Merge pull request #514 from ziollek/docker_for_run_test

Docker environment for run tests

Makefile.in

@@ -85,6 +85,8 @@ LINTFLAGS+=@NETBSD_LINTFLAGS@
 LINTFLAGS+="-Dsigset_t=long"
 # FreeBSD
 LINTFLAGS+="-D__uint16_t=uint16_t" "-DEVP_PKEY_ASN1_METHOD=int" "-D_RuneLocale=int" "-D__va_list=va_list" "-D__uint32_t=uint32_t" "-D_Alignof(x)=x" "-D__aligned(x)=" "-D__requires_exclusive(x)=" "-D__requires_unlocked(x)=" "-D__locks_exclusive(x)=" "-D__trylocks_exclusive(x)="  "-D__unlocks(x)=" "-D__locks_shared(x)=" "-D__trylocks_shared(x)="
+# GCC Docker
+LINTFLAGS+=@GCC_DOCKER_LINTFLAGS@
 
 INSTALL=$(SHELL) $(srcdir)/install-sh
 

configure.ac

@@ -777,6 +777,12 @@ if test "`uname`" = "NetBSD"; then
 	NETBSD_LINTFLAGS='"-D__RENAME(x)=" -D_NETINET_IN_H_'
 	AC_SUBST(NETBSD_LINTFLAGS)
 fi
+
+if test "`uname -o`" = "GNU/Linux"; then
+	# splint cannot parse modern c99 header files
+	GCC_DOCKER_LINTFLAGS='-syntax'
+	AC_SUBST(GCC_DOCKER_LINTFLAGS)
+fi
 CONFIG_DATE=`date +%Y%m%d`
 AC_SUBST(CONFIG_DATE)
 

contrib/Dockerfile.tests

@@ -0,0 +1,11 @@
+FROM gcc:latest
+WORKDIR /usr/src/unbound
+RUN apt-get update
+# install semantic parser & lexical analyzer
+RUN apt-get install -y bison flex
+# install packages used in tests
+RUN apt-get install -y ldnsutils dnsutils xxd splint doxygen netcat
+# accept short rsa keys, which are used in tests
+RUN sed -i 's/SECLEVEL=2/SECLEVEL=1/g' /usr/lib/ssl/openssl.cnf
+
+CMD ["/bin/bash"]

doc/README.tests

@@ -15,6 +15,14 @@ You need to have the following programs installed and in your PATH.
 * xxd and nc (optional) - for (malformed) packet transmission.
 The optional programs are detected and can be omitted.
 
+You can also use prepared Dockerfile to run tests inside docker based on latest gcc image:
+* build container: docker build -t unbound-tester -f contrib/Dockerfile.tests .
+* run container: docker run -it --mount type=bind,source="$(pwd)",target=/usr/src/unbound --rm unbound-tester
+* configure environment: ./configure
+* run test: make test
+* run long tests: make longtest
+It is worth to mention that you need to enable [ipv6 in your docker daemon configuration](https://docs.docker.com/config/daemon/ipv6/) because some tests need ipv6 network stack.
+
 testdata/ contains the data for tests. 
 testcode/ contains scripts and c code for the tests.
 

testcode/petal.c

@@ -220,8 +220,11 @@ read_http_headers(SSL* ssl, char* file, size_t flen, char* host, size_t hlen,
 	host[0] = 0;
 	while(read_ssl_line(ssl, buf, sizeof(buf))) {
 		if(verb>=2) printf("read: %s\n", buf);
-		if(buf[0] == 0)
+		if(buf[0] == 0) {
+			int e = ERR_peek_error();
+			printf("error string: %s\n", ERR_reason_error_string(e));
 			return 1;
+		}
 		if(!process_one_header(buf, file, flen, host, hlen, vs))
 			return 0;
 	}
@@ -241,8 +244,11 @@ setup_ctx(char* key, char* cert)
 #ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL
 	SSL_CTX_set_security_level(ctx, 0); /* for keys in tests */
 #endif
-	if(!SSL_CTX_use_certificate_chain_file(ctx, cert))
+	if(!SSL_CTX_use_certificate_chain_file(ctx, cert)) {
+		int e = ERR_peek_error();
+		printf("error string: %s\n", ERR_reason_error_string(e));
 		print_exit("cannot read cert");
+	}
 	if(!SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM))
 		print_exit("cannot read key");
 	if(!SSL_CTX_check_private_key(ctx))

testdata/fwd_zero.tdir/fwd_zero.test

@@ -7,7 +7,7 @@
 PRE="../.."
 
 OPT="-i"
-if nc -h 2>&1 | grep -- "-w secs" >/dev/null; then
+if nc -h 2>&1 | grep -E -- "-w (timeout|secs)" >/dev/null; then
         OPT="-w"
 fi