2 # Build script for Travis CI
4 if test -z $TRAVIS_BUILD_DIR; then
14 CFLAGS
="-g -O2 -Wall -Wno-format -Wno-format-security -Wno-pointer-sign -Werror"
18 # should be the default, but lets make sure
19 CONFIG
="--with-printf-hooks=glibc"
22 CONFIG
="--disable-defaults --enable-pki --enable-openssl"
26 CONFIG
="--disable-defaults --enable-pki --enable-gcrypt --enable-pkcs1"
27 DEPS
="libgcrypt11-dev"
30 CONFIG
="--with-printf-hooks=builtin"
33 CONFIG
="--enable-all --disable-android-dns --disable-android-log
34 --disable-dumm --disable-kernel-pfroute --disable-keychain
35 --disable-lock-profiler --disable-padlock --disable-fuzzing
36 --disable-osx-attr --disable-tkm --disable-uci
37 --disable-systemd --disable-soup --disable-unwind-backtraces
38 --disable-svc --disable-dbghelp-backtraces --disable-socket-win
39 --disable-kernel-wfp --disable-kernel-iph --disable-winhttp"
40 # Ubuntu 14.04 does provide a too old libtss2-dev
41 CONFIG
="$CONFIG --disable-tss-tss2"
42 # not enabled on the build server
43 CONFIG
="$CONFIG --disable-af-alg"
44 if test "$TEST" != "coverage"; then
45 CONFIG
="$CONFIG --disable-coverage"
47 # not actually required but configure checks for it
50 DEPS
="$DEPS libcurl4-gnutls-dev libsoup2.4-dev libunbound-dev libldns-dev
51 libmysqlclient-dev libsqlite3-dev clearsilver-dev libfcgi-dev
52 libnm-glib-dev libnm-glib-vpn-dev libpcsclite-dev libpam0g-dev
53 binutils-dev libunwind8-dev libjson0-dev iptables-dev python-pip
58 CONFIG
="--disable-defaults --enable-svc --enable-ikev2
59 --enable-ikev1 --enable-static --enable-test-vectors --enable-nonce
60 --enable-constraints --enable-revocation --enable-pem --enable-pkcs1
61 --enable-pkcs8 --enable-x509 --enable-pubkey --enable-acert
62 --enable-eap-tnc --enable-eap-ttls --enable-eap-identity
63 --enable-updown --enable-ext-auth --enable-libipsec
64 --enable-tnccs-20 --enable-imc-attestation --enable-imv-attestation
65 --enable-imc-os --enable-imv-os --enable-tnc-imv --enable-tnc-imc
66 --enable-pki --enable-swanctl --enable-socket-win"
67 # no make check for Windows binaries unless we run on a windows host
68 if test "$APPVEYOR" != "True"; then
71 CONFIG
="$CONFIG --enable-openssl"
72 CFLAGS
="$CFLAGS -I/c/OpenSSL-$TEST/include"
73 LDFLAGS
="-L/c/OpenSSL-$TEST"
76 CFLAGS
="$CFLAGS -mno-ms-bitfields"
77 DEPS
="gcc-mingw-w64-base"
80 # headers on 12.04 are too old, so we only build the plugins here
81 CONFIG
="--host=x86_64-w64-mingw32 $CONFIG --enable-dbghelp-backtraces
82 --enable-kernel-iph --enable-kernel-wfp --enable-winhttp"
83 DEPS
="gcc-mingw-w64-x86-64 binutils-mingw-w64-x86-64 mingw-w64-x86-64-dev $DEPS"
84 CC
="x86_64-w64-mingw32-gcc"
85 # apply patch to MinGW headers
86 if test "$APPVEYOR" != "True" -a -z "$1"; then
87 sudo
patch -f -p 4 -d /usr
/share
/mingw-w64
/include
< src
/libcharon
/plugins
/kernel_wfp
/mingw-w64-4.8
.1.
diff
91 CONFIG
="--host=i686-w64-mingw32 $CONFIG"
92 # currently only works on 12.04, so use mingw-w64-dev instead of mingw-w64-i686-dev
93 DEPS
="gcc-mingw-w64-i686 binutils-mingw-w64-i686 mingw-w64-dev $DEPS"
94 CC
="i686-w64-mingw32-gcc"
99 # this causes a false positive in ip-packet.c since Xcode 8.3
100 CFLAGS
="$CFLAGS -Wno-address-of-packed-member"
101 # use the same options as in the Homebrew Formula
102 CONFIG
="--disable-defaults --enable-charon --enable-cmd --enable-constraints
103 --enable-curl --enable-eap-gtc --enable-eap-identity
104 --enable-eap-md5 --enable-eap-mschapv2 --enable-ikev1 --enable-ikev2
105 --enable-kernel-libipsec --enable-kernel-pfkey
106 --enable-kernel-pfroute --enable-nonce --enable-openssl
107 --enable-osx-attr --enable-pem --enable-pgp --enable-pkcs1
108 --enable-pkcs8 --enable-pki --enable-pubkey --enable-revocation
109 --enable-scepclient --enable-socket-default --enable-sshkey
110 --enable-stroke --enable-swanctl --enable-unity --enable-updown
111 --enable-x509 --enable-xauth-generic"
112 DEPS
="bison gettext openssl curl"
113 BREW_PREFIX
=$
(brew
--prefix)
114 export PATH
=$BREW_PREFIX/opt
/bison
/bin
:$PATH
115 export ACLOCAL_PATH
=$BREW_PREFIX/opt
/gettext
/share
/aclocal
:$ACLOCAL_PATH
116 for pkg
in openssl curl
118 PKG_CONFIG_PATH
=$BREW_PREFIX/opt
/$pkg/lib
/pkgconfig
:$PKG_CONFIG_PATH
119 CPPFLAGS
="-I$BREW_PREFIX/opt/$pkg/include $CPPFLAGS"
120 LDFLAGS
="-L$BREW_PREFIX/opt/$pkg/lib $LDFLAGS"
122 export PKG_CONFIG_PATH
127 CFLAGS
="$CFLAGS -DNO_CHECK_MEMWIPE"
128 CONFIG
="--enable-fuzzing --enable-static --disable-shared --disable-scripts"
129 # don't run any of the unit tests
130 export TESTS_RUNNERS
=
132 if test -z "$1"; then
133 if test -z "$FUZZING_CORPORA"; then
134 git clone
--depth 1 https
://github.com
/strongswan
/fuzzing-corpora.git fuzzing-corpora
135 export FUZZING_CORPORA
=$TRAVIS_BUILD_DIR/fuzzing-corpora
137 # these are about the same as those on OSS-Fuzz (except for the
138 # symbolize options and strip_path_prefix)
139 export ASAN_OPTIONS
=redzone
=16:handle_sigill
=1:strict_string_check
=1:\
140 allocator_release_to_os_interval_ms
=500:strict_memcmp
=1:detect_container_overflow
=1:\
141 coverage
=0:allocator_may_return_null
=1:use_sigaltstack
=1:detect_stack_use_after_return
=1:\
142 alloc_dealloc_mismatch
=0:detect_leaks
=1:print_scariness
=1:max_uar_stack_size_log
=16:\
143 handle_abort
=1:check_malloc_usable_size
=0:quarantine_size_mb
=10:detect_odr_violation
=0:\
144 symbolize
=1:handle_segv
=1:fast_unwind_on_fatal
=0:external_symbolizer_path
=/usr
/bin
/llvm-symbolizer-3.5
152 CONFIG
="--disable-defaults"
156 echo "$0: unknown test $TEST" >&2
161 if test "$1" = "deps"; then
162 case "$TRAVIS_OS_NAME" in
164 sudo apt-get update
-qq && \
165 sudo apt-get
install -qq bison flex gperf
gettext $DEPS
169 # workaround for issue #6352
170 brew uninstall
--force libtool
&& brew
install libtool
&& \
177 if test "$1" = "pydeps"; then
178 test -z "$PYDEPS" || sudo pip
-q install $PYDEPS
183 --disable-dependency-tracking
184 --enable-silent-rules
185 --enable-test-vectors
186 --enable-monolithic=${MONOLITHIC-no}
187 --enable-leak-detective=${LEAK_DETECTIVE-no}"
189 echo "$ ./autogen.sh"
190 .
/autogen.sh ||
exit $?
191 echo "$ CC=$CC CFLAGS=\"$CFLAGS\" ./configure $CONFIG"
192 CC
="$CC" CFLAGS
="$CFLAGS" .
/configure
$CONFIG ||
exit $?
202 echo "$ make $TARGET"
203 make -j4 $TARGET ||
exit $?
207 if test -s make.warnings
; then