diff --git a/Makefile.in b/Makefile.in index ff5dc8fae..3f589f44e 100644 --- a/Makefile.in +++ b/Makefile.in @@ -85,6 +85,8 @@ LINTFLAGS+=@NETBSD_LINTFLAGS@ LINTFLAGS+="-Dsigset_t=long" # FreeBSD LINTFLAGS+="-D__uint16_t=uint16_t" "-DEVP_PKEY_ASN1_METHOD=int" "-D_RuneLocale=int" "-D__va_list=va_list" "-D__uint32_t=uint32_t" "-D_Alignof(x)=x" "-D__aligned(x)=" "-D__requires_exclusive(x)=" "-D__requires_unlocked(x)=" "-D__locks_exclusive(x)=" "-D__trylocks_exclusive(x)=" "-D__unlocks(x)=" "-D__locks_shared(x)=" "-D__trylocks_shared(x)=" +# GCC Docker +LINTFLAGS+=@GCC_DOCKER_LINTFLAGS@ INSTALL=$(SHELL) $(srcdir)/install-sh diff --git a/configure.ac b/configure.ac index bbe8d683a..1ed55b0ef 100644 --- a/configure.ac +++ b/configure.ac @@ -777,6 +777,12 @@ if test "`uname`" = "NetBSD"; then NETBSD_LINTFLAGS='"-D__RENAME(x)=" -D_NETINET_IN_H_' AC_SUBST(NETBSD_LINTFLAGS) fi + +if test "`uname -o`" = "GNU/Linux"; then + # splint cannot parse modern c99 header files + GCC_DOCKER_LINTFLAGS='-syntax' + AC_SUBST(GCC_DOCKER_LINTFLAGS) +fi CONFIG_DATE=`date +%Y%m%d` AC_SUBST(CONFIG_DATE) diff --git a/contrib/Dockerfile.tests b/contrib/Dockerfile.tests new file mode 100644 index 000000000..417daccb2 --- /dev/null +++ b/contrib/Dockerfile.tests @@ -0,0 +1,11 @@ +FROM gcc:latest +WORKDIR /usr/src/unbound +RUN apt-get update +# install semantic parser & lexical analyzer +RUN apt-get install -y bison flex +# install packages used in tests +RUN apt-get install -y ldnsutils dnsutils xxd splint doxygen netcat +# accept short rsa keys, which are used in tests +RUN sed -i 's/SECLEVEL=2/SECLEVEL=1/g' /usr/lib/ssl/openssl.cnf + +CMD ["/bin/bash"] diff --git a/doc/README.tests b/doc/README.tests index 5385e2b22..376f01717 100644 --- a/doc/README.tests +++ b/doc/README.tests @@ -15,6 +15,14 @@ You need to have the following programs installed and in your PATH. * xxd and nc (optional) - for (malformed) packet transmission. The optional programs are detected and can be omitted. +You can also use prepared Dockerfile to run tests inside docker based on latest gcc image: +* build container: docker build -t unbound-tester -f contrib/Dockerfile.tests . +* run container: docker run -it --mount type=bind,source="$(pwd)",target=/usr/src/unbound --rm unbound-tester +* configure environment: ./configure +* run test: make test +* run long tests: make longtest +It is worth to mention that you need to enable [ipv6 in your docker daemon configuration](https://docs.docker.com/config/daemon/ipv6/) because some tests need ipv6 network stack. + testdata/ contains the data for tests. testcode/ contains scripts and c code for the tests. diff --git a/testcode/petal.c b/testcode/petal.c index a1a376155..6ea3c34cd 100644 --- a/testcode/petal.c +++ b/testcode/petal.c @@ -220,8 +220,11 @@ read_http_headers(SSL* ssl, char* file, size_t flen, char* host, size_t hlen, host[0] = 0; while(read_ssl_line(ssl, buf, sizeof(buf))) { if(verb>=2) printf("read: %s\n", buf); - if(buf[0] == 0) + if(buf[0] == 0) { + int e = ERR_peek_error(); + printf("error string: %s\n", ERR_reason_error_string(e)); return 1; + } if(!process_one_header(buf, file, flen, host, hlen, vs)) return 0; } @@ -241,8 +244,11 @@ setup_ctx(char* key, char* cert) #ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL SSL_CTX_set_security_level(ctx, 0); /* for keys in tests */ #endif - if(!SSL_CTX_use_certificate_chain_file(ctx, cert)) + if(!SSL_CTX_use_certificate_chain_file(ctx, cert)) { + int e = ERR_peek_error(); + printf("error string: %s\n", ERR_reason_error_string(e)); print_exit("cannot read cert"); + } if(!SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM)) print_exit("cannot read key"); if(!SSL_CTX_check_private_key(ctx)) diff --git a/testdata/fwd_zero.tdir/fwd_zero.test b/testdata/fwd_zero.tdir/fwd_zero.test index 87a2dec9c..2e0806d6f 100644 --- a/testdata/fwd_zero.tdir/fwd_zero.test +++ b/testdata/fwd_zero.tdir/fwd_zero.test @@ -7,7 +7,7 @@ PRE="../.." OPT="-i" -if nc -h 2>&1 | grep -- "-w secs" >/dev/null; then +if nc -h 2>&1 | grep -E -- "-w (timeout|secs)" >/dev/null; then OPT="-w" fi