From 2fcf04f46869cbe3e3bdb601a83659705206b345 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 14 Jun 2019 18:23:03 +0200 Subject: [PATCH 01/18] Run demo scripts and check that they work run_demos.py is the frontend to a framework for smoke-testing the sample programs. It runs scripts called programs/*/*_demo.sh ("demo scripts") and check that they succeed. A typical demo script runs one sample program or a combination of sample programs to demonstrate their usage. Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 41 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100755 tests/scripts/run_demos.py diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py new file mode 100755 index 000000000..3d4b1e0c6 --- /dev/null +++ b/tests/scripts/run_demos.py @@ -0,0 +1,41 @@ +#!/usr/bin/env python3 +"""Run the Mbed TLS demo scripts. +""" +import glob +import subprocess +import sys + +def run_demo(demo): + """Run the specified demo script. Return True if it succeeds.""" + returncode = subprocess.call([demo]) + return returncode == 0 + +def run_demos(demos): + """Run the specified demos and print summary information about failures. + + Return True if all demos passed and False if a demo fails. + """ + failures = [] + for demo in demos: + print('#### {} ####'.format(demo)) + if not run_demo(demo): + failures.append(demo) + print('{}: FAIL'.format(demo)) + print('') + successes = len(demos) - len(failures) + print('{}/{} demos passed'.format(successes, len(demos))) + if failures: + print('Failures:', *failures) + return not failures + +def run_all_demos(): + """Run all the available demos. + + Return True if all demos passed and False if a demo fails. + """ + all_demos = glob.glob('programs/*/*_demo.sh') + return run_demos(all_demos) + +if __name__ == '__main__': + if not run_all_demos(): + sys.exit(1) From d1b5f6f6099f097a4464751c4d38b09ebfdb36cd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 Apr 2020 17:33:36 +0200 Subject: [PATCH 02/18] Move common code of demo scripts into a library The new file programs/demo_common.sh contains initialization code, utility functions and cleanup code meant to be used by all demo scripts written in sh. Initial features: * msg: Display a message. * run, run_bad: Run a command, visibly. * $root_dir, $programs_dir: location of the mbedtls source tree. * $files_to_clean: files that are cleaned up on exit. Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 89 +++++++++++++++++++++++++++++++++ programs/psa/key_ladder_demo.sh | 40 ++++----------- 2 files changed, 98 insertions(+), 31 deletions(-) create mode 100644 programs/demo_common.sh diff --git a/programs/demo_common.sh b/programs/demo_common.sh new file mode 100644 index 000000000..91b33b9e8 --- /dev/null +++ b/programs/demo_common.sh @@ -0,0 +1,89 @@ +## Common shell functions used by demo scripts programs/*/*.sh. + +## How to write a demo script +## ========================== +## +## Include this file near the top of each demo script: +## . "${0%/*}/../demo_common.sh" +## +## As the last thing in the script, call the cleanup function. +## +## You can use the functions and variables described below. + +set -e -u + +## $root_dir is the root directory of the Mbed TLS source tree. +root_dir="${0%/*}" +n=4 # limit the search depth +while ! [ -d "$root_dir/programs" ] || ! [ -d "$root_dir/library" ]; do + if [ $n -eq 0 ]; then + echo >&2 "This doesn't seem to be an Mbed TLS source tree." + exit 125 + fi + n=$((n - 1)) + case $root_dir in + .) root_dir="..";; + ..|?*/..) root_dir="$root_dir/..";; + ?*/*) root_dir="${root_dir%/*}";; + /*) root_dir="/";; + *) root_dir=".";; + esac +done + +## $programs_dir is the directory containing the sample programs. +programs_dir="$root_dir/programs" + +## msg LINE... +## msg Date: Thu, 23 Apr 2020 17:50:26 +0200 Subject: [PATCH 03/18] Demo scripts: create a seedfile if the configuration requires it Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index 91b33b9e8..fcd075285 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -71,6 +71,14 @@ run_bad () { not "$@" } +## config_has SYMBOL... +## Succeeds if the library configuration has all SYMBOLs set. +config_has () { + for x in "$@"; do + "$programs_dir/test/query_compile_time_config" "$x" + done +} + ## Add the names of files to clean up to this whitespace-separated variable. ## The file names must not contain whitespace characters. files_to_clean= @@ -87,3 +95,11 @@ cleanup () { trap 'cleanup; trap - HUP; kill -HUP $$' HUP trap 'cleanup; trap - INT; kill -INT $$' INT trap 'cleanup; trap - TERM; kill -TERM $$' TERM + +if config_has MBEDTLS_ENTROPY_NV_SEED; then + # Create a seedfile that's sufficiently long in all library configurations. + # This is necessary for programs that use randomness. + # Assume that the name of the seedfile is the default name. + files_to_clean="$files_to_clean seedfile" + dd if=/dev/urandom of=seedfile ibs=64 obs=64 count=1 +fi From b2bcdc1c1746e8beb8d2ff23c54f15bffa9fd450 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 Apr 2020 18:50:37 +0200 Subject: [PATCH 04/18] Let demo scripts declare their dependencies Demo scripts should declare their build-time dependencies, to make them more user-friendly. If a dependency is not met, users should see an explicit message rather than an incomprehensible error. Don't rely on the dependencies of individual programs because some demo scripts use multiple programs and because some scripts might have additional requirements. Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index fcd075285..78763b82e 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -6,6 +6,10 @@ ## Include this file near the top of each demo script: ## . "${0%/*}/../demo_common.sh" ## +## Start with a "msg" call that explains the purpose of the script. +## Then call the "depends_on" function to ensure that all config +## dependencies are met. +## ## As the last thing in the script, call the cleanup function. ## ## You can use the functions and variables described below. @@ -79,6 +83,20 @@ config_has () { done } +## depends_on SYMBOL... +## Exit if the library configuration does not have all SYMBOLs set. +depends_on () { + if ! config_has "$@"; then + cat >&2 < Date: Wed, 22 Apr 2020 21:45:49 +0200 Subject: [PATCH 05/18] Declare the dependencies of key_ladder_demo.sh Signed-off-by: Gilles Peskine --- programs/psa/key_ladder_demo.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/programs/psa/key_ladder_demo.sh b/programs/psa/key_ladder_demo.sh index 0186183f9..dbe925b51 100755 --- a/programs/psa/key_ladder_demo.sh +++ b/programs/psa/key_ladder_demo.sh @@ -23,6 +23,8 @@ create a master key, derive a key from it and use that key to wrap the derived key using an AEAD algorithm. EOF +depends_on MBEDTLS_SHA256_C MBEDTLS_MD_C MBEDTLS_AES_C MBEDTLS_CCM_C MBEDTLS_PSA_CRYPTO_C MBEDTLS_FS_IO + program="${0%/*}"/key_ladder_demo if [ -e master.key ]; then From 82b2727e51d919e5ff742661d862aca64ddfeeba Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 14 Jun 2019 18:27:03 +0200 Subject: [PATCH 06/18] Run demo scripts in some builds Run the sample program demo scripts in builds with a configuration that is at least as complete as the default configuration. Do not run sample programs in all configurations since they are expected to fail if a required feature is missing. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index e3db6fdbd..747a2c80b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1003,6 +1003,9 @@ component_test_default_out_of_box () { msg "selftest: make, default config (out-of-box)" # ~10s programs/test/selftest + + msg "program demos: make, default config (out-of-box)" # ~10s + tests/scripts/run_demos.py } component_test_default_cmake_gcc_asan () { @@ -1013,6 +1016,9 @@ component_test_default_cmake_gcc_asan () { msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s make test + msg "program demos (ASan build)" # ~10s + tests/scripts/run_demos.py + msg "test: selftest (ASan build)" # ~ 10s programs/test/selftest @@ -1858,6 +1864,9 @@ component_test_full_cmake_clang () { msg "test: cpp_dummy_build (full config, clang)" # ~ 1s programs/test/cpp_dummy_build + msg "program demos (full config, clang)" # ~10s + tests/scripts/run_demos.py + msg "test: psa_constant_names (full config, clang)" # ~ 1s tests/scripts/test_psa_constant_names.py @@ -2021,6 +2030,9 @@ component_test_full_deprecated_warning () { msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s make test + + msg "program demos: full config + MBEDTLS_TEST_DEPRECATED" # ~10s + tests/scripts/run_demos.py } # Check that the specified libraries exist and are empty. @@ -4606,6 +4618,9 @@ component_test_memsan () { msg "test: main suites (MSan)" # ~ 10s make test + msg "program demos (MSan)" # ~20s + tests/scripts/run_demos.py + msg "test: ssl-opt.sh (MSan)" # ~ 1 min tests/ssl-opt.sh From c142620724ace3c56f8096956482be13f27a83ad Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:29:12 +0200 Subject: [PATCH 07/18] cleanup is part of the external interface Since there's no EXIT trap in plain sh, the main script must call it explicitly when it exits. Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index 78763b82e..ef2acfcc0 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -101,15 +101,18 @@ EOF ## The file names must not contain whitespace characters. files_to_clean= +## Call this function at the end of each script. +## It is called automatically if the script is killed by a signal. +cleanup () { + rm -f -- $files_to_clean +} + ################################################################ ## End of the public interfaces. Code beyond this point is not ## meant to be called directly from a demo script. -cleanup () { - rm -f -- $files_to_clean -} trap 'cleanup; trap - HUP; kill -HUP $$' HUP trap 'cleanup; trap - INT; kill -INT $$' INT trap 'cleanup; trap - TERM; kill -TERM $$' TERM From fc09d27a92a0d8d7205577299bfab91e2c12ff4a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:29:57 +0200 Subject: [PATCH 08/18] Print only missing dependencies Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index ef2acfcc0..ff3f0408c 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -86,11 +86,17 @@ config_has () { ## depends_on SYMBOL... ## Exit if the library configuration does not have all SYMBOLs set. depends_on () { - if ! config_has "$@"; then + m= + for x in "$@"; do + if ! config_has "$x"; then + m="$m $x" + fi + done + if [ -n "$m" ]; then cat >&2 < Date: Sun, 26 Apr 2020 22:31:35 +0200 Subject: [PATCH 09/18] Explain why $root_dir needs a complicated calculation Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index ff3f0408c..d8fcda554 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -18,6 +18,10 @@ set -e -u ## $root_dir is the root directory of the Mbed TLS source tree. root_dir="${0%/*}" +# Find a nice path to the root directory, avoiding unnecessary "../". +# The code supports demo scripts nested up to 4 levels deep. +# The code works no matter where the demo script is relative to the current +# directory, even if it is called with a relative path. n=4 # limit the search depth while ! [ -d "$root_dir/programs" ] || ! [ -d "$root_dir/library" ]; do if [ $n -eq 0 ]; then @@ -35,6 +39,7 @@ while ! [ -d "$root_dir/programs" ] || ! [ -d "$root_dir/library" ]; do done ## $programs_dir is the directory containing the sample programs. +# Assume an in-tree build. programs_dir="$root_dir/programs" ## msg LINE... From 198d87ad527c494d31840c878840097966c5486c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:33:48 +0200 Subject: [PATCH 10/18] Minor readability improvements Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index 3d4b1e0c6..c8e399665 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -18,7 +18,8 @@ def run_demos(demos): failures = [] for demo in demos: print('#### {} ####'.format(demo)) - if not run_demo(demo): + success = run_demo(demo) + if not success: failures.append(demo) print('{}: FAIL'.format(demo)) print('') @@ -36,6 +37,9 @@ def run_all_demos(): all_demos = glob.glob('programs/*/*_demo.sh') return run_demos(all_demos) +def main(): + success = run_all_demos() + sys.exit(0 if success else 1) + if __name__ == '__main__': - if not run_all_demos(): - sys.exit(1) + main() From 086f85f0556f0f9644382e60a4e83e090e0c7a75 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:43:05 +0200 Subject: [PATCH 11/18] Fix some mistakes in descriptive messages Signed-off-by: Gilles Peskine --- programs/psa/key_ladder_demo.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/programs/psa/key_ladder_demo.sh b/programs/psa/key_ladder_demo.sh index dbe925b51..bb4a24f75 100755 --- a/programs/psa/key_ladder_demo.sh +++ b/programs/psa/key_ladder_demo.sh @@ -19,8 +19,8 @@ msg <<'EOF' This script demonstrates the use of the PSA cryptography interface to -create a master key, derive a key from it and use that key to wrap -the derived key using an AEAD algorithm. +create a master key, derive a key from it and use that derived key to +wrap some data using an AEAD algorithm. EOF depends_on MBEDTLS_SHA256_C MBEDTLS_MD_C MBEDTLS_AES_C MBEDTLS_CCM_C MBEDTLS_PSA_CRYPTO_C MBEDTLS_FS_IO @@ -49,7 +49,7 @@ run "Compare the unwrapped data with the original input." \ cmp input.txt hello_world.txt files_to_clean="$files_to_clean hellow_orld.txt" -run_bad "Derive a different key and attempt to unwrap the data. This must fail." \ +run_bad "Derive a different key and attempt to unwrap the data." \ "$program" unwrap master=master.key input=hello_world.wrap output=hellow_orld.txt label=hellow label=orld files_to_clean="$files_to_clean hello.key" From 9fdc657cbf33dfb24f77c86e31a0af15b2d7a94e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:51:05 +0200 Subject: [PATCH 12/18] Add --quiet option to suppress demos' output Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 33 +++++++++++++++++++++++---------- 1 file changed, 23 insertions(+), 10 deletions(-) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index c8e399665..fcf13cd8e 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -1,44 +1,57 @@ #!/usr/bin/env python3 """Run the Mbed TLS demo scripts. """ +import argparse import glob import subprocess import sys -def run_demo(demo): +def run_demo(demo, quiet=False): """Run the specified demo script. Return True if it succeeds.""" - returncode = subprocess.call([demo]) + args = {} + if quiet: + args['stdout'] = subprocess.DEVNULL + args['stderr'] = subprocess.DEVNULL + returncode = subprocess.call([demo], **args) return returncode == 0 -def run_demos(demos): +def run_demos(demos, quiet=False): """Run the specified demos and print summary information about failures. Return True if all demos passed and False if a demo fails. """ failures = [] for demo in demos: - print('#### {} ####'.format(demo)) - success = run_demo(demo) + if not quiet: + print('#### {} ####'.format(demo)) + success = run_demo(demo, quiet=quiet) if not success: failures.append(demo) - print('{}: FAIL'.format(demo)) - print('') + if not quiet: + print('{}: FAIL'.format(demo)) + if not quiet: + print('') successes = len(demos) - len(failures) print('{}/{} demos passed'.format(successes, len(demos))) if failures: print('Failures:', *failures) return not failures -def run_all_demos(): +def run_all_demos(quiet=False): """Run all the available demos. Return True if all demos passed and False if a demo fails. """ all_demos = glob.glob('programs/*/*_demo.sh') - return run_demos(all_demos) + return run_demos(all_demos, quiet=quiet) def main(): - success = run_all_demos() + parser = argparse.ArgumentParser(description=__doc__) + parser.add_argument('--quiet', '-q', + action='store_true', + help="suppress the output of demos") + options = parser.parse_args() + success = run_all_demos(quiet=options.quiet) sys.exit(0 if success else 1) if __name__ == '__main__': From 1b01559fea0dcac3f133120a4def3803b278afe7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 Apr 2020 10:39:20 +0200 Subject: [PATCH 13/18] Error out if run from the wrong directory Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index fcf13cd8e..6d86a9bf2 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -43,6 +43,8 @@ def run_all_demos(quiet=False): Return True if all demos passed and False if a demo fails. """ all_demos = glob.glob('programs/*/*_demo.sh') + if not all_demos: + raise Exception('No demos found. run_demos needs to operate from the Mbed TLS toplevel directory.') return run_demos(all_demos, quiet=quiet) def main(): From 2f8c545d3dfb63b7f99754abac913245fb17a4a8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 Apr 2020 11:00:59 +0200 Subject: [PATCH 14/18] Make --quiet a little less quiet Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index 6d86a9bf2..6c6142c14 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -29,11 +29,13 @@ def run_demos(demos, quiet=False): failures.append(demo) if not quiet: print('{}: FAIL'.format(demo)) - if not quiet: + if quiet: + print('{}: {}'.format(demo, 'PASS' if success else 'FAIL')) + else: print('') successes = len(demos) - len(failures) print('{}/{} demos passed'.format(successes, len(demos))) - if failures: + if failures and not quiet: print('Failures:', *failures) return not failures From 63c3534981dff55c6f4f8831f82dc7639d2daa1b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 Apr 2020 14:34:38 +0200 Subject: [PATCH 15/18] Pacify Pylint Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index 6c6142c14..6a63d232f 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -46,6 +46,7 @@ def run_all_demos(quiet=False): """ all_demos = glob.glob('programs/*/*_demo.sh') if not all_demos: + # Keep the message on one line. pylint: disable=line-too-long raise Exception('No demos found. run_demos needs to operate from the Mbed TLS toplevel directory.') return run_demos(all_demos, quiet=quiet) From c25ae6f48c41362073ed31368ccc667971ed13b8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Jul 2023 19:53:04 +0200 Subject: [PATCH 16/18] Use demo_common.sh in dlopen test script Signed-off-by: Gilles Peskine --- programs/test/dlopen_demo.sh | 33 ++++++--------------------------- 1 file changed, 6 insertions(+), 27 deletions(-) diff --git a/programs/test/dlopen_demo.sh b/programs/test/dlopen_demo.sh index a6a9022fc..4c5384c0c 100755 --- a/programs/test/dlopen_demo.sh +++ b/programs/test/dlopen_demo.sh @@ -18,33 +18,12 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -e -u +. "${0%/*}/../demo_common.sh" -program_name="dlopen" -program_dir="${0%/*}" -program="$program_dir/$program_name" +msg "Test the dynamic loading of libmbed*" -if [ ! -e "$program" ]; then - # Look for programs in the current directory and the directories above it - for dir in "." ".." "../.."; do - program_dir="$dir/programs/test" - program="$program_dir/$program_name" - if [ -e "$program" ]; then - break - fi - done - if [ ! -e "$program" ]; then - echo "Could not find $program_name program" - - echo "Make sure that Mbed TLS is built as a shared library." \ - "If building out-of-tree, this script must be run" \ - "from the project build directory." - exit 1 - fi -fi - -top_dir="$program_dir/../.." -library_dir="$top_dir/library" +program="$programs_dir/test/dlopen" +library_dir="$root_dir/library" # ELF-based Unix-like (Linux, *BSD, Solaris, ...) if [ -n "${LD_LIBRARY_PATH-}" ]; then @@ -62,6 +41,6 @@ else fi export DYLD_LIBRARY_PATH -echo "Running dynamic loading test program: $program" -echo "Loading libraries from: $library_dir" +msg "Running dynamic loading test program: $program" +msg "Loading libraries from: $library_dir" "$program" From f5d2d1c7cdc3c62339dc42b7e4d1ef7437826a4e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Jul 2023 20:13:53 +0200 Subject: [PATCH 17/18] Skip dlopen demo in static builds Signed-off-by: Gilles Peskine --- programs/test/dlopen_demo.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/programs/test/dlopen_demo.sh b/programs/test/dlopen_demo.sh index 4c5384c0c..b162d7b5f 100755 --- a/programs/test/dlopen_demo.sh +++ b/programs/test/dlopen_demo.sh @@ -25,6 +25,14 @@ msg "Test the dynamic loading of libmbed*" program="$programs_dir/test/dlopen" library_dir="$root_dir/library" +# Skip this test if we don't have a shared library build. Detect this +# through the absence of the demo program. +if [ ! -e "$program" ]; then + msg "$0: this demo requires a shared library build." + # Exit with a success status so that this counts as a pass for run_demos.py. + exit +fi + # ELF-based Unix-like (Linux, *BSD, Solaris, ...) if [ -n "${LD_LIBRARY_PATH-}" ]; then LD_LIBRARY_PATH="$library_dir:$LD_LIBRARY_PATH" From f1517e690ae5745cdd091e6b34fa49a08f32daca Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Jul 2023 20:59:14 +0200 Subject: [PATCH 18/18] PermissionIssueTracker is obsoleted by ShebangIssueTracker ShebangIssueTracker implements the rule that scripts must be executable if and only if they have a shebang line. By removing PermissionIssueTracker, we now allow files with any extension to be executable (provided they have a shebang line), and allow *.sh and *.pl to be non-executable modules if they don't have a shebang line (as was already the case for *.py). Signed-off-by: Gilles Peskine --- tests/scripts/check_files.py | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index 352b55eaa..238a83fab 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -162,24 +162,6 @@ def is_windows_file(filepath): return ext in ('.bat', '.dsp', '.dsw', '.sln', '.vcxproj') -class PermissionIssueTracker(FileIssueTracker): - """Track files with bad permissions. - - Files that are not executable scripts must not be executable.""" - - heading = "Incorrect permissions:" - - # .py files can be either full scripts or modules, so they may or may - # not be executable. - suffix_exemptions = frozenset({".py"}) - - def check_file_for_issue(self, filepath): - is_executable = os.access(filepath, os.X_OK) - should_be_executable = filepath.endswith((".sh", ".pl")) - if is_executable != should_be_executable: - self.files_with_issues[filepath] = None - - class ShebangIssueTracker(FileIssueTracker): """Track files with a bad, missing or extraneous shebang line. @@ -386,7 +368,6 @@ class IntegrityChecker: self.logger = None self.setup_logger(log_file) self.issues_to_check = [ - PermissionIssueTracker(), ShebangIssueTracker(), EndOfFileNewlineIssueTracker(), Utf8BomIssueTracker(),