Skip to content

Commit

Permalink
Add AL2 test with system libcrypto (aws#4179)
Browse files Browse the repository at this point in the history
  • Loading branch information
lrstewart authored Sep 6, 2023
1 parent 406013b commit a888cfc
Show file tree
Hide file tree
Showing 4 changed files with 29 additions and 15 deletions.
15 changes: 11 additions & 4 deletions codebuild/bin/install_al2_dependencies.sh
Original file line number Diff line number Diff line change
Expand Up @@ -26,9 +26,6 @@ base_packages() {
# We don't use NodeJS, so just remove it.
yum erase -y nodejs || true
yum update -y
# The default openssl-devel on AL2 is openssl-1.0.
# We replace it with openssl-1.1 later in the build process.
yum erase -y openssl-devel || true
yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm || true
yum install amazon-linux-extras

Expand Down Expand Up @@ -59,5 +56,15 @@ symlink_all_the_things() {
base_packages
mono
yum groupinstall -y "Development tools"
yum install -y clang cmake3 iproute net-tools nettle-devel nettle openssl11-static openssl11-libs openssl11-devel which sudo psmisc python3-pip tcpdump unzip zlib-devel libtool ninja-build valgrind wget which
yum install -y clang cmake3 iproute net-tools nettle-devel nettle which sudo psmisc
yum install -y python3-pip tcpdump unzip zlib-devel libtool ninja-build valgrind wget
symlink_all_the_things

case "$S2N_LIBCRYPTO" in
"openssl-1.1.1")
yum erase -y openssl-devel || true
yum install -y openssl11-static openssl11-libs openssl11-devel
;;
"default") echo "Using default system libcrypto";;
*) echo "Unknown libcrypto: ${S2N_LIBCRYPTO}"; exit 1;;
esac
14 changes: 8 additions & 6 deletions codebuild/bin/s2n_codebuild_al2.sh
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
set -e

source codebuild/bin/s2n_setup_env.sh

# Use prlimit to set the memlock limit to unlimited for linux. OSX is unlimited by default
# Codebuild Containers aren't allowing prlimit changes (and aren't being caught with the usual cgroup check)
if [[ "$OS_NAME" == "linux" && -n "$CODEBUILD_BUILD_ARN" ]]; then
Expand All @@ -30,11 +31,12 @@ fi

# Linker flags are a workaround for openssl
case "$TESTS" in
"unit") cmake . -Bbuild -DCMAKE_EXE_LINKER_FLAGS="-lcrypto -lz" -DCMAKE_EXPORT_COMPILE_COMMANDS=ON -D${CMAKE_PQ_OPTION} -DS2N_BLOCK_NONPORTABLE_OPTIMIZATIONS=True
cmake --build ./build -j $(nproc)
cmake --build ./build --target test -- ARGS="-L unit --output-on-failure"
;;
*) echo "Unknown test"
exit 1;;
"unit")
cmake . -Bbuild -DCMAKE_EXE_LINKER_FLAGS="-lcrypto -lz" -DCMAKE_EXPORT_COMPILE_COMMANDS=ON \
-D${CMAKE_PQ_OPTION} -DS2N_BLOCK_NONPORTABLE_OPTIMIZATIONS=True
cmake --build ./build -j $(nproc)
cmake --build ./build --target test -- ARGS="-L unit --output-on-failure"
;;
*) echo "Unknown test"; exit 1;;
esac

11 changes: 6 additions & 5 deletions codebuild/bin/s2n_setup_env.sh
Original file line number Diff line number Diff line change
Expand Up @@ -151,9 +151,11 @@ fi

if [[ "$S2N_LIBCRYPTO" == "libressl" ]]; then export LIBCRYPTO_ROOT=$LIBRESSL_INSTALL_DIR ; fi

# Create a link to the selected libcrypto. This shouldn't be needed when LIBCRYPTO_ROOT is set, but some tests
# have the "libcrypto-root" directory path hardcoded.
rm -rf libcrypto-root && ln -s "$LIBCRYPTO_ROOT" libcrypto-root
if [[ -n "${LIBCRYPTO_ROOT:-}" ]]; then
# Create a link to the selected libcrypto. This shouldn't be needed when LIBCRYPTO_ROOT is set, but some tests
# have the "libcrypto-root" directory path hardcoded.
rm -rf libcrypto-root && ln -s "$LIBCRYPTO_ROOT" libcrypto-root
fi

# Set the libfuzzer to use for fuzz tests
export LIBFUZZER_ROOT=$LIBFUZZER_INSTALL_DIR
Expand Down Expand Up @@ -219,11 +221,10 @@ set_cc
echo "UID=$UID"
echo "OS_NAME=$OS_NAME"
echo "S2N_LIBCRYPTO=$S2N_LIBCRYPTO"
echo "LIBCRYPTO_ROOT=$LIBCRYPTO_ROOT"
echo "LIBCRYPTO_ROOT=${LIBCRYPTO_ROOT:-}"
echo "BUILD_S2N=$BUILD_S2N"
echo "GCC_VERSION=$GCC_VERSION"
echo "LATEST_CLANG=$LATEST_CLANG"
echo "TESTS=$TESTS"
echo "PATH=$PATH"
echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH"

4 changes: 4 additions & 0 deletions tests/unit/s2n_build_test.c
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,10 @@ int main()
return 0;
}

if (strcmp(s2n_libcrypto, "default") == 0) {
END_TEST();
}

char s2n_libcrypto_copy[100] = { 0 };
strncpy(s2n_libcrypto_copy, s2n_libcrypto, 99);
char *name = NULL;
Expand Down

0 comments on commit a888cfc

Please sign in to comment.