Closed
Bug 86528
Opened 23 years ago
Closed 23 years ago
tstclient returns different values on NT and Unix
Categories
(NSS :: Tools, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.3
People
(Reporter: sonja.mirtitsch, Assigned: wtc)
Details
Attachments
(3 files)
5.62 KB,
patch
|
Details | Diff | Splinter Review | |
7.72 KB,
patch
|
Details | Diff | Splinter Review | |
1.95 KB,
patch
|
Details | Diff | Splinter Review |
on the ssl tests with a bogus password (tstclnt -f -T -w bogus) the Unix tests return 254, the NT tests return 134 --------------- NT output ----------------- ssl.sh: TLS Require client auth (bad password) ---- selfserv -D -p 8443 -d ../server -n pc592997.red.iplanet.com \ -w nss -r -r -i ../tests_pid.712 & selfserv started at Mon Jun 18 11:29:01 PDT 2001 tstclnt -p 8443 -h pc592997 -q -d . < W:/nss/nsstip/builds/20010618.1/blowfish_NT4.0_Win95/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h pc592997 -f -d . -w bogus -n TestUser \ < W:/nss/nsstip/builds/20010618.1/blowfish_NT4.0_Win95/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt: write to SSL socket failed: SSL peer cannot verify your certificate. [6] + Done(134) ? 140 Abort tstclnt ssl.sh: WARNING! Testclient returned 134, expect 254 (no error as tmp workaround ----------------- Unix output ------------------------ ssl.sh: TLS Require client auth (bad password) ---- selfserv -D -p 8443 -d ../server -n kentuckyderby.red.iplanet.com \ -w nss -r -r -i ../tests_pid.1953 & selfserv started at Mon Jun 18 04:00:36 PDT 2001 tstclnt -p 8443 -h kentuckyderby -q -d . < /h/blds-sca15a/export/builds/mccrel/nss/nsstip/builds/20010618.1/y2sun2_Solaris8/mozilla/security/nss/tests/ssl/sslreq.txt tstclnt -p 8443 -h kentuckyderby -f -d . -w bogus -n TestUser \ < /h/blds-sca15a/export/builds/mccrel/nss/nsstip/builds/20010618.1/y2sun2_Solaris8/mozilla/security/nss/tests/ssl/sslreq.txt selfserv: HDX PR_Read returned error -12285: Unable to find the certificate or key necessary for authentication. tstclnt: write to SSL socket failed: SSL peer cannot verify your certificate. ssl.sh: TLS Require client auth (bad password) produced a returncode of 254, expected is 254 PASSED ------------------------------------------------------ Please note that the original bug filed on this issue bug #68734 (ssl script needs NT and Unix returncodes seperate) was closed as a duplicate of #68734 (closed)(tstclient exits with 0 after bad passwd, TLS, require auth) - the scope of the later bug has changed a few times, the other bug mentioned that this needed to be fixed in the tstclnt. Nelson fixed bug #68869 (tstclnt: write to SSL socket failed: TCP connection reset by peer) - now we don't get the TCP connection reset by peer, but "selfserv: HDX PR_Read returned error -12285:" instead.
Assignee | ||
Comment 1•23 years ago
|
||
OK, I did some experiments and confirmed that on Windows a program must not exit with a negative status. Neither MKS Korn Shell nor Cygwin shell can extract a negative exit status, not even the value mod 256. (It seems that any negative exit code is returned as 134 under MKS Korn Shell.) The lesson is: 1. A program must exit with a code in the range of 0-255. 2. The convention is that an exit code of 0 means success and a nonzero exit code means failure. Unless we need to distinguish between different failures, we should use the exit code 1 for failures. Unix system calls return 0 for success and -1 for failure. Many of us generalize that convention and call exit(-1) when a program fails. This is incorrect and not portable. We should fix all of our tools and test programs, but let's fix this one by one, starting with tstclnt.
Status: NEW → ASSIGNED
Priority: -- → P2
Target Milestone: --- → 3.3
Assignee | ||
Comment 2•23 years ago
|
||
Assignee | ||
Comment 3•23 years ago
|
||
In my patch, I followed the rule that where we used to return -1 we now return 1, and where we used to return -2 we now return 2. The test scripts need to be modified to compare the exit status with 0, 1, or 2 for tstclnt. Please review my patch.
Assignee | ||
Updated•23 years ago
|
Whiteboard: NSS 3.3 Early Release
Assignee | ||
Comment 4•23 years ago
|
||
Assignee | ||
Comment 5•23 years ago
|
||
In my proposed patch v2, I fixed not only tstclnt but also the test scripts. 1. ssl.sh: I removed the temporary workaround for NT. 2. sslauth.txt: the expected exit value 254 (i.e., -2 mod 256) is now 2 because I changed tstclnt to exit with 2 instead of -2. Please review my patch.
Assignee | ||
Updated•23 years ago
|
Whiteboard: NSS 3.3 Early Release
Assignee | ||
Comment 6•23 years ago
|
||
I verified that my patch (v2) works on Solaris 8 x86 (tommy) and Windows 2000 (clio).
Comment 7•23 years ago
|
||
reviewed wtc's patch. Looks OK to me.
Assignee | ||
Comment 8•23 years ago
|
||
I checked in the patch on the trunk.
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 9•23 years ago
|
||
Changing the exit status breaks backward compatibility test because the sslauth.txt file in NSS 3.2.1 still expects 254 (= -2 mod 256). I will listen to Bob and change -1 to 255 (= -1 mod 256) and -2 to 254 (= -2 mod 256).
Status: RESOLVED → REOPENED
Priority: P2 → P1
Resolution: FIXED → ---
Assignee | ||
Comment 10•23 years ago
|
||
Assignee | ||
Comment 11•23 years ago
|
||
I decided to leave the exit status 1 (was -1) alone and only changed 2 (was -2) to 254 because that is the only exit status that matters to the test scripts. r=larryh. I checked in the patch on the trunk and NSS_3_3_BRANCH.
Status: REOPENED → RESOLVED
Closed: 23 years ago → 23 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•