mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-25 03:12:10 +00:00
ffcdd3d90e
Since the valgrind test takes so long it approaches the limit allowed by github, move it to the head of the list so it's the first one started and split the longest tests out into a second instance that runs concurrently with the first.
111 lines
2.8 KiB
Bash
Executable File
111 lines
2.8 KiB
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# usage: configs vmname test_config (or '' for default)
|
|
#
|
|
# Sets the following variables:
|
|
# CONFIGFLAGS options to ./configure
|
|
# SSHD_CONFOPTS sshd_config options
|
|
# TEST_TARGET make target used when testing. defaults to "tests".
|
|
# LTESTS
|
|
|
|
config=$1
|
|
|
|
TEST_TARGET="tests"
|
|
LTESTS=""
|
|
SKIP_LTESTS=""
|
|
SUDO=sudo # run with sudo by default
|
|
TEST_SSH_UNSAFE_PERMISSIONS=1
|
|
|
|
CONFIGFLAGS=""
|
|
LIBCRYPTOFLAGS=""
|
|
|
|
case "$config" in
|
|
default|sol64)
|
|
;;
|
|
kitchensink)
|
|
CONFIGFLAGS="--with-kerberos5 --with-libedit --with-pam"
|
|
CONFIGFLAGS="${CONFIGFLAGS} --with-security-key-builtin --with-selinux"
|
|
CONFIGFLAGS="${CONFIGFLAGS} --with-cflags=-DSK_DEBUG"
|
|
;;
|
|
hardenedmalloc)
|
|
CONFIGFLAGS="--with-ldflags=-lhardened_malloc"
|
|
;;
|
|
kerberos5)
|
|
CONFIGFLAGS="--with-kerberos5"
|
|
;;
|
|
libedit)
|
|
CONFIGFLAGS="--with-libedit"
|
|
;;
|
|
*pam)
|
|
CONFIGFLAGS="--with-pam"
|
|
SSHD_CONFOPTS="UsePam yes"
|
|
;;
|
|
libressl-head)
|
|
LIBCRYPTOFLAGS="--with-ssl-dir=/opt/libressl/head --with-rpath=-Wl,-rpath,"
|
|
;;
|
|
openssl-head)
|
|
LIBCRYPTOFLAGS="--with-ssl-dir=/opt/openssl/head --with-rpath=-Wl,-rpath,"
|
|
;;
|
|
selinux)
|
|
CONFIGFLAGS="--with-selinux"
|
|
;;
|
|
sk)
|
|
CONFIGFLAGS="--with-security-key-builtin"
|
|
;;
|
|
without-openssl)
|
|
LIBCRYPTOFLAGS="--without-openssl"
|
|
TEST_TARGET=t-exec
|
|
;;
|
|
valgrind-1)
|
|
# rlimit sandbox and FORTIFY_SOURCE confuse Valgrind.
|
|
CONFIGFLAGS="--without-sandbox --without-hardening"
|
|
CONFIGFLAGS="$CONFIGFLAGS --with-cppflags=-D_FORTIFY_SOURCE=0"
|
|
# Valgrind slows things down enough that the agent timeout test
|
|
# won't reliably pass, and the unit tests run longer than allowed
|
|
# by github.
|
|
TEST_TARGET="t-exec USE_VALGRIND=1"
|
|
SKIP_LTESTS="agent-timeout rekey try-ciphers cert-userkey integrity"
|
|
;;
|
|
valgrind-2)
|
|
CONFIGFLAGS="--without-sandbox --without-hardening"
|
|
CONFIGFLAGS="$CONFIGFLAGS --with-cppflags=-D_FORTIFY_SOURCE=0"
|
|
# The rekey test takes >30 min so run separately.
|
|
TEST_TARGET="t-exec USE_VALGRIND=1"
|
|
LTESTS="rekey try-ciphers cert-userkey integrity"
|
|
;;
|
|
*)
|
|
echo "Unknown configuration $config"
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
# The Solaris 64bit targets are special since they need a non-flag arg.
|
|
case "$config" in
|
|
sol64*)
|
|
CONFIGFLAGS="x86_64 --with-cflags=-m64 --with-ldflags=-m64 ${CONFIGFLAGS}"
|
|
LIBCRYPTOFLAGS="--with-ssl-dir=/usr/local/ssl64"
|
|
;;
|
|
esac
|
|
|
|
case "${TARGET_HOST}" in
|
|
sol10|sol11)
|
|
# sol10 VM is 32bit and the unit tests are slow.
|
|
# sol11 has 4 test configs so skip unit tests to speed up.
|
|
TEST_TARGET="tests SKIP_UNIT=1"
|
|
;;
|
|
esac
|
|
|
|
# If we have a local openssl/libressl, use that.
|
|
if [ -z "${LIBCRYPTOFLAGS}" ]; then
|
|
# last-match
|
|
for i in /usr/local /usr/local/ssl /usr/local/opt/openssl; do
|
|
if [ -x ${i}/bin/openssl ]; then
|
|
LIBCRYPTOFLAGS="--with-ssl-dir=${i}"
|
|
fi
|
|
done
|
|
fi
|
|
|
|
CONFIGFLAGS="${CONFIGFLAGS} ${LIBCRYPTOFLAGS}"
|
|
|
|
export LTESTS SUDO TEST_TARGET TEST_SSH_UNSAFE_PERMISSIONS
|