Merged support for parsing EC keys that use SpecifiedECDomain
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 3be65e1..3cb6341 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -456,7 +456,7 @@
{ 0xa0, 0x54, 0x30, 0x3d, 0x8a, 0x7e, 0xa9, 0x88,
0x9d, 0x90, 0x3e, 0x07, 0x7c, 0x6f, 0x21, 0x8f };
-static int test_offset;
+static size_t test_offset;
static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf,
size_t len )
{
diff --git a/library/ecdsa.c b/library/ecdsa.c
index 12076d5..94522a4 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -49,7 +49,7 @@
*
* Argument is the minimum size in bytes of the MD output.
*/
-static const md_info_t *md_info_by_size( int min_size )
+static const md_info_t *md_info_by_size( size_t min_size )
{
const md_info_t *md_cur, *md_picked = NULL;
const int *md_alg;
@@ -57,7 +57,7 @@
for( md_alg = md_list(); *md_alg != 0; md_alg++ )
{
if( ( md_cur = md_info_from_type( *md_alg ) ) == NULL ||
- md_cur->size < min_size ||
+ (size_t) md_cur->size < min_size ||
( md_picked != NULL && md_cur->size > md_picked->size ) )
continue;
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index 7a21092..c05717b 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -414,7 +414,7 @@
0xe8, 0x5f, 0x13, 0x0f, 0xc8, 0xa4, 0x59, 0xb7 };
/* "Entropy" from buffer */
-static int test_offset;
+static size_t test_offset;
static int hmac_drbg_self_test_entropy( void *data,
unsigned char *buf, size_t len )
{
diff --git a/library/net.c b/library/net.c
index 24dd95e..53bbf2f 100644
--- a/library/net.c
+++ b/library/net.c
@@ -33,6 +33,10 @@
!defined(EFI32)
#if defined(POLARSSL_HAVE_IPV6)
+#ifdef _WIN32_WINNT
+#undef _WIN32_WINNT
+#endif
+/* Enables getaddrinfo() & Co */
#define _WIN32_WINNT 0x0501
#include <ws2tcpip.h>
#endif
@@ -365,6 +369,7 @@
*/
static int net_would_block( int fd )
{
+ ((void) fd);
return( WSAGetLastError() == WSAEWOULDBLOCK );
}
#else
diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index eff7f1b..0fb5886 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -48,7 +48,7 @@
#include "polarssl/rsa.h"
#include "polarssl/x509.h"
#include "polarssl/xtea.h"
-#include "polarssl/pbkdf2.h"
+#include "polarssl/pkcs5.h"
#include "polarssl/ecp.h"
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
@@ -171,8 +171,8 @@
return( ret );
#endif
-#if defined(POLARSSL_PBKDF2_C)
- if( ( ret = pbkdf2_self_test( v ) ) != 0 )
+#if defined(POLARSSL_PKCS5_C)
+ if( ( ret = pkcs5_self_test( v ) ) != 0 )
return( ret );
#endif
diff --git a/tests/compat.sh b/tests/compat.sh
index bb78534..8e032af 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -539,10 +539,9 @@
P_SERVER_ARGS="$P_SERVER_ARGS ca_file=none auth_mode=none"
G_SERVER_ARGS="$G_SERVER_ARGS --disable-client-cert"
- # give dummy CA to clients
- P_CLIENT_ARGS="$P_CLIENT_ARGS ca_file=data_files/cli2.crt auth_mode=optional"
- O_CLIENT_ARGS="$O_CLIENT_ARGS -CAfile data_files/cli2.crt"
- G_CLIENT_ARGS="$G_CLIENT_ARGS --x509cafile data_files/cli2.crt --insecure"
+ P_CLIENT_ARGS="$P_CLIENT_ARGS ca_file=none auth_mode=none"
+ O_CLIENT_ARGS="$O_CLIENT_ARGS"
+ G_CLIENT_ARGS="$G_CLIENT_ARGS --insecure"
fi
case $TYPE in
@@ -643,8 +642,8 @@
# auth will fail), so try every entry in $P_CIPHERS in turn (in
# case the first one is not implemented in this configuration)
for i in $P_CIPHERS; do
+ log "$P_CLI $P_CLIENT_ARGS request_page=SERVERQUIT auth_mode=none force_ciphersuite=$i"
"$P_CLI" $P_CLIENT_ARGS request_page=SERVERQUIT auth_mode=none \
- crt_file=data_files/cli2.crt key_file=data_files/cli2.key \
force_ciphersuite=$i >/dev/null
if [ "$?" == 0 ]; then
break
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
new file mode 100755
index 0000000..e9aa1ba
--- /dev/null
+++ b/tests/scripts/all.sh
@@ -0,0 +1,97 @@
+#!/bin/sh
+
+# Run all available tests (mostly).
+#
+# Warning: includes various build modes, so it will mess with the current
+# CMake configuration. After this script is run, the CMake cache is lost and
+# CMake is not initialised any more!
+
+# Abort on errors (and uninitiliased variables)
+set -eu
+
+if [ -d library -a -d include -a -d tests ]; then :; else
+ echo "Must be run from PolarSSL root" >&2
+ exit 1
+fi
+
+MEMORY=0
+
+while [ $# -gt 0 ]; do
+ case "$1" in
+ -m|--memory)
+ MEMORY=1
+ ;;
+ *)
+ echo "Unknown argument: '$1'" >&2
+ echo "Use the source, Luke!" >&2
+ exit 1
+ ;;
+ esac
+ shift
+done
+
+# remove built files as well as the cmake cache/config
+cleanup()
+{
+ make clean
+ find -iname '*cmake*' -not -name CMakeLists.txt -exec rm -rf {} \+
+ git checkout -- {.,library,programs,tests}/Makefile
+}
+
+# Step 0: compile with max warnings, with GCC and Clang
+
+if which gcc > /dev/null; then
+ cleanup
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Check .
+ make
+fi
+
+if which clang > /dev/null; then
+ cleanup
+ CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check .
+ make
+fi
+
+# Step 1: Unix Make, default compiler, all test suites/scripts
+
+cleanup
+make
+make check
+cd tests
+./compat.sh
+./ssl-opt.sh
+cd ..
+tests/scripts/test-ref-configs.pl
+
+# Step 2: using ASan
+
+if [ "$MEMORY" -gt 0 ]; then
+ cleanup
+ cmake -D CMAKE_BUILD_TYPE:String=ASan .
+ make
+ make test
+ cd tests
+ ./compat.sh
+ ./ssl-opt.sh
+ cd ..
+ tests/scripts/test-ref-configs.pl
+fi
+
+# Step 3: using valgrind's memcheck
+
+if [ "$MEMORY" -gt 0 ] && which valgrind >/dev/null; then
+ cleanup
+ cmake -D CMAKE_BUILD_TYPE:String=Debug .
+ make
+ make memcheck
+ cd tests
+ ./compat.sh --memcheck
+ ./ssl-opt.sh --memcheck
+ cd ..
+ # no test-ref-configs: doesn't have a memcheck option (yet?)
+fi
+
+# Done
+
+cleanup
+