From: sashan Date: Fri, 29 Nov 2024 11:12:40 +0000 (+0100) Subject: add rpki-client external test X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9465cbf68b4719255ea4261d3092b33f7216c4e3;p=thirdparty%2Fopenssl.git add rpki-client external test Reviewed-by: Neil Horman Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/27689) --- diff --git a/test/recipes/95-test_external_rpki-client-portable.t b/test/recipes/95-test_external_rpki-client-portable.t new file mode 100644 index 00000000000..b12c4031709 --- /dev/null +++ b/test/recipes/95-test_external_rpki-client-portable.t @@ -0,0 +1,29 @@ +#! /usr/bin/env perl +# Copyright 2024 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test; +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT data_file srctop_file bldtop_dir/; +use Cwd qw(abs_path); + +setup("test_external_rpki-client-portable"); + +plan skip_all => "No external tests in this configuration" + if disabled("external-tests"); +plan skip_all => "rpki-client-portable not available" + if ! -f srctop_file("rpki-client-portable", "configure.ac"); + +plan tests => 1; + +$ENV{OPENSSL_MODULES} = abs_path(bldtop_dir("providers")); +$ENV{OPENSSL_CONF} = abs_path(srctop_file("test", "default-and-legacy.cnf")); +$ENV{ AUTOCONF_VERSION} = 2.72; +$ENV{ AUTOMAKE_VERSION} = 1.16; + +ok(run(cmd([data_file("rpki-client-portable.sh")])), "running rpki-client tests"); diff --git a/test/recipes/95-test_external_rpki-client-portable_data/rpki-client-portable.sh b/test/recipes/95-test_external_rpki-client-portable_data/rpki-client-portable.sh new file mode 100755 index 00000000000..92993be760c --- /dev/null +++ b/test/recipes/95-test_external_rpki-client-portable_data/rpki-client-portable.sh @@ -0,0 +1,24 @@ +#!/bin/sh -ex +# +# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# krb5's test suite clears LD_LIBRARY_PATH +LDFLAGS="-L`pwd`/$BLDTOP -Wl,-rpath,`pwd`/$BLDTOP" +CFLAGS="-I`pwd`/$BLDTOP/include -I`pwd`/$SRCTOP/include" + +cd $SRCTOP/rpki-client-portable + +./autogen.sh + +./configure --with-openssl-cflags="$CFLAGS" --with-openssl-ldflags="$LDFLAGS" \ + CFLAGS="$CFLAGS" LDFLAGS="$LDFLAGS" + +# quiet make so that Travis doesn't overflow +make + +make check diff --git a/test/recipes/95-test_external_rpki-client-portable_data/rpki-client.patch b/test/recipes/95-test_external_rpki-client-portable_data/rpki-client.patch new file mode 100644 index 00000000000..e251301af31 --- /dev/null +++ b/test/recipes/95-test_external_rpki-client-portable_data/rpki-client.patch @@ -0,0 +1,139 @@ +The below diff gives me a working rpki-client when linked against +eopenssl32 and libretls and against libressl on OpenBSD -current. + +Maybe this helps claudio a little. I do not know if linux needs more +work. + +This builds cleanly by suppressing OpenSSL's noisy deprecation warnings +apart from a unused variable warning in imsg_close() for which I sent a +diff to tech. + +We should probably look into including our minimal regression test suite +in portable so sashan needs fewer hacks. I can take a look once we have +a working repo again and if I don't manage I'll summon bcook. + +diff --git a/configure.ac b/configure.ac +index 363460b..f432670 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -168,6 +168,7 @@ AC_ARG_WITH([openssl], + ) + if test X"$PKG_NAME" != X; then + OPENSSL_CFLAGS=`pkg-config --cflags-only-I $PKG_NAME 2>/dev/null` ++ OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DOPENSSL_SUPPRESS_DEPRECATED" + OPENSSL_LDFLAGS=`pkg-config --libs-only-L $PKG_NAME 2>/dev/null` + fi + +@@ -366,7 +367,7 @@ fi + + # check functions that are expected to be in libutil + AC_SEARCH_LIBS([ibuf_open], [util]) +-AC_CHECK_FUNCS([ibuf_open ibuf_add ibuf_get msgbuf_init]) ++AC_CHECK_FUNCS([ibuf_open ibuf_add ibuf_get msgbuf_new]) + + # check functions that are expected to be in libresolv + AC_SEARCH_LIBS([inet_net_pton],[resolv]) +diff --git a/patches/0001-Allow-overriding-default-user-and-file-locations.patch b/patches/0001-Allow-overriding-default-user-and-file-locations.patch +index 9d5d741..398ac31 100644 +--- a/patches/0001-Allow-overriding-default-user-and-file-locations.patch ++++ b/patches/0001-Allow-overriding-default-user-and-file-locations.patch +@@ -46,7 +46,7 @@ diff --git src/usr.sbin/rpki-client/main.c src/usr.sbin/rpki-client/main.c + index 342548ce3..6b3c9e4f3 100644 + --- src/usr.sbin/rpki-client/main.c + +++ src/usr.sbin/rpki-client/main.c +-@@ -800,7 +800,7 @@ sum_repostats(const struct repo *rp, const struct repostats *in, void *arg) ++@@ -806,7 +806,7 @@ sum_repostats(const struct repo *rp, const struct repo + } + + /* +@@ -55,7 +55,7 @@ index 342548ce3..6b3c9e4f3 100644 + * returning the number of files found and filled-in. + * This may be zero. + * Don't exceed "max" filenames. +-@@ -808,7 +808,7 @@ sum_repostats(const struct repo *rp, const struct repostats *in, void *arg) ++@@ -814,7 +814,7 @@ sum_repostats(const struct repo *rp, const struct repo + static int + tal_load_default(void) + { +@@ -64,16 +64,16 @@ index 342548ce3..6b3c9e4f3 100644 + int s = 0; + char *path; + DIR *dirp; +-@@ -971,7 +971,7 @@ main(int argc, char *argv[]) ++@@ -979,7 +979,7 @@ main(int argc, char *argv[]) ++ struct pollfd pfd[NPFD]; + struct msgbuf *queues[NPFD]; +- struct ibuf *b, *httpbuf = NULL, *procbuf = NULL; +- struct ibuf *rrdpbuf = NULL, *rsyncbuf = NULL; ++ struct ibuf *b; + - char *rsync_prog = "openrsync"; + + char *rsync_prog = RPKI_RSYNC_CMD; + char *bind_addr = NULL; + const char *cachedir = NULL, *outputdir = NULL; + const char *errs, *name; +-@@ -989,9 +989,9 @@ main(int argc, char *argv[]) ++@@ -997,9 +997,9 @@ main(int argc, char *argv[]) + if (getuid() == 0) { + struct passwd *pw; + +@@ -85,7 +85,7 @@ index 342548ce3..6b3c9e4f3 100644 + if (setgroups(1, &pw->pw_gid) == -1 || + setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1 || + setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) +-@@ -1082,7 +1082,8 @@ main(int argc, char *argv[]) ++@@ -1087,7 +1087,8 @@ main(int argc, char *argv[]) + verbose++; + break; + case 'V': +@@ -95,7 +95,7 @@ index 342548ce3..6b3c9e4f3 100644 + return 0; + case 'x': + experimental = 1; +-@@ -1131,7 +1132,7 @@ main(int argc, char *argv[]) ++@@ -1136,7 +1137,7 @@ main(int argc, char *argv[]) + if (talsz == 0) + talsz = tal_load_default(); + if (talsz == 0) +@@ -104,6 +104,3 @@ index 342548ce3..6b3c9e4f3 100644 + + /* Load optional constraint files sitting next to the TALs. */ + constraints_load(); +--- +-2.45.2 +- +diff --git a/patches/patch-imsg.c b/patches/patch-imsg.c +deleted file mode 100644 +index 0636c93..0000000 +--- a/patches/patch-imsg.c ++++ /dev/null +@@ -1,18 +0,0 @@ +---- imsg.c.orig 2015-07-17 23:57:48.000000000 +0000 +-+++ imsg.c 2015-07-17 23:58:57.000000000 +0000 +-@@ -71,6 +71,7 @@ +- return (-1); +- +- again: +-+#ifdef HAVE_GETDTABLECOUNT +- if (getdtablecount() + imsg_fd_overhead + +- (CMSG_SPACE(sizeof(int))-CMSG_SPACE(0))/sizeof(int) +- >= getdtablesize()) { +-@@ -78,6 +79,7 @@ +- free(ifd); +- return (-1); +- } +-+#endif +- +- if ((n = recvmsg(ibuf->fd, &msg, 0)) == -1) { +- if (errno == EMSGSIZE) +diff --git a/update.sh b/update.sh +index d3fa547..54d037b 100755 +--- a/update.sh ++++ b/update.sh +@@ -68,7 +68,6 @@ ${CP} "${arc4random_src}"/arc4random_*.h compat + + ${CP} "${libutil_src}/imsg.c" compat/ + ${CP} "${libutil_src}/imsg-buffer.c" compat/ +-(cd compat; ${PATCH} -p0 < "${patches}/patch-imsg.c") + + for i in as.c aspa.c cert.c cms.c crl.c constraints.c encoding.c extern.h filemode.c \ + gbr.c geofeed.c http.c io.c ip.c json.c json.h main.c mft.c \