Currently, SSL tests are configured via command-line switches to
ssltest.c. This results in a lot of duplication between ssltest.c and
apps, and a complex setup. ssltest.c is also simply old and needs
maintenance.
Instead, we already have a way to configure SSL servers and clients, so
we leverage that. SSL tests can now be configured from a configuration
file. Test servers and clients are configured using the standard
ssl_conf module. Additional test settings are configured via a test
configuration.
Moreover, since the CONF language involves unnecessary boilerplate, the
test conf itself is generated from a shorter Perl syntax.
The generated testcase files are checked in to the repo to make
it easier to verify that the intended test cases are in fact run; and to
simplify debugging failures.
To demonstrate the approach, min/max protocol tests are converted to the
new format. This change also fixes MinProtocol and MaxProtocol
handling. It was previously requested that an SSL_CTX have both the
server and client flags set for these commands; this clearly can never work.
Guide to this PR:
- test/ssl_test.c - test framework
- test/ssl_test_ctx.* - test configuration structure
- test/handshake_helper.* - new SSL test handshaking code
- test/ssl-tests/ - test configurations
- test/generate_ssl_tests.pl - script for generating CONF-style test
configurations from perl inputs
Reviewed-by: Richard Levitte <levitte@openssl.org>
Previously, we updated the static libraries (libcrypto.a on Unix,
libcrypto.lib on Windows) with all the object files, regardless of if
they were rebuilt or not. With this change, we only update them with
the object files were rebuilt.
NOTE: this does not apply on VMS, as the expansion of $? may be too
large for a command line.
Reviewed-by: Andy Polyakov <appro@openssl.org>
The logic to find out of there are any .d files newer than Makefile is
sound. Checking the result was less so.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reverts commit 087ca80ad8
Instead of battling the odd format of argv given to main() in default
P64 mode, tell the compiler to make it an array of 64-bit pointers
when compiling in P64 mode.
A note is added in NOTES.VMS regarding minimum DEC C version.
Reviewed-by: Andy Polyakov <appro@openssl.org>
- In Configure, register the perl interpreter used to run Configure,
so that's the one being used throughout instead of something else
that Configure happens to find. This is helpful for using a perl
version that's not necessarely first in $PATH:
/opt/perl/5.22.1/bin/perl ./Configure
- Make apps/tsget a generated file, just like apps/CA.pl, so the
perl interpreter registered by Configure becomes the hashbang path
instead of a hardcoded /usr/bin/perl
Reviewed-by: Andy Polyakov <appro@openssl.org>
There are rare cases when an object file will only be used when
building a shared library. To enable this, we introduce
SHARED_SOURCE:
SHARED_SOURCE[libfoo]=dllmain.c
Reviewed-by: Andy Polyakov <appro@openssl.org>
The warning MAYLOSEDATA3 is one you will always get when compiling
source that calculates the difference between two pointers with
/POINTER_SIZE=64.
The reason is quite simple, ptrdiff_t is always a 32-bit integer
regardless of pointer size, so the result of 'ptr1 - ptr2' can
potentially be larger than a 32-bit integer. The compiler simply
warns you of that possibility.
However, we only use pointer difference within objects and strings,
all of them well within 2^32 bytes in size, so that operation is
harmless with our source, and we can therefore safely turn off that
warning.
Reviewed-by: Rich Salz <rsalz@openssl.org>
On Windows and Unix, the staging directory $(DESTDIR) can simply be
prepended to the installation directory. An attempt was made to do
something similar on VMS, but that ended up being a half measure
solution. Instead of that, simply use the staging directory as a
prefix under which [.OPENSSL-INSTALL] and [.OPENSSL-COMMON] will hold
the two directory trees that should end up in the directories
indicated by --prefix and --openssldir, and finish the installation
with appropriate instructions on what to do next.
Reviewed-by: Rich Salz <rsalz@openssl.org>
- on VMS, SYS$COMMON:[SSL] is already used as installation directory
by HP SSL, so we make our default for --openssldir
SYS$COMMON:[OPENSSL-COMMON] instead.
- Updated notes on default installation dirs fir Unix and Windows
Reviewed-by: Rich Salz <rsalz@openssl.org>
Sometimes, you might end up with a rather long compile line due to
excessively long /INCLUDE directories. Compensate for it by making
a temporary logical name with them and using said logical name as
/INCLUDE argument.
A note was added to NOTES.VMS regarding these limitations.
Reviewed-by: Rich Salz <rsalz@openssl.org>
On VMS, we downcase option names, which means that config names are
downcased as well, so they need to be downcased in the target table to
be found.
Reviewed-by: Rich Salz <rsalz@openssl.org>
In constructions such as 'for x in $(MAKEVAR); do ...', there's the
possibility that $(MAKEVAR) is en empty value. Some shells don't like
that, so introduce a dummy value that gets discarded:
for x in dummy $(MAKEVAR); do
if [ "$$x" = "dummy" ]; then continue; fi
Closes RT#4459
Reviewed-by: Rich Salz <rsalz@openssl.org>
utils/mkrc.pl was added a while ago as a better generator for the
Windows DLL resource file. Finalize the change by removing the
ms/version32.rc generator from Configure and adding resource file
support using mkrc.pl in Configurations/windows-makefile.pl
Reviewed-by: Andy Polyakov <appro@openssl.org>
One of the 'generate' targets depended on $(SRCDIR)/apps/progs.h,
which depended on... nothing. This meant it never got regenerated
once it existed, regardless of need. Of course, we could have it
depend on all the files checked to generate it, but they also depend
on progs.h, so we'd end up getting cricular dependencies, which makes
make unhappy.
Furthermore, and this applies for the other generated files, having
them as targets means that they may be regenerated on the fly in some
cases, and since they get written to the source tree, this isn't such
a good idea if that tree is read-only (which is a possible situation
in an out-of-tree build).
So, we move all the actions to the 'generate' targets themselves, thus
making sure they get regenerated in a controlled manner and regardless
of dependencies.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Some implementations of sed require a newline before an ending '}'.
The easier method is to replace that sed command with the
corresponding perl command.
Closes RT#4448
Reviewed-by: Rich Salz <rsalz@openssl.org>
Depending on what has been built so far, all .d files may not be
present and 'find' will exit with non-zero exit code. This isn't a
bother for us but may break make, so clear the exit code with an added
'exit 0'.
Closes RT#4444
Reviewed-by: Rich Salz <rsalz@openssl.org>
generatesrc() did already receive dependency information, but never
used it, and never really needed to... until now.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Instead of relying on the '-nt' test operator, which doesn't exist
everywhere, use find's '-newer' to find out if any of the known .d
files is newer than Makefile.
Closes RT#4444
Reviewed-by: Andy Polyakov <appro@openssl.org>
On Windows, we set INSTALLTOP to default as follows:
VC-WIN32:
PREFIX: %ProgramFiles(x86)%\OpenSSL
OPENSSLDIR: %CommonProgramFiles(x86)%\SSL
VC-WIN64*:
PREFIX: %ProgramW6432%\OpenSSL
OPENSSLDIR: %CommonProgramW6432%\SSL
Should those environment variables be missing, the following is used
as fallback:
PREFIX: %ProgramFiles%\OpenSSL
OPENSSLDIR: %CommonProgramFiles%\SSL
Reviewed-by: Andy Polyakov <appro@openssl.org>
This is a living document, everyone is encouraged to add to it.
Implementation details as well as broader implementation philosophy
has a place here.
I'm starting with documentation of the how conditions in build.info
files are treated.
Reviewed-by: Rich Salz <rsalz@openssl.org>
In most builds, we can assume that engines live in the build tree
subdirectory "engines". This was hard coded into the tests that use
the engine ossltest.
However, that hard coding is tedious, it would need to be done in
every test recipe, and it's an incorrect assumption in some cases.
This change has us play it safe and let the build files tell the
testing framework where the engines are.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
util/mkdef.pl assumes it knows what the resulting library name will
be. Really, it shouldn't, but changing it will break classic native
Windows builds, so we leave it for now and change the LIBRARY line
externally when needed instead.
Reviewed-by: Matt Caswell <matt@openssl.org>
