ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
strongswan/scripts/test.sh

414 lines
12 KiB
Bash
Raw Normal View History

Add Travis CI config and build script
2014-02-26 16:49:07 +00:00
#!/bin/sh
# Build script for Travis CI
travis: Build botan plugin also in the tests that build everything
2018-09-12 10:05:14 +00:00
build_botan()
{
travis: Use a fix revision for Botan and speed up subsequent builds via ccache
2018-09-12 13:51:08 +00:00
# same revision used in the build recipe of the testing environment
Use Botan 2.11.0 for tests
2019-07-02 07:53:53 +00:00
BOTAN_REV=2.11.0
travis: Use amalgamation build for Botan and build outside our source tree This merges all source files into botan_all.cpp, which reduces the build time by almost 50%. Building outside the strongSwan tree avoids analyzing Botan with sonarqube.
2018-09-12 11:12:44 +00:00
BOTAN_DIR=$TRAVIS_BUILD_DIR/../botan
travis: Don't build botan twice if installing dependencies is retried
2018-10-02 14:13:26 +00:00
if test -d "$BOTAN_DIR"; then
return
fi
travis: Use the latest OpenSSL release for unit tests But also run the unit tests against the 1.0 version installed with Ubuntu 16.04.
2018-11-22 14:38:49 +00:00
echo "$ build_botan()"
travis: Build botan plugin also in the tests that build everything
2018-09-12 10:05:14 +00:00
# if the leak detective is enabled we have to disable threading support
# (used for std::async) as that causes invalid frees somehow, the
# locking allocator causes a static leak via the first function that
# references it (e.g. crypter or hasher), so we disable that too
if test "$LEAK_DETECTIVE" = "yes"; then
BOTAN_CONFIG="--without-os-features=threads
--disable-modules=locking_allocator"
fi
# disable some larger modules we don't need for the tests
BOTAN_CONFIG="$BOTAN_CONFIG --disable-modules=pkcs11,tls,x509,xmss"
travis: Use a fix revision for Botan and speed up subsequent builds via ccache
2018-09-12 13:51:08 +00:00
git clone https://github.com/randombit/botan.git $BOTAN_DIR &&
travis: Use amalgamation build for Botan and build outside our source tree This merges all source files into botan_all.cpp, which reduces the build time by almost 50%. Building outside the strongSwan tree avoids analyzing Botan with sonarqube.
2018-09-12 11:12:44 +00:00
cd $BOTAN_DIR &&
travis: Silence `git checkout` for Botan
2018-09-12 15:18:15 +00:00
git checkout -qf $BOTAN_REV &&
travis: Use amalgamation build for Botan and build outside our source tree This merges all source files into botan_all.cpp, which reduces the build time by almost 50%. Building outside the strongSwan tree avoids analyzing Botan with sonarqube.
2018-09-12 11:12:44 +00:00
python ./configure.py --amalgamation $BOTAN_CONFIG &&
travis: Build botan plugin also in the tests that build everything
2018-09-12 10:05:14 +00:00
make -j4 libs >/dev/null &&
sudo make install >/dev/null &&
sudo ldconfig || exit $?
travis: Use amalgamation build for Botan and build outside our source tree This merges all source files into botan_all.cpp, which reduces the build time by almost 50%. Building outside the strongSwan tree avoids analyzing Botan with sonarqube.
2018-09-12 11:12:44 +00:00
cd -
travis: Build botan plugin also in the tests that build everything
2018-09-12 10:05:14 +00:00
}
travis: Run tests against wolfSSL Check for wolfssl/options.h because if it isn't included, checking other headers will trigger a warning about hardening the wolfSSL build, which will cause the check to fail with -Werror. If the file doesn't exist because user_settings.h is used, the check may be skipped by configuring with `ac_cv_header_wolfssl_options_h=yes`.
2019-04-09 08:40:54 +00:00
build_wolfssl()
{
travis: Bump wolfSSL to 4.1.0
2019-08-12 12:25:56 +00:00
WOLFSSL_REV=v4.1.0-stable
travis: Run tests against wolfSSL Check for wolfssl/options.h because if it isn't included, checking other headers will trigger a warning about hardening the wolfSSL build, which will cause the check to fail with -Werror. If the file doesn't exist because user_settings.h is used, the check may be skipped by configuring with `ac_cv_header_wolfssl_options_h=yes`.
2019-04-09 08:40:54 +00:00
WOLFSSL_DIR=$TRAVIS_BUILD_DIR/../wolfssl
if test -d "$WOLFSSL_DIR"; then
return
fi
echo "$ build_wolfssl()"
WOLFSSL_CFLAGS="-DWOLFSSL_PUBLIC_MP -DWOLFSSL_DES_ECB"
WOLFSSL_CONFIG="--enable-keygen --enable-rsapss --enable-aesccm
--enable-aesctr --enable-des3 --enable-camellia
--enable-curve25519 --enable-ed25519"
git clone https://github.com/wolfSSL/wolfssl.git $WOLFSSL_DIR &&
cd $WOLFSSL_DIR &&
git checkout -qf $WOLFSSL_REV &&
./autogen.sh &&
./configure C_EXTRA_FLAGS="$WOLFSSL_CFLAGS" $WOLFSSL_CONFIG &&
make -j4 >/dev/null &&
sudo make install >/dev/null &&
sudo ldconfig || exit $?
cd -
}
travis: Build tmp2-tss from sources
2018-10-15 14:33:34 +00:00
build_tss2()
{
travis: Bump tpm2-tss to 2.3.1
2019-09-26 09:50:46 +00:00
TSS2_REV=2.3.1
travis: Build tmp2-tss from sources
2018-10-15 14:33:34 +00:00
TSS2_PKG=tpm2-tss-$TSS2_REV
TSS2_DIR=$TRAVIS_BUILD_DIR/../$TSS2_PKG
TSS2_SRC=https://github.com/tpm2-software/tpm2-tss/releases/download/$TSS2_REV/$TSS2_PKG.tar.gz
if test -d "$TSS2_DIR"; then
return
fi
travis: Use the latest OpenSSL release for unit tests But also run the unit tests against the 1.0 version installed with Ubuntu 16.04.
2018-11-22 14:38:49 +00:00
echo "$ build_tss2()"
# the default version of libgcrypt in Ubuntu 16.04 is too old
travis: Build tmp2-tss from sources
2018-10-15 14:33:34 +00:00
sudo apt-get update -qq && \
sudo apt-get install -qq libgcrypt20-dev &&
curl -L $TSS2_SRC | tar xz -C $TRAVIS_BUILD_DIR/.. &&
cd $TSS2_DIR &&
travis: Bump tpm2-tss to 2.3.1
2019-09-26 09:50:46 +00:00
./configure --disable-doxygen-doc &&
travis: Don't build TSS2 as root This might prevent ccache from overwriting files in later builds.
2018-11-09 15:14:23 +00:00
make -j4 >/dev/null &&
sudo make install >/dev/null &&
travis: Build tmp2-tss from sources
2018-10-15 14:33:34 +00:00
sudo ldconfig || exit $?
cd -
}
travis: Use the latest OpenSSL release for unit tests But also run the unit tests against the 1.0 version installed with Ubuntu 16.04.
2018-11-22 14:38:49 +00:00
build_openssl()
{
travis: Bump OpenSSL to 1.1.1d
2019-09-10 14:33:18 +00:00
SSL_REV=1.1.1d
travis: Use the latest OpenSSL release for unit tests But also run the unit tests against the 1.0 version installed with Ubuntu 16.04.
2018-11-22 14:38:49 +00:00
SSL_PKG=openssl-$SSL_REV
SSL_DIR=$TRAVIS_BUILD_DIR/../$SSL_PKG
SSL_SRC=https://www.openssl.org/source/$SSL_PKG.tar.gz
SSL_INS=/usr/local/ssl
SSL_OPT="shared no-tls no-dtls no-ssl3 no-zlib no-comp no-idea no-psk no-srp
travis: Build OpenSSL 1.1.1 without compatibility layer for older versions Configuring 1.1.1 is not actually possible with 1.1.1b, not sure if that's on purpose.
2019-05-07 09:28:29 +00:00
no-stdio no-tests enable-rfc3779 enable-ec_nistp_64_gcc_128
--api=1.1.0"
travis: Use the latest OpenSSL release for unit tests But also run the unit tests against the 1.0 version installed with Ubuntu 16.04.
2018-11-22 14:38:49 +00:00
if test -d "$SSL_DIR"; then
return
fi
echo "$ build_openssl()"
curl -L $SSL_SRC | tar xz -C $TRAVIS_BUILD_DIR/.. &&
cd $SSL_DIR &&
./config --prefix=$SSL_INS --openssldir=$SSL_INS $SSL_OPT &&
make -j4 >/dev/null &&
sudo make install_sw >/dev/null &&
echo $SSL_INS/lib | sudo tee /etc/ld.so.conf.d/openssl-$SSL_REV.conf >/dev/null &&
sudo ldconfig || exit $?
cd -
}
use_custom_openssl()
{
CFLAGS="$CFLAGS -I/usr/local/ssl/include"
LDFLAGS="$LDFLAGS -L/usr/local/ssl/lib"
export LDFLAGS
if test "$1" = "deps"; then
build_openssl
fi
}
Add Travis CI config and build script
2014-02-26 16:49:07 +00:00
if test -z $TRAVIS_BUILD_DIR; then
TRAVIS_BUILD_DIR=$PWD
fi
cd $TRAVIS_BUILD_DIR
TARGET=check
travis: Install dependencies for each test dynamically Since the installation of all packages alone takes several minutes this should speed up some test cases.
2014-03-01 07:49:52 +00:00
DEPS="libgmp-dev"
travis: Perform build tests with -Werror
2014-05-08 13:14:33 +00:00
CFLAGS="-g -O2 -Wall -Wno-format -Wno-format-security -Wno-pointer-sign -Werror"
Add Travis CI config and build script
2014-02-26 16:49:07 +00:00
case "$TEST" in
default)
travis: Add tests for builtin printf hook implementation We can't test Vstr as it does not properly handle negative int arguments for custom format callbacks, so some of the enum tests would fail.
2014-03-03 17:44:29 +00:00
# should be the default, but lets make sure
CONFIG="--with-printf-hooks=glibc"
Add Travis CI config and build script
2014-02-26 16:49:07 +00:00
;;
travis: Use the latest OpenSSL release for unit tests But also run the unit tests against the 1.0 version installed with Ubuntu 16.04.
2018-11-22 14:38:49 +00:00
openssl*)
CONFIG="--disable-defaults --enable-pki --enable-openssl --enable-pem"
travis: Make sure crypto plugins are actually loaded
2019-05-07 11:43:45 +00:00
export TESTS_PLUGINS="test-vectors pem openssl!"
travis: Install dependencies for each test dynamically Since the installation of all packages alone takes several minutes this should speed up some test cases.
2014-03-01 07:49:52 +00:00
DEPS="libssl-dev"
travis: Use the latest OpenSSL release for unit tests But also run the unit tests against the 1.0 version installed with Ubuntu 16.04.
2018-11-22 14:38:49 +00:00
if test "$TEST" != "openssl-1.0"; then
DEPS=""
use_custom_openssl $1
fi
Add Travis CI config and build script
2014-02-26 16:49:07 +00:00
;;
gcrypt)
autoconf: Replace --disable-tools option with --disable-scepclient Since using a separate option for pki this was the only tool that was still enabled by that option.
2014-06-27 13:26:53 +00:00
CONFIG="--disable-defaults --enable-pki --enable-gcrypt --enable-pkcs1"
travis: Make sure crypto plugins are actually loaded
2019-05-07 11:43:45 +00:00
export TESTS_PLUGINS="test-vectors pkcs1 gcrypt!"
travis: Install dependencies for each test dynamically Since the installation of all packages alone takes several minutes this should speed up some test cases.
2014-03-01 07:49:52 +00:00
DEPS="libgcrypt11-dev"
Add Travis CI config and build script
2014-02-26 16:49:07 +00:00
;;
travis: Add Botan build We build Botan directly from the master branch until 2.8.0 is released.
2018-08-08 09:35:46 +00:00
botan)
botan: Add support for Ed25519 keys
2018-10-22 15:55:13 +00:00
CONFIG="--disable-defaults --enable-pki --enable-botan --enable-pem"
travis: Make sure crypto plugins are actually loaded
2019-05-07 11:43:45 +00:00
export TESTS_PLUGINS="test-vectors pem botan!"
travis: Add Botan build We build Botan directly from the master branch until 2.8.0 is released.
2018-08-08 09:35:46 +00:00
# we can't use the old package that comes with Ubuntu so we build from
# the current master until 2.8.0 is released and then probably switch to
# that unless we need newer features (at least 2.7.0 plus PKCS#1 patch is
# currently required)
DEPS=""
if test "$1" = "deps"; then
travis: Build botan plugin also in the tests that build everything
2018-09-12 10:05:14 +00:00
build_botan
travis: Add Botan build We build Botan directly from the master branch until 2.8.0 is released.
2018-08-08 09:35:46 +00:00
fi
;;
travis: Run tests against wolfSSL Check for wolfssl/options.h because if it isn't included, checking other headers will trigger a warning about hardening the wolfSSL build, which will cause the check to fail with -Werror. If the file doesn't exist because user_settings.h is used, the check may be skipped by configuring with `ac_cv_header_wolfssl_options_h=yes`.
2019-04-09 08:40:54 +00:00
wolfssl)
CONFIG="--disable-defaults --enable-pki --enable-wolfssl --enable-pem"
travis: Make sure crypto plugins are actually loaded
2019-05-07 11:43:45 +00:00
export TESTS_PLUGINS="test-vectors pem wolfssl!"
travis: Run tests against wolfSSL Check for wolfssl/options.h because if it isn't included, checking other headers will trigger a warning about hardening the wolfSSL build, which will cause the check to fail with -Werror. If the file doesn't exist because user_settings.h is used, the check may be skipped by configuring with `ac_cv_header_wolfssl_options_h=yes`.
2019-04-09 08:40:54 +00:00
# build with custom options to enable all the features the plugin supports
DEPS=""
if test "$1" = "deps"; then
build_wolfssl
fi
;;
travis: Add tests for builtin printf hook implementation We can't test Vstr as it does not properly handle negative int arguments for custom format callbacks, so some of the enum tests would fail.
2014-03-03 17:44:29 +00:00
printf-builtin)
CONFIG="--with-printf-hooks=builtin"
;;
travis: Add sonarcloud build
2018-09-10 16:46:20 +00:00
all|coverage|sonarcloud)
Add Travis CI config and build script
2014-02-26 16:49:07 +00:00
CONFIG="--enable-all --disable-android-dns --disable-android-log
dumm: Remove the Dynamic UML Mesh Modeler framework This has been pretty much defunct for several years (requires a specially patched UML-enabled guest kernel).
2018-09-12 09:02:32 +00:00
--disable-kernel-pfroute --disable-keychain
fuzz: Add fuzzing boilerplate
2017-03-08 10:00:22 +00:00
--disable-lock-profiler --disable-padlock --disable-fuzzing
travis: Disable tss-tss2 and aikpub2 but enable TrouSerS and build aikgen Ubuntu 12.04 does not provide libtss2-dev.
2016-06-24 10:18:28 +00:00
--disable-osx-attr --disable-tkm --disable-uci
travis: Build on Ubuntu Xenial (16.04)
2018-11-09 14:24:29 +00:00
--disable-soup --disable-unwind-backtraces
travis: Build "all" tests without Windows kernel backends
2014-04-02 09:35:19 +00:00
--disable-svc --disable-dbghelp-backtraces --disable-socket-win
travis: Build "all" tests without Windows HTTP fetcher We don't include it in the Windows build test either, as MinGW does not come with -lwinhttp.
2014-04-02 09:36:19 +00:00
--disable-kernel-wfp --disable-kernel-iph --disable-winhttp"
Add Travis CI config and build script
2014-02-26 16:49:07 +00:00
# not enabled on the build server
CONFIG="$CONFIG --disable-af-alg"
travis: Create coverage report via codecov.io
2017-03-15 09:19:02 +00:00
if test "$TEST" != "coverage"; then
CONFIG="$CONFIG --disable-coverage"
else
# not actually required but configure checks for it
DEPS="$DEPS lcov"
fi
travis: Install dependencies for each test dynamically Since the installation of all packages alone takes several minutes this should speed up some test cases.
2014-03-01 07:49:52 +00:00
DEPS="$DEPS libcurl4-gnutls-dev libsoup2.4-dev libunbound-dev libldns-dev
libmysqlclient-dev libsqlite3-dev clearsilver-dev libfcgi-dev
travis: Build on Ubuntu Xenial (16.04)
2018-11-09 14:24:29 +00:00
libpcsclite-dev libpam0g-dev binutils-dev libunwind8-dev libnm-dev
libjson0-dev iptables-dev python-pip libtspi-dev libsystemd-dev"
travis: Install pip to install pytest in "all" tests This allows ./configure to detect py.test, and execute python unit tests we provide in the vici python egg.
2015-03-18 13:28:17 +00:00
PYDEPS="pytest"
travis: Build botan plugin also in the tests that build everything
2018-09-12 10:05:14 +00:00
if test "$1" = "deps"; then
build_botan
travis: Run tests against wolfSSL Check for wolfssl/options.h because if it isn't included, checking other headers will trigger a warning about hardening the wolfSSL build, which will cause the check to fail with -Werror. If the file doesn't exist because user_settings.h is used, the check may be skipped by configuring with `ac_cv_header_wolfssl_options_h=yes`.
2019-04-09 08:40:54 +00:00
build_wolfssl
travis: Build tmp2-tss from sources
2018-10-15 14:33:34 +00:00
build_tss2
travis: Build botan plugin also in the tests that build everything
2018-09-12 10:05:14 +00:00
fi
travis: Use the latest OpenSSL release for unit tests But also run the unit tests against the 1.0 version installed with Ubuntu 16.04.
2018-11-22 14:38:49 +00:00
use_custom_openssl $1
Add Travis CI config and build script
2014-02-26 16:49:07 +00:00
;;
travis: Add a Windows 32-bit variant build test
2014-06-05 12:07:21 +00:00
win*)
CONFIG="--disable-defaults --enable-svc --enable-ikev2
travis: Define a Windows build test using MinGW
2014-05-08 15:08:42 +00:00
--enable-ikev1 --enable-static --enable-test-vectors --enable-nonce
--enable-constraints --enable-revocation --enable-pem --enable-pkcs1
--enable-pkcs8 --enable-x509 --enable-pubkey --enable-acert
--enable-eap-tnc --enable-eap-ttls --enable-eap-identity
libipsec: Fix Windows build via MinGW Fixes #2118.
2016-09-23 06:52:17 +00:00
--enable-updown --enable-ext-auth --enable-libipsec
travis: Define a Windows build test using MinGW
2014-05-08 15:08:42 +00:00
--enable-tnccs-20 --enable-imc-attestation --enable-imv-attestation
--enable-imc-os --enable-imv-os --enable-tnc-imv --enable-tnc-imc
travis: Build on Ubuntu Xenial (16.04)
2018-11-09 14:24:29 +00:00
--enable-pki --enable-swanctl --enable-socket-win
--enable-kernel-iph --enable-kernel-wfp --enable-winhttp"
appveyor: Run tests on AppVeyor Windows containers We can't enable leak detective as it is so slow then that we run into a timeout (60 minutes).
2017-07-19 10:34:35 +00:00
# no make check for Windows binaries unless we run on a windows host
if test "$APPVEYOR" != "True"; then
TARGET=
travis: Use ccache for MinGW builds
2018-11-13 17:59:38 +00:00
CCACHE=ccache
appveyor: Build against OpenSSL This is mainly for the RNG needed for the exchange tests.
2017-07-28 08:12:33 +00:00
else
CONFIG="$CONFIG --enable-openssl"
CFLAGS="$CFLAGS -I/c/OpenSSL-$TEST/include"
LDFLAGS="-L/c/OpenSSL-$TEST"
export LDFLAGS
appveyor: Run tests on AppVeyor Windows containers We can't enable leak detective as it is so slow then that we run into a timeout (60 minutes).
2017-07-19 10:34:35 +00:00
fi
travis: Define a Windows build test using MinGW
2014-05-08 15:08:42 +00:00
CFLAGS="$CFLAGS -mno-ms-bitfields"
travis: Use Trusty beta image
2016-08-25 12:04:22 +00:00
DEPS="gcc-mingw-w64-base"
travis: Add a Windows 32-bit variant build test
2014-06-05 12:07:21 +00:00
case "$TEST" in
win64)
travis: Build on Ubuntu Xenial (16.04)
2018-11-09 14:24:29 +00:00
CONFIG="--host=x86_64-w64-mingw32 $CONFIG --enable-dbghelp-backtraces"
travis: Use Trusty beta image
2016-08-25 12:04:22 +00:00
DEPS="gcc-mingw-w64-x86-64 binutils-mingw-w64-x86-64 mingw-w64-x86-64-dev $DEPS"
travis: Use ccache for MinGW builds
2018-11-13 17:59:38 +00:00
CC="$CCACHE x86_64-w64-mingw32-gcc"
travis: Add a Windows 32-bit variant build test
2014-06-05 12:07:21 +00:00
;;
win32)
CONFIG="--host=i686-w64-mingw32 $CONFIG"
travis: Build on Ubuntu Xenial (16.04)
2018-11-09 14:24:29 +00:00
DEPS="gcc-mingw-w64-i686 binutils-mingw-w64-i686 mingw-w64-i686-dev $DEPS"
travis: Use ccache for MinGW builds
2018-11-13 17:59:38 +00:00
CC="$CCACHE i686-w64-mingw32-gcc"
travis: Add a Windows 32-bit variant build test
2014-06-05 12:07:21 +00:00
;;
esac
travis: Define a Windows build test using MinGW
2014-05-08 15:08:42 +00:00
;;
travis: Enable OS X build
2015-11-16 15:44:03 +00:00
osx)
travis: Disable warning that causes a false positive in Xcode 8.3+ Xcode 8.3, to which there recently was a switch, spits out a warning for the potentially unaligned access to ip6_plen in ip-packet.c, which we explicitly read via untoh16() hence the access to that pointer is not actually unaligned. It seems the compiler is not able to determine that there is no unaligned access even though the function is defined in the header and marked inline.
2017-12-08 08:59:13 +00:00
# this causes a false positive in ip-packet.c since Xcode 8.3
CFLAGS="$CFLAGS -Wno-address-of-packed-member"
travis: Enable OS X build
2015-11-16 15:44:03 +00:00
# use the same options as in the Homebrew Formula
CONFIG="--disable-defaults --enable-charon --enable-cmd --enable-constraints
--enable-curl --enable-eap-gtc --enable-eap-identity
--enable-eap-md5 --enable-eap-mschapv2 --enable-ikev1 --enable-ikev2
--enable-kernel-libipsec --enable-kernel-pfkey
--enable-kernel-pfroute --enable-nonce --enable-openssl
--enable-osx-attr --enable-pem --enable-pgp --enable-pkcs1
--enable-pkcs8 --enable-pki --enable-pubkey --enable-revocation
--enable-scepclient --enable-socket-default --enable-sshkey
--enable-stroke --enable-swanctl --enable-unity --enable-updown
--enable-x509 --enable-xauth-generic"
DEPS="bison gettext openssl curl"
BREW_PREFIX=$(brew --prefix)
export PATH=$BREW_PREFIX/opt/bison/bin:$PATH
export ACLOCAL_PATH=$BREW_PREFIX/opt/gettext/share/aclocal:$ACLOCAL_PATH
for pkg in openssl curl
do
travis: Use a more recent OS X image Using the xcode8 image does not work currently (libcurl is not found).
2016-09-23 08:08:13 +00:00
PKG_CONFIG_PATH=$BREW_PREFIX/opt/$pkg/lib/pkgconfig:$PKG_CONFIG_PATH
travis: Enable OS X build
2015-11-16 15:44:03 +00:00
CPPFLAGS="-I$BREW_PREFIX/opt/$pkg/include $CPPFLAGS"
LDFLAGS="-L$BREW_PREFIX/opt/$pkg/lib $LDFLAGS"
done
export PKG_CONFIG_PATH
export CPPFLAGS
export LDFLAGS
;;
cirrus: Run automated tests on FreeBSD via Cirrus CI
2019-08-27 16:22:33 +00:00
freebsd)
# use the options of the FreeBSD port (including options), except smp,
# which requires a patch but is deprecated anyway, only using the builtin
# printf hooks
CONFIG="--enable-kernel-pfkey --enable-kernel-pfroute --disable-scripts
--disable-kernel-netlink --enable-openssl --enable-eap-identity
--enable-eap-md5 --enable-eap-tls --enable-eap-mschapv2
--enable-eap-peap --enable-eap-ttls --enable-md4 --enable-blowfish
--enable-addrblock --enable-whitelist --enable-cmd --enable-curl
--enable-eap-aka --enable-eap-aka-3gpp2 --enable-eap-dynamic
--enable-eap-radius --enable-eap-sim --enable-eap-sim-file
--enable-gcm --enable-ipseckey --enable-kernel-libipsec
--enable-load-tester --enable-ldap --enable-mediation
--enable-mysql --enable-sqlite --enable-tpm --enable-unbound
--enable-unity --enable-xauth-eap --enable-xauth-pam
--with-printf-hooks=builtin --enable-attr-sql --enable-sql"
DEPS="gmp openldap-client libxml2 mysql80-client sqlite3 unbound ldns"
export GPERF=/usr/local/bin/gperf
export LEX=/usr/local/bin/flex
;;
travis: Run fuzz targets
2017-05-30 16:41:31 +00:00
fuzzing)
CFLAGS="$CFLAGS -DNO_CHECK_MEMWIPE"
fuzz: Added PA-TNC fuzzer
2018-03-02 12:35:30 +00:00
CONFIG="--enable-fuzzing --enable-static --disable-shared --disable-scripts
fuzz: Added PB-TNC fuzzer
2018-03-09 13:40:00 +00:00
--enable-imc-test --enable-tnccs-20"
travis: Run fuzz targets
2017-05-30 16:41:31 +00:00
# don't run any of the unit tests
export TESTS_RUNNERS=
# prepare corpora
if test -z "$1"; then
if test -z "$FUZZING_CORPORA"; then
git clone --depth 1 https://github.com/strongswan/fuzzing-corpora.git fuzzing-corpora
export FUZZING_CORPORA=$TRAVIS_BUILD_DIR/fuzzing-corpora
fi
travis: Use the same ASAN_OPTIONS as used by OSS-Fuzz
2017-05-30 17:38:31 +00:00
# these are about the same as those on OSS-Fuzz (except for the
# symbolize options and strip_path_prefix)
export ASAN_OPTIONS=redzone=16:handle_sigill=1:strict_string_check=1:\
allocator_release_to_os_interval_ms=500:strict_memcmp=1:detect_container_overflow=1:\
coverage=0:allocator_may_return_null=1:use_sigaltstack=1:detect_stack_use_after_return=1:\
alloc_dealloc_mismatch=0:detect_leaks=1:print_scariness=1:max_uar_stack_size_log=16:\
handle_abort=1:check_malloc_usable_size=0:quarantine_size_mb=10:detect_odr_violation=0:\
symbolize=1:handle_segv=1:fast_unwind_on_fatal=0:external_symbolizer_path=/usr/bin/llvm-symbolizer-3.5
travis: Run fuzz targets
2017-05-30 16:41:31 +00:00
fi
;;
Add Travis CI config and build script
2014-02-26 16:49:07 +00:00
dist)
TARGET=distcheck
;;
travis: Add apidoc check This requires at least Ubuntu 14.04 (the Doxygen version in 12.04 has some issues with our Doxyfile and prints lots of warnings).
2016-06-30 08:34:54 +00:00
apidoc)
DEPS="doxygen"
CONFIG="--disable-defaults"
TARGET=apidoc
;;
Add Travis CI config and build script
2014-02-26 16:49:07 +00:00
*)
echo "$0: unknown test $TEST" >&2
exit 1
;;
esac
travis: Install dependencies for each test dynamically Since the installation of all packages alone takes several minutes this should speed up some test cases.
2014-03-01 07:49:52 +00:00
if test "$1" = "deps"; then
travis: Enable OS X build
2015-11-16 15:44:03 +00:00
case "$TRAVIS_OS_NAME" in
linux)
sudo apt-get update -qq && \
sudo apt-get install -qq bison flex gperf gettext $DEPS
;;
osx)
brew update && \
travis: Add a workaround for a bug regarding libtool installed via Homebrew
2016-08-24 08:50:28 +00:00
# workaround for issue #6352
brew uninstall --force libtool && brew install libtool && \
travis: Enable OS X build
2015-11-16 15:44:03 +00:00
brew install $DEPS
;;
cirrus: Run automated tests on FreeBSD via Cirrus CI
2019-08-27 16:22:33 +00:00
freebsd)
pkg install -y automake autoconf libtool pkgconf && \
pkg install -y bison flex gperf gettext $DEPS
;;
travis: Enable OS X build
2015-11-16 15:44:03 +00:00
esac
travis: Install dependencies for each test dynamically Since the installation of all packages alone takes several minutes this should speed up some test cases.
2014-03-01 07:49:52 +00:00
exit $?
fi
travis: Install pip to install pytest in "all" tests This allows ./configure to detect py.test, and execute python unit tests we provide in the vici python egg.
2015-03-18 13:28:17 +00:00
if test "$1" = "pydeps"; then
travis: Fix vici Python tests when using Clang For some reason the clang binary that's installed in an uncommon directory could not be found anymore when installing packages via pip for the last couple of builds. While the directory is obviously contained in PATH, using `sudo -E` didn't help. So we now install the Python packages in the user's home directory to avoid having to use sudo.
2018-08-06 09:54:24 +00:00
test -z "$PYDEPS" || pip -q install --user $PYDEPS
travis: Install pip to install pytest in "all" tests This allows ./configure to detect py.test, and execute python unit tests we provide in the vici python egg.
2015-03-18 13:28:17 +00:00
exit $?
fi
Add Travis CI config and build script
2014-02-26 16:49:07 +00:00
CONFIG="$CONFIG
travis: Enable OS X build
2015-11-16 15:44:03 +00:00
--disable-dependency-tracking
Add Travis CI config and build script
2014-02-26 16:49:07 +00:00
--enable-silent-rules
--enable-test-vectors
--enable-monolithic=${MONOLITHIC-no}
--enable-leak-detective=${LEAK_DETECTIVE-no}"
travis: Enable OS X build
2015-11-16 15:44:03 +00:00
echo "$ ./autogen.sh"
./autogen.sh || exit $?
travis: Add apidoc check This requires at least Ubuntu 14.04 (the Doxygen version in 12.04 has some issues with our Doxyfile and prints lots of warnings).
2016-06-30 08:34:54 +00:00
echo "$ CC=$CC CFLAGS=\"$CFLAGS\" ./configure $CONFIG"
CC="$CC" CFLAGS="$CFLAGS" ./configure $CONFIG || exit $?
case "$TEST" in
apidoc)
exec 2>make.warnings
;;
*)
;;
esac
echo "$ make $TARGET"
travis: Add sonarcloud build
2018-09-10 16:46:20 +00:00
case "$TEST" in
sonarcloud)
# without target, coverage is currently not supported anyway because
# sonarqube only supports gcov, not lcov
build-wrapper-linux-x86-64 --out-dir bw-output make -j4 || exit $?
;;
*)
make -j4 $TARGET || exit $?
;;
esac
travis: Add apidoc check This requires at least Ubuntu 14.04 (the Doxygen version in 12.04 has some issues with our Doxyfile and prints lots of warnings).
2016-06-30 08:34:54 +00:00
case "$TEST" in
apidoc)
if test -s make.warnings; then
cat make.warnings
exit 1
fi
travis: Check for unignored build artifacts after the build
2019-04-04 15:41:53 +00:00
rm make.warnings
travis: Add apidoc check This requires at least Ubuntu 14.04 (the Doxygen version in 12.04 has some issues with our Doxyfile and prints lots of warnings).
2016-06-30 08:34:54 +00:00
;;
travis: Add sonarcloud build
2018-09-10 16:46:20 +00:00
sonarcloud)
sonar-scanner \
-Dsonar.projectKey=strongswan \
-Dsonar.projectVersion=$(git describe)+${TRAVIS_BUILD_NUMBER} \
-Dsonar.sources=. \
travis: Use two threads to analyze C code with SonarQube On Nov 12, the scanner was updated and now takes a lot more time (about 3 times as much). Using two threads reduces it a bit (by about 25%). Using even more threads doesn't help or even increases the time again.
2018-11-13 11:08:43 +00:00
-Dsonar.cfamily.threads=2 \
travis: Add sonarcloud build
2018-09-10 16:46:20 +00:00
-Dsonar.cfamily.build-wrapper-output=bw-output || exit $?
travis: Check for unignored build artifacts after the build
2019-04-04 15:41:53 +00:00
rm -r bw-output .scannerwork
travis: Add sonarcloud build
2018-09-10 16:46:20 +00:00
;;
travis: Add apidoc check This requires at least Ubuntu 14.04 (the Doxygen version in 12.04 has some issues with our Doxyfile and prints lots of warnings).
2016-06-30 08:34:54 +00:00
*)
;;
esac
travis: Check for unignored build artifacts after the build
2019-04-04 15:41:53 +00:00
# ensure there are no unignored build artifacts (or other changes) in the Git repo
unclean="$(git status --porcelain)"
if test -n "$unclean"; then
echo "Unignored build artifacts or other changes:"
echo "$unclean"
exit 1
fi