On Thu, 29 Jul 2010 13:27:27 -0500 Kent Yoder <[email protected]> wrote:
Applied to 'master' branch. Thanks! > > This patch enables the make installcheck target to do an automated > test run against opencryptoki. In order to make installcheck you > must be root, and make will fail if the token is already > initialized. To allow a test run to succeed for a $TOKEN, you need > to first run rm -rf @localstatedir@/opencryptoki/$TOKEN/*. Requiring > this ensures that a user cannot blow away an in-use token > accidentally. make installcheck will kill a running pkcsslotd. > > This patch modifies > - testcases/Makefile.am > o add the installcheck target > o pre-process init_token.sh.in > - testcases/init_token.sh -> testcases/init_token.sh.in > - testcases/init_token.sh.in > o have the build fill-in the full path to pkcsconf > o return an error code to the command line if pkcsconf fails > - testcases/ock_tests.sh.in: > o put a list of tests to run at the top > o process spaces in the output of $PKCONF parsing > o call init_token.sh for each slot we test and fail if it fails > > Thanks, > Kent > > Signed-off-by: Kent Yoder <[email protected]> > > diff --git a/testcases/Makefile.am b/testcases/Makefile.am > index 0a0c878..2eea334 100644 > --- a/testcases/Makefile.am > +++ b/testcases/Makefile.am > @@ -1,8 +1,10 @@ > -noinst_SCRIPTS = ock_tests.sh > +SUBDIRS=common driver init_tok mkobj oc-digest rsa_keygen rsa_test > speed test_crypto threadmkobj tok_obj v2.11 login + > +noinst_SCRIPTS = ock_tests.sh init_token.sh > > -EXTRA_DIST = ock_tests.sh.in > +EXTRA_DIST = ock_tests.sh.in init_token.sh.in > > -CLEANFILES = ock_tests.sh > +CLEANFILES = ock_tests.sh init_token.sh > > ock_tests.sh: ock_tests.sh.in > @SED@ -e > s...@localstatedir\@!"@localstatedir@"!g \ @@ -11,4 +13,18 @@ > ock_tests.sh: ock_tests.sh.in @CHMOD@ a+x $...@-t > mv $...@-t $@ > > -SUBDIRS=common driver init_tok mkobj oc-digest rsa_keygen rsa_test > speed test_crypto threadmkobj tok_obj v2.11 login +init_token.sh: > init_token.sh.in > + @SED@ -e > s...@localstatedir\@!"@localstatedir@"!g \ > + -e > s...@sbindir\@!"@sbindir@"!g \ > + -e s...@libdir\@!"@libdir@"!g < $< > $...@-t > + @CHMOD@ a+x $...@-t > + mv $...@-t $@ > + > + > +installcheck-local: all > + killall -HUP pkcsslotd || true > + @sbindir@/pkcs11_startup > + @sbindir@/pkcsslotd > + pkcsl...@libdir@/opencryptoki/libopencryptoki.so > PKCS11_SO_PIN=76543210 PKCS11_USER_PIN=01234567 sh ./ock_tests.sh > + killall -HUP pkcsslotd > + > diff --git a/testcases/init_token.sh b/testcases/init_token.sh > deleted file mode 100755 > index 25ee244..0000000 > --- a/testcases/init_token.sh > +++ /dev/null > @@ -1,59 +0,0 @@ > -#!/usr/bin/expect -f > - > -set timeout 5 > - > -spawn pkcsconf -c [lindex $argv 0] -I > -expect "Enter the SO PIN: " > -sleep .1 > -send "87654321\r" > -sleep .1 > -expect "label: " > -sleep .1 > -send "ibmtest\r" > -sleep .1 > -expect eof > - > -spawn pkcsconf -c [lindex $argv 0] -P > -expect "Enter the SO PIN: " > -sleep .1 > -send "87654321\r" > -sleep .1 > -expect "Enter the new SO PIN: " > -sleep .1 > -send "76543210\r" > -sleep .1 > -expect "Re-enter the new SO PIN: " > -sleep .1 > -send "76543210\r" > -sleep .1 > -expect eof > - > -spawn pkcsconf -c [lindex $argv 0] -u > -expect "Enter the SO PIN: " > -sleep .1 > -send "76543210\r" > -sleep .1 > -expect "Enter the new user PIN: " > -sleep .1 > -send "12345678\r" > -sleep .1 > -expect "Re-enter the new user PIN: " > -sleep .1 > -send "12345678\r" > -sleep .1 > -expect eof > - > -spawn pkcsconf -c [lindex $argv 0] -p > -expect "Enter user PIN: " > -sleep .1 > -send "12345678\r" > -sleep .1 > -expect "Enter the new user PIN: " > -sleep .1 > -send "01234567\r" > -sleep .1 > -expect "Re-enter the new user PIN: " > -sleep .1 > -send "01234567\r" > -sleep .1 > -expect eof > diff --git a/testcases/init_token.sh.in b/testcases/init_token.sh.in > new file mode 100755 > index 0000000..9fe849a > --- /dev/null > +++ b/testcases/init_token.sh.in > @@ -0,0 +1,64 @@ > +#!/usr/bin/expect -f > + > +set timeout 5 > + > +spawn @sbindir@/pkcsconf -c [lindex $argv 0] -I > +expect "Enter the SO PIN: " > +sleep .1 > +send "87654321\r" > +sleep .1 > +expect "label: " > +sleep .1 > +send "ibmtest\r" > +sleep .1 > +expect eof {} \ > +"Incorrect PIN Entered." {exit 1} > + > +spawn @sbindir@/pkcsconf -c [lindex $argv 0] -P > +expect "Enter the SO PIN: " > +sleep .1 > +send "87654321\r" > +sleep .1 > +expect "Enter the new SO PIN: " > +sleep .1 > +send "76543210\r" > +sleep .1 > +expect "Re-enter the new SO PIN: " > +sleep .1 > +send "76543210\r" > +sleep .1 > +expect eof {} \ > +"Incorrect PIN Entered." {exit 1} > + > +spawn @sbindir@/pkcsconf -c [lindex $argv 0] -u > +expect "Enter the SO PIN: " > +sleep .1 > +send "76543210\r" > +sleep .1 > +expect "Enter the new user PIN: " > +sleep .1 > +send "12345678\r" > +sleep .1 > +expect "Re-enter the new user PIN: " > +sleep .1 > +send "12345678\r" > +sleep .1 > +expect eof {} \ > +"Incorrect PIN Entered." {exit 1} > + > +spawn @sbindir@/pkcsconf -c [lindex $argv 0] -p > +expect "Enter user PIN: " > +sleep .1 > +send "12345678\r" > +sleep .1 > +expect "Enter the new user PIN: " > +sleep .1 > +send "01234567\r" > +sleep .1 > +expect "Re-enter the new user PIN: " > +sleep .1 > +send "01234567\r" > +sleep .1 > +expect eof {} \ > +"Incorrect PIN Entered." {exit 1} > + > diff --git a/testcases/ock_tests.sh.in b/testcases/ock_tests.sh.in > index ca474b6..7052d35 100755 > --- a/testcases/ock_tests.sh.in > +++ b/testcases/ock_tests.sh.in > @@ -44,10 +44,22 @@ TCSD="/usr/sbin/tcsd" > PKCONF="@localstatedir@/lib/opencryptoki/pk_config_data" > PKCSCONFBIN="@sbindir@/pkcsconf" > TESTCONF="$PWD/ock-tests.config" > -OCKDIR="lib/opencryptoki" > +OCKDIR="@localstatedir@/lib/opencryptoki" > STDLLDIR="@libdir@/pkcs11/stdll" > CONFSTART="@sbindir@/pkcs11_startup" > > +# > +# This is the list of the tests we'll be running once everything is > initialized +# > +# The order of these tests matters. v2.11/login leaves the token > with its USER +# PIN locked, leaving the token unusable until someone > manually deletes +# $OCKDIR/$TOKEN/*. Manually deleting this dir is > pre-req for starting the +# automated tests anyway, so this is OK. > +# > +# v2.11/login MUST come last if it appears in this list > +# > +OCK_TESTS="driver/*tests" > + > usage() > { > cat <<-END >&2 > @@ -101,6 +113,8 @@ check_slots() > exit -1 > fi > > + OLDIFS=$IFS > + IFS=$(echo -en "\n\b") > #Are all the tokens listed in pk_config_data loaded? > for i in $( cat $PKCONF | awk -F \| '{print $3}' ) > do > @@ -116,6 +130,7 @@ check_slots() > echo > fi > done > + IFS=$OLDIFS > } > > check_files() > @@ -180,8 +195,11 @@ run_tests() > do > if [ -z "$SLOT" ] || [ "$SLOT" = "$i" ] > then > - for j in $( ls driver/*tests ) > - do > + ./init_token.sh $i > + RC=$? > + if test $RC -ne 0;then exit $RC;fi > + for j in $( ls $OCK_TESTS ) > + do > echo "=====Now executing '$j'======" > $j -slot $i $NO_STOP 2>&1 > done > > ------------------------------------------------------------------------------ > The Palm PDK Hot Apps Program offers developers who use the > Plug-In Development Kit to bring their C/C++ apps to Palm for a share > of $1 Million in cash or HP Products. Visit us here for more details: > http://p.sf.net/sfu/dev2dev-palm > _______________________________________________ > Opencryptoki-tech mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech -- Klaus Heinrich Kiwi | [email protected] | http://blog.klauskiwi.com Open Source Security blog : http://www.ratliff.net/blog IBM Linux Technology Center : http://www.ibm.com/linux/ltc ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
