summaryrefslogtreecommitdiff
path: root/Makefile
blob: cad1a7e9b94e70ec9b3fefbe0830a550ba9ef990 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
# Makefile for catlfish

PREFIX=rel

build all:
	./make.erl

clean:
	-rm ebin/*.beam

release: all
	rm -rf $(PREFIX)
	mkdir $(PREFIX)
	./makerelease.erl $(PREFIX)

-include test/test.mk

tests-prepare:
	rm -r $(PREFIX)/tests || true
	mkdir $(PREFIX)/tests
	make tests-createca
	make tests-createcert
	mkdir $(PREFIX)/tests/keys
	(cd $(PREFIX)/tests/keys ; ../../../tools/create-key.sh logkey)
	mkdir $(PREFIX)/tests/mergedb
	mkdir $(PREFIX)/tests/mergedb/chains
	touch $(PREFIX)/tests/mergedb/logorder
	mkdir $(PREFIX)/tests/known_roots
	cp tools/testcerts/roots/* $(PREFIX)/tests/known_roots
	cp -r test/config/privatekeys $(PREFIX)/tests
	cp -r test/config/publickeys $(PREFIX)/tests
	@for machine in $(MACHINES); do \
	  tools/compileconfig.py --config=test/catlfish-test.cfg --localconfig test/catlfish-test-local-$$machine.cfg ; \
	  mkdir -p $(PREFIX)/tests/machine/machine-$$machine/db ; \
	  touch $(PREFIX)/tests/machine/machine-$$machine/db/index ; \
	  touch $(PREFIX)/tests/machine/machine-$$machine/db/newentries ; \
	done
	tools/compileconfig.py --config test/catlfish-test.cfg --localconfig test/catlfish-test-local-signing.cfg
	@for node in $(NODES); do \
	  mkdir -p test/nodes/$$node/log ; \
	done

tests-start:
	@for node in $(NODES); do \
	  (cd $(PREFIX) ; bin/run_erl -daemon ../test/nodes/$$node/ ../test/nodes/$$node/log/ "exec bin/erl -config $$node") \
	done
	@for i in 1 2 3 4 5 6 7 8 9 10; do \
	  echo "waiting for system to start" ; \
	  sleep 0.5 ; \
	  allstarted=1 ; \
	  notstarted= ; \
	  for testurl in $(TESTURLS); do \
	    if curl -s -k -4 https://$$testurl > /dev/null ; then : ; else allstarted=0 ; notstarted="$$testurl $$notstarted" ; fi ; \
	    : ; \
	  done ; \
	  if [ $$allstarted -eq 1 ]; then break ; \
	  elif [ $$i -eq 10 ]; then echo Not started: $$notstarted ; fi ; \
	done

tests-run:
	@(cd $(PREFIX) && python ../tools/testcase1.py https://localhost:8080/ tests/keys/logkey.pem) || (echo "Tests failed" ; false)
	@(cd $(PREFIX) && python ../tools/fetchallcerts.py $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Verification failed" ; false)
	@(cd $(PREFIX) && rm -f submittedcerts)
	@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/cert1.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
	@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/cert2.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
	@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/cert3.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
	@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/cert4.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
	@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/cert5.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
	@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/pre1.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
	@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/pre2.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
	@(cd $(PREFIX) && python ../tools/merge.py --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false)

tests-run2:
	@(cd $(PREFIX) ; python ../tools/verifysct.py --sct-file=submittedcerts --parallel 1 $(BASEURL) --publickey=tests/keys/logkey.pem) || echo "Verification of SCT:s failed"

tests-stop:
	@for node in $(NODES); do \
	  ./tools/halt.py to_erl test/nodes/$$node/ ; \
	done

tests-wait:
	sleep 5

tests:
	tools/compileconfig.py --config=test/catlfish-test.cfg --testmakefile=test/test.mk --machines 1
	@make tests-prepare
	@make tests-start
	@make tests-run || (make tests-stop ; false)
	@make tests-wait
	@make tests-stop
	@make tests-wait
	@make tests-start
	@make tests-run2 || (make tests-stop ; false)
	@make tests-wait
	@make tests-stop

tests-createca:
	mkdir $(PREFIX)/tests/httpsca
	( cd $(PREFIX)/tests/httpsca ; \
	  mkdir -p demoCA/newcerts ; \
	  touch demoCA/index.txt ; \
	  echo 00 > demoCA/serial ; \
	  echo '[ req ]' > caconfig.txt ; \
	  echo 'distinguished_name = req_distinguished_name' >> caconfig.txt ; \
	  echo 'x509_extensions = v3_ca' >> caconfig.txt ; \
	  echo '[ req_distinguished_name ]' >> caconfig.txt ; \
	  echo '[ v3_ca ]' >> caconfig.txt ; \
	  echo 'basicConstraints=CA:true' >> caconfig.txt ; \
	  openssl req -newkey rsa:2048 -keyout key.pem -out req.csr -nodes -subj '/countryName=SE/stateOrProvinceName=Stockholm/organizationName=Test/commonName=ca/O=ca' -config caconfig.txt ; \
	  openssl ca -in req.csr -selfsign -keyfile key.pem -out demoCA/cacert.pem -batch \
	)

tests-createcert:
	mkdir $(PREFIX)/tests/httpscert
	openssl req -new -newkey rsa:2048 -keyout $(PREFIX)/tests/httpscert/httpskey-1.pem -out $(PREFIX)/tests/httpsca/httpscert-1.csr -nodes -subj '/countryName=SE/stateOrProvinceName=Stockholm/organizationName=Test/CN=localhost'
	( cd $(PREFIX)/tests/httpsca ; \
	  openssl ca -in httpscert-1.csr -keyfile key.pem -out httpscert-1.pem -batch \
	)
	cp $(PREFIX)/tests/httpsca/httpscert-1.pem $(PREFIX)/tests/httpscert/


# Unit testing.
check: all
	test/check.erl