From 93ea355217cf910224c1af21d4afb8e6e6f70df3 Mon Sep 17 00:00:00 2001 From: Elms Date: Fri, 5 Feb 2021 07:25:07 -0800 Subject: [PATCH 1/4] build: fix `make distcheck` Need to check if `unit.test` was run from make process and set different path to run unit test executable. Writing files in the dist is not allowed during distcheck so write files to subdirectory used build during distmake --- Makefile.am | 6 +++++- scripts/unit.test | 12 +++++++++--- testsuite/include.am | 1 - wolfcrypt/test/test.c | 40 ++++++++++++++++++++++++---------------- 4 files changed, 38 insertions(+), 21 deletions(-) diff --git a/Makefile.am b/Makefile.am index 6e2f3b478..c0477397c 100644 --- a/Makefile.am +++ b/Makefile.am @@ -23,11 +23,15 @@ noinst_DATA = SUBDIRS_OPT = DIST_SUBDIRS_OPT = +DISTCHECK_CONFIGURE_FLAGS = CPPFLAGS=-DDISTCHECK_BUILD + #includes additional rules from aminclude.am @INC_AMINCLUDE@ DISTCLEANFILES+= aminclude.am -CLEANFILES+= cert.der \ +CLEANFILES+= ecc-key.der \ + ecc-public-key.der \ + cert.der \ cert.pem \ certecc.der \ certecc.pem \ diff --git a/scripts/unit.test b/scripts/unit.test index 3881334a3..6383a9800 100755 --- a/scripts/unit.test +++ b/scripts/unit.test @@ -1,9 +1,15 @@ #!/bin/sh -DIRNAME="$(dirname "$0")" +# for makefile use PWD as it is safe to assume location of execution +if [ "$MAKELEVEL" != "" ]; then + DIRNAME=$PWD; +else + DIRNAME="$(dirname "$0")/.."; +fi + bwrap_path="$(command -v bwrap)" if [ -n "$bwrap_path" ]; then - exec "$bwrap_path" --unshare-net --dev-bind / / "$DIRNAME/../tests/unit.test" "$@" + exec "$bwrap_path" --unshare-net --dev-bind / / "$DIRNAME/tests/unit.test" "$@" else - exec "$DIRNAME/../tests/unit.test" "$@" + exec "$DIRNAME/tests/unit.test" "$@" fi diff --git a/testsuite/include.am b/testsuite/include.am index ed2604427..04e7de24b 100644 --- a/testsuite/include.am +++ b/testsuite/include.am @@ -5,7 +5,6 @@ if BUILD_TESTS check_PROGRAMS += testsuite/testsuite.test -noinst_PROGRAMS += testsuite/testsuite.test testsuite_testsuite_test_SOURCES = \ wolfcrypt/test/test.c \ examples/client/client.c \ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index b924cd9d4..12ed8759a 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -11647,6 +11647,14 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out) #endif #define CERT_ROOT CERT_PREFIX "certs" CERT_PATH_SEP +#ifdef DISTCHECK_BUILD +/* This is the path used during distcheck by autotools. + * Using a temp directory passed in would be more flexible */ + #define CERT_TEMPDIR "./_build/sub/" +#else + #define CERT_TEMPDIR CERT_PREFIX +#endif + /* Generated Test Certs */ #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ !defined(USE_CERT_BUFFERS_3072) && !defined(USE_CERT_BUFFERS_4096) @@ -11738,44 +11746,44 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out) #ifndef NO_WRITE_TEMP_FILES #ifdef HAVE_ECC #ifdef WOLFSSL_CERT_GEN - static const char* certEccPemFile = CERT_PREFIX "certecc.pem"; + static const char* certEccPemFile = CERT_TEMPDIR "certecc.pem"; #endif #if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA) - static const char* certEccRsaPemFile = CERT_PREFIX "certeccrsa.pem"; - static const char* certEccRsaDerFile = CERT_PREFIX "certeccrsa.der"; + static const char* certEccRsaPemFile = CERT_TEMPDIR "certeccrsa.pem"; + static const char* certEccRsaDerFile = CERT_TEMPDIR "certeccrsa.der"; #endif - static const char* eccCaKeyPemFile = CERT_PREFIX "ecc-key.pem"; - static const char* eccPubKeyDerFile = CERT_PREFIX "ecc-public-key.der"; - static const char* eccCaKeyTempFile = CERT_PREFIX "ecc-key.der"; + static const char* eccCaKeyPemFile = CERT_TEMPDIR "ecc-key.pem"; + static const char* eccPubKeyDerFile = CERT_TEMPDIR "ecc-public-key.der"; + static const char* eccCaKeyTempFile = CERT_TEMPDIR "ecc-key.der"; #ifdef HAVE_PKCS8 - static const char* eccPkcs8KeyDerFile = CERT_PREFIX "ecc-key-pkcs8.der"; + static const char* eccPkcs8KeyDerFile = CERT_TEMPDIR "ecc-key-pkcs8.der"; #endif #if defined(WOLFSSL_CERT_GEN) || \ (defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_TEST_CERT)) - static const char* certEccDerFile = CERT_PREFIX "certecc.der"; + static const char* certEccDerFile = CERT_TEMPDIR "certecc.der"; #endif #endif /* HAVE_ECC */ #ifndef NO_RSA #if defined(WOLFSSL_CERT_GEN) || \ (defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_TEST_CERT)) - static const char* otherCertDerFile = CERT_PREFIX "othercert.der"; - static const char* certDerFile = CERT_PREFIX "cert.der"; + static const char* otherCertDerFile = CERT_TEMPDIR "othercert.der"; + static const char* certDerFile = CERT_TEMPDIR "cert.der"; #endif #ifdef WOLFSSL_CERT_GEN - static const char* otherCertPemFile = CERT_PREFIX "othercert.pem"; - static const char* certPemFile = CERT_PREFIX "cert.pem"; + static const char* otherCertPemFile = CERT_TEMPDIR "othercert.pem"; + static const char* certPemFile = CERT_TEMPDIR "cert.pem"; #endif #ifdef WOLFSSL_CERT_REQ - static const char* certReqDerFile = CERT_PREFIX "certreq.der"; - static const char* certReqPemFile = CERT_PREFIX "certreq.pem"; + static const char* certReqDerFile = CERT_TEMPDIR "certreq.der"; + static const char* certReqPemFile = CERT_TEMPDIR "certreq.pem"; #endif #endif /* !NO_RSA */ #if !defined(NO_RSA) || !defined(NO_DSA) #ifdef WOLFSSL_KEY_GEN - static const char* keyDerFile = CERT_PREFIX "key.der"; - static const char* keyPemFile = CERT_PREFIX "key.pem"; + static const char* keyDerFile = CERT_TEMPDIR "key.der"; + static const char* keyPemFile = CERT_TEMPDIR "key.pem"; #endif #endif From c17597a4fb1795911a2ae126fa0734b6ae1c663a Mon Sep 17 00:00:00 2001 From: Elms Date: Fri, 5 Feb 2021 10:40:31 -0800 Subject: [PATCH 2/4] build: arbitrary path for `make check` To support builds in other directories, unit.test and wolfcrypt test must be aware of the source and build directory. --- .gitignore | 4 +++ Makefile.am | 2 -- configure.ac | 10 +++++- scripts/include.am | 1 + scripts/unit.test | 15 --------- scripts/unit.test.in | 8 +++++ wolfcrypt/test/include.am | 3 +- wolfcrypt/test/test.c | 56 +++++++++++++++++++--------------- wolfcrypt/test/test_paths.h.in | 25 +++++++++++++++ 9 files changed, 79 insertions(+), 45 deletions(-) delete mode 100755 scripts/unit.test create mode 100644 scripts/unit.test.in create mode 100644 wolfcrypt/test/test_paths.h.in diff --git a/.gitignore b/.gitignore index 0e10af5f9..e4b39ed6e 100644 --- a/.gitignore +++ b/.gitignore @@ -242,6 +242,10 @@ linuxkm/libwolfssl.mod.c linuxkm/module_exports.c linuxkm/linuxkm/get_thread_size +# autotools generated +scripts/unit.test +wolfcrypt/test/test_paths.h + # MPLAB Generated Files (OS X) mcapi/wolfcrypt_mcapi.X/nbproject/Makefile-* mcapi/wolfcrypt_mcapi.X/nbproject/Package-default.bash diff --git a/Makefile.am b/Makefile.am index c0477397c..78e0e45ee 100644 --- a/Makefile.am +++ b/Makefile.am @@ -23,8 +23,6 @@ noinst_DATA = SUBDIRS_OPT = DIST_SUBDIRS_OPT = -DISTCHECK_CONFIGURE_FLAGS = CPPFLAGS=-DDISTCHECK_BUILD - #includes additional rules from aminclude.am @INC_AMINCLUDE@ DISTCLEANFILES+= aminclude.am diff --git a/configure.ac b/configure.ac index 054a7b4e3..fd60f815c 100644 --- a/configure.ac +++ b/configure.ac @@ -6145,7 +6145,15 @@ AC_SUBST([LIB_STATIC_ADD]) # FINAL AC_CONFIG_FILES([stamp-h], [echo timestamp > stamp-h]) -AC_CONFIG_FILES([Makefile wolfssl/version.h wolfssl/options.h cyassl/options.h support/wolfssl.pc rpm/spec]) +AC_CONFIG_FILES([Makefile + wolfssl/version.h + wolfssl/options.h + cyassl/options.h + support/wolfssl.pc + rpm/spec + wolfcrypt/test/test_paths.h + ]) +AC_CONFIG_FILES([scripts/unit.test],[chmod +x scripts/unit.test]) AX_CREATE_GENERIC_CONFIG AX_AM_JOBSERVER([yes]) diff --git a/scripts/include.am b/scripts/include.am index fafdb43ab..dc47aad84 100644 --- a/scripts/include.am +++ b/scripts/include.am @@ -82,6 +82,7 @@ dist_noinst_SCRIPTS+= scripts/ocsp.test endif dist_noinst_SCRIPTS+= scripts/unit.test +noinst_SCRIPTS+= scripts/unit.test.in endif endif diff --git a/scripts/unit.test b/scripts/unit.test deleted file mode 100755 index 6383a9800..000000000 --- a/scripts/unit.test +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh - -# for makefile use PWD as it is safe to assume location of execution -if [ "$MAKELEVEL" != "" ]; then - DIRNAME=$PWD; -else - DIRNAME="$(dirname "$0")/.."; -fi - -bwrap_path="$(command -v bwrap)" -if [ -n "$bwrap_path" ]; then - exec "$bwrap_path" --unshare-net --dev-bind / / "$DIRNAME/tests/unit.test" "$@" -else - exec "$DIRNAME/tests/unit.test" "$@" -fi diff --git a/scripts/unit.test.in b/scripts/unit.test.in new file mode 100644 index 000000000..2bb3012ad --- /dev/null +++ b/scripts/unit.test.in @@ -0,0 +1,8 @@ +#!/bin/sh + +bwrap_path="$(command -v bwrap)" +if [ -n "$bwrap_path" ]; then + exec "$bwrap_path" --unshare-net --dev-bind / / "@builddir@/tests/unit.test" "$@" +else + exec "@builddir@/tests/unit.test" "$@" +fi diff --git a/wolfcrypt/test/include.am b/wolfcrypt/test/include.am index 37b4a8b95..905333ee8 100644 --- a/wolfcrypt/test/include.am +++ b/wolfcrypt/test/include.am @@ -12,8 +12,7 @@ noinst_PROGRAMS+= wolfcrypt/test/testwolfcrypt wolfcrypt_test_testwolfcrypt_SOURCES = wolfcrypt/test/test.c wolfcrypt_test_testwolfcrypt_LDADD = src/libwolfssl.la $(LIB_STATIC_ADD) wolfcrypt_test_testwolfcrypt_DEPENDENCIES = src/libwolfssl.la -noinst_HEADERS += wolfcrypt/test/test.h - +noinst_HEADERS += wolfcrypt/test/test.h wolfcrypt/test/test_paths.h.in endif endif diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 12ed8759a..ada142640 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -94,8 +94,14 @@ _Pragma("GCC diagnostic ignored \"-Wunused-function\""); #endif #ifdef USE_FLAT_TEST_H + #ifdef HAVE_CONFIG_H + #include "test_paths.h" + #endif #include "test.h" #else + #ifdef HAVE_CONFIG_H + #include "wolfcrypt/test/test_paths.h" + #endif #include "wolfcrypt/test/test.h" #endif @@ -11641,20 +11647,20 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out) #elif defined(WOLFSSL_uTKERNEL2) #define CERT_PREFIX "/uda/" #define CERT_PATH_SEP "/" -#else +#endif + +#ifndef CERT_PREFIX #define CERT_PREFIX "./" +#endif +#ifndef CERT_PATH_SEP #define CERT_PATH_SEP "/" #endif -#define CERT_ROOT CERT_PREFIX "certs" CERT_PATH_SEP - -#ifdef DISTCHECK_BUILD -/* This is the path used during distcheck by autotools. - * Using a temp directory passed in would be more flexible */ - #define CERT_TEMPDIR "./_build/sub/" -#else - #define CERT_TEMPDIR CERT_PREFIX +#ifndef CERT_WRITE_TEMP_DIR + #define CERT_WRITE_TEMP_DIR CERT_PREFIX #endif +#define CERT_ROOT CERT_PREFIX "certs" CERT_PATH_SEP + /* Generated Test Certs */ #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ !defined(USE_CERT_BUFFERS_3072) && !defined(USE_CERT_BUFFERS_4096) @@ -11746,44 +11752,44 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out) #ifndef NO_WRITE_TEMP_FILES #ifdef HAVE_ECC #ifdef WOLFSSL_CERT_GEN - static const char* certEccPemFile = CERT_TEMPDIR "certecc.pem"; + static const char* certEccPemFile = CERT_WRITE_TEMP_DIR "certecc.pem"; #endif #if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA) - static const char* certEccRsaPemFile = CERT_TEMPDIR "certeccrsa.pem"; - static const char* certEccRsaDerFile = CERT_TEMPDIR "certeccrsa.der"; + static const char* certEccRsaPemFile = CERT_WRITE_TEMP_DIR "certeccrsa.pem"; + static const char* certEccRsaDerFile = CERT_WRITE_TEMP_DIR "certeccrsa.der"; #endif - static const char* eccCaKeyPemFile = CERT_TEMPDIR "ecc-key.pem"; - static const char* eccPubKeyDerFile = CERT_TEMPDIR "ecc-public-key.der"; - static const char* eccCaKeyTempFile = CERT_TEMPDIR "ecc-key.der"; + static const char* eccCaKeyPemFile = CERT_WRITE_TEMP_DIR "ecc-key.pem"; + static const char* eccPubKeyDerFile = CERT_WRITE_TEMP_DIR "ecc-public-key.der"; + static const char* eccCaKeyTempFile = CERT_WRITE_TEMP_DIR "ecc-key.der"; #ifdef HAVE_PKCS8 - static const char* eccPkcs8KeyDerFile = CERT_TEMPDIR "ecc-key-pkcs8.der"; + static const char* eccPkcs8KeyDerFile = CERT_WRITE_TEMP_DIR "ecc-key-pkcs8.der"; #endif #if defined(WOLFSSL_CERT_GEN) || \ (defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_TEST_CERT)) - static const char* certEccDerFile = CERT_TEMPDIR "certecc.der"; + static const char* certEccDerFile = CERT_WRITE_TEMP_DIR "certecc.der"; #endif #endif /* HAVE_ECC */ #ifndef NO_RSA #if defined(WOLFSSL_CERT_GEN) || \ (defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_TEST_CERT)) - static const char* otherCertDerFile = CERT_TEMPDIR "othercert.der"; - static const char* certDerFile = CERT_TEMPDIR "cert.der"; + static const char* otherCertDerFile = CERT_WRITE_TEMP_DIR "othercert.der"; + static const char* certDerFile = CERT_WRITE_TEMP_DIR "cert.der"; #endif #ifdef WOLFSSL_CERT_GEN - static const char* otherCertPemFile = CERT_TEMPDIR "othercert.pem"; - static const char* certPemFile = CERT_TEMPDIR "cert.pem"; + static const char* otherCertPemFile = CERT_WRITE_TEMP_DIR "othercert.pem"; + static const char* certPemFile = CERT_WRITE_TEMP_DIR "cert.pem"; #endif #ifdef WOLFSSL_CERT_REQ - static const char* certReqDerFile = CERT_TEMPDIR "certreq.der"; - static const char* certReqPemFile = CERT_TEMPDIR "certreq.pem"; + static const char* certReqDerFile = CERT_WRITE_TEMP_DIR "certreq.der"; + static const char* certReqPemFile = CERT_WRITE_TEMP_DIR "certreq.pem"; #endif #endif /* !NO_RSA */ #if !defined(NO_RSA) || !defined(NO_DSA) #ifdef WOLFSSL_KEY_GEN - static const char* keyDerFile = CERT_TEMPDIR "key.der"; - static const char* keyPemFile = CERT_TEMPDIR "key.pem"; + static const char* keyDerFile = CERT_WRITE_TEMP_DIR "key.der"; + static const char* keyPemFile = CERT_WRITE_TEMP_DIR "key.pem"; #endif #endif diff --git a/wolfcrypt/test/test_paths.h.in b/wolfcrypt/test/test_paths.h.in new file mode 100644 index 000000000..e4428c459 --- /dev/null +++ b/wolfcrypt/test/test_paths.h.in @@ -0,0 +1,25 @@ +/* wolfcrypt/test/test_paths.h + * + * Copyright (C) 2006-2020 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#ifndef NO_FILESYSTEM + #define CERT_PREFIX "@abs_top_srcdir@/" + #define CERT_WRITE_TEMP_DIR "@abs_top_builddir@/" +#endif /* NO_FILESYSTEM */ From e26f1529c0acbe05de8a14fc6dc1bc39b430009a Mon Sep 17 00:00:00 2001 From: Elms Date: Fri, 5 Feb 2021 14:35:50 -0800 Subject: [PATCH 3/4] build: revert change so `make` generates `testsuite.test` A change to `include.am` caused `make check` to generate, but `make` without arguments to not generate it.` --- testsuite/include.am | 1 + 1 file changed, 1 insertion(+) diff --git a/testsuite/include.am b/testsuite/include.am index 04e7de24b..ed2604427 100644 --- a/testsuite/include.am +++ b/testsuite/include.am @@ -5,6 +5,7 @@ if BUILD_TESTS check_PROGRAMS += testsuite/testsuite.test +noinst_PROGRAMS += testsuite/testsuite.test testsuite_testsuite_test_SOURCES = \ wolfcrypt/test/test.c \ examples/client/client.c \ From 12eddee10426b38f6515bd435e690880df70fe9b Mon Sep 17 00:00:00 2001 From: Elms Date: Mon, 8 Feb 2021 10:43:31 -0800 Subject: [PATCH 4/4] scripts: fix tests for out of tree `distcheck` Copying or using certs from directory relative to scripts source directory. --- scripts/crl-revoked.test | 6 ++++-- scripts/ocsp-stapling-with-ca-as-responder.test | 4 +++- scripts/ocsp-stapling.test | 6 ++++-- scripts/ocsp-stapling2.test | 4 +++- scripts/ocsp.test | 8 +++++--- 5 files changed, 19 insertions(+), 9 deletions(-) diff --git a/scripts/crl-revoked.test b/scripts/crl-revoked.test index e49611c64..9d7f7eba0 100755 --- a/scripts/crl-revoked.test +++ b/scripts/crl-revoked.test @@ -1,6 +1,7 @@ -#!/bin/sh +#!/bin/bash #crl.test +CERT_DIR=certs # if we can, isolate the network namespace to eliminate port collisions. if [ "${AM_BWRAPPED-}" != "yes" ]; then @@ -70,7 +71,8 @@ run_test() { # mutex lock, -c loads the revoked certificate. We capture the processid # into the variable server_pid ./examples/server/server -R $ready_file -p $crl_port \ - -c certs/server-revoked-cert.pem -k certs/server-revoked-key.pem & + -c ${CERT_DIR}/server-revoked-cert.pem \ + -k ${CERT_DIR}/server-revoked-key.pem & server_pid=$! while [ ! -s $ready_file -a "$counter" -lt 20 ]; do diff --git a/scripts/ocsp-stapling-with-ca-as-responder.test b/scripts/ocsp-stapling-with-ca-as-responder.test index faccf985f..0991b4569 100755 --- a/scripts/ocsp-stapling-with-ca-as-responder.test +++ b/scripts/ocsp-stapling-with-ca-as-responder.test @@ -2,6 +2,8 @@ # ocsp-stapling-with-ca-as-responder.test +SCRIPT_DIR="$(dirname "$0")" + # if we can, isolate the network namespace to eliminate port collisions. if [ "${AM_BWRAPPED-}" != "yes" ]; then bwrap_path="$(command -v bwrap)" @@ -32,7 +34,7 @@ PARENTDIR="$PWD" WORKSPACE="${PARENTDIR}/workspace.pid$$" mkdir "${WORKSPACE}" || exit $? -cp -pR certs "${WORKSPACE}"/ || exit $? +cp -pR ${SCRIPT_DIR}/../certs "${WORKSPACE}"/ || exit $? cd "$WORKSPACE" || exit $? ln -s ../examples diff --git a/scripts/ocsp-stapling.test b/scripts/ocsp-stapling.test index eb7244645..7a1583138 100755 --- a/scripts/ocsp-stapling.test +++ b/scripts/ocsp-stapling.test @@ -5,6 +5,8 @@ # Note, this script makes connection(s) to the public Internet. +SCRIPT_DIR="$(dirname "$0")" + if [[ -z "${RETRIES_REMAINING-}" ]]; then export RETRIES_REMAINING=2 fi @@ -51,7 +53,7 @@ PARENTDIR="$PWD" WORKSPACE="${PARENTDIR}/workspace.pid$$" mkdir "${WORKSPACE}" || exit $? -cp -pR certs "${WORKSPACE}"/ || exit $? +cp -pR ${SCRIPT_DIR}/../certs "${WORKSPACE}"/ || exit $? cd "$WORKSPACE" || exit $? ln -s ../examples @@ -270,7 +272,7 @@ sleep 0.1 # client test against the server server=login.live.com #ca=certs/external/baltimore-cybertrust-root.pem -ca=certs/external/ca_collection.pem +ca=./certs/external/ca_collection.pem if [[ "$V4V6" == "4" ]]; then ./examples/client/client -C -h $server -p 443 -A $ca -g -W 1 diff --git a/scripts/ocsp-stapling2.test b/scripts/ocsp-stapling2.test index 55c0c716a..70a9ab857 100755 --- a/scripts/ocsp-stapling2.test +++ b/scripts/ocsp-stapling2.test @@ -3,6 +3,8 @@ # ocsp-stapling2.test # Test requires HAVE_OCSP and HAVE_CERTIFICATE_STATUS_REQUEST_V2 +SCRIPT_DIR="$(dirname "$0")" + # if we can, isolate the network namespace to eliminate port collisions. if [ "${AM_BWRAPPED-}" != "yes" ]; then bwrap_path="$(command -v bwrap)" @@ -51,7 +53,7 @@ PARENTDIR="$PWD" WORKSPACE="${PARENTDIR}/workspace.pid$$" mkdir "${WORKSPACE}" || exit $? -cp -pR certs "${WORKSPACE}"/ || exit $? +cp -pR ${SCRIPT_DIR}/../certs "${WORKSPACE}"/ || exit $? cd "$WORKSPACE" || exit $? ln -s ../examples diff --git a/scripts/ocsp.test b/scripts/ocsp.test index a939ca229..74231b404 100755 --- a/scripts/ocsp.test +++ b/scripts/ocsp.test @@ -4,6 +4,8 @@ # Note, this script makes connection(s) to the public Internet. +SCRIPT_DIR="$(dirname "$0")" + server=www.globalsign.com ca=certs/external/ca-globalsign-root.pem @@ -25,7 +27,7 @@ if [ "$OUTPUT" = "SNI is: ON" ]; then printf '\n\n%s\n\n' "SNI is on, proceed with globalsign test" # is our desired server there? - ./scripts/ping.test $server 2 + ${SCRIPT_DIR}/ping.test $server 2 RESULT=$? if [ $RESULT -ne 0 ]; then GL_UNREACHABLE=1 @@ -45,10 +47,10 @@ else fi server=www.google.com -ca=certs/external/ca-google-root.pem +ca=${SCRIPT_DIR}/../certs/external/ca-google-root.pem # is our desired server there? -./scripts/ping.test $server 2 +${SCRIPT_DIR}/ping.test $server 2 RESULT=$? if [ $RESULT -eq 0 ]; then # client test against the server