From 0afe624fff728862788a480ee12b56291485ca78 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Feb 2018 19:28:12 +0100 Subject: [PATCH 1/3] all.sh: add test with MBEDTLS_DEPRECATED_REMOVED --- tests/scripts/all.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d5fc12d0a..4cd5246c5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -547,6 +547,12 @@ if_build_succeeded tests/ssl-opt.sh -f Default msg "test: compat.sh RC4, DES & NULL (full config)" # ~ 2 min if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR' +msg "build: cmake, full config + DEPRECATED_REMOVED, clang, C99" +# No cleanup: tweak the configuration, keep the makefiles +scripts/config.pl set MBEDTLS_DEPRECATED_WARNING +scripts/config.pl set MBEDTLS_DEPRECATED_REMOVED +make + msg "test/build: curves.pl (gcc)" # ~ 4 min cleanup cmake -D CMAKE_BUILD_TYPE:String=Debug . From df761d5a6bb8deede515f6ab8ca656f8778ec24b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Mar 2018 22:18:14 +0100 Subject: [PATCH 2/3] Fix build with gcc -O -Wall Fix warnings from gcc -O -Wall about `ret` used uninitialized in CMAC selftest auxiliary functions. The variable was indeed uninitialized if the function was called with num_tests=0 (which never happens). --- library/cmac.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/cmac.c b/library/cmac.c index 9dbff9038..a76313e94 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -832,6 +832,7 @@ static int cmac_test_subkeys( int verbose, mbedtls_cipher_free( &ctx ); } + ret = 0; goto exit; cleanup: @@ -887,6 +888,7 @@ static int cmac_test_wth_cipher( int verbose, if( verbose != 0 ) mbedtls_printf( "passed\n" ); } + ret = 0; exit: return( ret ); From b4ef45b4f561f7cf272b9a5cfeb3847027e33ef1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Mar 2018 22:23:50 +0100 Subject: [PATCH 3/3] all.sh: build with -O -Werror in the full config Build with MBEDTLS_DEPRECATED_REMOVED and MBEDTLS_DEPRECATED_WARNING separately. Do these builds with `-O -Werror -Wall -Wextra` to catch a maximum of issues while we're at it. Do one with gcc and one with clang for variety. This caught an uninitialized variable warning in cmac.c that builds without -O didn't catch. --- tests/scripts/all.sh | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 4cd5246c5..f025e2a64 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -547,11 +547,23 @@ if_build_succeeded tests/ssl-opt.sh -f Default msg "test: compat.sh RC4, DES & NULL (full config)" # ~ 2 min if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR' -msg "build: cmake, full config + DEPRECATED_REMOVED, clang, C99" -# No cleanup: tweak the configuration, keep the makefiles +msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s +cleanup +cp "$CONFIG_H" "$CONFIG_BAK" +scripts/config.pl full scripts/config.pl set MBEDTLS_DEPRECATED_WARNING +# Build with -O -Wextra to catch a maximum of issues. +make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' lib programs +make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests + +msg "build: make, full config + DEPRECATED_REMOVED, clang -O" # ~ 30s +# No cleanup, just tweak the configuration and rebuild +make clean +scripts/config.pl unset MBEDTLS_DEPRECATED_WARNING scripts/config.pl set MBEDTLS_DEPRECATED_REMOVED -make +# Build with -O -Wextra to catch a maximum of issues. +make CC=clang CFLAGS='-O -Werror -Wall -Wextra' lib programs +make CC=clang CFLAGS='-O -Werror -Wall -Wextra -Wno-unused-function' tests msg "test/build: curves.pl (gcc)" # ~ 4 min cleanup