diff options
Diffstat (limited to 'meta/recipes-support/gnutls/gnutls')
5 files changed, 455 insertions, 4 deletions
diff --git a/meta/recipes-support/gnutls/gnutls/0001-Creating-.hmac-file-should-be-excuted-in-target-envi.patch b/meta/recipes-support/gnutls/gnutls/0001-Creating-.hmac-file-should-be-excuted-in-target-envi.patch new file mode 100644 index 0000000000..d13bfee8ef --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/0001-Creating-.hmac-file-should-be-excuted-in-target-envi.patch | |||
@@ -0,0 +1,26 @@ | |||
1 | From 7be8ec59a53e93c2bd453b3ba2d63d1b300ef11f Mon Sep 17 00:00:00 2001 | ||
2 | From: Lei Maohui <leimaohui@fujitsu.com> | ||
3 | Date: Mon, 23 May 2022 10:44:43 +0900 | ||
4 | Subject: [PATCH] Creating .hmac file should be excuted in target environment, | ||
5 | so deleted it from build process. | ||
6 | |||
7 | Upstream-Status: Inappropriate [https://gitlab.com/gnutls/gnutls/-/issues/1373] | ||
8 | Signed-off-by: Lei Maohui <leimaohui@fujitsu.com> | ||
9 | --- | ||
10 | lib/Makefile.am | 3 +-- | ||
11 | 1 file changed, 1 insertion(+), 2 deletions(-) | ||
12 | |||
13 | diff --git a/lib/Makefile.am b/lib/Makefile.am | ||
14 | index a50d311..193ea19 100644 | ||
15 | --- a/lib/Makefile.am | ||
16 | +++ b/lib/Makefile.am | ||
17 | @@ -198,8 +198,7 @@ hmac_file = .libs/.$(gnutls_so).hmac | ||
18 | |||
19 | all-local: $(hmac_file) | ||
20 | |||
21 | -$(hmac_file): libgnutls.la fipshmac | ||
22 | - $(AM_V_GEN) $(builddir)/fipshmac > $@-t && mv $@-t $@ | ||
23 | +.libs/.$(gnutls_so).hmac: | ||
24 | |||
25 | CLEANFILES = $(hmac_file) | ||
26 | endif | ||
diff --git a/meta/recipes-support/gnutls/gnutls/0001-Fix-RSAES-PKCS1-v1_5-system-wide-configuration.patch b/meta/recipes-support/gnutls/gnutls/0001-Fix-RSAES-PKCS1-v1_5-system-wide-configuration.patch new file mode 100644 index 0000000000..cc39f5c9a5 --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/0001-Fix-RSAES-PKCS1-v1_5-system-wide-configuration.patch | |||
@@ -0,0 +1,269 @@ | |||
1 | From 2d73d945c4b1dfcf8d2328c4d23187d62ffaab2d Mon Sep 17 00:00:00 2001 | ||
2 | From: Zoltan Fridrich <zfridric@redhat.com> | ||
3 | Date: Wed, 10 Apr 2024 12:51:33 +0200 | ||
4 | Subject: [PATCH] Fix RSAES-PKCS1-v1_5 system-wide configuration | ||
5 | |||
6 | Upstream-Status: Backport [expected for 3.8.6 https://gitlab.com/gnutls/gnutls/-/merge_requests/1830?commit_id=2d73d945c4b1dfcf8d2328c4d23187d62ffaab2d] | ||
7 | |||
8 | Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> | ||
9 | Signed-off-by: Zoltan Fridrich <zfridric@redhat.com> | ||
10 | --- | ||
11 | lib/priority.c | 125 +++++++++++------- | ||
12 | ...system-override-allow-rsa-pkcs1-encrypt.sh | 27 +++- | ||
13 | 2 files changed, 96 insertions(+), 56 deletions(-) | ||
14 | |||
15 | diff --git a/lib/priority.c b/lib/priority.c | ||
16 | index 8abe00d1ff..3434619aad 100644 | ||
17 | --- a/lib/priority.c | ||
18 | +++ b/lib/priority.c | ||
19 | @@ -1018,6 +1018,12 @@ struct cfg { | ||
20 | bool force_ext_master_secret_set; | ||
21 | }; | ||
22 | |||
23 | +static inline void cfg_init(struct cfg *cfg) | ||
24 | +{ | ||
25 | + memset(cfg, 0, sizeof(*cfg)); | ||
26 | + cfg->allow_rsa_pkcs1_encrypt = true; | ||
27 | +} | ||
28 | + | ||
29 | static inline void cfg_deinit(struct cfg *cfg) | ||
30 | { | ||
31 | if (cfg->priority_strings) { | ||
32 | @@ -1095,6 +1101,12 @@ struct ini_ctx { | ||
33 | size_t curves_size; | ||
34 | }; | ||
35 | |||
36 | +static inline void ini_ctx_init(struct ini_ctx *ctx) | ||
37 | +{ | ||
38 | + memset(ctx, 0, sizeof(*ctx)); | ||
39 | + cfg_init(&ctx->cfg); | ||
40 | +} | ||
41 | + | ||
42 | static inline void ini_ctx_deinit(struct ini_ctx *ctx) | ||
43 | { | ||
44 | cfg_deinit(&ctx->cfg); | ||
45 | @@ -1423,9 +1435,6 @@ static inline int cfg_apply(struct cfg *cfg, struct ini_ctx *ctx) | ||
46 | _gnutls_default_priority_string = cfg->default_priority_string; | ||
47 | } | ||
48 | |||
49 | - /* enable RSA-PKCS1-V1_5 by default */ | ||
50 | - cfg->allow_rsa_pkcs1_encrypt = true; | ||
51 | - | ||
52 | if (cfg->allowlisting) { | ||
53 | /* also updates `flags` of global `hash_algorithms[]` */ | ||
54 | ret = cfg_hashes_set_array(cfg, ctx->hashes, ctx->hashes_size); | ||
55 | @@ -2217,22 +2226,73 @@ update_system_wide_priority_string(void) | ||
56 | return 0; | ||
57 | } | ||
58 | |||
59 | +/* Returns false on parse error, otherwise true. | ||
60 | + * The system_wide_config must be locked for writing. | ||
61 | + */ | ||
62 | +static inline bool load_system_priority_file(void) | ||
63 | +{ | ||
64 | + int err; | ||
65 | + FILE *fp; | ||
66 | + struct ini_ctx ctx; | ||
67 | + | ||
68 | + cfg_init(&system_wide_config); | ||
69 | + | ||
70 | + fp = fopen(system_priority_file, "re"); | ||
71 | + if (fp == NULL) { | ||
72 | + _gnutls_debug_log("cfg: unable to open: %s: %d\n", | ||
73 | + system_priority_file, errno); | ||
74 | + return true; | ||
75 | + } | ||
76 | + | ||
77 | + /* Parsing the configuration file needs to be done in 2 phases: | ||
78 | + * first parsing the [global] section | ||
79 | + * and then the other sections, | ||
80 | + * because the [global] section modifies the parsing behavior. | ||
81 | + */ | ||
82 | + ini_ctx_init(&ctx); | ||
83 | + err = ini_parse_file(fp, global_ini_handler, &ctx); | ||
84 | + if (!err) { | ||
85 | + if (fseek(fp, 0L, SEEK_SET) < 0) { | ||
86 | + _gnutls_debug_log("cfg: unable to rewind: %s\n", | ||
87 | + system_priority_file); | ||
88 | + if (fail_on_invalid_config) | ||
89 | + exit(1); | ||
90 | + } | ||
91 | + err = ini_parse_file(fp, cfg_ini_handler, &ctx); | ||
92 | + } | ||
93 | + fclose(fp); | ||
94 | + if (err) { | ||
95 | + ini_ctx_deinit(&ctx); | ||
96 | + _gnutls_debug_log("cfg: unable to parse: %s: %d\n", | ||
97 | + system_priority_file, err); | ||
98 | + return false; | ||
99 | + } | ||
100 | + cfg_apply(&system_wide_config, &ctx); | ||
101 | + ini_ctx_deinit(&ctx); | ||
102 | + return true; | ||
103 | +} | ||
104 | + | ||
105 | static int _gnutls_update_system_priorities(bool defer_system_wide) | ||
106 | { | ||
107 | - int ret, err = 0; | ||
108 | + int ret; | ||
109 | + bool config_parse_error = false; | ||
110 | struct stat sb; | ||
111 | - FILE *fp; | ||
112 | gnutls_buffer_st buf; | ||
113 | - struct ini_ctx ctx; | ||
114 | |||
115 | ret = gnutls_rwlock_rdlock(&system_wide_config_rwlock); | ||
116 | - if (ret < 0) { | ||
117 | + if (ret < 0) | ||
118 | return gnutls_assert_val(ret); | ||
119 | - } | ||
120 | |||
121 | if (stat(system_priority_file, &sb) < 0) { | ||
122 | _gnutls_debug_log("cfg: unable to access: %s: %d\n", | ||
123 | system_priority_file, errno); | ||
124 | + | ||
125 | + (void)gnutls_rwlock_unlock(&system_wide_config_rwlock); | ||
126 | + ret = gnutls_rwlock_wrlock(&system_wide_config_rwlock); | ||
127 | + if (ret < 0) | ||
128 | + goto out; | ||
129 | + /* If system-wide config is unavailable, apply the defaults */ | ||
130 | + cfg_init(&system_wide_config); | ||
131 | goto out; | ||
132 | } | ||
133 | |||
134 | @@ -2240,63 +2300,27 @@ static int _gnutls_update_system_priorities(bool defer_system_wide) | ||
135 | system_priority_last_mod == sb.st_mtime) { | ||
136 | _gnutls_debug_log("cfg: system priority %s has not changed\n", | ||
137 | system_priority_file); | ||
138 | - if (system_wide_config.priority_string) { | ||
139 | + if (system_wide_config.priority_string) | ||
140 | goto out; /* nothing to do */ | ||
141 | - } | ||
142 | } | ||
143 | |||
144 | (void)gnutls_rwlock_unlock(&system_wide_config_rwlock); | ||
145 | |||
146 | ret = gnutls_rwlock_wrlock(&system_wide_config_rwlock); | ||
147 | - if (ret < 0) { | ||
148 | + if (ret < 0) | ||
149 | return gnutls_assert_val(ret); | ||
150 | - } | ||
151 | |||
152 | /* Another thread could have successfully re-read system-wide config, | ||
153 | * skip re-reading if the mtime it has used is exactly the same. | ||
154 | */ | ||
155 | - if (system_priority_file_loaded) { | ||
156 | + if (system_priority_file_loaded) | ||
157 | system_priority_file_loaded = | ||
158 | (system_priority_last_mod == sb.st_mtime); | ||
159 | - } | ||
160 | |||
161 | if (!system_priority_file_loaded) { | ||
162 | - _name_val_array_clear(&system_wide_config.priority_strings); | ||
163 | - | ||
164 | - gnutls_free(system_wide_config.priority_string); | ||
165 | - system_wide_config.priority_string = NULL; | ||
166 | - | ||
167 | - fp = fopen(system_priority_file, "re"); | ||
168 | - if (fp == NULL) { | ||
169 | - _gnutls_debug_log("cfg: unable to open: %s: %d\n", | ||
170 | - system_priority_file, errno); | ||
171 | + config_parse_error = !load_system_priority_file(); | ||
172 | + if (config_parse_error) | ||
173 | goto out; | ||
174 | - } | ||
175 | - /* Parsing the configuration file needs to be done in 2 phases: | ||
176 | - * first parsing the [global] section | ||
177 | - * and then the other sections, | ||
178 | - * because the [global] section modifies the parsing behavior. | ||
179 | - */ | ||
180 | - memset(&ctx, 0, sizeof(ctx)); | ||
181 | - err = ini_parse_file(fp, global_ini_handler, &ctx); | ||
182 | - if (!err) { | ||
183 | - if (fseek(fp, 0L, SEEK_SET) < 0) { | ||
184 | - _gnutls_debug_log("cfg: unable to rewind: %s\n", | ||
185 | - system_priority_file); | ||
186 | - if (fail_on_invalid_config) | ||
187 | - exit(1); | ||
188 | - } | ||
189 | - err = ini_parse_file(fp, cfg_ini_handler, &ctx); | ||
190 | - } | ||
191 | - fclose(fp); | ||
192 | - if (err) { | ||
193 | - ini_ctx_deinit(&ctx); | ||
194 | - _gnutls_debug_log("cfg: unable to parse: %s: %d\n", | ||
195 | - system_priority_file, err); | ||
196 | - goto out; | ||
197 | - } | ||
198 | - cfg_apply(&system_wide_config, &ctx); | ||
199 | - ini_ctx_deinit(&ctx); | ||
200 | _gnutls_debug_log("cfg: loaded system config %s mtime %lld\n", | ||
201 | system_priority_file, | ||
202 | (unsigned long long)sb.st_mtime); | ||
203 | @@ -2332,9 +2356,8 @@ static int _gnutls_update_system_priorities(bool defer_system_wide) | ||
204 | out: | ||
205 | (void)gnutls_rwlock_unlock(&system_wide_config_rwlock); | ||
206 | |||
207 | - if (err && fail_on_invalid_config) { | ||
208 | + if (config_parse_error && fail_on_invalid_config) | ||
209 | exit(1); | ||
210 | - } | ||
211 | |||
212 | return ret; | ||
213 | } | ||
214 | diff --git a/tests/system-override-allow-rsa-pkcs1-encrypt.sh b/tests/system-override-allow-rsa-pkcs1-encrypt.sh | ||
215 | index b7d477c96e..714d0af946 100755 | ||
216 | --- a/tests/system-override-allow-rsa-pkcs1-encrypt.sh | ||
217 | +++ b/tests/system-override-allow-rsa-pkcs1-encrypt.sh | ||
218 | @@ -19,9 +19,8 @@ | ||
219 | # You should have received a copy of the GNU Lesser General Public License | ||
220 | # along with this program. If not, see <https://www.gnu.org/licenses/> | ||
221 | |||
222 | -: ${srcdir=.} | ||
223 | -TEST=${srcdir}/rsaes-pkcs1-v1_5 | ||
224 | -CONF=${srcdir}/config.$$.tmp | ||
225 | +TEST=${builddir}/rsaes-pkcs1-v1_5 | ||
226 | +CONF=config.$$.tmp | ||
227 | export GNUTLS_SYSTEM_PRIORITY_FILE=${CONF} | ||
228 | export GNUTLS_SYSTEM_PRIORITY_FAIL_ON_INVALID=1 | ||
229 | |||
230 | @@ -38,15 +37,33 @@ cat <<_EOF_ > ${CONF} | ||
231 | allow-rsa-pkcs1-encrypt = true | ||
232 | _EOF_ | ||
233 | |||
234 | -${TEST} && fail "RSAES-PKCS1-v1_5 expected to succeed" | ||
235 | +${TEST} | ||
236 | +if [ $? != 0 ]; then | ||
237 | + echo "${TEST} expected to succeed" | ||
238 | + exit 1 | ||
239 | +fi | ||
240 | +echo "RSAES-PKCS1-v1_5 successfully enabled" | ||
241 | |||
242 | cat <<_EOF_ > ${CONF} | ||
243 | [overrides] | ||
244 | allow-rsa-pkcs1-encrypt = false | ||
245 | _EOF_ | ||
246 | |||
247 | -${TEST} || fail "RSAES-PKCS1-v1_5 expected to fail" | ||
248 | +${TEST} | ||
249 | +if [ $? = 0 ]; then | ||
250 | + echo "${TEST} expected to fail" | ||
251 | + exit 1 | ||
252 | +fi | ||
253 | +echo "RSAES-PKCS1-v1_5 successfully disabled" | ||
254 | |||
255 | unset GNUTLS_SYSTEM_PRIORITY_FILE | ||
256 | unset GNUTLS_SYSTEM_PRIORITY_FAIL_ON_INVALID | ||
257 | + | ||
258 | +${TEST} | ||
259 | +if [ $? != 0 ]; then | ||
260 | + echo "${TEST} expected to succeed by default" | ||
261 | + exit 1 | ||
262 | +fi | ||
263 | +echo "RSAES-PKCS1-v1_5 successfully enabled by default" | ||
264 | + | ||
265 | exit 0 | ||
266 | -- | ||
267 | GitLab | ||
268 | |||
269 | |||
diff --git a/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch b/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch new file mode 100644 index 0000000000..8edd31d6b9 --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch | |||
@@ -0,0 +1,57 @@ | |||
1 | From bfa70adcbda4e505cf2e597907852e78e0439ee2 Mon Sep 17 00:00:00 2001 | ||
2 | From: Ravineet Singh <ravineet.a.singh@est.tech> | ||
3 | Date: Tue, 10 Jan 2023 16:11:10 +0100 | ||
4 | Subject: [PATCH] gnutls: add ptest support | ||
5 | |||
6 | Upstream-Status: Inappropriate [embedded specific] | ||
7 | Signed-off-by: Ravineet Singh <ravineet.a.singh@est.tech> | ||
8 | --- | ||
9 | Makefile.am | 3 +++ | ||
10 | configure.ac | 2 ++ | ||
11 | tests/Makefile.am | 6 ++++++ | ||
12 | 3 files changed, 11 insertions(+) | ||
13 | |||
14 | diff --git a/Makefile.am b/Makefile.am | ||
15 | index 843193f..816b09f 100644 | ||
16 | --- a/Makefile.am | ||
17 | +++ b/Makefile.am | ||
18 | @@ -191,6 +191,9 @@ dist-hook: | ||
19 | mv ChangeLog $(distdir) | ||
20 | touch -c $(distdir)/doc/*.html $(distdir)/doc/*.pdf $(distdir)/doc/*.info | ||
21 | |||
22 | +install-ptest: | ||
23 | + $(MAKE) -C tests DESTDIR=$(DESTDIR)/tests $@ | ||
24 | + | ||
25 | .PHONY: abi-check abi-dump-versioned abi-dump-latest pic-check symbol-check local-code-coverage-output files-update AUTHORS | ||
26 | |||
27 | include $(top_srcdir)/cligen/cligen.mk | ||
28 | diff --git a/configure.ac b/configure.ac | ||
29 | index 934377e..4406eae 100644 | ||
30 | --- a/configure.ac | ||
31 | +++ b/configure.ac | ||
32 | @@ -1213,6 +1213,8 @@ AC_SUBST(LIBGNUTLS_CFLAGS) | ||
33 | |||
34 | AM_CONDITIONAL(NEEDS_LIBRT, test "$gnutls_needs_librt" = "yes") | ||
35 | |||
36 | +AM_EXTRA_RECURSIVE_TARGETS([buildtest-TESTS]) | ||
37 | + | ||
38 | AC_DEFINE([GNUTLS_INTERNAL_BUILD], 1, [We allow temporarily usage of deprecated functions - until they are removed.]) | ||
39 | |||
40 | hw_features= | ||
41 | diff --git a/tests/Makefile.am b/tests/Makefile.am | ||
42 | index e39a3b3..861dd63 100644 | ||
43 | --- a/tests/Makefile.am | ||
44 | +++ b/tests/Makefile.am | ||
45 | @@ -663,6 +663,12 @@ SH_LOG_COMPILER = $(SHELL) | ||
46 | AM_VALGRINDFLAGS = --suppressions=$(srcdir)/suppressions.valgrind | ||
47 | LOG_COMPILER = $(LOG_VALGRIND) | ||
48 | |||
49 | +install-ptest: $(check_PROGRAMS) | ||
50 | + @$(INSTALL) -d $(DESTDIR) | ||
51 | + @for file in $^; do \ | ||
52 | + $(INSTALL_PROGRAM) $$file $(DESTDIR) ; \ | ||
53 | + done | ||
54 | + | ||
55 | distclean-local: | ||
56 | rm -rf softhsm-*.db softhsm-*.config *.tmp tmp-* x509-crt-list-import-url.config.db port.lock.d | ||
57 | |||
diff --git a/meta/recipes-support/gnutls/gnutls/arm_eabi.patch b/meta/recipes-support/gnutls/gnutls/arm_eabi.patch index 6eb1edbdb1..883d0123db 100644 --- a/meta/recipes-support/gnutls/gnutls/arm_eabi.patch +++ b/meta/recipes-support/gnutls/gnutls/arm_eabi.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 8a5c96057cf305bbeac0d6e0e59ee24fbb9497fe Mon Sep 17 00:00:00 2001 | 1 | From d17ae0ef31c3c186766a338e8c40c87d1b98820e Mon Sep 17 00:00:00 2001 |
2 | From: Joe Slater <jslater@windriver.com> | 2 | From: Joe Slater <jslater@windriver.com> |
3 | Date: Wed, 25 Jan 2017 13:52:59 -0800 | 3 | Date: Wed, 25 Jan 2017 13:52:59 -0800 |
4 | Subject: [PATCH] gnutls: account for ARM_EABI | 4 | Subject: [PATCH] gnutls: account for ARM_EABI |
@@ -9,16 +9,15 @@ reference to them. | |||
9 | Upstream-Status: Pending | 9 | Upstream-Status: Pending |
10 | 10 | ||
11 | Signed-off-by: Joe Slater <jslater@windriver.com> | 11 | Signed-off-by: Joe Slater <jslater@windriver.com> |
12 | |||
13 | --- | 12 | --- |
14 | tests/seccomp.c | 2 ++ | 13 | tests/seccomp.c | 2 ++ |
15 | 1 file changed, 2 insertions(+) | 14 | 1 file changed, 2 insertions(+) |
16 | 15 | ||
17 | diff --git a/tests/seccomp.c b/tests/seccomp.c | 16 | diff --git a/tests/seccomp.c b/tests/seccomp.c |
18 | index ed14d00..3c5b726 100644 | 17 | index 881f0bb..5f9204a 100644 |
19 | --- a/tests/seccomp.c | 18 | --- a/tests/seccomp.c |
20 | +++ b/tests/seccomp.c | 19 | +++ b/tests/seccomp.c |
21 | @@ -53,7 +53,9 @@ int disable_system_calls(void) | 20 | @@ -55,7 +55,9 @@ int disable_system_calls(void) |
22 | 21 | ||
23 | ADD_SYSCALL(nanosleep, 0); | 22 | ADD_SYSCALL(nanosleep, 0); |
24 | ADD_SYSCALL(clock_nanosleep, 0); | 23 | ADD_SYSCALL(clock_nanosleep, 0); |
diff --git a/meta/recipes-support/gnutls/gnutls/run-ptest b/meta/recipes-support/gnutls/gnutls/run-ptest new file mode 100644 index 0000000000..17e26eae70 --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/run-ptest | |||
@@ -0,0 +1,100 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | rjob() { | ||
4 | local job=$1 | ||
5 | local log=$2 | ||
6 | |||
7 | # TODO: Output will be garbled | ||
8 | ./${job} >> ${log} 2>&1 | ||
9 | |||
10 | ret=$? | ||
11 | case $ret in | ||
12 | 0) | ||
13 | echo "PASS: $t" >> ${log} | ||
14 | echo "PASS: $t" | ||
15 | ;; | ||
16 | 77) | ||
17 | echo "SKIP: $t" >> ${log} | ||
18 | echo "SKIP: $t" | ||
19 | ;; | ||
20 | *) | ||
21 | echo "FAIL: $t" >> ${log} | ||
22 | echo "FAIL: $t" | ||
23 | ;; | ||
24 | esac | ||
25 | } | ||
26 | |||
27 | is_disallowed() { | ||
28 | local key=$1 | ||
29 | $(echo ${test_disallowlist} | grep -w -q ${key}) | ||
30 | return $? | ||
31 | } | ||
32 | |||
33 | # TODO | ||
34 | # This list should probably be in a external file | ||
35 | # Testcases defined here either take very long time (dtls-stress) | ||
36 | # or are dependent on local files (certs, etc) in local file system | ||
37 | # currently not exported to target. | ||
38 | |||
39 | test_disallowlist="" | ||
40 | test_disallowlist="${test_disallowlist} dtls-stress" | ||
41 | test_disallowlist="${test_disallowlist} handshake-large-cert" | ||
42 | test_disallowlist="${test_disallowlist} id-on-xmppAddr" | ||
43 | test_disallowlist="${test_disallowlist} mini-x509-cas" | ||
44 | test_disallowlist="${test_disallowlist} pkcs12_simple" | ||
45 | test_disallowlist="${test_disallowlist} protocol-set-allowlist" | ||
46 | test_disallowlist="${test_disallowlist} psk-file" | ||
47 | test_disallowlist="${test_disallowlist} rawpk-api" | ||
48 | test_disallowlist="${test_disallowlist} set_pkcs12_cred" | ||
49 | test_disallowlist="${test_disallowlist} system-override-curves-allowlist" | ||
50 | test_disallowlist="${test_disallowlist} system-override-hash" | ||
51 | test_disallowlist="${test_disallowlist} system-override-sig" | ||
52 | test_disallowlist="${test_disallowlist} system-override-sig-tls" | ||
53 | test_disallowlist="${test_disallowlist} system-prio-file" | ||
54 | test_disallowlist="${test_disallowlist} x509cert-tl" | ||
55 | |||
56 | LOG=${PWD}/tests.log | ||
57 | cd tests | ||
58 | max_njobs=$(grep -c ^processor /proc/cpuinfo) | ||
59 | njobs=0 | ||
60 | |||
61 | set +e | ||
62 | |||
63 | for t in *; do | ||
64 | [ -x $t ] || continue | ||
65 | [ -f $t ] || continue | ||
66 | |||
67 | is_disallowed ${t} | ||
68 | [ $? -eq 0 ] && continue | ||
69 | |||
70 | rjob ${t} ${LOG} & | ||
71 | one=1 | ||
72 | njobs=$(expr ${njobs} + ${one}) | ||
73 | if [ ${njobs} -eq ${max_njobs} ]; then | ||
74 | wait | ||
75 | njobs=0 | ||
76 | fi | ||
77 | done | ||
78 | wait | ||
79 | |||
80 | skipped=$(grep -c SKIP ${LOG}) | ||
81 | passed=$(grep -c PASS ${LOG}) | ||
82 | failed=$(grep -c FAIL ${LOG}) | ||
83 | total=$(expr ${passed} + ${failed} + ${skipped}) | ||
84 | |||
85 | if [ ${failed} -ne 0 ]; then | ||
86 | echo | ||
87 | echo "Tests failed for gnutls, log is:" | ||
88 | echo "--------------------" | ||
89 | cat ${LOG} | ||
90 | echo | ||
91 | fi | ||
92 | |||
93 | echo | ||
94 | echo "gnutls test summary:" | ||
95 | echo "--------------------" | ||
96 | echo "total: ${total}" | ||
97 | echo "pass : ${passed}" | ||
98 | echo "fail : ${failed}" | ||
99 | echo "skip : ${skipped}" | ||
100 | echo | ||