Closed Bug 86528 Opened 23 years ago Closed 23 years ago

tstclient returns different values on NT and Unix

Categories

(NSS :: Tools, defect, P1)

Product:
NSS
Component:
Tools
Version:
3.2.1
Platform:
x86
Windows NT
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: sonja.mirtitsch, Assigned: wtc)

Details

Attachments

(3 files)

Proposed patch for tstclnt.c. Exit with 0 on success; exit with 1 or 2 on failure.
5.62 KB, patch
Details | Diff | Splinter Review
Proposed patch v2. Fixes tstclnt.c and the test scripts.
7.72 KB, patch
Details | Diff | Splinter Review
Patch to change the original exit status -2 to 254 (= -2 mod 256).
1.95 KB, patch
Details | Diff | Splinter Review 
on the ssl tests with a bogus password (tstclnt -f -T -w bogus) the Unix tests
return 254, the NT tests return 134

--------------- NT output -----------------
ssl.sh: TLS Require client auth (bad password) ----
selfserv -D -p 8443 -d ../server -n pc592997.red.iplanet.com \
         -w nss -r -r -i ../tests_pid.712  &
selfserv started at Mon Jun 18 11:29:01 PDT 2001
tstclnt -p 8443 -h pc592997 -q -d . <
W:/nss/nsstip/builds/20010618.1/blowfish_NT4.0_Win95/mozilla/security/nss/tests/ssl/sslreq.txt

tstclnt -p 8443 -h pc592997 -f -d . -w bogus -n TestUser \
        <
W:/nss/nsstip/builds/20010618.1/blowfish_NT4.0_Win95/mozilla/security/nss/tests/ssl/sslreq.txt
tstclnt: write to SSL socket failed: SSL peer cannot verify your certificate.
[6] + Done(134) ?
  140	Abort	tstclnt
ssl.sh: WARNING! Testclient returned 134, expect 
             254 (no error as tmp workaround
----------------- Unix output ------------------------
ssl.sh: TLS Require client auth (bad password) ----
selfserv -D -p 8443 -d ../server -n kentuckyderby.red.iplanet.com \
         -w nss -r -r -i ../tests_pid.1953  &
selfserv started at Mon Jun 18 04:00:36 PDT 2001
tstclnt -p 8443 -h kentuckyderby -q -d . <
/h/blds-sca15a/export/builds/mccrel/nss/nsstip/builds/20010618.1/y2sun2_Solaris8/mozilla/security/nss/tests/ssl/sslreq.txt

tstclnt -p 8443 -h kentuckyderby -f -d . -w bogus -n TestUser \
        <
/h/blds-sca15a/export/builds/mccrel/nss/nsstip/builds/20010618.1/y2sun2_Solaris8/mozilla/security/nss/tests/ssl/sslreq.txt
selfserv: HDX PR_Read returned error -12285:
Unable to find the certificate or key necessary for authentication.
tstclnt: write to SSL socket failed: SSL peer cannot verify your certificate.
ssl.sh: TLS Require client auth (bad password) produced a returncode of 254,
expected is 254 PASSED
------------------------------------------------------
Please note that the original bug filed on this issue bug #68734 (ssl script
needs NT and Unix returncodes seperate) was closed as a duplicate of #68734
(closed)(tstclient exits with 0 after bad passwd, TLS, require auth) - the scope
of the later bug has changed a few times, the other bug mentioned that this
needed to be fixed in the tstclnt.
Nelson fixed bug #68869 (tstclnt: write to SSL socket failed: TCP connection
reset by peer) - now we don't get the TCP connection reset by peer, but
"selfserv: HDX PR_Read returned error -12285:" instead.
OK, I did some experiments and confirmed that on
Windows a program must not exit with a negative status.
Neither MKS Korn Shell nor Cygwin shell can extract
a negative exit status, not even the value mod 256.
(It seems that any negative exit code is returned
as 134 under MKS Korn Shell.)

The lesson is:
1. A program must exit with a code in the range of 0-255.
2. The convention is that an exit code of 0 means success
   and a nonzero exit code means failure.  Unless we need
   to distinguish between different failures, we should
   use the exit code 1 for failures.

Unix system calls return 0 for success and -1 for failure.
Many of us generalize that convention and call exit(-1) when
a program fails.  This is incorrect and not portable.

We should fix all of our tools and test programs, but let's
fix this one by one, starting with tstclnt.
Status: NEW → ASSIGNED
Priority: -- → P2
Target Milestone: --- → 3.3
In my patch, I followed the rule that where we used to return -1
we now return 1, and where we used to return -2 we now return 2.

The test scripts need to be modified to compare the exit status
with 0, 1, or 2 for tstclnt.

Please review my patch.
Whiteboard: NSS 3.3 Early Release
In my proposed patch v2, I fixed not only tstclnt but also the
test scripts.

1. ssl.sh: I removed the temporary workaround for NT.

2. sslauth.txt: the expected exit value 254 (i.e., -2 mod 256)
   is now 2 because I changed tstclnt to exit with 2 instead
   of -2.

Please review my patch.
Whiteboard: NSS 3.3 Early Release
I verified that my patch (v2) works on Solaris 8 x86 (tommy)
and Windows 2000 (clio).
reviewed wtc's patch. Looks OK to me.

I checked in the patch on the trunk.
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Changing the exit status breaks backward compatibility test
because the sslauth.txt file in NSS 3.2.1 still expects
254 (= -2 mod 256).

I will listen to Bob and change -1 to 255 (= -1 mod 256) and
-2 to 254 (= -2 mod 256).
Status: RESOLVED → REOPENED
Priority: P2 → P1
Resolution: FIXED → ---
I decided to leave the exit status 1 (was -1) alone and
only changed 2 (was -2) to 254 because that is the only
exit status that matters to the test scripts.

r=larryh.

I checked in the patch on the trunk and NSS_3_3_BRANCH.
Status: REOPENED → RESOLVED
Closed: 23 years ago23 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: