Commit 9465cbf68b for openssl.org
commit 9465cbf68b4719255ea4261d3092b33f7216c4e3
Author: sashan <anedvedicky@gmail.com>
Date: Fri Nov 29 12:12:40 2024 +0100
add rpki-client external test
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27689)
diff --git a/test/recipes/95-test_external_rpki-client-portable.t b/test/recipes/95-test_external_rpki-client-portable.t
new file mode 100644
index 0000000000..b12c403170
--- /dev/null
+++ b/test/recipes/95-test_external_rpki-client-portable.t
@@ -0,0 +1,29 @@
+#! /usr/bin/env perl
+# Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+use OpenSSL::Test;
+use OpenSSL::Test::Utils;
+use OpenSSL::Test qw/:DEFAULT data_file srctop_file bldtop_dir/;
+use Cwd qw(abs_path);
+
+setup("test_external_rpki-client-portable");
+
+plan skip_all => "No external tests in this configuration"
+ if disabled("external-tests");
+plan skip_all => "rpki-client-portable not available"
+ if ! -f srctop_file("rpki-client-portable", "configure.ac");
+
+plan tests => 1;
+
+$ENV{OPENSSL_MODULES} = abs_path(bldtop_dir("providers"));
+$ENV{OPENSSL_CONF} = abs_path(srctop_file("test", "default-and-legacy.cnf"));
+$ENV{ AUTOCONF_VERSION} = 2.72;
+$ENV{ AUTOMAKE_VERSION} = 1.16;
+
+ok(run(cmd([data_file("rpki-client-portable.sh")])), "running rpki-client tests");
diff --git a/test/recipes/95-test_external_rpki-client-portable_data/rpki-client-portable.sh b/test/recipes/95-test_external_rpki-client-portable_data/rpki-client-portable.sh
new file mode 100755
index 0000000000..92993be760
--- /dev/null
+++ b/test/recipes/95-test_external_rpki-client-portable_data/rpki-client-portable.sh
@@ -0,0 +1,24 @@
+#!/bin/sh -ex
+#
+# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# krb5's test suite clears LD_LIBRARY_PATH
+LDFLAGS="-L`pwd`/$BLDTOP -Wl,-rpath,`pwd`/$BLDTOP"
+CFLAGS="-I`pwd`/$BLDTOP/include -I`pwd`/$SRCTOP/include"
+
+cd $SRCTOP/rpki-client-portable
+
+./autogen.sh
+
+./configure --with-openssl-cflags="$CFLAGS" --with-openssl-ldflags="$LDFLAGS" \
+ CFLAGS="$CFLAGS" LDFLAGS="$LDFLAGS"
+
+# quiet make so that Travis doesn't overflow
+make
+
+make check
diff --git a/test/recipes/95-test_external_rpki-client-portable_data/rpki-client.patch b/test/recipes/95-test_external_rpki-client-portable_data/rpki-client.patch
new file mode 100644
index 0000000000..e251301af3
--- /dev/null
+++ b/test/recipes/95-test_external_rpki-client-portable_data/rpki-client.patch
@@ -0,0 +1,139 @@
+The below diff gives me a working rpki-client when linked against
+eopenssl32 and libretls and against libressl on OpenBSD -current.
+
+Maybe this helps claudio a little. I do not know if linux needs more
+work.
+
+This builds cleanly by suppressing OpenSSL's noisy deprecation warnings
+apart from a unused variable warning in imsg_close() for which I sent a
+diff to tech.
+
+We should probably look into including our minimal regression test suite
+in portable so sashan needs fewer hacks. I can take a look once we have
+a working repo again and if I don't manage I'll summon bcook.
+
+diff --git a/configure.ac b/configure.ac
+index 363460b..f432670 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -168,6 +168,7 @@ AC_ARG_WITH([openssl],
+ )
+ if test X"$PKG_NAME" != X; then
+ OPENSSL_CFLAGS=`pkg-config --cflags-only-I $PKG_NAME 2>/dev/null`
++ OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DOPENSSL_SUPPRESS_DEPRECATED"
+ OPENSSL_LDFLAGS=`pkg-config --libs-only-L $PKG_NAME 2>/dev/null`
+ fi
+
+@@ -366,7 +367,7 @@ fi
+
+ # check functions that are expected to be in libutil
+ AC_SEARCH_LIBS([ibuf_open], [util])
+-AC_CHECK_FUNCS([ibuf_open ibuf_add ibuf_get msgbuf_init])
++AC_CHECK_FUNCS([ibuf_open ibuf_add ibuf_get msgbuf_new])
+
+ # check functions that are expected to be in libresolv
+ AC_SEARCH_LIBS([inet_net_pton],[resolv])
+diff --git a/patches/0001-Allow-overriding-default-user-and-file-locations.patch b/patches/0001-Allow-overriding-default-user-and-file-locations.patch
+index 9d5d741..398ac31 100644
+--- a/patches/0001-Allow-overriding-default-user-and-file-locations.patch
++++ b/patches/0001-Allow-overriding-default-user-and-file-locations.patch
+@@ -46,7 +46,7 @@ diff --git src/usr.sbin/rpki-client/main.c src/usr.sbin/rpki-client/main.c
+ index 342548ce3..6b3c9e4f3 100644
+ --- src/usr.sbin/rpki-client/main.c
+ +++ src/usr.sbin/rpki-client/main.c
+-@@ -800,7 +800,7 @@ sum_repostats(const struct repo *rp, const struct repostats *in, void *arg)
++@@ -806,7 +806,7 @@ sum_repostats(const struct repo *rp, const struct repo
+ }
+
+ /*
+@@ -55,7 +55,7 @@ index 342548ce3..6b3c9e4f3 100644
+ * returning the number of files found and filled-in.
+ * This may be zero.
+ * Don't exceed "max" filenames.
+-@@ -808,7 +808,7 @@ sum_repostats(const struct repo *rp, const struct repostats *in, void *arg)
++@@ -814,7 +814,7 @@ sum_repostats(const struct repo *rp, const struct repo
+ static int
+ tal_load_default(void)
+ {
+@@ -64,16 +64,16 @@ index 342548ce3..6b3c9e4f3 100644
+ int s = 0;
+ char *path;
+ DIR *dirp;
+-@@ -971,7 +971,7 @@ main(int argc, char *argv[])
++@@ -979,7 +979,7 @@ main(int argc, char *argv[])
++ struct pollfd pfd[NPFD];
+ struct msgbuf *queues[NPFD];
+- struct ibuf *b, *httpbuf = NULL, *procbuf = NULL;
+- struct ibuf *rrdpbuf = NULL, *rsyncbuf = NULL;
++ struct ibuf *b;
+ - char *rsync_prog = "openrsync";
+ + char *rsync_prog = RPKI_RSYNC_CMD;
+ char *bind_addr = NULL;
+ const char *cachedir = NULL, *outputdir = NULL;
+ const char *errs, *name;
+-@@ -989,9 +989,9 @@ main(int argc, char *argv[])
++@@ -997,9 +997,9 @@ main(int argc, char *argv[])
+ if (getuid() == 0) {
+ struct passwd *pw;
+
+@@ -85,7 +85,7 @@ index 342548ce3..6b3c9e4f3 100644
+ if (setgroups(1, &pw->pw_gid) == -1 ||
+ setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1 ||
+ setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1)
+-@@ -1082,7 +1082,8 @@ main(int argc, char *argv[])
++@@ -1087,7 +1087,8 @@ main(int argc, char *argv[])
+ verbose++;
+ break;
+ case 'V':
+@@ -95,7 +95,7 @@ index 342548ce3..6b3c9e4f3 100644
+ return 0;
+ case 'x':
+ experimental = 1;
+-@@ -1131,7 +1132,7 @@ main(int argc, char *argv[])
++@@ -1136,7 +1137,7 @@ main(int argc, char *argv[])
+ if (talsz == 0)
+ talsz = tal_load_default();
+ if (talsz == 0)
+@@ -104,6 +104,3 @@ index 342548ce3..6b3c9e4f3 100644
+
+ /* Load optional constraint files sitting next to the TALs. */
+ constraints_load();
+---
+-2.45.2
+-
+diff --git a/patches/patch-imsg.c b/patches/patch-imsg.c
+deleted file mode 100644
+index 0636c93..0000000
+--- a/patches/patch-imsg.c
++++ /dev/null
+@@ -1,18 +0,0 @@
+---- imsg.c.orig 2015-07-17 23:57:48.000000000 +0000
+-+++ imsg.c 2015-07-17 23:58:57.000000000 +0000
+-@@ -71,6 +71,7 @@
+- return (-1);
+-
+- again:
+-+#ifdef HAVE_GETDTABLECOUNT
+- if (getdtablecount() + imsg_fd_overhead +
+- (CMSG_SPACE(sizeof(int))-CMSG_SPACE(0))/sizeof(int)
+- >= getdtablesize()) {
+-@@ -78,6 +79,7 @@
+- free(ifd);
+- return (-1);
+- }
+-+#endif
+-
+- if ((n = recvmsg(ibuf->fd, &msg, 0)) == -1) {
+- if (errno == EMSGSIZE)
+diff --git a/update.sh b/update.sh
+index d3fa547..54d037b 100755
+--- a/update.sh
++++ b/update.sh
+@@ -68,7 +68,6 @@ ${CP} "${arc4random_src}"/arc4random_*.h compat
+
+ ${CP} "${libutil_src}/imsg.c" compat/
+ ${CP} "${libutil_src}/imsg-buffer.c" compat/
+-(cd compat; ${PATCH} -p0 < "${patches}/patch-imsg.c")
+
+ for i in as.c aspa.c cert.c cms.c crl.c constraints.c encoding.c extern.h filemode.c \
+ gbr.c geofeed.c http.c io.c ip.c json.c json.h main.c mft.c \