From 0dae7e67e05b7438d404564e6cc2f1cf1104e398 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Wed, 23 Nov 2016 13:31:00 +0100 Subject: [PATCH 01/12] test-setup.sh: Add test sanity check Check if all tests have rlGetTestState command to prevent false-positives --- scripts/test-setup.sh | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/scripts/test-setup.sh b/scripts/test-setup.sh index 8d0d4da..45023c1 100755 --- a/scripts/test-setup.sh +++ b/scripts/test-setup.sh @@ -12,6 +12,23 @@ CONT_NAME="${OS_TYPE}-${OS_VERSION}-${COMPONENT}" CERTGEN_REPO="https://github.com/redhat-qe-security/certgen" CERTGEN_PATH="openssl/Library/certgen" +# Test sanity check +# Check if all tests have rlGetTestState at their end +FAILED_CHECKS=0 +FAILED_NAMES=() +while read file; do + if ! grep -Pzq "rlGetTestState[[:space:]]*\z" "$file"; then + FAILED_CHECKS=$(($FAILED_CHECKS+1)) + FAILED_NAMES+=("$file") + fi +done <<< "$(find . -type f -name "runtest.sh")" + +if [[ $FAILED_CHECKS -gt 0 ]]; then + echo "Following tests are missing rlGetTestState command:" + printf '%s\n' "${FAILED_NAMES[@]}" + exit 1 +fi + # Prepare necessary libraries # openssl/certgen: TMP_DIR="$(mktemp -d tmp.XXXXX)" From 5eb15aadca949e593a6a2b37d43e42b3aaed9246 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Wed, 23 Nov 2016 13:38:05 +0100 Subject: [PATCH 02/12] renego&resumption: Add missing rlGetTestState --- .travis.yml | 5 ++-- .../renegotiation-with-NSS/runtest.sh | 1 + .../renegotiation-with-OpenSSL/runtest.sh | 1 + .../resumption-with-NSS/runtest.sh | 1 + .../resumption-with-OpenSSL/runtest.sh | 1 + .../softhsm-integration/runtest.sh | 1 + .../runtest.sh | 1 + scripts/test-runner.sh | 28 +++++++++++++++++++ scripts/test-setup.sh | 3 +- 9 files changed, 39 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 78f6ae2..7c32677 100644 --- a/.travis.yml +++ b/.travis.yml @@ -11,7 +11,8 @@ env: - COMP=nss OS_TYPE=centos OS_VERSION=5 - COMP=nss OS_TYPE=centos OS_VERSION=6 - COMP=nss OS_TYPE=centos OS_VERSION=7 - - COMP=nss OS_TYPE=fedora OS_VERSION=24 + - COMP=nss OS_TYPE=fedora OS_VERSION=24 TEST_GLOB='@(renego*)' + - COMP=nss OS_TYPE=fedora OS_VERSION=24 TEST_GLOB='!(renego*)' # gnutls tests - COMP=gnutls OS_TYPE=centos OS_VERSION=5 - COMP=gnutls OS_TYPE=centos OS_VERSION=6 @@ -25,4 +26,4 @@ before_install: - sudo docker pull ${OS_TYPE}:${OS_VERSION} script: - - ./scripts/test-setup.sh ${OS_TYPE} ${OS_VERSION} ${COMP} + - ./scripts/test-setup.sh ${OS_TYPE} ${OS_VERSION} ${COMP} "${TEST_GLOB}" diff --git a/gnutls/Interoperability/renegotiation-with-NSS/runtest.sh b/gnutls/Interoperability/renegotiation-with-NSS/runtest.sh index 6a03511..070e670 100755 --- a/gnutls/Interoperability/renegotiation-with-NSS/runtest.sh +++ b/gnutls/Interoperability/renegotiation-with-NSS/runtest.sh @@ -86,3 +86,4 @@ rlJournalStart rlPhaseEnd rlJournalPrintText rlJournalEnd +rlGetTestState diff --git a/gnutls/Interoperability/renegotiation-with-OpenSSL/runtest.sh b/gnutls/Interoperability/renegotiation-with-OpenSSL/runtest.sh index 172a594..3aa0b65 100755 --- a/gnutls/Interoperability/renegotiation-with-OpenSSL/runtest.sh +++ b/gnutls/Interoperability/renegotiation-with-OpenSSL/runtest.sh @@ -72,3 +72,4 @@ rlJournalStart rlPhaseEnd rlJournalPrintText rlJournalEnd +rlGetTestState diff --git a/gnutls/Interoperability/resumption-with-NSS/runtest.sh b/gnutls/Interoperability/resumption-with-NSS/runtest.sh index 0be9536..f000fec 100755 --- a/gnutls/Interoperability/resumption-with-NSS/runtest.sh +++ b/gnutls/Interoperability/resumption-with-NSS/runtest.sh @@ -91,3 +91,4 @@ rlJournalStart rlPhaseEnd rlJournalPrintText rlJournalEnd +rlGetTestState diff --git a/gnutls/Interoperability/resumption-with-OpenSSL/runtest.sh b/gnutls/Interoperability/resumption-with-OpenSSL/runtest.sh index 33e31b0..acdfb72 100755 --- a/gnutls/Interoperability/resumption-with-OpenSSL/runtest.sh +++ b/gnutls/Interoperability/resumption-with-OpenSSL/runtest.sh @@ -77,3 +77,4 @@ rlJournalStart rlPhaseEnd rlJournalPrintText rlJournalEnd +rlGetTestState diff --git a/gnutls/Interoperability/softhsm-integration/runtest.sh b/gnutls/Interoperability/softhsm-integration/runtest.sh index dc9b647..0db1218 100755 --- a/gnutls/Interoperability/softhsm-integration/runtest.sh +++ b/gnutls/Interoperability/softhsm-integration/runtest.sh @@ -80,3 +80,4 @@ _EOF rlPhaseEnd rlJournalPrintText rlJournalEnd +rlGetTestState diff --git a/nss/Interoperability/renego-and-resumption-NSS-with-OpenSSL/runtest.sh b/nss/Interoperability/renego-and-resumption-NSS-with-OpenSSL/runtest.sh index 7e6185d..53d9cba 100755 --- a/nss/Interoperability/renego-and-resumption-NSS-with-OpenSSL/runtest.sh +++ b/nss/Interoperability/renego-and-resumption-NSS-with-OpenSSL/runtest.sh @@ -599,3 +599,4 @@ rlJournalStart rlPhaseEnd rlJournalPrintText rlJournalEnd +rlGetTestState diff --git a/scripts/test-runner.sh b/scripts/test-runner.sh index 8086ce7..1d7d6da 100755 --- a/scripts/test-runner.sh +++ b/scripts/test-runner.sh @@ -21,6 +21,19 @@ function keep_alive() { done } +# Compare test name with glob expression using extended glob patterns +# $1 - test name +# $2 - glob pattern +function test_name_relevancy() { + # See: http://wiki.bash-hackers.org/syntax/pattern#extended_pattern_language + shopt -s extglob + [[ $1 == $2 ]] + local RES=$? + shopt -u extglob + + return $RES +} + set +x if [[ $# < 3 ]]; then @@ -31,6 +44,7 @@ fi OS_TYPE="$1" OS_VERSION="$2" COMPONENT="$3" +TEST_GLOB="$4" if [[ $OS_TYPE == "fedora" ]]; then PKG_MAN="dnf" else @@ -72,12 +86,26 @@ do SKIP=0 echo "Running test: $test" + + # Check if glob pattern is set + if [[ ! -z "$TEST_GLOB" ]]; then + # If so, check if it matches current test name + TEST_NAME="$(basename $(dirname "$test"))" + if ! test_name_relevancy "$TEST_NAME" "$TEST_GLOB"; then + echo "Test '$TEST_NAME' excluded by given glob expression: $TEST_GLOB" + SKIPPED+=("$test") + continue + fi + fi + + # Makefile is necessary for test execution pushd "$(dirname "$test")" if [[ ! -f Makefile ]]; then echo >&2 "Missing Makefile" EC=1 SKIP=1 fi + if [[ $SKIP -eq 0 ]]; then # Check relevancy if relevancy.awk -v os_type=$OS_TYPE -v os_ver=$OS_VERSION Makefile; then diff --git a/scripts/test-setup.sh b/scripts/test-setup.sh index 45023c1..0b47897 100755 --- a/scripts/test-setup.sh +++ b/scripts/test-setup.sh @@ -8,6 +8,7 @@ fi OS_TYPE="$1" OS_VERSION="$2" COMPONENT="$3" +TEST_GLOB="$4" CONT_NAME="${OS_TYPE}-${OS_VERSION}-${COMPONENT}" CERTGEN_REPO="https://github.com/redhat-qe-security/certgen" CERTGEN_PATH="openssl/Library/certgen" @@ -50,4 +51,4 @@ sudo docker run --rm --name "$CONT_NAME" \ -v $PWD:/workspace:rw \ ${OS_TYPE}:${OS_VERSION} \ /bin/bash -c \ - "bash -x $RUNNER $OS_TYPE $OS_VERSION $COMPONENT" + "bash -x $RUNNER $OS_TYPE $OS_VERSION $COMPONENT '$TEST_GLOB'" From 8fdd6cb6b6e858b921462708f84041e36b33d3bb Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Fri, 25 Nov 2016 11:56:02 +0100 Subject: [PATCH 03/12] softhsm-integration: Disable on Centos 6 and 7 Centos 6 - unsupported Centos 7 - there is a bug, which was fixed in RHEL/Centos 7.3 => re-enable this test when 7.3 docker image is available --- gnutls/Interoperability/softhsm-integration/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnutls/Interoperability/softhsm-integration/Makefile b/gnutls/Interoperability/softhsm-integration/Makefile index 0a19e91..c109235 100644 --- a/gnutls/Interoperability/softhsm-integration/Makefile +++ b/gnutls/Interoperability/softhsm-integration/Makefile @@ -57,5 +57,5 @@ $(METADATA): Makefile @echo "License: GPLv2+" >> $(METADATA) @echo "Confidential: yes" >> $(METADATA) @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) + @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6 -RHEL7" >> $(METADATA) From acbfa795133ad9f6cfedae1f53023b04289bfef7 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Sun, 18 Dec 2016 18:22:21 +0100 Subject: [PATCH 04/12] test-runner.sh: Preserve the environment --- scripts/test-runner.sh | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/scripts/test-runner.sh b/scripts/test-runner.sh index 1d7d6da..43d5ab2 100755 --- a/scripts/test-runner.sh +++ b/scripts/test-runner.sh @@ -26,10 +26,17 @@ function keep_alive() { # $2 - glob pattern function test_name_relevancy() { # See: http://wiki.bash-hackers.org/syntax/pattern#extended_pattern_language + # Save the original state + shopt -q extglob + local STATE=$? + # Enable extglob shopt -s extglob [[ $1 == $2 ]] local RES=$? - shopt -u extglob + # If the extension was originally disabled, disable it + if [[ $STATE -ne 0 ]]; then + shopt -u extglob + fi return $RES } From 341f84e008c4f20b3495c6cba4b10106a6866636 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Fri, 27 Jan 2017 16:49:49 +0100 Subject: [PATCH 05/12] Send an EOF when it's actually expected --- .../TLSv1-2-with-NSS/nss-client.expect | 15 ++++++++++++--- .../TLSv1-2-with-OpenSSL/gnutls-client.expect | 1 + .../TLSv1-2-with-OpenSSL/openssl-client.expect | 6 ++++-- .../CC-nss-with-gnutls/gnutls-client.expect | 5 +++-- .../CC-nss-with-gnutls/nss-client.expect | 15 ++++++++++++--- .../CC-nss-with-openssl/openssl-client.expect | 6 ++++-- .../nss-client.expect | 11 ++++++++--- 7 files changed, 44 insertions(+), 15 deletions(-) diff --git a/gnutls/Interoperability/TLSv1-2-with-NSS/nss-client.expect b/gnutls/Interoperability/TLSv1-2-with-NSS/nss-client.expect index 12defa5..074cb55 100755 --- a/gnutls/Interoperability/TLSv1-2-with-NSS/nss-client.expect +++ b/gnutls/Interoperability/TLSv1-2-with-NSS/nss-client.expect @@ -4,9 +4,18 @@ spawn /bin/sh -c "$argv" expect { "Enter Password" { send "RedHatEnterpriseLinux6.6\r"; exp_continue } eof { } - "subject DN" { send "GET / HTTP/1.0\r\r"; - expect -timeout 5 "HTTP/1.0 200 OK" { close; exit 0} - close; exit 1} + "subject DN" { + send "GET / HTTP/1.0\r\r"; + expect -timeout 5 "HTTP/1.0 200 OK" { + expect -re ".+" { + close; + exit 0; + } + } + + close; + exit 1; + } } set info [wait] #puts "Return from wait: $info" diff --git a/gnutls/Interoperability/TLSv1-2-with-OpenSSL/gnutls-client.expect b/gnutls/Interoperability/TLSv1-2-with-OpenSSL/gnutls-client.expect index 2ff4471..c1b4068 100644 --- a/gnutls/Interoperability/TLSv1-2-with-OpenSSL/gnutls-client.expect +++ b/gnutls/Interoperability/TLSv1-2-with-OpenSSL/gnutls-client.expect @@ -6,6 +6,7 @@ expect { send "client hello\r" expect { "server hello" { + sleep 1 close exit 0 } diff --git a/gnutls/Interoperability/TLSv1-2-with-OpenSSL/openssl-client.expect b/gnutls/Interoperability/TLSv1-2-with-OpenSSL/openssl-client.expect index 798112a..6d5d3c8 100644 --- a/gnutls/Interoperability/TLSv1-2-with-OpenSSL/openssl-client.expect +++ b/gnutls/Interoperability/TLSv1-2-with-OpenSSL/openssl-client.expect @@ -6,8 +6,10 @@ expect { send "client hello\r" expect "client hello" { expect "client hello" { - close - exit 0 + expect -re ".+" { + close + exit 0 + } } } } diff --git a/nss/Interoperability/CC-nss-with-gnutls/gnutls-client.expect b/nss/Interoperability/CC-nss-with-gnutls/gnutls-client.expect index f057852..d3434cb 100755 --- a/nss/Interoperability/CC-nss-with-gnutls/gnutls-client.expect +++ b/nss/Interoperability/CC-nss-with-gnutls/gnutls-client.expect @@ -6,8 +6,9 @@ expect { send "GET / HTTP/1.0\r\r"; expect { "Generic Web Server" { - close - exit 0 + sleep 1 + close + exit 0 } } } diff --git a/nss/Interoperability/CC-nss-with-gnutls/nss-client.expect b/nss/Interoperability/CC-nss-with-gnutls/nss-client.expect index 12defa5..074cb55 100755 --- a/nss/Interoperability/CC-nss-with-gnutls/nss-client.expect +++ b/nss/Interoperability/CC-nss-with-gnutls/nss-client.expect @@ -4,9 +4,18 @@ spawn /bin/sh -c "$argv" expect { "Enter Password" { send "RedHatEnterpriseLinux6.6\r"; exp_continue } eof { } - "subject DN" { send "GET / HTTP/1.0\r\r"; - expect -timeout 5 "HTTP/1.0 200 OK" { close; exit 0} - close; exit 1} + "subject DN" { + send "GET / HTTP/1.0\r\r"; + expect -timeout 5 "HTTP/1.0 200 OK" { + expect -re ".+" { + close; + exit 0; + } + } + + close; + exit 1; + } } set info [wait] #puts "Return from wait: $info" diff --git a/nss/Interoperability/CC-nss-with-openssl/openssl-client.expect b/nss/Interoperability/CC-nss-with-openssl/openssl-client.expect index fb20cbe..4d078ad 100644 --- a/nss/Interoperability/CC-nss-with-openssl/openssl-client.expect +++ b/nss/Interoperability/CC-nss-with-openssl/openssl-client.expect @@ -5,8 +5,10 @@ expect { "Verify return code: 0 " { send "GET / HTTP/1.0\r\r" expect "Server: Generic Web Server" { - close - exit 0 + expect -re ".+" { + close + exit 0 + } } } } diff --git a/nss/Interoperability/renego-and-resumption-NSS-with-OpenSSL/nss-client.expect b/nss/Interoperability/renego-and-resumption-NSS-with-OpenSSL/nss-client.expect index 6df1d2e..a9bd07a 100755 --- a/nss/Interoperability/renego-and-resumption-NSS-with-OpenSSL/nss-client.expect +++ b/nss/Interoperability/renego-and-resumption-NSS-with-OpenSSL/nss-client.expect @@ -4,9 +4,14 @@ spawn /bin/sh -c "$argv" expect { "Enter Password" { send "RedHatEnterpriseLinux6.6\r"; exp_continue } eof { } - "subject DN" { expect "subject DN" { send "GET / HTTP/1.0\r\r"; - expect -timeout 5 "Verify return code"; - close}} + "subject DN" { + expect "subject DN" { + send "GET / HTTP/1.0\r\r"; + expect -timeout 5 "Verify return code"; + sleep 1; + close; + } + } } set info [wait] #puts "Return from wait: $info" From 375a4b5c6966aedf6497b5720e9ca83e2c9bd1e8 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Thu, 15 Dec 2016 11:29:42 +0100 Subject: [PATCH 06/12] Replace all rlIsRHEL calls with rlIsCentOS --- scripts/test-runner.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/scripts/test-runner.sh b/scripts/test-runner.sh index 43d5ab2..0db6e49 100755 --- a/scripts/test-runner.sh +++ b/scripts/test-runner.sh @@ -72,6 +72,11 @@ fi $PKG_MAN -y install net-tools coreutils gawk expect make beakerlib findutils \ procps-ng +# WORKAROUND: Replace all rlIsRHEL calls with rlIsCentos +if [[ $OS_TYPE == "centos" ]]; then + echo 'rlIsRHEL() { rlIsCentOS "$@"; }' >> /usr/share/beakerlib/testing.sh +fi + EC=0 SKIP=0 INDEX=0 From dbddade3ba1de7922757e6f02cf948029a284600 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Sun, 18 Dec 2016 17:58:43 +0100 Subject: [PATCH 07/12] Disable CentOS 5 jobs CentOS 5 is incompatible with the beakerlib workaround. Also, no tests were running on RHEL/CentOS 5 anyway (which can change in the future). --- .travis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 7c32677..bfa10fa 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,18 +3,18 @@ sudo: required env: matrix: # openssl tests - - COMP=openssl OS_TYPE=centos OS_VERSION=5 + #- COMP=openssl OS_TYPE=centos OS_VERSION=5 - COMP=openssl OS_TYPE=centos OS_VERSION=6 - COMP=openssl OS_TYPE=centos OS_VERSION=7 - COMP=openssl OS_TYPE=fedora OS_VERSION=24 # nss tests - - COMP=nss OS_TYPE=centos OS_VERSION=5 + #- COMP=nss OS_TYPE=centos OS_VERSION=5 - COMP=nss OS_TYPE=centos OS_VERSION=6 - COMP=nss OS_TYPE=centos OS_VERSION=7 - COMP=nss OS_TYPE=fedora OS_VERSION=24 TEST_GLOB='@(renego*)' - COMP=nss OS_TYPE=fedora OS_VERSION=24 TEST_GLOB='!(renego*)' # gnutls tests - - COMP=gnutls OS_TYPE=centos OS_VERSION=5 + #- COMP=gnutls OS_TYPE=centos OS_VERSION=5 - COMP=gnutls OS_TYPE=centos OS_VERSION=6 - COMP=gnutls OS_TYPE=centos OS_VERSION=7 - COMP=gnutls OS_TYPE=fedora OS_VERSION=24 From 95070ad8f9063ab8d9d4d722dbd56a8cce425f0d Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Wed, 18 Jan 2017 18:59:38 +0100 Subject: [PATCH 08/12] Install the latest version of beakerlib --- scripts/test-runner.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/scripts/test-runner.sh b/scripts/test-runner.sh index 0db6e49..3bb12c7 100755 --- a/scripts/test-runner.sh +++ b/scripts/test-runner.sh @@ -72,6 +72,12 @@ fi $PKG_MAN -y install net-tools coreutils gawk expect make beakerlib findutils \ procps-ng +if [[ $OS_TYPE == "fedora" ]]; then + $PKG_MAN --enablerepo updates-testing -y install beakerlib +else + $PKG_MAN --enablerepo epel-testing -y install beakerlib +fi + # WORKAROUND: Replace all rlIsRHEL calls with rlIsCentos if [[ $OS_TYPE == "centos" ]]; then echo 'rlIsRHEL() { rlIsCentOS "$@"; }' >> /usr/share/beakerlib/testing.sh From 8f566e3bb638b4b7271dcb8b604452141f2ab17c Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Tue, 31 Jan 2017 14:14:30 +0100 Subject: [PATCH 09/12] Temporarily disable failing tests All disabled test by this commit are going to be updated in the near future. --- gnutls/Interoperability/renegotiation-with-NSS/Makefile | 2 +- gnutls/Interoperability/resumption-with-NSS/Makefile | 2 +- nss/Interoperability/Interoperability-with-OpenSSL/Makefile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/gnutls/Interoperability/renegotiation-with-NSS/Makefile b/gnutls/Interoperability/renegotiation-with-NSS/Makefile index 6651123..528efbf 100644 --- a/gnutls/Interoperability/renegotiation-with-NSS/Makefile +++ b/gnutls/Interoperability/renegotiation-with-NSS/Makefile @@ -58,5 +58,5 @@ $(METADATA): Makefile @echo "License: GPLv2" >> $(METADATA) @echo "Confidential: no" >> $(METADATA) @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) + @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6 -RHEL7" >> $(METADATA) diff --git a/gnutls/Interoperability/resumption-with-NSS/Makefile b/gnutls/Interoperability/resumption-with-NSS/Makefile index 50d75bd..afbe3c2 100644 --- a/gnutls/Interoperability/resumption-with-NSS/Makefile +++ b/gnutls/Interoperability/resumption-with-NSS/Makefile @@ -59,5 +59,5 @@ $(METADATA): Makefile @echo "License: GPLv2" >> $(METADATA) @echo "Confidential: no" >> $(METADATA) @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) + @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -Fedora25" >> $(METADATA) diff --git a/nss/Interoperability/Interoperability-with-OpenSSL/Makefile b/nss/Interoperability/Interoperability-with-OpenSSL/Makefile index 67c4d95..7fa50ed 100644 --- a/nss/Interoperability/Interoperability-with-OpenSSL/Makefile +++ b/nss/Interoperability/Interoperability-with-OpenSSL/Makefile @@ -63,5 +63,5 @@ $(METADATA): Makefile @echo "License: GPLv2" >> $(METADATA) @echo "Confidential: no" >> $(METADATA) @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6 -RHEL7 -Fedora24" >> $(METADATA) + @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6 -RHEL7 -Fedora25" >> $(METADATA) From b19f3a2705a71a27174a84e16bd0125ee69dcd9c Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Wed, 18 Jan 2017 19:48:15 +0100 Subject: [PATCH 10/12] Use the latest version of Fedora --- .travis.yml | 8 ++++---- scripts/test-runner.sh | 12 ++++++++++++ 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index bfa10fa..fb75878 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,18 +6,18 @@ env: #- COMP=openssl OS_TYPE=centos OS_VERSION=5 - COMP=openssl OS_TYPE=centos OS_VERSION=6 - COMP=openssl OS_TYPE=centos OS_VERSION=7 - - COMP=openssl OS_TYPE=fedora OS_VERSION=24 + - COMP=openssl OS_TYPE=fedora OS_VERSION=latest # nss tests #- COMP=nss OS_TYPE=centos OS_VERSION=5 - COMP=nss OS_TYPE=centos OS_VERSION=6 - COMP=nss OS_TYPE=centos OS_VERSION=7 - - COMP=nss OS_TYPE=fedora OS_VERSION=24 TEST_GLOB='@(renego*)' - - COMP=nss OS_TYPE=fedora OS_VERSION=24 TEST_GLOB='!(renego*)' + - COMP=nss OS_TYPE=fedora OS_VERSION=latest TEST_GLOB='@(renego*)' + - COMP=nss OS_TYPE=fedora OS_VERSION=latest TEST_GLOB='!(renego*)' # gnutls tests #- COMP=gnutls OS_TYPE=centos OS_VERSION=5 - COMP=gnutls OS_TYPE=centos OS_VERSION=6 - COMP=gnutls OS_TYPE=centos OS_VERSION=7 - - COMP=gnutls OS_TYPE=fedora OS_VERSION=24 + - COMP=gnutls OS_TYPE=fedora OS_VERSION=latest services: - docker diff --git a/scripts/test-runner.sh b/scripts/test-runner.sh index 3bb12c7..ca35b57 100755 --- a/scripts/test-runner.sh +++ b/scripts/test-runner.sh @@ -52,6 +52,18 @@ OS_TYPE="$1" OS_VERSION="$2" COMPONENT="$3" TEST_GLOB="$4" + +# As the $OS_VERSION is used for relevancy, we need to replace the 'latest' +# version tag with the actual OS version +# So far the 'latest' tag is used only for Fedora +if [[ $OS_VERSION == "latest" ]]; then + OS_VERSION="$(awk '{ print $3; }' < /etc/fedora-release)" + if ! [[ $OS_VERSION =~ ^[0-9]+$ ]]; then + echo >&2 "FATAL: Couldn't determine OS version ($OS_VERSION)" + exit 1 + fi +fi + if [[ $OS_TYPE == "fedora" ]]; then PKG_MAN="dnf" else From 339adc9eb12e8adc5d2d64d0a2a2df7e888fe143 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Sat, 25 Feb 2017 16:10:41 +0100 Subject: [PATCH 11/12] Temporarily disable this test until #9 is merged --- gnutls/Interoperability/renegotiation-with-NSS/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnutls/Interoperability/renegotiation-with-NSS/Makefile b/gnutls/Interoperability/renegotiation-with-NSS/Makefile index 528efbf..f91467c 100644 --- a/gnutls/Interoperability/renegotiation-with-NSS/Makefile +++ b/gnutls/Interoperability/renegotiation-with-NSS/Makefile @@ -58,5 +58,5 @@ $(METADATA): Makefile @echo "License: GPLv2" >> $(METADATA) @echo "Confidential: no" >> $(METADATA) @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6 -RHEL7" >> $(METADATA) + @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6 -RHEL7 -Fedora25" >> $(METADATA) From 339810bcfb3ad6550b1ca4e73b252d015c385174 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Wed, 8 Mar 2017 11:31:06 +0100 Subject: [PATCH 12/12] Force NSS to ignore crypto policies on F25+ This is a temporary workaround for BZ#1426267. --- gnutls/Interoperability/TLSv1-2-with-NSS/runtest.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/gnutls/Interoperability/TLSv1-2-with-NSS/runtest.sh b/gnutls/Interoperability/TLSv1-2-with-NSS/runtest.sh index 9d3edbf..195e30b 100755 --- a/gnutls/Interoperability/TLSv1-2-with-NSS/runtest.sh +++ b/gnutls/Interoperability/TLSv1-2-with-NSS/runtest.sh @@ -38,6 +38,12 @@ CLIENT_UTIL="/usr/lib/nss/unsupported-tools/tstclnt" [ -f /usr/lib64/nss/unsupported-tools/selfserv ] && SERVER_UTIL="/usr/lib64/nss/unsupported-tools/selfserv" [ -f /usr/lib64/nss/unsupported-tools/tstclnt ] && CLIENT_UTIL="/usr/lib64/nss/unsupported-tools/tstclnt" +# Force NSS to ignore crypto policies +# Temporary workaround for BZ#1426267 +if rlIsFedora ">=25"; then + export NSS_IGNORE_SYSTEM_POLICY=1 +fi + rlJournalStart rlPhaseStartSetup rlAssertRpm --all