mirror of https://github.com/openssl/openssl.git
34ff74eb18
Otherwise we get a use after free if the test order is randomised. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5467) |
||
|---|---|---|
| .. | ||
| certs | ||
| ct | ||
| d2i-tests | ||
| ocsp-tests | ||
| ossl_shim | ||
| recipes | ||
| smime-certs | ||
| ssl-tests | ||
| testutil | ||
| CAss.cnf | ||
| CAssdh.cnf | ||
| CAssdsa.cnf | ||
| CAssrsa.cnf | ||
| CAtsa.cnf | ||
| P1ss.cnf | ||
| P2ss.cnf | ||
| README | ||
| README.external | ||
| README.ssltest.md | ||
| Sssdsa.cnf | ||
| Sssrsa.cnf | ||
| Uss.cnf | ||
| aborttest.c | ||
| afalgtest.c | ||
| asn1_encode_test.c | ||
| asn1_internal_test.c | ||
| asn1_string_table_test.c | ||
| asn1_time_test.c | ||
| asynciotest.c | ||
| asynctest.c | ||
| bad_dtls_test.c | ||
| bftest.c | ||
| bio_enc_test.c | ||
| bioprinttest.c | ||
| bntest.c | ||
| bntests.pl | ||
| build.info | ||
| casttest.c | ||
| chacha_internal_test.c | ||
| cipher_overhead_test.c | ||
| cipherbytes_test.c | ||
| cipherlist_test.c | ||
| ciphername_test.c | ||
| clienthellotest.c | ||
| cms-examples.pl | ||
| constant_time_test.c | ||
| crltest.c | ||
| ct_test.c | ||
| ctype_internal_test.c | ||
| curve448_internal_test.c | ||
| d2i_test.c | ||
| danetest.c | ||
| danetest.in | ||
| danetest.pem | ||
| destest.c | ||
| dhtest.c | ||
| drbgtest.c | ||
| drbgtest.h | ||
| dsatest.c | ||
| dtls_mtu_test.c | ||
| dtlstest.c | ||
| dtlsv1listentest.c | ||
| ecdsatest.c | ||
| ecstresstest.c | ||
| ectest.c | ||
| enginetest.c | ||
| evp_extra_test.c | ||
| evp_test.c | ||
| evp_test.h | ||
| exdatatest.c | ||
| exptest.c | ||
| fatalerrtest.c | ||
| generate_buildtest.pl | ||
| generate_ssl_tests.pl | ||
| gmdifftest.c | ||
| handshake_helper.c | ||
| handshake_helper.h | ||
| hmactest.c | ||
| ideatest.c | ||
| igetest.c | ||
| lhash_test.c | ||
| md2test.c | ||
| mdc2_internal_test.c | ||
| mdc2test.c | ||
| memleaktest.c | ||
| modes_internal_test.c | ||
| ocspapitest.c | ||
| packettest.c | ||
| pbelutest.c | ||
| pemtest.c | ||
| pkcs7-1.pem | ||
| pkcs7.pem | ||
| pkey_meth_kdf_test.c | ||
| pkey_meth_test.c | ||
| pkits-test.pl | ||
| poly1305_internal_test.c | ||
| rc2test.c | ||
| rc4test.c | ||
| rc5test.c | ||
| recordlentest.c | ||
| rsa_mp_test.c | ||
| rsa_test.c | ||
| run_tests.pl | ||
| sanitytest.c | ||
| secmemtest.c | ||
| serverinfo.pem | ||
| serverinfo2.pem | ||
| servername_test.c | ||
| session.pem | ||
| shibboleth.pfx | ||
| shlibloadtest.c | ||
| siphash_internal_test.c | ||
| sm4_internal_test.c | ||
| smcont.txt | ||
| srptest.c | ||
| ssl_cert_table_internal_test.c | ||
| ssl_test.c | ||
| ssl_test.tmpl | ||
| ssl_test_ctx.c | ||
| ssl_test_ctx.h | ||
| ssl_test_ctx_test.c | ||
| ssl_test_ctx_test.conf | ||
| sslapitest.c | ||
| sslbuffertest.c | ||
| sslcorrupttest.c | ||
| ssltest_old.c | ||
| ssltestlib.c | ||
| ssltestlib.h | ||
| stack_test.c | ||
| test.cnf | ||
| test_test.c | ||
| testcrl.pem | ||
| testdsa.pem | ||
| testdsapub.pem | ||
| testec-p256.pem | ||
| testecpub-p256.pem | ||
| testp7.pem | ||
| testreq2.pem | ||
| testrsa.pem | ||
| testrsapub.pem | ||
| testsid.pem | ||
| testutil.h | ||
| testx509.pem | ||
| threadstest.c | ||
| time_offset_test.c | ||
| tls13ccstest.c | ||
| tls13encryptiontest.c | ||
| tls13secretstest.c | ||
| uitest.c | ||
| v3-cert1.pem | ||
| v3-cert2.pem | ||
| v3ext.c | ||
| v3nametest.c | ||
| verify_extra_test.c | ||
| wpackettest.c | ||
| x509_check_cert_pkey_test.c | ||
| x509_dup_cert_test.c | ||
| x509_internal_test.c | ||
| x509_time_test.c | ||
| x509aux.c | ||
README
How to add recipes
==================
For any test that you want to perform, you write a script located in
test/recipes/, named {nn}-test_{name}.t, where {nn} is a two digit number and
{name} is a unique name of your choice.
Please note that if a test involves a new testing executable, you will need to
do some additions in test/Makefile. More on this later.
Naming conventions
=================
A test executable is named test/{name}test.c
A test recipe is named test/recipes/{nn}-test_{name}.t, where {nn} is a two
digit number and {name} is a unique name of your choice.
The number {nn} is (somewhat loosely) grouped as follows:
00-04 sanity, internal and essential API tests
05-09 individual symmetric cipher algorithms
10-14 math (bignum)
15-19 individual asymmetric cipher algorithms
20-24 openssl commands (some otherwise not tested)
25-29 certificate forms, generation and verification
30-35 engine and evp
60-79 APIs
70 PACKET layer
80-89 "larger" protocols (CA, CMS, OCSP, SSL, TSA)
90-98 misc
99 most time consuming tests [such as test_fuzz]
A recipe that just runs a test executable
=========================================
A script that just runs a program looks like this:
#! /usr/bin/perl
use OpenSSL::Test::Simple;
simple_test("test_{name}", "{name}test", "{name}");
{name} is the unique name you have chosen for your test.
The second argument to `simple_test' is the test executable, and `simple_test'
expects it to be located in test/
For documentation on OpenSSL::Test::Simple, do
`perldoc util/perl/OpenSSL/Test/Simple.pm'.
A recipe that runs a more complex test
======================================
For more complex tests, you will need to read up on Test::More and
OpenSSL::Test. Test::More is normally preinstalled, do `man Test::More' for
documentation. For OpenSSL::Test, do `perldoc util/perl/OpenSSL/Test.pm'.
A script to start from could be this:
#! /usr/bin/perl
use strict;
use warnings;
use OpenSSL::Test;
setup("test_{name}");
plan tests => 2; # The number of tests being performed
ok(test1, "test1");
ok(test2, "test1");
sub test1
{
# test feature 1
}
sub test2
{
# test feature 2
}
Changes to test/build.info
==========================
Whenever a new test involves a new test executable you need to do the
following (at all times, replace {NAME} and {name} with the name of your
test):
* add {name} to the list of programs under PROGRAMS_NO_INST
* create a three line description of how to build the test, you will have
to modify the include paths and source files if you don't want to use the
basic test framework:
SOURCE[{name}]={name}.c
INCLUDE[{name}]=.. ../include
DEPEND[{name}]=../libcrypto libtestutil.a
Generic form of C test executables
==================================
#include "testutil.h"
static int my_test(void)
{
int testresult = 0; /* Assume the test will fail */
int observed;
observed = function(); /* Call the code under test */
if (!TEST_int_equal(observed, 2)) /* Check the result is correct */
goto end; /* Exit on failure - optional */
testresult = 1; /* Mark the test case a success */
end:
cleanup(); /* Any cleanup you require */
return testresult;
}
int setup_tests(void)
{
ADD_TEST(my_test); /* Add each test separately */
return 1; /* Indicate success */
}
You should use the TEST_xxx macros provided by testutil.h to test all failure
conditions. These macros produce an error message in a standard format if the
condition is not met (and nothing if the condition is met). Additional
information can be presented with the TEST_info macro that takes a printf
format string and arguments. TEST_error is useful for complicated conditions,
it also takes a printf format string and argument. In all cases the TEST_xxx
macros are guaranteed to evaluate their arguments exactly once. This means
that expressions with side effects are allowed as parameters. Thus,
if (!TEST_ptr(ptr = OPENSSL_malloc(..)))
works fine and can be used in place of:
ptr = OPENSSL_malloc(..);
if (!TEST_ptr(ptr))
The former produces a more meaningful message on failure than the latter.