Bugzilla bug #86528: fixed tstclnt so that it always exits with a

nonnegative status. This way we can correctly extract its exit status on Windows, so the temporary workaround in ssl.sh can be removed. Changed sslauth.txt to match the new exit status of tstclnt. r=larryh. Modified files: cmd/tstclnt/tstclnt.c tests/ssl/ssl.sh tests/ssl/sslauth.txt
2001-06-25 19:53:16 +00:00 · 2001-06-25 19:53:16 +00:00 · 7481a570da
--- a/security/nss/cmd/tstclnt/tstclnt.c
+++ b/security/nss/cmd/tstclnt/tstclnt.c
@ -191,7 +191,7 @@ static void Usage(const char *progName)
 "m    SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n"
 "n    SSL3 RSA WITH RC4 128 SHA\n"
 	);
-    exit(-1);
+    exit(1);
 }

 void
@ -351,7 +351,7 @@ int main(int argc, char **argv)
    rv = CERT_OpenVolatileCertDB(handle);
 	CERT_SetDefaultCertDB(handle);
 #else
-	return -1;
+	return 1;
 #endif
    }
    handle = CERT_GetDefaultCertDB();
@ -372,11 +372,11 @@ int main(int argc, char **argv)
    status = PR_GetHostByName(host, buf, sizeof(buf), &hp);
    if (status != PR_SUCCESS) {
 	SECU_PrintError(progName, "error looking up host");
-	return -1;
+	return 1;
    }
    if (PR_EnumerateHostEnt(0, &hp, atoi(port), &addr) == -1) {
 	SECU_PrintError(progName, "error looking up host address");
-	return -1;
+	return 1;
    }

    ip = PR_ntohl(addr.inet.ip);
@ -402,7 +402,7 @@ int main(int argc, char **argv)
 		PR_Close(s);
 		SECU_PrintError(progName, 
 		                "Failed to set blocking socket option");
-		return SECFailure;
+		return 1;
 	    }
 	    prStatus = PR_Connect(s, &addr, PR_INTERVAL_NO_TIMEOUT);
 	    if (prStatus == PR_SUCCESS) {
@ -410,27 +410,27 @@ int main(int argc, char **argv)
    		PR_Close(s);
    		NSS_Shutdown();
    		PR_Cleanup();
-		return SECSuccess;
+		return 0;
 	    }
 	    err = PR_GetError();
 	    if ((err != PR_CONNECT_REFUSED_ERROR) && 
 	        (err != PR_CONNECT_RESET_ERROR)) {
 		SECU_PrintError(progName, "TCP Connection failed");
-		return SECFailure;
+		return 1;
 	    }
 	    PR_Close(s);
 	    PR_Sleep(PR_MillisecondsToInterval(WAIT_INTERVAL));
 	} while (++iter < MAX_WAIT_FOR_SERVER);
 	SECU_PrintError(progName, 
                     "Client timed out while waiting for connection to server");
-	return SECFailure;
+	return 1;
    }

    /* Create socket */
    s = PR_NewTCPSocket();
    if (s == NULL) {
 	SECU_PrintError(progName, "error creating socket");
-	return -1;
+	return 1;
    }

    opt.option = PR_SockOpt_Nonblocking;
@ -441,19 +441,19 @@ int main(int argc, char **argv)
    s = SSL_ImportFD(NULL, s);
    if (s == NULL) {
 	SECU_PrintError(progName, "error importing socket");
-	return -1;
+	return 1;
    }

    rv = SSL_OptionSet(s, SSL_SECURITY, 1);
    if (rv != SECSuccess) {
        SECU_PrintError(progName, "error enabling socket");
-	return -1;
+	return 1;
    }

    rv = SSL_OptionSet(s, SSL_HANDSHAKE_AS_CLIENT, 1);
    if (rv != SECSuccess) {
 	SECU_PrintError(progName, "error enabling client handshake");
-	return -1;
+	return 1;
    }

    /* all the SSL2 and SSL3 cipher suites are enabled by default. */
@ -481,26 +481,26 @@ int main(int argc, char **argv)
    rv = SSL_OptionSet(s, SSL_ENABLE_SSL2, !disableSSL2);
    if (rv != SECSuccess) {
 	SECU_PrintError(progName, "error enabling SSLv2 ");
-	return -1;
+	return 1;
    }

    rv = SSL_OptionSet(s, SSL_ENABLE_SSL3, !disableSSL3);
    if (rv != SECSuccess) {
 	SECU_PrintError(progName, "error enabling SSLv3 ");
-	return -1;
+	return 1;
    }

    rv = SSL_OptionSet(s, SSL_ENABLE_TLS, !disableTLS);
    if (rv != SECSuccess) {
 	SECU_PrintError(progName, "error enabling TLS ");
-	return -1;
+	return 1;
    }

    /* disable ssl2 and ssl2-compatible client hellos. */
    rv = SSL_OptionSet(s, SSL_V2_COMPATIBLE_HELLO, !disableSSL2);
    if (rv != SECSuccess) {
 	SECU_PrintError(progName, "error disabling v2 compatibility");
-	return -1;
+	return 1;
    }

    if (useCommandLinePassword) {
@ -530,13 +530,13 @@ int main(int argc, char **argv)
 		filesReady = PR_Poll(pollset, 1, PR_INTERVAL_NO_TIMEOUT);
 		if (filesReady < 0) {
 		    SECU_PrintError(progName, "unable to connect (poll)");
-		    return -1;
+		    return 1;
 		}
 		PRINTF("%s: PR_Poll returned 0x%02x for socket out_flags.\n",
 			progName, pollset[0].out_flags);
 		if (filesReady == 0) {	/* shouldn't happen! */
 		    PRINTF("%s: PR_Poll returned zero!\n", progName);
-		    return -1;
+		    return 1;
 		}
 		/* Must milliPause between PR_Poll and PR_GetConnectStatus,
 		 * Or else winsock gets mighty confused.
@ -549,14 +549,14 @@ int main(int argc, char **argv)
 		}
 		if (PR_GetError() != PR_IN_PROGRESS_ERROR) {
 		    SECU_PrintError(progName, "unable to connect (poll)");
-		    return -1;
+		    return 1;
 		}
 		SECU_PrintError(progName, "poll");
 		milliPause(50 * multiplier);
 	    }
 	} else {
 	    SECU_PrintError(progName, "unable to connect");
-	    return -1;
+	    return 1;
 	}
    }

@ -597,12 +597,12 @@ int main(int argc, char **argv)
 	}
 	if (filesReady < 0) {
 	   SECU_PrintError(progName, "select failed");
-	   error=-1;
+	   error=1;
 	   goto done;
 	}
 	if (filesReady == 0) {	/* shouldn't happen! */
 	    PRINTF("%s: PR_Poll returned zero!\n", progName);
-	    return -1;
+	    return 1;
 	}
 	PRINTF("%s: PR_Poll returned!\n", progName);
 	if (pollset[1].in_flags) {
@ -618,7 +618,7 @@ int main(int argc, char **argv)
 	    if (nb < 0) {
 		if (PR_GetError() != PR_WOULD_BLOCK_ERROR) {
 		    SECU_PrintError(progName, "read from stdin failed");
-	            error=-1;
+	            error=1;
 		    break;
 		}
 	    } else if (nb == 0) {
@ -633,7 +633,7 @@ int main(int argc, char **argv)
 			if (err != PR_WOULD_BLOCK_ERROR) {
 			    SECU_PrintError(progName, 
 			                    "write to SSL socket failed");
-			    error=-2;
+			    error=2;
 			    goto done;
 			}
 			cc = 0;
@ -668,7 +668,7 @@ int main(int argc, char **argv)
 	    if (nb < 0) {
 		if (PR_GetError() != PR_WOULD_BLOCK_ERROR) {
 		    SECU_PrintError(progName, "read from socket failed");
-		    error=-1;
+		    error=1;
 		    goto done;
 	    	}
 	    } else if (nb == 0) {
--- a/security/nss/tests/ssl/ssl.sh
+++ b/security/nss/tests/ssl/ssl.sh
@ -250,14 +250,6 @@ ssl_auth()
            ret=$?
          fi

-          # the NT client does not return the same error code as Unix
-          # FIXME - this is a serious bug in the NT testclient
-          if [ ${OS_ARCH} = "WINNT" -a $value -ne 0 -a $ret -ne 0 ]; then
-              echo "$SCRIPTNAME: WARNING! Testclient returned $ret, expect "
-              echo "             $value (no error as tmp workaround)"
-              value=$ret
-          fi
-
          html_msg $ret $value "${testname}" \
                   "produced a returncode of $ret, expected is $value"
          kill_selfserv
--- a/security/nss/tests/ssl/sslauth.txt
+++ b/security/nss/tests/ssl/sslauth.txt
@ -10,12 +10,12 @@
     0       -r   -w_nss_-n_TestUser      TLS Request don't require client auth (client auth)
     0     -r_-r       -w_nss                TLS Require client auth (client does not provide auth)
 # this one should fail
-    254    -r_-r -w_bogus_-n_TestUser     TLS Require client auth (bad password)
+     2     -r_-r -w_bogus_-n_TestUser     TLS Require client auth (bad password)
     0     -r_-r  -w_nss_-n_TestUser_      TLS Require client auth (client auth)
     0       -r       -T_-w_nss             SSL3 Request don't require client auth (client does not provide auth)
     0       -r  -T_-n_TestUser_-w_bogus SSL3 Request don't require client auth (bad password)
     0       -r   -T_-n_TestUser_-w_nss  SSL3 Request don't require client auth (client auth)
     0     -r_-r       -T_-w_nss            SSL3 Require client auth (client does not provide auth)
 # this one should fail
-    254    -r_-r -T_-n_TestUser_-w_bogus SSL3 Require client auth (bad password)
+     2     -r_-r -T_-n_TestUser_-w_bogus SSL3 Require client auth (bad password)
     0     -r_-r  -T_-n_TestUser_-w_nss  SSL3 Require client auth (client auth)