Now the output of
grep '^[^ {}#]' tests/scripts/all-*.sh | grep -v '()'
is clean, with the only results being:
- shopt -s extglob which is needing for parsing the rest
- usage message
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The only occurrences found by git grep were the definitions and the
comment saying these are kept for backwards compatibility.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Don't interleave defining functions with running some code.
The only exception is calling shopt, which needs to come first as it
affects how the following function definitions are parsed.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This change is not correct for 3.6 and will be reverted. It is only
applied as a temporary measure to avoid conflicts while cherry-pick
changes from development.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Needed after b81cd1af6418823a2b5ffbd3710ceac9b0e0afa4 (#9671)
since generate_ssl_debug_helpers.py was moved to the framework
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
The pk_write_pubkey_check sometimes take ~3 hours to run with
GCC+Asan on the CI in the full config. Comment out the slowest
ones while we investigate and release 3.6.2.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Old GCC versions hit a performance problem with test_suite_pkwrite
"Private keey write check EC" tests when building with Asan+UBSan
and -O3: those tests take more than 100x time than normal, with
test_suite_pkwrite taking >3h on the CI. Observed with GCC 5.4 on
Ubuntu 16.04 x86_64 and GCC 6.5 on Ubuntu 18.04 x86_64.
GCC 7.5 and above on Ubuntu 18.04 appear fine.
To avoid the performance problem, use -O2 instead of -O3 in then "Asan"
build type with GCC. It doesn't slow down much even with modern compiler
versions.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit improves support for submodules within code_style.py. A new
function get_submodule_hash retrieves the submodule hash at the time of
a commit allowing an appropriate diff to be seen.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
This commit fixes potential buffer overrun in:
- pk_write_rsa_der
- pk_write_ec_pubkey
In both functions, when dealing with opaque keys, there was no
check that the provided buffer was large enough to contain the
key being exported. This commit fixes this problem and it also
adds some testing in test_suite_pkwrite to trigger these checks.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
In 3.6, compared with the state of development that this work was based on,
we're doing more testing with TLS12_PRF and TLS12_PSK_TO_MS disabled, thanks
to some configurations with MBEDTLS_PSA_CRYPTO_CONFIG disabled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
MBEDTLS_ECP_NO_FALLBACK is only relevant when an ALT implementation of ECP
is used. We don't test ALT implementations so we don't test
MBEDTLS_ECP_NO_FALLBACK either.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
For each ignore list entry, link to a GitHub issue for its resolution,
except for a few configurations which there is a good reason to leave
uncovered.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
