fuzz: Added PA-TNC fuzzer
[strongswan.git] / scripts / test.sh
1 #!/bin/sh
2 # Build script for Travis CI
3
4 if test -z $TRAVIS_BUILD_DIR; then
5 TRAVIS_BUILD_DIR=$PWD
6 fi
7
8 cd $TRAVIS_BUILD_DIR
9
10 TARGET=check
11
12 DEPS="libgmp-dev"
13
14 CFLAGS="-g -O2 -Wall -Wno-format -Wno-format-security -Wno-pointer-sign -Werror"
15
16 case "$TEST" in
17 default)
18 # should be the default, but lets make sure
19 CONFIG="--with-printf-hooks=glibc"
20 ;;
21 openssl)
22 CONFIG="--disable-defaults --enable-pki --enable-openssl"
23 DEPS="libssl-dev"
24 ;;
25 gcrypt)
26 CONFIG="--disable-defaults --enable-pki --enable-gcrypt --enable-pkcs1"
27 DEPS="libgcrypt11-dev"
28 ;;
29 printf-builtin)
30 CONFIG="--with-printf-hooks=builtin"
31 ;;
32 all|coverage)
33 CONFIG="--enable-all --disable-android-dns --disable-android-log
34 --disable-dumm --disable-kernel-pfroute --disable-keychain
35 --disable-lock-profiler --disable-padlock --disable-fuzzing
36 --disable-osx-attr --disable-tkm --disable-uci
37 --disable-systemd --disable-soup --disable-unwind-backtraces
38 --disable-svc --disable-dbghelp-backtraces --disable-socket-win
39 --disable-kernel-wfp --disable-kernel-iph --disable-winhttp"
40 # Ubuntu 14.04 does provide a too old libtss2-dev
41 CONFIG="$CONFIG --disable-tss-tss2"
42 # Ubuntu 14.04 does not provide libnm
43 CONFIG="$CONFIG --disable-nm"
44 # not enabled on the build server
45 CONFIG="$CONFIG --disable-af-alg"
46 if test "$TEST" != "coverage"; then
47 CONFIG="$CONFIG --disable-coverage"
48 else
49 # not actually required but configure checks for it
50 DEPS="$DEPS lcov"
51 fi
52 DEPS="$DEPS libcurl4-gnutls-dev libsoup2.4-dev libunbound-dev libldns-dev
53 libmysqlclient-dev libsqlite3-dev clearsilver-dev libfcgi-dev
54 libpcsclite-dev libpam0g-dev binutils-dev libunwind8-dev
55 libjson0-dev iptables-dev python-pip libtspi-dev"
56 PYDEPS="pytest"
57 ;;
58 win*)
59 CONFIG="--disable-defaults --enable-svc --enable-ikev2
60 --enable-ikev1 --enable-static --enable-test-vectors --enable-nonce
61 --enable-constraints --enable-revocation --enable-pem --enable-pkcs1
62 --enable-pkcs8 --enable-x509 --enable-pubkey --enable-acert
63 --enable-eap-tnc --enable-eap-ttls --enable-eap-identity
64 --enable-updown --enable-ext-auth --enable-libipsec
65 --enable-tnccs-20 --enable-imc-attestation --enable-imv-attestation
66 --enable-imc-os --enable-imv-os --enable-tnc-imv --enable-tnc-imc
67 --enable-pki --enable-swanctl --enable-socket-win"
68 # no make check for Windows binaries unless we run on a windows host
69 if test "$APPVEYOR" != "True"; then
70 TARGET=
71 else
72 CONFIG="$CONFIG --enable-openssl"
73 CFLAGS="$CFLAGS -I/c/OpenSSL-$TEST/include"
74 LDFLAGS="-L/c/OpenSSL-$TEST"
75 export LDFLAGS
76 fi
77 CFLAGS="$CFLAGS -mno-ms-bitfields"
78 DEPS="gcc-mingw-w64-base"
79 case "$TEST" in
80 win64)
81 # headers on 12.04 are too old, so we only build the plugins here
82 CONFIG="--host=x86_64-w64-mingw32 $CONFIG --enable-dbghelp-backtraces
83 --enable-kernel-iph --enable-kernel-wfp --enable-winhttp"
84 DEPS="gcc-mingw-w64-x86-64 binutils-mingw-w64-x86-64 mingw-w64-x86-64-dev $DEPS"
85 CC="x86_64-w64-mingw32-gcc"
86 # apply patch to MinGW headers
87 if test "$APPVEYOR" != "True" -a -z "$1"; then
88 sudo patch -f -p 4 -d /usr/share/mingw-w64/include < src/libcharon/plugins/kernel_wfp/mingw-w64-4.8.1.diff
89 fi
90 ;;
91 win32)
92 CONFIG="--host=i686-w64-mingw32 $CONFIG"
93 # currently only works on 12.04, so use mingw-w64-dev instead of mingw-w64-i686-dev
94 DEPS="gcc-mingw-w64-i686 binutils-mingw-w64-i686 mingw-w64-dev $DEPS"
95 CC="i686-w64-mingw32-gcc"
96 ;;
97 esac
98 ;;
99 osx)
100 # this causes a false positive in ip-packet.c since Xcode 8.3
101 CFLAGS="$CFLAGS -Wno-address-of-packed-member"
102 # use the same options as in the Homebrew Formula
103 CONFIG="--disable-defaults --enable-charon --enable-cmd --enable-constraints
104 --enable-curl --enable-eap-gtc --enable-eap-identity
105 --enable-eap-md5 --enable-eap-mschapv2 --enable-ikev1 --enable-ikev2
106 --enable-kernel-libipsec --enable-kernel-pfkey
107 --enable-kernel-pfroute --enable-nonce --enable-openssl
108 --enable-osx-attr --enable-pem --enable-pgp --enable-pkcs1
109 --enable-pkcs8 --enable-pki --enable-pubkey --enable-revocation
110 --enable-scepclient --enable-socket-default --enable-sshkey
111 --enable-stroke --enable-swanctl --enable-unity --enable-updown
112 --enable-x509 --enable-xauth-generic"
113 DEPS="bison gettext openssl curl"
114 BREW_PREFIX=$(brew --prefix)
115 export PATH=$BREW_PREFIX/opt/bison/bin:$PATH
116 export ACLOCAL_PATH=$BREW_PREFIX/opt/gettext/share/aclocal:$ACLOCAL_PATH
117 for pkg in openssl curl
118 do
119 PKG_CONFIG_PATH=$BREW_PREFIX/opt/$pkg/lib/pkgconfig:$PKG_CONFIG_PATH
120 CPPFLAGS="-I$BREW_PREFIX/opt/$pkg/include $CPPFLAGS"
121 LDFLAGS="-L$BREW_PREFIX/opt/$pkg/lib $LDFLAGS"
122 done
123 export PKG_CONFIG_PATH
124 export CPPFLAGS
125 export LDFLAGS
126 ;;
127 fuzzing)
128 CFLAGS="$CFLAGS -DNO_CHECK_MEMWIPE"
129 CONFIG="--enable-fuzzing --enable-static --disable-shared --disable-scripts
130 --enable-imc-test"
131 # don't run any of the unit tests
132 export TESTS_RUNNERS=
133 # prepare corpora
134 if test -z "$1"; then
135 if test -z "$FUZZING_CORPORA"; then
136 git clone --depth 1 https://github.com/strongswan/fuzzing-corpora.git fuzzing-corpora
137 export FUZZING_CORPORA=$TRAVIS_BUILD_DIR/fuzzing-corpora
138 fi
139 # these are about the same as those on OSS-Fuzz (except for the
140 # symbolize options and strip_path_prefix)
141 export ASAN_OPTIONS=redzone=16:handle_sigill=1:strict_string_check=1:\
142 allocator_release_to_os_interval_ms=500:strict_memcmp=1:detect_container_overflow=1:\
143 coverage=0:allocator_may_return_null=1:use_sigaltstack=1:detect_stack_use_after_return=1:\
144 alloc_dealloc_mismatch=0:detect_leaks=1:print_scariness=1:max_uar_stack_size_log=16:\
145 handle_abort=1:check_malloc_usable_size=0:quarantine_size_mb=10:detect_odr_violation=0:\
146 symbolize=1:handle_segv=1:fast_unwind_on_fatal=0:external_symbolizer_path=/usr/bin/llvm-symbolizer-3.5
147 fi
148 ;;
149 dist)
150 TARGET=distcheck
151 ;;
152 apidoc)
153 DEPS="doxygen"
154 CONFIG="--disable-defaults"
155 TARGET=apidoc
156 ;;
157 *)
158 echo "$0: unknown test $TEST" >&2
159 exit 1
160 ;;
161 esac
162
163 if test "$1" = "deps"; then
164 case "$TRAVIS_OS_NAME" in
165 linux)
166 sudo apt-get update -qq && \
167 sudo apt-get install -qq bison flex gperf gettext $DEPS
168 ;;
169 osx)
170 brew update && \
171 # workaround for issue #6352
172 brew uninstall --force libtool && brew install libtool && \
173 brew install $DEPS
174 ;;
175 esac
176 exit $?
177 fi
178
179 if test "$1" = "pydeps"; then
180 test -z "$PYDEPS" || sudo pip -q install $PYDEPS
181 exit $?
182 fi
183
184 CONFIG="$CONFIG
185 --disable-dependency-tracking
186 --enable-silent-rules
187 --enable-test-vectors
188 --enable-monolithic=${MONOLITHIC-no}
189 --enable-leak-detective=${LEAK_DETECTIVE-no}"
190
191 echo "$ ./autogen.sh"
192 ./autogen.sh || exit $?
193 echo "$ CC=$CC CFLAGS=\"$CFLAGS\" ./configure $CONFIG"
194 CC="$CC" CFLAGS="$CFLAGS" ./configure $CONFIG || exit $?
195
196 case "$TEST" in
197 apidoc)
198 exec 2>make.warnings
199 ;;
200 *)
201 ;;
202 esac
203
204 echo "$ make $TARGET"
205 make -j4 $TARGET || exit $?
206
207 case "$TEST" in
208 apidoc)
209 if test -s make.warnings; then
210 cat make.warnings
211 exit 1
212 fi
213 ;;
214 *)
215 ;;
216 esac