From 1311fe595b040163ba289fc97dc3d3b7bf6deecb Mon Sep 17 00:00:00 2001 From: David Cooper Date: Mon, 22 May 2017 16:57:15 -0400 Subject: [PATCH 1/2] Massing testing with command line error There is a bug in testssl.sh that occurs if mass testing is being performed, there is an error in the command line for one of the child tests, and either a single HTML file or a single JSON file is being created. If mass testing is being performed and `parse_cmd_line()` detects an error in the command line for one of the child tests, then it will call `help()`, which will exit the program, resulting in `cleanup ()` being called. `cleanup ()` will call `html_footer()` and `fileout_footer()`. Since `html_header()` and `json_header()` have not yet been called, `$HTMLHEADER` and `$JSONHEADER` will both be `true, and so `html_footer()` and `fileout_footer()` will output HTML and JSON footers, even though no headers have been output. This PR fixes the problem by having `help()` set `$HTMLHEADER` and `$JSONHEADER` to `false` so that no HTML or JSON footers are created. A related problem is that if a single JSON file is being created, the parent process will insert a separator (a comma) into the JSON file between the outputs of each child process. However, if there is an error in one of the child process's command lines, then this child process will not produce any JSON output and so the JSON file will have two consecutive separators (commas), which is invalid according to http://jsonlint.com. This PR provides a partial fix for the problem for parallel mass testing by checking whether a child process has created a non-empty JSON output before adding a separator to the JSON file. It leaves two unresolved problems: * It does not fix the problem at all for `run_mass_testing()`, where the separator is added before the test with the command line error is run. * It does not fix the problem for parallel mass testing for the case in which the first child test has a command line error. --- testssl.sh | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/testssl.sh b/testssl.sh index 95f7260..9b1dc7a 100755 --- a/testssl.sh +++ b/testssl.sh @@ -340,7 +340,7 @@ set_severity_level() { SEVERITY_LEVEL=$CRITICAL else echo "Supported severity levels are LOW, MEDIUM, HIGH, CRITICAL!" - help + help 1 fi } @@ -11180,6 +11180,10 @@ Options requiring a value can also be called with '=' e.g. testssl.sh -t=smtp -- URI always needs to be the last parameter. EOF + # Set HTMLHEADER and JSONHEADER to false so that the cleanup() function won't + # try to write footers to the HTML and JSON files. + HTMLHEADER=false + JSONHEADER=false #' Fix syntax highlight on sublime exit $1 } @@ -12293,7 +12297,10 @@ get_next_message_testing_parallel_result() { outln "${PARALLEL_TESTING_CMDLINE[NEXT_PARALLEL_TEST_TO_FINISH]}" if [[ "$1" == "completed" ]]; then cat "$TEMPDIR/term_output_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).log" - [[ $NEXT_PARALLEL_TEST_TO_FINISH -gt 0 ]] && fileout_separator # this is needed for appended output, see #687 + if [[ $NEXT_PARALLEL_TEST_TO_FINISH -gt 0 ]] && "$JSONHEADER" && \ + [[ -s "$TEMPDIR/jsonfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).json" ]]; then + fileout_separator # this is needed for appended output, see #687 + fi "$JSONHEADER" && cat "$TEMPDIR/jsonfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).json" >> "$JSONFILE" "$CSVHEADER" && cat "$TEMPDIR/csvfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).csv" >> "$CSVFILE" "$HTMLHEADER" && cat "$TEMPDIR/htmlfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).html" >> "$HTMLFILE" From c831dd0fd38beca22235540175fe644299fd61ff Mon Sep 17 00:00:00 2001 From: David Cooper Date: Tue, 23 May 2017 14:52:25 -0400 Subject: [PATCH 2/2] Handle all empty JSON file cases --- testssl.sh | 34 +++++++++++++++++++++++++++------- 1 file changed, 27 insertions(+), 7 deletions(-) diff --git a/testssl.sh b/testssl.sh index a616867..22cc988 100755 --- a/testssl.sh +++ b/testssl.sh @@ -315,6 +315,7 @@ declare -a -i PARALLEL_TESTING_PID=() # process id for each child test (or 0 declare -a PARALLEL_TESTING_CMDLINE=() # command line for each child test declare -i NR_PARALLEL_TESTS=0 # number of parallel tests run declare -i NEXT_PARALLEL_TEST_TO_FINISH=0 # number of parallel tests that have completed and have been processed +declare FIRST_JSON_OUTPUT=true # true if no output has been added to $JSONFILE yet. #################### SEVERITY #################### @@ -12193,7 +12194,19 @@ create_mass_testing_cmdline() { # next is the file itself, as no '=' was supplied [[ "$cmd" == '--file' ]] && skip_next=true elif [[ "$testing_type" == "serial" ]]; then - MASS_TESTING_CMDLINE[nr_cmds]="$cmd" + if "$JSONHEADER" && [[ "$cmd" == "--jsonfile-pretty"* ]]; then + >"$TEMPDIR/jsonfile_child.json" + MASS_TESTING_CMDLINE[nr_cmds]="--jsonfile-pretty=$TEMPDIR/jsonfile_child.json" + # next is the jsonfile itself, as no '=' was supplied + [[ "$cmd" == --jsonfile-pretty ]] && skip_next=true + elif "$JSONHEADER" && [[ "$cmd" == "--jsonfile"* ]]; then + >"$TEMPDIR/jsonfile_child.json" + MASS_TESTING_CMDLINE[nr_cmds]="--jsonfile=$TEMPDIR/jsonfile_child.json" + # next is the jsonfile itself, as no '=' was supplied + [[ "$cmd" == --jsonfile ]] && skip_next=true + else + MASS_TESTING_CMDLINE[nr_cmds]="$cmd" + fi nr_cmds+=1 else case "$cmd" in @@ -12270,14 +12283,19 @@ run_mass_testing() { create_mass_testing_cmdline "serial" $cmdline draw_line "=" $((TERM_WIDTH / 2)); outln; outln "$(create_cmd_line_string "$0" "${MASS_TESTING_CMDLINE[@]}")" - "$first" || fileout_separator # this is needed for appended output, see #687 # we call ourselves here. $do_mass_testing is the parent, $CHILD_MASS_TESTING... you figured if [[ -z "$(which "$0")" ]]; then CHILD_MASS_TESTING=true "$RUN_DIR/$PROG_NAME" "${MASS_TESTING_CMDLINE[@]}" else CHILD_MASS_TESTING=true "$0" "${MASS_TESTING_CMDLINE[@]}" fi - first=false + if "$JSONHEADER" && [[ -s "$TEMPDIR/jsonfile_child.json" ]]; then + # Need to ensure that a separator is only added if the test + # produced some JSON output. + "$first" || fileout_separator # this is needed for appended output, see #687 + first=false + cat "$TEMPDIR/jsonfile_child.json" >> "$JSONFILE" + fi done < "${FNAME}" return $? } @@ -12293,11 +12311,13 @@ get_next_message_testing_parallel_result() { outln "${PARALLEL_TESTING_CMDLINE[NEXT_PARALLEL_TEST_TO_FINISH]}" if [[ "$1" == "completed" ]]; then cat "$TEMPDIR/term_output_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).log" - if [[ $NEXT_PARALLEL_TEST_TO_FINISH -gt 0 ]] && "$JSONHEADER" && \ - [[ -s "$TEMPDIR/jsonfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).json" ]]; then - fileout_separator # this is needed for appended output, see #687 + if "$JSONHEADER" && [[ -s "$TEMPDIR/jsonfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).json" ]]; then + # Need to ensure that a separator is only added if the test + # produced some JSON output. + "$FIRST_JSON_OUTPUT" || fileout_separator # this is needed for appended output, see #687 + FIRST_JSON_OUTPUT=false + cat "$TEMPDIR/jsonfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).json" >> "$JSONFILE" fi - "$JSONHEADER" && cat "$TEMPDIR/jsonfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).json" >> "$JSONFILE" "$CSVHEADER" && cat "$TEMPDIR/csvfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).csv" >> "$CSVFILE" "$HTMLHEADER" && cat "$TEMPDIR/htmlfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).html" >> "$HTMLFILE" elif [[ "$1" == "stopped" ]]; then