diff options
-rw-r--r-- | reltool.config | 1 | ||||
-rw-r--r-- | test/Makefile | 5 | ||||
-rw-r--r-- | test/catlfish-test-local-merge.cfg | 14 | ||||
-rwxr-xr-x | test/scripts/light-system-test-prepare-merge-takeover.sh | 16 | ||||
-rwxr-xr-x | test/scripts/light-system-test-prepare-redistribute-frontend.sh | 14 | ||||
-rwxr-xr-x | test/scripts/light-system-test-prepare.sh | 71 | ||||
-rwxr-xr-x | test/scripts/light-system-test-run-1.sh | 74 | ||||
-rwxr-xr-x | test/scripts/light-system-test-run-2.sh | 12 | ||||
-rwxr-xr-x | test/scripts/light-system-test-run-3.sh | 19 | ||||
-rwxr-xr-x | test/scripts/light-system-test-run-4.sh | 10 | ||||
-rwxr-xr-x | test/scripts/light-system-test-start.sh | 9 | ||||
-rwxr-xr-x | test/scripts/light-system-test-stop.sh | 7 | ||||
-rwxr-xr-x | test/scripts/light-system-test.sh | 39 | ||||
-rwxr-xr-x | tools/testcase1.py | 11 | ||||
-rwxr-xr-x | verifycert.erl | 25 |
15 files changed, 180 insertions, 147 deletions
diff --git a/reltool.config b/reltool.config index 9fa5e7f..896aaf4 100644 --- a/reltool.config +++ b/reltool.config @@ -8,6 +8,7 @@ {incl_sys_filters, ["^bin/", "^erts-.*/", "^lib"]}, {incl_app_filters, ["^ebin/", "^priv/", "^src/"]}, {app, catlfish, [{app_file, all}, {lib_dir, "."}]}, + {escript, "./verifycert.erl", [{incl_cond, include}]}, {app, plop, [{app_file, all}, {lib_dir, "../plop"}]}, {app, mochiweb, [{app_file, all}, {lib_dir, "../mochiweb"}]}, {app, idna, [{app_file, all}, {lib_dir, "../hackney/deps/idna"}]}, diff --git a/test/Makefile b/test/Makefile index f86ebf5..607989d 100644 --- a/test/Makefile +++ b/test/Makefile @@ -2,7 +2,6 @@ PREFIX=.. INSTDIR=$(PREFIX)/catlfish -SOFTHSM=/usr/local/bin/softhsm2-util tests-start: ./scripts/light-system-test-start.sh @@ -19,7 +18,9 @@ tests-makemk: tests: @make tests-makemk - ./scripts/light-system-test.sh + rm -r $(INSTDIR)/tests || true + mkdir $(INSTDIR)/tests + (cd $(INSTDIR)/tests && ../../test/scripts/light-system-test.sh) tests-createca: mkdir $(INSTDIR)/tests/httpsca diff --git a/test/catlfish-test-local-merge.cfg b/test/catlfish-test-local-merge.cfg index 766c872..273b68e 100644 --- a/test/catlfish-test-local-merge.cfg +++ b/test/catlfish-test-local-merge.cfg @@ -1,10 +1,10 @@ nodename: merge-1 paths: - mergedb: tests/mergedb - https_cacertfile: tests/httpsca/demoCA/cacert.pem - publickeys: tests/publickeys - logpublickey: tests/keys/logkey.pem - privatekeys: tests/privatekeys - verifycert_bin: ../verifycert.erl - known_roots: tests/known_roots/ + mergedb: mergedb + https_cacertfile: httpsca/demoCA/cacert.pem + publickeys: publickeys + logpublickey: keys/logkey.pem + privatekeys: privatekeys + verifycert_bin: ../bin/verifycert.erl.escript + known_roots: known_roots/ diff --git a/test/scripts/light-system-test-prepare-merge-takeover.sh b/test/scripts/light-system-test-prepare-merge-takeover.sh index 3bb5ad2..5529805 100755 --- a/test/scripts/light-system-test-prepare-merge-takeover.sh +++ b/test/scripts/light-system-test-prepare-merge-takeover.sh @@ -3,14 +3,12 @@ set -o nounset set -o errexit -SOFTHSM=/usr/local/bin/softhsm2-util -INSTDIR=../catlfish -PREFIX=.. +top_srcdir=$(cd $(dirname $0)/../..; pwd) -. ./test.shvars +. ${top_srcdir}/test/test.shvars -mv ${INSTDIR}/tests/mergedb ${INSTDIR}/tests/mergedb-down -mv ${INSTDIR}/tests/mergedb-secondary ${INSTDIR}/tests/mergedb -mkdir ${INSTDIR}/tests/mergedb-secondary -touch ${INSTDIR}/tests/mergedb-secondary/logorder -printf 0 > ${INSTDIR}/tests/mergedb-secondary/verifiedsize +mv mergedb mergedb-down +mv mergedb-secondary mergedb +mkdir mergedb-secondary +touch mergedb-secondary/logorder +printf 0 > mergedb-secondary/verifiedsize diff --git a/test/scripts/light-system-test-prepare-redistribute-frontend.sh b/test/scripts/light-system-test-prepare-redistribute-frontend.sh index c9a39a1..00d2070 100755 --- a/test/scripts/light-system-test-prepare-redistribute-frontend.sh +++ b/test/scripts/light-system-test-prepare-redistribute-frontend.sh @@ -3,13 +3,11 @@ set -o nounset set -o errexit -SOFTHSM=/usr/local/bin/softhsm2-util -INSTDIR=../catlfish -PREFIX=.. +top_srcdir=$(cd $(dirname $0)/../..; pwd) -. ./test.shvars +. ${top_srcdir}/test/test.shvars -mv ${INSTDIR}/tests/machine/machine-1 ${INSTDIR}/tests/machine/machine-1-down -mkdir -p ${INSTDIR}/tests/machine/machine-1/db -touch ${INSTDIR}/tests/machine/machine-1/db/index -touch ${INSTDIR}/tests/machine/machine-1/db/newentries +mv machine/machine-1 machine/machine-1-down +mkdir -p machine/machine-1/db +touch machine/machine-1/db/index +touch machine/machine-1/db/newentries diff --git a/test/scripts/light-system-test-prepare.sh b/test/scripts/light-system-test-prepare.sh index e5d1f81..79785c1 100755 --- a/test/scripts/light-system-test-prepare.sh +++ b/test/scripts/light-system-test-prepare.sh @@ -4,14 +4,14 @@ set -o nounset set -o errexit SOFTHSM=/usr/local/bin/softhsm2-util -INSTDIR=../catlfish -PREFIX=.. -. ./test.shvars +top_srcdir=$(cd $(dirname $0)/../..; pwd) + +. ${top_srcdir}/test/test.shvars createca () { - mkdir ${INSTDIR}/tests/httpsca - ( cd ${INSTDIR}/tests/httpsca ; \ + mkdir httpsca + ( cd httpsca ; \ mkdir -p demoCA/newcerts ; \ touch demoCA/index.txt ; \ echo 00 > demoCA/serial ; \ @@ -28,46 +28,43 @@ createca () { } createcert () { - mkdir ${INSTDIR}/tests/httpscert - openssl req -new -newkey rsa:2048 -keyout ${INSTDIR}/tests/httpscert/httpskey-1.pem -out ${INSTDIR}/tests/httpsca/httpscert-1.csr -nodes -subj '/countryName=SE/stateOrProvinceName=Stockholm/organizationName=Test/CN=localhost' - ( cd ${INSTDIR}/tests/httpsca ; \ + mkdir httpscert + openssl req -new -newkey rsa:2048 -keyout httpscert/httpskey-1.pem -out httpsca/httpscert-1.csr -nodes -subj '/countryName=SE/stateOrProvinceName=Stockholm/organizationName=Test/CN=localhost' + ( cd httpsca ; \ openssl ca -in httpscert-1.csr -keyfile key.pem -out httpscert-1.pem -batch \ ) - cp ${INSTDIR}/tests/httpsca/httpscert-1.pem ${INSTDIR}/tests/httpscert/ + cp httpsca/httpscert-1.pem httpscert/ } - -rm -r ${INSTDIR}/tests || true -mkdir ${INSTDIR}/tests createca createcert -mkdir ${INSTDIR}/tests/keys -(cd ${INSTDIR}/tests/keys ; ../../../tools/create-key.sh logkey) -openssl pkcs8 -topk8 -nocrypt -in ${INSTDIR}/tests/keys/logkey-private.pem -out ${INSTDIR}/tests/keys/logkey-private.pkcs8 -mkdir ${INSTDIR}/tests/mergedb -touch ${INSTDIR}/tests/mergedb/logorder -mkdir ${INSTDIR}/tests/mergedb-secondary -touch ${INSTDIR}/tests/mergedb-secondary/logorder -printf 0 > ${INSTDIR}/tests/mergedb-secondary/verifiedsize -mkdir ${INSTDIR}/tests/known_roots -cp ../tools/testcerts/roots/* ${INSTDIR}/tests/known_roots +mkdir keys +(cd keys ; ../../../tools/create-key.sh logkey) +openssl pkcs8 -topk8 -nocrypt -in keys/logkey-private.pem -out keys/logkey-private.pkcs8 +mkdir mergedb +touch mergedb/logorder +mkdir mergedb-secondary +touch mergedb-secondary/logorder +printf 0 > mergedb-secondary/verifiedsize +mkdir known_roots +cp ../../tools/testcerts/roots/* known_roots for machine in ${MACHINES}; do \ - (cd ${INSTDIR}/tests; ../../tools/compileconfig.py --config ../../test/catlfish-test.cfg --localconfig ../../test/catlfish-test-local-${machine}.cfg) && \ - mkdir -p ${INSTDIR}/tests/machine/machine-${machine}/db && \ - touch ${INSTDIR}/tests/machine/machine-${machine}/db/index && touch ${INSTDIR}/tests/machine/machine-${machine}/db/newentries + ../../tools/compileconfig.py --config ../../test/catlfish-test.cfg --localconfig ../../test/catlfish-test-local-${machine}.cfg + mkdir -p machine/machine-${machine}/db + touch machine/machine-${machine}/db/index && touch machine/machine-${machine}/db/newentries done -(cd ${INSTDIR}/tests; ../../tools/compileconfig.py --config ../../test/catlfish-test.cfg --localconfig ../../test/catlfish-test-local-merge-2.cfg) -(cd ${INSTDIR}/tests; ../../tools/compileconfig.py --config ../../test/catlfish-test.cfg --localconfig ../../test/catlfish-test-local-signing.cfg) -mkdir ${INSTDIR}/tests/privatekeys -mkdir ${INSTDIR}/tests/publickeys +../../tools/compileconfig.py --config ../../test/catlfish-test.cfg --localconfig ../../test/catlfish-test-local-merge-2.cfg +../../tools/compileconfig.py --config ../../test/catlfish-test.cfg --localconfig ../../test/catlfish-test-local-signing.cfg +mkdir privatekeys +mkdir publickeys for node in ${NODES}; do \ - (cd ${INSTDIR}/tests/privatekeys ; ../../../tools/create-key.sh ${node}) ; \ - mv ${INSTDIR}/tests/privatekeys/${node}.pem ${INSTDIR}/tests/publickeys/ ; \ - mkdir -p ${INSTDIR}/tests/nodes/${node}/log + (cd privatekeys ; ../../../tools/create-key.sh ${node}) ; \ + mv privatekeys/${node}.pem publickeys/ ; \ + mkdir -p nodes/${node}/log done -(cd ${INSTDIR}/tests/privatekeys ; ../../../tools/create-key.sh merge-1) -mv ${INSTDIR}/tests/privatekeys/merge-1.pem ${INSTDIR}/tests/publickeys/ -(cd ${INSTDIR}/tests/privatekeys ; ../../../tools/create-key.sh merge-2) -mv ${INSTDIR}/tests/privatekeys/merge-2.pem ${INSTDIR}/tests/publickeys/ +(cd privatekeys ; ../../../tools/create-key.sh merge-1) +mv privatekeys/merge-1.pem publickeys/ +(cd privatekeys ; ../../../tools/create-key.sh merge-2) +mv privatekeys/merge-2.pem publickeys/ test -x ${SOFTHSM} && ${SOFTHSM} --init-token --slot=0 --label=mylabel --so-pin=ffff --pin=ffff || true -test -x ${SOFTHSM} && ${SOFTHSM} --import ${INSTDIR}/tests/keys/logkey-private.pkcs8 --slot 0 --label mylabel --pin ffff --id 00 || true +test -x ${SOFTHSM} && ${SOFTHSM} --import keys/logkey-private.pkcs8 --slot 0 --label mylabel --pin ffff --id 00 || true diff --git a/test/scripts/light-system-test-run-1.sh b/test/scripts/light-system-test-run-1.sh index 972925a..bd55483 100755 --- a/test/scripts/light-system-test-run-1.sh +++ b/test/scripts/light-system-test-run-1.sh @@ -3,51 +3,45 @@ set -o nounset set -o errexit -SOFTHSM=/usr/local/bin/softhsm2-util -INSTDIR=../catlfish -PREFIX=.. +top_srcdir=$(cd $(dirname $0)/../..; pwd) -. ./test.shvars +. ${top_srcdir}/test/test.shvars -(cd ${INSTDIR} && python ../tools/testcase1.py https://localhost:8080/ tests/keys/logkey.pem tests/httpsca/demoCA/cacert.pem) || (echo "Tests failed" ; false) -(cd ${INSTDIR}/tests && ../../tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem) || (echo "Check failed" ; false) -(cd ${INSTDIR} && python ../tools/fetchallcerts.py ${BASEURL} --publickey=tests/keys/logkey.pem --cafile tests/httpsca/demoCA/cacert.pem) || (echo "Verification failed" ; false) -(cd ${INSTDIR}/tests && python ../../tools/storagegc.py --config ../../test/catlfish-test.cfg --localconfig ../../test/catlfish-test-local-1.cfg) || (echo "GC failed" ; false) -(cd ${INSTDIR}/tests && python ../../tools/submitcert.py --parallel=1 --store ../../tools/testcerts/cert1.txt --check-sct --sct-file=submittedcerts ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem) || (echo "Submission failed" ; false) -(cd ${INSTDIR}/tests && python ../../tools/submitcert.py --parallel=1 --store ../../tools/testcerts/cert2.txt --check-sct --sct-file=submittedcerts ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem) || (echo "Submission failed" ; false) -(cd ${INSTDIR}/tests && python ../../tools/submitcert.py --parallel=1 --store ../../tools/testcerts/cert3.txt --check-sct --sct-file=submittedcerts ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem) || (echo "Submission failed" ; false) -(cd ${INSTDIR}/tests && python ../../tools/submitcert.py --parallel=1 --store ../../tools/testcerts/cert4.txt --check-sct --sct-file=submittedcerts ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem) || (echo "Submission failed" ; false) -(cd ${INSTDIR}/tests && python ../../tools/submitcert.py --parallel=1 --store ../../tools/testcerts/cert5.txt --check-sct --sct-file=submittedcerts ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem) || (echo "Submission failed" ; false) -(cd ${INSTDIR}/tests && python ../../tools/submitcert.py --parallel=1 --store ../../tools/testcerts/pre1.txt --check-sct --sct-file=submittedcerts ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem) || (echo "Submission failed" ; false) -(cd ${INSTDIR}/tests && python ../../tools/submitcert.py --parallel=1 --store ../../tools/testcerts/pre2.txt --check-sct --sct-file=submittedcerts ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem) || (echo "Submission failed" ; false) -(cd ${INSTDIR}/tests && python ../../tools/storagegc.py --config ../../test/catlfish-test.cfg --localconfig ../../test/catlfish-test-local-1.cfg) || (echo "GC failed" ; false) -(cd ${INSTDIR} && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false) -(cd ${INSTDIR}/tests && ../../tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem) || (echo "Check failed" ; false) -(cd ${INSTDIR} && mkdir tests/fetchcertstore) -(cd ${INSTDIR} && python ../tools/fetchallcerts.py ${BASEURL} --store tests/fetchcertstore --publickey=tests/keys/logkey.pem --cafile tests/httpsca/demoCA/cacert.pem) || (echo "Verification failed" ; false) -(cd ${INSTDIR}/tests/fetchcertstore && unzip 0000.zip) -(cd ${INSTDIR} && python ../tools/comparecert.py ../tools/testcerts/cert1.txt tests/fetchcertstore/00000000) || (echo "Verification failed" ; false) -(cd ${INSTDIR} && python ../tools/comparecert.py ../tools/testcerts/cert2.txt tests/fetchcertstore/00000001) || (echo "Verification failed" ; false) -(cd ${INSTDIR} && python ../tools/comparecert.py ../tools/testcerts/cert3.txt tests/fetchcertstore/00000002) || (echo "Verification failed" ; false) -(cd ${INSTDIR} && python ../tools/comparecert.py ../tools/testcerts/cert4.txt tests/fetchcertstore/00000003) || (echo "Verification failed" ; false) -(cd ${INSTDIR} && python ../tools/comparecert.py ../tools/testcerts/cert5.txt tests/fetchcertstore/00000004) || (echo "Verification failed" ; false) -(cd ${INSTDIR} && python ../tools/comparecert.py ../tools/testcerts/pre1.txt:../tools/testcerts/pre2.txt tests/fetchcertstore/00000005:tests/fetchcertstore/00000006) || (echo "Verification failed" ; false) -(cd ${INSTDIR}/tests && python ../../tools/storagegc.py --config ../../test/catlfish-test.cfg --localconfig ../../test/catlfish-test-local-1.cfg) || (echo "GC failed" ; false) +python ${top_srcdir}/tools/testcase1.py https://localhost:8080/ keys/logkey.pem httpsca/demoCA/cacert.pem ${top_srcdir}/test || (echo "Tests failed" ; false) +${top_srcdir}/tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem || (echo "Check failed" ; false) +python ${top_srcdir}/tools/fetchallcerts.py ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem || (echo "Verification failed" ; false) +python ${top_srcdir}/tools/storagegc.py --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-1.cfg || (echo "GC failed" ; false) +for certfile in ${top_srcdir}/tools/testcerts/cert[1-5].txt ${top_srcdir}/tools/testcerts/pre[12].txt; do + python ${top_srcdir}/tools/submitcert.py --parallel=1 --store $certfile --check-sct --sct-file=submittedcerts ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem || (echo "Submission failed" ; false) +done +python ${top_srcdir}/tools/storagegc.py --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-1.cfg || (echo "GC failed" ; false) +${top_srcdir}/tools/merge --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-merge.cfg || (echo "Merge failed" ; false) +${top_srcdir}/tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem || (echo "Check failed" ; false) +mkdir fetchcertstore +python ${top_srcdir}/tools/fetchallcerts.py ${BASEURL} --store fetchcertstore --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem || (echo "Verification failed" ; false) +(cd fetchcertstore && unzip 0000.zip) + +python ${top_srcdir}/tools/comparecert.py ${top_srcdir}/tools/testcerts/cert1.txt fetchcertstore/00000000 || (echo "Verification failed" ; false) +python ${top_srcdir}/tools/comparecert.py ${top_srcdir}/tools/testcerts/cert2.txt fetchcertstore/00000001 || (echo "Verification failed" ; false) +python ${top_srcdir}/tools/comparecert.py ${top_srcdir}/tools/testcerts/cert3.txt fetchcertstore/00000002 || (echo "Verification failed" ; false) +python ${top_srcdir}/tools/comparecert.py ${top_srcdir}/tools/testcerts/cert4.txt fetchcertstore/00000003 || (echo "Verification failed" ; false) +python ${top_srcdir}/tools/comparecert.py ${top_srcdir}/tools/testcerts/cert5.txt fetchcertstore/00000004 || (echo "Verification failed" ; false) +python ${top_srcdir}/tools/comparecert.py ${top_srcdir}/tools/testcerts/pre1.txt:${top_srcdir}/tools/testcerts/pre2.txt fetchcertstore/00000005:fetchcertstore/00000006 || (echo "Verification failed" ; false) +python ${top_srcdir}/tools/storagegc.py --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-1.cfg || (echo "GC failed" ; false) -${PREFIX}/tools/to_catlfish.py to_erl ${INSTDIR}/tests/nodes/merge-2/ "init:stop()" -(cd ${INSTDIR}/tests && python ../../tools/submitcert.py --parallel=1 --store ../../tools/testcerts/cert6.txt --check-sct --sct-file=submittedcerts ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem) || (echo "Submission failed" ; false) +${top_srcdir}/tools/to_catlfish.py to_erl nodes/merge-2/ "init:stop()" +python ${top_srcdir}/tools/submitcert.py --parallel=1 --store ${top_srcdir}/tools/testcerts/cert6.txt --check-sct --sct-file=submittedcerts ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem || (echo "Submission failed" ; false) echo NOTE: merge backup should fail with 111 Connection refused -(cd ${INSTDIR} && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false) -(cd ${INSTDIR} && treesize=$(../tools/loginfo.py --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg --treesize https://localhost:8080/) ; \ - test "${treesize}" = "7" || (echo "Tree size ${treesize} != expected 7" ; false)) -(cd ${INSTDIR}/tests && ../../tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem) -(cd ${INSTDIR}/tests && ../bin/run_erl -daemon nodes/merge-2/ nodes/merge-2/log/ "exec ../bin/erl -config merge-2") +${top_srcdir}/tools/merge --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-merge.cfg || (echo "Merge failed" ; false) +treesize=$(${top_srcdir}/tools/loginfo.py --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-merge.cfg --treesize https://localhost:8080/) ; test "${treesize}" = "7" || (echo "Tree size ${treesize} != expected 7" ; false) +${top_srcdir}/tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem +../bin/run_erl -daemon nodes/merge-2/ nodes/merge-2/log/ "exec ../bin/erl -config merge-2" for i in 1 2 3 4 5 6 7 8 9 10; do echo "waiting for system to start" ; \ sleep 0.5 ; \ - if curl -s --cacert ${INSTDIR}/tests/httpsca/demoCA/cacert.pem -4 https://localhost:8181 > /dev/null ; then break; fi + if curl -s --cacert httpsca/demoCA/cacert.pem -4 https://localhost:8181 > /dev/null ; then break; fi done -(cd ${INSTDIR} && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false) -(cd ${INSTDIR} && treesize=$(../tools/loginfo.py --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg --treesize https://localhost:8080/) ; \ - test "${treesize}" = "8" || (echo "Tree size ${treesize} != expected 8" ; false)) -(cd ${INSTDIR}/tests && ../../tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem) +${top_srcdir}/tools/merge --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-merge.cfg || (echo "Merge failed" ; false) +treesize=$(${top_srcdir}/tools/loginfo.py --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-merge.cfg --treesize https://localhost:8080/) +test "${treesize}" = "8" || (echo "Tree size ${treesize} != expected 8" ; false) +${top_srcdir}/tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem diff --git a/test/scripts/light-system-test-run-2.sh b/test/scripts/light-system-test-run-2.sh index a59f9a8..1a30c4c 100755 --- a/test/scripts/light-system-test-run-2.sh +++ b/test/scripts/light-system-test-run-2.sh @@ -3,12 +3,10 @@ set -o nounset set -o errexit -SOFTHSM=/usr/local/bin/softhsm2-util -INSTDIR=../catlfish -PREFIX=.. +top_srcdir=$(cd $(dirname $0)/../..; pwd) -. ./test.shvars +. ${top_srcdir}/test/test.shvars -(cd ${INSTDIR} && python ../tools/verifysct.py --sct-file=tests/submittedcerts --parallel 1 ${BASEURL} --publickey=tests/keys/logkey.pem --cafile tests/httpsca/demoCA/cacert.pem) || (echo "Verification of SCT:s failed" ; false) -(cd ${INSTDIR}/tests && ../../tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem) -(cd ${INSTDIR}/tests && python ../../tools/storagegc.py --config ../../test/catlfish-test.cfg --localconfig ../../test/catlfish-test-local-1.cfg) || (echo "GC failed" ; false) +python ${top_srcdir}/tools/verifysct.py --sct-file=submittedcerts --parallel 1 ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem || (echo "Verification of SCT:s failed" ; false) +../../tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem +python ${top_srcdir}/tools/storagegc.py --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-1.cfg || (echo "GC failed" ; false) diff --git a/test/scripts/light-system-test-run-3.sh b/test/scripts/light-system-test-run-3.sh index d376a53..f84317b 100755 --- a/test/scripts/light-system-test-run-3.sh +++ b/test/scripts/light-system-test-run-3.sh @@ -3,15 +3,14 @@ set -o nounset set -o errexit -SOFTHSM=/usr/local/bin/softhsm2-util -INSTDIR=../catlfish -PREFIX=.. +top_srcdir=$(cd $(dirname $0)/../..; pwd) -. ./test.shvars +. ${top_srcdir}/test/test.shvars -(cd ${INSTDIR} && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false) -(cd ${INSTDIR}/tests && ../../tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem) -(cd ${INSTDIR}/tests && python ../../tools/submitcert.py --parallel=1 --store ../../tools/testcerts/cert7.txt --check-sct --sct-file=submittedcerts-7 ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem) || (echo "Submission failed" ; false) -(cd ${INSTDIR} && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false) -(cd ${INSTDIR} ; python ../tools/verifysct.py --sct-file=tests/submittedcerts --parallel 1 ${BASEURL} --publickey=tests/keys/logkey.pem --cafile tests/httpsca/demoCA/cacert.pem) || (echo "Verification of SCT:s failed"; false) -(cd ${INSTDIR}/tests && ../../tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem) +${top_srcdir}/tools/merge --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-merge.cfg || (echo "Merge failed" ; false) +${top_srcdir}/tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem +python ${top_srcdir}/tools/submitcert.py --parallel=1 --store ${top_srcdir}/tools/testcerts/cert7.txt --check-sct --sct-file=submittedcerts-7 ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem || (echo "Submission failed" ; false) +${top_srcdir}/tools/merge --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-merge.cfg || (echo "Merge failed" ; false) +python ${top_srcdir}/tools/verifysct.py --sct-file=submittedcerts --parallel 1 ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem || (echo "Verification of SCT:s failed"; false) +python ${top_srcdir}/tools/verifysct.py --sct-file=submittedcerts-7 --parallel 1 ${BASEURL} --publickey=keys/logkey.pem --cafile httpsca/demoCA/cacert.pem || (echo "Verification of SCT:s failed"; false) +${top_srcdir}/tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem diff --git a/test/scripts/light-system-test-run-4.sh b/test/scripts/light-system-test-run-4.sh index f225703..1022fd2 100755 --- a/test/scripts/light-system-test-run-4.sh +++ b/test/scripts/light-system-test-run-4.sh @@ -3,11 +3,9 @@ set -o nounset set -o errexit -SOFTHSM=/usr/local/bin/softhsm2-util -INSTDIR=../catlfish -PREFIX=.. +top_srcdir=$(cd $(dirname $0)/../..; pwd) -. ./test.shvars +. ${top_srcdir}/test/test.shvars -cd ${INSTDIR} && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg || (echo "Merge failed" ; false) -cd ${INSTDIR}/tests && ../../tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem +${top_srcdir}/tools/merge --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-merge.cfg || (echo "Merge failed" ; false) +${top_srcdir}/tools/check-sth.py ${BASEURL} --publickey=keys/logkey.pem --cur-sth=stored-sth --cafile httpsca/demoCA/cacert.pem diff --git a/test/scripts/light-system-test-start.sh b/test/scripts/light-system-test-start.sh index 58d7e2d..42cb4be 100755 --- a/test/scripts/light-system-test-start.sh +++ b/test/scripts/light-system-test-start.sh @@ -3,13 +3,12 @@ set -o nounset set -o errexit -INSTDIR=../catlfish -PREFIX=.. +top_srcdir=$(cd $(dirname $0)/../..; pwd) -. ./test.shvars +. ${top_srcdir}/test/test.shvars for node in ${ERLANGNODES}; do - (cd ${INSTDIR}/tests ; ../bin/run_erl -daemon nodes/${node}/ nodes/${node}/log/ "exec ../bin/erl -config ${node}") + (../bin/run_erl -daemon nodes/${node}/ nodes/${node}/log/ "exec ../bin/erl -config ${node}") done for i in 1 2 3 4 5 6 7 8 9 10; do echo "waiting for system to start" @@ -17,7 +16,7 @@ for i in 1 2 3 4 5 6 7 8 9 10; do allstarted=1 notstarted= for testurl in ${TESTURLS}; do - if curl -s --cacert ${INSTDIR}/tests/httpsca/demoCA/cacert.pem -4 https://${testurl} > /dev/null ; then + if curl -s --cacert httpsca/demoCA/cacert.pem -4 https://${testurl} > /dev/null ; then : else allstarted=0 diff --git a/test/scripts/light-system-test-stop.sh b/test/scripts/light-system-test-stop.sh index 77fd00b..1828e73 100755 --- a/test/scripts/light-system-test-stop.sh +++ b/test/scripts/light-system-test-stop.sh @@ -3,11 +3,10 @@ set -o nounset set -o errexit -INSTDIR=../catlfish -PREFIX=.. +top_srcdir=$(cd $(dirname $0)/../..; pwd) -. ./test.shvars +. ${top_srcdir}/test/test.shvars for node in ${ERLANGNODES}; do - ${PREFIX}/tools/to_catlfish.py to_erl ${INSTDIR}/tests/nodes/${node}/ "init:stop()" + ${top_srcdir}/tools/to_catlfish.py to_erl nodes/${node}/ "init:stop()" done diff --git a/test/scripts/light-system-test.sh b/test/scripts/light-system-test.sh index 58260bd..eee1078 100755 --- a/test/scripts/light-system-test.sh +++ b/test/scripts/light-system-test.sh @@ -3,13 +3,11 @@ set -o nounset set -o errexit -SOFTHSM=/usr/local/bin/softhsm2-util -INSTDIR=../catlfish -PREFIX=.. +top_srcdir=$(cd $(dirname $0)/../..; pwd) -. ./test.shvars +. ${top_srcdir}/test/test.shvars -SCRIPTS=${PREFIX}/test/scripts +SCRIPTS=${top_srcdir}/test/scripts tests_start() { ${SCRIPTS}/light-system-test-start.sh @@ -19,24 +17,53 @@ tests_stop() { ${SCRIPTS}/light-system-test-stop.sh } - ${SCRIPTS}/light-system-test-prepare.sh tests_start ${SCRIPTS}/light-system-test-run-1.sh || (echo "Tests failed"; sleep 5; tests_stop; false) sleep 5 tests_stop sleep 5 +echo +echo +echo +echo +echo Test 2 +echo +echo +echo +echo +echo tests_start ${SCRIPTS}/light-system-test-run-2.sh || (echo "Tests failed"; sleep 5; tests_stop; false) sleep 5 tests_stop sleep 5 +echo +echo +echo +echo +echo Test 3 +echo +echo +echo +echo +echo ${SCRIPTS}/light-system-test-prepare-merge-takeover.sh tests_start ${SCRIPTS}/light-system-test-run-3.sh || (echo "Tests failed"; sleep 5; tests_stop; false) sleep 5 tests_stop sleep 5 +echo +echo +echo +echo +echo Test 4 +echo +echo +echo +echo +echo ${SCRIPTS}/light-system-test-prepare-redistribute-frontend.sh tests_start ${SCRIPTS}/light-system-test-run-4.sh || (echo "Tests failed"; sleep 5; tests_stop; false) diff --git a/tools/testcase1.py b/tools/testcase1.py index 697cc99..81d589a 100755 --- a/tools/testcase1.py +++ b/tools/testcase1.py @@ -12,15 +12,16 @@ import sys import struct import hashlib import itertools +import os.path from certtools import * baseurls = [sys.argv[1]] logpublickeyfile = sys.argv[2] cacertfile = sys.argv[3] +toolsdir = os.path.dirname(sys.argv[0]) +testdir = sys.argv[4] -certfiles = ["../tools/testcerts/cert1.txt", "../tools/testcerts/cert2.txt", - "../tools/testcerts/cert3.txt", "../tools/testcerts/cert4.txt", - "../tools/testcerts/cert5.txt"] +certfiles = [toolsdir + ("/testcerts/cert%d.txt" % e) for e in range(1, 6)] cc1 = get_certs_from_file(certfiles[0]) cc2 = get_certs_from_file(certfiles[1]) @@ -147,8 +148,8 @@ def get_and_check_entry(timestamp, chain, leaf_index, baseurl): len(submittedcertchain)) def merge(): - return subprocess.call(["../tools/merge", "--config", "../test/catlfish-test.cfg", - "--localconfig", "../test/catlfish-test-local-merge.cfg"]) + return subprocess.call([toolsdir + "/merge", "--config", testdir + "/catlfish-test.cfg", + "--localconfig", testdir + "/catlfish-test-local-merge.cfg"]) mergeresult = merge() assert_equal(mergeresult, 0, "merge", quiet=True, fatal=True) diff --git a/verifycert.erl b/verifycert.erl index fa0e4e4..a606d1c 100755 --- a/verifycert.erl +++ b/verifycert.erl @@ -1,6 +1,5 @@ #!/usr/bin/env escript %% -*- erlang -*- -%%! -pa lib/catlfish-0.9.0-dev.ez/catlfish-0.9.0-dev/ebin -pa lib/lager-2.1.1.ez/lager-2.1.1/ebin -pa lib/plop-0.9.0-dev.ez/plop-0.9.0-dev/ebin write_reply(Bin) -> Length = size(Bin), @@ -34,6 +33,30 @@ loop(RootCerts) -> loop(RootCerts) end. +add_lib(Dirs, Name) -> + add_lib(Dirs, Dirs, Name). +add_lib(AllDirs, [], Name) -> + {ok, Cwd} = file:get_cwd(), + io:format(standard_error, + "Could not add lib ~p: tried directories ~p cwd: ~p~n", + [Name, AllDirs, Cwd]), + halt(1); +add_lib(AllDirs, [Dir | Rest], Name) -> + Path = Dir ++ "/" ++ Name ++ ".ez/" ++ Name ++ "/ebin", + case code:add_path(Path) of + true -> + ok; + {error, bad_directory} -> + add_lib(AllDirs, Rest, Name) + end. + main([KnownRoots]) -> + [ScriptFile | _] = init:get_plain_arguments(), + BaseDir = filename:dirname(ScriptFile), + LibDirs = [BaseDir ++ "/../lib", "../lib"], + add_lib(LibDirs, "catlfish-0.9.0-dev"), + add_lib(LibDirs, "lager-2.1.1"), + add_lib(LibDirs, "plop-0.9.0-dev"), + Certs = x509:read_pemfiles_from_dir(KnownRoots), loop(Certs). |