summaryrefslogtreecommitdiffstats
path: root/security/nss/tests/tlsfuzzer/tlsfuzzer.sh
blob: ecc146c240de595cc065e009458013713402a4e1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
#!/bin/bash
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.

########################################################################
#
# tests/tlsfuzzer/tlsfuzzer.sh
#
# Script to drive the ssl tlsfuzzer interop unit tests
#
########################################################################

tlsfuzzer_certs()
{
  PROFILEDIR=`pwd`

  ${BINDIR}/certutil -N -d "${PROFILEDIR}" --empty-password 2>&1
  html_msg $? 0 "create tlsfuzzer database"

  pushd "${QADIR}"
  . common/certsetup.sh
  popd

  counter=0
  make_cert rsa rsa2048 sign kex
  make_cert rsa-pss rsapss sign kex
}

tlsfuzzer_init()
{
  SCRIPTNAME="tlsfuzzer.sh"
  if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ] ; then
    cd ../common
    . ./init.sh
  fi

  mkdir -p "${HOSTDIR}/tlsfuzzer"
  pushd "${HOSTDIR}/tlsfuzzer"
  tlsfuzzer_certs

  TLSFUZZER=${TLSFUZZER:=tlsfuzzer}
  if [ ! -d "$TLSFUZZER" ]; then
    # Can't use git-copy.sh here, as tlsfuzzer doesn't have any tags
    git clone -q https://github.com/tomato42/tlsfuzzer/ "$TLSFUZZER"
    git -C "$TLSFUZZER" checkout a40ce4085052a4da9a05f9149b835a76c194a0c6

    # We could use tlslite-ng from pip, but the pip command installed
    # on TC is too old to support --pre
    ${QADIR}/../fuzz/config/git-copy.sh https://github.com/tomato42/tlslite-ng/ v0.8.0-alpha18 tlslite-ng

    pushd "$TLSFUZZER"
    ln -s ../tlslite-ng/tlslite tlslite
    popd

    # Install tlslite-ng dependencies
    ${QADIR}/../fuzz/config/git-copy.sh https://github.com/warner/python-ecdsa master python-ecdsa
    ${QADIR}/../fuzz/config/git-copy.sh https://github.com/benjaminp/six master six

    pushd "$TLSFUZZER"
    ln -s ../python-ecdsa/src/ecdsa ecdsa
    ln -s ../six/six.py .
    popd
  fi

  # Find usable port
  PORT=${PORT-8443}
  while true; do
    "${BINDIR}/selfserv" -w nss -d "${HOSTDIR}/tlsfuzzer" -n rsa \
			 -p "${PORT}" -i selfserv.pid &
    [ -f selfserv.pid ] || sleep 5
    if [ -f selfserv.pid ]; then
      kill $(cat selfserv.pid)
      wait $(cat selfserv.pid)
      rm -f selfserv.pid
      break
    fi
    PORT=$(($PORT + 1))
  done

  sed -e "s|@PORT@|${PORT}|g" \
      -e "s|@SELFSERV@|${BINDIR}/selfserv|g" \
      -e "s|@SERVERDIR@|${HOSTDIR}/tlsfuzzer|g" \
      -e "s|@HOSTADDR@|${HOSTADDR}|g" \
      ${QADIR}/tlsfuzzer/config.json.in > ${TLSFUZZER}/config.json
  popd

  SCRIPTNAME="tlsfuzzer.sh"
  html_head "tlsfuzzer test"
}

tlsfuzzer_cleanup()
{
  cd ${QADIR}
  . common/cleanup.sh
}

tlsfuzzer_run_tests()
{
  pushd "${HOSTDIR}/tlsfuzzer/${TLSFUZZER}"
  PYTHONPATH=. python tests/scripts_retention.py config.json "${BINDIR}/selfserv"
  html_msg $? 0 "tlsfuzzer" "Run successfully"
  popd
}

cd "$(dirname "$0")"
tlsfuzzer_init
tlsfuzzer_run_tests
tlsfuzzer_cleanup