From e82ecdff93f9d40298f5a780f2d07b92778602c8 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Mon, 22 Jun 2026 21:30:33 +0000 Subject: [PATCH 1/3] Fix ocsp-stapling_tls13multi.test hang from unbounded server wait Test cases 6 and 7 background the example server and then "wait" for it to exit. When the server occasionally fails to exit (a timing race under heavy parallel CI load), the script blocks until the job's timeout-minutes, cancelling the whole trackmemory run - seen consistently on the all-wolfentropy config. Wrap those two servers in "timeout -s KILL 2m" (as scripts/dtls.test already does) so a stuck server is killed and the test fails fast instead of timing out the whole job. --- scripts/ocsp-stapling_tls13multi.test | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/ocsp-stapling_tls13multi.test b/scripts/ocsp-stapling_tls13multi.test index ce49ba13c7..3d0da55a31 100755 --- a/scripts/ocsp-stapling_tls13multi.test +++ b/scripts/ocsp-stapling_tls13multi.test @@ -455,7 +455,7 @@ if [ "$tls13" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE 6 LOAD CERT IN SSL -------------------" remove_single_rF "$ready_file5" - ./examples/server/server -c certs/ocsp/server1-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server1-cert.pem \ -k certs/ocsp/server1-key.pem -R "$ready_file5" -v 4 \ -p "$port5" -H loadSSL & server_pid5=$! @@ -470,7 +470,7 @@ if [ "$tls13" == "yes" ]; then printf '%s\n\n' "Test successful" printf '%s\n\n' "------------- TEST CASE 7 SHOULD REVOKE ----------------------" remove_single_rF "$ready_file5" - ./examples/server/server -c certs/ocsp/server4-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server4-cert.pem \ -k certs/ocsp/server4-key.pem -R "$ready_file5" \ -p "$port5" -H loadSSL -v 4 & server_pid5=$! From 5c5cbd3094c4ee4d531d8c025ae9e59712ed28cd Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Tue, 23 Jun 2026 00:07:58 +0000 Subject: [PATCH 2/3] Bound waited example servers with timeout in remaining test scripts Several test scripts share the same pattern as ocsp-stapling_tls13multi: a backgrounded example server is "wait"ed on with no timeout, so a server that flakily fails to exit blocks the script until the CI job timeout. Wrap those servers in "timeout -s KILL 2m" as well. Scripts: ocsp-stapling, ocsp-stapling2, ocsp-stapling-with-wolfssl-responder, crl-revoked, tls13, resume, pkcallbacks, dtlscid. --- scripts/crl-revoked.test | 4 +- scripts/dtlscid.test | 2 +- .../ocsp-stapling-with-wolfssl-responder.test | 38 +++++++++---------- scripts/ocsp-stapling.test | 2 +- scripts/ocsp-stapling2.test | 4 +- scripts/pkcallbacks.test | 2 +- scripts/resume.test | 2 +- scripts/tls13.test | 4 +- 8 files changed, 29 insertions(+), 29 deletions(-) diff --git a/scripts/crl-revoked.test b/scripts/crl-revoked.test index 92cc9ce14e..0b566578f8 100755 --- a/scripts/crl-revoked.test +++ b/scripts/crl-revoked.test @@ -99,7 +99,7 @@ run_test() { # starts the server on crl_port, -R generates ready file to be used as a # mutex lock, -c loads the revoked certificate. We capture the processid # into the variable server_pid - ./examples/server/server -R "$ready_file" -p $crl_port \ + timeout -s KILL 2m ./examples/server/server -R "$ready_file" -p $crl_port \ -c ${CERT_DIR}/server-revoked-cert.pem \ -k ${CERT_DIR}/server-revoked-key.pem & server_pid=$! @@ -176,7 +176,7 @@ run_hashdir_test() { # starts the server on crl_port, -R generates ready file to be used as a # mutex lock, -c loads the revoked certificate. We capture the processid # into the variable server_pid - ./examples/server/server -R "$ready_file" -p $crl_port \ + timeout -s KILL 2m ./examples/server/server -R "$ready_file" -p $crl_port \ -c ${CERT_DIR}/server-revoked-cert.pem \ -k ${CERT_DIR}/server-revoked-key.pem & server_pid=$! diff --git a/scripts/dtlscid.test b/scripts/dtlscid.test index 58968d978d..c2d33ff76d 100755 --- a/scripts/dtlscid.test +++ b/scripts/dtlscid.test @@ -54,7 +54,7 @@ test_cid () { echo "Running test_cid" SERVER_FILE=$(mktemp) CLIENT_FILE=$(mktemp) - $WOLFSSL_ROOT/examples/server/server -v4 -u --cid $SCID 1> $SERVER_FILE & + timeout -s KILL 2m $WOLFSSL_ROOT/examples/server/server -v4 -u --cid $SCID 1> $SERVER_FILE & SERVER_PID=$! sleep 0.2 $WOLFSSL_ROOT/examples/client/client -v4 -u --cid $CCID 1> $CLIENT_FILE diff --git a/scripts/ocsp-stapling-with-wolfssl-responder.test b/scripts/ocsp-stapling-with-wolfssl-responder.test index f7ca8bafd5..e780d49812 100755 --- a/scripts/ocsp-stapling-with-wolfssl-responder.test +++ b/scripts/ocsp-stapling-with-wolfssl-responder.test @@ -455,7 +455,7 @@ if [ "$stapling_v1" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE 1 SHOULD PASS -------------------------" # client test against our own server - GOOD CERT - ./examples/server/server -c certs/ocsp/server1-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server1-cert.pem \ -k certs/ocsp/server1-key.pem -R $ready_file5 \ -p $port5 & server_pid5=$! @@ -468,7 +468,7 @@ if [ "$stapling_v1" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE 2 SHOULD REVOKE -----------------------" # client test against our own server - REVOKED CERT remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server2-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server2-cert.pem \ -k certs/ocsp/server2-key.pem -R $ready_file5 \ -p $port5 & server_pid5=$! @@ -486,7 +486,7 @@ if [ "$stapling_v1" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE 3 TLS13 SHOULD PASS -----------------" # client test against our own server - GOOD CERT remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server1-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server1-cert.pem \ -k certs/ocsp/server1-key.pem -v 4 \ -R $ready_file5 -p $port5 & server_pid5=$! @@ -500,7 +500,7 @@ if [ "$stapling_v1" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE 4 TLS13 MUST-STAPLE SHOULD PASS -----" # client test against our own server, must staple - GOOD CERT remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server1-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server1-cert.pem \ -k certs/ocsp/server1-key.pem -v 4 \ -R $ready_file5 -p $port5 & server_pid5=$! @@ -514,7 +514,7 @@ if [ "$stapling_v1" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE 5 TLS13 SHOULD REVOKE ---------------" # client test against our own server - REVOKED CERT remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server2-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server2-cert.pem \ -k certs/ocsp/server2-key.pem -v 4 \ -R $ready_file5 -p $port5 & server_pid5=$! @@ -533,7 +533,7 @@ if [ "$stapling_v1" == "yes" ]; then if [[ "$dtls12" == "yes" ]]; then printf '%s\n\n' "------------- TEST CASE DTLS12-1 SHOULD PASS ----------------" remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file5 \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file5 \ -k certs/ocsp/server1-key.pem -u -v 3 \ -p $port5 & server_pid5=$! @@ -549,7 +549,7 @@ if [ "$stapling_v1" == "yes" ]; then if [ "$dtls13" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE DTLS13-1 SHOULD PASS ----------------" remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file5 \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server1-cert.pem -R $ready_file5 \ -k certs/ocsp/server1-key.pem -u -v 4 \ -p $port5 & server_pid5=$! @@ -575,7 +575,7 @@ if [ "$stapling_v2" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE V2-1 SHOULD PASS ----------------------" # client test against our own server - GOOD CERTS remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server3-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server3-cert.pem \ -k certs/ocsp/server3-key.pem -R $ready_file5 \ -p $port5 & server_pid5=$! @@ -588,7 +588,7 @@ if [ "$stapling_v2" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE V2-2 SHOULD PASS ----------------------" remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server3-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server3-cert.pem \ -k certs/ocsp/server3-key.pem -R $ready_file5 \ -p $port5 & server_pid5=$! @@ -602,7 +602,7 @@ if [ "$stapling_v2" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE V2-3 SHOULD REVOKE --------------------" # client test against our own server - REVOKED SERVER CERT remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server4-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server4-cert.pem \ -k certs/ocsp/server4-key.pem -R $ready_file5 \ -p $port5 & server_pid5=$! @@ -616,7 +616,7 @@ if [ "$stapling_v2" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE V2-4 SHOULD REVOKE --------------------" remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server4-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server4-cert.pem \ -k certs/ocsp/server4-key.pem -R $ready_file5 \ -p $port5 & sleep 0.1 @@ -630,7 +630,7 @@ if [ "$stapling_v2" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE V2-5 SHOULD PASS ----------------------" # client test against our own server - REVOKED INTERMEDIATE CERT remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server5-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server5-cert.pem \ -k certs/ocsp/server5-key.pem -R $ready_file5 \ -p $port5 & server_pid5=$! @@ -643,7 +643,7 @@ if [ "$stapling_v2" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE V2-6 SHOULD REVOKE --------------------" remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server5-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server5-cert.pem \ -k certs/ocsp/server5-key.pem -R $ready_file5 \ -p $port5 & server_pid5=$! @@ -659,7 +659,7 @@ if [ "$stapling_v2" == "yes" ]; then if [[ "$dtls12" == "yes" ]]; then printf '%s\n\n' "------------- TEST CASE DTLS12-V2 SHOULD PASS ----------------" remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server3-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server3-cert.pem \ -k certs/ocsp/server3-key.pem -R $ready_file5 \ -p $port5 -u -v 3 & server_pid5=$! @@ -685,7 +685,7 @@ if [ "$tls13" == "yes" ] && [ "$stapling_v1" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE T13-1 SHOULD PASS --------------------" # client test against our own server - GOOD CERTS remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server3-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server3-cert.pem \ -k certs/ocsp/server3-key.pem -R $ready_file5 \ -p $port5 -v 4 & server_pid5=$! @@ -699,7 +699,7 @@ if [ "$tls13" == "yes" ] && [ "$stapling_v1" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE T13-2 SHOULD REVOKE ------------------" # client test against our own server - REVOKED SERVER CERT remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server4-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server4-cert.pem \ -k certs/ocsp/server4-key.pem -R $ready_file5 \ -p $port5 -v 4 & server_pid5=$! @@ -714,7 +714,7 @@ if [ "$tls13" == "yes" ] && [ "$stapling_v1" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE T13-3 SHOULD REVOKE ------------------" # client test against our own server - REVOKED INTERMEDIATE CERT remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server5-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server5-cert.pem \ -k certs/ocsp/server5-key.pem -R $ready_file5 \ -p $port5 -v 4 & server_pid5=$! @@ -730,7 +730,7 @@ if [ "$tls13" == "yes" ] && [ "$stapling_v1" == "yes" ]; then if [ "$dtls13" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE DTLS13-V2 SHOULD PASS ----------------" remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server3-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server3-cert.pem \ -k certs/ocsp/server3-key.pem -R $ready_file5 \ -p $port5 -u -v 4 & server_pid5=$! @@ -743,7 +743,7 @@ if [ "$tls13" == "yes" ] && [ "$stapling_v1" == "yes" ]; then printf '%s\n\n' "------------- TEST CASE DTLS13-V2-REVOKE SHOULD REVOKE -------" remove_single_rF $ready_file5 - ./examples/server/server -c certs/ocsp/server4-cert.pem \ + timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server4-cert.pem \ -k certs/ocsp/server4-key.pem -R $ready_file5 \ -p $port5 -v 4 & server_pid5=$! diff --git a/scripts/ocsp-stapling.test b/scripts/ocsp-stapling.test index bd62868cf6..1f62f094ff 100755 --- a/scripts/ocsp-stapling.test +++ b/scripts/ocsp-stapling.test @@ -290,7 +290,7 @@ port3=$(get_first_free_port $((port2 + 1))) # test interop fail case ready_file=$PWD/wolf_ocsp_readyF$$ printf '%s\n' "ready file: \"$ready_file\"" -./examples/server/server -b -p "$port1" -o -R "$ready_file" & +timeout -s KILL 2m ./examples/server/server -b -p "$port1" -o -R "$ready_file" & wolf_pid=$! wait_for_readyFile "$ready_file" "$wolf_pid" "$port1" if [ ! -f "$ready_file" ]; then diff --git a/scripts/ocsp-stapling2.test b/scripts/ocsp-stapling2.test index c79dcae279..59f35039fa 100755 --- a/scripts/ocsp-stapling2.test +++ b/scripts/ocsp-stapling2.test @@ -447,7 +447,7 @@ RESULT=$? printf '%s\n\n' "Test successfully REVOKED!" printf '%s\n\n' "------------- TEST CASE 7 LOAD CERT IN SSL -------------------" remove_single_rF "$ready_file5" -./examples/server/server -c certs/ocsp/server1-cert.pem \ +timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server1-cert.pem \ -k certs/ocsp/server1-key.pem -R "$ready_file5" \ -p "$port5" -H loadSSL & server_pid5=$! @@ -462,7 +462,7 @@ fi printf '%s\n\n' "Test successful" printf '%s\n\n' "------------- TEST CASE 8 SHOULD REVOKE ----------------------" remove_single_rF "$ready_file5" -./examples/server/server -c certs/ocsp/server4-cert.pem \ +timeout -s KILL 2m ./examples/server/server -c certs/ocsp/server4-cert.pem \ -k certs/ocsp/server4-key.pem -R "$ready_file5" \ -p "$port5" -H loadSSL & server_pid5=$! diff --git a/scripts/pkcallbacks.test b/scripts/pkcallbacks.test index aa7b783981..9685ac01ea 100755 --- a/scripts/pkcallbacks.test +++ b/scripts/pkcallbacks.test @@ -101,7 +101,7 @@ run_test() { # starts the server on pk_port, -R generates ready file to be used as a # mutex lock, -P does pkcallbacks. We capture the processid # into the variable server_pid - ./examples/server/server -P -R "$ready_file" -p $pk_port & + timeout -s KILL 2m ./examples/server/server -P -R "$ready_file" -p $pk_port & server_pid=$! while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do diff --git a/scripts/resume.test b/scripts/resume.test index 38af600e91..cb887b0593 100755 --- a/scripts/resume.test +++ b/scripts/resume.test @@ -77,7 +77,7 @@ do_test() { remove_ready_file echo "./examples/server/server -r -R \"$ready_file\" -p $resume_port" - ./examples/server/server -r -R "$ready_file" -p $resume_port & + timeout -s KILL 2m ./examples/server/server -r -R "$ready_file" -p $resume_port & server_pid=$! while [ ! -s "$ready_file" -a "$counter" -lt 20 ]; do diff --git a/scripts/tls13.test b/scripts/tls13.test index d0f02004de..18ebf0bf8e 100755 --- a/scripts/tls13.test +++ b/scripts/tls13.test @@ -260,7 +260,7 @@ if [ "$early_data" = "yes" ]; then echo -e "\n\nTLS v1.3 Early Data - session ticket" port=0 - (./examples/server/server -v 4 -r -0 -R "$ready_file" -p $port 2>&1 | \ + (timeout -s KILL 2m ./examples/server/server -v 4 -r -0 -R "$ready_file" -p $port 2>&1 | \ tee "$server_out_file") & server_pid=$! create_port @@ -308,7 +308,7 @@ if [ "$early_data" = "yes" -a "$psk" = "yes" ]; then early_data_try_num=1 while :; do - (./examples/server/server -v 4 -s -0 -R "$ready_file" -p $port 2>&1 | \ + (timeout -s KILL 2m ./examples/server/server -v 4 -s -0 -R "$ready_file" -p $port 2>&1 | \ tee "$server_out_file") & server_pid=$! create_port From 88032c1e56549f4f4c9dce33903d10ff6cf24572 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Tue, 23 Jun 2026 10:35:44 +0000 Subject: [PATCH 3/3] Make the server timeout wrap Linux-only timeout(1) is GNU coreutils and is not installed on macOS, so the "make check macos" job failed with "timeout: command not found" for every wrapped server. Add a small shim to each affected test: when timeout is unavailable (e.g. macOS) run the server unbounded, restoring the prior macOS behavior. The flaky hang the timeout guards against is on the Linux-only trackmemory job, so macOS does not need the bound. --- scripts/crl-revoked.test | 7 +++++++ scripts/dtlscid.test | 7 +++++++ scripts/ocsp-stapling-with-wolfssl-responder.test | 7 +++++++ scripts/ocsp-stapling.test | 7 +++++++ scripts/ocsp-stapling2.test | 7 +++++++ scripts/ocsp-stapling_tls13multi.test | 7 +++++++ scripts/pkcallbacks.test | 7 +++++++ scripts/resume.test | 7 +++++++ scripts/tls13.test | 7 +++++++ 9 files changed, 63 insertions(+) diff --git a/scripts/crl-revoked.test b/scripts/crl-revoked.test index 0b566578f8..ece7aaedb1 100755 --- a/scripts/crl-revoked.test +++ b/scripts/crl-revoked.test @@ -1,5 +1,12 @@ #!/usr/bin/env bash +# timeout(1) is GNU coreutils and absent on macOS; where it's missing, run the +# command unbounded (the flaky hang this guards against is Linux-only CI). +if ! command -v timeout >/dev/null 2>&1; then + timeout() { while [ "${1:-}" = "-s" ] || [ "${1:-}" = "-k" ]; do shift 2; done; shift; "$@"; } +fi + + [ ! -x ./examples/client/client ] && printf '\n\n%s\n' "Client doesn't exist" \ && exit 1 diff --git a/scripts/dtlscid.test b/scripts/dtlscid.test index c2d33ff76d..2de1dcf46c 100755 --- a/scripts/dtlscid.test +++ b/scripts/dtlscid.test @@ -1,5 +1,12 @@ #!/usr/bin/env bash +# timeout(1) is GNU coreutils and absent on macOS; where it's missing, run the +# command unbounded (the flaky hang this guards against is Linux-only CI). +if ! command -v timeout >/dev/null 2>&1; then + timeout() { while [ "${1:-}" = "-s" ] || [ "${1:-}" = "-k" ]; do shift 2; done; shift; "$@"; } +fi + + # dtlscid.test # Copyright wolfSSL 2022-2024 diff --git a/scripts/ocsp-stapling-with-wolfssl-responder.test b/scripts/ocsp-stapling-with-wolfssl-responder.test index e780d49812..5bffe1cdda 100755 --- a/scripts/ocsp-stapling-with-wolfssl-responder.test +++ b/scripts/ocsp-stapling-with-wolfssl-responder.test @@ -1,5 +1,12 @@ #!/usr/bin/env bash +# timeout(1) is GNU coreutils and absent on macOS; where it's missing, run the +# command unbounded (the flaky hang this guards against is Linux-only CI). +if ! command -v timeout >/dev/null 2>&1; then + timeout() { while [ "${1:-}" = "-s" ] || [ "${1:-}" = "-k" ]; do shift 2; done; shift; "$@"; } +fi + + # ocsp-stapling-with-wolfssl-responder.test # Tests OCSP stapling using wolfSSL's own ocsp_responder example # instead of the OpenSSL ocsp utility. diff --git a/scripts/ocsp-stapling.test b/scripts/ocsp-stapling.test index 1f62f094ff..5ab2e28c26 100755 --- a/scripts/ocsp-stapling.test +++ b/scripts/ocsp-stapling.test @@ -1,5 +1,12 @@ #!/usr/bin/env bash +# timeout(1) is GNU coreutils and absent on macOS; where it's missing, run the +# command unbounded (the flaky hang this guards against is Linux-only CI). +if ! command -v timeout >/dev/null 2>&1; then + timeout() { while [ "${1:-}" = "-s" ] || [ "${1:-}" = "-k" ]; do shift 2; done; shift; "$@"; } +fi + + # ocsp-stapling.test # Test requires HAVE_OCSP and HAVE_CERTIFICATE_STATUS_REQUEST diff --git a/scripts/ocsp-stapling2.test b/scripts/ocsp-stapling2.test index 59f35039fa..e3c1cee643 100755 --- a/scripts/ocsp-stapling2.test +++ b/scripts/ocsp-stapling2.test @@ -1,5 +1,12 @@ #!/usr/bin/env bash +# timeout(1) is GNU coreutils and absent on macOS; where it's missing, run the +# command unbounded (the flaky hang this guards against is Linux-only CI). +if ! command -v timeout >/dev/null 2>&1; then + timeout() { while [ "${1:-}" = "-s" ] || [ "${1:-}" = "-k" ]; do shift 2; done; shift; "$@"; } +fi + + # ocsp-stapling2.test # Test requires HAVE_OCSP and HAVE_CERTIFICATE_STATUS_REQUEST_V2 diff --git a/scripts/ocsp-stapling_tls13multi.test b/scripts/ocsp-stapling_tls13multi.test index 3d0da55a31..2b05a85498 100755 --- a/scripts/ocsp-stapling_tls13multi.test +++ b/scripts/ocsp-stapling_tls13multi.test @@ -1,5 +1,12 @@ #!/bin/bash +# timeout(1) is GNU coreutils and absent on macOS; where it's missing, run the +# command unbounded (the flaky hang this guards against is Linux-only CI). +if ! command -v timeout >/dev/null 2>&1; then + timeout() { while [ "${1:-}" = "-s" ] || [ "${1:-}" = "-k" ]; do shift 2; done; shift; "$@"; } +fi + + # ocsp-stapling_tls13multi.test # Test requires HAVE_OCSP and HAVE_CERTIFICATE_STATUS_REQUEST_V2 diff --git a/scripts/pkcallbacks.test b/scripts/pkcallbacks.test index 9685ac01ea..d73bb01508 100755 --- a/scripts/pkcallbacks.test +++ b/scripts/pkcallbacks.test @@ -1,5 +1,12 @@ #!/usr/bin/env bash +# timeout(1) is GNU coreutils and absent on macOS; where it's missing, run the +# command unbounded (the flaky hang this guards against is Linux-only CI). +if ! command -v timeout >/dev/null 2>&1; then + timeout() { while [ "${1:-}" = "-s" ] || [ "${1:-}" = "-k" ]; do shift 2; done; shift; "$@"; } +fi + + #pkcallbacks.test [ ! -x ./examples/client/client ] && printf '\n\n%s\n' "Client doesn't exist" \ diff --git a/scripts/resume.test b/scripts/resume.test index cb887b0593..ac7361e232 100755 --- a/scripts/resume.test +++ b/scripts/resume.test @@ -1,5 +1,12 @@ #!/usr/bin/env bash +# timeout(1) is GNU coreutils and absent on macOS; where it's missing, run the +# command unbounded (the flaky hang this guards against is Linux-only CI). +if ! command -v timeout >/dev/null 2>&1; then + timeout() { while [ "${1:-}" = "-s" ] || [ "${1:-}" = "-k" ]; do shift 2; done; shift; "$@"; } +fi + + #resume.test # if we can, isolate the network namespace to eliminate port collisions. diff --git a/scripts/tls13.test b/scripts/tls13.test index 18ebf0bf8e..7a29e3fe20 100755 --- a/scripts/tls13.test +++ b/scripts/tls13.test @@ -1,5 +1,12 @@ #!/usr/bin/env bash +# timeout(1) is GNU coreutils and absent on macOS; where it's missing, run the +# command unbounded (the flaky hang this guards against is Linux-only CI). +if ! command -v timeout >/dev/null 2>&1; then + timeout() { while [ "${1:-}" = "-s" ] || [ "${1:-}" = "-k" ]; do shift 2; done; shift; "$@"; } +fi + + # tls13.test # Copyright wolfSSL 2016-2021