Closed
Bug 86528
Opened 24 years ago
Closed 24 years ago
tstclient returns different values on NT and Unix
Categories
(NSS :: Tools, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.3
People
(Reporter: sonja.mirtitsch, Assigned: wtc)
Details
Attachments
(3 files)
|
5.62 KB,
patch
|
Details | Diff | Splinter Review | |
|
7.72 KB,
patch
|
Details | Diff | Splinter Review | |
|
1.95 KB,
patch
|
Details | Diff | Splinter Review |
on the ssl tests with a bogus password (tstclnt -f -T -w bogus) the Unix tests
return 254, the NT tests return 134
--------------- NT output -----------------
ssl.sh: TLS Require client auth (bad password) ----
selfserv -D -p 8443 -d ../server -n pc592997.red.iplanet.com \
-w nss -r -r -i ../tests_pid.712 &
selfserv started at Mon Jun 18 11:29:01 PDT 2001
tstclnt -p 8443 -h pc592997 -q -d . <
W:/nss/nsstip/builds/20010618.1/blowfish_NT4.0_Win95/mozilla/security/nss/tests/ssl/sslreq.txt
tstclnt -p 8443 -h pc592997 -f -d . -w bogus -n TestUser \
<
W:/nss/nsstip/builds/20010618.1/blowfish_NT4.0_Win95/mozilla/security/nss/tests/ssl/sslreq.txt
tstclnt: write to SSL socket failed: SSL peer cannot verify your certificate.
[6] + Done(134) ?
140 Abort tstclnt
ssl.sh: WARNING! Testclient returned 134, expect
254 (no error as tmp workaround
----------------- Unix output ------------------------
ssl.sh: TLS Require client auth (bad password) ----
selfserv -D -p 8443 -d ../server -n kentuckyderby.red.iplanet.com \
-w nss -r -r -i ../tests_pid.1953 &
selfserv started at Mon Jun 18 04:00:36 PDT 2001
tstclnt -p 8443 -h kentuckyderby -q -d . <
/h/blds-sca15a/export/builds/mccrel/nss/nsstip/builds/20010618.1/y2sun2_Solaris8/mozilla/security/nss/tests/ssl/sslreq.txt
tstclnt -p 8443 -h kentuckyderby -f -d . -w bogus -n TestUser \
<
/h/blds-sca15a/export/builds/mccrel/nss/nsstip/builds/20010618.1/y2sun2_Solaris8/mozilla/security/nss/tests/ssl/sslreq.txt
selfserv: HDX PR_Read returned error -12285:
Unable to find the certificate or key necessary for authentication.
tstclnt: write to SSL socket failed: SSL peer cannot verify your certificate.
ssl.sh: TLS Require client auth (bad password) produced a returncode of 254,
expected is 254 PASSED
------------------------------------------------------
Please note that the original bug filed on this issue bug #68734 (ssl script
needs NT and Unix returncodes seperate) was closed as a duplicate of #68734
(closed)(tstclient exits with 0 after bad passwd, TLS, require auth) - the scope
of the later bug has changed a few times, the other bug mentioned that this
needed to be fixed in the tstclnt.
Nelson fixed bug #68869 (tstclnt: write to SSL socket failed: TCP connection
reset by peer) - now we don't get the TCP connection reset by peer, but
"selfserv: HDX PR_Read returned error -12285:" instead.
|
Assignee | |
Comment 1•24 years ago
|
||
OK, I did some experiments and confirmed that on
Windows a program must not exit with a negative status.
Neither MKS Korn Shell nor Cygwin shell can extract
a negative exit status, not even the value mod 256.
(It seems that any negative exit code is returned
as 134 under MKS Korn Shell.)
The lesson is:
1. A program must exit with a code in the range of 0-255.
2. The convention is that an exit code of 0 means success
and a nonzero exit code means failure. Unless we need
to distinguish between different failures, we should
use the exit code 1 for failures.
Unix system calls return 0 for success and -1 for failure.
Many of us generalize that convention and call exit(-1) when
a program fails. This is incorrect and not portable.
We should fix all of our tools and test programs, but let's
fix this one by one, starting with tstclnt.
Status: NEW → ASSIGNED
Priority: -- → P2
Target Milestone: --- → 3.3
|
|
Assignee | |
Comment 2•24 years ago
|
||
|
|
Assignee | |
Comment 3•24 years ago
|
||
In my patch, I followed the rule that where we used to return -1
we now return 1, and where we used to return -2 we now return 2.
The test scripts need to be modified to compare the exit status
with 0, 1, or 2 for tstclnt.
Please review my patch.
|
|
Assignee | |
Updated•24 years ago
|
Whiteboard: NSS 3.3 Early Release
|
|
Assignee | |
Comment 4•24 years ago
|
||
|
|
Assignee | |
Comment 5•24 years ago
|
||
In my proposed patch v2, I fixed not only tstclnt but also the
test scripts.
1. ssl.sh: I removed the temporary workaround for NT.
2. sslauth.txt: the expected exit value 254 (i.e., -2 mod 256)
is now 2 because I changed tstclnt to exit with 2 instead
of -2.
Please review my patch.
|
|
Assignee | |
Updated•24 years ago
|
Whiteboard: NSS 3.3 Early Release
|
|
Assignee | |
Comment 6•24 years ago
|
||
I verified that my patch (v2) works on Solaris 8 x86 (tommy)
and Windows 2000 (clio).
|
||
Comment 7•24 years ago
|
||
reviewed wtc's patch. Looks OK to me.
|
|
Assignee | |
Comment 8•24 years ago
|
||
I checked in the patch on the trunk.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Comment 9•24 years ago
|
||
Changing the exit status breaks backward compatibility test
because the sslauth.txt file in NSS 3.2.1 still expects
254 (= -2 mod 256).
I will listen to Bob and change -1 to 255 (= -1 mod 256) and
-2 to 254 (= -2 mod 256).
Status: RESOLVED → REOPENED
Priority: P2 → P1
Resolution: FIXED → ---
|
|
Assignee | |
Comment 10•24 years ago
|
||
|
|
Assignee | |
Comment 11•24 years ago
|
||
I decided to leave the exit status 1 (was -1) alone and
only changed 2 (was -2) to 254 because that is the only
exit status that matters to the test scripts.
r=larryh.
I checked in the patch on the trunk and NSS_3_3_BRANCH.
Status: REOPENED → RESOLVED
Closed: 24 years ago → 24 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•