1#! /bin/csh -f 2# 3# verify "root-ness" of all of the certs in specified directory. 4# 5if ( $#argv < 1 ) then 6 echo Usage: anchorSourceTest directory 7 echo A good directory would be ../../../security_certificates/roots/ 8 exit(1) 9endif 10# 11set BUILD_DIR=$LOCAL_BUILD_DIR 12set CERTS_DIR=$argv[1] 13 14set QUIET=0 15shift 16while ( $#argv > 0 ) 17 switch ( "$argv[1]" ) 18 case q: 19 set QUIET = 1 20 shift 21 breaksw 22 default: 23 echo Usage: anchorSourceTest directory 24 exit(1) 25 endsw 26end 27 28# 29# binaries we need 30# 31set CERTCRL=$BUILD_DIR/certcrl 32set CERTS_FROM_DB=$BUILD_DIR/certsFromDb 33foreach targ ($CERTCRL $CERTS_FROM_DB) 34 if(! -e $targ) then 35 echo === $targ is missing. Try building clxutil. 36 exit(1) 37 endif 38end 39 40echo starting anchorSourceTest 41# 42# certcrl args: 43# 44# -c cert to eval 45# -C use this as an anchor 46# -a allow certs unverified by CRLs 47# -f leaf cert is a CA 48# -L silent 49# 50set TEST_FAILED=0 51 52cd $CERTS_DIR 53foreach certFile (*) 54 if ( ( -f "$certFile" ) && ( "$certFile" != X509Anchors) ) then 55 if($QUIET == 0) then 56 echo testing $certFile.... 57 endif 58# $CERTCRL -c "$certFile" -C "$certFile" -a -f -L -T 20071217154316 59 $CERTCRL -c "$certFile" -C "$certFile" -a -f -L 60 if($status != 0) then 61 echo "++++++++ Verification error on $certFile" 62 $CERTCRL -c "$certFile" -C "$certFile" -a -f -v 63 set TEST_FAILED=1 64 endif 65 endif 66end 67 68if($TEST_FAILED == 1) then 69 echo "anchorSourceTest FAILED" 70 exit(1) 71endif 72 73if($QUIET == 0) then 74 echo "...anchorSourceTest complete" 75endif 76