Index: trunk/Makefile.in =================================================================== --- trunk/Makefile.in (revision 18) +++ trunk/Makefile.in (revision 19) @@ -307,5 +307,5 @@ CLEANFILES = encode config_xor.h depend-gen sh_ks.h sh_ks_xor.h kern_head \ - internal.h sh_MK.h trustfile sstrip samhain mkhdr encode \ + internal.h sh_MK.h trustfile sstrip samhain mkhdr encode cutest \ yule samhain_setpwd samhain_stealth samhainrc yulectl samhain_hide.ko Index: trunk/configure.ac =================================================================== --- trunk/configure.ac (revision 18) +++ trunk/configure.ac (revision 19) @@ -617,15 +617,25 @@ [ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]], [ - if test "x${enable_message_queue}" = xyes; then + if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then + if test "x${enable_message_queue}" = xyes; then + AC_DEFINE(WITH_MESSAGE_QUEUE) + AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700) + elif test "x${enable_message_queue}" != xno; then + echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 && + AC_MSG_ERROR([--enable-message-queue: MODE must be numeric]) + echo "${enableval}" | \ + grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 || + AC_MSG_ERROR([--enable-message-queue: MODE must be an octal (0nnn) number]) AC_DEFINE(WITH_MESSAGE_QUEUE) - AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700) - elif test "x${enable_message_queue}" != xno; then - echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 && - AC_MSG_ERROR([--enable-message-queue: MODE must be numeric]) - echo "${enableval}" | \ - grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 || - AC_MSG_ERROR([--enable-message-queue: MODE must be an octal (0nnn) number]) - AC_DEFINE(WITH_MESSAGE_QUEUE) - AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue}) + AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue}) + fi + else + echo + echo "**********************************************" + echo + AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled]) + echo + echo "**********************************************" + echo fi ] @@ -871,5 +881,5 @@ AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no) if test "$HAVE_MYSQL_CONFIG" = "yes"; then - echo "mysql_config found" + # echo "mysql_config found" sh_mysql_libs="`mysql_config --libs`" # echo ${sh_mysql_libs} @@ -880,5 +890,5 @@ # echo $LIBS LIBS="$LIBS ${sh_mysql_libs}" - echo $LIBS + # echo $LIBS sh_mysql_cflags="`mysql_config --cflags`" sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`" Index: trunk/docs/FAQ.html =================================================================== --- trunk/docs/FAQ.html (revision 18) +++ trunk/docs/FAQ.html (revision 19) @@ -129,5 +129,5 @@

Rainer Wichmann

-

FAQ Revised: Saturday 17 September 2005 09:10:07

+

FAQ Revised: Tuesday 31 January 2006 21:28:35

Table of Contents

@@ -149,4 +149,5 @@
  • 2.7. --enable-xml-log has no effect
  • 2.8. ./install-sh: strip: not found (Solaris)
    • +
  • 2.9. What is sh_tiger1.s?
    • 3. File checking
    @@ -208,4 +209,5 @@
  • 7.3. I don't want the client TIMESTAMP messages in the SQL database
  • 7.4. What does the log_ref field mean ?
    • +
  • 7.5. How can I check what is in the database ?
    • @@ -373,4 +375,20 @@
    2.8. ./install-sh: strip: not found (Solaris)
    Install the SUNWbtool package.

    +
    2.9. What is sh_tiger1.s?
    +
    This is a precompiled assembly file for the i386 architecture +generated from sh_tiger1.c using gcc 3.4.0 with the following options, +that were found to generate the fastest code: +
    + -O1 -fno-delayed-branch -fexpensive-optimizations -fstrength-reduce 
+     -fpeephole2 -fschedule-insns2 -fregmove -frename-registers -fweb 
+     -momit-leaf-frame-pointer -funroll-loops
+
    +These options were determined using +acovea 5.1.1 +by Scott Robert Ladd. The file is provided as precompiled assembly +because different versions of gcc can have very different performance, +require different options to compile optimal code, and +it would be impossible to maintain a library of optimal compile options +for every version of gcc.

    3. File checking

    @@ -743,5 +761,5 @@ 2.) In your client or server configuration file, you are using - the option for a custum message header, but without paying attention + the option for a custom message header, but without paying attention to preserving the XML format.

    @@ -793,4 +811,13 @@ number of the corresponding client message). Zero indicates a message by the server itself (e.g. the server's start message).

    +
    7.5. How can I check what is in the database ?
    +
    Use a command line client to login to the database and query it: +
    +     sh$ mysql -u <user_name> -p <database_name>
+     Enter password: ****
+     mysql> SELECT log_index,log_ref,log_host,log_sev,log_msg,path FROM <table_name> WHERE entry_status = 'NEW' ORDER BY log_index;
+     ....
+     mysql> \q 
+


    Index: trunk/include/samhain.h =================================================================== --- trunk/include/samhain.h (revision 18) +++ trunk/include/samhain.h (revision 19) @@ -292,5 +292,5 @@ if ((skey != NULL) && skey->mlock_failed == SL_FALSE){ \ (void) sl_set_suid(); \ - if (sh_unix_mlock( a, b) < 0) skey->mlock_failed = SL_TRUE; \ + if (sh_unix_mlock(FIL__, __LINE__, a, b) < 0) skey->mlock_failed = SL_TRUE; \ (void) sl_unset_suid(); } #else Index: trunk/include/sh_tiger.h =================================================================== --- trunk/include/sh_tiger.h (revision 18) +++ trunk/include/sh_tiger.h (revision 19) @@ -18,5 +18,5 @@ */ /*@owned@*/ char * sh_tiger_hash (char * filename, TigerType what, - unsigned long Length); + UINT64 Length); /* NEW Thu Oct 18 19:59:08 CEST 2001 @@ -24,9 +24,9 @@ int sh_tiger_hashtype (char * c); char * sh_tiger_generic_hash (char * filename, TigerType what, - unsigned long Length, int timeout); + UINT64 Length, int timeout); UINT32 * sh_tiger_hash_uint32 (char * filename, TigerType what, - unsigned long Length); + UINT64 Length); /* get the type of hash function used @@ -38,4 +38,4 @@ */ /*@owned@*/ char * sh_tiger_hash_gpg (char * filename, TigerType what, - unsigned long Length); + UINT64 Length); #endif Index: trunk/include/sh_unix.h =================================================================== --- trunk/include/sh_unix.h (revision 18) +++ trunk/include/sh_unix.h (revision 19) @@ -79,4 +79,8 @@ /* device num */ #define MODI_RDEV (1 << 11) +/* size may grow */ +#define MODI_SGROW (1 << 12) +/* use prelink */ +#define MODI_PREL (1 << 13) #define MASK_ALLIGNORE_ 0 @@ -86,5 +90,5 @@ #define MASK_LOGFILES_ (MASK_ATTRIBUTES_|MODI_HLN|MODI_LNK|MODI_INO) extern unsigned long mask_LOGFILES; -#define MASK_LOGGROW_ (MASK_LOGFILES_|MODI_SIZ) +#define MASK_LOGGROW_ (MASK_LOGFILES_|MODI_SIZ|MODI_SGROW|MODI_CHK) extern unsigned long mask_LOGGROW; #define MASK_READONLY_ (MASK_LOGFILES_|MODI_CHK|MODI_SIZ|MODI_MTM|MODI_CTM) @@ -95,7 +99,7 @@ extern unsigned long mask_USER0; extern unsigned long mask_USER1; -/* like READONLY, but without MTM,CTM,SIZ,INO) - */ -#define MASK_PRELINK_ (MASK_ATTRIBUTES_|MODI_HLN|MODI_LNK|MODI_CHK) +/* like READONLY, but without MTM,CTM,SIZ,INO, abd with PREL) + */ +#define MASK_PRELINK_ (MASK_ATTRIBUTES_|MODI_HLN|MODI_LNK|MODI_CHK|MODI_PREL) extern unsigned long mask_PRELINK; @@ -134,5 +138,5 @@ /* mlock utilities */ -int sh_unix_mlock(void * addr, size_t len); +int sh_unix_mlock(char * file, int line, void * addr, size_t len); int sh_unix_munlock(void * addr, size_t len); int sh_unix_count_mlock(); Index: trunk/src/cutest_sh_tiger0.c =================================================================== --- trunk/src/cutest_sh_tiger0.c (revision 18) +++ trunk/src/cutest_sh_tiger0.c (revision 19) @@ -233,4 +233,148 @@ CuAssertTrue(tc, result == 0); - } + +/* test checksum of file upto some given length + */ +void Test_tiger_file_with_length(CuTest *tc) { + + SL_TICKET rval_open; + FILE * fp; + int result; + char * actual; + char * expected; + + char * teststring = "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge, 1996.\n"; + int testlen = strlen(teststring); + + init(); + + fp = fopen("cutest_foo", "w"); + CuAssertPtrNotNull(tc, fp); + + result = fprintf(fp, "%s", teststring); + CuAssertTrue(tc, result >= 0); + result = fprintf(fp, "%s", teststring); + CuAssertTrue(tc, result >= 0); + + result = fclose(fp); + CuAssertTrue(tc, result == 0); + + result = sh_tiger_hashtype("TIGER192"); + CuAssertTrue(tc, result == 0); + + /* same as GnuPG 1.0.6 (gpg --load-extension tiger --print-md TIGER192) + */ + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, testlen, 0); + expected = "75B98A7AE257A230189828A40792E30B4038D286479CC7B8"; + CuAssertStrEquals(tc, expected, actual); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 2*testlen, 0); + expected = "B5B4FB97B01ADB58794D87A6A01B2368852FA764BD93AB90"; + CuAssertStrEquals(tc, expected, actual); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 0, 0); + expected = "B5B4FB97B01ADB58794D87A6A01B2368852FA764BD93AB90"; + CuAssertStrEquals(tc, expected, actual); + + fp = fopen("cutest_foo", "a"); + CuAssertPtrNotNull(tc, fp); + result = fprintf(fp, "%s", teststring); + CuAssertTrue(tc, result >= 0); + result = fclose(fp); + CuAssertTrue(tc, result == 0); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, testlen, 0); + expected = "75B98A7AE257A230189828A40792E30B4038D286479CC7B8"; + CuAssertStrEquals(tc, expected, actual); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 2*testlen, 0); + expected = "B5B4FB97B01ADB58794D87A6A01B2368852FA764BD93AB90"; + CuAssertStrEquals(tc, expected, actual); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 3*testlen, 0); + expected = "D0EE1A9956CAB22D84B51A5E0C093B724828C6A1F9CBDB7F"; + CuAssertStrEquals(tc, expected, actual); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 0, 0); + expected = "D0EE1A9956CAB22D84B51A5E0C093B724828C6A1F9CBDB7F"; + CuAssertStrEquals(tc, expected, actual); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 5, 0); + expected = "9F00F599072300DD276ABB38C8EB6DEC37790C116F9D2BDF"; + CuAssertStrEquals(tc, expected, actual); + + /* same results as GNU md5sum */ + + result = sh_tiger_hashtype("MD5"); + CuAssertTrue(tc, result == 0); + + rval_open = sl_open_fastread ("cutest_foo", SL_YESPRIV); + CuAssertTrue(tc, rval_open >= 0); + tiger_fd = rval_open; + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, testlen, 0); + expected = "11E7E7EA486136273606BEE57C71F34B0000000000000000"; + CuAssertStrEquals(tc, expected, actual); + + result = sl_rewind(rval_open); + CuAssertTrue(tc, rval_open >= 0); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, 2*testlen, 0); + expected = "D49DAD474095D467E2E5EFCB2DC23A770000000000000000"; + CuAssertStrEquals(tc, expected, actual); + + result = sl_rewind(rval_open); + CuAssertTrue(tc, rval_open >= 0); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, 3*testlen, 0); + expected = "00A1F1C5EDDCCFC430D3862FDA94593E0000000000000000"; + CuAssertStrEquals(tc, expected, actual); + + result = sl_rewind(rval_open); + CuAssertTrue(tc, rval_open >= 0); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, 0, 0); + expected = "00A1F1C5EDDCCFC430D3862FDA94593E0000000000000000"; + CuAssertStrEquals(tc, expected, actual); + + /* same result as gpg --print-md SHA1 + */ + + result = sh_tiger_hashtype("SHA1"); + CuAssertTrue(tc, result == 0); + + result = sl_rewind(rval_open); + CuAssertTrue(tc, rval_open >= 0); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, testlen, 0); + expected = "F37DB4344CCD140EE315179E9A27512FB4704F0F00000000"; + CuAssertStrEquals(tc, expected, actual); + + result = sl_rewind(rval_open); + CuAssertTrue(tc, rval_open >= 0); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, 2*testlen, 0); + expected = "D2AD5FC366452D81400BAC31F96269DEEF314BC200000000"; + CuAssertStrEquals(tc, expected, actual); + + result = sl_rewind(rval_open); + CuAssertTrue(tc, rval_open >= 0); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, 3*testlen, 0); + expected = "FAA937EF3389C7E786EB0F1006D049D7AEA7B7B600000000"; + CuAssertStrEquals(tc, expected, actual); + + result = sl_rewind(rval_open); + CuAssertTrue(tc, rval_open >= 0); + + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, 0, 0); + expected = "FAA937EF3389C7E786EB0F1006D049D7AEA7B7B600000000"; + CuAssertStrEquals(tc, expected, actual); + + result = sl_close(rval_open); + CuAssertTrue(tc, result == 0); + + result = remove("cutest_foo"); + CuAssertTrue(tc, result == 0); +} Index: trunk/src/cutest_sh_tools.c =================================================================== --- trunk/src/cutest_sh_tools.c (revision 18) +++ trunk/src/cutest_sh_tools.c (revision 19) @@ -4,4 +4,5 @@ #include #include "CuTest.h" +#include "samhain.h" #include "sh_tools.h" Index: trunk/src/make-tests.sh =================================================================== --- trunk/src/make-tests.sh (revision 18) +++ trunk/src/make-tests.sh (revision 19) @@ -6,4 +6,9 @@ # Author: Asim Jalis # Date: 01/08/2003 + +# Modified to return non-zero if any test has failed +# Rainer Wichmann, 29. Jan 2006 +# ...and to print to stderr if any test has failed +# Rainer Wichmann, 31. Jan 2006 if test $# -eq 0 ; then FILES=*.c ; else FILES=$* ; fi @@ -26,5 +31,5 @@ ' -void RunAllTests(void) +int RunAllTests(void) { CuString *output = CuStringNew(); @@ -43,11 +48,16 @@ CuSuiteSummary(suite, output); CuSuiteDetails(suite, output); - printf("%s\n", output->buffer); + if (suite->failCount > 0) + fprintf(stderr, "%s\n", output->buffer); + else + fprintf(stdout, "%s\n", output->buffer); + return suite->failCount; } int main(void) { - RunAllTests(); - return 0; + int retval; + retval = RunAllTests(); + return (retval == 0) ? 0 : 1; } ' Index: trunk/src/samhain.c =================================================================== --- trunk/src/samhain.c (revision 18) +++ trunk/src/samhain.c (revision 19) @@ -1752,5 +1752,5 @@ } - if (sig_suspend_switch == 1) /* SIGUSR2 */ + if (sig_suspend_switch > 0) /* SIGUSR2 */ { TPT((0, FIL__, __LINE__, _("msg=\n"))); @@ -1762,5 +1762,5 @@ sh_global_suspend_flag = 1; } - sig_suspend_switch = 0; + --sig_suspend_switch; --sig_raised; --sig_urgent; } Index: trunk/src/sh_err_log.c =================================================================== --- trunk/src/sh_err_log.c (revision 18) +++ trunk/src/sh_err_log.c (revision 19) @@ -755,5 +755,5 @@ if (skey->mlock_failed == SL_FALSE) { - if ( (-1) == sh_unix_mlock( log_msg.msg, + if ( (-1) == sh_unix_mlock( FIL__, __LINE__, log_msg.msg, (size_t)(2*KEY_LEN + status + 32) ) ) { Index: trunk/src/sh_files.c =================================================================== --- trunk/src/sh_files.c (revision 18) +++ trunk/src/sh_files.c (revision 19) @@ -590,4 +590,10 @@ if (0 == strncmp(myword, _("HLN"), 3)) sh_files_set_mask (mask, MODI_HLN, act); +/* size may grow */ + if (0 == strncmp(myword, _("GROW"), 3)) + sh_files_set_mask (mask, MODI_SGROW, act); +/* use prelink */ + if (0 == strncmp(myword, _("PRE"), 3)) + sh_files_set_mask (mask, MODI_PREL, act); } @@ -1010,5 +1016,6 @@ ++dcount; } - ptr->checked = S_TRUE; + ptr->checked = S_TRUE; + ptr->childs_checked = S_TRUE; } @@ -1425,4 +1432,5 @@ dirstack_t * dst_ptr; + dirstack_t * tmp_ptr; int hardlink_num = 0; @@ -1645,5 +1653,6 @@ file_class_next = dst_ptr->class; checked_flag = dst_ptr->checked; - cchecked_flag = dst_ptr->childs_checked; + /* not set, hence always FALSE */ + /* cchecked_flag = dst_ptr->childs_checked; */ } @@ -1708,34 +1717,34 @@ cchecked_flag = -1; - dst_ptr = (dirstack_t *) zAVLSearch(zdirListOne, tmpcat); - - if (dst_ptr) + tmp_ptr = (dirstack_t *) zAVLSearch(zdirListOne, tmpcat); + + if (tmp_ptr) { TPT((0, FIL__, __LINE__, _("msg=<%s -> recursion depth %d\n>"), - dst_ptr->name, dst_ptr->rdepth)); - rdepth_next = dst_ptr->rdepth; - class_next = dst_ptr->class; + tmp_ptr->name, tmp_ptr->rdepth)); + rdepth_next = tmp_ptr->rdepth; + class_next = tmp_ptr->class; /* 28. Aug 2001 reversed */ - cchecked_flag = dst_ptr->childs_checked; - checked_flag = dst_ptr->checked; + cchecked_flag = tmp_ptr->childs_checked; + checked_flag = tmp_ptr->checked; } if (checked_flag == -1) { - dst_ptr = (dirstack_t *) zAVLSearch(zdirListTwo, tmpcat); - - if (dst_ptr) + tmp_ptr = (dirstack_t *) zAVLSearch(zdirListTwo, tmpcat); + + if (tmp_ptr) { TPT((0, FIL__, __LINE__, _("msg=<%s -> recursion depth %d\n>"), - dst_ptr->name, dst_ptr->rdepth)); - rdepth_next = dst_ptr->rdepth; - class_next = dst_ptr->class; + tmp_ptr->name, tmp_ptr->rdepth)); + rdepth_next = tmp_ptr->rdepth; + class_next = tmp_ptr->class; /* 28. Aug 2001 reversed */ - cchecked_flag = dst_ptr->childs_checked; - checked_flag = dst_ptr->checked; + cchecked_flag = tmp_ptr->childs_checked; + checked_flag = tmp_ptr->checked; } } @@ -1745,5 +1754,9 @@ sh_files_checkdir (class_next, rdepth_next, tmpcat, dirlist->sh_d_name); - dst_ptr->childs_checked = S_TRUE; + tmp_ptr->childs_checked = S_TRUE; + /* + * 04. Feb 2006 avoid double checking + */ + tmp_ptr->checked = S_TRUE; } else if (checked_flag == -1) @@ -1768,4 +1781,7 @@ dirlist = dirlist->next; + + if (dst_ptr) + dst_ptr->childs_checked = S_TRUE; } while (dirlist != NULL); @@ -1820,5 +1836,5 @@ */ char fullpath[PATH_MAX]; - char fileHash[KEY_LEN + 1]; + char fileHash[2*(KEY_LEN + 1)]; int status; file_type theFile; Index: trunk/src/sh_forward.c =================================================================== --- trunk/src/sh_forward.c (revision 18) +++ trunk/src/sh_forward.c (revision 19) @@ -4995,5 +4995,5 @@ } - if (sig_suspend_switch == 1) /* SIGUSR2 */ + if (sig_suspend_switch > 0) /* SIGUSR2 */ { TPT((0, FIL__, __LINE__, _("msg=\n"))); @@ -5005,5 +5005,5 @@ sh_global_suspend_flag = 1; } - sig_suspend_switch = 0; + --sig_suspend_switch; --sig_raised; --sig_urgent; } @@ -5171,4 +5171,16 @@ tcurrent = (unsigned long) time (NULL); + /* check for time limit exceeded + */ + if ((tcurrent - tchkold) > (unsigned int) 3 ) + { + tchkold = tcurrent; + client_time_check(/* all_clients */); + } + + /* seed / re-seed the PRNG if required + */ + (void) taus_seed(); + /* select() timeout handling. */ @@ -5246,18 +5258,5 @@ } } - - /* check for time limit exceeded - */ - if ((tcurrent - tchkold) > (unsigned int) 3 ) - { - tchkold = tcurrent; - client_time_check(/* all_clients */); - } - tcurrent = tcurrent; - - /* seed / re-seed the PRNG if required - */ - (void) taus_seed(); - + /* continue */ } /* notreached */ Index: trunk/src/sh_hash.c =================================================================== --- trunk/src/sh_hash.c (revision 18) +++ trunk/src/sh_hash.c (revision 19) @@ -2485,10 +2485,28 @@ if ( (fileHash != NULL) && (p->theFile.checksum != NULL) && - (strncmp (fileHash, p->theFile.checksum, 50) != 0) && + (strncmp (fileHash, p->theFile.checksum, KEY_LEN) != 0) && (theFile->check_mask & MODI_CHK) != 0) { - modi_mask |= MODI_CHK; - change_code[0] = 'C'; - TPT ((0, FIL__, __LINE__, _("mod="))); + if ((theFile->check_mask & MODI_SGROW) == 0) + { + modi_mask |= MODI_CHK; + change_code[0] = 'C'; + TPT ((0, FIL__, __LINE__, _("mod="))); + } + else + { + if (0 != strncmp (&fileHash[KEY_LEN + 1], + p->theFile.checksum, KEY_LEN)) + { + modi_mask |= MODI_CHK; + change_code[0] = 'C'; + TPT ((0, FIL__, __LINE__, _("mod="))); + } + else + { + p->theFile.size = theFile->size; + sl_strlcpy(p->theFile.checksum, fileHash, KEY_LEN+1); + } + } } @@ -2621,16 +2639,11 @@ (theFile->check_mask & MODI_SIZ) != 0) { - if (class == SH_LEVEL_LOGGROW && theFile->size < (off_t) p->theFile.size) + if ((theFile->check_mask & MODI_SGROW) == 0 || + theFile->size < (off_t) p->theFile.size) { modi_mask |= MODI_SIZ; change_code[9] = 'S'; TPT ((0, FIL__, __LINE__, _("mod="))); - } - else if (class != SH_LEVEL_LOGGROW) - { - modi_mask |= MODI_SIZ; - change_code[9] = 'S'; - TPT ((0, FIL__, __LINE__, _("mod="))); - } + } } change_code[10] = '\0'; Index: trunk/src/sh_suidchk.c =================================================================== --- trunk/src/sh_suidchk.c (revision 18) +++ trunk/src/sh_suidchk.c (revision 19) @@ -417,5 +417,5 @@ file_type theFile; - char fileHash[KEY_LEN + 1]; + char fileHash[2*(KEY_LEN + 1)]; SL_ENTER(_("sh_suidchk_check_internal")); Index: trunk/src/sh_tiger0.c =================================================================== --- trunk/src/sh_tiger0.c (revision 18) +++ trunk/src/sh_tiger0.c (revision 19) @@ -104,9 +104,9 @@ static word64 * sh_tiger_hash_val (char * filename, TigerType what, - unsigned long Length, int timeout) + UINT64 Length, int timeout) #else static sh_word32 * sh_tiger_hash_val (char * filename, TigerType what, - unsigned long Length, int timeout) + UINT64 Length, int timeout) #endif { @@ -117,5 +117,6 @@ char * tmp; sh_byte * bptr; - sh_byte bbuf[64]; + sh_byte bbuf[64]; + UINT64 bcount = 0; static int lockflag = SL_FALSE; @@ -178,15 +179,17 @@ #if defined(HAVE_MLOCK) && !defined(HAVE_BROKEN_MLOCK) - if (lockflag == SL_FALSE && skey->mlock_failed == SL_FALSE) + if ((lockflag == SL_FALSE) && (skey->mlock_failed == SL_FALSE)) { - if ( (-1) == sh_unix_mlock((char *)buffer,(PRIV_MAX)*sizeof(sh_byte))) + lockflag = SL_TRUE; + if ( (-1) == sh_unix_mlock(FIL__, __LINE__, + (char *)buffer, + (PRIV_MAX)*sizeof(sh_byte))) skey->mlock_failed = SL_TRUE; - lockflag = SL_TRUE; } #else if (lockflag == SL_FALSE && skey->mlock_failed == SL_FALSE) { + lockflag = SL_TRUE; skey->mlock_failed = SL_TRUE; - lockflag = SL_TRUE; } #endif @@ -229,4 +232,12 @@ SL_RETURN( NULL, _("sh_tiger_hash_val")); + } + + if (Length > 0) + { + bcount += count; + if (bcount > Length) + count = count - (bcount - Length); + count = (count < 0) ? 0 : count; } @@ -382,5 +393,5 @@ if (what == TIGER_DATA && filename != NULL) { - tiger(TIGER_CAST filename, (sh_word32) Length, res); + tiger(TIGER_CAST filename, (sh_word32) Length, res); SL_RETURN(res, _("sh_tiger_hash_val")); } @@ -692,5 +703,6 @@ resulting message digest number will be written into the 16 bytes beginning at RESBLOCK. */ -static int md5_stream(char * filename, void *resblock, int timeout) +static int md5_stream(char * filename, void *resblock, + UINT64 Length, int timeout) { /* Important: BLOCKSIZE must be a multiple of 64. */ @@ -702,4 +714,5 @@ char * tmp; uid_t euid; + UINT64 bcount = 0; unsigned long pages_read; @@ -762,4 +775,12 @@ } + if (Length > 0) + { + bcount += n; + if (bcount > Length) + n = n - (bcount - Length); + n = (n < 0) ? 0 : n; + } + sum += n; } @@ -807,7 +828,7 @@ static char * sh_tiger_md5_hash (char * filename, TigerType what, - unsigned long Length, int timeout) -{ - int cnt = (int) Length; + UINT64 Length, int timeout) +{ + int cnt; static char out[KEY_LEN+1]; unsigned char md5buffer[16]; @@ -822,5 +843,5 @@ } - (void) md5_stream (filename, md5buffer, timeout); + (void) md5_stream (filename, md5buffer, Length, timeout); /*@-bufferoverflowhigh -usedef@*/ @@ -1202,5 +1223,6 @@ resulting message digest number will be written into the 16 bytes beginning at RESBLOCK. */ -static int sha1_stream(char * filename, void *resblock, int timeout) +static int sha1_stream(char * filename, void *resblock, + UINT64 Length, int timeout) { /* Important: BLOCKSIZE must be a multiple of 64. */ @@ -1212,4 +1234,5 @@ char * tmp; uid_t euid; + UINT64 bcount = 0; unsigned long pages_read; @@ -1275,4 +1298,12 @@ } + if (Length > 0) + { + bcount += n; + if (bcount > Length) + n = n - (bcount - Length); + n = (n < 0) ? 0 : n; + } + sum += n; } @@ -1322,5 +1353,5 @@ static char * sh_tiger_sha1_hash (char * filename, TigerType what, - unsigned long Length, int timeout) + UINT64 Length, int timeout) { int cnt = (int) Length; /* fix compiler warning */ @@ -1337,5 +1368,5 @@ } - (void) sha1_stream (filename, sha1buffer, timeout); + (void) sha1_stream (filename, sha1buffer, Length, timeout); /*@-bufferoverflowhigh -usedef@*/ @@ -1388,8 +1419,8 @@ static char * sh_tiger_hash_internal (char * filename, TigerType what, - unsigned long Length, int timeout); + UINT64 Length, int timeout); char * sh_tiger_hash (char * filename, TigerType what, - unsigned long Length) + UINT64 Length) { return sh_tiger_hash_internal (filename, what, Length, 0); @@ -1397,5 +1428,5 @@ char * sh_tiger_generic_hash (char * filename, TigerType what, - unsigned long Length, int timeout) + UINT64 Length, int timeout) { #ifdef USE_SHA1 @@ -1414,5 +1445,5 @@ static char * sh_tiger_hash_internal (char * filename, TigerType what, - unsigned long Length, int timeout) + UINT64 Length, int timeout) { #if defined(TIGER_64_BIT) @@ -1423,5 +1454,5 @@ static char out[KEY_LEN+1]; - SL_ENTER( _("sh_tiger_hash")); + SL_ENTER( _("sh_tiger_hash_internal")); res = sh_tiger_hash_val (filename, what, Length, timeout); @@ -1451,14 +1482,14 @@ /*@+bufferoverflowhigh@*/ out[KEY_LEN] = '\0'; - SL_RETURN( out, _("sh_tiger_hash")); + SL_RETURN( out, _("sh_tiger_hash_internal")); } SL_RETURN( _("000000000000000000000000000000000000000000000000"), - _("sh_tiger_hash")); + _("sh_tiger_hash_internal")); } char * sh_tiger_hash_gpg (char * filename, TigerType what, - unsigned long Length) + UINT64 Length) { size_t len; @@ -1530,5 +1561,5 @@ UINT32 * sh_tiger_hash_uint32 (char * filename, TigerType what, - unsigned long Length) + UINT64 Length) { #if defined(TIGER_64_BIT) Index: trunk/src/sh_unix.c =================================================================== --- trunk/src/sh_unix.c (revision 18) +++ trunk/src/sh_unix.c (revision 19) @@ -573,5 +573,5 @@ if (mysignal == SIGUSR2) { - sig_suspend_switch = 1; + ++sig_suspend_switch; ++sig_urgent; } @@ -1582,5 +1582,6 @@ if (skey->mlock_failed == SL_FALSE) { - if ( (-1) == sh_unix_mlock( (char *) skey, sizeof (sh_key_t)) ) + if ( (-1) == sh_unix_mlock( FIL__, __LINE__, + (char *) skey, sizeof (sh_key_t)) ) { skey->mlock_failed = SL_TRUE; @@ -2754,4 +2755,35 @@ #include "sh_ignore.h" +int sh_unix_checksum_size (char * filename, struct stat * fbuf, + char * fileHash, int alert_timeout) +{ + file_type tmpFile; + int status; + + SL_ENTER(_("sh_unix_checksum_size")); + + /* lookup file in database */ + status = sh_hash_get_it (filename, &tmpFile); + if (status != 0) { + goto out; + } + + /* if last < current get checksum */ + if (tmpFile.size < fbuf->st_size) + { + strcpy(fileHash, /* known to fit */ + sh_tiger_generic_hash (filename, TIGER_FD, tmpFile.size, + alert_timeout)); + + /* return */ + SL_RETURN( 0, _("sh_unix_checksum_size")); + } + + out: + strcpy(fileHash, /* known to fit */ + _("000000000000000000000000000000000000000000000000")); + SL_RETURN( -1, _("sh_unix_checksum_size")); +} + int sh_unix_getinfo (int level, char * filename, file_type * theFile, char * fileHash, int policy) @@ -2891,5 +2923,5 @@ _("000000000000000000000000000000000000000000000000")); } - else if (policy == SH_LEVEL_PRELINK && + else if ((theFile->check_mask & MODI_PREL) != 0 && S_TRUE == sh_prelink_iself(rval_open, fbuf.st_size, alert_timeout)) @@ -2906,4 +2938,12 @@ sh_tiger_generic_hash (theFile->fullpath, TIGER_FD, 0, alert_timeout)); + if ((theFile->check_mask & MODI_SGROW) != 0) + { + sl_rewind(rval_open); + tiger_fd = rval_open; + sh_unix_checksum_size (theFile->fullpath, &fbuf, + &fileHash[KEY_LEN + 1], + alert_timeout); + } } } @@ -2939,4 +2979,12 @@ alert_timeout), KEY_LEN + 1); + if ((theFile->check_mask & MODI_SGROW) != 0) + { + sl_rewind(rval_open); + tiger_fd = rval_open; + sh_unix_checksum_size (theFile->fullpath, &fbuf, + &fileHash[KEY_LEN + 1], + alert_timeout); + } } } @@ -3648,4 +3696,6 @@ unsigned long page_start; int page_refcount; + char file[64]; + int line; struct sh_page_lt * next; } sh_page_l; @@ -3691,5 +3741,5 @@ #if defined(HAVE_MLOCK) && !defined(HAVE_BROKEN_MLOCK) -int sh_unix_mlock (void * in_addr, size_t len) +int sh_unix_mlock (char * file, int line, void * in_addr, size_t len) { int num_pages; @@ -3755,4 +3805,6 @@ page_list->page_start = addr; page_list->page_refcount = 1; + sl_strlcpy(page_list->file, file, 64); + page_list->line = line; status = mlock( (void *) addr, pagesize); if (status != 0) @@ -3929,8 +3981,14 @@ while (page_list != NULL) { +#ifdef WITH_TPT + sl_snprintf(str, 128, _("file: %s line: %d page: %d"), + page_list->file, page_list->line, i+1); + sh_error_handle(SH_ERR_INFO, FIL__, __LINE__, i, MSG_E_SUBGEN, + str, _("sh_unix_count_mlock")); +#endif page_list = page_list->next; ++i; } - sprintf(str, _("%d pages locked"), i); /* known to fit */ + sl_snprintf(str, 128, _("%d pages locked"), i); sh_error_handle(SH_ERR_INFO, FIL__, __LINE__, i, MSG_E_SUBGEN, str, _("sh_unix_count_mlock")); Index: trunk/test/test.sh =================================================================== --- trunk/test/test.sh (revision 18) +++ trunk/test/test.sh (revision 19) @@ -1,19 +1,117 @@ #! /bin/sh +isok=`test -t 1 2>&1 | wc -c` +if [ "$isok" -eq 0 ]; then + test -t 1 + isok=$? +fi # The following two are the ANSI sequences for start and end embolden -case $TERM in -vt*|ansi*|con*|xterm*|linux*|screen*) - S= - E= - ;; -*) - S= - E= - ;; -esac +if [ x"$isok" = x0 ]; then + case $TERM in + vt*|ansi*|con*|xterm*|linux*|screen*|rxvt*) + S='' + R= + G= + B= + E= + ;; + *) + S= + R= + G= + B= + E= + ;; + esac +fi + + +usage() { + echo "test.sh [options] [hostname]" + echo " [-q|--quiet|-v|--verbose] [-s|--stoponerr] [--no-cleanup]" + echo " [--srcdir=top_srcdir] [--color=always|never|auto]" + echo + echo " ${S}test.sh 1${E} -- Compile with many different options" + echo " ${S}test.sh 2${E} -- Hash function (testrc_1)" + echo " ${S}test.sh 3${E} -- Standalone init/check" + echo " ${S}test.sh 4${E} -- Microstealth init/check" + echo " ${S}test.sh 5${E} -- External program call (testrc_1ext.in)" + echo " ${S}test.sh 6${E} -- Controlling the daemon" + echo " ${S}test.sh 7${E} -- GnuPG signed files / prelude log" + + echo " ${S}test.sh 10${E} -- Test c/s init/check (testrc_2.in)" + echo " ${S}test.sh 11${E} -- Test full c/s init/check (testrc_2.in)" + echo " ${S}test.sh 12${E} -- Test full c/s w/gpg (testrc_2.in)" + echo " ${S}test.sh 13${E} -- Test full c/s w/mysql (testrc_2.in)" + echo " ${S}test.sh 14${E} -- Test full c/s w/postgres (testrc_2.in)" + echo " ${S}test.sh all${E} -- All except 12+" + + echo + echo "Scripts used by tests (located in ${SCRIPTDIR}):" + echo " (1) testcompile.sh (2) testhash.sh (3) testrun_1.sh (4) testrun_1a.sh" + echo " (5) testext.sh (6) testtimesrv.sh (7) testrun_1b.sh (10) testrun_2.sh" + echo " (11) testrun_2a.sh (12) testrun_2b.sh (13) testrun_2c.sh (14) testrun_2d.sh" +} + +# +# Option parsing +# +verbose= +quiet= +stoponerr= +color=auto +cleanup=on +doall= + +while [ $# -gt 0 ] +do + case "$1" in + -h|--help) usage; exit 0;; + -v|--verbose) verbose=on; quiet= ;; + -q|--quiet) quiet=on; verbose= ;; + -s|--stoponerr) stoponerr=on;; + --no-cleanup) cleanup= ;; + --really-all) doall=on;; + --srcdir=*) TOP_SRCDIR=`echo $1 | sed s,--srcdir=,,`; export TOP_SRCDIR;; + --color=*) + arg=`echo $1 | sed s,--color=,,` + case $arg in + auto) ;; + never|none|no) + S= + R= + G= + B= + E= + ;; + always|yes) + S='' + R= + G= + G= + E= + ;; + *) echo "Invalid argument $1"; exit 1;; + esac + ;; + -*) echo "Invalid argument $1"; exit 1;; + *) break;; + esac + shift +done + +export verbose +export quiet +export stoponerr +export cleanup +export doall +export S; export R; export G; export B; export E; SCRIPTDIR=. +# +# 'make test' will copy the 'test' subdirectory and replace TEST_SRCDIR +# TEST_SRCDIR="XXXSRCXXX"; if test "x${TOP_SRCDIR}" = x; then @@ -41,5 +139,5 @@ export TOP_SRCDIR else - echo "Please set the environment variable TOP_SRCDIR to the" + echo "Please use --srcdir=DIR, where DIR should be the" echo "top directory in the samhain source tree." exit 1 @@ -47,93 +145,383 @@ fi else - # called by make - if test -f "${TOP_SRCDIR}/src/samhain.c"; then - SCRIPTDIR=test - else - if test -f "../${TOP_SRCDIR}/src/samhain.c"; then - cd ..; SCRIPTDIR=test + # called by make, or with --srcdir=TOP_SRCDIR + if test -f "${TOP_SRCDIR}/src/samhain.c"; then + SCRIPTDIR="${TOP_SRCDIR}/test" + elif test -f "../${TOP_SRCDIR}/src/samhain.c"; then + cd ..; SCRIPTDIR="${TOP_SRCDIR}/test" + else + echo "Please use --srcdir=DIR, where DIR should be the" + echo "top directory in the samhain source tree." + exit 1 + fi +fi + +export SCRIPTDIR + +PW_DIR=`pwd`; export PW_DIR +# +# +# +if test x$UID != x; then + TRUST="--with-trusted=0,2,$UID" +else + TRUST="--with-trusted=0,2,500" +fi +export TRUST +# +# find a good 'make' +# +MAKE=`which gmake` +if test "x$?" = x1 ; then + MAKE="make -s" +else + MAKE=`which gmake | sed -e "s%\([a-z:]\) .*%\1%g"` + if test "x$MAKE" = x; then + MAKE="make -s" + elif test "x$MAKE" = xno; then + MAKE="make -s" + else + if test "x$MAKE" = "xwhich:"; then + MAKE="make -s" else - echo "Please set the environment variable TOP_SRCDIR to the" - echo "top directory in the samhain source tree." - exit 1 + MAKE="gmake -s" + gmake -v >/dev/null 2>&1 || MAKE="make -s" fi fi fi - -export SCRIPTDIR - -PW_DIR=`pwd`; export PW_DIR +export MAKE + +failcount=0 +okcount=0 +skipcount=0 +global_count=0 +last_count=0 + +# args: #test, #total, status, optional msg +log_msg () +{ + if [ x"$COLUMNS" != x ]; then + TERMWIDTH=$COLUMNS + elif [ x"$COLS" != x ]; then + TERMWIDTH=$COLS + else + TERMWIDTH=80 + fi + cols=66; + # + if [ $1 -eq 0 ]; then + msg=" ${4}" + else + if [ ${1} -eq 1 ]; then + global_count=${last_count} + fi + let "v = $1 + global_count" >/dev/null + last_count=${v} + dd=''; if [ $v -lt 10 ]; then dd=" "; fi + dt=''; if [ $2 -lt 10 ]; then dt=" "; fi + if [ -z "$4" ]; then + msg=" test ${dd}${v}/${dt}${2}" + else + msg=" test ${dd}${v}/${dt}${2} ${4}" + fi + fi + # + if [ x"$3" = xfailure ]; then + ccode=$R + elif [ x"$3" = xsuccess ]; then + ccode=$G + else + ccode=$B + fi + if [ -z "${R}" ]; then + echo " [${3}] ${msg}" + else + # len=${#...} is not bourne shell + # also, need to account for terminal control sequences + len=`echo "$msg" | awk '/1;30m/ { print length()-10; }; !/1;30m/ { print length();}'` + let "cols = cols - len" >/dev/null + moveto='['$cols'C' + echo "${msg}${moveto}${ccode}[${3}]${E}" + fi +} + +log_fail () { + log_msg "$1" "$2" failure "$3"; + let "failcount = failcount + 1" >/dev/null; + test -z "$stoponerr" || exit 1; +} +log_ok () { + log_msg "$1" "$2" success "$3"; + let "okcount = okcount + 1" >/dev/null; +} +log_skip () { + log_msg "$1" "$2" skipped "$3"; + let "skipcount = skipcount + 1" >/dev/null; +} + +log_msg_fail () { log_msg 0 0 failure "$1"; } +log_msg_ok () { log_msg 0 0 success "$1"; } +log_msg_skip () { log_msg 0 0 skipped "$1"; } + +log_start () { + if [ -z "$quiet" ]; then + echo; + echo "${S}__ START TEST ${1} __${E}"; + echo; + fi +} +log_end () { + if [ -n "$verbose" ]; then + echo; + echo "${S}__ END TEST ${1} __${E}"; + echo; + fi +} + +do_cleanup () { + rm -f testrc_1.dyn + rm -f testrc_2 + rm -f ./.samhain_file + rm -f ./.samhain_log* + rm -f ./.samhain_lock + test -d testrun_data && chmod -R 0700 testrun_data + rm -rf testrun_data + rm -f test_log_db + rm -f test_log_prelude +} + +print_summary () +{ + let "gcount = okcount + skipcount + failcount" >/dev/null; + [ -z "$quiet" ] && { + echo + echo "__ ${S}Tests: ${gcount} Ok: ${okcount} Skipped: ${skipcount} Failed: ${failcount}${E}" + } + if [ $failcount -eq 0 ]; then + [ -z "$quiet" ] && { echo "__ ${G}All tests passed successfully.${E}"; echo; } + elif [ $failcount -eq 1 ]; then + [ -z "$quiet" ] && { echo "__ ${R}There was 1 failure.${E}"; echo; } + else + [ -z "$quiet" ] && { echo "__ ${R}There were $failcount failures.${E}"; echo; } + fi + [ -z "$cleanup" ] || do_cleanup; +} + +find_path () { ( + save_IFS=$IFS; IFS=: + + for dir in $PATH; do + IFS=$as_save_IFS + test -z "$dir" && dir=. + if test -f "$dir/$1"; then + echo "$dir/$1"; + break; + fi + done + IFS=${save_IFS}; +); } + +find_hostname () { + tmp=`hostname -f 2>/dev/null` + if [ $? -ne 0 ]; then + tmp=`hostname 2>/dev/null` + fi + if [ -z "$tmp" ]; then + tmp="localhost" + fi + echo "$tmp" +} + +rm -f ./test_log + +# first one is hostname, others are aliases +# +hostname=`cat /etc/hosts | egrep "^ *127.0.0.1" | awk '{ print $2 }'` +if [ x"$hostname" = xlocalhost ]; then + hostname="127.0.0.1" +fi if test x$1 = x1; then - exec ${SCRIPTDIR}/testcompile.sh + . ${SCRIPTDIR}/testcompile.sh + testcompile + print_summary + exit $? fi if test x$1 = x2; then - exec ${SCRIPTDIR}/testhash.sh + . ${SCRIPTDIR}/testhash.sh + testhash + print_summary + exit $? fi if test x$1 = x3; then - exec ${SCRIPTDIR}/testrun_1.sh + . ${SCRIPTDIR}/testrun_1.sh + testrun1 + print_summary + exit $? fi if test x$1 = x4; then - exec ${SCRIPTDIR}/testrun_1a.sh + . ${SCRIPTDIR}/testrun_1.sh + . ${SCRIPTDIR}/testrun_1a.sh + testrun1a + print_summary + exit $? fi if test x$1 = x5; then - exec ${SCRIPTDIR}/testext.sh + . ${SCRIPTDIR}/testext.sh + testext0 + print_summary + exit $? fi if test x$1 = x6; then - exec ${SCRIPTDIR}/testtimesrv.sh + . ${SCRIPTDIR}/testtimesrv.sh + testtime0 + print_summary + exit $? fi if test x$1 = x7; then - exec ${SCRIPTDIR}/testrun_1b.sh + . ${SCRIPTDIR}/testrun_1b.sh + testrun1b + print_summary + exit $? fi if test x$1 = x10; then - exec ${SCRIPTDIR}/testrun_2.sh $2 + . ${SCRIPTDIR}/testrun_2.sh + testrun2 $hostname + print_summary + exit $? fi if test x$1 = x11; then - exec ${SCRIPTDIR}/testrun_2a.sh $2 + . ${SCRIPTDIR}/testrun_2a.sh + testrun2a $hostname + print_summary + exit $? fi if test x$1 = x12; then - exec ${SCRIPTDIR}/testrun_2b.sh $2 + . ${SCRIPTDIR}/testrun_2a.sh + . ${SCRIPTDIR}/testrun_2b.sh + testrun2b $hostname + print_summary + exit $? fi if test x$1 = x13; then - exec ${SCRIPTDIR}/testrun_2c.sh $2 + . ${SCRIPTDIR}/testrun_2a.sh + . ${SCRIPTDIR}/testrun_2c.sh + testrun2c $hostname + print_summary + exit $? fi if test x$1 = x14; then - exec ${SCRIPTDIR}/testrun_2d.sh $2 + . ${SCRIPTDIR}/testrun_2a.sh + . ${SCRIPTDIR}/testrun_2d.sh + testrun2d $hostname + print_summary + exit $? fi if test x$1 = xall; then - ${SCRIPTDIR}/testcompile.sh - ${SCRIPTDIR}/testhash.sh - ${SCRIPTDIR}/testrun_1.sh - ${SCRIPTDIR}/testrun_1a.sh - ${SCRIPTDIR}/testext.sh - ${SCRIPTDIR}/testtimesrv.sh - ${SCRIPTDIR}/testrun_1b.sh - ${SCRIPTDIR}/testrun_2.sh $2 - ${SCRIPTDIR}/testrun_2a.sh $2 -fi - -echo "Usage (in brackets: config files used):" -echo -echo " ${S}test.sh 1${E} -- Compilation with many different options" -echo " ${S}test.sh 2${E} -- Hash function" -echo " ${S}test.sh 3${E} -- Standalone init/check (testrc_1)" -echo " ${S}test.sh 4${E} -- Microstealth init/check (testrc_1)" -echo " ${S}test.sh 5${E} -- External program call (testrc_1ext.in)" -echo " ${S}test.sh 6${E} -- Timeserver option (testrc_1)" -echo " ${S}test.sh 7${E} -- GnuPG signed files (testrc_1)" -# -# -# -echo " ${S}test.sh 10 hostname${E} -- Test c/s init/check (testrc_2.in)" -echo " ${S}test.sh 11 hostname${E} -- Test full c/s init/check (testrc_2.in)" -echo " ${S}test.sh 12 hostname${E} -- Test full c/s w/gpg (testrc_2.in)" -echo " ${S}test.sh 13 hostname${E} -- Test full c/s w/mysql (testrc_2.in)" -echo " ${S}test.sh 14 hostname${E} -- Test c/s w/syslog logging(testrc_2.in)" -echo " ${S}test.sh a hostname${E} -- All except 7,12+" - -echo -echo "Scripts used: (1) ./testcompile.sh (2) ./testhash.sh (3) ./testrun_1.sh" -echo " (4) ./testrun_1a.sh (5) ./testext.sh (6) ./testtimesrv.sh" -echo " (7) ./testrun_1b.sh (10) ./testrun_2.sh (11) ./testrun_2a.sh" -echo " (12) ./testrun_2b.sh (13) ./testrun_2c.sh (14) ./testrun_2d.sh" - + TEST_MAX=0 + . ${SCRIPTDIR}/testcompile.sh + let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null + . ${SCRIPTDIR}/testhash.sh + let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null + . ${SCRIPTDIR}/testrun_1.sh + let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null + . ${SCRIPTDIR}/testrun_1a.sh + let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null + . ${SCRIPTDIR}/testext.sh + let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null + . ${SCRIPTDIR}/testtimesrv.sh + let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null + . ${SCRIPTDIR}/testrun_1b.sh + let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null + . ${SCRIPTDIR}/testrun_2.sh + let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null + . ${SCRIPTDIR}/testrun_2a.sh + let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null + . ${SCRIPTDIR}/testrun_2b.sh + let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null + . ${SCRIPTDIR}/testrun_2c.sh + let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null + . ${SCRIPTDIR}/testrun_2d.sh + let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null + # + # ${SCRIPTDIR}/testtimesrv.sh + # ${SCRIPTDIR}/testrun_1b.sh + # ${SCRIPTDIR}/testrun_2.sh $2 + # ${SCRIPTDIR}/testrun_2a.sh $2 + # + MAXTEST=${TEST_MAX}; export MAXTEST + testcompile + testhash + # + . ${SCRIPTDIR}/testrun_1.sh + MAXTEST=${TEST_MAX}; export MAXTEST + testrun1 + # + . ${SCRIPTDIR}/testrun_1a.sh + MAXTEST=${TEST_MAX}; export MAXTEST + testrun1a + # + testext0 + # + . ${SCRIPTDIR}/testtimesrv.sh + MAXTEST=${TEST_MAX}; export MAXTEST + testtime0 + # + . ${SCRIPTDIR}/testrun_1b.sh + MAXTEST=${TEST_MAX}; export MAXTEST + testrun1b + # + . ${SCRIPTDIR}/testrun_2.sh + MAXTEST=${TEST_MAX}; export MAXTEST + testrun2 $hostname + # + . ${SCRIPTDIR}/testrun_2a.sh + MAXTEST=${TEST_MAX}; export MAXTEST + testrun2a $hostname + # + . ${SCRIPTDIR}/testrun_2b.sh + MAXTEST=${TEST_MAX}; export MAXTEST + testrun2b $hostname + # + . ${SCRIPTDIR}/testrun_2c.sh + MAXTEST=${TEST_MAX}; export MAXTEST + testrun2c $hostname + # + . ${SCRIPTDIR}/testrun_2d.sh + MAXTEST=${TEST_MAX}; export MAXTEST + testrun2d $hostname + # + print_summary + exit 0 +fi + +usage; + +exit 1; + +__ARCHIVE_FOLLOWS__ +‹-tæCí•MoÓ0Ç#@HøÄ +»Å 4Ñ&m׎I9€M›–õeëËÆ6U(MÝÖ[bwv²®œù|ˆ‰ïÀ‰W$ĉ°‚牧ݺŠMHlÈ?µµý÷ËóØqþõ÷™ëû1›;Ê¥  +Ò©TXj™yuÒÖŠíiUM*ššÌh©LBMiŠPé„ÕËI'JÀ}›Aš0Ä·?g£ÍÌÊ„G!ÙŒUªÂek6JV5oÂJŸÑ0¬ü€m>X„¢¡*õMÑÊsÇ +¢î"\§$u¡E‚e +úî"†{cè0‡ +âÜî#ÀŠáû +wñ6èaéqä;BÏï"â7P8Ë·Áq­%[Õ +QHZTª#»[#î8ª–i¿ "ðšj1:€/:é(õ ešJ Šê'Ÿ5Þp]}d32“§! õ±ƒf¢‰×1éљRµÅ¡Lg‚M‘LTlì +÷Šù!τiŒ1wOi“AË +Ÿ +Ü4ج`i#1LDõÃŒœr¶›ØCº–PC±Žœ€qLIY,àêÚD,S:œ +J« Ž†”ù +ÀuMä‹¡År¹p + +xMáúdÑð Ö +mpÆ-2š­úÑZE“`‹G·dW‹%bóðUmÅ˘{À悙])˜óde`íšÞØxüŽ˜Õ +–ìK¹lòùú\¶³j®»­:îÌuÞ=7°aäz+k[]gñ|Ü#<ëÄë +³X±–¶ë{ZE:ÞÊe§ æ«æYé]÷+x­Äží +„õ= +ßÊKú +žÈÿ“jêØÿµt* +úFÓ€ÿ_Wãÿï?Ÿ}÷|1Š1ï܌æˆï»âçå­IûÅíƒ\XÞW£åiöO¡ˆþ{ÊáÁÁ·ß÷wŠúöËá÷¯‡ûáGyý‡(?ÞŒúüíø|c_ìå/x͋øÀi ß؋—ŠsÉra׊Îhc'Ckt©±# +Œ9ÂMàá€%Ô£úd®3l-ÑÂvŒ±¶±. +<7êÍK—H$‰D"‘H$‰D"‘H$‰D"‘H$’ +ø ?:v( Index: trunk/test/testcompile.sh =================================================================== --- trunk/test/testcompile.sh (revision 18) +++ trunk/test/testcompile.sh (revision 19) @@ -1,69 +1,39 @@ #! /bin/sh - -# The following two are the ANSI sequences for start and end embolden -case $TERM in -vt*|ansi*|con*|xterm*|linux*|screen*) - S= - E= - ;; -*) - S= - E= - ;; -esac - -PW_DIR=`pwd` - -if test x$UID != x; then - TRUST="--with-trusted=0,2,$UID" -else - TRUST="--with-trusted=0,2" -fi - -#echo; echo "${S}__ STARTING TEST COMPILE __${E}"; echo; -#echo Working directory: $PW_DIR - -MAKE=`which gmake` -if test "x$?" = x1 ; then - MAKE="make -s" -else - MAKE=`which gmake | sed -e "s%\([a-z:]\) .*%\1%g"` - if test "x$MAKE" = x; then - MAKE="make -s" - elif test "x$MAKE" = xno; then - MAKE="make -s" - else - if test "x$MAKE" = "xwhich:"; then - MAKE="make -s" - else - MAKE="gmake -s" - gmake -v >/dev/null 2>&1 || MAKE="make -s" - fi - fi -fi - -#echo MAKE is $MAKE -#echo +MAXTEST=28; export MAXTEST testmake () { - + fail=0 if test x$1 = x0; then - echo "PASS: configure ${TEST}"; - $MAKE > /dev/null 2>> test_log + [ -z "$verbose" ] || log_msg_ok "configure... $TEST"; + $MAKE cutest > /dev/null 2>> test_log if test x$? = x0; then - echo "PASS: $MAKE ${TEST}"; + [ -z "$verbose" ] || log_msg_ok "make cutest... $TEST"; else - echo "FAIL: $MAKE ${TEST} (see ./test_log)"; + [ -z "$quiet" ] && log_msg_fail "make cutest... $TEST"; + fail=1 fi else - echo "FAIL: configure ${TEST} (see ./test_log)"; - fi + [ -z "$quiet" ] && log_msg_fail "configure... $TEST"; + if [ x"$3" = xskip ]; then + [ -z "$quiet" ] && log_skip $2 ${MAXTEST} "$TEST"; + fi + fail=1 + fi + if [ $fail -eq 1 ]; then + [ -z "$quiet" ] && log_fail $2 ${MAXTEST} "$TEST"; + return 1 + fi + [ -z "$quiet" ] && log_ok $2 ${MAXTEST} "$TEST"; + return 0 } testcompile () { - rm -f ./test_log + log_start "COMPILE" + + num=0 + numfail=0 # @@ -78,5 +48,6 @@ ${TOP_SRCDIR}/configure --quiet --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test --enable-suidcheck > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # @@ -91,5 +62,6 @@ ${TOP_SRCDIR}/configure --quiet --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test --enable-mounts-check --enable-userfiles > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null @@ -105,5 +77,6 @@ ${TOP_SRCDIR}/configure --quiet --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test --enable-message-queue --with-timeserver=127.0.0.1 > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # @@ -118,5 +91,6 @@ ${TOP_SRCDIR}/configure --quiet --prefix=$PW_DIR --enable-nocl="owl" --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # @@ -131,5 +105,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-debug --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # @@ -138,11 +113,18 @@ TEST="${S}standalone agent w/gpg${E}" # - if test -r "Makefile"; then - $MAKE clean - fi - # - ${TOP_SRCDIR}/configure --quiet --with-gpg=/usr/bin/gpg --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log - # - testmake $? + GPG=`find_path gpg` + let "num = num + 1" >/dev/null + # + if [ -z "$GPG" ]; then + log_skip $num $MAXTEST 'gpg not in PATH' + else + if test -r "Makefile"; then + $MAKE clean + fi + # + ${TOP_SRCDIR}/configure --quiet --with-gpg=$GPG --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log + # + testmake $? $num || let "numfail = numfail + 1" >/dev/null + fi # @@ -157,5 +139,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-stealth=128 --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # @@ -170,5 +153,34 @@ ${TOP_SRCDIR}/configure --quiet --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null + + # + # test standalone compilation w/mysql + # + TEST="${S}standalone agent w/mysql${E}" + # + if test -r "Makefile"; then + $MAKE clean + fi + # + ${TOP_SRCDIR}/configure --quiet --enable-xml-log --with-database=mysql --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log + # + let "num = num + 1" >/dev/null + testmake $? $num "skip" || let "numfail = numfail + 1" >/dev/null + + # + # test standalone compilation w/postgresql + # + TEST="${S}standalone agent w/postgresql${E}" + # + if test -r "Makefile"; then + $MAKE clean + fi + # + ${TOP_SRCDIR}/configure --quiet --enable-xml-log --with-database=postgresql --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log + # + let "num = num + 1" >/dev/null + testmake $? $num "skip" || let "numfail = numfail + 1" >/dev/null # @@ -183,5 +195,6 @@ ${TOP_SRCDIR}/configure --quiet --disable-mail --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # @@ -196,5 +209,6 @@ ${TOP_SRCDIR}/configure --quiet --disable-external-scripts --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # echo; echo "${S}__ TEST CLIENT/SERVER __${E}"; echo; @@ -211,6 +225,7 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=client --enable-srp --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test --with-timeserver=127.0.0.1 > /dev/null 2>> test_log # - testmake $? - # + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null + if test -r "Makefile"; then $MAKE clean @@ -219,5 +234,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=server --enable-srp --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test --with-timeserver=127.0.0.1 > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # @@ -226,19 +242,29 @@ TEST="${S}client/server application w/gpg${E}" # - if test -r "Makefile"; then - $MAKE clean - fi - # - ${TOP_SRCDIR}/configure --quiet --enable-network=server --enable-srp --with-gpg=/usr/bin/gpg --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log - # - testmake $? - # - if test -r "Makefile"; then - $MAKE clean - fi - # - ${TOP_SRCDIR}/configure --quiet --enable-network=client --enable-srp --with-gpg=/usr/bin/gpg --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log - # - testmake $? + GPG=`find_path gpg` + let "num = num + 1" >/dev/null + # + if [ -z "$GPG" ]; then + log_skip $num $MAXTEST 'gpg not in PATH' + let "num = num + 1" >/dev/null + log_skip $num $MAXTEST 'gpg not in PATH' + else + if test -r "Makefile"; then + $MAKE clean + fi + # + ${TOP_SRCDIR}/configure --quiet --enable-network=server --enable-srp --with-gpg=$GPG --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log + # + testmake $? $num || let "numfail = numfail + 1" >/dev/null + # + if test -r "Makefile"; then + $MAKE clean + fi + # + ${TOP_SRCDIR}/configure --quiet --enable-network=client --enable-srp --with-gpg=$GPG --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log + # + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null + fi @@ -254,5 +280,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=server --disable-srp --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # if test -r "Makefile"; then @@ -262,5 +289,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=client --disable-srp --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # @@ -275,5 +303,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=server --enable-debug --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # if test -r "Makefile"; then @@ -283,5 +312,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=client --enable-debug --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # @@ -296,5 +326,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=server --enable-srp --enable-stealth=128 --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # if test -r "Makefile"; then @@ -304,5 +335,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=client --enable-srp --enable-stealth=128 --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # @@ -317,5 +349,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=server --enable-srp --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # if test -r "Makefile"; then @@ -325,5 +358,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=client --enable-srp --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # @@ -338,5 +372,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=server --disable-mail --enable-srp --enable-stealth=128 --enable-debug --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # if test -r "Makefile"; then @@ -346,5 +381,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=client --disable-mail --enable-srp --enable-stealth=128 --enable-debug --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # @@ -359,5 +395,6 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=server --disable-srp --disable-external-scripts --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null # if test -r "Makefile"; then @@ -367,14 +404,7 @@ ${TOP_SRCDIR}/configure --quiet --enable-network=client --disable-srp --disable-external-scripts --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log # - testmake $? + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null + + log_end "COMPILE" } - - - - testcompile - - -# echo; echo "${S}__ END TEST COMPILE __${E}"; echo; - -exit - Index: trunk/test/testext.sh =================================================================== --- trunk/test/testext.sh (revision 18) +++ trunk/test/testext.sh (revision 19) @@ -1,102 +1,70 @@ #! /bin/sh - -# The following two are the ANSI sequences for start and end embolden -case $TERM in -vt*|ansi*|con*|xterm*|linux*|screen*) - S= - E= - ;; -*) - S= - E= - ;; -esac - -PW_DIR=`pwd` - -if test x$UID != x; then - TRUST="--with-trusted=0,2,$UID" -else - TRUST="--with-trusted=0,2" -fi - -echo; echo "${S}__ STARTING TEST EXTERNAL PROGRAM __${E}"; echo; -echo Working directory: $PW_DIR - -MAKE=`which gmake` -if test "x$?" = x1 ; then - MAKE="make -s" -else - MAKE=`which gmake | sed -e "s%\([a-z:]\) .*%\1%g"` - if test "x$MAKE" = x; then - MAKE="make -s" - elif test "x$MAKE" = xno; then - MAKE="make -s" - else - if test "x$MAKE" = "xwhich:"; then - MAKE="make -s" - else - MAKE="gmake -s" - gmake -v >/dev/null 2>&1 || MAKE="make -s" - fi - fi -fi - -COMP=`which gcc` -if test "x$?" = x1 ; then - COMP="cc" -else - COMP=`which gcc | sed -e "s%\([a-z:]\) .*%\1%g"` - if test "x$COMP" = x; then - COMP="cc" - elif test "x$COMP" = xno; then - COMP="cc" - else - if test "x$COMP" = "xwhich:"; then - COMP="cc" - else - COMP="gcc" - gcc -v >/dev/null 2>&1 || COMP="gcc" - fi - fi -fi -echo MAKE is $MAKE -echo COMP is $COMP -echo - +MAXTEST=1; export MAXTEST testext0 () { + COMP=`which gcc` + if test "x$?" = x1 ; then + COMP="cc" + else + COMP=`which gcc | sed -e "s%\([a-z:]\) .*%\1%g"` + if test "x$COMP" = x; then + COMP="cc" + elif test "x$COMP" = xno; then + COMP="cc" + else + if test "x$COMP" = "xwhich:"; then + COMP="cc" + else + COMP="gcc" + gcc -v >/dev/null 2>&1 || COMP="gcc" + fi + fi + fi + log_start "EXTERNAL PROGRAM" + [ -z "$verbose" ] || echo MAKE is $MAKE + [ -z "$verbose" ] || { echo COMP is $COMP; echo; } # # standalone compilation # - echo "${S}Building standalone agent${E}"; echo; + [ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; } # if test -r "Makefile"; then - ${MAKE} distclean + ${MAKE} distclean >/dev/null fi # - ${TOP_SRCDIR}/configure --quiet --enable-debug --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/testrc_1ext --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file + ${TOP_SRCDIR}/configure --quiet --enable-debug --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/testrc_1ext --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file # if test x$? = x0; then - echo "configure completed, exit status 0"; echo; - ${MAKE} > /dev/null - echo "${MAKE} completed, exit status $?"; echo; + [ -z "$verbose" ] || log_msg_ok "configure..."; + $MAKE > /dev/null + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "make..."; + else + [ -z "$quiet" ] && log_msg_fail "make..."; + return 1 + fi + else - echo "ERROR: configure failed"; echo; + [ -z "$quiet" ] && log_msg_fail "configure..."; + return 1 fi - + # # prepare the program # cat test/test_ext.c.in | sed -e "s%MYPWDIR%$PW_DIR/test_ext.res%g" > test_ext.c - + ${COMP} -o test_ext test_ext.c if test "x$?" != x0; then - echo "FAIL: ${COMP} -o test_ext test_ext.c" - exit 1 + log_msg_fail "${COMP} -o test_ext test_ext.c" + return 1 fi - chmod +rx $PW_DIR/test_ext - + chmod +rx test_ext + if test "x$?" != x0; then + log_msg_fail "chmod +rx test_ext" + return 1 + fi + # compute checksum and fix config file # @@ -107,31 +75,42 @@ echo "SetChecksum=$CHKSUM" >> testrc_1ext echo "SetFilterOr=ALERT" >> testrc_1ext - + rm -f $PW_DIR/test_ext.res rm -f $PW_DIR/pdbg.child rm -f $PW_DIR/pdbg.main - ./samhain - + ./samhain -p none + # The shell is too fast ... - sleep 1 - echo; - echo "${S}Logged by external C program test_ext (filtered: ALERT only):${E}"; - echo; - cat $PW_DIR/test_ext.res - echo; + sleep 1 + [ -z "$verbose" ] || { + echo; + echo "${S}Logged by external C program test_ext (filtered: ALERT only):${E}"; + echo; + cat $PW_DIR/test_ext.res + echo + } + + tmp=`cat $PW_DIR/test_ext.res | wc -l` + if [ $tmp -eq 4 ]; then + tmp=`egrep 'RECV: \[EOF\]' $PW_DIR/test_ext.res | wc -l` + if [ $tmp -eq 2 ]; then + tmp=`egrep 'RECV: ALERT' $PW_DIR/test_ext.res | wc -l` + if [ $tmp -eq 2 ]; then + log_ok 1 ${MAXTEST}; + else + log_fail 1 ${MAXTEST}; + fi + else + log_fail 1 ${MAXTEST}; + fi + else + log_fail 1 ${MAXTEST}; + fi rm -f $PW_DIR/.samhain_file - rm -f $PW_DIR/.samhain_log + rm -f $LOGFILE rm -f $PW_DIR/.samhain_lock - + + log_end "EXTERNAL PROGRAM" } - - - testext0 - - -echo; echo "${S}__ END TEST EXTERNAL PROGRAM __${E}"; echo; - -exit - Index: trunk/test/testhash.sh =================================================================== --- trunk/test/testhash.sh (revision 18) +++ trunk/test/testhash.sh (revision 19) @@ -1,51 +1,12 @@ #! /bin/sh +RCFILE="$PW_DIR/testrc_1.dyn"; export RCFILE +LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE -# The following two are the ANSI sequences for start and end embolden -case $TERM in -vt*|ansi*|con*|xterm*|linux*|screen*) - S= - E= - ;; -*) - S= - E= - ;; -esac - -PW_DIR=`pwd` - -if test x$UID != x; then - TRUST="--with-trusted=0,2,$UID" -else - TRUST="--with-trusted=0,2" -fi - -#echo; echo "${S}__ STARTING TEST HASH FUNCTION __${E}"; echo; -#echo Working directory: $PW_DIR - -MAKE=`which gmake` -if test "x$?" = x1 ; then - MAKE="make -s" -else - MAKE=`which gmake | sed -e "s%\([a-z:]\) .*%\1%g"` - if test "x$MAKE" = x; then - MAKE="make -s" - elif test "x$MAKE" = xno; then - MAKE="make -s" - else - if test "x$MAKE" = "xwhich:"; then - MAKE="make -s" - else - MAKE="gmake -s" - gmake -v >/dev/null 2>&1 || MAKE="make -s" - fi - fi -fi - - +MAXTEST=1; export MAXTEST testhash () { + log_start "HASH FUNCTION" # # test standalone compilation @@ -57,18 +18,27 @@ fi # - ${TOP_SRCDIR}/configure --quiet --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test > /dev/null 2>> test_log + ${TOP_SRCDIR}/configure --quiet $TRUST --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --enable-debug + # + fail=0 # if test x$? = x0; then - echo "PASS: configure ${TEST}"; + [ -z "$verbose" ] || log_msg_ok "configure..."; $MAKE > /dev/null 2>> test_log if test x$? = x0; then - echo "PASS: $MAKE ${TEST}"; + [ -z "$verbose" ] || log_msg_ok "make..."; else - echo "FAIL: $MAKE ${TEST} (see ./test_log)"; + [ -z "$quiet" ] && log_msg_fail "make..."; + fail=1 fi else - echo "FAIL: configure ${TEST} (see ./test_log)"; + [ -z "$quiet" ] && log_msg_fail "configure..."; + fail=1 fi - + # + if [ $fail -eq 1 ]; then + [ -z "$quiet" ] && log_fail 1 ${MAXTEST}; + return 1 + fi + # echo "Test results of the TIGER hash algorithm" > testhash.tmp echo >> testhash.tmp @@ -84,23 +54,16 @@ ./samhain -H "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge, 1996." >> testhash.tmp ./samhain -H "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-" >> testhash.tmp - - # echo - # echo "${S}diff testhash.tmp testtiger.txt (empty == success):${E}" - # echo - RESU=`diff testhash.tmp ${SCRIPTDIR}/testtiger.txt` + # + RESU=`diff testhash.tmp ${SCRIPTDIR}/testtiger.txt 2>/dev/null` if test "x${RESU}" = "x"; then - echo "PASS: test_hash" + [ -z "$quiet" ] && log_ok 1 ${MAXTEST}; else - echo "FAIL: test_hash" + [ -z "$quiet" ] && log_fail 1 ${MAXTEST}; + return 1 fi + log_end "HASH FUNCTION" + return 0 } - testhash - - -#echo; echo "${S}__ END TEST HASH FUNCTION __${E}"; echo; - -exit - Index: trunk/test/testrc_1 =================================================================== --- trunk/test/testrc_1 (revision 18) +++ trunk/test/testrc_1 (revision 19) @@ -35,5 +35,5 @@ # for these files, only changes in permissions and ownership are checked # -file=/etc/mtab +#file=/etc/mtab #file=/etc/ssh_random_seed #file=/etc/asound.conf @@ -79,5 +79,5 @@ # dir=/usr/bin -dir=/usr/bin +#dir=/usr/bin #dir=/lib #dir=/usr/lib @@ -91,5 +91,5 @@ #[SuidCheck] #SuidCheckActive=T -# SuidCheckExclude=/net/localhost +#SuidCheckExclude=/home [EventSeverity] @@ -145,5 +145,5 @@ # Restrict to certain classes of messages # MailClass = RUN -PreludeSeverity = err +#PreludeSeverity = err # Which system calls to log (execve, utime, unlink, dup, chdir, open, kill, @@ -161,19 +161,19 @@ #KernelCheckInterval = 20 -[Utmp] +#[Utmp] # # 0 to switch off, 1 to activate # -LoginCheckActive=1 +#LoginCheckActive=1 # Severity for logins, multiple logins, logouts # -SeverityLogin=info -SeverityLoginMulti=warn -SeverityLogout=info +#SeverityLogin=info +#SeverityLoginMulti=warn +#SeverityLogout=info # interval for login/logout checks # -LoginCheckInterval=60 +#LoginCheckInterval=60 [Misc] @@ -219,5 +219,5 @@ # MailSubject=* body %H # %M -TrustedUser=uucp,fax,fnet +#TrustedUser=uucp,fax,fnet # Watch syslog port Index: trunk/test/testrc_2.in =================================================================== --- trunk/test/testrc_2.in (revision 18) +++ trunk/test/testrc_2.in (revision 19) @@ -28,38 +28,16 @@ -[Attributes] -# -# for these files, only changes in permissions and ownership are checked -# -file=/etc/mtab -#file=/etc/ssh_random_seed -#file=/etc/asound.conf -#file=/etc/resolv.conf -file=/etc/localtime -#file=/etc/ioctl.save -#file=/etc/passwd.backup -#file=/etc/shadow.backup - -# -# There are files in /etc that might change, thus changing the directory -# timestamps. Put it here as 'file', and in the ReadOnly section as 'dir'. -# -file=/etc - - -[GrowingLogFiles] -# -# for these files, changes in signature, timestamps, and increase in size -# are ignored -# -file=/var/log/messages - - [ReadOnly] # # for these files, only access time is ignored # -dir=/usr/bin -#dir=/bin +# dir=/usr/bin +# dir=/bin + +file = /var +file = /bin +file = /usr +file = /tmp +file = /etc [EventSeverity] @@ -112,5 +90,5 @@ SyslogSeverity=none ExportSeverity=none -DatabaseSeverity=info +DatabaseSeverity=none #databaseseverity=info @@ -146,11 +124,12 @@ Daemon=no -SetOutgoingIP=127.0.0.1 +SetOutgoingIP = 127.0.0.1 +SetServerInterface = 127.0.0.1 -UseSeparateLogs=yes +UseSeparateLogs=no SetUseSocket = yes -#SetClientFromAccept = yes +SetClientFromAccept = yes SetUdpActive=no @@ -206,5 +185,5 @@ # timer for time stamps -SetLoopTime=30 +SetLoopTime=10 # trusted users (root and the effective user are always trusted) Index: trunk/test/testrun_1.sh =================================================================== --- trunk/test/testrun_1.sh (revision 18) +++ trunk/test/testrun_1.sh (revision 19) @@ -1,130 +1,950 @@ #! /bin/sh - -# The following two are the ANSI sequences for start and end embolden -case $TERM in -vt*|ansi*|con*|xterm*|linux*|screen*) - S= - E= - ;; -*) - S= - E= - ;; -esac - -PW_DIR=`pwd` - -if test x$UID != x; then -# TRUST="--with-trusted=0,2" - TRUST="--with-trusted=0,2,$UID" -else - TRUST="--with-trusted=0,2,500" -fi - -echo; echo "${S}__ STARTING TEST RUN STANDALONE __${E}"; echo; -echo Working directory: $PW_DIR - -MAKE=`which gmake` -if test "x$?" = x1 ; then - MAKE="make -s" -else - MAKE=`which gmake | sed -e "s%\([a-z:]\) .*%\1%g"` - if test "x$MAKE" = x; then - MAKE="make -s" - elif test "x$MAKE" = xno; then - MAKE="make -s" +RCFILE="$PW_DIR/testrc_1.dyn"; export RCFILE +LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE + +# --enable-login-watch --enable-xml-log +# --enable-debug --enable-suidcheck --with-prelude + +BUILDOPTS="--quiet $TRUST --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --enable-debug" +export BUILDOPTS + +BASE="${PW_DIR}/testrun_testdata"; export BASE +TDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; export TDIRS +TFILES="x y z"; export TFILES + +########################################################### +# +# ---- [Define tests here] ---- +# + +# 1 for testing new tests +testrun1_setup=0 + +MAXTEST=10; export MAXTEST + +test_dirs () { + for ff in $CDIRS; do + # + egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; + return 1 + fi + tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; + fi + # + done + for ff in $NDIRS; do + # + egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 + if [ $? -eq 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; + return 1 + fi + done +} + +TESTPOLICY_10=" +[ReadOnly] +dir=99${BASE} +[IgnoreAll] +dir=-1${BASE}/b +[Attributes] +dir=1${BASE}/a +" + +mod_testdata_10 () { + sleep 1 + echo "foobar" >"${BASE}/b/x"; # ok + echo "foobar" >"${BASE}/c/x"; # bad + echo "foobar" >"${BASE}/a/x"; # ok + chmod 0555 "${BASE}/a/a/x"; # bad + chmod 0555 "${BASE}/a/a/a/x";# ok + chmod 0555 "${BASE}/a/y"; # bad +} + +chk_testdata_10 () { + # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; + tmp=`grep CRIT $LOGFILE | wc -l` + if [ $tmp -ne 3 ]; then + [ -z "$verbose" ] || log_msg_fail "policy count"; + return 1 + fi + egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/c/x" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/c/x"; + return 1 + fi + egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/a/x" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/x"; + return 1 + fi + egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/y" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/y"; + return 1 + fi + CDIRS="a a/a a/b a/c c"; + NDIRS="b a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; + test_dirs; + return $? +} + +TESTPOLICY_9=" +[ReadOnly] +dir=0${BASE}/b +[Attributes] +dir=2${BASE}/a/a +" + +mod_testdata_9 () { + echo "foobar" >"${BASE}/b/x"; + echo "foobar" >"${BASE}/a/x"; + echo "foobar" >"${BASE}/x"; +} + +chk_testdata_9 () { + # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; + tmp=`grep CRIT $LOGFILE | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "policy count"; + return 1 + fi + CDIRS="b a/a a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; + NDIRS="a c a/b a/c"; + test_dirs; + return $? +} + +TESTPOLICY_8=" +[ReadOnly] +dir=1${BASE} +[Attributes] +dir=1${BASE}/a/a +" + +mod_testdata_8 () { + echo "foobar" >"${BASE}/a/x"; + chmod 0555 "${BASE}/a/a/a/b/x"; +} + +chk_testdata_8 () { + # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; + tmp=`grep CRIT $LOGFILE | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "policy count"; + return 1 + fi + CDIRS="a b c a/a a/a/a a/a/b a/a/c"; + NDIRS="a/b a/c a/a/a/a a/a/a/b a/a/a/c"; + test_dirs; + return $? +} + + +TESTPOLICY_7=" +[ReadOnly] +dir=${BASE} +[Attributes] +dir=${BASE}/a/a +[GrowingLogFiles] +dir=${BASE}/a/a/a +[IgnoreAll] +file=${BASE}/a/a/a/z +dir=${BASE}/b +" + +mod_testdata_7 () { + sleep 1 + echo "foobar" >"${BASE}/a/a/a/z" # ok + echo "foobar" >"${BASE}/a/a/a/x" # bad + echo "foobar" >"${BASE}/a/a/x" # ok + echo "foobar" >"${BASE}/a/x" # bad + chmod 0555 "${BASE}/a" # bad + chmod 0555 "${BASE}/b" # ok +} + + +chk_testdata_7 () { + tmp=`grep CRIT $LOGFILE | wc -l` + if [ $tmp -ne 3 ]; then + [ -z "$verbose" ] || log_msg_fail "policy count"; + return 1 + fi + egrep "CRIT.*POLICY \[GrowingLogs\] C--------S.*${BASE}/a/a/a/x" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/a/x"; + return 1 + fi + egrep "CRIT.*POLICY \[ReadOnly\] -----M--T-.*${BASE}/a" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a"; + return 1 + fi + egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/x" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/x"; + return 1 + fi +} + + +TESTPOLICY_6=" +[ReadOnly] +dir=${BASE} +[Attributes] +file=${BASE}/a/y +file=${BASE}/b/y +file=${BASE}/c/y +file=${BASE}/a/a/y +file=${BASE}/a/b/y +file=${BASE}/a/c/y +file=${BASE}/a/a/a/y +file=${BASE}/a/a/b/y +file=${BASE}/a/a/c/y +file=${BASE}/a/a/a/a/y +file=${BASE}/a/a/a/b/y +file=${BASE}/a/a/a/c/y +" + +mod_testdata_6 () { + sleep 1 + for ff in $TDIRS; do + echo "foobar" >"${BASE}/${ff}/x" + chmod 0555 "${BASE}/${ff}/y" + echo "foobar" >"${BASE}/${ff}/z" + done +} + +chk_testdata_6 () { + count6=0 + for ff in $TDIRS; do + # + egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; + return 1 + fi + tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; + fi + # + for gg in $TFILES; do + egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)"; + fi + tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)"; + fi + done + egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/${ff}/x" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/x"; + return 1 + fi + let "count6 = count6 + 1" >/dev/null + egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/${ff}/z" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/z"; + return 1 + fi + let "count6 = count6 + 1" >/dev/null + egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/${ff}/y" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/y"; + return 1 + fi + let "count6 = count6 + 1" >/dev/null + done + tmp=`grep CRIT $LOGFILE | wc -l` + if [ $tmp -ne $count6 ]; then + [ -z "$verbose" ] || log_msg_fail "policy count"; + return 1 + fi +} + +TESTPOLICY_5=" +[Attributes] +dir=${BASE} +file=${BASE}/a/a/c/x +[ReadOnly] +file=${BASE}/a/a/c/y +[GrowingLogFiles] +dir=${BASE}/a/a/c +dir=${BASE}/a/a/b +dir=${BASE}/a/b +" + +mod_testdata_5 () { + mod_testdata_4 + echo "This is a xxxx file" > "${BASE}/a/a/b/x" # GrowingLogFiles + echo "This is a test file" > "${BASE}/a/a/b/y" # GrowingLogFiles + echo "This is a xxxx file bad" > "${BASE}/a/a/b/z" # GrowingLogFiles +} + +chk_testdata_5 () { + for ff in $TDIRS; do + # + egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; + return 1 + fi + tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; + fi + # + for gg in $TFILES; do + egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)"; + fi + tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)"; + fi + done + done + egrep "CRIT.*POLICY \[GrowingLogs\] C---------.*${BASE}/a/a/b/x" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/b/x"; + return 1 + fi + egrep "CRIT.*POLICY \[GrowingLogs\] C---------.*${BASE}/a/a/b/z" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/b/z"; + return 1 + fi + egrep "CRIT.*POLICY \[GrowingLogs\] -----M----.*${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/z"; + return 1 + fi + egrep "CRIT.*POLICY \[GrowingLogs\] -----M----.*${BASE}/a/a/c/z" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/z"; + return 1 + fi + egrep "CRIT.*POLICY \[GrowingLogs\] C--------S.*${BASE}/a/b/y" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/y"; + return 1 + fi + egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/x"; + return 1 + fi + egrep "CRIT.*POLICY ADDED.*${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/foo"; + return 1 + fi + egrep "CRIT.*POLICY ADDED.*033\[1;30m" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/\033[1;30m"; + return 1 + fi + egrep "WARN.*Weird filename.*033\[1;30m" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/\033[1;30m"; + return 1 + fi + egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/y"; + return 1 + fi + tmp=`grep CRIT $LOGFILE | wc -l` + if [ $tmp -ne 9 ]; then + [ -z "$verbose" ] || log_msg_fail "policy count"; + return 1 + fi +} + + +TESTPOLICY_4=" +[Attributes] +dir=${BASE} +file=${BASE}/a/a/c/x +[ReadOnly] +file=${BASE}/a/a/c/y +[LogFiles] +dir=${BASE}/a/a/c +dir=${BASE}/a/b +" + +mod_testdata_4 () { + sleep 1 + echo "foobar" >> "${BASE}/a/a/x" # Attributes + echo "foobar" > "${BASE}/a/a/c/foo" # new within LogFiles + echo "foobar" >> "${BASE}/a/a/c/y" # ReadOnly + echo "foobar" >> "${BASE}/a/a/c/x" # Attributes + chmod 0555 "${BASE}/a/a/c/x" # Attributes + chmod 0555 "${BASE}/a/a/c/z" # LogFiles + echo "foobar" >> "${BASE}/a/b/x" # LogFiles + echo "" > "${BASE}/a/b/y" # LogFiles + chmod 0555 "${BASE}/a/b/z" # LogFiles + touch "${BASE}/a/a/" # non-printable character in filename +} + +chk_testdata_4 () { + for ff in $TDIRS; do + # + egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; + return 1 + fi + tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; + fi + # + for gg in $TFILES; do + egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)"; + fi + tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)"; + fi + done + done + egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/x"; + return 1 + fi + egrep "CRIT.*POLICY \[LogFiles\] -----M----.*${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/z"; + return 1 + fi + egrep "CRIT.*POLICY \[LogFiles\] -----M----.*${BASE}/a/a/c/z" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/z"; + return 1 + fi + egrep "CRIT.*POLICY ADDED.*${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/foo"; + return 1 + fi + egrep "CRIT.*POLICY ADDED.*033\[1;30m" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/\033[1;30m"; + return 1 + fi + egrep "WARN.*Weird filename.*033\[1;30m" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/\033[1;30m"; + return 1 + fi + egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/y"; + return 1 + fi + tmp=`grep CRIT $LOGFILE | wc -l` + if [ $tmp -ne 6 ]; then + [ -z "$verbose" ] || log_msg_fail "policy count"; + return 1 + fi +} + +TESTPOLICY_3=" +[Attributes] +dir=${BASE} +file=${BASE}/a/a/c/x +[ReadOnly] +file=${BASE}/a/a/c/y +[IgnoreAll] +dir=${BASE}/a/a/c +" +mod_testdata_3 () { + sleep 1 + echo "foobar" > "${BASE}/a/b/foo" # new within Attributes + chmod 0555 "${BASE}/a/b" + echo "foobar" > "${BASE}/a/a/c/foo" # new within IgnoreAll + echo "foobar" > "${BASE}/a/a/c/y" # ReadOnly + chmod 0555 "${BASE}/a/a/c/x" # Attributes + chmod 0555 "${BASE}/a/a/c/z" # IgnoreAll +} + +chk_testdata_3 () { + for ff in $TDIRS; do + # + egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; + return 1 + fi + tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; + fi + # + for gg in $TFILES; do + egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)"; + fi + tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)"; + fi + done + done + egrep "CRIT.*POLICY ADDED.*${BASE}/a/b/foo" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/foo"; + return 1 + fi + egrep "CRIT.*POLICY ADDED.*${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/foo"; + return 1 + fi + egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/b" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b"; + return 1 + fi + egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/x"; + return 1 + fi + egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/y"; + return 1 + fi + tmp=`grep CRIT $LOGFILE | wc -l` + if [ $tmp -ne 5 ]; then + [ -z "$verbose" ] || log_msg_fail "policy count"; + return 1 + fi +} + +TESTPOLICY_2=" +[ReadOnly] +dir=${BASE} +file=${BASE}/a/a/c/x +[IgnoreAll] +dir=${BASE}/a/a/c +" +mod_testdata_2 () { + mod_testdata_1; + rm "${BASE}/a/a/c/y" + echo "foobar" > "${BASE}/a/a/c/foo" + chmod 0555 "${BASE}/a/a/c/x" + chmod 0555 "${BASE}/a/a/c/z" +} + +chk_testdata_2 () { + for ff in $TDIRS; do + # + egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; + return 1 + fi + tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; + fi + # + for gg in $TFILES; do + egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + if [ x"${ff}/${gg}" = x"a/a/c/y" ]; then :; else + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)"; + return 1 + fi + fi + done + done + egrep "CRIT.*POLICY ADDED.*${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/foo"; + return 1 + fi + egrep "CRIT.*POLICY MISSING.*${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/y"; + return 1 + fi + egrep "CRIT.*POLICY \[ReadOnly\] -----M--T-.*${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/x"; + return 1 + fi + tmp=`grep CRIT $LOGFILE | wc -l` + if [ $tmp -ne 8 ]; then + [ -z "$verbose" ] || log_msg_fail "policy count"; + return 1 + fi +} + +TESTPOLICY_1=" +[ReadOnly] +dir=${BASE} +" + +mod_testdata_1 () { + sleep 1 + touch "${BASE}/a/a/x" + chmod 0555 "${BASE}/a/a/y" + mv "${BASE}/a/b/y" "${BASE}/a/b/yy"; echo "This is a test file" > "${BASE}/a/b/y"; rm "${BASE}/a/b/yy" + echo "foobar" > "${BASE}/a/c/y" +} + +chk_testdata_1 () { + for ff in $TDIRS; do + # + egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; + return 1 + fi + tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; + fi + # + for gg in $TFILES; do + egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)"; + return 1 + fi + tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)"; + fi + done + done + egrep "CRIT.*POLICY \[ReadOnly\] --------T-.*${BASE}/a/a/x" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/x"; + return 1 + fi + egrep "CRIT.*POLICY \[ReadOnly\] -----M--T-.*${BASE}/a/a/y" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/y"; + return 1 + fi + egrep "CRIT.*POLICY \[ReadOnly\] ---I----T-.*${BASE}/a/b/y" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/y"; + return 1 + fi + egrep "CRIT.*POLICY \[ReadOnly\] --------T-.*${BASE}/a/b" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b"; + return 1 + fi + egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/c/y" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "${BASE}/a/c/y"; + return 1 + fi + tmp=`grep CRIT $LOGFILE | wc -l` + if [ $tmp -ne 5 ]; then + [ -z "$verbose" ] || log_msg_fail "policy count"; + return 1 + fi + return 0 +} + + +############################################################## +# +# Common subroutines +# + +mkconfig_misc () +{ + test -f "${RCFILE}" || touch "${RCFILE}" + cat >> "${RCFILE}" <> "${RCFILE}" <> "${RCFILE}" <>"${RCFILE}" +} + +prep_init () +{ + rm -f ./.samhain_file + rm -f "${LOGFILE}" + rm -f ./.samhain_lock + + rm -f "${RCFILE}" + mkconfig_sev + mkconfig_log + mkconfig_misc +} + +run_init () +{ + ./samhain -t init -p none + + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "init..."; else - if test "x$MAKE" = "xwhich:"; then - MAKE="make -s" - else - MAKE="gmake -s" - gmake -v >/dev/null 2>&1 || MAKE="make -s" - fi - fi -fi -echo MAKE is $MAKE -echo - -# --with-database=mysql -# --enable-debug -# [egd|unix|dev|default] - -testrun1 () -{ + [ -z "$quiet" ] && log_msg_fail "init..."; + return 1 + fi +} + +run_check () +{ + ./samhain -t check -p none -l debug + + if test x$? = x0; then + ./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}" + if [ $? -ne 0 ]; then + [ -z "$quiet" ] && log_msg_fail "mv logfile..."; + return 1 + fi + [ -z "$verbose" ] || log_msg_ok "check..."; + else + [ -z "$quiet" ] && log_msg_fail "check..."; + return 1 + fi +} + +run_update () +{ + ./samhain -t update -p none -l debug + + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "update..."; + else + [ -z "$quiet" ] && log_msg_fail "update..."; + return 1 + fi +} + +run_check_after_update () +{ + rm -rf $LOGFILE + + ./samhain -t check -p none -l debug + + if test x$? = x0; then + # + tmp=`./samhain -j -L $LOGFILE | grep CRIT | wc -l` + if [ $tmp -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "update not successful(?)"; + return 1 + fi + tmp=`./samhain -j -L $LOGFILE | grep ERR | wc -l` + if [ $tmp -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "update not successful(?)"; + return 1 + fi + # + [ -z "$verbose" ] || log_msg_ok "check(2)..."; + else + [ -z "$quiet" ] && log_msg_fail "check(2)..."; + return 1 + fi +} + +prep_testdata () +{ + chmod -R 0700 "${BASE}" || { + [ -z "$quiet" ] && log_msg_fail "chmod -R 0700 ${BASE}"; + return 1; + } + + rm -rf "${BASE}" || { + [ -z "$quiet" ] && log_msg_fail "rm -rf ${BASE}"; + return 1; + } + + mkdir "${BASE}" || { + [ -z "$quiet" ] && log_msg_fail "mkdir ${BASE}"; + return 1; + } + + for ff in $TDIRS; do + mkdir "${BASE}/${ff}" || { + [ -z "$quiet" ] && log_msg_fail "mkdir ${BASE}/${ff}"; + return 1; + } + chmod 0755 "${BASE}/${ff}" + for gg in $TFILES; do + echo "This is a test file" > "${BASE}/${ff}/${gg}" + chmod 0644 "${BASE}/${ff}/${gg}" + done + done +} + +check_err () +{ + if [ $1 -ne 0 ]; then + [ -z "$quiet" ] && log_fail ${2} ${MAXTEST}; + return 1 + fi + return 0 +} + +testrun_internal () +{ + [ -z "$verbose" ] || echo Working directory: $PW_DIR + [ -z "$verbose" ] || { echo MAKE is $MAKE; echo; } + # # test standalone compilation # - echo "${S}Building standalone agent${E}"; echo; - # + [ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; } + if test -r "Makefile"; then - $MAKE distclean - fi - # - # --enable-login-watch --enable-xml-log - # --enable-debug --enable-suidcheck --with-prelude - - ${TOP_SRCDIR}/configure --quiet $TRUST --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/test/testrc_1 --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --enable-debug -# --with-prelude --enable-micro-stealth=128 -# --with-prelude - -# --with-kcheck=/boot/System.map - -# --with-prelude --enable-xml-log - -# --with-kcheck=/boot/System.map-2.4.20-24.9 -# --with-kcheck=/boot/System.map-deb-2.4.18-686 - -# --enable-stealth=192 -# --with-console=$PW_DIR/dlog_file + $MAKE distclean >/dev/null + fi + + ${TOP_SRCDIR}/configure ${BUILDOPTS} # if test x$? = x0; then - echo "configure completed, exit status 0"; echo; + [ -z "$verbose" ] || log_msg_ok "configure..."; $MAKE > /dev/null if test x$? = x0; then - echo "$MAKE completed, exit status $?"; echo; + [ -z "$verbose" ] || log_msg_ok "make..."; else - echo "${S}ERROR:${E} make failed, exit status $?"; echo; - exit + [ -z "$quiet" ] && log_msg_fail "make..."; + return 1 fi else - echo "${S}ERROR:${E} configure failed, exit status $?"; echo; - exit - fi - - rm -f ./.samhain_file - rm -f ./.samhain_log - rm -f ./.samhain_lock - - ./samhain -t init - - if test x$? = x0; then - echo - echo "${S}init completed${E}" - echo - ./samhain -t check - if test x$? = x0; then - echo "${S}check completed${E}" - else - echo "${S}ERROR:${E} -- check -- failed, exit status $?" - echo - exit - fi - else - echo "${S}ERROR:${E} -- init -- failed, exit status $?"; echo; - exit - fi + [ -z "$quiet" ] && log_msg_fail "configure..."; + return 1 + fi + + [ -z "$verbose" ] || { echo; echo "${S}Running test suite${E}"; echo; } + + tcount=1 + POLICY=`eval echo '"$'"TESTPOLICY_$tcount"'"'` + + until [ -z "$POLICY" ] + do + prep_init + check_err $? ${tcount}; errval=$? + if [ $errval -eq 0 ]; then + prep_testdata + check_err $? ${tcount}; errval=$? + fi + if [ $errval -eq 0 ]; then + prep_testpolicy ${tcount} + check_err $? ${tcount}; errval=$? + fi + if [ $errval -eq 0 ]; then + run_init + check_err $? ${tcount}; errval=$? + fi + if [ $errval -eq 0 ]; then + eval mod_testdata_${tcount} + check_err $? ${tcount}; errval=$? + fi + if [ $errval -eq 0 ]; then + run_check + check_err $? ${tcount}; errval=$? + fi + if [ $errval -eq 0 ]; then + eval chk_testdata_${tcount} + check_err $? ${tcount}; errval=$? + fi + if [ $testrun1_setup -eq 0 ]; then + if [ $errval -eq 0 ]; then + run_update + check_err $? ${tcount}; errval=$? + fi + if [ $errval -eq 0 ]; then + run_check_after_update + check_err $? ${tcount}; errval=$? + fi + fi + # + if [ $errval -eq 0 ]; then + [ -z "$quiet" ] && log_ok ${tcount} ${MAXTEST}; + fi + let "tcount = tcount + 1" >/dev/null + POLICY=`eval echo '"$'"TESTPOLICY_$tcount"'"'` + done -} - - - - testrun1 - - -echo; echo "${S}__ END TEST RUN STANDALONE __${E}"; echo; - -exit - + return 0 +} + +testrun1 () +{ + log_start "RUN STANDALONE" + testrun_internal + log_end "RUN STANDALONE" + return 0 +} + + + Index: trunk/test/testrun_1a.sh =================================================================== --- trunk/test/testrun_1a.sh (revision 18) +++ trunk/test/testrun_1a.sh (revision 19) @@ -1,111 +1,13 @@ #! /bin/sh +BUILDOPTS="--quiet $TRUST --enable-debug --enable-xml-log --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file" +export BUILDOPTS -# The following two are the ANSI sequences for start and end embolden -case $TERM in -vt*|ansi*|con*|xterm*|linux*|screen*) - S= - E= - ;; -*) - S= - E= - ;; -esac - -PW_DIR=`pwd` - -if test x$UID != x; then - TRUST="--with-trusted=0,2,$UID" -else - TRUST="--with-trusted=0,2" -fi - -echo; echo "${S}__ STARTING TEST RUN STEALTH STANDALONE __${E}"; echo; -echo Working directory: $PW_DIR - -MAKE=`which gmake` -if test "x$?" = x1 ; then - MAKE="make -s" -else - MAKE=`which gmake | sed -e "s%\([a-z:]\) .*%\1%g"` - if test "x$MAKE" = x; then - MAKE="make -s" - elif test "x$MAKE" = xno; then - MAKE="make -s" - else - if test "x$MAKE" = "xwhich:"; then - MAKE="make -s" - else - MAKE="gmake -s" - gmake -v >/dev/null 2>&1 || MAKE="make -s" - fi - fi -fi - -echo MAKE is $MAKE -echo - - -testrun1 () +testrun1a () { - # - # test standalone compilation - # - echo "${S}Building standalone agent${E}"; echo; - # - if test -r "Makefile"; then - $MAKE distclean - fi - # - ${TOP_SRCDIR}/configure --quiet $TRUST --enable-debug --enable-xml-log --enable-micro-stealth=137 --enable-nocl=foo --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/test/testrc_1 --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file - # - if test x$? = x0; then - echo "configure completed, exit status 0"; echo; - $MAKE > /dev/null - if test x$? = x0; then - echo "$MAKE completed, exit status $?"; echo; - else - echo "${S}ERROR:${E} make failed, exit status $?"; echo; - exit - fi - - else - echo "${S}ERROR:${E} configure failed, exit status $?"; echo; - exit - fi - - rm -f ./.samhain_file - rm -f ./.samhain_log - rm -f ./.samhain_lock - - echo '-t init' | ./samhain foo - - if test x$? = x0; then - echo - echo "${S}init completed${E}" - echo - echo '-t check' | ./samhain foo - if test x$? = x0; then - echo "${S}check completed${E}" - else - echo "${S}ERROR:${E} -- check -- failed, exit status $?" - echo - exit - fi - else - echo "${S}ERROR:${E} -- init -- failed, exit status $?"; echo; - exit - fi - + log_start "RUN STANDALONE W/STEALTH" + testrun_internal + log_end "RUN STANDALONE W/STEALTH" + return 0 } - - - testrun1 - - -echo; echo "${S}__ END TEST RUN STANDALONE __${E}"; echo; - -exit - Index: trunk/test/testrun_1b.sh =================================================================== --- trunk/test/testrun_1b.sh (revision 18) +++ trunk/test/testrun_1b.sh (revision 19) @@ -2,112 +2,55 @@ -# The following two are the ANSI sequences for start and end embolden -case $TERM in -vt*|ansi*|con*|xterm*|linux*|screen*) - S= - E= - ;; -*) - S= - E= - ;; -esac +MAXTEST=2; export MAXTEST +LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE +RCFILE="$PW_DIR/testrc_1.dyn"; export RCFILE -PW_DIR=`pwd` - -if test x$UID != x; then - TRUST="--with-trusted=0,2,$UID" -else - TRUST="--with-trusted=0,2" -fi - -echo; echo "${S}__ STARTING TEST RUN STEALTH W/GPG STANDALONE __${E}"; echo; -echo Working directory: $PW_DIR - -MAKE=`which gmake` -if test "x$?" = x1 ; then - MAKE="make -s" -else - MAKE=`which gmake | sed -e "s%\([a-z:]\) .*%\1%g"` - if test "x$MAKE" = x; then - MAKE="make -s" - elif test "x$MAKE" = xno; then - MAKE="make -s" - else - if test "x$MAKE" = "xwhich:"; then - MAKE="make -s" - else - MAKE="gmake -s" - gmake -v >/dev/null 2>&1 || MAKE="make -s" - fi - fi -fi -echo MAKE is $MAKE - -# $GPG_PATH _must_ be an absolute path -# -if test x${GPG_PATH} = x; then - GPG_PATH=`which gpg | sed -e "s%\([a-z:]\) .*%\1%g"` -fi - -if test x${GPG_PATH} = x; then - echo "ERROR: gpg (GnuPG) not found" - exit -else - GPG_OK=`echo ${GPG_PATH} | sed -e "s%\(/.*\)%OK%g"` - if test x${GPG_OK} = xOK; then - echo "GPG_PATH is ${GPG_PATH}" - else - echo "ERROR: GPG_PATH (${GPG_PATH}) is _not_ an absolute path." - echo - echo " Apparently the command 'which gpg' did not yield an absolute path." - echo " You can fix the problem by setting the environment variable GPG_PATH" - echo " to the absolute path to gpg (GnuPG) and start the test again." - exit - fi -fi - -echo - -testrun1 () +testrun1b_internal () { + BUILDOPTS="$1" # # test standalone compilation # - echo "${S}Building standalone agent${E}"; echo; + [ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; } # if test -r "Makefile"; then - $MAKE distclean + $MAKE distclean >/dev/null fi # - GPG_HASH=`${GPG_PATH} --load-extension tiger --print-md TIGER192 ${GPG_PATH}` # - echo GPG_HASH is ${GPG_HASH} + ${TOP_SRCDIR}/configure ${BUILDOPTS} >/dev/null 2>/dev/null # - ${TOP_SRCDIR}/configure --quiet $TRUST --enable-debug --with-gpg=${GPG_PATH} --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/testrc_1.signed --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file - # - # --with-prelude --enable-xml-log - # --with-checksum="${GPG_HASH}" # if test x$? = x0; then - echo "configure completed, exit status 0"; echo; + [ -z "$verbose" ] || log_msg_ok "configure..."; $MAKE > /dev/null if test x$? = x0; then - echo "$MAKE completed, exit status $?"; echo; + [ -z "$verbose" ] || log_msg_ok "make..."; else - echo "${S}ERROR:${E} make failed, exit status $?"; echo; - exit + [ -z "$quiet" ] && log_msg_fail "make..."; + return 1 fi else - echo "${S}ERROR:${E} configure failed, exit status $?"; echo; - exit + [ -z "$quiet" ] && log_msg_fail "configure..."; + return 1 fi - cp $PW_DIR/test/testrc_1 $PW_DIR/testrc_1.signed - echo "--- You need to sign the config file testrc_1.signed now ---" - echo - ${GPG_PATH} -a --clearsign $PW_DIR/testrc_1.signed - mv $PW_DIR/testrc_1.signed.asc $PW_DIR/testrc_1.signed + SKIP=`awk '/^__ARCHIVE_FOLLOWS__/ { print NR + 1; exit 0; }' ${SCRIPTDIR}/test.sh` + + tail -n "+$SKIP" ${SCRIPTDIR}/test.sh >/dev/null 2>&1 + if [ $? -eq 0 ]; then + tail -n "+$SKIP" ${SCRIPTDIR}/test.sh | gunzip -c - | tar xf - && \ + mv "./testrc.gpg.asc" "$RCFILE" + else + tail "+$SKIP" ${SCRIPTDIR}/test.sh | gunzip -c - | tar xf - && \ + mv "./testrc.gpg.asc" "$RCFILE" + fi + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "extract gpg signed files..."; + else + [ -z "$quiet" ] && log_msg_fail "extract gpg signed files..."; + return 1 + fi rm -f ./.samhain_file @@ -115,36 +58,124 @@ rm -f ./.samhain_lock - ./samhain -t init + ./samhain -t init -p none -l info if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "init..."; + else + [ -z "$quiet" ] && log_msg_fail "init..."; + return 1 + fi - echo - echo "--- You need to sign the database .samhain_file now ---" - echo - ${GPG_PATH} -a --clearsign --not-dash-escaped $PW_DIR/.samhain_file - mv $PW_DIR/.samhain_file.asc $PW_DIR/.samhain_file - - ./samhain -t check - if test x$? = x0; then - echo "${S}check completed${E}" - else - echo "${S}ERROR:${E} -- check -- failed, exit status $?" - echo - exit - fi - else - echo "${S}ERROR:${E} -- init -- failed, exit status $?"; echo; - exit - fi - + mv $PW_DIR/.samhain_file.asc $PW_DIR/.samhain_file } +do_test_1b () { + ./samhain -t check -p none -l info + + if test x$? = x0; then + ./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}" + if [ $? -ne 0 ]; then + [ -z "$quiet" ] && log_msg_fail "mv logfile..."; + return 1 + fi + [ -z "$verbose" ] || log_msg_ok "check..."; + else + [ -z "$quiet" ] && log_msg_fail "check..."; + return 1 + fi + # + tmp=`egrep "Checking.*/etc(>|\")" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 2 ]; then + [ -z "$verbose" ] || log_msg_fail "/etc"; + fi + tmp=`egrep "Checking.*(>|\")" $LOGFILE 2>/dev/null | wc -l` + if [ $tmp -ne 2 ]; then + [ -z "$verbose" ] || log_msg_fail "checking"; + fi + # + return 0 +} - testrun1 +do_test_1b_2 () { + rm -f $PW_DIR/test_log_prelude -echo; echo "${S}__ END TEST RUN STANDALONE __${E}"; echo; + ( "$PM" --textmod -l $PW_DIR/test_log_prelude >/dev/null 2>&1 )& + PID=$! -exit + ./samhain -t check -p none -l info --set-prelude-severity=info >/dev/null + + if test x$? = x0; then + ./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}" + if [ $? -ne 0 ]; then + [ -z "$quiet" ] && log_msg_fail "mv logfile..."; + kill $PID + return 1 + fi + [ -z "$verbose" ] || log_msg_ok "check..."; + else + [ -z "$quiet" ] && log_msg_fail "check..."; + kill $PID + return 1 + fi + # + tmp=`egrep 'File original:.*name=etc.*path=/etc' test_log_prelude 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "/etc"; + fi + tmp=`egrep 'Classification text: Checking' test_log_prelude 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "checking"; + fi + tmp=`egrep 'Classification text: Checking' test_log_prelude 2>/dev/null | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "checking"; + fi + # + kill $PID + return 0 +} +testrun1b () +{ + log_start "RUN STANDALONE W/STEALTH W/GPG" + GPG=`find_path gpg` + if [ -z "$GPG" ]; then + log_skip 1 $MAXTEST 'gpg not found in $PATH' + log_skip 2 $MAXTEST 'gpg not found in $PATH' + else + eval "$GPG" --list-keys 0F571F6C >/dev/null 2>/dev/null + if [ $? -ne 0 ]; then + log_skip 1 $MAXTEST 'public PGP key 0x0F571F6C not present' + log_skip 2 $MAXTEST 'public PGP key 0x0F571F6C not present' + else + BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --with-checksum=no --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file" + testrun1b_internal "${BUILDOPTS}" + do_test_1b + if [ $? -eq 0 ]; then + log_ok 1 $MAXTEST 'gpg signed config/database files' + else + log_fail 1 $MAXTEST 'gpg signed config/database files' + fi + PM=`find_path prelude-manager` + if [ -z "$PM" ]; then + log_skip 2 $MAXTEST 'prelude-manager not found in $PATH' + elif [ -z "$doall" ]; then + log_skip 2 $MAXTEST 'logging to prelude (or use --really-all)' + else + BUILDOPTS="--quiet $TRUST --enable-debug --with-prelude --with-gpg=${GPG} --with-checksum=no --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file" + testrun1b_internal "${BUILDOPTS}" + do_test_1b_2 + if [ $? -eq 0 ]; then + log_ok 2 $MAXTEST 'logging to prelude' + else + log_fail 2 $MAXTEST 'logging to prelude' + fi + fi + fi + fi + log_end "RUN STANDALONE W/STEALTH W/GPG" + return 0 +} + Index: trunk/test/testrun_2.sh =================================================================== --- trunk/test/testrun_2.sh (revision 18) +++ trunk/test/testrun_2.sh (revision 19) @@ -1,66 +1,249 @@ #! /bin/sh - -# The following two are the ANSI sequences for start and end embolden -case $TERM in -vt*|ansi*|con*|xterm*|linux*|screen*) - S= - E= - ;; -*) - S= - E= - ;; -esac - -PW_DIR=`pwd` - -if test x$UID != x; then - TRUST="--with-trusted=0,2,$UID" -else - TRUST="--with-trusted=0,2" -fi - -echo; echo "${S}__ STARTING TEST RUN CLIENT/SERVER __${E}"; echo; -echo Working directory: $PW_DIR - -MAKE=`which gmake` -if test "x$?" = x1 ; then - MAKE="make -s" -else - MAKE=`which gmake | sed -e "s%\([a-z:]\) .*%\1%g"` - if test "x$MAKE" = x; then - MAKE="make -s" - elif test "x$MAKE" = xno; then - MAKE="make -s" - else - if test "x$MAKE" = "xwhich:"; then - MAKE="make -s" - else - MAKE="gmake -s" - gmake -v >/dev/null 2>&1 || MAKE="make -s" - fi - fi -fi - -echo MAKE is $MAKE -echo - -# --with-database=postgresql -# export MYLIB=-L/usr/local/pgsql/lib -# export MYINC=-I/usr/local/pgsql/include -# export LD_LIBRARY_PATH=/usr/local/pgsql/lib - -# --with-database=mysql -# export MYLIB=-L/usr/local/mysql/lib -# export MYINC=-I/usr/local/mysql/include -# export LD_LIBRARY_PATH=/usr/local/mysql/lib - -testrun2 () +LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE +RCFILE="$PW_DIR/testrc_2"; export RCFILE + + +do_test_1 () { + + [ -z "$verbose" ] || { + echo; + echo "${S}Start Server${E}: ./yule -l info -p none &"; + echo; + } + ./yule -l info -p none >/dev/null 2>&1 & + PROC_Y=$! + sleep 5 + + [ -z "$verbose" ] || { + echo; + echo "${S}Start Client${E}: ./samhain.new -l none -p none -e info -t check"; + echo; + } + + ./samhain.new -t check -p none -l none -e info --bind-address=127.0.0.1 >/dev/null 2>&1 + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "samhain.new -t check"; + else + [ -z "$quiet" ] && log_msg_fail "samhain.new -t check"; + kill $PROC_Y + return 1 + fi + + kill $PROC_Y + sleep 5 + + egrep "START(>|\").*Yule(>|\")" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Server start"; + return 1 + fi + egrep "NEW CLIENT" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client connect"; + return 1 + fi + egrep "remote_host.*Checking.*/bin" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client file check"; + return 1 + fi + egrep "remote_host.*EXIT.*Samhain" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client exit"; + return 1 + fi + egrep "EXIT.*Yule.*SIGTERM" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Server exit"; + return 1 + fi + + + return 0 +} + +do_test_2 () { + + ORIGINAL="UseSeparateLogs=no" + REPLACEMENT="UseSeparateLogs=yes" + ex $RCFILE </dev/null 2>&1 & + PROC_Y=$! + sleep 5 + + [ -z "$verbose" ] || { + echo; + echo "${S}Start Client${E}: ./samhain.new -l none -p none -e info -t check"; + echo; + } + + ./samhain.new -t check -p none -l none -e info --bind-address=127.0.0.1 >/dev/null 2>&1 + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "samhain.new -t check"; + else + [ -z "$quiet" ] && log_msg_fail "samhain.new -t check"; + kill $PROC_Y + return 1 + fi + + kill $PROC_Y + sleep 5 + + if [ -f ${LOGFILE}.${SH_LOCALHOST} ]; then + remhost=${SH_LOCALHOST} + else + remhost=`echo $SH_LOCALHOST | sed 's,\..*,,'` + fi + if [ -f ${LOGFILE}.${remhost} ]; then + CLIENTLOG="${LOGFILE}.${remhost}" + else + CLIENTLOG=`ls -1 ${LOGFILE}.* | tail -n 1` + fi + + egrep "START(>|\").*Yule(>|\")" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Server start"; + return 1 + fi + egrep "NEW CLIENT" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client connect"; + return 1 + fi + egrep "remote_host.*Checking.*/bin" ${CLIENTLOG} >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client file check"; + return 1 + fi + egrep "remote_host.*EXIT.*Samhain" ${CLIENTLOG} >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client exit"; + return 1 + fi + egrep "EXIT.*Yule.*SIGTERM" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Server exit"; + return 1 + fi + + rm -f ${LOGFILE}.${remhost} + return 0 +} + +do_test_3 () { + + ORIGINAL_1="ExportSeverity=none" + REPLACEMENT_1="ExportSeverity=mark" + ORIGINAL_2="UseSeparateLogs=yes" + REPLACEMENT_2="UseSeparateLogs=no" + ORIGINAL_3="LogSeverity=none" + REPLACEMENT_3="LogSeverity=debug" + ORIGINAL_4="# SetClientTimeLimit=1800" + REPLACEMENT_4="SetClientTimeLimit=20" + ex $RCFILE </dev/null 2>&1 & + PROC_Y=$! + sleep 5 + + [ -z "$verbose" ] || { + echo; + echo "${S}Start Client${E}: ./samhain.new -l none -p none -t check"; + echo; + } + + ./samhain.new -t check -p none -l none --forever --bind-address=127.0.0.1 >/dev/null 2>&1 & + if test x$? = x0; then + PROC_S=$! + # echo "PID is ${PROC_S}" + [ -z "$verbose" ] || log_msg_ok "samhain.new -t check"; + sleep 5 + # Redirect the shells (un-)helpful job monitoring messages. + # The 'disown' buildin is not portable. + { kill -9 ${PROC_S}; sleep 40; } >/dev/null 2>&1 + else + [ -z "$quiet" ] && log_msg_fail "samhain.new -t check"; + kill $PROC_Y + return 1 + fi + + if [ -t 0 ]; then + # enable monitor mode again if interactive + set -m + fi + + + kill $PROC_Y + sleep 5 + + egrep "START(>|\").*Yule(>|\")" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Server start"; + return 1 + fi + egrep "NEW CLIENT" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client connect"; + return 1 + fi + egrep "remote_host.*File check completed.*" ${LOGFILE} >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client file check"; + return 1 + fi + egrep "Time limit exceeded" ${LOGFILE} >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client dead detection"; + return 1 + fi + egrep "EXIT.*Yule.*SIGTERM" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Server exit"; + return 1 + fi + + rm -f ${LOGFILE}.${remhost} + return 0 +} + +testrun2_internal () { - # - # test standalone compilation - # - echo "${S}Building client and server${E}"; echo; + [ -z "$verbose" ] || { + echo; + echo Working directory: $PW_DIR; echo MAKE is $MAKE; + echo; + } + # + # + [ -z "$verbose" ] || { echo; echo "${S}Building client and server${E}"; echo; } # if test -r "Makefile"; then @@ -68,48 +251,47 @@ fi # - ${TOP_SRCDIR}/configure --quiet $TRUST --enable-network=client --enable-xml-log --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/testrc_2 --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --enable-encrypt=2 - # - if test x$? = x0; then - echo "configure completed, exit status 0"; echo; - $MAKE > /dev/null + ${TOP_SRCDIR}/configure --quiet $TRUST --enable-debug --enable-network=client --enable-xml-log --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --enable-encrypt=2 + # + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "configure..."; + $MAKE > /dev/null 2>>test_log if test x$? = x0; then - echo "$MAKE completed, exit status $?"; echo; + [ -z "$verbose" ] || log_msg_ok "make..."; else - echo "${S}ERROR:${E} make failed, exit status $?"; echo; - exit + [ -z "$quiet" ] && log_msg_fail "make..."; + return 1 fi else - echo "${S}ERROR:${E} configure failed, exit status $?"; echo; - exit + [ -z "$quiet" ] && log_msg_fail "configure..."; + return 1 fi # save binary and build server # - cp samhain samhain.build - make clean - - ${TOP_SRCDIR}/configure --quiet $TRUST --enable-debug --enable-network=server --enable-xml-log --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/testrc_2 --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --enable-identity=rainer --enable-encrypt=2 - # - if test x$? = x0; then - echo "configure completed, exit status 0"; echo; - $MAKE > /dev/null + cp samhain samhain.build || return 1 + make clean >/dev/null || return 1 + + ${TOP_SRCDIR}/configure --quiet $TRUST --enable-debug --enable-network=server --enable-xml-log --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --enable-identity=rainer --enable-encrypt=2 + # + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "configure..."; + $MAKE > /dev/null 2>>test_log if test x$? = x0; then - echo "$MAKE completed, exit status $?"; echo; + [ -z "$verbose" ] || log_msg_ok "make..."; else - echo "${S}ERROR:${E} make failed, exit status $?"; echo; - exit + [ -z "$quiet" ] && log_msg_fail "make..."; + return 1 fi else - echo "${S}ERROR:${E} configure failed, exit status $?"; echo; - exit - fi + [ -z "$quiet" ] && log_msg_fail "configure..."; + return 1 + fi + ##################################################################### # # - echo "${S}Initialize database${E}"; echo; - rm -f ./.samhain_file rm -f ./.samhain_log @@ -118,8 +300,12 @@ cp ${SCRIPTDIR}/testrc_2.in testrc_2 - echo "./samhain.build -t init" - ./samhain.build -t init - - SHINI=$? + ./samhain.build -t init -p none + + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "init..."; + else + [ -z "$quiet" ] && log_msg_fail "init..."; + return 1 + fi # Create a password @@ -127,14 +313,20 @@ SHPW=`./yule -G` if test x"$SHPW" = x; then - echo "password not generated -- aborting" - exit 1 + [ -z "$quiet" ] && log_msg_fail "password not generated -- aborting" + return 1 fi # Set in client - echo "./samhain_setpwd samhain.build new $SHPW" - ./samhain_setpwd samhain.build new $SHPW - - mv samhain.build.new samhain.new + ./samhain_setpwd samhain.build new $SHPW >/dev/null + + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "./samhain_setpwd samhain.build new $SHPW"; + else + [ -z "$quiet" ] && log_msg_fail "./samhain_setpwd samhain.build new $SHPW"; + return 1 + fi + + mv samhain.build.new samhain.new || return 1 rm -f ./.samhain_log.* @@ -143,48 +335,54 @@ SHCLT=`./yule -P $SHPW | sed s%HOSTNAME%${SH_LOCALHOST}%` + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "yule -P $SHPW"; + else + [ -z "$quiet" ] && log_msg_fail "yule -P $SHPW"; + return 1 + fi + echo $SHCLT >> testrc_2 - if test x$SHINI = x0; then - echo; echo "${S}Start Server${E}: ./yule &"; echo; - ./yule -l info & - PROC_Y=$! - sleep 5 - - echo; echo "${S}Start Client${E}: ./samhain.new -l none -p none -e info -t check"; - - ./samhain.new -t check -p none -l none -e info - if test x$? = x0; then - echo "${S}check completed${E}" - else - echo "${S}ERROR:${E} -- check -- failed, exit status $?" - echo - kill $PROC_Y - exit - fi - - kill $PROC_Y - sleep 5 - else - echo "${S}ERROR:${E} -- init -- failed, exit status $SHINI"; - echo; - exit - fi - -} - - if test x$1 = x; then - echo - echo "Please provide the local hostname as argument." - echo - exit 8 + do_test_1 + if [ $? -eq 0 ]; then + [ -z "$quiet" ] && log_ok 1 ${MAXTEST} "Client logging"; + else + [ -z "$quiet" ] && log_fail 1 ${MAXTEST} "Client logging"; + fi + + do_test_2 + if [ $? -eq 0 ]; then + [ -z "$quiet" ] && log_ok 2 ${MAXTEST} "Client logging, seperate logfiles"; + else + [ -z "$quiet" ] && log_fail 2 ${MAXTEST} "Client logging, seperate logfiles"; + fi + + do_test_3 + if [ $? -eq 0 ]; then + [ -z "$quiet" ] && log_ok 3 ${MAXTEST} "Dead client detection"; + else + [ -z "$quiet" ] && log_fail 3 ${MAXTEST} "Dead client detection"; + fi + + return $? +} + +MAXTEST=3; export MAXTEST + +testrun2 () +{ + log_start "RUN CLIENT/SERVER" + + if [ x"$1" = x ]; then + [ -z "$quiet" ] && log_msg_fail "Missing hostname" fi - + # SH_LOCALHOST=$1; export SH_LOCALHOST - - testrun2 - - -echo; echo "${S}__ END TEST RUN CLIENT/SERVER __${E}"; echo; - -exit - + # + testrun2_internal + # + log_end "RUN CLIENT/SERVER" + + return 0 +} + Index: trunk/test/testrun_2a.sh =================================================================== --- trunk/test/testrun_2a.sh (revision 18) +++ trunk/test/testrun_2a.sh (revision 19) @@ -1,58 +1,80 @@ #! /bin/sh - -# The following two are the ANSI sequences for start and end embolden -case $TERM in -vt*|ansi*|con*|xterm*|linux*|screen*) - S= - E= - ;; -*) - S= - E= - ;; -esac - -PW_DIR=`pwd` - -if test x$UID != x; then - TRUST="--with-trusted=0,2,$UID" -else - TRUST="--with-trusted=0,2" -fi - -echo; echo "${S}__ STARTING TEST RUN CLIENT/SERVER __${E}"; echo; -echo Working directory: $PW_DIR - -MAKE=`which gmake` -if test "x$?" = x1 ; then - MAKE="make -s" -else - MAKE=`which gmake | sed -e "s%\([a-z:]\) .*%\1%g"` - if test "x$MAKE" = x; then - MAKE="make -s" - elif test "x$MAKE" = xno; then - MAKE="make -s" - else - if test "x$MAKE" = "xwhich:"; then - MAKE="make -s" - else - MAKE="gmake -s" - gmake -v >/dev/null 2>&1 || MAKE="make -s" - fi - fi -fi - -echo MAKE is $MAKE -echo - - - -testrun2a () +LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE +RCFILE="$PW_DIR/testrc_2"; export RCFILE + +SERVER_BUILDOPTS="--quiet $TRUST --enable-network=server --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2 --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-logserver=${SH_LOCALHOST} --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock"; export SERVER_BUILDOPTS + +CLIENT_BUILDOPTS="--quiet $TRUST --enable-debug --enable-network=client --enable-srp --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=REQ_FROM_SERVER$RCFILE --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-logserver=localhost --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock"; export CLIENT_BUILDOPTS + +do_test_1_a () { + + [ -z "$verbose" ] || { + echo; + echo "${S}Start Server${E}: ./yule -l info -p none &"; + echo; + } + ./yule -l info -p none >/dev/null 2>&1 & + PROC_Y=$! + sleep 5 + + [ -z "$verbose" ] || { + echo; + echo "${S}Start Client${E}: ./samhain.new -l none -p none -e info -t check"; + echo; + } + + ./samhain.new -t check -p none -l none -e info --bind-address=127.0.0.1 >/dev/null 2>&1 + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "samhain.new -t check"; + else + [ -z "$quiet" ] && log_msg_fail "samhain.new -t check"; + kill $PROC_Y + return 1 + fi + + kill $PROC_Y + sleep 5 + + egrep "START(>|\").*Yule(>|\")" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Server start"; + return 1 + fi + egrep "NEW CLIENT" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client connect"; + return 1 + fi + egrep "Checking.*/etc" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client file check"; + return 1 + fi + egrep "EXIT.*Samhain" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client exit"; + return 1 + fi + egrep "EXIT.*Yule.*SIGTERM" $LOGFILE >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Server exit"; + return 1 + fi + + + return 0 +} + +testrun2a_internal () { - # - # test standalone compilation - # - echo "${S}Building client and server${E}"; echo; + [ -z "$verbose" ] || { + echo; + echo Working directory: $PW_DIR; echo MAKE is $MAKE; + echo; + } + # + # + [ -z "$verbose" ] || { echo; echo "${S}Building client and server${E}"; echo; } # if test -r "Makefile"; then @@ -60,50 +82,47 @@ fi # - ${TOP_SRCDIR}/configure --quiet $TRUST --enable-debug --enable-network=client --enable-srp --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2 --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-logserver=localhost --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock - # - # --disable-encrypt - # - if test x$? = x0; then - echo "configure completed, exit status 0"; echo; - $MAKE > /dev/null + ${TOP_SRCDIR}/configure ${CLIENT_BUILDOPTS} + # + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "configure..."; + $MAKE > /dev/null 2>>test_log if test x$? = x0; then - echo "$MAKE completed, exit status $?"; echo; + [ -z "$verbose" ] || log_msg_ok "make..."; else - echo "${S}ERROR:${E} make failed, exit status $?"; echo; - exit + [ -z "$quiet" ] && log_msg_fail "make..."; + return 1 fi else - echo "${S}ERROR:${E} configure failed, exit status $?"; echo; - exit + [ -z "$quiet" ] && log_msg_fail "configure..."; + return 1 fi # save binary and build server # - cp samhain samhain.build - make clean - - # - ${TOP_SRCDIR}/configure --quiet $TRUST --enable-network=server --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2 --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-logserver=${SH_LOCALHOST} --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock - # --enable-identity=rainer - # --with-libwrap - # - if test x$? = x0; then - echo "configure completed, exit status 0"; echo; - $MAKE > /dev/null + cp samhain samhain.build || return 1 + make clean >/dev/null || return 1 + + ${TOP_SRCDIR}/configure ${SERVER_BUILDOPTS} + # + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "configure..."; + $MAKE > /dev/null 2>>test_log if test x$? = x0; then - echo "$MAKE completed, exit status $?"; echo; + [ -z "$verbose" ] || log_msg_ok "make..."; else - echo "${S}ERROR:${E} make failed, exit status $?"; echo; - exit + [ -z "$quiet" ] && log_msg_fail "make..."; + return 1 fi else - echo "${S}ERROR:${E} configure failed, exit status $?"; echo; - exit - fi - - echo "${S}Initialize database${E}"; echo; - + [ -z "$quiet" ] && log_msg_fail "configure..."; + return 1 + fi + + + ##################################################################### + # + # rm -f ./.samhain_file rm -f ./.samhain_log @@ -114,8 +133,12 @@ cp ${SCRIPTDIR}/testrc_2.in testrc_2 - echo "./samhain.build -t init" - ./samhain.build -t init - - SHINI=$? + ./samhain.build -t init -p none + + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "init..."; + else + [ -z "$quiet" ] && log_msg_fail "init..."; + return 1 + fi # Create a password @@ -123,67 +146,74 @@ SHPW=`./yule -G` if test x"$SHPW" = x; then - echo "password not generated -- aborting" - exit 1 + [ -z "$quiet" ] && log_msg_fail "password not generated -- aborting" + return 1 fi # Set in client - echo "./samhain_setpwd samhain.build new $SHPW" - ./samhain_setpwd samhain.build new $SHPW - - mv samhain.build.new samhain.new - - rm -f ./.samhain_log + ./samhain_setpwd samhain.build new $SHPW >/dev/null + + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "./samhain_setpwd samhain.build new $SHPW"; + else + [ -z "$quiet" ] && log_msg_fail "./samhain_setpwd samhain.build new $SHPW"; + return 1 + fi + + mv samhain.build.new samhain.new || return 1 + + rm -f ./.samhain_log* rm -f ./.samhain_lock + + SHCLT=`./yule -P $SHPW | sed s%HOSTNAME%${SH_LOCALHOST}%` + + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "yule -P $SHPW"; + else + [ -z "$quiet" ] && log_msg_fail "yule -P $SHPW"; + return 1 + fi + + echo $SHCLT >> testrc_2 cp ./testrc_2 ./rc.${SH_LOCALHOST} mv ./.samhain_file ./file.${SH_LOCALHOST} - SHCLT=`./yule -P $SHPW | sed s%HOSTNAME%${SH_LOCALHOST}%` - - echo $SHCLT >> testrc_2 - - if test x$SHINI = x0; then - echo; echo "${S}Start Server${E}: ./yule &"; echo; - ./yule -q & - PROC_Y=$! - sleep 5 - - echo; echo "${S}Start Client${E}: ./samhain.new -l none -p none -e info -t check"; - - ./samhain.new -t check -p none -l none -e info - if test x$? = x0; then - echo "${S}check completed${E}" - else - echo "${S}ERROR:${E} -- check -- failed, exit status $?" - echo - kill $PROC_Y - exit - fi - - kill $PROC_Y - sleep 5 - else - echo "${S}ERROR:${E} -- init -- failed, exit status $SHINI"; - echo; - exit - fi - + ALTHOST=`find_hostname` + cp ./testrc_2 "./rc.${ALTHOST}" + cp ./file.${SH_LOCALHOST} "./file.${ALTHOST}" 2>/dev/null + } - if test x$1 = x; then - echo - echo "Please provide the local hostname as argument." - echo - exit 8 +MAXTEST=1; export MAXTEST + +testrun2a () +{ + log_start "RUN FULL CLIENT/SERVER"; + # + if [ x"$1" = x ]; then + [ -z "$quiet" ] && log_msg_fail "Missing hostname" fi - + # SH_LOCALHOST=$1; export SH_LOCALHOST - - testrun2a - - -echo; echo "${S}__ END TEST RUN CLIENT/SERVER __${E}"; echo; - -exit - + # + testrun2a_internal + # + do_test_1_a + if [ $? -eq 0 ]; then + [ -z "$quiet" ] && log_ok 1 ${MAXTEST} "Client download+logging"; + else + [ -z "$quiet" ] && log_fail 1 ${MAXTEST} "Client download+logging"; + fi + # + if [ -n "$cleanup" ]; then + rm -f ./rc.${SH_LOCALHOST} + rm -f ./file.${SH_LOCALHOST} + ALTHOST=`find_hostname` + rm -f "./file.${ALTHOST}" + rm -f "./rc.${ALTHOST}" + fi + # + log_end "RUN FULL CLIENT/SERVER" +} + Index: trunk/test/testrun_2b.sh =================================================================== --- trunk/test/testrun_2b.sh (revision 18) +++ trunk/test/testrun_2b.sh (revision 19) @@ -1,221 +1,187 @@ #! /bin/sh +LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE +RCFILE="$PW_DIR/testrc_2"; export RCFILE +RCFILE_C="$PW_DIR/testrc_1.dyn"; export RCFILE_C -# The following two are the ANSI sequences for start and end embolden -case $TERM in -vt*|ansi*|con*|xterm*|linux*|screen*) - S= - E= - ;; -*) - S= - E= - ;; -esac +SERVER_BUILDOPTS="--quiet $TRUST --enable-network=server --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2 --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-logserver=${SH_LOCALHOST} --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock"; export SERVER_BUILDOPTS -PW_DIR=`pwd` +CLIENT_BUILDOPTS="--quiet $TRUST --enable-micro-stealth=137 --enable-debug --enable-network=client --enable-srp --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=REQ_FROM_SERVER${RCFILE_C} --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-logserver=localhost --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock"; export CLIENT_BUILDOPTS -if test x$UID != x; then - TRUST="--with-trusted=0,2,$UID" -else - TRUST="--with-trusted=0,2" -fi +testrun2b_internal () +{ + GPG="$1" -TEST_MYSQL= -# TEST_MYSQL=" --with-database=mysql --with-libs=-L/usr/local/mysql/lib " -export TEST_MYSQL + [ -z "$verbose" ] || { + echo; + echo Working directory: $PW_DIR; echo MAKE is $MAKE; echo GPG is $GPG; + echo; + } -echo; echo "${S}__ STARTING TEST RUN CLIENT/SERVER W/GPG __${E}"; echo; -echo Working directory: $PW_DIR + [ -z "$verbose" ] || { echo; echo "${S}Building client and server${E}"; echo; } -MAKE=`which gmake` -if test "x$?" = x1 ; then - MAKE="make -s" -else - MAKE=`which gmake | sed -e "s%\([a-z:]\) .*%\1%g"` - if test "x$MAKE" = x; then - MAKE="make -s" - elif test "x$MAKE" = xno; then - MAKE="make -s" + if test -r "Makefile"; then + $MAKE distclean + fi + + ${TOP_SRCDIR}/configure --with-gpg=${GPG} --with-checksum=no ${CLIENT_BUILDOPTS} >/dev/null 2>&1 + + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "configure..."; + $MAKE > /dev/null 2>>test_log + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "make..."; + else + [ -z "$quiet" ] && log_msg_fail "make..."; + return 1 + fi else - if test "x$MAKE" = "xwhich:"; then - MAKE="make -s" + [ -z "$quiet" ] && log_msg_fail "configure..."; + return 1 + fi + + SKIP=`awk '/^__ARCHIVE_FOLLOWS__/ { print NR + 1; exit 0; }' ${SCRIPTDIR}/test.sh` + + tail -n "+$SKIP" ${SCRIPTDIR}/test.sh >/dev/null 2>&1 + if [ $? -eq 0 ]; then + tail -n "+$SKIP" ${SCRIPTDIR}/test.sh | gunzip -c - | tar xf - && \ + mv "./testrc.gpg.asc" "${RCFILE_C}" + else + tail "+$SKIP" ${SCRIPTDIR}/test.sh | gunzip -c - | tar xf - && \ + mv "./testrc.gpg.asc" "${RCFILE_C}" + fi + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "extract gpg signed files..."; + else + [ -z "$quiet" ] && log_msg_fail "extract gpg signed files..."; + return 1 + fi + + # save binary and build server + + cp samhain samhain.build || return 1 + make clean >/dev/null || return 1 + + ${TOP_SRCDIR}/configure ${SERVER_BUILDOPTS} + + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "configure..."; + $MAKE > /dev/null 2>>test_log + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "make..."; else - MAKE="gmake -s" - gmake -v >/dev/null 2>&1 || MAKE="make -s" + [ -z "$quiet" ] && log_msg_fail "make..."; + return 1 fi + + else + [ -z "$quiet" ] && log_msg_fail "configure..."; + return 1 fi -fi + + + ##################################################################### + # + # + rm -f ./.samhain_file + rm -f ./.samhain_log + rm -f ./.samhain_lock + rm -f ./rc.${SH_LOCALHOST} + rm -f ./file.${SH_LOCALHOST} + + cp ${SCRIPTDIR}/testrc_2.in testrc_2 + + ./samhain.build -t init -p none + + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "init..."; + else + [ -z "$quiet" ] && log_msg_fail "init..."; + return 1 + fi + + # Create a password -echo MAKE is $MAKE -echo + SHPW=`./yule -G` + if test x"$SHPW" = x; then + [ -z "$quiet" ] && log_msg_fail "password not generated -- aborting" + return 1 + fi + + # Set in client + + ./samhain_setpwd samhain.build new $SHPW >/dev/null + + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "./samhain_setpwd samhain.build new $SHPW"; + else + [ -z "$quiet" ] && log_msg_fail "./samhain_setpwd samhain.build new $SHPW"; + return 1 + fi + + mv samhain.build.new samhain.new || return 1 + + rm -f ./.samhain_log* + rm -f ./.samhain_lock + + SHCLT=`./yule -P $SHPW | sed s%HOSTNAME%${SH_LOCALHOST}%` + + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "yule -P $SHPW"; + else + [ -z "$quiet" ] && log_msg_fail "yule -P $SHPW"; + return 1 + fi + + echo $SHCLT >> testrc_2 + + cp "${RCFILE_C}" ./rc.${SH_LOCALHOST} + mv $PW_DIR/.samhain_file.asc ./file.${SH_LOCALHOST} -# $GPG_PATH _must_ be an absolute path -# -if test x${GPG_PATH} = x; then - GPG_PATH=`which gpg | sed -e "s%\([a-z:]\) .*%\1%g"` -fi + ALTHOST=`find_hostname` + cp ./testrc_2 "./rc.${ALTHOST}" + cp ./file.${SH_LOCALHOST} "./file.${ALTHOST}" 2>/dev/null +} -if test x${GPG_PATH} = x; then - echo "ERROR: gpg (GnuPG) not found" - exit -else - GPG_OK=`echo ${GPG_PATH} | sed -e "s%\(/.*\)%OK%g"` - if test x${GPG_OK} = xOK; then - echo "GPG_PATH is ${GPG_PATH}" - else - echo "ERROR: GPG_PATH (${GPG_PATH}) is _not_ an absolute path." - echo - echo " Apparently the command 'which gpg' did not yield an absolute path." - echo " You can fix the problem by setting the environment variable GPG_PATH" - echo " to the absolute path to gpg (GnuPG) and start the test again." - exit - fi -fi - -echo +MAXTEST=1; export MAXTEST testrun2b () { - # - # test standalone compilation - # - echo "${S}Building client and server${E}"; echo; - # - if test -r "Makefile"; then - $MAKE distclean + log_start "RUN FULL CLIENT/SERVER W/GPG"; + # + if [ x"$1" = x ]; then + [ -z "$quiet" ] && log_msg_fail "Missing hostname" + fi + # + GPG=`find_path gpg` + if [ -z "$GPG" ]; then + log_skip 1 $MAXTEST 'gpg not found in $PATH' + else + eval "$GPG" --list-keys 0F571F6C >/dev/null 2>/dev/null + if [ $? -ne 0 ]; then + log_skip 1 $MAXTEST 'public PGP key 0x0F571F6C not present' + else + + SH_LOCALHOST=$1; export SH_LOCALHOST + + testrun2b_internal "$GPG" + + do_test_1_a + if [ $? -eq 0 ]; then + [ -z "$quiet" ] && log_ok 1 ${MAXTEST} "Client download+logging w/gpg"; + else + [ -z "$quiet" ] && log_fail 1 ${MAXTEST} "Client download+logging w/gpg"; + fi + + if [ -n "$cleanup" ]; then + rm -f ./rc.${SH_LOCALHOST} + rm -f ./file.${SH_LOCALHOST} + ALTHOST=`find_hostname` + rm -f "./file.${ALTHOST}" + rm -f "./rc.${ALTHOST}" + fi fi - # - GPG_HASH=`${GPG_PATH} --load-extension tiger --print-md TIGER192 ${GPG_PATH}` - # - echo GPG_HASH is ${GPG_HASH} - # - ${TOP_SRCDIR}/configure --quiet $TRUST --with-gpg=${GPG_PATH} --enable-xml-log --enable-network=client --enable-srp --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2.signed --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-logserver=localhost --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock - # - if test x$? = x0; then - echo "configure completed, exit status 0"; echo; - $MAKE > /dev/null - if test x$? = x0; then - echo "$MAKE completed, exit status $?"; echo; - else - echo "${S}ERROR:${E} make failed, exit status $?"; echo; - exit - fi - - else - echo "${S}ERROR:${E} configure failed, exit status $?"; echo; - exit - fi - - # save binary and build server - # - cp samhain samhain.build - make clean - - # - ${TOP_SRCDIR}/configure --quiet $TRUST --with-gpg=${GPG_PATH} --enable-xml-log ${TEST_MYSQL} --enable-debug --enable-network=server --enable-srp --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2.signed --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-logserver=${SH_LOCALHOST} --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --enable-identity=rainer - # - if test x$? = x0; then - echo "configure completed, exit status 0"; echo; - $MAKE > /dev/null - if test x$? = x0; then - echo "$MAKE completed, exit status $?"; echo; - else - echo "${S}ERROR:${E} make failed, exit status $?"; echo; - exit - fi - - else - echo "${S}ERROR:${E} configure failed, exit status $?"; echo; - exit - fi - echo "${S}Initialize database${E}"; echo; - - rm -f ./.samhain_file - rm -f ./.samhain_log - rm -f ./.samhain_lock - rm -f ./rc.${SH_LOCALHOST} - rm -f ./file.${SH_LOCALHOST} - - cp ${SCRIPTDIR}/testrc_2.in testrc_2.signed - - # Create a password - SHPW=`./yule -G` - if test x"$SHPW" = x; then - echo "password not generated -- aborting" - exit 1 - fi - - # Set in client - echo "./samhain_setpwd samhain.build new $SHPW" - ./samhain_setpwd samhain.build new $SHPW - mv samhain.build.new samhain.new - SHCLT=`./yule -P $SHPW | sed s%HOSTNAME%${SH_LOCALHOST}%` - echo $SHCLT >> testrc_2.signed - - echo "--- You need to sign the config file testrc_2.signed now ---" - echo - ${GPG_PATH} -a --clearsign --not-dash-escaped $PW_DIR/testrc_2.signed - mv $PW_DIR/testrc_2.signed.asc $PW_DIR/testrc_2.signed - - echo "./samhain.new -t init" - ./samhain.new -t init - - SHINI=$? - - rm -f ./.samhain_log - rm -f ./.samhain_lock - - cp ./testrc_2.signed ./rc.${SH_LOCALHOST} - mv ./.samhain_file ./file.${SH_LOCALHOST} - - if test x$SHINI = x0; then - echo - echo "--- You need to sign the database file.${SH_LOCALHOST} now ---" - echo - ${GPG_PATH} -a --clearsign --not-dash-escaped $PW_DIR/file.${SH_LOCALHOST} - mv $PW_DIR/file.${SH_LOCALHOST}.asc $PW_DIR/file.${SH_LOCALHOST} - - echo; echo "${S}Start Server${E}: ./yule &"; echo; - ./yule & - PROC_Y=$! - sleep 5 - - echo; echo "${S}Start Client${E}: ./samhain.new -l none -p none -e info -t check"; - - ./samhain.new -t check -p none -l none -e info - if test x$? = x0; then - echo "${S}check completed${E}" - else - echo "${S}ERROR:${E} -- check -- failed, exit status $?" - echo - kill $PROC_Y - exit - fi - - kill $PROC_Y - sleep 5 - else - echo "${S}ERROR:${E} -- init -- failed, exit status $SHINI"; - echo; - exit - fi - + fi + log_end "RUN FULL CLIENT/SERVER W/GPG" } - if test x$1 = x; then - echo - echo "Please provide the local hostname as argument." - echo - exit 8 - fi - - SH_LOCALHOST=$1; export SH_LOCALHOST - - testrun2b - - -echo; echo "${S}__ END TEST RUN CLIENT/SERVER W/GPG __${E}"; echo; - -exit - Index: trunk/test/testrun_2c.sh =================================================================== --- trunk/test/testrun_2c.sh (revision 18) +++ trunk/test/testrun_2c.sh (revision 19) @@ -1,189 +1,102 @@ #! /bin/sh +SERVER_BUILDOPTS="--quiet $TRUST --enable-xml-log --enable-debug --enable-network=server --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2 --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-logserver=${SH_LOCALHOST} --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-database=mysql"; export SERVER_BUILDOPTS -# The following two are the ANSI sequences for start and end embolden -case $TERM in -vt*|ansi*|con*|xterm*|linux*|screen*) - S= - E= - ;; -*) - S= - E= - ;; -esac +CLIENT_BUILDOPTS="--quiet $TRUST --prefix=$PW_DIR --localstatedir=$PW_DIR --enable-network=client --disable-mail --disable-external-scripts --enable-login-watch --enable-xml-log --enable-db-reload --with-logserver=localhost --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2 --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock"; export CLIENT_BUILDOPTS -PW_DIR=`pwd` +check_mysql_log () { + DATE="$1" -if test x$UID != x; then - TRUST="--with-trusted=0,2,$UID" -else - TRUST="--with-trusted=0,2" -fi + rm -f test_log_db + echo "SELECT * FROM log WHERE entry_status = 'NEW' and log_time > '"${DATE}"';" | mysql --password=samhain -u samhain samhain >test_log_db + # + egrep "START.*Yule" test_log_db >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Server start"; + return 1 + fi + egrep "NEW CLIENT" test_log_db >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client connect"; + return 1 + fi + egrep "Checking.*/bin" test_log_db >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client file check"; + return 1 + fi + egrep "EXIT.*Samhain" test_log_db >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client exit"; + return 1 + fi + egrep "EXIT.*Yule.*SIGTERM" test_log_db >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Server exit"; + return 1 + fi + return 0 +} -echo; echo "${S}__ STARTING TEST RUN CLIENT/SERVER W/MYSQL __${E}"; echo; -echo Working directory: $PW_DIR - -MAKE=`which gmake` -if test "x$?" = x1 ; then - MAKE="make -s" -else - MAKE=`which gmake | sed -e "s%\([a-z:]\) .*%\1%g"` - if test "x$MAKE" = x; then - MAKE="make -s" - elif test "x$MAKE" = xno; then - MAKE="make -s" - else - if test "x$MAKE" = "xwhich:"; then - MAKE="make -s" - else - MAKE="gmake -s" - gmake -v >/dev/null 2>&1 || MAKE="make -s" - fi - fi -fi - -echo MAKE is $MAKE -echo - +MAXTEST=1; export MAXTEST testrun2c () { - # - # test standalone compilation - # - echo "${S}Building client and server${E}"; echo; - # - if test -r "Makefile"; then - $MAKE distclean + log_start "RUN FULL CLIENT/SERVER W/MYSQL" + # + if [ -z "$doall" ]; then + log_skip 1 $MAXTEST 'Client/server w/mysql (or use --really-all)' + return 0 + fi + if [ x"$1" = x ]; then + [ -z "$quiet" ] && log_msg_fail "Missing hostname" + fi + MYSQL=`find_path mysql` + if [ -z "$MYSQL" ]; then + log_skip 1 $MAXTEST "mysql not found"; + return 1 + else + TEST=`echo "DESCRIBE log;" | mysql --password=samhain -u samhain samhain 2>/dev/null` + if [ $? -ne 0 -o -z "$TEST" ]; then + log_skip 1 $MAXTEST "mysql not default setup" + return 1 fi - # - # - # ${TOP_SRCDIR}/configure --quiet $TRUST --enable-login-watch --enable-xml-log --enable-debug --enable-network=client --enable-srp --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2 --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-logserver=localhost --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock - # - ${TOP_SRCDIR}/configure --prefix=$PW_DIR --localstatedir=$PW_DIR --enable-network=client --disable-mail --disable-external-scripts --enable-login-watch --enable-xml-log --enable-db-reload --with-logserver=localhost --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2 --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-timeserver=localhost --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock - # - # - if test x$? = x0; then - echo "configure completed, exit status 0"; echo; - $MAKE > /dev/null - if test x$? = x0; then - echo "$MAKE completed, exit status $?"; echo; - else - echo "${S}ERROR:${E} make failed, exit status $?"; echo; - exit - fi - + fi + # + SH_LOCALHOST=$1; export SH_LOCALHOST + # + DATE=`date '+%Y-%m-%d %T'` + # + testrun2a_internal + # + ORIGINAL="DatabaseSeverity=none" + REPLACEMENT="DatabaseSeverity=info" + ex $RCFILE < /dev/null - if test x$? = x0; then - echo "$MAKE completed, exit status $?"; echo; - else - echo "${S}ERROR:${E} make failed, exit status $?"; echo; - exit - fi - - else - echo "${S}ERROR:${E} configure failed, exit status $?"; echo; - exit - fi - echo "${S}Initialize database${E}"; echo; - - rm -f ./.samhain_file - rm -f ./.samhain_log - rm -f ./.samhain_lock + fi + # + if [ -n "$cleanup" ]; then rm -f ./rc.${SH_LOCALHOST} rm -f ./file.${SH_LOCALHOST} - - cp ${SCRIPTDIR}/testrc_2.in testrc_2 - - # Create a password - SHPW=`./yule -G` - if test x"$SHPW" = x; then - echo "password not generated -- aborting" - exit 1 - fi - - # Set in client - echo "./samhain_setpwd samhain.build new $SHPW" - ./samhain_setpwd samhain.build new $SHPW - mv samhain.build.new samhain.new - SHCLT=`./yule -P $SHPW | sed s%HOSTNAME%${SH_LOCALHOST}%` - echo $SHCLT >> testrc_2 - - echo "./samhain.new -t init" - ./samhain.new -t init - - SHINI=$? - - rm -f ./.samhain_log - rm -f ./.samhain_lock - - cp ./testrc_2 ./rc.${SH_LOCALHOST} - mv ./.samhain_file ./file.${SH_LOCALHOST} - - if test x$SHINI = x0; then - - echo; echo "${S}Start Server${E}: ./yule &"; echo; - ./yule & - PROC_Y=$! - sleep 5 - - echo; echo "${S}Start Client${E}: ./samhain.new -l none -p none -e info -t check"; - - ./samhain.new -t check -p none -l none -e info - if test x$? = x0; then - echo "${S}check completed${E}" - else - echo "${S}ERROR:${E} -- check -- failed, exit status $?" - echo - kill $PROC_Y - exit - fi - - kill $PROC_Y - sleep 5 - else - echo "${S}ERROR:${E} -- init -- failed, exit status $SHINI"; - echo; - exit - fi - + ALTHOST=`find_hostname` + rm -f "./file.${ALTHOST}" + rm -f "./rc.${ALTHOST}" + fi + # + log_end "RUN FULL CLIENT/SERVER W/MYSQL" } - if test x$1 = x; then - echo - echo "Please provide the local hostname as argument." - echo - exit 8 - fi - - SH_LOCALHOST=$1; export SH_LOCALHOST - - testrun2c - - -echo; echo "${S}__ END TEST RUN CLIENT/SERVER W/MYSQL __${E}"; echo; - -exit - Index: trunk/test/testrun_2d.sh =================================================================== --- trunk/test/testrun_2d.sh (revision 18) +++ trunk/test/testrun_2d.sh (revision 19) @@ -1,190 +1,104 @@ #! /bin/sh +SERVER_BUILDOPTS="--quiet $TRUST --enable-xml-log --enable-debug --enable-network=server --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2 --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-logserver=${SH_LOCALHOST} --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-database=postgresql"; export SERVER_BUILDOPTS -# The following two are the ANSI sequences for start and end embolden -case $TERM in -vt*|ansi*|con*|xterm*|linux*|screen*) - S= - E= - ;; -*) - S= - E= - ;; -esac +CLIENT_BUILDOPTS="--quiet $TRUST --prefix=$PW_DIR --localstatedir=$PW_DIR --enable-network=client --disable-mail --disable-external-scripts --enable-login-watch --enable-xml-log --enable-db-reload --with-logserver=localhost --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2 --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock"; export CLIENT_BUILDOPTS -PW_DIR=`pwd` +check_psql_log () { + DATE="$1" -if test x$UID != x; then - TRUST="--with-trusted=0,2,$UID" -else - TRUST="--with-trusted=0,2" -fi + rm -f test_log_db + PGPASSWORD=samhain; export PGPASSWORD + psql -U samhain -d samhain -c "SELECT * FROM log WHERE entry_status = 'NEW' and log_time > '${DATE}';" >test_log_db + # + egrep "START.*Yule" test_log_db >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Server start"; + return 1 + fi + egrep "NEW CLIENT" test_log_db >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client connect"; + return 1 + fi + egrep "Checking.*/bin" test_log_db >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client file check"; + return 1 + fi + egrep "EXIT.*Samhain" test_log_db >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Client exit"; + return 1 + fi + egrep "EXIT.*Yule.*SIGTERM" test_log_db >/dev/null 2>&1 + if [ $? -ne 0 ]; then + [ -z "$verbose" ] || log_msg_fail "Server exit"; + return 1 + fi + return 0 +} -echo; echo "${S}__ STARTING TEST RUN CLIENT/SERVER __${E}"; echo; -echo Working directory: $PW_DIR - -MAKE=`which gmake` -if test "x$?" = x1 ; then - MAKE="make -s" -else - MAKE=`which gmake | sed -e "s%\([a-z:]\) .*%\1%g"` - if test "x$MAKE" = x; then - MAKE="make -s" - elif test "x$MAKE" = xno; then - MAKE="make -s" - else - if test "x$MAKE" = "xwhich:"; then - MAKE="make -s" - else - MAKE="gmake -s" - gmake -v >/dev/null 2>&1 || MAKE="make -s" - fi - fi -fi - -echo MAKE is $MAKE -echo - -# --with-database=postgresql -# export MYLIB=-L/usr/local/pgsql/lib -# export MYINC=-I/usr/local/pgsql/include -# export LD_LIBRARY_PATH=/usr/local/pgsql/lib - -# --with-database=mysql -# export MYLIB=-L/usr/local/mysql/lib -# export MYINC=-I/usr/local/mysql/include -# export LD_LIBRARY_PATH=/usr/local/mysql/lib +MAXTEST=1; export MAXTEST testrun2d () { - # - # test standalone compilation - # - echo "${S}Building client and server${E}"; echo; - # - if test -r "Makefile"; then - $MAKE distclean + log_start "RUN FULL CLIENT/SERVER W/POSTGRESQL" + # + if [ -z "$doall" ]; then + log_skip 1 $MAXTEST 'Client/server w/postgresql (or use --really-all)' + return 0 + fi + if [ x"$1" = x ]; then + [ -z "$quiet" ] && log_msg_fail "Missing hostname" + fi + PSQL=`find_path psql` + if [ -z "$PSQL" ]; then + log_skip 1 $MAXTEST "psql not found"; + return 1 + else + PGPASSWORD="samhain"; export PGPASSWORD + TEST=`psql -U samhain -d samhain -c "SELECT * FROM log LIMIT 1;" 2>/dev/null` + if [ $? -ne 0 -o -z "$TEST" ]; then + log_skip 1 $MAXTEST "psql not default setup" + return 1 fi - # - ${TOP_SRCDIR}/configure --quiet $TRUST --enable-network=client --enable-xml-log --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/testrc_2 --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file - # - if test x$? = x0; then - echo "configure completed, exit status 0"; echo; - $MAKE > /dev/null - if test x$? = x0; then - echo "$MAKE completed, exit status $?"; echo; - else - echo "${S}ERROR:${E} make failed, exit status $?"; echo; - exit - fi - + fi + # + SH_LOCALHOST=$1; export SH_LOCALHOST + # + DATE=`date '+%Y-%m-%d %T'` + # + testrun2a_internal + # + ORIGINAL="DatabaseSeverity=none" + REPLACEMENT="DatabaseSeverity=info" + ex $RCFILE < /dev/null - if test x$? = x0; then - echo "$MAKE completed, exit status $?"; echo; - else - echo "${S}ERROR:${E} make failed, exit status $?"; echo; - exit - fi - - else - echo "${S}ERROR:${E} configure failed, exit status $?"; echo; - exit - fi - - ################################################################# - # - # - echo "${S}Initialize database${E}"; echo; - - rm -f ./.samhain_file - rm -f ./.samhain_log - rm -f ./.samhain_lock - - cp ${SCRIPTDIR}/testrc_2.in testrc_2 - - echo "./samhain.build -t init" - ./samhain.build -t init - - SHINI=$? - - # Create a password - - SHPW=`./yule -G 2>&1 | grep -v 'ERRO'` - if test x"$SHPW" = x; then - echo "password not generated -- aborting" - exit 1 - fi - - # Set in client - - echo "./samhain_setpwd samhain.build new $SHPW" - ./samhain_setpwd samhain.build new $SHPW - - mv samhain.build.new samhain.new - - rm -f ./.samhain_log - rm -f ./.samhain_lock - - SHCLT=`./yule -P $SHPW 2>&1 | grep -v 'ERRO' | sed s%HOSTNAME%${SH_LOCALHOST}%` - - echo $SHCLT >> testrc_2 - - if test x$SHINI = x0; then - echo; echo "${S}Start Server${E}: ./yule &"; echo; - su -c "./yule &" - PROC_Y=$! - sleep 5 - - echo; echo "${S}Start Client${E}: ./samhain.new -l none -p none -e info -t check"; - - ./samhain.new -t check -p none -l none -e info - if test x$? = x0; then - echo "${S}check completed${E}" - else - echo "${S}ERROR:${E} -- check -- failed, exit status $?" - echo - su -c "kill $PROC_Y" - exit - fi - - su -c "kill $PROC_Y" - sleep 5 - else - echo "${S}ERROR:${E} -- init -- failed, exit status $SHINI"; - echo; - exit - fi - + fi + # + if [ -n "$cleanup" ]; then + rm -f ./rc.${SH_LOCALHOST} + rm -f ./file.${SH_LOCALHOST} + ALTHOST=`find_hostname` + rm -f "./file.${ALTHOST}" + rm -f "./rc.${ALTHOST}" + fi + # + log_end "RUN FULL CLIENT/SERVER W/POSTGRESQL" } - if test x$1 = x; then - echo - echo "Please provide the local hostname as argument." - echo - exit 8 - fi - - SH_LOCALHOST=$1; export SH_LOCALHOST - - testrun2d - - -echo; echo "${S}__ END TEST RUN CLIENT/SERVER __${E}"; echo; - -exit - Index: trunk/test/testtimesrv.sh =================================================================== --- trunk/test/testtimesrv.sh (revision 18) +++ trunk/test/testtimesrv.sh (revision 19) @@ -1,103 +1,402 @@ #! /bin/sh - -# The following two are the ANSI sequences for start and end embolden -case $TERM in -vt*|ansi*|con*|xterm*|linux*|screen*) - S= - E= - ;; -*) - S= - E= - ;; -esac - -PW_DIR=`pwd` - -if test x$UID != x; then - TRUST="--with-trusted=0,2,$UID" -else - TRUST="--with-trusted=0,2" -fi - -echo; echo "${S}__ STARTING TEST TIMESERVER OPTION __${E}"; echo; -echo Working directory: $PW_DIR - -MAKE=`which gmake` -if test "x$?" = x1 ; then - MAKE="make -s" -else - MAKE=`which gmake | sed -e "s%\([a-z:]\) .*%\1%g"` - if test "x$MAKE" = x; then - MAKE="make -s" - elif test "x$MAKE" = xno; then - MAKE="make -s" - else - if test "x$MAKE" = "xwhich:"; then - MAKE="make -s" - else - MAKE="gmake -s" - gmake -v >/dev/null 2>&1 || MAKE="make -s" - fi - fi -fi - -echo MAKE is $MAKE -echo - - -testtime0 () -{ +RCFILE="$PW_DIR/testrc_1.dyn"; export RCFILE +LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE +PIDFILE="$PW_DIR/.samhain_lock"; export PIDFILE + +BASE="${PW_DIR}/testrun_testdata"; export BASE +TDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; export TDIRS +TFILES="x y z"; export TFILES + +prep_testdata () +{ + chmod -R 0700 "${BASE}" || { + [ -z "$quiet" ] && log_msg_fail "chmod -R 0700 ${BASE}"; + return 1; + } + + rm -rf "${BASE}" || { + [ -z "$quiet" ] && log_msg_fail "rm -rf ${BASE}"; + return 1; + } + + mkdir "${BASE}" || { + [ -z "$quiet" ] && log_msg_fail "mkdir ${BASE}"; + return 1; + } + + for ff in $TDIRS; do + mkdir "${BASE}/${ff}" || { + [ -z "$quiet" ] && log_msg_fail "mkdir ${BASE}/${ff}"; + return 1; + } + chmod 0755 "${BASE}/${ff}" + for gg in $TFILES; do + echo "This is a test file" > "${BASE}/${ff}/${gg}" + chmod 0644 "${BASE}/${ff}/${gg}" + done + done +} + +mkconfig_misc () +{ + test -f "${RCFILE}" || touch "${RCFILE}" + cat >> "${RCFILE}" <> "${RCFILE}" <> "${RCFILE}" </dev/null fi # - ${TOP_SRCDIR}/configure --quiet --enable-debug --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/test/testrc_1 --with-timeserver=www.foo.bar --with-alttimeserver=127.0.0.1 --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file + ${TOP_SRCDIR}/configure --quiet --enable-debug --enable-xml-log --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PIDFILE --with-data-file=$PW_DIR/.samhain_file # if test x$? = x0; then - echo "configure completed, exit status 0"; echo; + [ -z "$verbose" ] || log_msg_ok "configure..."; $MAKE > /dev/null - echo "$MAKE completed, exit status $?"; echo; + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "make..."; + else + [ -z "$quiet" ] && log_msg_fail "make..."; + return 1 + fi else - echo "ERROR: configure failed"; echo; - fi - - - rm -f $PW_DIR/.samhain_file $PW_DIR/.samhain_log $PW_DIR/.samhain_lock - - ./samhain -t init + [ -z "$quiet" ] && log_msg_fail "configure..."; + return 1 + fi + + prep_init && prep_testdata && echo "$TESTPOLICY" >>$RCFILE + if [ $? -ne 0 ]; then + [ -z "$quiet" ] && log_msg_fail "prepare..."; + return 1 + fi + + ./samhain -t init -p none if test x$? = x0; then - echo - echo "${S}init completed${E}" - echo - ./samhain -t check - if test x$? = x0; then - echo "${S}check completed${E}" - else - echo "${S}ERROR:${E} -- check -- failed, exit status $?" - echo - exit - fi + [ -z "$verbose" ] || log_msg_ok "init..."; else - echo "${S}ERROR:${E} -- init -- failed, exit status $?"; echo; - exit - fi - -} - - - - testtime0 - - -echo; echo "${S}__ END TEST TIMESERVER OPTION __${E}"; echo; - -exit - + [ -z "$quiet" ] && log_msg_fail "init..."; + return 1 + fi + + chmod 0555 "${BASE}/a/x" + chmod 0555 "${BASE}/b/x" + + ./samhain -t check -p none -l info -D + + count=0 + until [ -f $PIDFILE ]; do + sleep 1 + let "count = count + 1" >/dev/null + if [ $count -gt 12 ]; then + break; + fi + done + + if test x$? = x0; then + [ -z "$verbose" ] || log_msg_ok "start daemon..."; + else + [ -z "$quiet" ] && log_msg_fail "start daemon..."; + return 1 + fi + + return 0 +} + +MAXTEST=14; export MAXTEST + +die () { + test -z "$stoponerr" && return 0; + PID=`cat $PIDFILE` + kill -9 $PID +} + +killdaemon () { + if [ -f $PIDFILE ]; then + PID=`cat $PIDFILE` + kill -9 $PID + fi +} + +check_err () { + if [ ${2} -ne 0 ]; then + die; + [ -z "$quiet" ] && log_fail ${1} ${MAXTEST} "${3}"; + return 1 + else + [ -z "$quiet" ] && log_ok ${1} ${MAXTEST} "${3}"; + fi +} + +daemontest_started () { + PID=`cat $PIDFILE` + + kill -0 $PID + check_err ${1} $? "started" +} + +daemontest_sigterm () { + PID=`cat $PIDFILE` + + kill -15 $PID + count=0 + while [ `kill -0 $PID` ]; do + sleep 1 + let "count = count + 1" >/dev/null + if [ $count -gt 12 ]; then + check_err ${1} 1 "sigterm" + return 1 + fi + done + check_err ${1} 0 "sigterm" +} + +daemontest_sigusr2 () { + PID=`cat $PIDFILE` + + tmp=`grep 'File check completed' $LOGFILE | wc -l` + kill -USR2 $PID + kill -TTOU $PID + + count=0 + tmp2=`grep 'SUSPEND' $LOGFILE | wc -l` + while [ $tmp2 -ne $2 ]; do + sleep 1 + let "count = count + 1" >/dev/null + if [ $count -gt 12 ]; then + check_err ${1} 1 "sigusr2: suspend" + return 1 + fi + tmp2=`grep 'SUSPEND' $LOGFILE | wc -l` + done + + kill -USR2 $PID + + count=0 + tmp2=$tmp + while [ $tmp2 -eq $tmp ]; do + sleep 1 + let "count = count + 1" >/dev/null + if [ $count -gt 12 ]; then + check_err ${1} 1 "sigusr2: wakeup" + return 1 + fi + tmp2=`grep 'File check completed' $LOGFILE | wc -l` + done + check_err ${1} 0 "sigusr2" +} + +daemontest_sigttou () { + PID=`cat $PIDFILE` + + tmp=`grep 'File check completed' $LOGFILE | wc -l` + kill -TTOU $PID + count=0 + tmp2=$tmp + while [ $tmp2 -eq $tmp ]; do + sleep 1 + let "count = count + 1" >/dev/null + if [ $count -gt 12 ]; then + check_err ${1} 1 "sigttou" + return 1 + fi + tmp2=`grep 'File check completed' $LOGFILE | wc -l` + done + check_err ${1} 0 "sigttou" +} + +daemontest_sighup () { + + if [ $2 -eq 1 ]; then + echo "dir=${BASE}/b" >>$RCFILE + tmp=`grep CRIT $LOGFILE | grep -v Runtime | wc -l` + if [ $tmp -ne 1 ]; then + [ -z "$verbose" ] || log_msg_fail "policy count (before)"; + return 1 + fi + fi + + PID=`cat $PIDFILE` + kill -HUP $PID + + if [ $2 -eq 1 ]; then + kill -TTOU $PID + count=0 + tmp=`grep CRIT $LOGFILE | grep -v Runtime | wc -l` + while [ $tmp -lt 2 ]; do + sleep 1 + if [ $count -gt 12 ]; then + [ -z "$verbose" ] || log_msg_fail "policy count (after)"; + return 1 + fi + tmp=`grep CRIT $LOGFILE | grep -v Runtime | wc -l` + done + fi + + count=0 + tmp2=0 + while [ $tmp2 -ne $2 ]; do + sleep 1 + let "count = count + 1" >/dev/null + if [ $count -gt 12 ]; then + check_err ${1} 1 "sighup" + return 1 + fi + tmp2=`grep 'Runtime configuration reloaded' $LOGFILE | wc -l` + done + check_err ${1} 0 "sighup" +} + +daemontest_sigabrt () { + PID=`cat $PIDFILE` + kill -ABRT $PID + + count=0 + while [ -f $LOGFILE.lock ]; do + sleep 1 + let "count = count + 1" >/dev/null + if [ $count -gt 12 ]; then + check_err ${1} 1 "sigabrt" + return 1 + fi + done + + kill -TTOU $PID + + sleep 4 + + if [ -f $LOGFILE.lock ]; then + tmp=`grep '' $LOGFILE | wc -l` + tst=$2; let "tst = tst + 2" >/dev/null; + if [ $tmp -eq $tst ]; then + check_err ${1} 0 "sigabrt" + return 0 + fi + fi + check_err ${1} 1 "sigabrt" +} + +testtime0 () { + log_start "DAEMON CONTROL" + + testtime0_int; + + tcount=1 + + trap 'killdaemon' 1 3 15 + + daemontest_started $tcount; + + let "tcount = tcount + 1" >/dev/null + daemontest_sigttou $tcount; + let "tcount = tcount + 1" >/dev/null + daemontest_sigttou $tcount; + let "tcount = tcount + 1" >/dev/null + daemontest_sigttou $tcount; + + let "tcount = tcount + 1" >/dev/null + daemontest_sigusr2 $tcount 1; + let "tcount = tcount + 1" >/dev/null + daemontest_sigusr2 $tcount 2; + let "tcount = tcount + 1" >/dev/null + daemontest_sigusr2 $tcount 3; + + let "tcount = tcount + 1" >/dev/null + daemontest_sigabrt $tcount 1; + let "tcount = tcount + 1" >/dev/null + daemontest_sigabrt $tcount 2; + let "tcount = tcount + 1" >/dev/null + daemontest_sigabrt $tcount 3; + + let "tcount = tcount + 1" >/dev/null + daemontest_sighup $tcount 1; + let "tcount = tcount + 1" >/dev/null + daemontest_sighup $tcount 2; + let "tcount = tcount + 1" >/dev/null + daemontest_sighup $tcount 3; + + let "tcount = tcount + 1" >/dev/null + daemontest_sigterm $tcount; + + log_end "DAEMON CONTROL" +} + +