From 5d7284a8abdcc0cfd31a8938e61510d4f0ff469d Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Wed, 26 Jun 2019 11:27:27 +0200 Subject: gnutls_hash/hmac_copy: check its usability in all cases During the test suite run we require that all supported MAC and hash algorithms implement the copy function. Signed-off-by: Nikos Mavrogiannopoulos --- lib/crypto-selftests.c | 8 ++------ tests/Makefile.am | 1 + tests/cert-tests/Makefile.am | 1 + tests/slow/Makefile.am | 1 + tests/slow/override-ciphers | 5 +++++ tests/suite/Makefile.am | 1 + tests/windows/Makefile.am | 1 + 7 files changed, 12 insertions(+), 6 deletions(-) diff --git a/lib/crypto-selftests.c b/lib/crypto-selftests.c index 5110593845..eddf935680 100644 --- a/lib/crypto-selftests.c +++ b/lib/crypto-selftests.c @@ -1375,10 +1375,8 @@ static int test_digest(gnutls_digest_algorithm_t dig, copy = gnutls_hash_copy(hd); /* Returning NULL is not an error here for the time being, but * it might become one later */ -#if 0 - if (!copy) + if (!copy && secure_getenv("GNUTLS_TEST_SUITE_RUN")) return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR); -#endif ret = gnutls_hash(hd, &vectors[i].plaintext[1], @@ -1591,10 +1589,8 @@ static int test_mac(gnutls_mac_algorithm_t mac, copy = gnutls_hmac_copy(hd); /* Returning NULL is not an error here for the time being, but * it might become one later */ -#if 0 - if (!copy) + if (!copy && secure_getenv("GNUTLS_TEST_SUITE_RUN")) return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR); -#endif ret = gnutls_hmac(hd, &vectors[i].plaintext[1], diff --git a/tests/Makefile.am b/tests/Makefile.am index 62b2db75e5..98623a20c8 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -571,6 +571,7 @@ TESTS_ENVIRONMENT += \ PSK_FILE=$(srcdir)/psk.passwd \ OPENSSL_ia32cap=0x00000000 \ EXEEXT=$(EXEEXT) \ + GNUTLS_TEST_SUITE_RUN=1 \ builddir="$(builddir)" \ top_builddir="$(top_builddir)" \ libdir="$(libdir)" \ diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am index 06bdf42950..c34b69c40a 100644 --- a/tests/cert-tests/Makefile.am +++ b/tests/cert-tests/Makefile.am @@ -146,6 +146,7 @@ TESTS_ENVIRONMENT = EXEEXT=$(EXEEXT) \ top_builddir="$(top_builddir)" \ ac_cv_sizeof_time_t="$(ac_cv_sizeof_time_t)" \ ASAN_OPTIONS="detect_leaks=0:exitcode=6" \ + GNUTLS_TEST_SUITE_RUN=1 \ srcdir="$(srcdir)" if ENABLE_FIPS140 diff --git a/tests/slow/Makefile.am b/tests/slow/Makefile.am index 7e8e4650ca..b4c43c6aa3 100644 --- a/tests/slow/Makefile.am +++ b/tests/slow/Makefile.am @@ -65,6 +65,7 @@ EXTRA_DIST = README gnutls-asan.supp TESTS_ENVIRONMENT = EXEEXT=$(EXEEXT) \ LC_ALL="C" \ LSAN_OPTIONS=suppressions=gnutls-asan.supp \ + GNUTLS_TEST_SUITE_RUN=1 \ OPENSSL_ia32cap=0x00000000 \ top_builddir="$(top_builddir)" \ srcdir="$(srcdir)" diff --git a/tests/slow/override-ciphers b/tests/slow/override-ciphers index 2a87b7655f..3c00e5be3e 100755 --- a/tests/slow/override-ciphers +++ b/tests/slow/override-ciphers @@ -26,6 +26,11 @@ if ! test -z "${VALGRIND}"; then fi PROG=./cipher-override${EXEEXT} +# we are explicitly unsetting this variable, because we want +# the "production" checks to be triggered, not the ones in the +# test suite. + +unset GNUTLS_TEST_SUITE_RUN GNUTLS_NO_EXPLICIT_INIT=1 ${VALGRIND} ${PROG} ret=$? if test $ret != 0; then diff --git a/tests/suite/Makefile.am b/tests/suite/Makefile.am index bd3a56cc35..b4da01a375 100644 --- a/tests/suite/Makefile.am +++ b/tests/suite/Makefile.am @@ -102,6 +102,7 @@ TESTS_ENVIRONMENT = EXEEXT=$(EXEEXT) \ top_builddir="$(top_builddir)" \ srcdir="$(srcdir)" \ ASAN_OPTIONS="detect_leaks=0" \ + GNUTLS_TEST_SUITE_RUN=1 \ OPENSSL_ia32cap=0x00000000 if ENABLE_NON_SUITEB_CURVES diff --git a/tests/windows/Makefile.am b/tests/windows/Makefile.am index 86de084bb7..5a81043772 100644 --- a/tests/windows/Makefile.am +++ b/tests/windows/Makefile.am @@ -69,6 +69,7 @@ TESTS = $(ctests) $(dist_check_SCRIPTS) TESTS_ENVIRONMENT = \ WINEDLLOVERRIDES="crypt32=n,ncrypt=n" \ LC_ALL="C" \ + GNUTLS_TEST_SUITE_RUN=1 \ EXEEXT=$(EXEEXT) \ top_builddir="$(top_builddir)" \ srcdir="$(srcdir)" -- cgit v1.2.1