wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

bwrap tweaks:

Browse Source 
in scripts/ocsp.test, don't call ping.test when $AM_BWRAPPED = yes (ping is setuid, so fails under bwrap);

in scripts/unit.test.in, don't bwrap if $AM_BWRAPPED = yes (double-bwrapping always fails);

in testsuite/testsuite.c testsuite_test(), build tempName using tempDir, and try to assign tempDir from XGETENV("TMPDIR"), fallback to hardcoded "/tmp".
This commit is contained in:
Daniel Pouzzner
2022-02-10 15:54:39 -06:00
parent 91578df19d
commit c581e13380
4 changed files with 49 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
scripts/ocsp.test
View File

@ -26,11 +26,15 @@ OUTPUT=$(eval "./examples/client/client -S check")
if [ "$OUTPUT" = "SNI is: ON" ]; then if [ "$OUTPUT" = "SNI is: ON" ]; then
printf '\n\n%s\n\n' "SNI is on, proceed with globalsign test" printf '\n\n%s\n\n' "SNI is on, proceed with globalsign test"
# is our desired server there? if [ "$AM_BWRAPPED" != "yes" ]; then
"${SCRIPT_DIR}/ping.test" $server 2 # is our desired server there?
RESULT=$? "${SCRIPT_DIR}/ping.test" $server 2
if [ $RESULT -ne 0 ]; then RESULT=$?
GL_UNREACHABLE=1 if [ $RESULT -ne 0 ]; then
GL_UNREACHABLE=1
fi
else
RESULT=0
fi fi
if [ $RESULT -eq 0 ]; then if [ $RESULT -eq 0 ]; then
@ -50,9 +54,14 @@ fi
server=www.google.com server=www.google.com
ca=${SCRIPT_DIR}/../certs/external/ca-google-root.pem ca=${SCRIPT_DIR}/../certs/external/ca-google-root.pem
# is our desired server there? if [ "$AM_BWRAPPED" != "yes" ]; then
${SCRIPT_DIR}/ping.test $server 2 # is our desired server there?
RESULT=$? ${SCRIPT_DIR}/ping.test $server 2
RESULT=$?
else
RESULT=0
fi
if [ $RESULT -eq 0 ]; then if [ $RESULT -eq 0 ]; then
# client test against the server # client test against the server
echo "./examples/client/client -X -C -h $server -p 443 -A "$ca" -g -o -N" echo "./examples/client/client -X -C -h $server -p 443 -A "$ca" -g -o -N"

12
scripts/unit.test.in
View File

@ -1,8 +1,12 @@
#!/bin/sh #!/bin/sh
bwrap_path="$(command -v bwrap)" if [ "${AM_BWRAPPED-}" != "yes" ]; then
if [ -n "$bwrap_path" ]; then bwrap_path="$(command -v bwrap)"
exec "$bwrap_path" --unshare-net --dev-bind / / "@builddir@/tests/unit.test" "$@" if [ -n "$bwrap_path" ]; then
exec "$bwrap_path" --unshare-net --dev-bind / / "@builddir@/tests/unit.test" "$@"
else
exec "@builddir@/tests/unit.test" "$@"
fi
else else
exec "@builddir@/tests/unit.test" "$@" exec "@builddir@/tests/unit.test" "$@"
fi fi

29
testsuite/testsuite.c
View File

@ -104,19 +104,34 @@ int testsuite_test(int argc, char** argv)
THREAD_TYPE serverThread; THREAD_TYPE serverThread;
#ifndef USE_WINDOWS_API #ifndef USE_WINDOWS_API
char tempName[] = "/tmp/output-XXXXXX"; const char *tempDir = NULL;
int len = 18; char tempName[128];
int num = 6; int tempName_len;
int tempName_Xnum;
#else #else
char tempName[] = "fnXXXXXX"; char tempName[] = "fnXXXXXX";
int len = 8; const int tempName_len = 8;
int num = 6; const int tempName_Xnum = 6;
#endif #endif
#ifdef HAVE_STACK_SIZE #ifdef HAVE_STACK_SIZE
void *serverThreadStackContext = NULL; void *serverThreadStackContext = NULL;
#endif #endif
int ret; int ret;
#ifndef USE_WINDOWS_API
#ifdef XGETENV
tempDir = XGETENV("TMPDIR");
if (tempDir == NULL)
#endif
{
tempDir = "/tmp";
}
XSTRLCPY(tempName, tempDir, sizeof(tempName));
XSTRLCAT(tempName, "/testsuite-output-XXXXXX", sizeof(tempName));
tempName_len = (int)XSTRLEN(tempName);
tempName_Xnum = 6;
#endif /* !USE_WINDOWS_API */
#ifdef HAVE_WNR #ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0) { if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0) {
err_sys("Whitewood netRandom global config failed"); err_sys("Whitewood netRandom global config failed");
@ -172,7 +187,7 @@ int testsuite_test(int argc, char** argv)
#endif #endif
/* Create unique file name */ /* Create unique file name */
outputName = mymktemp(tempName, len, num); outputName = mymktemp(tempName, tempName_len, tempName_Xnum);
if (outputName == NULL) { if (outputName == NULL) {
printf("Could not create unique file name"); printf("Could not create unique file name");
return EXIT_FAILURE; return EXIT_FAILURE;
@ -241,7 +256,7 @@ static int test_tls(func_args* server_args)
{ {
func_args echo_args; func_args echo_args;
char* myArgv[NUMARGS]; char* myArgv[NUMARGS];
char arg[3][32]; char arg[3][128];
/* Set up command line arguments for echoclient to send input file /* Set up command line arguments for echoclient to send input file
* and write echoed data to temporary output file. */ * and write echoed data to temporary output file. */

5
wolfssl/wolfcrypt/types.h
View File

@ -761,13 +761,12 @@ decouple library dependencies with standard string, memory and so on.
#define XSTRLCAT(s1,s2,n) wc_strlcat((s1),(s2),(n)) #define XSTRLCAT(s1,s2,n) wc_strlcat((s1),(s2),(n))
#endif #endif
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \ #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
!defined(NO_STDIO_FILESYSTEM)
#ifndef XGETENV #ifndef XGETENV
#include <stdlib.h> #include <stdlib.h>
#define XGETENV getenv #define XGETENV getenv
#endif #endif
#endif /* OPENSSL_EXTRA */ #endif /* !NO_FILESYSTEM && !NO_STDIO_FILESYSTEM */
#ifndef CTYPE_USER #ifndef CTYPE_USER
#ifndef WOLFSSL_LINUXKM #ifndef WOLFSSL_LINUXKM