Revert "all.sh: Remove dependency on TLS, NET, and X.509"
This reverts commit 9b90f2e294
.
Conflicts:
* tests/scripts/all.sh: do the same changes, dancing around the new
outcome file feature and components added in the same places.
Make sure that the components that are getting added back are at the
same locations as where they are now in mbedtls.
This commit is contained in:
parent
96ddb0ab4d
commit
69e8f7ffe3
@ -38,6 +38,10 @@
|
|||||||
# * G++
|
# * G++
|
||||||
# * arm-gcc and mingw-gcc
|
# * arm-gcc and mingw-gcc
|
||||||
# * ArmCC 5 and ArmCC 6, unless invoked with --no-armcc
|
# * ArmCC 5 and ArmCC 6, unless invoked with --no-armcc
|
||||||
|
# * OpenSSL and GnuTLS command line tools, recent enough for the
|
||||||
|
# interoperability tests. If they don't support SSLv3 then a legacy
|
||||||
|
# version of these tools must be present as well (search for LEGACY
|
||||||
|
# below).
|
||||||
# See the invocation of check_tools below for details.
|
# See the invocation of check_tools below for details.
|
||||||
#
|
#
|
||||||
# This script must be invoked from the toplevel directory of a git
|
# This script must be invoked from the toplevel directory of a git
|
||||||
@ -113,6 +117,7 @@ pre_initialize_variables () {
|
|||||||
CONFIG_BAK="$CONFIG_H.bak"
|
CONFIG_BAK="$CONFIG_H.bak"
|
||||||
|
|
||||||
append_outcome=0
|
append_outcome=0
|
||||||
|
MEMORY=0
|
||||||
FORCE=0
|
FORCE=0
|
||||||
KEEP_GOING=0
|
KEEP_GOING=0
|
||||||
|
|
||||||
@ -122,6 +127,13 @@ pre_initialize_variables () {
|
|||||||
export MBEDTLS_TEST_PLATFORM
|
export MBEDTLS_TEST_PLATFORM
|
||||||
|
|
||||||
# Default commands, can be overridden by the environment
|
# Default commands, can be overridden by the environment
|
||||||
|
: ${OPENSSL:="openssl"}
|
||||||
|
: ${OPENSSL_LEGACY:="$OPENSSL"}
|
||||||
|
: ${OPENSSL_NEXT:="$OPENSSL"}
|
||||||
|
: ${GNUTLS_CLI:="gnutls-cli"}
|
||||||
|
: ${GNUTLS_SERV:="gnutls-serv"}
|
||||||
|
: ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"}
|
||||||
|
: ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"}
|
||||||
: ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build}
|
: ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build}
|
||||||
: ${ARMC5_BIN_DIR:=/usr/bin}
|
: ${ARMC5_BIN_DIR:=/usr/bin}
|
||||||
: ${ARMC6_BIN_DIR:=/usr/bin}
|
: ${ARMC6_BIN_DIR:=/usr/bin}
|
||||||
@ -208,6 +220,13 @@ General options:
|
|||||||
Tool path options:
|
Tool path options:
|
||||||
--armc5-bin-dir=<ARMC5_bin_dir_path> ARM Compiler 5 bin directory.
|
--armc5-bin-dir=<ARMC5_bin_dir_path> ARM Compiler 5 bin directory.
|
||||||
--armc6-bin-dir=<ARMC6_bin_dir_path> ARM Compiler 6 bin directory.
|
--armc6-bin-dir=<ARMC6_bin_dir_path> ARM Compiler 6 bin directory.
|
||||||
|
--gnutls-cli=<GnuTLS_cli_path> GnuTLS client executable to use for most tests.
|
||||||
|
--gnutls-serv=<GnuTLS_serv_path> GnuTLS server executable to use for most tests.
|
||||||
|
--gnutls-legacy-cli=<GnuTLS_cli_path> GnuTLS client executable to use for legacy tests.
|
||||||
|
--gnutls-legacy-serv=<GnuTLS_serv_path> GnuTLS server executable to use for legacy tests.
|
||||||
|
--openssl=<OpenSSL_path> OpenSSL executable to use for most tests.
|
||||||
|
--openssl-legacy=<OpenSSL_path> OpenSSL executable to use for legacy tests e.g. SSLv3.
|
||||||
|
--openssl-next=<OpenSSL_path> OpenSSL executable to use for recent things like ARIA
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -325,28 +344,28 @@ pre_parse_command_line () {
|
|||||||
--armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";;
|
--armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";;
|
||||||
--except) all_except=1;;
|
--except) all_except=1;;
|
||||||
--force|-f) FORCE=1;;
|
--force|-f) FORCE=1;;
|
||||||
--gnutls-cli) shift;;
|
--gnutls-cli) shift; GNUTLS_CLI="$1";;
|
||||||
--gnutls-legacy-cli) shift;;
|
--gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";;
|
||||||
--gnutls-legacy-serv) shift;;
|
--gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";;
|
||||||
--gnutls-serv) shift;;
|
--gnutls-serv) shift; GNUTLS_SERV="$1";;
|
||||||
--help|-h) usage; exit;;
|
--help|-h) usage; exit;;
|
||||||
--keep-going|-k) KEEP_GOING=1;;
|
--keep-going|-k) KEEP_GOING=1;;
|
||||||
--list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;;
|
--list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;;
|
||||||
--list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;;
|
--list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;;
|
||||||
--memory|-m) ;;
|
--memory|-m) MEMORY=1;;
|
||||||
--no-append-outcome) append_outcome=0;;
|
--no-append-outcome) append_outcome=0;;
|
||||||
--no-armcc) no_armcc=1;;
|
--no-armcc) no_armcc=1;;
|
||||||
--no-force) FORCE=0;;
|
--no-force) FORCE=0;;
|
||||||
--no-keep-going) KEEP_GOING=0;;
|
--no-keep-going) KEEP_GOING=0;;
|
||||||
--no-memory) ;;
|
--no-memory) MEMORY=0;;
|
||||||
--openssl) shift;;
|
--openssl) shift; OPENSSL="$1";;
|
||||||
--openssl-legacy) shift;;
|
--openssl-legacy) shift; OPENSSL_LEGACY="$1";;
|
||||||
--openssl-next) shift;;
|
--openssl-next) shift; OPENSSL_NEXT="$1";;
|
||||||
--outcome-file) shift; MBEDTLS_TEST_OUTCOME_FILE="$1";;
|
--outcome-file) shift; MBEDTLS_TEST_OUTCOME_FILE="$1";;
|
||||||
--out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";;
|
--out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";;
|
||||||
--random-seed) ;;
|
--random-seed) unset SEED;;
|
||||||
--release-test|-r) ;;
|
--release-test|-r) SEED=1;;
|
||||||
--seed|-s) shift;;
|
--seed|-s) shift; SEED="$1";;
|
||||||
-*)
|
-*)
|
||||||
echo >&2 "Unknown option: $1"
|
echo >&2 "Unknown option: $1"
|
||||||
echo >&2 "Run $0 --help for usage."
|
echo >&2 "Run $0 --help for usage."
|
||||||
@ -482,8 +501,17 @@ pre_prepare_outcome_file () {
|
|||||||
|
|
||||||
pre_print_configuration () {
|
pre_print_configuration () {
|
||||||
msg "info: $0 configuration"
|
msg "info: $0 configuration"
|
||||||
|
echo "MEMORY: $MEMORY"
|
||||||
echo "FORCE: $FORCE"
|
echo "FORCE: $FORCE"
|
||||||
echo "MBEDTLS_TEST_OUTCOME_FILE: ${MBEDTLS_TEST_OUTCOME_FILE:-(none)}"
|
echo "MBEDTLS_TEST_OUTCOME_FILE: ${MBEDTLS_TEST_OUTCOME_FILE:-(none)}"
|
||||||
|
echo "SEED: ${SEED-"UNSET"}"
|
||||||
|
echo "OPENSSL: $OPENSSL"
|
||||||
|
echo "OPENSSL_LEGACY: $OPENSSL_LEGACY"
|
||||||
|
echo "OPENSSL_NEXT: $OPENSSL_NEXT"
|
||||||
|
echo "GNUTLS_CLI: $GNUTLS_CLI"
|
||||||
|
echo "GNUTLS_SERV: $GNUTLS_SERV"
|
||||||
|
echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI"
|
||||||
|
echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV"
|
||||||
echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR"
|
echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR"
|
||||||
echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR"
|
echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR"
|
||||||
}
|
}
|
||||||
@ -493,6 +521,30 @@ pre_check_tools () {
|
|||||||
# Build the list of variables to pass to output_env.sh.
|
# Build the list of variables to pass to output_env.sh.
|
||||||
set env
|
set env
|
||||||
|
|
||||||
|
case " $RUN_COMPONENTS " in
|
||||||
|
# Require OpenSSL and GnuTLS if running any tests (as opposed to
|
||||||
|
# only doing builds). Not all tests run OpenSSL and GnuTLS, but this
|
||||||
|
# is a good enough approximation in practice.
|
||||||
|
*" test_"*)
|
||||||
|
# To avoid setting OpenSSL and GnuTLS for each call to compat.sh
|
||||||
|
# and ssl-opt.sh, we just export the variables they require.
|
||||||
|
export OPENSSL_CMD="$OPENSSL"
|
||||||
|
export GNUTLS_CLI="$GNUTLS_CLI"
|
||||||
|
export GNUTLS_SERV="$GNUTLS_SERV"
|
||||||
|
# Avoid passing --seed flag in every call to ssl-opt.sh
|
||||||
|
if [ -n "${SEED-}" ]; then
|
||||||
|
export SEED
|
||||||
|
fi
|
||||||
|
set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY"
|
||||||
|
set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV"
|
||||||
|
set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI"
|
||||||
|
set "$@" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV"
|
||||||
|
check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \
|
||||||
|
"$GNUTLS_CLI" "$GNUTLS_SERV" \
|
||||||
|
"$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
case " $RUN_COMPONENTS " in
|
case " $RUN_COMPONENTS " in
|
||||||
*_doxygen[_\ ]*) check_tools "doxygen" "dot";;
|
*_doxygen[_\ ]*) check_tools "doxygen" "dot";;
|
||||||
esac
|
esac
|
||||||
@ -608,6 +660,12 @@ component_test_default_cmake_gcc_asan () {
|
|||||||
|
|
||||||
msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s
|
msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s
|
||||||
make test
|
make test
|
||||||
|
|
||||||
|
msg "test: ssl-opt.sh (ASan build)" # ~ 1 min
|
||||||
|
if_build_succeeded tests/ssl-opt.sh
|
||||||
|
|
||||||
|
msg "test: compat.sh (ASan build)" # ~ 6 min
|
||||||
|
if_build_succeeded tests/compat.sh
|
||||||
}
|
}
|
||||||
|
|
||||||
component_test_full_cmake_gcc_asan () {
|
component_test_full_cmake_gcc_asan () {
|
||||||
@ -639,6 +697,36 @@ component_test_no_pem_no_fs () {
|
|||||||
make test
|
make test
|
||||||
}
|
}
|
||||||
|
|
||||||
|
component_test_sslv3 () {
|
||||||
|
msg "build: Default + SSLv3 (ASan build)" # ~ 6 min
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_PROTO_SSL3
|
||||||
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
|
make
|
||||||
|
|
||||||
|
msg "test: SSLv3 - main suites (inc. selftests) (ASan build)" # ~ 50s
|
||||||
|
make test
|
||||||
|
|
||||||
|
msg "build: SSLv3 - compat.sh (ASan build)" # ~ 6 min
|
||||||
|
if_build_succeeded tests/compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2'
|
||||||
|
if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3'
|
||||||
|
|
||||||
|
msg "build: SSLv3 - ssl-opt.sh (ASan build)" # ~ 6 min
|
||||||
|
if_build_succeeded tests/ssl-opt.sh
|
||||||
|
}
|
||||||
|
|
||||||
|
component_test_no_renegotiation () {
|
||||||
|
msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min
|
||||||
|
scripts/config.pl unset MBEDTLS_SSL_RENEGOTIATION
|
||||||
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
|
make
|
||||||
|
|
||||||
|
msg "test: !MBEDTLS_SSL_RENEGOTIATION - main suites (inc. selftests) (ASan build)" # ~ 50s
|
||||||
|
make test
|
||||||
|
|
||||||
|
msg "test: !MBEDTLS_SSL_RENEGOTIATION - ssl-opt.sh (ASan build)" # ~ 6 min
|
||||||
|
if_build_succeeded tests/ssl-opt.sh
|
||||||
|
}
|
||||||
|
|
||||||
component_test_rsa_no_crt () {
|
component_test_rsa_no_crt () {
|
||||||
msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min
|
msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min
|
||||||
scripts/config.py set MBEDTLS_RSA_NO_CRT
|
scripts/config.py set MBEDTLS_RSA_NO_CRT
|
||||||
@ -647,6 +735,54 @@ component_test_rsa_no_crt () {
|
|||||||
|
|
||||||
msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s
|
msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s
|
||||||
make test
|
make test
|
||||||
|
|
||||||
|
msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s
|
||||||
|
if_build_succeeded tests/ssl-opt.sh -f RSA
|
||||||
|
|
||||||
|
msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min
|
||||||
|
if_build_succeeded tests/compat.sh -t RSA
|
||||||
|
}
|
||||||
|
|
||||||
|
component_test_small_ssl_out_content_len () {
|
||||||
|
msg "build: small SSL_OUT_CONTENT_LEN (ASan build)"
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
|
||||||
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
|
make
|
||||||
|
|
||||||
|
msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests"
|
||||||
|
if_build_succeeded tests/ssl-opt.sh -f "Max fragment\|Large packet"
|
||||||
|
}
|
||||||
|
|
||||||
|
component_test_small_ssl_in_content_len () {
|
||||||
|
msg "build: small SSL_IN_CONTENT_LEN (ASan build)"
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 4096
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 16384
|
||||||
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
|
make
|
||||||
|
|
||||||
|
msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests"
|
||||||
|
if_build_succeeded tests/ssl-opt.sh -f "Max fragment"
|
||||||
|
}
|
||||||
|
|
||||||
|
component_test_small_ssl_dtls_max_buffering () {
|
||||||
|
msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0"
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000
|
||||||
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
|
make
|
||||||
|
|
||||||
|
msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test"
|
||||||
|
if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg"
|
||||||
|
}
|
||||||
|
|
||||||
|
component_test_small_mbedtls_ssl_dtls_max_buffering () {
|
||||||
|
msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1"
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 240
|
||||||
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
|
make
|
||||||
|
|
||||||
|
msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test"
|
||||||
|
if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket"
|
||||||
}
|
}
|
||||||
|
|
||||||
component_test_new_ecdh_context () {
|
component_test_new_ecdh_context () {
|
||||||
@ -690,6 +826,15 @@ component_test_full_cmake_clang () {
|
|||||||
|
|
||||||
msg "test: psa_constant_names (full config, clang)" # ~ 1s
|
msg "test: psa_constant_names (full config, clang)" # ~ 1s
|
||||||
record_status tests/scripts/test_psa_constant_names.py
|
record_status tests/scripts/test_psa_constant_names.py
|
||||||
|
|
||||||
|
msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s
|
||||||
|
if_build_succeeded tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private'
|
||||||
|
|
||||||
|
msg "test: compat.sh RC4, DES, 3DES & NULL (full config)" # ~ 2 min
|
||||||
|
if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR'
|
||||||
|
|
||||||
|
msg "test: compat.sh ARIA + ChachaPoly"
|
||||||
|
if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
|
||||||
}
|
}
|
||||||
|
|
||||||
component_test_full_make_gcc_o0 () {
|
component_test_full_make_gcc_o0 () {
|
||||||
@ -738,6 +883,11 @@ component_test_depends_pkalgs () {
|
|||||||
record_status tests/scripts/depends-pkalgs.pl
|
record_status tests/scripts/depends-pkalgs.pl
|
||||||
}
|
}
|
||||||
|
|
||||||
|
component_build_key_exchanges () {
|
||||||
|
msg "test/build: key-exchanges (gcc)" # ~ 1 min
|
||||||
|
record_status tests/scripts/key-exchanges.pl
|
||||||
|
}
|
||||||
|
|
||||||
component_build_default_make_gcc_and_cxx () {
|
component_build_default_make_gcc_and_cxx () {
|
||||||
msg "build: Unix make, -Os (gcc)" # ~ 30s
|
msg "build: Unix make, -Os (gcc)" # ~ 30s
|
||||||
make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os'
|
make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os'
|
||||||
@ -763,6 +913,21 @@ component_test_no_use_psa_crypto_full_cmake_asan() {
|
|||||||
|
|
||||||
msg "test: main suites (full minus MBEDTLS_USE_PSA_CRYPTO)"
|
msg "test: main suites (full minus MBEDTLS_USE_PSA_CRYPTO)"
|
||||||
make test
|
make test
|
||||||
|
|
||||||
|
msg "test: ssl-opt.sh (MBEDTLS_USE_PSA_CRYPTO)"
|
||||||
|
if_build_succeeded tests/ssl-opt.sh
|
||||||
|
|
||||||
|
msg "test: compat.sh default (MBEDTLS_USE_PSA_CRYPTO)"
|
||||||
|
if_build_succeeded tests/compat.sh
|
||||||
|
|
||||||
|
msg "test: compat.sh ssl3 (MBEDTLS_USE_PSA_CRYPTO)"
|
||||||
|
if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3'
|
||||||
|
|
||||||
|
msg "test: compat.sh RC4, DES & NULL (MBEDTLS_USE_PSA_CRYPTO)"
|
||||||
|
if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
|
||||||
|
|
||||||
|
msg "test: compat.sh ARIA + ChachaPoly (MBEDTLS_USE_PSA_CRYPTO)"
|
||||||
|
if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
|
||||||
}
|
}
|
||||||
|
|
||||||
component_test_check_params_functionality () {
|
component_test_check_params_functionality () {
|
||||||
@ -832,6 +997,30 @@ component_build_no_std_function () {
|
|||||||
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0'
|
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0'
|
||||||
}
|
}
|
||||||
|
|
||||||
|
component_build_no_ssl_srv () {
|
||||||
|
msg "build: full config except ssl_srv.c, make, gcc" # ~ 30s
|
||||||
|
scripts/config.pl full
|
||||||
|
scripts/config.pl unset MBEDTLS_SSL_SRV_C
|
||||||
|
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0'
|
||||||
|
}
|
||||||
|
|
||||||
|
component_build_no_ssl_cli () {
|
||||||
|
msg "build: full config except ssl_cli.c, make, gcc" # ~ 30s
|
||||||
|
scripts/config.pl full
|
||||||
|
scripts/config.pl unset MBEDTLS_SSL_CLI_C
|
||||||
|
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0'
|
||||||
|
}
|
||||||
|
|
||||||
|
component_build_no_sockets () {
|
||||||
|
# Note, C99 compliance can also be tested with the sockets support disabled,
|
||||||
|
# as that requires a POSIX platform (which isn't the same as C99).
|
||||||
|
msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s
|
||||||
|
scripts/config.pl full
|
||||||
|
scripts/config.pl unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc.
|
||||||
|
scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux
|
||||||
|
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0 -std=c99 -pedantic' lib
|
||||||
|
}
|
||||||
|
|
||||||
component_test_memory_buffer_allocator_backtrace () {
|
component_test_memory_buffer_allocator_backtrace () {
|
||||||
msg "build: default config with memory buffer allocator and backtrace enabled"
|
msg "build: default config with memory buffer allocator and backtrace enabled"
|
||||||
scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C
|
scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C
|
||||||
@ -856,6 +1045,45 @@ component_test_memory_buffer_allocator () {
|
|||||||
make test
|
make test
|
||||||
}
|
}
|
||||||
|
|
||||||
|
component_test_no_max_fragment_length () {
|
||||||
|
# Run max fragment length tests with MFL disabled
|
||||||
|
msg "build: default config except MFL extension (ASan build)" # ~ 30s
|
||||||
|
scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
|
make
|
||||||
|
|
||||||
|
msg "test: ssl-opt.sh, MFL-related tests"
|
||||||
|
if_build_succeeded tests/ssl-opt.sh -f "Max fragment length"
|
||||||
|
}
|
||||||
|
|
||||||
|
component_test_asan_remove_peer_certificate () {
|
||||||
|
msg "build: default config with MBEDTLS_SSL_KEEP_PEER_CERTIFICATE disabled (ASan build)"
|
||||||
|
scripts/config.pl unset MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
|
||||||
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
|
make
|
||||||
|
|
||||||
|
msg "test: !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
|
||||||
|
make test
|
||||||
|
|
||||||
|
msg "test: ssl-opt.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
|
||||||
|
if_build_succeeded tests/ssl-opt.sh
|
||||||
|
|
||||||
|
msg "test: compat.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
|
||||||
|
if_build_succeeded tests/compat.sh
|
||||||
|
}
|
||||||
|
|
||||||
|
component_test_no_max_fragment_length_small_ssl_out_content_len () {
|
||||||
|
msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)"
|
||||||
|
scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
|
||||||
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
|
make
|
||||||
|
|
||||||
|
msg "test: MFL tests (disabled MFL extension case) & large packet tests"
|
||||||
|
if_build_succeeded tests/ssl-opt.sh -f "Max fragment length\|Large buffer"
|
||||||
|
}
|
||||||
|
|
||||||
component_test_null_entropy () {
|
component_test_null_entropy () {
|
||||||
msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)"
|
msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)"
|
||||||
scripts/config.py set MBEDTLS_TEST_NULL_ENTROPY
|
scripts/config.py set MBEDTLS_TEST_NULL_ENTROPY
|
||||||
@ -1173,6 +1401,15 @@ component_build_armcc () {
|
|||||||
armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a"
|
armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
component_test_allow_sha1 () {
|
||||||
|
msg "build: allow SHA1 in certificates by default"
|
||||||
|
scripts/config.pl set MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
|
||||||
|
make CFLAGS='-Werror -Wall -Wextra'
|
||||||
|
msg "test: allow SHA1 in certificates by default"
|
||||||
|
make test
|
||||||
|
if_build_succeeded tests/ssl-opt.sh -f SHA-1
|
||||||
|
}
|
||||||
|
|
||||||
component_build_mingw () {
|
component_build_mingw () {
|
||||||
msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s
|
msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s
|
||||||
make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs
|
make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs
|
||||||
@ -1201,6 +1438,16 @@ component_test_memsan () {
|
|||||||
|
|
||||||
msg "test: main suites (MSan)" # ~ 10s
|
msg "test: main suites (MSan)" # ~ 10s
|
||||||
make test
|
make test
|
||||||
|
|
||||||
|
msg "test: ssl-opt.sh (MSan)" # ~ 1 min
|
||||||
|
if_build_succeeded tests/ssl-opt.sh
|
||||||
|
|
||||||
|
# Optional part(s)
|
||||||
|
|
||||||
|
if [ "$MEMORY" -gt 0 ]; then
|
||||||
|
msg "test: compat.sh (MSan)" # ~ 6 min 20s
|
||||||
|
if_build_succeeded tests/compat.sh
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
component_test_valgrind () {
|
component_test_valgrind () {
|
||||||
@ -1210,6 +1457,20 @@ component_test_valgrind () {
|
|||||||
|
|
||||||
msg "test: main suites valgrind (Release)"
|
msg "test: main suites valgrind (Release)"
|
||||||
make memcheck
|
make memcheck
|
||||||
|
|
||||||
|
# Optional part(s)
|
||||||
|
# Currently broken, programs don't seem to receive signals
|
||||||
|
# under valgrind on OS X
|
||||||
|
|
||||||
|
if [ "$MEMORY" -gt 0 ]; then
|
||||||
|
msg "test: ssl-opt.sh --memcheck (Release)"
|
||||||
|
if_build_succeeded tests/ssl-opt.sh --memcheck
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$MEMORY" -gt 1 ]; then
|
||||||
|
msg "test: compat.sh --memcheck (Release)"
|
||||||
|
if_build_succeeded tests/compat.sh --memcheck
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
component_test_cmake_out_of_source () {
|
component_test_cmake_out_of_source () {
|
||||||
@ -1222,7 +1483,17 @@ component_test_cmake_out_of_source () {
|
|||||||
|
|
||||||
msg "test: cmake 'out-of-source' build"
|
msg "test: cmake 'out-of-source' build"
|
||||||
make test
|
make test
|
||||||
|
# Test an SSL option that requires an auxiliary script in test/scripts/.
|
||||||
|
# Also ensure that there are no error messages such as
|
||||||
|
# "No such file or directory", which would indicate that some required
|
||||||
|
# file is missing (ssl-opt.sh tolerates the absence of some files so
|
||||||
|
# may exit with status 0 but emit errors).
|
||||||
|
if_build_succeeded ./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' 2>ssl-opt.err
|
||||||
|
if [ -s ssl-opt.err ]; then
|
||||||
|
cat ssl-opt.err >&2
|
||||||
|
record_status [ ! -s ssl-opt.err ]
|
||||||
|
rm ssl-opt.err
|
||||||
|
fi
|
||||||
cd "$MBEDTLS_ROOT_DIR"
|
cd "$MBEDTLS_ROOT_DIR"
|
||||||
rm -rf "$OUT_OF_SOURCE_DIR"
|
rm -rf "$OUT_OF_SOURCE_DIR"
|
||||||
unset MBEDTLS_ROOT_DIR
|
unset MBEDTLS_ROOT_DIR
|
||||||
|
Loading…
Reference in New Issue
Block a user