1#! /usr/bin/env sh 2 3# all.sh 4# 5# Copyright The Mbed TLS Contributors 6# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 7# 8# This file is provided under the Apache License 2.0, or the 9# GNU General Public License v2.0 or later. 10# 11# ********** 12# Apache License 2.0: 13# 14# Licensed under the Apache License, Version 2.0 (the "License"); you may 15# not use this file except in compliance with the License. 16# You may obtain a copy of the License at 17# 18# http://www.apache.org/licenses/LICENSE-2.0 19# 20# Unless required by applicable law or agreed to in writing, software 21# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 22# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 23# See the License for the specific language governing permissions and 24# limitations under the License. 25# 26# ********** 27# 28# ********** 29# GNU General Public License v2.0 or later: 30# 31# This program is free software; you can redistribute it and/or modify 32# it under the terms of the GNU General Public License as published by 33# the Free Software Foundation; either version 2 of the License, or 34# (at your option) any later version. 35# 36# This program is distributed in the hope that it will be useful, 37# but WITHOUT ANY WARRANTY; without even the implied warranty of 38# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 39# GNU General Public License for more details. 40# 41# You should have received a copy of the GNU General Public License along 42# with this program; if not, write to the Free Software Foundation, Inc., 43# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 44# 45# ********** 46 47 48 49################################################################ 50#### Documentation 51################################################################ 52 53# Purpose 54# ------- 55# 56# To run all tests possible or available on the platform. 57# 58# Notes for users 59# --------------- 60# 61# Warning: the test is destructive. It includes various build modes and 62# configurations, and can and will arbitrarily change the current CMake 63# configuration. The following files must be committed into git: 64# * include/mbedtls/config.h 65# * Makefile, library/Makefile, programs/Makefile, tests/Makefile 66# After running this script, the CMake cache will be lost and CMake 67# will no longer be initialised. 68# 69# The script assumes the presence of a number of tools: 70# * Basic Unix tools (Windows users note: a Unix-style find must be before 71# the Windows find in the PATH) 72# * Perl 73# * GNU Make 74# * CMake 75# * GCC and Clang (recent enough for using ASan with gcc and MemSan with clang, or valgrind) 76# * G++ 77# * arm-gcc and mingw-gcc 78# * ArmCC 5 and ArmCC 6, unless invoked with --no-armcc 79# * OpenSSL and GnuTLS command line tools, recent enough for the 80# interoperability tests. If they don't support SSLv3 then a legacy 81# version of these tools must be present as well (search for LEGACY 82# below). 83# See the invocation of check_tools below for details. 84# 85# This script must be invoked from the toplevel directory of a git 86# working copy of Mbed TLS. 87# 88# Note that the output is not saved. You may want to run 89# script -c tests/scripts/all.sh 90# or 91# tests/scripts/all.sh >all.log 2>&1 92# 93# Notes for maintainers 94# --------------------- 95# 96# The bulk of the code is organized into functions that follow one of the 97# following naming conventions: 98# * pre_XXX: things to do before running the tests, in order. 99# * component_XXX: independent components. They can be run in any order. 100# * component_check_XXX: quick tests that aren't worth parallelizing. 101# * component_build_XXX: build things but don't run them. 102# * component_test_XXX: build and test. 103# * support_XXX: if support_XXX exists and returns false then 104# component_XXX is not run by default. 105# * post_XXX: things to do after running the tests. 106# * other: miscellaneous support functions. 107# 108# Each component must start by invoking `msg` with a short informative message. 109# 110# The framework performs some cleanup tasks after each component. This 111# means that components can assume that the working directory is in a 112# cleaned-up state, and don't need to perform the cleanup themselves. 113# * Run `make clean`. 114# * Restore `include/mbedtks/config.h` from a backup made before running 115# the component. 116# * Check out `Makefile`, `library/Makefile`, `programs/Makefile` and 117# `tests/Makefile` from git. This cleans up after an in-tree use of 118# CMake. 119# 120# Any command that is expected to fail must be protected so that the 121# script keeps running in --keep-going mode despite `set -e`. In keep-going 122# mode, if a protected command fails, this is logged as a failure and the 123# script will exit with a failure status once it has run all components. 124# Commands can be protected in any of the following ways: 125# * `make` is a function which runs the `make` command with protection. 126# Note that you must write `make VAR=value`, not `VAR=value make`, 127# because the `VAR=value make` syntax doesn't work with functions. 128# * Put `report_status` before the command to protect it. 129# * Put `if_build_successful` before a command. This protects it, and 130# additionally skips it if a prior invocation of `make` in the same 131# component failed. 132# 133# The tests are roughly in order from fastest to slowest. This doesn't 134# have to be exact, but in general you should add slower tests towards 135# the end and fast checks near the beginning. 136 137 138 139################################################################ 140#### Initialization and command line parsing 141################################################################ 142 143# Abort on errors (and uninitialised variables) 144set -eu 145 146pre_check_environment () { 147 if [ -d library -a -d include -a -d tests ]; then :; else 148 echo "Must be run from mbed TLS root" >&2 149 exit 1 150 fi 151} 152 153pre_initialize_variables () { 154 CONFIG_H='include/mbedtls/config.h' 155 CONFIG_BAK="$CONFIG_H.bak" 156 157 MEMORY=0 158 FORCE=0 159 QUIET=0 160 KEEP_GOING=0 161 162 # Seed value used with the --release-test option. 163 # 164 # See also RELEASE_SEED in basic-build-test.sh. Debugging is easier if 165 # both values are kept in sync. If you change the value here because it 166 # breaks some tests, you'll definitely want to change it in 167 # basic-build-test.sh as well. 168 RELEASE_SEED=1 169 170 # Default commands, can be overridden by the environment 171 : ${OPENSSL:="openssl"} 172 : ${OPENSSL_LEGACY:="$OPENSSL"} 173 : ${OPENSSL_NEXT:="$OPENSSL"} 174 : ${GNUTLS_CLI:="gnutls-cli"} 175 : ${GNUTLS_SERV:="gnutls-serv"} 176 : ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"} 177 : ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"} 178 : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build} 179 : ${ARMC5_BIN_DIR:=/usr/bin} 180 : ${ARMC6_BIN_DIR:=/usr/bin} 181 : ${ARM_NONE_EABI_GCC_PREFIX:=arm-none-eabi-} 182 183 # if MAKEFLAGS is not set add the -j option to speed up invocations of make 184 if [ -z "${MAKEFLAGS+set}" ]; then 185 export MAKEFLAGS="-j" 186 fi 187 188 # Include more verbose output for failing tests run by CMake 189 export CTEST_OUTPUT_ON_FAILURE=1 190 191 # CFLAGS and LDFLAGS for Asan builds that don't use CMake 192 ASAN_CFLAGS='-Werror -Wall -Wextra -fsanitize=address,undefined -fno-sanitize-recover=all' 193 194 # Gather the list of available components. These are the functions 195 # defined in this script whose name starts with "component_". 196 # Parse the script with sed, because in sh there is no way to list 197 # defined functions. 198 ALL_COMPONENTS=$(sed -n 's/^ *component_\([0-9A-Z_a-z]*\) *().*/\1/p' <"$0") 199 200 # Exclude components that are not supported on this platform. 201 SUPPORTED_COMPONENTS= 202 for component in $ALL_COMPONENTS; do 203 case $(type "support_$component" 2>&1) in 204 *' function'*) 205 if ! support_$component; then continue; fi;; 206 esac 207 SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component" 208 done 209} 210 211# Test whether the component $1 is included in the command line patterns. 212is_component_included() 213{ 214 set -f 215 for pattern in $COMMAND_LINE_COMPONENTS; do 216 set +f 217 case ${1#component_} in $pattern) return 0;; esac 218 done 219 set +f 220 return 1 221} 222 223usage() 224{ 225 cat <<EOF 226Usage: $0 [OPTION]... [COMPONENT]... 227Run mbedtls release validation tests. 228By default, run all tests. With one or more COMPONENT, run only those. 229COMPONENT can be the name of a component or a shell wildcard pattern. 230 231Examples: 232 $0 "check_*" 233 Run all sanity checks. 234 $0 --no-armcc --except test_memsan 235 Run everything except builds that require armcc and MemSan. 236 237Special options: 238 -h|--help Print this help and exit. 239 --list-all-components List all available test components and exit. 240 --list-components List components supported on this platform and exit. 241 242General options: 243 -q|--quiet Only output component names, and errors if any. 244 -f|--force Force the tests to overwrite any modified files. 245 -k|--keep-going Run all tests and report errors at the end. 246 -m|--memory Additional optional memory tests. 247 --arm-none-eabi-gcc-prefix=<string> 248 Prefix for a cross-compiler for arm-none-eabi 249 (default: "${ARM_NONE_EABI_GCC_PREFIX}") 250 --armcc Run ARM Compiler builds (on by default). 251 --except Exclude the COMPONENTs listed on the command line, 252 instead of running only those. 253 --no-armcc Skip ARM Compiler builds. 254 --no-force Refuse to overwrite modified files (default). 255 --no-keep-going Stop at the first error (default). 256 --no-memory No additional memory tests (default). 257 --no-quiet Print full ouput from components. 258 --out-of-source-dir=<path> Directory used for CMake out-of-source build tests. 259 --random-seed Use a random seed value for randomized tests (default). 260 -r|--release-test Run this script in release mode. This fixes the seed value to ${RELEASE_SEED}. 261 -s|--seed Integer seed value to use for this test run. 262 263Tool path options: 264 --armc5-bin-dir=<ARMC5_bin_dir_path> ARM Compiler 5 bin directory. 265 --armc6-bin-dir=<ARMC6_bin_dir_path> ARM Compiler 6 bin directory. 266 --gnutls-cli=<GnuTLS_cli_path> GnuTLS client executable to use for most tests. 267 --gnutls-serv=<GnuTLS_serv_path> GnuTLS server executable to use for most tests. 268 --gnutls-legacy-cli=<GnuTLS_cli_path> GnuTLS client executable to use for legacy tests. 269 --gnutls-legacy-serv=<GnuTLS_serv_path> GnuTLS server executable to use for legacy tests. 270 --openssl=<OpenSSL_path> OpenSSL executable to use for most tests. 271 --openssl-legacy=<OpenSSL_path> OpenSSL executable to use for legacy tests e.g. SSLv3. 272 --openssl-next=<OpenSSL_path> OpenSSL executable to use for recent things like ARIA 273EOF 274} 275 276# remove built files as well as the cmake cache/config 277cleanup() 278{ 279 if [ -n "${MBEDTLS_ROOT_DIR+set}" ]; then 280 cd "$MBEDTLS_ROOT_DIR" 281 fi 282 283 command make clean 284 285 # Remove CMake artefacts 286 find . -name .git -prune \ 287 -iname CMakeFiles -exec rm -rf {} \+ -o \ 288 \( -iname cmake_install.cmake -o \ 289 -iname CTestTestfile.cmake -o \ 290 -iname CMakeCache.txt \) -exec rm {} \+ 291 # Recover files overwritten by in-tree CMake builds 292 rm -f include/Makefile include/mbedtls/Makefile programs/*/Makefile 293 git update-index --no-skip-worktree Makefile library/Makefile programs/Makefile tests/Makefile 294 git checkout -- Makefile library/Makefile programs/Makefile tests/Makefile 295 296 if [ -f "$CONFIG_BAK" ]; then 297 mv "$CONFIG_BAK" "$CONFIG_H" 298 fi 299} 300 301# Executed on exit. May be redefined depending on command line options. 302final_report () { 303 : 304} 305 306fatal_signal () { 307 cleanup 308 final_report $1 309 trap - $1 310 kill -$1 $$ 311} 312 313trap 'fatal_signal HUP' HUP 314trap 'fatal_signal INT' INT 315trap 'fatal_signal TERM' TERM 316 317msg() 318{ 319 if [ -n "${current_component:-}" ]; then 320 current_section="${current_component#component_}: $1" 321 else 322 current_section="$1" 323 fi 324 325 if [ $QUIET -eq 1 ]; then 326 return 327 fi 328 329 echo "" 330 echo "******************************************************************" 331 echo "* $current_section " 332 printf "* "; date 333 echo "******************************************************************" 334} 335 336armc6_build_test() 337{ 338 FLAGS="$1" 339 340 msg "build: ARM Compiler 6 ($FLAGS)" 341 ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \ 342 WARNING_CFLAGS='-xc -std=c99' make lib 343 344 msg "size: ARM Compiler 6 ($FLAGS)" 345 "$ARMC6_FROMELF" -z library/*.o 346 347 make clean 348} 349 350err_msg() 351{ 352 echo "$1" >&2 353} 354 355check_tools() 356{ 357 for TOOL in "$@"; do 358 if ! `type "$TOOL" >/dev/null 2>&1`; then 359 err_msg "$TOOL not found!" 360 exit 1 361 fi 362 done 363} 364 365check_headers_in_cpp () { 366 ls include/mbedtls | grep "\.h$" >headers.txt 367 <programs/test/cpp_dummy_build.cpp sed -n 's/"$//; s!^#include "mbedtls/!!p' | 368 sort | 369 diff headers.txt - 370 rm headers.txt 371} 372 373pre_parse_command_line () { 374 COMMAND_LINE_COMPONENTS= 375 all_except=0 376 no_armcc= 377 378 while [ $# -gt 0 ]; do 379 case "$1" in 380 --arm-none-eabi-gcc-prefix) shift; ARM_NONE_EABI_GCC_PREFIX="$1";; 381 --armcc) no_armcc=;; 382 --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; 383 --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; 384 --except) all_except=1;; 385 --force|-f) FORCE=1;; 386 --gnutls-cli) shift; GNUTLS_CLI="$1";; 387 --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";; 388 --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";; 389 --gnutls-serv) shift; GNUTLS_SERV="$1";; 390 --help|-h) usage; exit;; 391 --keep-going|-k) KEEP_GOING=1;; 392 --list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;; 393 --list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;; 394 --memory|-m) MEMORY=1;; 395 --no-armcc) no_armcc=1;; 396 --no-force) FORCE=0;; 397 --no-keep-going) KEEP_GOING=0;; 398 --no-memory) MEMORY=0;; 399 --no-quiet) QUIET=0;; 400 --openssl) shift; OPENSSL="$1";; 401 --openssl-legacy) shift; OPENSSL_LEGACY="$1";; 402 --openssl-next) shift; OPENSSL_NEXT="$1";; 403 --out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";; 404 --quiet|-q) QUIET=1;; 405 --random-seed) unset SEED;; 406 --release-test|-r) SEED=$RELEASE_SEED;; 407 --seed|-s) shift; SEED="$1";; 408 -*) 409 echo >&2 "Unknown option: $1" 410 echo >&2 "Run $0 --help for usage." 411 exit 120 412 ;; 413 *) COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS $1";; 414 esac 415 shift 416 done 417 418 # With no list of components, run everything. 419 if [ -z "$COMMAND_LINE_COMPONENTS" ]; then 420 all_except=1 421 fi 422 423 # --no-armcc is a legacy option. The modern way is --except '*_armcc*'. 424 # Ignore it if components are listed explicitly on the command line. 425 if [ -n "$no_armcc" ] && [ $all_except -eq 1 ]; then 426 COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS *_armcc*" 427 fi 428 429 # Build the list of components to run. 430 RUN_COMPONENTS= 431 for component in $SUPPORTED_COMPONENTS; do 432 if is_component_included "$component"; [ $? -eq $all_except ]; then 433 RUN_COMPONENTS="$RUN_COMPONENTS $component" 434 fi 435 done 436 437 unset all_except 438 unset no_armcc 439} 440 441pre_check_git () { 442 if [ $FORCE -eq 1 ]; then 443 rm -rf "$OUT_OF_SOURCE_DIR" 444 git checkout-index -f -q $CONFIG_H 445 cleanup 446 else 447 448 if [ -d "$OUT_OF_SOURCE_DIR" ]; then 449 echo "Warning - there is an existing directory at '$OUT_OF_SOURCE_DIR'" >&2 450 echo "You can either delete this directory manually, or force the test by rerunning" 451 echo "the script as: $0 --force --out-of-source-dir $OUT_OF_SOURCE_DIR" 452 exit 1 453 fi 454 455 if ! git diff --quiet include/mbedtls/config.h; then 456 err_msg "Warning - the configuration file 'include/mbedtls/config.h' has been edited. " 457 echo "You can either delete or preserve your work, or force the test by rerunning the" 458 echo "script as: $0 --force" 459 exit 1 460 fi 461 fi 462} 463 464pre_setup_keep_going () { 465 failure_summary= 466 failure_count=0 467 start_red= 468 end_color= 469 if [ -t 1 ]; then 470 case "${TERM:-}" in 471 *color*|cygwin|linux|rxvt*|screen|[Eex]term*) 472 start_red=$(printf '\033[31m') 473 end_color=$(printf '\033[0m') 474 ;; 475 esac 476 fi 477 record_status () { 478 if "$@"; then 479 last_status=0 480 else 481 last_status=$? 482 text="$current_section: $* -> $last_status" 483 failure_summary="$failure_summary 484$text" 485 failure_count=$((failure_count + 1)) 486 echo "${start_red}^^^^$text^^^^${end_color}" >&2 487 fi 488 } 489 make () { 490 case "$*" in 491 *test|*check) 492 if [ $build_status -eq 0 ]; then 493 record_status command make "$@" 494 else 495 echo "(skipped because the build failed)" 496 fi 497 ;; 498 *) 499 record_status command make "$@" 500 build_status=$last_status 501 ;; 502 esac 503 } 504 final_report () { 505 if [ $failure_count -gt 0 ]; then 506 echo 507 echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" 508 echo "${start_red}FAILED: $failure_count${end_color}$failure_summary" 509 echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" 510 exit 1 511 elif [ -z "${1-}" ]; then 512 echo "SUCCESS :)" 513 fi 514 if [ -n "${1-}" ]; then 515 echo "Killed by SIG$1." 516 fi 517 } 518} 519 520if_build_succeeded () { 521 if [ $build_status -eq 0 ]; then 522 record_status "$@" 523 fi 524} 525 526# to be used instead of ! for commands run with 527# record_status or if_build_succeeded 528not() { 529 ! "$@" 530} 531 532pre_setup_quiet_redirect () { 533 if [ $QUIET -ne 1 ]; then 534 redirect_out () { 535 "$@" 536 } 537 else 538 redirect_out () { 539 "$@" >/dev/null 540 } 541 fi 542} 543 544pre_print_configuration () { 545 if [ $QUIET -eq 1 ]; then 546 return 547 fi 548 549 msg "info: $0 configuration" 550 echo "MEMORY: $MEMORY" 551 echo "FORCE: $FORCE" 552 echo "SEED: ${SEED-"UNSET"}" 553 echo "OPENSSL: $OPENSSL" 554 echo "OPENSSL_LEGACY: $OPENSSL_LEGACY" 555 echo "OPENSSL_NEXT: $OPENSSL_NEXT" 556 echo "GNUTLS_CLI: $GNUTLS_CLI" 557 echo "GNUTLS_SERV: $GNUTLS_SERV" 558 echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI" 559 echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV" 560 echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR" 561 echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR" 562} 563 564# Make sure the tools we need are available. 565pre_check_tools () { 566 # Build the list of variables to pass to output_env.sh. 567 set env 568 569 case " $RUN_COMPONENTS " in 570 # Require OpenSSL and GnuTLS if running any tests (as opposed to 571 # only doing builds). Not all tests run OpenSSL and GnuTLS, but this 572 # is a good enough approximation in practice. 573 *" test_"*) 574 # To avoid setting OpenSSL and GnuTLS for each call to compat.sh 575 # and ssl-opt.sh, we just export the variables they require. 576 export OPENSSL_CMD="$OPENSSL" 577 export GNUTLS_CLI="$GNUTLS_CLI" 578 export GNUTLS_SERV="$GNUTLS_SERV" 579 # Avoid passing --seed flag in every call to ssl-opt.sh 580 if [ -n "${SEED-}" ]; then 581 export SEED 582 fi 583 set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" 584 set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV" 585 set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" 586 set "$@" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" 587 check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \ 588 "$GNUTLS_CLI" "$GNUTLS_SERV" \ 589 "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" 590 ;; 591 esac 592 593 case " $RUN_COMPONENTS " in 594 *_doxygen[_\ ]*) check_tools "doxygen" "dot";; 595 esac 596 597 case " $RUN_COMPONENTS " in 598 *_arm_none_eabi_gcc[_\ ]*) check_tools "${ARM_NONE_EABI_GCC_PREFIX}gcc";; 599 esac 600 601 case " $RUN_COMPONENTS " in 602 *_mingw[_\ ]*) check_tools "i686-w64-mingw32-gcc";; 603 esac 604 605 case " $RUN_COMPONENTS " in 606 *" test_zeroize "*) check_tools "gdb";; 607 esac 608 609 case " $RUN_COMPONENTS " in 610 *_armcc*) 611 ARMC5_CC="$ARMC5_BIN_DIR/armcc" 612 ARMC5_AR="$ARMC5_BIN_DIR/armar" 613 ARMC5_FROMELF="$ARMC5_BIN_DIR/fromelf" 614 ARMC6_CC="$ARMC6_BIN_DIR/armclang" 615 ARMC6_AR="$ARMC6_BIN_DIR/armar" 616 ARMC6_FROMELF="$ARMC6_BIN_DIR/fromelf" 617 check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC5_FROMELF" \ 618 "$ARMC6_CC" "$ARMC6_AR" "$ARMC6_FROMELF";; 619 esac 620 621 # past this point, no call to check_tool, only printing output 622 if [ $QUIET -eq 1 ]; then 623 return 624 fi 625 626 msg "info: output_env.sh" 627 case $RUN_COMPONENTS in 628 *_armcc*) 629 set "$@" ARMC5_CC="$ARMC5_CC" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;; 630 *) set "$@" RUN_ARMCC=0;; 631 esac 632 "$@" scripts/output_env.sh 633} 634 635 636 637################################################################ 638#### Basic checks 639################################################################ 640 641# 642# Test Suites to be executed 643# 644# The test ordering tries to optimize for the following criteria: 645# 1. Catch possible problems early, by running first tests that run quickly 646# and/or are more likely to fail than others (eg I use Clang most of the 647# time, so start with a GCC build). 648# 2. Minimize total running time, by avoiding useless rebuilds 649# 650# Indicative running times are given for reference. 651 652component_check_recursion () { 653 msg "test: recursion.pl" # < 1s 654 record_status tests/scripts/recursion.pl library/*.c 655} 656 657component_check_generated_files () { 658 msg "test: freshness of generated source files" # < 1s 659 record_status tests/scripts/check-generated-files.sh 660} 661 662component_check_doxy_blocks () { 663 msg "test: doxygen markup outside doxygen blocks" # < 1s 664 record_status tests/scripts/check-doxy-blocks.pl 665} 666 667component_check_files () { 668 msg "Check: file sanity checks (permissions, encodings)" # < 1s 669 record_status tests/scripts/check_files.py 670} 671 672component_check_changelog () { 673 msg "Check: changelog entries" # < 1s 674 rm -f ChangeLog.new 675 record_status scripts/assemble_changelog.py -o ChangeLog.new 676 if [ -e ChangeLog.new ]; then 677 # Show the diff for information. It isn't an error if the diff is 678 # non-empty. 679 diff -u ChangeLog ChangeLog.new || true 680 rm ChangeLog.new 681 fi 682} 683 684component_check_names () { 685 msg "test/build: declared and exported names" # < 3s 686 record_status tests/scripts/check-names.sh -v 687} 688 689component_check_doxygen_warnings () { 690 msg "test: doxygen warnings" # ~ 3s 691 record_status tests/scripts/doxygen.sh 692} 693 694 695 696################################################################ 697#### Build and test many configurations and targets 698################################################################ 699 700component_test_large_ecdsa_key_signature () { 701 702 SMALL_MPI_MAX_SIZE=136 # Small enough to interfere with the EC signatures 703 704 msg "build: cmake + MBEDTLS_MPI_MAX_SIZE=${SMALL_MPI_MAX_SIZE}, gcc, ASan" # ~ 1 min 50s 705 scripts/config.pl set MBEDTLS_MPI_MAX_SIZE $SMALL_MPI_MAX_SIZE 706 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 707 make 708 709 INEVITABLY_PRESENT_FILE=Makefile 710 SIGNATURE_FILE="${INEVITABLY_PRESENT_FILE}.sig" # Warning, this is rm -f'ed below 711 712 msg "test: pk_sign secp521r1_prv.der for MBEDTLS_MPI_MAX_SIZE=${SMALL_MPI_MAX_SIZE} (ASan build)" # ~ 5s 713 if_build_succeeded programs/pkey/pk_sign tests/data_files/secp521r1_prv.der $INEVITABLY_PRESENT_FILE 714 rm -f $SIGNATURE_FILE 715} 716 717component_test_default_out_of_box () { 718 msg "build: make, default config (out-of-box)" # ~1min 719 make 720 721 msg "test: main suites make, default config (out-of-box)" # ~10s 722 make test 723 724 msg "selftest: make, default config (out-of-box)" # ~10s 725 if_build_succeeded programs/test/selftest 726} 727 728component_test_default_cmake_gcc_asan () { 729 msg "build: cmake, gcc, ASan" # ~ 1 min 50s 730 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 731 make 732 733 msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s 734 make test 735 736 msg "test: selftest (ASan build)" # ~ 10s 737 if_build_succeeded programs/test/selftest 738 739 msg "test: ssl-opt.sh (ASan build)" # ~ 1 min 740 if_build_succeeded tests/ssl-opt.sh 741 742 msg "test: compat.sh (ASan build)" # ~ 6 min 743 if_build_succeeded tests/compat.sh 744} 745 746component_test_full_cmake_gcc_asan () { 747 msg "build: full config, cmake, gcc, ASan" 748 scripts/config.pl full 749 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 750 make 751 752 msg "test: main suites (inc. selftests) (full config, ASan build)" 753 make test 754 755 msg "test: selftest (ASan build)" # ~ 10s 756 if_build_succeeded programs/test/selftest 757 758 msg "test: ssl-opt.sh (full config, ASan build)" 759 if_build_succeeded tests/ssl-opt.sh 760 761 msg "test: compat.sh (full config, ASan build)" 762 if_build_succeeded tests/compat.sh 763} 764 765component_test_zlib_make() { 766 msg "build: zlib enabled, make" 767 scripts/config.pl set MBEDTLS_ZLIB_SUPPORT 768 make ZLIB=1 CFLAGS='-Werror -O1' 769 770 msg "test: main suites (zlib, make)" 771 make test 772 773 msg "test: ssl-opt.sh (zlib, make)" 774 if_build_succeeded tests/ssl-opt.sh 775} 776support_test_zlib_make () { 777 base=support_test_zlib_$$ 778 cat <<'EOF' > ${base}.c 779#include "zlib.h" 780int main(void) { return 0; } 781EOF 782 gcc -o ${base}.exe ${base}.c -lz 2>/dev/null 783 ret=$? 784 rm -f ${base}.* 785 return $ret 786} 787 788component_test_zlib_cmake() { 789 msg "build: zlib enabled, cmake" 790 scripts/config.pl set MBEDTLS_ZLIB_SUPPORT 791 cmake -D ENABLE_ZLIB_SUPPORT=On -D CMAKE_BUILD_TYPE:String=Check . 792 make 793 794 msg "test: main suites (zlib, cmake)" 795 make test 796 797 msg "test: ssl-opt.sh (zlib, cmake)" 798 if_build_succeeded tests/ssl-opt.sh 799} 800support_test_zlib_cmake () { 801 support_test_zlib_make "$@" 802} 803 804component_test_ref_configs () { 805 msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s 806 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 807 record_status tests/scripts/test-ref-configs.pl 808} 809 810component_test_sslv3 () { 811 msg "build: Default + SSLv3 (ASan build)" # ~ 6 min 812 scripts/config.pl set MBEDTLS_SSL_PROTO_SSL3 813 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 814 make 815 816 msg "test: SSLv3 - main suites (inc. selftests) (ASan build)" # ~ 50s 817 make test 818 819 msg "build: SSLv3 - compat.sh (ASan build)" # ~ 6 min 820 if_build_succeeded tests/compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2' 821 if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3' 822 823 msg "build: SSLv3 - ssl-opt.sh (ASan build)" # ~ 6 min 824 if_build_succeeded tests/ssl-opt.sh 825} 826 827component_test_no_renegotiation () { 828 msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min 829 scripts/config.pl unset MBEDTLS_SSL_RENEGOTIATION 830 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 831 make 832 833 msg "test: !MBEDTLS_SSL_RENEGOTIATION - main suites (inc. selftests) (ASan build)" # ~ 50s 834 make test 835 836 msg "test: !MBEDTLS_SSL_RENEGOTIATION - ssl-opt.sh (ASan build)" # ~ 6 min 837 if_build_succeeded tests/ssl-opt.sh 838} 839 840component_test_no_pem_no_fs () { 841 msg "build: Default + !MBEDTLS_PEM_PARSE_C + !MBEDTLS_FS_IO (ASan build)" 842 scripts/config.pl unset MBEDTLS_PEM_PARSE_C 843 scripts/config.pl unset MBEDTLS_FS_IO 844 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 845 make 846 847 msg "test: !MBEDTLS_PEM_PARSE_C !MBEDTLS_FS_IO - main suites (inc. selftests) (ASan build)" # ~ 50s 848 make test 849 850 msg "test: !MBEDTLS_PEM_PARSE_C !MBEDTLS_FS_IO - ssl-opt.sh (ASan build)" # ~ 6 min 851 if_build_succeeded tests/ssl-opt.sh 852} 853 854component_test_rsa_no_crt () { 855 msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min 856 scripts/config.pl set MBEDTLS_RSA_NO_CRT 857 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 858 make 859 860 msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s 861 make test 862 863 msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s 864 if_build_succeeded tests/ssl-opt.sh -f RSA 865 866 msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min 867 if_build_succeeded tests/compat.sh -t RSA 868} 869 870component_test_no_ctr_drbg () { 871 msg "build: Full minus CTR_DRBG" 872 scripts/config.pl full 873 scripts/config.pl unset MBEDTLS_CTR_DRBG_C 874 875 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 876 make 877 878 msg "test: no CTR_DRBG" 879 make test 880 881 # no ssl-opt.sh/compat.sh as they all depend on CTR_DRBG so far 882} 883 884component_test_no_hmac_drbg () { 885 msg "build: Full minus HMAC_DRBG" 886 scripts/config.pl full 887 scripts/config.pl unset MBEDTLS_HMAC_DRBG_C 888 scripts/config.pl unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG 889 890 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 891 make 892 893 msg "test: Full minus HMAC_DRBG - main suites" 894 make test 895 896 # Normally our ECDSA implementation uses deterministic ECDSA. But since 897 # HMAC_DRBG is disabled in this configuration, randomized ECDSA is used 898 # instead. 899 # Test SSL with non-deterministic ECDSA. Only test features that 900 # might be affected by how ECDSA signature is performed. 901 msg "test: Full minus HMAC_DRBG - ssl-opt.sh (subset)" 902 if_build_succeeded tests/ssl-opt.sh -f 'Default\|SSL async private: sign' 903 904 # To save time, only test one protocol version, since this part of 905 # the protocol is identical in (D)TLS up to 1.2. 906 msg "test: Full minus HMAC_DRBG - compat.sh (ECDSA)" 907 if_build_succeeded tests/compat.sh -m tls1_2 -t 'ECDSA' 908} 909 910component_test_no_drbg_all_hashes () { 911 # this tests the internal ECP DRBG using a KDF based on SHA-512 912 msg "build: Default minus DRBGs" 913 scripts/config.pl unset MBEDTLS_CTR_DRBG_C 914 scripts/config.pl unset MBEDTLS_HMAC_DRBG_C 915 scripts/config.pl unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG 916 scripts/config.pl unset MBEDTLS_PSA_CRYPTO_C # requires a DRBG 917 scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto 918 919 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 920 make 921 922 msg "test: Default minus DRBGs" 923 make test 924 925 # no SSL tests as they all depend on having a DRBG 926} 927 928component_test_no_drbg_no_sha512 () { 929 # this tests the internal ECP DRBG using a KDF based on SHA-256 930 msg "build: Default minus DRBGs minus SHA-512" 931 scripts/config.pl unset MBEDTLS_CTR_DRBG_C 932 scripts/config.pl unset MBEDTLS_HMAC_DRBG_C 933 scripts/config.pl unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG 934 scripts/config.pl unset MBEDTLS_PSA_CRYPTO_C # requires a DRBG 935 scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto 936 scripts/config.pl unset MBEDTLS_SHA512_C 937 938 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 939 make 940 941 msg "test: Default minus DRBGs minus SHA-512" 942 make test 943 944 # no SSL tests as they all depend on having a DRBG 945} 946 947component_test_ecp_no_internal_rng () { 948 msg "build: Default plus ECP_NO_INTERNAL_RNG minus DRBG modules" 949 scripts/config.pl set MBEDTLS_ECP_NO_INTERNAL_RNG 950 scripts/config.pl unset MBEDTLS_CTR_DRBG_C 951 scripts/config.pl unset MBEDTLS_HMAC_DRBG_C 952 scripts/config.pl unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG 953 scripts/config.pl unset MBEDTLS_PSA_CRYPTO_C # requires a DRBG 954 scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto 955 956 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 957 make 958 959 msg "test: ECP_NO_INTERNAL_RNG, no DRBG module" 960 make test 961 962 # no SSL tests as they all depend on having a DRBG 963} 964 965component_test_ecp_restartable_no_internal_rng () { 966 msg "build: Default plus ECP_RESTARTABLE and ECP_NO_INTERNAL_RNG, no DRBG" 967 scripts/config.pl set MBEDTLS_ECP_NO_INTERNAL_RNG 968 scripts/config.pl set MBEDTLS_ECP_RESTARTABLE 969 scripts/config.pl unset MBEDTLS_CTR_DRBG_C 970 scripts/config.pl unset MBEDTLS_HMAC_DRBG_C 971 scripts/config.pl unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG 972 scripts/config.pl unset MBEDTLS_PSA_CRYPTO_C # requires CTR_DRBG 973 scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto 974 975 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 976 make 977 978 msg "test: ECP_RESTARTABLE and ECP_NO_INTERNAL_RNG, no DRBG module" 979 make test 980 981 # no SSL tests as they all depend on having a DRBG 982} 983 984component_test_small_ssl_out_content_len () { 985 msg "build: small SSL_OUT_CONTENT_LEN (ASan build)" 986 scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384 987 scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 988 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 989 make 990 991 msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests" 992 if_build_succeeded tests/ssl-opt.sh -f "Max fragment\|Large packet" 993} 994 995component_test_small_ssl_in_content_len () { 996 msg "build: small SSL_IN_CONTENT_LEN (ASan build)" 997 scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 4096 998 scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 16384 999 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1000 make 1001 1002 msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests" 1003 if_build_succeeded tests/ssl-opt.sh -f "Max fragment" 1004} 1005 1006component_test_small_ssl_dtls_max_buffering () { 1007 msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0" 1008 scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000 1009 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1010 make 1011 1012 msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test" 1013 if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" 1014} 1015 1016component_test_small_mbedtls_ssl_dtls_max_buffering () { 1017 msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1" 1018 scripts/config.pl set MBEDTLS_SSL_DTLS_MAX_BUFFERING 240 1019 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1020 make 1021 1022 msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test" 1023 if_build_succeeded tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" 1024} 1025 1026component_test_full_cmake_clang () { 1027 msg "build: cmake, full config, clang" # ~ 50s 1028 scripts/config.pl full 1029 CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On . 1030 make 1031 1032 msg "test: main suites (full config)" # ~ 5s 1033 make test 1034 1035 msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s 1036 if_build_succeeded tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private' 1037 1038 msg "test: compat.sh RC4, DES, 3DES & NULL (full config)" # ~ 2 min 1039 if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR' 1040 1041 msg "test: compat.sh ARIA + ChachaPoly" 1042 if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' 1043} 1044 1045component_test_memsan_constant_flow () { 1046 # This tests both (1) accesses to undefined memory, and (2) branches or 1047 # memory access depending on secret values. To distinguish between those: 1048 # - unset MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN - does the failure persist? 1049 # - or alternatively, change the build type to MemSanDbg, which enables 1050 # origin tracking and nicer stack traces (which are useful for debugging 1051 # anyway), and check if the origin was TEST_CF_SECRET() or something else. 1052 msg "build: cmake MSan (clang), full config with constant flow testing" 1053 scripts/config.pl full 1054 scripts/config.pl set MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN 1055 scripts/config.pl unset MBEDTLS_AESNI_C # memsan doesn't grok asm 1056 CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan . 1057 make 1058 1059 msg "test: main suites (Msan + constant flow)" 1060 make test 1061} 1062 1063component_test_valgrind_constant_flow () { 1064 # This tests both (1) everything that valgrind's memcheck usually checks 1065 # (heap buffer overflows, use of uninitialized memory, use-after-free, 1066 # etc.) and (2) branches or memory access depending on secret values, 1067 # which will be reported as uninitialized memory. To distinguish between 1068 # secret and actually uninitialized: 1069 # - unset MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND - does the failure persist? 1070 # - or alternatively, build with debug info and manually run the offending 1071 # test suite with valgrind --track-origins=yes, then check if the origin 1072 # was TEST_CF_SECRET() or something else. 1073 msg "build: cmake release GCC, full config with constant flow testing" 1074 scripts/config.pl full 1075 scripts/config.pl set MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND 1076 cmake -D CMAKE_BUILD_TYPE:String=Release . 1077 make 1078 1079 # this only shows a summary of the results (how many of each type) 1080 # details are left in Testing/<date>/DynamicAnalysis.xml 1081 msg "test: main suites (valgrind + constant flow)" 1082 make memcheck 1083} 1084 1085component_test_default_no_deprecated () { 1086 # Test that removing the deprecated features from the default 1087 # configuration leaves something consistent. 1088 msg "build: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 30s 1089 scripts/config.pl set MBEDTLS_DEPRECATED_REMOVED 1090 make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' 1091 1092 msg "test: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 5s 1093 make test 1094} 1095 1096component_test_full_deprecated_warning () { 1097 # Test that there is nothing deprecated in the full configuration. 1098 # A deprecated feature would trigger a warning (made fatal) from 1099 # MBEDTLS_DEPRECATED_WARNING. 1100 msg "build: make, full + MBEDTLS_DEPRECATED_WARNING" # ~ 30s 1101 scripts/config.pl full 1102 scripts/config.pl unset MBEDTLS_DEPRECATED_REMOVED 1103 scripts/config.pl set MBEDTLS_DEPRECATED_WARNING 1104 # There are currently no tests for any deprecated feature. 1105 # If some are added, 'make test' would trigger warnings here. 1106 make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' 1107 1108 msg "test: make, full + MBEDTLS_DEPRECATED_WARNING" # ~ 5s 1109 make test 1110} 1111 1112component_test_depends_curves () { 1113 msg "test/build: curves.pl (gcc)" # ~ 4 min 1114 record_status tests/scripts/curves.pl 1115} 1116 1117component_test_depends_hashes () { 1118 msg "test/build: depends-hashes.pl (gcc)" # ~ 2 min 1119 record_status tests/scripts/depends-hashes.pl 1120} 1121 1122component_test_depends_pkalgs () { 1123 msg "test/build: depends-pkalgs.pl (gcc)" # ~ 2 min 1124 record_status tests/scripts/depends-pkalgs.pl 1125} 1126 1127component_build_key_exchanges () { 1128 msg "test/build: key-exchanges (gcc)" # ~ 1 min 1129 record_status tests/scripts/key-exchanges.pl 1130} 1131 1132component_build_default_make_gcc_and_cxx () { 1133 msg "build: Unix make, -Os (gcc)" # ~ 30s 1134 make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' 1135 1136 msg "test: verify header list in cpp_dummy_build.cpp" 1137 record_status check_headers_in_cpp 1138 1139 msg "build: Unix make, incremental g++" 1140 make TEST_CPP=1 1141} 1142 1143component_test_check_params_functionality () { 1144 msg "build+test: MBEDTLS_CHECK_PARAMS functionality" 1145 scripts/config.pl full # includes CHECK_PARAMS 1146 # Make MBEDTLS_PARAM_FAILED call mbedtls_param_failed(). 1147 scripts/config.pl unset MBEDTLS_CHECK_PARAMS_ASSERT 1148 # Only build and run tests. Do not build sample programs, because 1149 # they don't have a mbedtls_param_failed() function. 1150 make CC=gcc CFLAGS='-Werror -O1' lib test 1151} 1152 1153component_test_check_params_without_platform () { 1154 msg "build+test: MBEDTLS_CHECK_PARAMS without MBEDTLS_PLATFORM_C" 1155 scripts/config.pl full # includes CHECK_PARAMS 1156 # Keep MBEDTLS_PARAM_FAILED as assert. 1157 scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT 1158 scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT 1159 scripts/config.pl unset MBEDTLS_PLATFORM_FPRINTF_ALT 1160 scripts/config.pl unset MBEDTLS_PLATFORM_MEMORY 1161 scripts/config.pl unset MBEDTLS_PLATFORM_NV_SEED_ALT 1162 scripts/config.pl unset MBEDTLS_PLATFORM_PRINTF_ALT 1163 scripts/config.pl unset MBEDTLS_PLATFORM_SNPRINTF_ALT 1164 scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED 1165 scripts/config.pl unset MBEDTLS_PLATFORM_C 1166 make CC=gcc CFLAGS='-Werror -O1' all test 1167} 1168 1169component_test_check_params_silent () { 1170 msg "build+test: MBEDTLS_CHECK_PARAMS with alternative MBEDTLS_PARAM_FAILED()" 1171 scripts/config.pl full # includes CHECK_PARAMS 1172 # Set MBEDTLS_PARAM_FAILED to nothing. 1173 sed -i 's/.*\(#define MBEDTLS_PARAM_FAILED( cond )\).*/\1/' "$CONFIG_H" 1174 make CC=gcc CFLAGS='-Werror -O1' all test 1175} 1176 1177component_test_no_platform () { 1178 # Full configuration build, without platform support, file IO and net sockets. 1179 # This should catch missing mbedtls_printf definitions, and by disabling file 1180 # IO, it should catch missing '#include <stdio.h>' 1181 msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s 1182 scripts/config.pl full 1183 scripts/config.pl unset MBEDTLS_PLATFORM_C 1184 scripts/config.pl unset MBEDTLS_NET_C 1185 scripts/config.pl unset MBEDTLS_PLATFORM_MEMORY 1186 scripts/config.pl unset MBEDTLS_PLATFORM_PRINTF_ALT 1187 scripts/config.pl unset MBEDTLS_PLATFORM_FPRINTF_ALT 1188 scripts/config.pl unset MBEDTLS_PLATFORM_SNPRINTF_ALT 1189 scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT 1190 scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT 1191 scripts/config.pl unset MBEDTLS_PLATFORM_NV_SEED_ALT 1192 scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED 1193 scripts/config.pl unset MBEDTLS_FS_IO 1194 # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19, 1195 # to re-enable platform integration features otherwise disabled in C99 builds 1196 make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -Os -D_DEFAULT_SOURCE' lib programs 1197 make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' test 1198} 1199 1200component_build_no_std_function () { 1201 # catch compile bugs in _uninit functions 1202 msg "build: full config with NO_STD_FUNCTION, make, gcc" # ~ 30s 1203 scripts/config.pl full 1204 scripts/config.pl set MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 1205 scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED 1206 scripts/config.pl unset MBEDTLS_PLATFORM_NV_SEED_ALT 1207 make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' 1208} 1209 1210component_build_no_ssl_srv () { 1211 msg "build: full config except ssl_srv.c, make, gcc" # ~ 30s 1212 scripts/config.pl full 1213 scripts/config.pl unset MBEDTLS_SSL_SRV_C 1214 make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' 1215} 1216 1217component_build_no_ssl_cli () { 1218 msg "build: full config except ssl_cli.c, make, gcc" # ~ 30s 1219 scripts/config.pl full 1220 scripts/config.pl unset MBEDTLS_SSL_CLI_C 1221 make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' 1222} 1223 1224component_build_no_sockets () { 1225 # Note, C99 compliance can also be tested with the sockets support disabled, 1226 # as that requires a POSIX platform (which isn't the same as C99). 1227 msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s 1228 scripts/config.pl full 1229 scripts/config.pl unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc. 1230 scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux 1231 make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1 -std=c99 -pedantic' lib 1232} 1233 1234component_test_memory_buffer_allocator_backtrace () { 1235 msg "build: default config with memory buffer allocator and backtrace enabled" 1236 scripts/config.pl set MBEDTLS_MEMORY_BUFFER_ALLOC_C 1237 scripts/config.pl set MBEDTLS_PLATFORM_MEMORY 1238 scripts/config.pl set MBEDTLS_MEMORY_BACKTRACE 1239 scripts/config.pl set MBEDTLS_MEMORY_DEBUG 1240 CC=gcc cmake . 1241 make 1242 1243 msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE" 1244 make test 1245} 1246 1247component_test_memory_buffer_allocator () { 1248 msg "build: default config with memory buffer allocator" 1249 scripts/config.pl set MBEDTLS_MEMORY_BUFFER_ALLOC_C 1250 scripts/config.pl set MBEDTLS_PLATFORM_MEMORY 1251 CC=gcc cmake . 1252 make 1253 1254 msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C" 1255 make test 1256 1257 msg "test: ssl-opt.sh, MBEDTLS_MEMORY_BUFFER_ALLOC_C" 1258 # MBEDTLS_MEMORY_BUFFER_ALLOC is slow. Skip tests that tend to time out. 1259 if_build_succeeded tests/ssl-opt.sh -e '^DTLS proxy' 1260} 1261 1262component_test_no_max_fragment_length () { 1263 # Run max fragment length tests with MFL disabled 1264 msg "build: default config except MFL extension (ASan build)" # ~ 30s 1265 scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 1266 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1267 make 1268 1269 msg "test: ssl-opt.sh, MFL-related tests" 1270 if_build_succeeded tests/ssl-opt.sh -f "Max fragment length" 1271} 1272 1273component_test_no_max_fragment_length_small_ssl_out_content_len () { 1274 msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)" 1275 scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 1276 scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384 1277 scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 1278 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1279 make 1280 1281 msg "test: MFL tests (disabled MFL extension case) & large packet tests" 1282 if_build_succeeded tests/ssl-opt.sh -f "Max fragment length\|Large buffer" 1283} 1284 1285component_test_null_entropy () { 1286 msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)" 1287 scripts/config.pl set MBEDTLS_TEST_NULL_ENTROPY 1288 scripts/config.pl set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES 1289 scripts/config.pl set MBEDTLS_ENTROPY_C 1290 scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED 1291 scripts/config.pl unset MBEDTLS_PLATFORM_NV_SEED_ALT 1292 scripts/config.pl unset MBEDTLS_ENTROPY_HARDWARE_ALT 1293 scripts/config.pl unset MBEDTLS_HAVEGE_C 1294 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON . 1295 make 1296 1297 msg "test: MBEDTLS_TEST_NULL_ENTROPY - main suites (inc. selftests) (ASan build)" 1298 make test 1299} 1300 1301component_test_no_date_time () { 1302 msg "build: default config without MBEDTLS_HAVE_TIME_DATE" 1303 scripts/config.pl unset MBEDTLS_HAVE_TIME_DATE 1304 CC=gcc cmake 1305 make 1306 1307 msg "test: !MBEDTLS_HAVE_TIME_DATE - main suites" 1308 make test 1309} 1310 1311component_test_platform_calloc_macro () { 1312 msg "build: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)" 1313 scripts/config.pl set MBEDTLS_PLATFORM_MEMORY 1314 scripts/config.pl set MBEDTLS_PLATFORM_CALLOC_MACRO calloc 1315 scripts/config.pl set MBEDTLS_PLATFORM_FREE_MACRO free 1316 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1317 make 1318 1319 msg "test: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)" 1320 make test 1321} 1322 1323component_test_malloc_0_null () { 1324 msg "build: malloc(0) returns NULL (ASan+UBSan build)" 1325 scripts/config.pl full 1326 scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C 1327 make CC=gcc CFLAGS="'-DMBEDTLS_CONFIG_FILE=\"$PWD/tests/configs/config-wrapper-malloc-0-null.h\"' -O $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" 1328 1329 msg "test: malloc(0) returns NULL (ASan+UBSan build)" 1330 make test 1331 1332 msg "selftest: malloc(0) returns NULL (ASan+UBSan build)" 1333 # Just the calloc selftest. "make test" ran the others as part of the 1334 # test suites. 1335 if_build_succeeded programs/test/selftest calloc 1336} 1337 1338component_test_aes_fewer_tables () { 1339 msg "build: default config with AES_FEWER_TABLES enabled" 1340 scripts/config.pl set MBEDTLS_AES_FEWER_TABLES 1341 make CC=gcc CFLAGS='-Werror -Wall -Wextra' 1342 1343 msg "test: AES_FEWER_TABLES" 1344 make test 1345} 1346 1347component_test_aes_rom_tables () { 1348 msg "build: default config with AES_ROM_TABLES enabled" 1349 scripts/config.pl set MBEDTLS_AES_ROM_TABLES 1350 make CC=gcc CFLAGS='-Werror -Wall -Wextra' 1351 1352 msg "test: AES_ROM_TABLES" 1353 make test 1354} 1355 1356component_test_aes_fewer_tables_and_rom_tables () { 1357 msg "build: default config with AES_ROM_TABLES and AES_FEWER_TABLES enabled" 1358 scripts/config.pl set MBEDTLS_AES_FEWER_TABLES 1359 scripts/config.pl set MBEDTLS_AES_ROM_TABLES 1360 make CC=gcc CFLAGS='-Werror -Wall -Wextra' 1361 1362 msg "test: AES_FEWER_TABLES + AES_ROM_TABLES" 1363 make test 1364} 1365 1366component_test_make_shared () { 1367 msg "build/test: make shared" # ~ 40s 1368 make SHARED=1 all check 1369 ldd programs/util/strerror | grep libmbedcrypto 1370} 1371 1372component_test_cmake_shared () { 1373 msg "build/test: cmake shared" # ~ 2min 1374 cmake -DUSE_SHARED_MBEDTLS_LIBRARY=On . 1375 make 1376 ldd programs/util/strerror | grep libmbedcrypto 1377 make test 1378} 1379 1380test_build_opt () { 1381 info=$1 cc=$2; shift 2 1382 for opt in "$@"; do 1383 msg "build/test: $cc $opt, $info" # ~ 30s 1384 make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror" 1385 # We're confident enough in compilers to not run _all_ the tests, 1386 # but at least run the unit tests. In particular, runs with 1387 # optimizations use inline assembly whereas runs with -O0 1388 # skip inline assembly. 1389 make test # ~30s 1390 make clean 1391 done 1392} 1393 1394component_test_clang_opt () { 1395 scripts/config.pl full 1396 test_build_opt 'full config' clang -O0 -Os -O2 1397} 1398 1399component_test_gcc_opt () { 1400 scripts/config.pl full 1401 test_build_opt 'full config' gcc -O0 -Os -O2 1402} 1403 1404component_build_mbedtls_config_file () { 1405 msg "build: make with MBEDTLS_CONFIG_FILE" # ~40s 1406 # Use the full config so as to catch a maximum of places where 1407 # the check of MBEDTLS_CONFIG_FILE might be missing. 1408 scripts/config.pl full 1409 sed 's!"check_config.h"!"mbedtls/check_config.h"!' <"$CONFIG_H" >full_config.h 1410 echo '#error "MBEDTLS_CONFIG_FILE is not working"' >"$CONFIG_H" 1411 make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'" 1412 rm -f full_config.h 1413} 1414 1415component_test_m32_o0 () { 1416 # Build once with -O0, to compile out the i386 specific inline assembly 1417 msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s 1418 scripts/config.pl full 1419 make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS" 1420 1421 msg "test: i386, make, gcc -O0 (ASan build)" 1422 make test 1423} 1424support_test_m32_o0 () { 1425 case $(uname -m) in 1426 *64*) true;; 1427 *) false;; 1428 esac 1429} 1430 1431component_test_m32_o1 () { 1432 # Build again with -O1, to compile in the i386 specific inline assembly 1433 msg "build: i386, make, gcc -O1 (ASan build)" # ~ 30s 1434 scripts/config.pl full 1435 make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O1" LDFLAGS="-m32 $ASAN_CFLAGS" 1436 1437 msg "test: i386, make, gcc -O1 (ASan build)" 1438 make test 1439 1440 msg "test ssl-opt.sh, i386, make, gcc-O1" 1441 if_build_succeeded tests/ssl-opt.sh 1442} 1443support_test_m32_o1 () { 1444 support_test_m32_o0 "$@" 1445} 1446 1447component_test_mx32 () { 1448 msg "build: 64-bit ILP32, make, gcc" # ~ 30s 1449 scripts/config.pl full 1450 make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' LDFLAGS='-mx32' 1451 1452 msg "test: 64-bit ILP32, make, gcc" 1453 make test 1454} 1455support_test_mx32 () { 1456 case $(uname -m) in 1457 amd64|x86_64) true;; 1458 *) false;; 1459 esac 1460} 1461 1462component_test_min_mpi_window_size () { 1463 msg "build: Default + MBEDTLS_MPI_WINDOW_SIZE=1 (ASan build)" # ~ 10s 1464 scripts/config.pl set MBEDTLS_MPI_WINDOW_SIZE 1 1465 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . 1466 make 1467 1468 msg "test: MBEDTLS_MPI_WINDOW_SIZE=1 - main suites (inc. selftests) (ASan build)" # ~ 10s 1469 make test 1470} 1471 1472component_test_have_int32 () { 1473 msg "build: gcc, force 32-bit bignum limbs" 1474 scripts/config.pl unset MBEDTLS_HAVE_ASM 1475 scripts/config.pl unset MBEDTLS_AESNI_C 1476 scripts/config.pl unset MBEDTLS_PADLOCK_C 1477 make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32' 1478 1479 msg "test: gcc, force 32-bit bignum limbs" 1480 make test 1481} 1482 1483component_test_have_int64 () { 1484 msg "build: gcc, force 64-bit bignum limbs" 1485 scripts/config.pl unset MBEDTLS_HAVE_ASM 1486 scripts/config.pl unset MBEDTLS_AESNI_C 1487 scripts/config.pl unset MBEDTLS_PADLOCK_C 1488 make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64' 1489 1490 msg "test: gcc, force 64-bit bignum limbs" 1491 make test 1492} 1493 1494component_test_no_udbl_division () { 1495 msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s 1496 scripts/config.pl full 1497 scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION 1498 make CFLAGS='-Werror -O1' 1499 1500 msg "test: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s 1501 make test 1502} 1503 1504component_test_no_64bit_multiplication () { 1505 msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s 1506 scripts/config.pl full 1507 scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION 1508 make CFLAGS='-Werror -O1' 1509 1510 msg "test: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s 1511 make test 1512} 1513 1514component_test_no_strings () { 1515 msg "build: no strings" # ~10s 1516 scripts/config.pl full 1517 # Disable options that activate a large amount of string constants. 1518 scripts/config.pl unset MBEDTLS_DEBUG_C 1519 scripts/config.pl unset MBEDTLS_ERROR_C 1520 scripts/config.pl set MBEDTLS_ERROR_STRERROR_DUMMY 1521 scripts/config.pl unset MBEDTLS_VERSION_FEATURES 1522 make CFLAGS='-Werror -Os' 1523 1524 msg "test: no strings" # ~ 10s 1525 make test 1526} 1527 1528component_build_arm_none_eabi_gcc () { 1529 msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1" # ~ 10s 1530 scripts/config.pl baremetal 1531 make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra -O1' lib 1532 1533 msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1" 1534 ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o 1535} 1536 1537component_build_arm_none_eabi_gcc_arm5vte () { 1538 msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s 1539 scripts/config.pl baremetal 1540 # Build for a target platform that's close to what Debian uses 1541 # for its "armel" distribution (https://wiki.debian.org/ArmEabiPort). 1542 # See https://github.com/ARMmbed/mbedtls/pull/2169 and comments. 1543 # It would be better to build with arm-linux-gnueabi-gcc but 1544 # we don't have that on our CI at this time. 1545 make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib 1546 1547 msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1" 1548 ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o 1549} 1550 1551component_build_arm_none_eabi_gcc_m0plus () { 1552 msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus" # ~ 10s 1553 scripts/config.pl baremetal 1554 make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra -mthumb -mcpu=cortex-m0plus -Os' lib 1555 1556 msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus -Os" 1557 ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o 1558} 1559 1560component_build_arm_none_eabi_gcc_no_udbl_division () { 1561 msg "build: ${ARM_NONE_EABI_GCC_PREFIX} -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s 1562 scripts/config.pl baremetal 1563 scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION 1564 make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -Wall -Wextra' lib 1565 echo "Checking that software 64-bit division is not required" 1566 if_build_succeeded not grep __aeabi_uldiv library/*.o 1567} 1568 1569component_build_arm_none_eabi_gcc_no_64bit_multiplication () { 1570 msg "build: ${ARM_NONE_EABI_GCC_PREFIX} MBEDTLS_NO_64BIT_MULTIPLICATION, make" # ~ 10s 1571 scripts/config.pl baremetal 1572 scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION 1573 make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-Werror -O1 -march=armv6-m -mthumb' lib 1574 echo "Checking that software 64-bit multiplication is not required" 1575 if_build_succeeded not grep __aeabi_lmul library/*.o 1576} 1577 1578component_build_armcc () { 1579 msg "build: ARM Compiler 5" 1580 scripts/config.pl baremetal 1581 make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib 1582 1583 msg "size: ARM Compiler 5" 1584 "$ARMC5_FROMELF" -z library/*.o 1585 1586 make clean 1587 1588 # ARM Compiler 6 - Target ARMv7-A 1589 armc6_build_test "--target=arm-arm-none-eabi -march=armv7-a" 1590 1591 # ARM Compiler 6 - Target ARMv7-M 1592 armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m" 1593 1594 # ARM Compiler 6 - Target ARMv8-A - AArch32 1595 armc6_build_test "--target=arm-arm-none-eabi -march=armv8.2-a" 1596 1597 # ARM Compiler 6 - Target ARMv8-M 1598 armc6_build_test "--target=arm-arm-none-eabi -march=armv8-m.main" 1599 1600 # ARM Compiler 6 - Target ARMv8-A - AArch64 1601 armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a" 1602} 1603 1604component_build_ssl_hw_record_accel() { 1605 msg "build: default config with MBEDTLS_SSL_HW_RECORD_ACCEL enabled" 1606 scripts/config.pl set MBEDTLS_SSL_HW_RECORD_ACCEL 1607 make CFLAGS='-Werror -O1' 1608} 1609 1610component_test_allow_sha1 () { 1611 msg "build: allow SHA1 in certificates by default" 1612 scripts/config.pl set MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES 1613 make CFLAGS='-Werror -Wall -Wextra' 1614 msg "test: allow SHA1 in certificates by default" 1615 make test 1616 if_build_succeeded tests/ssl-opt.sh -f SHA-1 1617} 1618 1619component_build_mingw () { 1620 msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s 1621 make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs 1622 1623 # note Make tests only builds the tests, but doesn't run them 1624 make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 tests 1625 make WINDOWS_BUILD=1 clean 1626 1627 msg "build: Windows cross build - mingw64, make (DLL)" # ~ 30s 1628 make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 lib programs 1629 make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 tests 1630 make WINDOWS_BUILD=1 clean 1631} 1632 1633component_test_memsan () { 1634 msg "build: MSan (clang)" # ~ 1 min 20s 1635 scripts/config.pl unset MBEDTLS_AESNI_C # memsan doesn't grok asm 1636 CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan . 1637 make 1638 1639 msg "test: main suites (MSan)" # ~ 10s 1640 make test 1641 1642 msg "test: ssl-opt.sh (MSan)" # ~ 1 min 1643 if_build_succeeded tests/ssl-opt.sh 1644 1645 # Optional part(s) 1646 1647 if [ "$MEMORY" -gt 0 ]; then 1648 msg "test: compat.sh (MSan)" # ~ 6 min 20s 1649 if_build_succeeded tests/compat.sh 1650 fi 1651} 1652 1653component_test_valgrind () { 1654 msg "build: Release (clang)" 1655 CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release . 1656 make 1657 1658 msg "test: main suites valgrind (Release)" 1659 make memcheck 1660 1661 # Optional parts (slow; currently broken on OS X because programs don't 1662 # seem to receive signals under valgrind on OS X). 1663 if [ "$MEMORY" -gt 0 ]; then 1664 msg "test: ssl-opt.sh --memcheck (Release)" 1665 if_build_succeeded tests/ssl-opt.sh --memcheck 1666 fi 1667 1668 if [ "$MEMORY" -gt 1 ]; then 1669 msg "test: compat.sh --memcheck (Release)" 1670 if_build_succeeded tests/compat.sh --memcheck 1671 fi 1672} 1673 1674component_test_cmake_out_of_source () { 1675 msg "build: cmake 'out-of-source' build" 1676 MBEDTLS_ROOT_DIR="$PWD" 1677 mkdir "$OUT_OF_SOURCE_DIR" 1678 cd "$OUT_OF_SOURCE_DIR" 1679 cmake "$MBEDTLS_ROOT_DIR" 1680 make 1681 1682 msg "test: cmake 'out-of-source' build" 1683 make test 1684 # Test an SSL option that requires an auxiliary script in test/scripts/. 1685 # Also ensure that there are no error messages such as 1686 # "No such file or directory", which would indicate that some required 1687 # file is missing (ssl-opt.sh tolerates the absence of some files so 1688 # may exit with status 0 but emit errors). 1689 if_build_succeeded ./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' 2>ssl-opt.err 1690 if [ -s ssl-opt.err ]; then 1691 cat ssl-opt.err >&2 1692 record_status [ ! -s ssl-opt.err ] 1693 rm ssl-opt.err 1694 fi 1695 cd "$MBEDTLS_ROOT_DIR" 1696 rm -rf "$OUT_OF_SOURCE_DIR" 1697 unset MBEDTLS_ROOT_DIR 1698} 1699 1700component_test_zeroize () { 1701 # Test that the function mbedtls_platform_zeroize() is not optimized away by 1702 # different combinations of compilers and optimization flags by using an 1703 # auxiliary GDB script. Unfortunately, GDB does not return error values to the 1704 # system in all cases that the script fails, so we must manually search the 1705 # output to check whether the pass string is present and no failure strings 1706 # were printed. 1707 1708 # Don't try to disable ASLR. We don't care about ASLR here. We do care 1709 # about a spurious message if Gdb tries and fails, so suppress that. 1710 gdb_disable_aslr= 1711 if [ -z "$(gdb -batch -nw -ex 'set disable-randomization off' 2>&1)" ]; then 1712 gdb_disable_aslr='set disable-randomization off' 1713 fi 1714 1715 for optimization_flag in -O2 -O3 -Ofast -Os; do 1716 for compiler in clang gcc; do 1717 msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()" 1718 make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag" 1719 if_build_succeeded gdb -ex "$gdb_disable_aslr" -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log 1720 if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log 1721 if_build_succeeded not grep -i "error" test_zeroize.log 1722 rm -f test_zeroize.log 1723 make clean 1724 done 1725 done 1726 1727 unset gdb_disable_aslr 1728} 1729 1730component_check_python_files () { 1731 msg "Lint: Python scripts" 1732 record_status tests/scripts/check-python-files.sh 1733} 1734 1735component_check_generate_test_code () { 1736 msg "uint test: generate_test_code.py" 1737 # unittest writes out mundane stuff like number or tests run on stderr. 1738 # Our convention is to reserve stderr for actual errors, and write 1739 # harmless info on stdout so it can be suppress with --quiet. 1740 record_status ./tests/scripts/test_generate_test_code.py 2>&1 1741} 1742 1743################################################################ 1744#### Termination 1745################################################################ 1746 1747post_report () { 1748 msg "Done, cleaning up" 1749 cleanup 1750 1751 final_report 1752} 1753 1754 1755 1756################################################################ 1757#### Run all the things 1758################################################################ 1759 1760# Run one component and clean up afterwards. 1761run_component () { 1762 # Back up the configuration in case the component modifies it. 1763 # The cleanup function will restore it. 1764 cp -p "$CONFIG_H" "$CONFIG_BAK" 1765 current_component="$1" 1766 1767 # Run the component code. 1768 if [ $QUIET -eq 1 ]; then 1769 # msg() is silenced, so just print the component name here 1770 echo "${current_component#component_}" 1771 fi 1772 redirect_out "$@" 1773 1774 # Restore the build tree to a clean state. 1775 cleanup 1776 unset current_component 1777} 1778 1779# Preliminary setup 1780pre_check_environment 1781pre_initialize_variables 1782pre_parse_command_line "$@" 1783 1784pre_check_git 1785build_status=0 1786if [ $KEEP_GOING -eq 1 ]; then 1787 pre_setup_keep_going 1788else 1789 record_status () { 1790 "$@" 1791 } 1792fi 1793pre_setup_quiet_redirect 1794pre_print_configuration 1795pre_check_tools 1796cleanup 1797 1798# Run the requested tests. 1799for component in $RUN_COMPONENTS; do 1800 run_component "component_$component" 1801done 1802 1803# We're done. 1804post_report 1805