[myproxy] Add useful check myproxy-test to %check.
stevetraylen
stevetraylen at fedoraproject.org
Fri Feb 25 15:36:09 UTC 2011
commit bafe64c13b7feb8d398f561980c0e153dd3b586f
Author: Steve Traylen <steve.traylen at cern.ch>
Date: Fri Feb 25 16:35:50 2011 +0100
Add useful check myproxy-test to %check.
myproxy-test-disables-globus-7135.patch | 169 +++++++++++++++++++++++++++++++
myproxy-test-non-inter.patch | 22 ++++
myproxy.spec | 43 ++++++++-
3 files changed, 232 insertions(+), 2 deletions(-)
---
diff --git a/myproxy-test-disables-globus-7135.patch b/myproxy-test-disables-globus-7135.patch
new file mode 100644
index 0000000..79b7a71
--- /dev/null
+++ b/myproxy-test-disables-globus-7135.patch
@@ -0,0 +1,169 @@
+diff -uNr myproxy-5.3.ORIG/myproxy-test myproxy-5.3/myproxy-test
+--- myproxy-5.3.ORIG/myproxy-test 2011-02-25 15:39:27.675139739 +0100
++++ myproxy-5.3/myproxy-test 2011-02-25 15:53:13.169341343 +0100
+@@ -139,7 +139,8 @@
+ srand(time||$$);
+ $passphrase = sprintf "%010.d", int(rand(0x7fffffff));
+ $trustrootdir = "$ENV{HOME}/.globus/certificates.test.$$";
+-$origtrustrootdir = $ENV{'X509_CERT_DIR'} if defined($ENV{'X509_CERT_DIR'});
++# http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7135
++#$origtrustrootdir = $ENV{'X509_CERT_DIR'} if defined($ENV{'X509_CERT_DIR'});
+
+ &opensslsanitycheck();
+
+@@ -297,29 +298,31 @@
+ print "FAILED\n"; $FAILURES++; print STDERR $output;
+ }
+
+-$ENV{'X509_CERT_DIR'} = $trustrootdir;
+-($exitstatus, $output) =
+- &runtest("myproxy-logon -T -t 1 -o $tmpdir/myproxy-test.$$ -v -S",
+- $passphrase . "\n");
+-print "MyProxy Test 3T (retrieve stored credential w/ trustroots): ";
+-if ($exitstatus == 0) {
+- ($exitstatus, $output) =
+- &verifyproxy("$tmpdir/myproxy-test.$$");
+-}
+-if ($exitstatus == 0) {
+- ($exitstatus, $output) =
+- &verifytrustroots();
+-}
+-if ($exitstatus == 0) {
+- print "SUCCEEDED\n"; $SUCCESSES++;
+-} else {
+- print "FAILED\n"; $FAILURES++; print STDERR $output;
+-}
+-if (defined($origtrustrootdir)) {
+- $ENV{'X509_CERT_DIR'} = $origtrustrootdir;
+-} else {
+- delete $ENV{'X509_CERT_DIR'};
+-}
++# Disabled for now
++# http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7135
++#$ENV{'X509_CERT_DIR'} = $trustrootdir;
++#($exitstatus, $output) =
++ #&runtest("myproxy-logon -T -t 1 -o $tmpdir/myproxy-test.$$ -v -S",
++ #$passphrase . "\n");
++#print "MyProxy Test 3T (retrieve stored credential w/ trustroots): ";
++#if ($exitstatus == 0) {
++ #($exitstatus, $output) =
++ #&verifyproxy("$tmpdir/myproxy-test.$$");
++#}
++#if ($exitstatus == 0) {
++ #($exitstatus, $output) =
++ #&verifytrustroots();
++#}
++#if ($exitstatus == 0) {
++ #print "SUCCEEDED\n"; $SUCCESSES++;
++#} else {
++ #print "FAILED\n"; $FAILURES++; print STDERR $output;
++#}
++#if (defined($origtrustrootdir)) {
++ #$ENV{'X509_CERT_DIR'} = $origtrustrootdir;
++#} else {
++ #delete $ENV{'X509_CERT_DIR'};
++#}
+
+ if (defined($serverconf)) {
+ system("touch $serverconf") && die "failed to touch $serverconf, stopped";
+@@ -683,31 +686,32 @@
+ unlink( "$tmpdir/myproxy-test.cert.$$.pem" );
+ unlink( "$tmpdir/myproxy-test.key.$$.pem" );
+
+-$ENV{'X509_CERT_DIR'} = $trustrootdir;
+-($exitstatus, $output) =
+- &runtest("myproxy-retrieve -T -c $tmpdir/myproxy-test.cert.$$.pem -y $tmpdir/myproxy-test.key.$$.pem -v -S",
+- $passphrase . "\n");
+-print "MyProxy Test 20T (retrieve stored credential w/ trustroots): ";
+-if ($exitstatus == 0) {
+- ($exitstatus, $output) =
+- &verifycert("$tmpdir/myproxy-test.cert.$$.pem", "$tmpdir/myproxy-test.key.$$.pem");
+-}
+-if ($exitstatus == 0) {
+- ($exitstatus, $output) =
+- &verifytrustroots();
+-}
+-if ($exitstatus == 0) {
+- print "SUCCEEDED\n"; $SUCCESSES++;
+-} else {
+- print "FAILED\n"; $FAILURES++; print STDERR $output;
+-}
+-unlink( "$tmpdir/myproxy-test.cert.$$.pem" );
+-unlink( "$tmpdir/myproxy-test.key.$$.pem" );
+-if (defined($origtrustrootdir)) {
+- $ENV{'X509_CERT_DIR'} = $origtrustrootdir;
+-} else {
+- delete $ENV{'X509_CERT_DIR'};
+-}
++# Disable: http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7135
++#$ENV{'X509_CERT_DIR'} = $trustrootdir;
++#($exitstatus, $output) =
++# &runtest("myproxy-retrieve -T -c $tmpdir/myproxy-test.cert.$$.pem -y $tmpdir/myproxy-test.key.$$.pem -v -S",
++# $passphrase . "\n");
++#print "MyProxy Test 20T (retrieve stored credential w/ trustroots): ";
++#if ($exitstatus == 0) {
++# ($exitstatus, $output) =
++# &verifycert("$tmpdir/myproxy-test.cert.$$.pem", "$tmpdir/myproxy-test.key.$$.pem");
++#}
++#if ($exitstatus == 0) {
++# ($exitstatus, $output) =
++# &verifytrustroots();
++#}
++#if ($exitstatus == 0) {
++# print "SUCCEEDED\n"; $SUCCESSES++;
++#} else {
++# print "FAILED\n"; $FAILURES++; print STDERR $output;
++#}
++#unlink( "$tmpdir/myproxy-test.cert.$$.pem" );
++#unlink( "$tmpdir/myproxy-test.key.$$.pem" );
++#if (defined($origtrustrootdir)) {
++# $ENV{'X509_CERT_DIR'} = $origtrustrootdir;
++#} else {
++# delete $ENV{'X509_CERT_DIR'};
++#}
+
+ #
+ # Test 20.a
+@@ -1192,24 +1196,24 @@
+ #
+ # Test 41
+ #
+-$ENV{'X509_CERT_DIR'} = $trustrootdir;
+-($exitstatus, $output) =
+- &runtest("myproxy-get-trustroots -v", undef);
+-print "MyProxy Test 41 (retrieve trustroots w/o authentication): ";
+-if ($exitstatus == 0) {
+- ($exitstatus, $output) =
+- &verifytrustroots();
+-}
+-if ($exitstatus == 0) {
+- print "SUCCEEDED\n"; $SUCCESSES++;
+-} else {
+- print "FAILED\n"; $FAILURES++; print STDERR $output;
+-}
+-if (defined($origtrustrootdir)) {
+- $ENV{'X509_CERT_DIR'} = $origtrustrootdir;
+-} else {
+- delete $ENV{'X509_CERT_DIR'};
+-}
++#$ENV{'X509_CERT_DIR'} = $trustrootdir;
++#($exitstatus, $output) =
++ #&runtest("myproxy-get-trustroots -v", undef);
++#print "MyProxy Test 41 (retrieve trustroots w/o authentication): ";
++#if ($exitstatus == 0) {
++ #($exitstatus, $output) =
++ #&verifytrustroots();
++#}
++#if ($exitstatus == 0) {
++ #print "SUCCEEDED\n"; $SUCCESSES++;
++#} else {
++ #print "FAILED\n"; $FAILURES++; print STDERR $output;
++#}
++#if (defined($origtrustrootdir)) {
++ #$ENV{'X509_CERT_DIR'} = $origtrustrootdir;
++#} else {
++ #delete $ENV{'X509_CERT_DIR'};
++#}
+
+ #
+ # Test 42
diff --git a/myproxy-test-non-inter.patch b/myproxy-test-non-inter.patch
new file mode 100644
index 0000000..c803316
--- /dev/null
+++ b/myproxy-test-non-inter.patch
@@ -0,0 +1,22 @@
+diff -uNr myproxy-5.3.ORIG/myproxy-test myproxy-5.3/myproxy-test
+--- myproxy-5.3.ORIG/myproxy-test 2011-02-24 20:27:34.444028220 +0100
++++ myproxy-5.3/myproxy-test 2011-02-25 14:30:03.558399327 +0100
+@@ -195,11 +195,13 @@
+ }
+ if (!defined($serverpid) || $serverpid eq "") {
+ print STDERR "failed to start myproxy-server:\n";
+- system("$servercmd -d"); # show output on terminal
+- if (defined($valgrindlog) && -e $valgrindlog) {
+- print STDERR "valgrind log follows:\n";
+- system("cat $valgrindlog");
+- }
++ # Never run deamon in debug mode for our %check
++ # non interactive case.
++ #system("$servercmd -d"); # show output on terminal
++ #if (defined($valgrindlog) && -e $valgrindlog) {
++ #print STDERR "valgrind log follows:\n";
++ #system("cat $valgrindlog");
++ #}
+ &docleanup();
+ exit 1;
+ }
diff --git a/myproxy.spec b/myproxy.spec
index 84d1940..617043c 100644
--- a/myproxy.spec
+++ b/myproxy.spec
@@ -6,6 +6,8 @@
%global flavor gcc32pthr
%endif
+%global with_checks 1
+
Name: myproxy
Version: 5.3
Release: 4%{?dist}
@@ -25,6 +27,11 @@ Source3: README.Fedora
#EPEL using the old vomsc.
#Patch to go upstream myproxy though they are aware.
Patch0: myproxy-vomsc-vomsapi.patch
+# Run check script non-interactivly.
+Patch1: myproxy-test-non-inter.patch
+
+# myproxy-test-disables-globus-7135.patch
+Patch2: myproxy-test-disables-globus-7135.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -40,6 +47,13 @@ BuildRequires: openldap-devel%{?_isa} >= 2.3
BuildRequires: grid-packaging-tools
BuildRequires: doxygen
+%if 0%{?with_checks}
+BuildRequires: globus-proxy-utils
+BuildRequires: globus-gsi-cert-utils-progs
+BuildRequires: voms-clients
+%endif
+
+
%if "%{?rhel}" == "5"
BuildRequires: graphviz-gd
%endif
@@ -168,6 +182,8 @@ Package %{name}-doc contains the MyProxy documentation.
%prep
%setup -q
%patch0 -p1
+%patch1 -p1
+%patch2 -p1
cp -p %{SOURCE1} .
cp -p %{SOURCE2} .
cp -p %{SOURCE3} .
@@ -279,7 +295,29 @@ rm -rf $RPM_BUILD_ROOT
%check
-
+%if 0%{?with_checks}
+# Set Up CA.
+mkdir -p CA/private CA/newcerts CA/public
+sed 's|/etc/pki/||' /etc/pki/tls/openssl.cnf > CA/openssl.cnf
+touch CA/index.txt
+echo '01' > CA/serial
+openssl req -batch -subj '/cn=test ca' -config CA/openssl.cnf -new -x509 -extensions v3_ca -nodes -keyout CA/private/cakey.pem -out CA/cacert.pem -days 30
+HASH=$(openssl x509 -in CA/cacert.pem -hash -noout)
+cp CA/cacert.pem CA/${HASH}.0
+cat <<EOF > CA/${HASH}.signing_policy
+access_id_CA X509 ''
+pos_rights globus CA:sign
+cond_subjects globus '"/*"'
+EOF
+# Create a User Certificate.
+openssl req -batch -subj '/CN=test user' -config CA/openssl.cnf -new -nodes -keyout CA/userkey.pem -out CA/usercert.csr -days 365
+openssl ca -batch -config CA/openssl.cnf -policy policy_anything -out CA/usercert.pem -infiles CA/usercert.csr
+chmod 600 CA/user*.pem
+# Create a GSI proxy.
+X509_USER_CERT=CA/usercert.pem X509_USER_KEY=CA/userkey.pem grid-proxy-init -debug
+# Do the tests... at last.
+X509_CERT_DIR=$(pwd)/CA PATH=.:$PATH ./myproxy-test -startserver
+%endif
%post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig
@@ -390,7 +428,8 @@ fi
%changelog
* Thu Feb 24 2011 Steve Traylen <steve.traylen at cern.ch> - 5.3-4
-- Remove useless check of gpt filelists.
+- Remove useless gpt filelists check from %%check.
+- Add useful check myproxy-test to %%check.
* Tue Feb 22 2011 Steve Traylen <steve.traylen at cern.ch> - 5.3-3
- myproxy-vomsc-vomsapi.patch to build against vomsapi rather
More information about the scm-commits
mailing list