From: Michal Nowak Date: Mon, 24 Feb 2020 15:37:25 +0000 (+0000) Subject: Fix "pkcs11" system test X-Git-Tag: v9.11.17~11^2 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=5cb50baf501a8ddc9f854b1a1855a42abd936db7;p=thirdparty%2Fbind9.git Fix "pkcs11" system test - Define the SLOT environment variable before starting the test. This variable defaults to 0 and that does not work with SoftHSM 2. - The system test expects the PIN environment variable to be set to "1234" while bin/tests/prepare-softhsm2.sh sets it to "0000". Update bin/tests/prepare-softhsm2.sh so that it sets the PIN to "1234". - Move contents of bin/tests/system/pkcs11/prereq.sh to bin/tests/system/pkcs11/setup.sh as the former was creating a file called "supported" that was getting removed by the latter before bin/tests/system/pkcs11/tests.sh could access it. - Fix typo in "have_ecx". (cherry picked from commit 100a230e80f01a777b917b135b4bae9a4ac0e8ae) --- diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 56905b61590..21428b86449 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -247,7 +247,8 @@ stages: fi .setup_softhsm: &setup_softhsm | - sh -x bin/tests/prepare-softhsm2.sh + export SLOT=$(sh -x bin/tests/prepare-softhsm2.sh) + test -n "${SLOT}" && test "${SLOT}" -gt 0 .system_test: &system_test_job <<: *default_triggering_rules diff --git a/bin/tests/prepare-softhsm2.sh b/bin/tests/prepare-softhsm2.sh index 24c7f17c1a9..f51224723ea 100755 --- a/bin/tests/prepare-softhsm2.sh +++ b/bin/tests/prepare-softhsm2.sh @@ -5,6 +5,6 @@ if [ -n "${SOFTHSM2_CONF}" ] && command -v softhsm2-util >/dev/null; then echo "directories.tokendir = ${SOFTHSM2_DIR}/tokens" > "${SOFTHSM2_CONF}" echo "objectstore.backend = file" >> "${SOFTHSM2_CONF}" echo "log.level = DEBUG" >> "${SOFTHSM2_CONF}" - softhsm2-util --init-token --free --pin 0000 --so-pin 0000 --label "softhsm2"; + softhsm2-util --init-token --free --pin 1234 --so-pin 1234 --label "softhsm2" | awk '/^The token has been initialized and is reassigned to slot/ { print $NF }' fi exit 0 diff --git a/bin/tests/system/pkcs11/clean.sh b/bin/tests/system/pkcs11/clean.sh index f5be432d98e..2cbfc0fa6eb 100644 --- a/bin/tests/system/pkcs11/clean.sh +++ b/bin/tests/system/pkcs11/clean.sh @@ -13,4 +13,5 @@ rm -f K* ns1/K* keyset-* dsset-* ns1/*.db ns1/*.signed ns1/*.jnl rm -f dig.out* pin upd.log* rm -f ns1/*.key ns1/named.memstats rm -f supported +rm -f ns*/named.run rm -f ns*/named.lock diff --git a/bin/tests/system/pkcs11/prereq.sh b/bin/tests/system/pkcs11/prereq.sh deleted file mode 100644 index 0eb3b78af95..00000000000 --- a/bin/tests/system/pkcs11/prereq.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh -# -# Copyright (C) Internet Systems Consortium, Inc. ("ISC") -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. -# -# See the COPYRIGHT file distributed with this work for additional -# information regarding copyright ownership. - -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh - -echo "I:(Native PKCS#11)" >&2 -rsafail=0 eccfail=0 ecxfail=0 - -$SHELL ../testcrypto.sh -q rsa || rsafail=1 -$SHELL ../testcrypto.sh -q ecdsa || eccfail=1 -$SHELL ../testcrypto.sh -q eddsa || ecxfail=1 - -if [ $rsafail = 1 -a $eccfail = 1 ]; then - echo "I:This test requires PKCS#11 support for either RSA or ECDSA cryptography." >&2 - exit 255 -fi -rm -f supported -touch supported -if [ $rsafail = 0 ]; then - echo rsa >> supported -fi -if [ $eccfail = 0 ]; then - echo ecc >> supported -fi -if [ $ecxfail = 0 ]; then - echo ecx >> supported -fi diff --git a/bin/tests/system/pkcs11/setup.sh b/bin/tests/system/pkcs11/setup.sh index 4fc5ec5b992..98a69364be9 100644 --- a/bin/tests/system/pkcs11/setup.sh +++ b/bin/tests/system/pkcs11/setup.sh @@ -12,6 +12,19 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +echo "I:(Native PKCS#11)" >&2 +ecxfail=0 + +$SHELL ../testcrypto.sh -q eddsa || ecxfail=1 + +rm -f supported +touch supported +echo rsa >> supported +echo ecc >> supported +if [ $ecxfail = 0 ]; then + echo ecx >> supported +fi + infile=ns1/example.db.in /bin/echo -n ${HSMPIN:-1234}> pin diff --git a/bin/tests/system/pkcs11/tests.sh b/bin/tests/system/pkcs11/tests.sh index cf3b5492132..d1007a6bfa7 100644 --- a/bin/tests/system/pkcs11/tests.sh +++ b/bin/tests/system/pkcs11/tests.sh @@ -26,7 +26,7 @@ have_ecc=`grep ecc supported` if [ "x$have_ecc" != "x" ]; then algs=$algs"ecc " fi -have_ecx=`grep ecc supported` +have_ecx=`grep ecx supported` if [ "x$have_ecx" != "x" ]; then algs=$algs"ecx " fi diff --git a/util/copyrights b/util/copyrights index 6fef21fe017..35b7223b5d0 100644 --- a/util/copyrights +++ b/util/copyrights @@ -1915,7 +1915,6 @@ ./bin/tests/system/pkcs11/clean.sh SH 2010,2012,2014,2016,2017,2018,2019,2020 ./bin/tests/system/pkcs11/ns1/example.db.in ZONE 2010,2016,2018,2019,2020 ./bin/tests/system/pkcs11/ns1/named.conf CONF-C 2018,2019,2020 -./bin/tests/system/pkcs11/prereq.sh SH 2010,2012,2014,2016,2017,2018,2019,2020 ./bin/tests/system/pkcs11/setup.sh SH 2010,2012,2013,2014,2016,2017,2018,2019,2020 ./bin/tests/system/pkcs11/tests.sh SH 2010,2012,2014,2016,2017,2018,2019,2020 ./bin/tests/system/pkcs11/usepkcs11 X 2010,2018,2019,2020