From 8da0172aacced475265010cbe42e08c698235c15 Mon Sep 17 00:00:00 2001 From: Petr Menšík Date: Mar 04 2019 13:17:25 +0000 Subject: Upstream tests in beakerlib Prepare system tests from source package and start them. Check results and report failure. --- diff --git a/tests/Run-internal-BIND-test-suite/Makefile b/tests/Run-internal-BIND-test-suite/Makefile new file mode 100644 index 0000000..2343d3d --- /dev/null +++ b/tests/Run-internal-BIND-test-suite/Makefile @@ -0,0 +1,74 @@ +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Makefile of tests/Run-internal-BIND-test-suite +# Description: Run internal BIND test suite +# Author: Martin Cermak +# Author: Petr Mensik +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2010 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +export TEST=tests/Run-internal-BIND-test-suite +export TESTVERSION=1.3 + +BUILT_FILES= + +FILES=$(METADATA) runtest.sh Makefile PURPOSE knownerror* setup-named-softhsm.sh bind-systest-filter.sh + +.PHONY: all install download clean + +run: $(FILES) build + ./runtest.sh + +build: $(BUILT_FILES) + chmod a+x runtest.sh + +clean: + rm -f *~ $(BUILT_FILES) + + +include /usr/share/rhts/lib/rhts-make.include + +$(METADATA): Makefile + @echo "Owner: Martin Cermak " > $(METADATA) + @echo "Name: $(TEST)" >> $(METADATA) + @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) + @echo "Path: $(TEST_DIR)" >> $(METADATA) + @echo "Description: Run internal BIND test suite" >> $(METADATA) + @echo "Type: Sanity" >> $(METADATA) + @echo "TestTime: 8h" >> $(METADATA) + @echo "RunFor: bind" >> $(METADATA) + @echo "Requires: bind rpm-build bind-utils" >> $(METADATA) + @echo "Requires: perl-Net-DNS perl-Net-DNS-Nameserver" >> $(METADATA) + @echo "Requires: bind-pkcs11 bind-pkcs11-utils softhsm" >> $(METADATA) + @echo "Requires: openssl-devel libtool autoconf" >> $(METADATA) + @echo "Requires: libcap-devel libidn-devel libxml2-devel" >> $(METADATA) + @echo "Requires: openldap-devel postgresql-devel" >> $(METADATA) + @echo "Requires: sqlite-devel krb5-devel net-tools" >> $(METADATA) + @echo "Requires: dnf-utils" >> $(METADATA) + @echo "Requires: kyua libatf-c" >> $(METADATA) + @echo "Requires: gcc-c++" >> $(METADATA) + @echo "Priority: Normal" >> $(METADATA) + @echo "License: GPLv2" >> $(METADATA) + @echo "Confidential: no" >> $(METADATA) + @echo "Destructive: no" >> $(METADATA) + @echo "Bug: 642970" >> $(METADATA) + + rhts-lint $(METADATA) diff --git a/tests/Run-internal-BIND-test-suite/PURPOSE b/tests/Run-internal-BIND-test-suite/PURPOSE new file mode 100644 index 0000000..754ba2a --- /dev/null +++ b/tests/Run-internal-BIND-test-suite/PURPOSE @@ -0,0 +1,6 @@ +PURPOSE of tests/Run-internal-BIND-test-suite +Description: Run internal BIND test suite +Author: Martin Cermak +Bug summary: Run internal BIND test suite +Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=642970 + diff --git a/tests/Run-internal-BIND-test-suite/bind-systest-filter.sh b/tests/Run-internal-BIND-test-suite/bind-systest-filter.sh new file mode 100755 index 0000000..8a153a1 --- /dev/null +++ b/tests/Run-internal-BIND-test-suite/bind-systest-filter.sh @@ -0,0 +1,47 @@ +#!/bin/bash +# +# This script will filter out output from BINDs tests +# It supports form from BIND 9.9 and BIND 9.11 +# Its purpose is to display only failed tests from list of all tests + +CURRENT_TEST= +CURRENT_OUTPUT= +STATUS_ONLY= + +for P; do + case "$P" in + -s|--status) STATUS_ONLY=yes; shift ;; + esac +done + +cat $@ | while read LINE; do + if [ "${LINE#S:}" != "$LINE" ]; then + CURRENT_TEST=`echo $LINE | cut -d: -f2` + CURRENT_OUTPUT="$LINE"$'\n' + elif [ "${LINE#R:}" != "$LINE" ]; then + # echo "$CURRENT_TEST $LINE" + if [ "${LINE/#R:*:*}" != "$LINE" ]; then + # more recent results contain test name + # R:dlz:FAIL + CURRENT_TEST="${LINE#R:}" + CURRENT_TEST="${CURRENT_TEST/%:*}" + RESULT="${LINE/#*:}" + else + # S:dlz:time + # R:FAIL + RESULT="${LINE/#R*:/}" + fi + if [ "$RESULT" != "PASS" ]; then + if [ -n "$STATUS_ONLY" ]; then + echo "$RESULT $CURRENT_TEST" + else + CURRENT_OUTPUT+="$LINE" + echo "$CURRENT_OUTPUT" + echo + fi + fi + CURRENT_OUTPUT= + else + CURRENT_OUTPUT+="$LINE"$'\n' + fi +done diff --git a/tests/Run-internal-BIND-test-suite/knownerror b/tests/Run-internal-BIND-test-suite/knownerror new file mode 100644 index 0000000..2d0c8e9 --- /dev/null +++ b/tests/Run-internal-BIND-test-suite/knownerror @@ -0,0 +1,2 @@ +A:System test dlz +A:System test idna diff --git a/tests/Run-internal-BIND-test-suite/runtest.sh b/tests/Run-internal-BIND-test-suite/runtest.sh new file mode 100755 index 0000000..7f4d212 --- /dev/null +++ b/tests/Run-internal-BIND-test-suite/runtest.sh @@ -0,0 +1,146 @@ +#!/bin/bash +# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# runtest.sh of tests/Run-internal-BIND-test-suite +# Description: Run internal BIND test suite +# Author: Martin Cermak +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# +# Copyright (c) 2010 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing +# to use, modify, copy, or redistribute it subject to the terms +# and conditions of the GNU General Public License version 2. +# +# This program is distributed in the hope that it will be +# useful, but WITHOUT ANY WARRANTY; without even the implied +# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR +# PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public +# License along with this program; if not, write to the Free +# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +# Include rhts environment +. /usr/bin/rhts-environment.sh +. /usr/lib/beakerlib/beakerlib.sh + +PACKAGE="bind" + +rlJournalStart + rlPhaseStartSetup + # package assertions + rlAssertRpm $PACKAGE + rlAssertRpm rpm-build + rlAssertRpm perl-Net-DNS-Nameserver + + #pwd + ORIG=`pwd` + FOUNDERROR=`mktemp` + SETUP_SOFTHSM=`readlink -f setup-named-softhsm.sh` + FILTER=`readlink -f bind-systest-filter.sh` + + TAG=generic + if [ -f /etc/os-release ]; then + # extract platform tag + TAG=`(source /etc/os-release && echo ${PLATFORM_ID#platform:})` + fi + + if [ -f "knownerror.$TAG" ]; then + KNOWNERROR=`readlink -f knownerror.$TAG` + elif [ -f "knownerror" ]; then + KNOWNERROR=`readlink -f knownerror` + fi + + #tempdir + rlRun "TMPDIR=\`mktemp -d\`" 0 "Creating tmp directory" + rlRun "pushd $TMPDIR" + + # topdir + TOPDIR=`rpm -E '%{_topdir}'` + + # cleanup in topdir + mkdir -p $TOPDIR/{BUILD,SOURCES,SPECS} + rm -rf $TOPDIR/{BUILD,SOURCES,SPECS}/* + + # download src rpm + if ! ls bind*.src.rpm; then + rlRun "dnf --enablerepo='*-source' download bind.src" 0 "Fetch source from repository" + rlRun "rpm -i bind*.src.rpm" + fi + + rlRun "rpm --define '_topdir $TOPDIR' -Uvh *rpm &> $TMPDIR/install.txt" + rlRun "cd $TOPDIR/SPECS" + + rlRun "dnf -y builddep *.spec" + + # stop bind if it is running + rlServiceStop named + rlPhaseEnd + + rlPhaseStartTest + # rebuild from source + rlRun "rpmbuild -ba *.spec &> $TMPDIR/build.txt" + + # the test + rlRun "cd $TOPDIR/BUILD/bind*" + + rlLogInfo "Test takes place in `pwd`" + + rlRun "chown -R root ." + + if [ -x "$SETUP_SOFTHSM" ]; then + rlRun "eval \"$(bash $SETUP_SOFTHSM -A)\"" 0 "Preparing PKCS#11 token slot" + rlRun "pkcs11-tokens" 0 "Testing token slot availability" + else + rlLog "PKCS#11 not initialized" + fi + + if [ -d build ]; then + BUILD=build + else + BUILD=. + fi + + rlRun "./bin/tests/system/ifconfig.sh up" 0 "Setup fake network interfaces." + + # required by idna test + export LC_ALL=en_US.UTF-8 + + rlRun "pushd $BUILD" + rlRun "make test &> $TMPDIR/test.txt" 0-255 "Perform the test." + rlRun "popd" + + rlRun "grep -C 10 FAIL $TMPDIR/test.txt" 0-255 "Quickly show the test error (if any)." + + rlRun "./bin/tests/system/ifconfig.sh down" 0 "Remove fake network interfaces." + + + #list of failures: + rlRun "$FILTER $TMPDIR/test.txt" 0 "Showing unsuccessful tests" + rlRun "$FILTER -s $TMPDIR/test.txt > $FOUNDERROR" 0 + rlRun "ls $KNOWNERROR $FOUNDERROR $TMPDIR/test.txt" 0 'check if there is needed files' + rlLog "`cat $FOUNDERROR`" + + rlAssertLesserOrEqual "Checking number of found errors is in limits" "$(grep '^FAIL' $FOUNDERROR | wc -l)" "$(wc -l <$KNOWNERROR)" + cat $FOUNDERROR | while read STATUS TEST ; do + if [ "$STATUS" = FAIL ]; then + rlRun "grep '$TEST' $KNOWNERROR" 0 "Check $TEST failure is expected" + else + rlLog "$STATUS $TEST" + fi + done + rlPhaseEnd + + rlPhaseStartCleanup + rlBundleLogs "TEST_LOGS" "$TMPDIR/install.txt" "$TMPDIR/builddeps.txt" "$TMPDIR/build.txt" "$TMPDIR/test.txt" + rlRun "popd" + rlRun "rm -r $TMPDIR" 0 "Removing tmp directory" + rlRun "rm -rf $FOUNDERROR" + rlPhaseEnd +rlJournalEnd diff --git a/tests/Run-internal-BIND-test-suite/setup-named-softhsm.sh b/tests/Run-internal-BIND-test-suite/setup-named-softhsm.sh new file mode 100755 index 0000000..a13c91e --- /dev/null +++ b/tests/Run-internal-BIND-test-suite/setup-named-softhsm.sh @@ -0,0 +1,123 @@ +#!/bin/sh +# +# This script will initialise token storage of softhsm PKCS11 provider +# in custom location. Is useful to store tokens in non-standard location. +# +# Output can be evaluated from bash, it will prepare it for usage of temporary tokens. +# Recommended use: +# eval $(bash setup-named-softhsm.sh -A) +# + +SOFTHSM2_CONF="$1" +TOKENPATH="$2" +GROUPNAME="$3" +# Do not use this script for real keys worth protection +# This is intended for crypto accelerators using PKCS11 interface. +# Uninitialized token would fail any crypto operation. +PIN=1234 +SO_PIN=1234 +LABEL=rpm + +set -e + +echo_i() +{ + echo "#" $@ +} + +random() +{ + if [ -x "$(which openssl 2>/dev/null)" ]; then + openssl rand -base64 $1 + else + dd if=/dev/urandom bs=1c count=$1 | base64 + fi +} + +usage() +{ + echo "Usage: $0 -A [token directory] [group]" + echo " or: $0 [group]" +} + +if [ "$SOFTHSM2_CONF" = "-A" -a -z "$TOKENPATH" ]; then + TOKENPATH=$(mktemp -d /var/tmp/softhsm-XXXXXX) +fi + +if [ -z "$SOFTHSM2_CONF" -o -z "$TOKENPATH" ]; then + usage >&2 + exit 1 +fi + +if [ "$SOFTHSM2_CONF" = "-A" ]; then + # Automagic mode instead + MODE=secure + SOFTHSM2_CONF="$TOKENPATH/softhsm2.conf" + PIN_SOURCE="$TOKENPATH/pin" + SOPIN_SOURCE="$TOKENPATH/so-pin" + TOKENPATH="$TOKENPATH/tokens" +else + MODE=legacy +fi + +[ -d "$TOKENPATH" ] || mkdir -p "$TOKENPATH" + +umask 0022 + +if ! [ -f "$SOFTHSM2_CONF" ]; then +cat << SED > "$SOFTHSM2_CONF" +# SoftHSM v2 configuration file + +directories.tokendir = ${TOKENPATH} +objectstore.backend = file + +# ERROR, WARNING, INFO, DEBUG +log.level = ERROR + +# If CKF_REMOVABLE_DEVICE flag should be set +slots.removable = false +SED +else + echo_i "Config file $SOFTHSM2_CONF already exists" >&2 +fi + +if [ -n "$PIN_SOURCE" ]; then + touch "$PIN_SOURCE" "$SOPIN_SOURCE" + chmod 0600 "$PIN_SOURCE" "$SOPIN_SOURCE" + if [ -n "$GROUPNAME" ]; then + chgrp "$GROUPNAME" "$PIN_SOURCE" "$SOPIN_SOURCE" + chmod g+r "$PIN_SOURCE" "$SOPIN_SOURCE" + fi +fi + +export SOFTHSM2_CONF + +if softhsm2-util --show-slots | grep 'Initialized:[[:space:]]*yes' > /dev/null +then + echo_i "Token in ${TOKENPATH} is already initialized" >&2 + + [ -f "$PIN_SOURCE" ] && PIN=$(cat "$PIN_SOURCE") + [ -f "$SOPIN_SOURCE" ] && SO_PIN=$(cat "$SOPIN_SOURCE") +else + PIN=$(random 6) + SO_PIN=$(random 18) + if [ -n "$PIN_SOURCE" ]; then + echo -n "$PIN" > "$PIN_SOURCE" + echo -n "$SO_PIN" > "$SOPIN_SOURCE" + fi + + echo_i "Initializing tokens to ${TOKENPATH}..." + softhsm2-util --init-token --free --label "$LABEL" --pin "$PIN" --so-pin "$SO_PIN" | sed -e 's/^/# /' + + if [ -n "$GROUPNAME" ]; then + chgrp -R -- "$GROUPNAME" "$TOKENPATH" + chmod -R -- g=rX,o= "$TOKENPATH" + fi +fi + +echo "export SOFTHSM2_CONF=\"$SOFTHSM2_CONF\"" +echo "export PIN_SOURCE=\"$PIN_SOURCE\"" +echo "export SOPIN_SOURCE=\"$SOPIN_SOURCE\"" +# These are intentionaly not exported +echo "PIN=\"$PIN\"" +echo "SO_PIN=\"$SO_PIN\""