ mv "$core.details" "$location"
+ done
+ mv crashLog "$location"
+ else
+ # Logs not stored => summaries, crashlog and corefiles not moved, other logs deleted
+ mv nisccLog00 nisccLog01 nisccLog02 nisccLog03 nisccLog04 nisccLog05 nisccLog06 nisccLog07 nisccLog08 nisccLog09 nisccLog10 nisccLog11 nisccLog12 TRASH/
+ mv niscc_smime/p7m-ed-m-results.txt niscc_smime/p7m-sd-dt-results.txt niscc_smime/p7m-sd-op-results.txt TRASH/
+ fi
+ mv envDB sigDB niscc_smime niscc_ssl TRASH/
+ mv CA.p12 Client.p12 client_crt.p12 server_crt.p12 TRASH/
+ mv p7m-ed-m-files.txt p7m-sd-dt-files.txt p7m-sd-op-files.txt password-is-testtest1.txt detached.txt TRASH/
+ mv crashme.c crashme TRASH/
+}
+
+################################################################################
+# Main
+################################################################################
+process_args $*
+create_environment
+hg_pull
+build_NSS
+init
+niscc_smime
+niscc_ssl_init
+force_crash
+ssl_setup_dirs_simple
+ ssl_simple_client_auth
+ ssl_simple_server_auth
+ ssl_simple_rootca
+ssl_setup_dirs_resigned
+ ssl_resigned_client_auth
+ ssl_resigned_server_auth
+ ssl_resigned_rootca
+# no idea what these commented-out lines are supposed to be!
+#ssl_setup_dirs_update
+# ssl_update_server_auth der
+# ssl_update_client_auth der
+# ssl_update_server_auth resigned-der
+# ssl_update_client_auth resigned-der
+log_summary
+mail_testLog
+core_process
+move_files
+exit $SIZE