tcl_tests: ca.try: Ignore openssl crl exit status for 'corrupted CRL' test

[openssl-gost/engine.git] / tcl_tests / runtest.sh

#!/bin/sh

# Состав набора тестов
# 1. Этот скрипт
# 2. Файлы *.try
# 3. Файлы *.tcl
# 4. Файлы *.ciphers
# 5. calcstat
# 6. oidfile
# 7. name2oid.tst

# Пререквизиты, которые должны быть установлены на машине:
# 1. tclsh.  Может называться с версией (см. список версий ниже в цикле
# перебора)
# 2. ssh (что характерно, называться должен именно так). Должен быть
# настроен заход по ключам без пароля на lynx и все используемые эталонники.
# Ключи этих машин должны быть в knownhosts (с полными доменными именами
# серверов, то есть lynx.lan.cryptocom.ru и т.д.)
# 3. Под Windows скрипт выполняется в среде MinGW, при этом нужно "донастроить"
# ssh, а именно создать в разделе реестра
# HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
# DWORD-ключ DisableUserTOSSetting=0

CRYPTOPACK_MAIN_VERSION=3

if [ -n "$OPENSSL_LIBCRYPTO" ]; then
    libdir=`dirname $OPENSSL_LIBCRYPTO`
    # Linux, ELF HP-UX
    LD_LIBRARY_PATH=${libdir}${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}
    export LD_LIBRARY_PATH
    # MacOS X
    DYLD_LIBRARY_PATH=${libdir}${DYLD_LIBRARY_PATH:+:${DYLD_LIBRARY_PATH}}
    export DYLD_LIBRARY_PATH
fi
: ${OPENSSL_APP:=$(which openssl 2>/dev/null)}
if [ -z "$OPENSSL_APP" ]; then
        if [ "$OS" != "Windows NT" -a "$OS" != "Windows_NT" ]; then
                if [ -x  /opt/cryptopack$CRYPTOPACK_MAIN_VERSION/bin/openssl ]; then
                        OPENSSL_APP=/opt/cryptopack$CRYPTOPACK_MAIN_VERSION/bin/openssl
                elif [ -x /usr/local/cryptopack$CRYPTOPACK_MAIN_VERSION/bin/openssl ];then
                        OPENSSL_APP=/usr/local/cryptopack$CRYPTOPACK_MAIN_VERSION/bin/openssl
                fi
        else
                if [ -x c:/cryptopack$CRYPTOPACK_MAIN_VERSION/bin/openssl.exe ] ; then
                        OPENSSL_APP=c:/cryptopack$CRYPTOPACK_MAIN_VERSION/bin/openssl.exe
                fi
        fi
fi
if [ -z "$OPENSSL_APP" ]; then
        echo "openssl not found"
        exit 1
else
        echo "Using $OPENSSL_APP as openssl"
fi

: ${TCLSH:=$(which tclsh)}
if [ -z "$TCLSH" ]; then
        for version in "" 8.4 84 8.5 85 8.6 86; do
                for command in tclsh$version; do
                        for dir in `echo "/opt/cryptopack/bin:$PATH" | sed -e 's/:/ /g'`; do
                                echo "Checking $dir/$command"
                                if [ -x $dir/$command ]; then
                                        TCLSH=$dir/$command
                                        break 3
                                fi
                        done
                done
        done
fi

if [ -z "$TCLSH" ]; then
        echo "tclsh not found in PATH, neither with nor without version, exiting"
        exit 2
else
        echo "Using $TCLSH as tclsh"
fi
TCLSH="$TCLSH -encoding utf-8"

echo "PWD: $PWD"
: ${OPENSSL_CONF:=$PWD/openssl-gost.cnf}
echo "OPENSSL_CONF: $OPENSSL_CONF"
export OPENSSL_CONF
echo "ENGINE_DIR: $ENGINE_DIR"
: ${OPENSSL_ENGINES:=$ENGINE_DIR}
echo "OPENSSL_ENGINES: $OPENSSL_ENGINES"
export OPENSSL_ENGINES
APP_SUFFIX=`basename $OPENSSL_APP .exe|sed s/openssl//`
[ -n "$OPENSSL_APP" ]&& export OPENSSL_APP
ENGINE_NAME=`$TCLSH getengine.tcl`
export ENGINE_NAME
[ -z "$TESTDIR" ] && TESTDIR=`pwd`
TESTDIR=${TESTDIR}/`hostname`-$ENGINE_NAME
[ -n "$APP_SUFFIX" ] && TESTDIR=${TESTDIR}-${APP_SUFFIX}
[ -d ${TESTDIR} ] && rm -rf ${TESTDIR}
mkdir -p ${TESTDIR}
cp oidfile ${TESTDIR}
export TESTDIR

case "$ENGINE_NAME" in
        gostkc3)
                BASE_TEST="1"
                ;;
        cryptocom)
                BASE_TESTS="engine dgst mac pkcs8 enc req-genpkey req-newkey ca smime smime2 smimeenc cms cms2 cmsenc pkcs12 nopath ocsp ts ssl smime_io cms_io smimeenc_io cmsenc_io"
                OTHER_DIR=`echo $TESTDIR |sed 's/cryptocom/gost/'`
                ;;
        gost)
                BASE_TESTS="engine dgst mac pkcs8 enc req-genpkey req-newkey ca smime smime2 smimeenc cms cms2 cmstc262019 cmsenc pkcs12 nopath ocsp ts ssl smime_io cms_io smimeenc_io cmsenc_io"
                OTHER_DIR=`echo $TESTDIR |sed 's/gost/cryptocom/'`
                ;;
        *)
                echo "No GOST=providing engine found" 1>&2
                exit 1;
esac
if [ -x copy_param ];  then
        BASE_TESTS="$BASE_TESTS apache"
fi
PKCS7_COMPATIBILITY_TESTS="smime_cs cmsenc_cs cmsenc_sc"
SERVER_TESTS="cp20 cp21 csp36r4 csp39 csp4 csp4r3 csp5"
CLIENT_TESTS="cp20 cp21"
WINCLIENT_TESTS="p1-1xa-tls1-v-cp36r4-srv p1-1xa-tls1-v-cp39-srv p1-1xa-tls1-v-cp4-01 p2-1xa-tls1-v-cp4-01 p2-2xa-tls1-v-cp4-12S p2-5xa-tls1-v-cp4-12L p1-1xa-tls1-v-cp4r3-01 p2-1xa-tls1-v-cp4r3-01 p2-2xa-tls1-v-cp4r3-01 p2-5xa-tls1-v-cp4r3-01 p1-1xa-tls1_1-v-cp4r3-01 p2-1xa-tls1_1-v-cp4r3-01 p2-2xa-tls1_1-v-cp4r3-01 p2-5xa-tls1_1-v-cp4r3-01 p1-1xa-tls1_2-v-cp4r3-01 p2-1xa-tls1_2-v-cp4r3-01 p2-2xa-tls1_2-v-cp4r3-01 p2-5xa-tls1_2-v-cp4r3-01 p1-1xa-tls1-v-cp5-01 p2-1xa-tls1-v-cp5-01 p2-2xa-tls1-v-cp5-01 p2-5xa-tls1-v-cp5-01 p1-1xa-tls1_1-v-cp5-01 p2-1xa-tls1_1-v-cp5-01 p2-2xa-tls1_1-v-cp5-01 p2-5xa-tls1_1-v-cp5-01 p1-1xa-tls1_2-v-cp5-01 p2-1xa-tls1_2-v-cp5-01 p2-2xa-tls1_2-v-cp5-01 p2-5xa-tls1_2-v-cp5-01 p8k-5xa-tls1_2-v-cp5-01 p8k-2xa-tls1_2-v-cp5-01 p8m-5xa-tls1_2-v-cp5-01 p8m-2xa-tls1_2-v-cp5-01"
OPENSSL_DEBUG_MEMORY=on
export OPENSSL_DEBUG_MEMORY

fail=0
if [ "$*" ]; then
  for t do
    $TCLSH $t.try || fail=1
  done
  exit $fail
fi
for t in $BASE_TESTS; do
        if [ "$CI" ]; then
                if $TCLSH $t.try > $TESTDIR/$t.out 2>&1; then
                        head -1 $TESTDIR/$t.out
                else
                        fail=2
                        cat $TESTDIR/$t.out
                        echo "=== Output failures of $TESTDIR/$t.log ==="
                        awk "/ ends failed/" RS= ORS='\n\n' $TESTDIR/$t.log |
                                sed 's/^/\t/'
                        echo "=== End of $TESTDIR/$t.log ==="
                        exit 1
                fi
        else
                $TCLSH $t.try || fail=3
        fi
done

if false; then # ignore some tests for a time
ALG_LIST="rsa:1024 gost2001:XA gost2012_256:XA gost2012_512:A" $TCLSH ssl.try -clientconf $OPENSSL_CONF || fail=4
ALG_LIST="rsa:1024 gost2001:XA gost2012_256:XA gost2012_512:A" $TCLSH ssl.try -serverconf $OPENSSL_CONF || fail=5

for t in $PKCS7_COMPATIBILITY_TESTS; do
        $TCLSH $t.try || fail=6
done
for t in $SERVER_TESTS; do
        $TCLSH server.try $t || fail=7
done
for t in $CLIENT_TESTS; do
        $TCLSH client.try $t || fail=8
done
if [ -n "WINCLIENT_TESTS" ]; then
        if [ -z "$CVS_RSH" ]; then
                CVS_RSH=ssh
                export CVS_RSH
        fi
        for t in $WINCLIENT_TESTS; do
                $TCLSH wcli.try $t || fail=9
        done
fi
if [ -d $OTHER_DIR ]; then
        OTHER_DIR=../${OTHER_DIR} $TCLSH interop.try
fi
if [ -d OtherVersion ] ; then
        case "$ENGINE_NAME" in
                gostkc3)
                        ;;
                cryptocom)
                        OTHER_DIR=../OtherVersion ALG_LIST="gost2001:A gost2001:B gost2001:C" ENC_LIST="gost2001:A:1.2.643.2.2.31.3 gost2001:B:1.2.643.2.2.31.4 gost2001:C:1.2.643.2.2.31.2 gost2001:A:" $TCLSH interop.try
                        ;;
                gost)
                        OTHER_DIR=../OtherVersion ALG_LIST="gost2001:A gost2001:B gost2001:C" ENC_LIST="gost2001:A:1.2.643.2.2.31.3 gost2001:B:1.2.643.2.2.31.4 gost2001:C:1.2.643.2.2.31.2 gost2001:A:" $TCLSH interop.try
                        ;;
                *)
                        echo "No GOST=providing engine found" 1>&2
                        exit 1;
        esac
fi
fi # false
$TCLSH calcstat ${TESTDIR}/stats ${TESTDIR}/test.result
grep "leaked" ${TESTDIR}/*.log
if [ $fail  -ne 0 ]; then
        echo "Some tests FAILED, code $fail."
fi

exit $fail