116 lines
3.1 KiB
Diff
116 lines
3.1 KiB
Diff
|
From 4fb6cdf626ee35623400ca557198cecb4efd4e88 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Alexander Sosedkin <asosedkin@redhat.com>
|
||
|
|
Date: Mon, 18 Jan 2021 17:43:53 +0100
|
||
|
|
Subject: [PATCH] tests/nss.pl: rewrite in Python
|
||
|
|
|
||
|
|
---
|
||
|
|
Makefile | 2 +-
|
||
|
|
tests/nss.pl | 41 -----------------------------------------
|
||
|
|
tests/nss.py | 33 +++++++++++++++++++++++++++++++++
|
||
|
|
3 files changed, 34 insertions(+), 42 deletions(-)
|
||
|
|
delete mode 100755 tests/nss.pl
|
||
|
|
create mode 100755 tests/nss.py
|
||
|
|
|
||
|
|
diff --git a/Makefile b/Makefile
|
||
|
|
index 2699ac6..a50408e 100644
|
||
|
|
--- a/Makefile
|
||
|
|
+++ b/Makefile
|
||
|
|
@@ -43,7 +43,7 @@ check:
|
||
|
|
python/build-crypto-policies.py --policy FIPS:ECDHE-ONLY --test --flat policies tests/outputs
|
||
|
|
tests/openssl.pl
|
||
|
|
tests/gnutls.pl
|
||
|
|
- tests/nss.pl
|
||
|
|
+ tests/nss.py
|
||
|
|
tests/java.pl
|
||
|
|
tests/krb5.py
|
||
|
|
top_srcdir=. tests/update-crypto-policies.sh
|
||
|
|
diff --git a/tests/nss.pl b/tests/nss.pl
|
||
|
|
deleted file mode 100755
|
||
|
|
index e021ffd..0000000
|
||
|
|
--- a/tests/nss.pl
|
||
|
|
+++ /dev/null
|
||
|
|
@@ -1,41 +0,0 @@
|
||
|
|
-#!/usr/bin/perl
|
||
|
|
-
|
||
|
|
-my $RESULTFILE="result-nss.tmp";
|
||
|
|
-
|
||
|
|
-use File::Which qw(which);
|
||
|
|
-
|
||
|
|
-print "Checking the NSS configuration\n";
|
||
|
|
-
|
||
|
|
-my $dir = 'tests/outputs';
|
||
|
|
-
|
||
|
|
-opendir(DIR, $dir) or die $!;
|
||
|
|
-
|
||
|
|
-my @nsspolicies
|
||
|
|
- = grep {
|
||
|
|
- /-nss/ # has -nss in name
|
||
|
|
- && -f "$dir/$_" # and is a file
|
||
|
|
- } readdir(DIR);
|
||
|
|
-
|
||
|
|
-foreach my $policyfile (@nsspolicies) {
|
||
|
|
- my $policy = $policyfile;
|
||
|
|
- $policy =~ s/-[^-]+$//;
|
||
|
|
-
|
||
|
|
- print "Checking policy $policy\n";
|
||
|
|
- my $tool = which "nss-policy-check";
|
||
|
|
-
|
||
|
|
- if ($policy ne 'EMPTY' and $tool ne undef) {
|
||
|
|
-
|
||
|
|
- system("nss-policy-check $dir/$policyfile >$RESULTFILE 2>&1") ;
|
||
|
|
- if ($? != 0) {
|
||
|
|
- print "Error in NSS policy for $policy\n";
|
||
|
|
- print STDERR "NSS policy for $policy:\n";
|
||
|
|
- system("cat $dir/$policyfile 1>&2");
|
||
|
|
- print STDERR "\nnss-policy-check error:\n";
|
||
|
|
- system("cat $RESULTFILE 1>&2");
|
||
|
|
- exit 1;
|
||
|
|
- }
|
||
|
|
- unlink($RESULTFILE);
|
||
|
|
- }
|
||
|
|
-}
|
||
|
|
-
|
||
|
|
-exit 0;
|
||
|
|
diff --git a/tests/nss.py b/tests/nss.py
|
||
|
|
new file mode 100755
|
||
|
|
index 0000000..4d2cee1
|
||
|
|
--- /dev/null
|
||
|
|
+++ b/tests/nss.py
|
||
|
|
@@ -0,0 +1,33 @@
|
||
|
|
+#!/usr/bin/python3
|
||
|
|
+
|
||
|
|
+import glob
|
||
|
|
+import os
|
||
|
|
+import shutil
|
||
|
|
+import subprocess
|
||
|
|
+import sys
|
||
|
|
+
|
||
|
|
+
|
||
|
|
+if shutil.which('nss-policy-check') is None:
|
||
|
|
+ print('nss-policy-check not found, skipping check', file=sys.stderr)
|
||
|
|
+ sys.exit(0)
|
||
|
|
+
|
||
|
|
+
|
||
|
|
+print('Checking the NSS configuration')
|
||
|
|
+
|
||
|
|
+for policy_path in glob.glob('tests/outputs/*-nss.txt'):
|
||
|
|
+ policy = os.path.basename(policy_path)[:-len('-nss.txt')]
|
||
|
|
+ print(f'Checking policy {policy}')
|
||
|
|
+ if policy not in ('EMPTY', 'GOST-ONLY'):
|
||
|
|
+ p = subprocess.Popen(['nss-policy-check', policy_path],
|
||
|
|
+ stdout=subprocess.PIPE,
|
||
|
|
+ stderr=subprocess.STDOUT)
|
||
|
|
+ output, _ = p.communicate()
|
||
|
|
+ if p.wait():
|
||
|
|
+ print(f'Error in NSS policy for {policy}')
|
||
|
|
+ print(f'NSS policy for {policy}:', file=sys.stderr)
|
||
|
|
+ with open(policy_path) as policy_file:
|
||
|
|
+ shutil.copyfileobj(policy_file, sys.stderr)
|
||
|
|
+ sys.stderr.write('\n')
|
||
|
|
+ print('nss-policy-check error:', file=sys.stderr)
|
||
|
|
+ print(output.decode(), file=sys.stderr)
|
||
|
|
+ sys.exit(1)
|
||
|
|
--
|
||
|
|
1.8.3.1
|
||
|
|
|