Add self-hosted runners for VMs of other platforms.
Github only hosts a limited number of platforms, and the runner code
is only supported on slightly wider range of platforms. To increase
our test coverage beyond that, we run the runner natively on a VM host,
where it runs a jobs that boot VMs of other platforms, waits for them
to come up then runs the build and test by ssh'ing into the guest.
This means that the minimum dependencies for the guests are quite low
(basically just sshd, a compiler and make).
The interface to the VM host is fairly simple (basically 3 scripts:
vmstartup, vmrun and vmshutdown), but those are specific to the VM host
so are not in the public repo. We also mount the working directory on the
host via sshfs, so things like artifact upload by the runner also work.
As part of this we are moving the per-test-target configs into a single
place (.github/configs) where there will be referenced by a single short
"config" key. I plan to make the github-hosted runners use this too.
The self-hosted runners are run off a private repo on github since that
prevents third parties from accessing them[0], and since runner quota is
limited on private repos, we avoid running the tests we run on the public
repo.
[0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
2021-01-15 03:11:43 +00:00
|
|
|
#!/bin/sh
|
|
|
|
#
|
|
|
|
# usage: configs vmname test_config (or '' for default)
|
|
|
|
#
|
|
|
|
# Sets the following variables:
|
|
|
|
# CONFIGFLAGS options to ./configure
|
|
|
|
# SSHD_CONFOPTS sshd_config options
|
|
|
|
# TEST_TARGET make target used when testing. defaults to "tests".
|
|
|
|
# LTESTS
|
|
|
|
|
|
|
|
config=$1
|
|
|
|
|
2022-07-12 02:54:24 +00:00
|
|
|
unset CC CFLAGS CPPFLAGS LDFLAGS LTESTS SUDO
|
|
|
|
|
Add self-hosted runners for VMs of other platforms.
Github only hosts a limited number of platforms, and the runner code
is only supported on slightly wider range of platforms. To increase
our test coverage beyond that, we run the runner natively on a VM host,
where it runs a jobs that boot VMs of other platforms, waits for them
to come up then runs the build and test by ssh'ing into the guest.
This means that the minimum dependencies for the guests are quite low
(basically just sshd, a compiler and make).
The interface to the VM host is fairly simple (basically 3 scripts:
vmstartup, vmrun and vmshutdown), but those are specific to the VM host
so are not in the public repo. We also mount the working directory on the
host via sshfs, so things like artifact upload by the runner also work.
As part of this we are moving the per-test-target configs into a single
place (.github/configs) where there will be referenced by a single short
"config" key. I plan to make the github-hosted runners use this too.
The self-hosted runners are run off a private repo on github since that
prevents third parties from accessing them[0], and since runner quota is
limited on private repos, we avoid running the tests we run on the public
repo.
[0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
2021-01-15 03:11:43 +00:00
|
|
|
TEST_TARGET="tests"
|
|
|
|
LTESTS=""
|
2021-02-21 21:09:27 +00:00
|
|
|
SKIP_LTESTS=""
|
Add self-hosted runners for VMs of other platforms.
Github only hosts a limited number of platforms, and the runner code
is only supported on slightly wider range of platforms. To increase
our test coverage beyond that, we run the runner natively on a VM host,
where it runs a jobs that boot VMs of other platforms, waits for them
to come up then runs the build and test by ssh'ing into the guest.
This means that the minimum dependencies for the guests are quite low
(basically just sshd, a compiler and make).
The interface to the VM host is fairly simple (basically 3 scripts:
vmstartup, vmrun and vmshutdown), but those are specific to the VM host
so are not in the public repo. We also mount the working directory on the
host via sshfs, so things like artifact upload by the runner also work.
As part of this we are moving the per-test-target configs into a single
place (.github/configs) where there will be referenced by a single short
"config" key. I plan to make the github-hosted runners use this too.
The self-hosted runners are run off a private repo on github since that
prevents third parties from accessing them[0], and since runner quota is
limited on private repos, we avoid running the tests we run on the public
repo.
[0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
2021-01-15 03:11:43 +00:00
|
|
|
SUDO=sudo # run with sudo by default
|
|
|
|
TEST_SSH_UNSAFE_PERMISSIONS=1
|
2022-01-12 05:58:13 +00:00
|
|
|
# Stop on first test failure to minimize logs
|
|
|
|
TEST_SSH_FAIL_FATAL=yes
|
Add self-hosted runners for VMs of other platforms.
Github only hosts a limited number of platforms, and the runner code
is only supported on slightly wider range of platforms. To increase
our test coverage beyond that, we run the runner natively on a VM host,
where it runs a jobs that boot VMs of other platforms, waits for them
to come up then runs the build and test by ssh'ing into the guest.
This means that the minimum dependencies for the guests are quite low
(basically just sshd, a compiler and make).
The interface to the VM host is fairly simple (basically 3 scripts:
vmstartup, vmrun and vmshutdown), but those are specific to the VM host
so are not in the public repo. We also mount the working directory on the
host via sshfs, so things like artifact upload by the runner also work.
As part of this we are moving the per-test-target configs into a single
place (.github/configs) where there will be referenced by a single short
"config" key. I plan to make the github-hosted runners use this too.
The self-hosted runners are run off a private repo on github since that
prevents third parties from accessing them[0], and since runner quota is
limited on private repos, we avoid running the tests we run on the public
repo.
[0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
2021-01-15 03:11:43 +00:00
|
|
|
|
|
|
|
CONFIGFLAGS=""
|
|
|
|
LIBCRYPTOFLAGS=""
|
|
|
|
|
|
|
|
case "$config" in
|
|
|
|
default|sol64)
|
|
|
|
;;
|
2021-04-26 04:49:59 +00:00
|
|
|
c89)
|
|
|
|
CC="gcc"
|
|
|
|
CFLAGS="-Wall -std=c89 -pedantic -Werror=vla"
|
2021-09-29 07:48:09 +00:00
|
|
|
CONFIGFLAGS="--without-zlib"
|
|
|
|
LIBCRYPTOFLAGS="--without-openssl"
|
2021-04-26 04:49:59 +00:00
|
|
|
TEST_TARGET=t-exec
|
|
|
|
;;
|
2022-02-11 23:24:56 +00:00
|
|
|
cygwin-release)
|
|
|
|
CONFIGFLAGS="--with-libedit --with-xauth=/usr/bin/xauth --disable-strip --with-security-key-builtin"
|
|
|
|
;;
|
2021-10-21 04:00:53 +00:00
|
|
|
clang-12-Werror)
|
|
|
|
CC="clang-12"
|
|
|
|
# clang's implicit-fallthrough requires that the code be annotated with
|
|
|
|
# __attribute__((fallthrough)) and does not understand /* FALLTHROUGH */
|
2022-02-28 11:21:36 +00:00
|
|
|
CFLAGS="-Wall -Wextra -O2 -Wno-error=implicit-fallthrough -Wno-error=unused-parameter"
|
2021-10-21 04:00:53 +00:00
|
|
|
CONFIGFLAGS="--with-pam --with-Werror"
|
|
|
|
;;
|
2022-07-05 06:23:28 +00:00
|
|
|
*-sanitize-*)
|
|
|
|
case "$config" in
|
|
|
|
gcc-*)
|
|
|
|
CC=gcc
|
|
|
|
;;
|
|
|
|
clang-*)
|
|
|
|
# Find the newest available version of clang
|
|
|
|
for i in `seq 10 99`; do
|
|
|
|
clang="`which clang-$i 2>/dev/null`"
|
|
|
|
[ -x "$clang" ] && CC="$clang"
|
|
|
|
done
|
|
|
|
;;
|
|
|
|
esac
|
2022-07-05 02:02:33 +00:00
|
|
|
# Put Sanitizer logs in regress dir.
|
|
|
|
SANLOGS=`pwd`/regress
|
2022-07-03 11:46:44 +00:00
|
|
|
# - We replace chroot with chdir so that the sanitizer in the preauth
|
|
|
|
# privsep process can read /proc.
|
|
|
|
# - clang does not recognizes explicit_bzero so we use bzero
|
|
|
|
# (see https://github.com/google/sanitizers/issues/1507
|
|
|
|
# - openssl and zlib trip ASAN.
|
|
|
|
# - sp_pwdp returned by getspnam trips ASAN, hence disabling shadow.
|
|
|
|
case "$config" in
|
2022-07-05 06:23:28 +00:00
|
|
|
*-sanitize-address)
|
2022-07-03 11:46:44 +00:00
|
|
|
CFLAGS="-fsanitize=address -fno-omit-frame-pointer"
|
|
|
|
LDFLAGS="-fsanitize=address"
|
2022-07-05 06:23:28 +00:00
|
|
|
CPPFLAGS='-Dchroot=chdir -Dexplicit_bzero=bzero -D_FORTIFY_SOURCE=0 -DASAN_OPTIONS=\"detect_leaks=0:log_path='$SANLOGS'/asan.log\"'
|
|
|
|
CONFIGFLAGS=""
|
2022-07-03 11:46:44 +00:00
|
|
|
TEST_TARGET="t-exec"
|
|
|
|
;;
|
|
|
|
clang-sanitize-memory)
|
2022-07-12 02:54:24 +00:00
|
|
|
CFLAGS="-fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer"
|
2022-07-03 11:46:44 +00:00
|
|
|
LDFLAGS="-fsanitize=memory"
|
2022-07-05 02:02:33 +00:00
|
|
|
CPPFLAGS='-Dchroot=chdir -Dexplicit_bzero=bzero -DMSAN_OPTIONS=\"log_path='$SANLOGS'/msan.log\"'
|
2022-07-03 11:46:44 +00:00
|
|
|
CONFIGFLAGS="--without-openssl --without-zlib --without-shadow"
|
|
|
|
TEST_TARGET="t-exec"
|
|
|
|
;;
|
2022-07-05 08:35:53 +00:00
|
|
|
*-sanitize-undefined)
|
2022-07-03 11:46:44 +00:00
|
|
|
CFLAGS="-fsanitize=undefined"
|
|
|
|
LDFLAGS="-fsanitize=undefined"
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
echo unknown sanitize option;
|
|
|
|
exit 1;;
|
|
|
|
esac
|
|
|
|
features="--disable-security-key --disable-pkcs11"
|
|
|
|
hardening="--without-sandbox --without-hardening --without-stackprotect"
|
|
|
|
privsep="--with-privsep-user=root"
|
|
|
|
CONFIGFLAGS="$CONFIGFLAGS $features $hardening $privsep"
|
|
|
|
# Because we hobble chroot we can't test it.
|
|
|
|
SKIP_LTESTS=sftp-chroot
|
|
|
|
;;
|
2021-10-21 04:00:53 +00:00
|
|
|
gcc-11-Werror)
|
|
|
|
CC="gcc"
|
|
|
|
# -Wnoformat-truncation in gcc 7.3.1 20180130 fails on fmt_scaled
|
2022-02-28 11:21:36 +00:00
|
|
|
CFLAGS="-Wall -Wextra -O2 -Wno-format-truncation -Wimplicit-fallthrough=4 -Wno-unused-parameter"
|
2021-10-21 04:00:53 +00:00
|
|
|
CONFIGFLAGS="--with-pam --with-Werror"
|
|
|
|
;;
|
2021-09-29 01:36:13 +00:00
|
|
|
clang*|gcc*)
|
|
|
|
CC="$config"
|
|
|
|
;;
|
2021-02-17 07:41:30 +00:00
|
|
|
kitchensink)
|
2021-02-18 03:54:07 +00:00
|
|
|
CONFIGFLAGS="--with-kerberos5 --with-libedit --with-pam"
|
|
|
|
CONFIGFLAGS="${CONFIGFLAGS} --with-security-key-builtin --with-selinux"
|
|
|
|
CONFIGFLAGS="${CONFIGFLAGS} --with-cflags=-DSK_DEBUG"
|
2021-02-17 07:41:30 +00:00
|
|
|
;;
|
|
|
|
hardenedmalloc)
|
|
|
|
CONFIGFLAGS="--with-ldflags=-lhardened_malloc"
|
|
|
|
;;
|
2021-10-12 11:55:51 +00:00
|
|
|
tcmalloc)
|
|
|
|
CONFIGFLAGS="--with-ldflags=-ltcmalloc"
|
|
|
|
;;
|
2021-10-22 11:54:33 +00:00
|
|
|
krb5|heimdal)
|
2021-02-17 07:41:30 +00:00
|
|
|
CONFIGFLAGS="--with-kerberos5"
|
|
|
|
;;
|
|
|
|
libedit)
|
|
|
|
CONFIGFLAGS="--with-libedit"
|
|
|
|
;;
|
2022-02-18 01:12:21 +00:00
|
|
|
musl)
|
|
|
|
CC="musl-gcc"
|
|
|
|
CONFIGFLAGS="--without-zlib"
|
|
|
|
LIBCRYPTOFLAGS="--without-openssl"
|
|
|
|
TEST_TARGET="t-exec"
|
|
|
|
;;
|
2021-04-23 00:26:35 +00:00
|
|
|
pam-krb5)
|
|
|
|
CONFIGFLAGS="--with-pam --with-kerberos5"
|
|
|
|
SSHD_CONFOPTS="UsePam yes"
|
|
|
|
;;
|
Add self-hosted runners for VMs of other platforms.
Github only hosts a limited number of platforms, and the runner code
is only supported on slightly wider range of platforms. To increase
our test coverage beyond that, we run the runner natively on a VM host,
where it runs a jobs that boot VMs of other platforms, waits for them
to come up then runs the build and test by ssh'ing into the guest.
This means that the minimum dependencies for the guests are quite low
(basically just sshd, a compiler and make).
The interface to the VM host is fairly simple (basically 3 scripts:
vmstartup, vmrun and vmshutdown), but those are specific to the VM host
so are not in the public repo. We also mount the working directory on the
host via sshfs, so things like artifact upload by the runner also work.
As part of this we are moving the per-test-target configs into a single
place (.github/configs) where there will be referenced by a single short
"config" key. I plan to make the github-hosted runners use this too.
The self-hosted runners are run off a private repo on github since that
prevents third parties from accessing them[0], and since runner quota is
limited on private repos, we avoid running the tests we run on the public
repo.
[0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
2021-01-15 03:11:43 +00:00
|
|
|
*pam)
|
|
|
|
CONFIGFLAGS="--with-pam"
|
|
|
|
SSHD_CONFOPTS="UsePam yes"
|
|
|
|
;;
|
2021-04-26 04:02:03 +00:00
|
|
|
libressl-*)
|
|
|
|
LIBCRYPTOFLAGS="--with-ssl-dir=/opt/libressl --with-rpath=-Wl,-rpath,"
|
2021-02-17 07:41:30 +00:00
|
|
|
;;
|
2021-04-26 04:02:03 +00:00
|
|
|
openssl-*)
|
|
|
|
LIBCRYPTOFLAGS="--with-ssl-dir=/opt/openssl --with-rpath=-Wl,-rpath,"
|
2021-02-17 07:41:30 +00:00
|
|
|
;;
|
|
|
|
selinux)
|
|
|
|
CONFIGFLAGS="--with-selinux"
|
|
|
|
;;
|
|
|
|
sk)
|
|
|
|
CONFIGFLAGS="--with-security-key-builtin"
|
|
|
|
;;
|
Add self-hosted runners for VMs of other platforms.
Github only hosts a limited number of platforms, and the runner code
is only supported on slightly wider range of platforms. To increase
our test coverage beyond that, we run the runner natively on a VM host,
where it runs a jobs that boot VMs of other platforms, waits for them
to come up then runs the build and test by ssh'ing into the guest.
This means that the minimum dependencies for the guests are quite low
(basically just sshd, a compiler and make).
The interface to the VM host is fairly simple (basically 3 scripts:
vmstartup, vmrun and vmshutdown), but those are specific to the VM host
so are not in the public repo. We also mount the working directory on the
host via sshfs, so things like artifact upload by the runner also work.
As part of this we are moving the per-test-target configs into a single
place (.github/configs) where there will be referenced by a single short
"config" key. I plan to make the github-hosted runners use this too.
The self-hosted runners are run off a private repo on github since that
prevents third parties from accessing them[0], and since runner quota is
limited on private repos, we avoid running the tests we run on the public
repo.
[0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
2021-01-15 03:11:43 +00:00
|
|
|
without-openssl)
|
|
|
|
LIBCRYPTOFLAGS="--without-openssl"
|
2021-02-17 07:41:30 +00:00
|
|
|
TEST_TARGET=t-exec
|
Add self-hosted runners for VMs of other platforms.
Github only hosts a limited number of platforms, and the runner code
is only supported on slightly wider range of platforms. To increase
our test coverage beyond that, we run the runner natively on a VM host,
where it runs a jobs that boot VMs of other platforms, waits for them
to come up then runs the build and test by ssh'ing into the guest.
This means that the minimum dependencies for the guests are quite low
(basically just sshd, a compiler and make).
The interface to the VM host is fairly simple (basically 3 scripts:
vmstartup, vmrun and vmshutdown), but those are specific to the VM host
so are not in the public repo. We also mount the working directory on the
host via sshfs, so things like artifact upload by the runner also work.
As part of this we are moving the per-test-target configs into a single
place (.github/configs) where there will be referenced by a single short
"config" key. I plan to make the github-hosted runners use this too.
The self-hosted runners are run off a private repo on github since that
prevents third parties from accessing them[0], and since runner quota is
limited on private repos, we avoid running the tests we run on the public
repo.
[0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
2021-01-15 03:11:43 +00:00
|
|
|
;;
|
2021-04-08 04:20:12 +00:00
|
|
|
valgrind-[1-4]|valgrind-unit)
|
2021-02-20 02:34:02 +00:00
|
|
|
# rlimit sandbox and FORTIFY_SOURCE confuse Valgrind.
|
|
|
|
CONFIGFLAGS="--without-sandbox --without-hardening"
|
|
|
|
CONFIGFLAGS="$CONFIGFLAGS --with-cppflags=-D_FORTIFY_SOURCE=0"
|
2021-04-07 00:05:10 +00:00
|
|
|
TEST_TARGET="t-exec USE_VALGRIND=1"
|
|
|
|
TEST_SSH_ELAPSED_TIMES=1
|
|
|
|
export TEST_SSH_ELAPSED_TIMES
|
2021-02-20 02:34:02 +00:00
|
|
|
# Valgrind slows things down enough that the agent timeout test
|
|
|
|
# won't reliably pass, and the unit tests run longer than allowed
|
2021-04-07 00:05:10 +00:00
|
|
|
# by github so split into three separate tests.
|
2022-01-19 13:49:57 +00:00
|
|
|
tests2="rekey integrity try-ciphers sftp"
|
|
|
|
tests3="krl forward-control sshsig agent-restrict kextype"
|
|
|
|
tests4="cert-userkey cert-hostkey kextype sftp-perm keygen-comment percent"
|
2021-04-07 00:05:10 +00:00
|
|
|
case "$config" in
|
|
|
|
valgrind-1)
|
|
|
|
# All tests except agent-timeout (which is flaky under valgrind)
|
2022-08-11 03:33:51 +00:00
|
|
|
# and hostbased (since valgrind won't let ssh exec keysign).
|
|
|
|
# Slow ones are run separately to increase parallelism.
|
|
|
|
SKIP_LTESTS="agent-timeout hostbased ${tests2} ${tests3} ${tests4}"
|
2021-04-07 00:05:10 +00:00
|
|
|
;;
|
|
|
|
valgrind-2)
|
|
|
|
LTESTS="${tests2}"
|
|
|
|
;;
|
|
|
|
valgrind-3)
|
|
|
|
LTESTS="${tests3}"
|
|
|
|
;;
|
|
|
|
valgrind-4)
|
|
|
|
LTESTS="${tests4}"
|
|
|
|
;;
|
2021-04-08 03:31:08 +00:00
|
|
|
valgrind-unit)
|
|
|
|
TEST_TARGET="unit USE_VALGRIND=1"
|
|
|
|
;;
|
2021-04-07 00:05:10 +00:00
|
|
|
esac
|
2021-02-18 23:16:56 +00:00
|
|
|
;;
|
Add self-hosted runners for VMs of other platforms.
Github only hosts a limited number of platforms, and the runner code
is only supported on slightly wider range of platforms. To increase
our test coverage beyond that, we run the runner natively on a VM host,
where it runs a jobs that boot VMs of other platforms, waits for them
to come up then runs the build and test by ssh'ing into the guest.
This means that the minimum dependencies for the guests are quite low
(basically just sshd, a compiler and make).
The interface to the VM host is fairly simple (basically 3 scripts:
vmstartup, vmrun and vmshutdown), but those are specific to the VM host
so are not in the public repo. We also mount the working directory on the
host via sshfs, so things like artifact upload by the runner also work.
As part of this we are moving the per-test-target configs into a single
place (.github/configs) where there will be referenced by a single short
"config" key. I plan to make the github-hosted runners use this too.
The self-hosted runners are run off a private repo on github since that
prevents third parties from accessing them[0], and since runner quota is
limited on private repos, we avoid running the tests we run on the public
repo.
[0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
2021-01-15 03:11:43 +00:00
|
|
|
*)
|
|
|
|
echo "Unknown configuration $config"
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
# The Solaris 64bit targets are special since they need a non-flag arg.
|
|
|
|
case "$config" in
|
|
|
|
sol64*)
|
|
|
|
CONFIGFLAGS="x86_64 --with-cflags=-m64 --with-ldflags=-m64 ${CONFIGFLAGS}"
|
|
|
|
LIBCRYPTOFLAGS="--with-ssl-dir=/usr/local/ssl64"
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
case "${TARGET_HOST}" in
|
2022-04-01 02:16:47 +00:00
|
|
|
aix*)
|
|
|
|
# These are slow real or virtual machines so skip the slowest tests
|
|
|
|
# (which tend to be thw ones that transfer lots of data) so that the
|
|
|
|
# test run does not time out.
|
2022-04-04 05:16:51 +00:00
|
|
|
# The agent-restrict test fails due to some quoting issue when run
|
|
|
|
# with sh or ksh so specify bash for now.
|
|
|
|
TEST_TARGET="t-exec TEST_SHELL=bash"
|
2022-04-01 02:16:47 +00:00
|
|
|
SKIP_LTESTS="rekey sftp"
|
|
|
|
;;
|
2021-08-15 02:45:10 +00:00
|
|
|
dfly58*|dfly60*)
|
2021-08-13 03:00:14 +00:00
|
|
|
# scp 3-way connection hangs on these so skip until sorted.
|
|
|
|
SKIP_LTESTS=scp3
|
|
|
|
;;
|
2022-04-04 13:52:11 +00:00
|
|
|
fbsd6)
|
|
|
|
# Native linker is not great with PIC so OpenSSL is built w/out.
|
|
|
|
CONFIGFLAGS="${CONFIGFLAGS} --disable-security-key"
|
|
|
|
;;
|
2021-08-15 09:37:22 +00:00
|
|
|
hurd)
|
2021-08-15 13:25:26 +00:00
|
|
|
SKIP_LTESTS="forwarding multiplex proxy-connect hostkey-agent agent-ptrace"
|
2021-08-15 09:37:22 +00:00
|
|
|
;;
|
2021-05-27 11:23:15 +00:00
|
|
|
minix3)
|
2021-10-06 07:14:37 +00:00
|
|
|
LIBCRYPTOFLAGS="--without-openssl --disable-security-key"
|
2021-05-27 11:23:15 +00:00
|
|
|
# Minix does not have a loopback interface so we have to skip any
|
2021-12-09 23:27:27 +00:00
|
|
|
# test that relies on one.
|
2022-02-22 00:14:51 +00:00
|
|
|
# Also, Minix seems to be very limited in the number of select()
|
|
|
|
# calls that can be operating concurrently, so prune additional tests for that.
|
|
|
|
T="addrmatch agent-restrict brokenkeys cfgmatch cfgmatchlisten cfgparse connect
|
2021-12-09 23:27:27 +00:00
|
|
|
connect-uri exit-status forward-control forwarding hostkey-agent
|
|
|
|
key-options keyscan knownhosts-command login-timeout multiplex
|
|
|
|
reconfigure reexec rekey scp scp-uri scp3 sftp sftp-badcmds
|
|
|
|
sftp-batch sftp-cmds sftp-glob sftp-perm sftp-uri stderr-data
|
|
|
|
transfer"
|
|
|
|
SKIP_LTESTS="$(echo $T)"
|
2021-05-27 11:23:15 +00:00
|
|
|
TEST_TARGET=t-exec
|
|
|
|
SUDO=""
|
|
|
|
;;
|
2021-04-25 04:15:02 +00:00
|
|
|
nbsd4)
|
|
|
|
# System compiler will ICE on some files with fstack-protector
|
2021-10-06 04:40:58 +00:00
|
|
|
# SHA256 functions in sha2.h conflict with OpenSSL's breaking sk-dummy
|
|
|
|
CONFIGFLAGS="${CONFIGFLAGS} --without-hardening --disable-security-key"
|
2021-04-25 04:15:02 +00:00
|
|
|
;;
|
2022-03-25 21:13:46 +00:00
|
|
|
openwrt-*)
|
|
|
|
CONFIGFLAGS="${CONFIGFLAGS} --without-openssl --without-zlib"
|
|
|
|
TEST_TARGET="t-exec"
|
|
|
|
;;
|
2021-02-17 23:10:00 +00:00
|
|
|
sol10|sol11)
|
|
|
|
# sol10 VM is 32bit and the unit tests are slow.
|
|
|
|
# sol11 has 4 test configs so skip unit tests to speed up.
|
Add self-hosted runners for VMs of other platforms.
Github only hosts a limited number of platforms, and the runner code
is only supported on slightly wider range of platforms. To increase
our test coverage beyond that, we run the runner natively on a VM host,
where it runs a jobs that boot VMs of other platforms, waits for them
to come up then runs the build and test by ssh'ing into the guest.
This means that the minimum dependencies for the guests are quite low
(basically just sshd, a compiler and make).
The interface to the VM host is fairly simple (basically 3 scripts:
vmstartup, vmrun and vmshutdown), but those are specific to the VM host
so are not in the public repo. We also mount the working directory on the
host via sshfs, so things like artifact upload by the runner also work.
As part of this we are moving the per-test-target configs into a single
place (.github/configs) where there will be referenced by a single short
"config" key. I plan to make the github-hosted runners use this too.
The self-hosted runners are run off a private repo on github since that
prevents third parties from accessing them[0], and since runner quota is
limited on private repos, we avoid running the tests we run on the public
repo.
[0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
2021-01-15 03:11:43 +00:00
|
|
|
TEST_TARGET="tests SKIP_UNIT=1"
|
|
|
|
;;
|
2021-04-20 15:08:04 +00:00
|
|
|
win10)
|
|
|
|
# No sudo on Windows.
|
|
|
|
SUDO=""
|
|
|
|
;;
|
Add self-hosted runners for VMs of other platforms.
Github only hosts a limited number of platforms, and the runner code
is only supported on slightly wider range of platforms. To increase
our test coverage beyond that, we run the runner natively on a VM host,
where it runs a jobs that boot VMs of other platforms, waits for them
to come up then runs the build and test by ssh'ing into the guest.
This means that the minimum dependencies for the guests are quite low
(basically just sshd, a compiler and make).
The interface to the VM host is fairly simple (basically 3 scripts:
vmstartup, vmrun and vmshutdown), but those are specific to the VM host
so are not in the public repo. We also mount the working directory on the
host via sshfs, so things like artifact upload by the runner also work.
As part of this we are moving the per-test-target configs into a single
place (.github/configs) where there will be referenced by a single short
"config" key. I plan to make the github-hosted runners use this too.
The self-hosted runners are run off a private repo on github since that
prevents third parties from accessing them[0], and since runner quota is
limited on private repos, we avoid running the tests we run on the public
repo.
[0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
2021-01-15 03:11:43 +00:00
|
|
|
esac
|
|
|
|
|
2021-09-29 09:30:59 +00:00
|
|
|
case "`./config.guess`" in
|
2022-08-12 05:08:47 +00:00
|
|
|
*cygwin)
|
|
|
|
SUDO=""
|
|
|
|
;;
|
2021-09-29 08:42:47 +00:00
|
|
|
*-darwin*)
|
2022-08-12 05:08:47 +00:00
|
|
|
# Unless specified otherwise, build without OpenSSL on Mac OS since
|
|
|
|
# modern versions don't ship with libcrypto.
|
2021-09-29 08:42:47 +00:00
|
|
|
LIBCRYPTOFLAGS="--without-openssl"
|
2021-09-29 08:53:32 +00:00
|
|
|
TEST_TARGET=t-exec
|
2021-09-29 08:42:47 +00:00
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
Add self-hosted runners for VMs of other platforms.
Github only hosts a limited number of platforms, and the runner code
is only supported on slightly wider range of platforms. To increase
our test coverage beyond that, we run the runner natively on a VM host,
where it runs a jobs that boot VMs of other platforms, waits for them
to come up then runs the build and test by ssh'ing into the guest.
This means that the minimum dependencies for the guests are quite low
(basically just sshd, a compiler and make).
The interface to the VM host is fairly simple (basically 3 scripts:
vmstartup, vmrun and vmshutdown), but those are specific to the VM host
so are not in the public repo. We also mount the working directory on the
host via sshfs, so things like artifact upload by the runner also work.
As part of this we are moving the per-test-target configs into a single
place (.github/configs) where there will be referenced by a single short
"config" key. I plan to make the github-hosted runners use this too.
The self-hosted runners are run off a private repo on github since that
prevents third parties from accessing them[0], and since runner quota is
limited on private repos, we avoid running the tests we run on the public
repo.
[0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
2021-01-15 03:11:43 +00:00
|
|
|
# If we have a local openssl/libressl, use that.
|
|
|
|
if [ -z "${LIBCRYPTOFLAGS}" ]; then
|
|
|
|
# last-match
|
2021-02-17 07:41:30 +00:00
|
|
|
for i in /usr/local /usr/local/ssl /usr/local/opt/openssl; do
|
2021-02-17 09:21:29 +00:00
|
|
|
if [ -x ${i}/bin/openssl ]; then
|
Add self-hosted runners for VMs of other platforms.
Github only hosts a limited number of platforms, and the runner code
is only supported on slightly wider range of platforms. To increase
our test coverage beyond that, we run the runner natively on a VM host,
where it runs a jobs that boot VMs of other platforms, waits for them
to come up then runs the build and test by ssh'ing into the guest.
This means that the minimum dependencies for the guests are quite low
(basically just sshd, a compiler and make).
The interface to the VM host is fairly simple (basically 3 scripts:
vmstartup, vmrun and vmshutdown), but those are specific to the VM host
so are not in the public repo. We also mount the working directory on the
host via sshfs, so things like artifact upload by the runner also work.
As part of this we are moving the per-test-target configs into a single
place (.github/configs) where there will be referenced by a single short
"config" key. I plan to make the github-hosted runners use this too.
The self-hosted runners are run off a private repo on github since that
prevents third parties from accessing them[0], and since runner quota is
limited on private repos, we avoid running the tests we run on the public
repo.
[0] https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories
2021-01-15 03:11:43 +00:00
|
|
|
LIBCRYPTOFLAGS="--with-ssl-dir=${i}"
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
|
|
|
|
CONFIGFLAGS="${CONFIGFLAGS} ${LIBCRYPTOFLAGS}"
|
|
|
|
|
2021-04-26 04:29:03 +00:00
|
|
|
if [ -x "$(which plink 2>/dev/null)" ]; then
|
|
|
|
REGRESS_INTEROP_PUTTY=yes
|
|
|
|
export REGRESS_INTEROP_PUTTY
|
|
|
|
fi
|
|
|
|
|
2022-07-03 11:46:44 +00:00
|
|
|
export CC CFLAGS CPPFLAGS LDFLAGS LTESTS SUDO
|
2022-01-12 05:58:13 +00:00
|
|
|
export TEST_TARGET TEST_SSH_UNSAFE_PERMISSIONS TEST_SSH_FAIL_FATAL
|