diff --git a/scripts/crl-revoked.test b/scripts/crl-revoked.test index 821b6aac8..e49611c64 100755 --- a/scripts/crl-revoked.test +++ b/scripts/crl-revoked.test @@ -79,6 +79,9 @@ run_test() { counter=$((counter+ 1)) done + # sleep for an additional 0.1 to mitigate race on write/read of $ready_file: + sleep 0.1 + if test -e $ready_file; then echo -e "found ready file, starting client..." else @@ -87,7 +90,7 @@ run_test() { fi # get created port 0 ephemeral port - crl_port=`cat $ready_file` + crl_port="$(cat $ready_file)" # starts client on crl_port and captures the output from client capture_out=$(./examples/client/client -p $crl_port 2>&1) diff --git a/scripts/ocsp-stapling-with-ca-as-responder.test b/scripts/ocsp-stapling-with-ca-as-responder.test index fa264ef0f..faccf985f 100755 --- a/scripts/ocsp-stapling-with-ca-as-responder.test +++ b/scripts/ocsp-stapling-with-ca-as-responder.test @@ -23,7 +23,7 @@ if [ $? -eq 0 ]; then exit 0 fi -PARENTDIR=`pwd` +PARENTDIR="$PWD" # create a unique workspace directory ending in PID for the script instance ($$) # to make this instance orthogonal to any others running, even on same repo. @@ -126,7 +126,7 @@ create_new_cnf() { mv $test_cnf $CERT_DIR/$test_cnf cd $CERT_DIR - CURR_LOC=`pwd` + CURR_LOC="$PWD" printf '%s\n' "echo now in $CURR_LOC" ./renewcerts-for-test.sh $test_cnf cd $WORKSPACE @@ -202,11 +202,10 @@ if [ ! -f $ready_file ]; then printf '%s\n' "Failed to create ready file: \"$ready_file\"" exit 1 else - RPORTSELECTED=`cat $ready_file` - printf '%s\n' "Random port selected: $RPORTSELECTED" + printf '%s\n' "Random port selected: $port1" # Use client connection to shutdown the server cleanly - ./examples/client/client -p $RPORTSELECTED - create_new_cnf $RPORTSELECTED + ./examples/client/client -p $port1 + create_new_cnf $port1 fi sleep 0.1 @@ -224,7 +223,7 @@ sleep 0.1 # OLD: ./certs/ocsp/ocspd-intermediate1-ca-issued-certs-with-ca-as-responder.sh & # NEW: openssl isn't being cleaned up, invoke directly in script for cleanup # purposes! -openssl ocsp -port $RPORTSELECTED -nmin 1 \ +openssl ocsp -port $port1 -nmin 1 \ -index certs/ocsp/index-intermediate1-ca-issued-certs.txt \ -rsigner certs/ocsp/intermediate1-ca-cert.pem \ -rkey certs/ocsp/intermediate1-ca-key.pem \ @@ -241,10 +240,10 @@ printf '%s\n\n' "------------- TEST CASE 1 SHOULD PASS ------------------------" ./examples/server/server -c certs/ocsp/server1-cert.pem \ -k certs/ocsp/server1-key.pem -R $ready_file2 \ -p $port2 & -wait_for_readyFile $ready_file2 -CLI_PORT=`cat $ready_file2` +wolf_pid2=$! +wait_for_readyFile $ready_file2 $wolf_pid2 $port2 ./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 \ - -p $CLI_PORT + -p $port2 RESULT=$? [ $RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection failed" && exit 1 printf '%s\n\n' "Test PASSED!" @@ -255,10 +254,10 @@ remove_single_rF $ready_file2 ./examples/server/server -c certs/ocsp/server2-cert.pem \ -k certs/ocsp/server2-key.pem -R $ready_file2 \ -p $port2 & -wait_for_readyFile $ready_file2 -CLI_PORT=`cat $ready_file2` +wolf_pid2=$! +wait_for_readyFile $ready_file2 $wolf_pid2 $port2 ./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 \ - -p $CLI_PORT + -p $port2 RESULT=$? [ $RESULT -ne 1 ] && printf '\n\n%s\n' "Client connection succeeded $RESULT" && exit 1 printf '%s\n\n' "Test successfully REVOKED!" diff --git a/scripts/ocsp-stapling.test b/scripts/ocsp-stapling.test index 4df14a53e..758959986 100755 --- a/scripts/ocsp-stapling.test +++ b/scripts/ocsp-stapling.test @@ -17,7 +17,7 @@ if [ $? -eq 0 ]; then fi -PARENTDIR=`pwd` +PARENTDIR="$PWD" # create a unique workspace directory ending in PID for the script instance ($$) # to make this instance orthogonal to any others running, even on same repo. @@ -118,7 +118,7 @@ create_new_cnf() { mv $test_cnf $CERT_DIR/$test_cnf cd $CERT_DIR - CURR_LOC=`pwd` + CURR_LOC="$PWD" printf '%s\n' "echo now in $CURR_LOC" ./renewcerts-for-test.sh $test_cnf cd $WORKSPACE @@ -162,8 +162,8 @@ if [ $? -eq 0 ]; then fi # check if supported key size is large enough to handle 4096 bit RSA -size=`./examples/client/client '-?' | grep "Max RSA key"` -size=`echo ${size//[^0-9]/}` +size="$(./examples/client/client '-?' | grep "Max RSA key")" +size="${size//[^0-9]/}" if [ ! -z "$size" ]; then printf 'check on max key size of %d ...' $size if [ $size -lt 4096 ]; then @@ -199,9 +199,8 @@ port3=$(get_first_free_port $((port2 + 1))) # test interop fail case -ready_file=`pwd`/wolf_ocsp_readyF$$ +ready_file=$PWD/wolf_ocsp_readyF$$ printf '%s\n' "ready file: $ready_file" -# bind to any (allows use with IPv6) ./examples/server/server -b -p $port1 -o -R $ready_file & wolf_pid=$! wait_for_readyFile $ready_file $wolf_pid $port1 @@ -210,8 +209,7 @@ if [ ! -f $ready_file ]; then exit 1 else # should fail if ocspstapling is also enabled - RPORTSELECTED=`cat $ready_file` - echo "hi" | openssl s_client -status -connect 127.0.0.1:${RPORTSELECTED} -cert ./certs/client-cert.pem -key ./certs/client-key.pem -CAfile ./certs/ocsp/root-ca-cert.pem + echo "hi" | openssl s_client -status -connect 127.0.0.1:$port1 -cert ./certs/client-cert.pem -key ./certs/client-key.pem -CAfile ./certs/ocsp/root-ca-cert.pem if [ $? -eq 0 ]; then printf '%s\n' "Succeeded when should have failed" remove_single_rF $ready_file @@ -234,11 +232,10 @@ if [ ! -f $ready_file ]; then printf '%s\n' "Failed to create ready file: \"$ready_file\"" exit 1 else - RPORTSELECTED=`cat $ready_file` - printf '%s\n' "Random port selected: $RPORTSELECTED" + printf '%s\n' "Random port selected: $port2" # Use client connection to shutdown the server cleanly - ./examples/client/client -p $RPORTSELECTED - create_new_cnf $RPORTSELECTED + ./examples/client/client -p $port2 + create_new_cnf $port2 fi sleep 0.1 @@ -266,7 +263,7 @@ fi # OLD: ./certs/ocsp/ocspd-intermediate1-ca-issued-certs.sh & # NEW: openssl isn't being cleaned up, invoke directly in script for cleanup # purposes! -openssl ocsp -port $RPORTSELECTED -nmin 1 \ +openssl ocsp -port $port2 -nmin 1 \ -index certs/ocsp/index-intermediate1-ca-issued-certs.txt \ -rsigner certs/ocsp/ocsp-responder-cert.pem \ -rkey certs/ocsp/ocsp-responder-key.pem \ @@ -282,9 +279,9 @@ printf '%s\n\n' "------------- TEST CASE 1 SHOULD PASS ------------------------" # client test against our own server - GOOD CERT ./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file2 \ -k certs/ocsp/server1-key.pem -p $port3 & -wait_for_readyFile $ready_file2 -CLI_PORT=`cat $ready_file2` -./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -p $CLI_PORT +wolf_pid3=$! +wait_for_readyFile $ready_file2 $wolf_pid3 $port3 +./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -p $port3 RESULT=$? [ $RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection 2 failed" && exit 1 printf '%s\n\n' "Test PASSED!" @@ -294,10 +291,10 @@ printf '%s\n\n' "------------- TEST CASE 2 SHOULD REVOKE ----------------------" remove_single_rF $ready_file2 ./examples/server/server -c certs/ocsp/server2-cert.pem -R $ready_file2 \ -k certs/ocsp/server2-key.pem -p $port3 & -wait_for_readyFile $ready_file2 +wolf_pid3=$! +wait_for_readyFile $ready_file2 $wolf_pid3 $port3 sleep 0.1 -CLI_PORT=`cat $ready_file2` -./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -p $CLI_PORT +./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -p $port3 RESULT=$? [ $RESULT -ne 1 ] && printf '\n\n%s\n' "Client connection succeeded $RESULT" \ && exit 1 @@ -312,10 +309,10 @@ if [ $? -ne 0 ]; then ./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file2 \ -k certs/ocsp/server1-key.pem -v 4 \ -p $port3 & - wait_for_readyFile $ready_file2 - CLI_PORT=`cat $ready_file2` + wolf_pid3=$! + wait_for_readyFile $ready_file2 $wolf_pid3 $port3 ./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -v 4 -F 1 \ - -p $CLI_PORT + -p $port3 RESULT=$? [ $RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection 3 failed" && exit 1 printf '%s\n\n' "Test PASSED!" @@ -326,10 +323,10 @@ if [ $? -ne 0 ]; then ./examples/server/server -c certs/ocsp/server2-cert.pem -R $ready_file2 \ -k certs/ocsp/server2-key.pem -v 4 \ -p $port3 & - wait_for_readyFile $ready_file2 - CLI_PORT=`cat $ready_file2` + wolf_pid3=$! + wait_for_readyFile $ready_file2 $wolf_pid3 $port3 ./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1 -v 4 -F 1 \ - -p $CLI_PORT + -p $port3 RESULT=$? [ $RESULT -ne 1 ] && \ printf '\n\n%s\n' "Client connection succeeded $RESULT" \ diff --git a/scripts/ocsp-stapling2.test b/scripts/ocsp-stapling2.test index a52975cd9..80c344cbb 100755 --- a/scripts/ocsp-stapling2.test +++ b/scripts/ocsp-stapling2.test @@ -330,10 +330,9 @@ printf '%s\n\n' "TEST CASE 2 DISABLED PENDING REVIEW" #./examples/server/server -c certs/ocsp/server3-cert.pem \ # -k certs/ocsp/server3-key.pem -R $ready_file5 \ # -p $port5 & -#wait_for_readyFile $ready_file5 -#CLI_PORT=`cat $ready_file5` +#wait_for_readyFile $ready_file5 $server_pid5 $port5 #./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 3 -v 3 \ -# -p $CLI_PORT +# -p $port5 #RESULT=$? #[ $RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection 2 failed" && exit 1 #printf '%s\n\n' "Test PASSED!" diff --git a/scripts/pkcallbacks.test b/scripts/pkcallbacks.test index 82aaef1e4..a614741e6 100755 --- a/scripts/pkcallbacks.test +++ b/scripts/pkcallbacks.test @@ -95,6 +95,9 @@ run_test() { exit 1 fi + # sleep for an additional 0.1 to mitigate race on write/read of $ready_file: + sleep 0.1 + # get created port 0 ephemeral port pk_port=`cat $ready_file` diff --git a/scripts/psk.test b/scripts/psk.test index cef3beba2..e0dc81708 100755 --- a/scripts/psk.test +++ b/scripts/psk.test @@ -37,6 +37,9 @@ create_port() { if test -e $ready_file; then echo -e "found ready file, starting client..." + # sleep for an additional 0.1 to mitigate race on write/read of $ready_file: + sleep 0.1 + # get created port 0 ephemeral port port=`cat $ready_file` else diff --git a/scripts/resume.test b/scripts/resume.test index 7d02339c6..a523c5168 100755 --- a/scripts/resume.test +++ b/scripts/resume.test @@ -86,6 +86,9 @@ do_test() { exit 1 fi + # sleep for an additional 0.1 to mitigate race on write/read of $ready_file: + sleep 0.1 + # get created port 0 ephemeral port resume_port=`cat $ready_file` diff --git a/scripts/tls13.test b/scripts/tls13.test index e393e68aa..9c861b51f 100755 --- a/scripts/tls13.test +++ b/scripts/tls13.test @@ -45,6 +45,9 @@ create_port() { if [ -e $ready_file ]; then echo -e "found ready file, starting client..." + # sleep for an additional 0.1 to mitigate race on write/read of $ready_file: + sleep 0.1 + # get created port 0 ephemeral port port=`cat $ready_file` else diff --git a/scripts/trusted_peer.test b/scripts/trusted_peer.test index f6e4b3e0b..82e61ef8c 100755 --- a/scripts/trusted_peer.test +++ b/scripts/trusted_peer.test @@ -48,6 +48,9 @@ create_port() { if test -e $ready_file; then echo -e "found ready file, starting client..." + # sleep for an additional 0.1 to mitigate race on write/read of $ready_file: + sleep 0.1 + # get created port 0 ephemeral port port=`cat $ready_file` else