upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-15 23:22:35 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
bind9/Makefile.tests

24 lines
475 B
Makefile
Raw Normal View History

Complete rewrite the BIND 9 build system The rewrite of BIND 9 build system is a large work and cannot be reasonable split into separate merge requests. Addition of the automake has a positive effect on the readability and maintainability of the build system as it is more declarative, it allows conditional and we are able to drop all of the custom make code that BIND 9 developed over the years to overcome the deficiencies of autoconf + custom Makefile.in files. This squashed commit contains following changes: - conversion (or rather fresh rewrite) of all Makefile.in files to Makefile.am by using automake - the libtool is now properly integrated with automake (the way we used it was rather hackish as the only official way how to use libtool is via automake - the dynamic module loading was rewritten from a custom patchwork to libtool's libltdl (which includes the patchwork to support module loading on different systems internally) - conversion of the unit test executor from kyua to automake parallel driver - conversion of the system test executor from custom make/shell to automake parallel driver - The GSSAPI has been refactored, the custom SPNEGO on the basis that all major KRB5/GSSAPI (mit-krb5, heimdal and Windows) implementations support SPNEGO mechanism. - The various defunct tests from bin/tests have been removed: bin/tests/optional and bin/tests/pkcs11 - The text files generated from the MD files have been removed, the MarkDown has been designed to be readable by both humans and computers - The xsl header is now generated by a simple sed command instead of perl helper - The <irs/platform.h> header has been removed - cleanups of configure.ac script to make it more simpler, addition of multiple macros (there's still work to be done though) - the tarball can now be prepared with `make dist` - the system tests are partially able to run in oot build Here's a list of unfinished work that needs to be completed in subsequent merge requests: - `make distcheck` doesn't yet work (because of system tests oot run is not yet finished) - documentation is not yet built, there's a different merge request with docbook to sphinx-build rst conversion that needs to be rebased and adapted on top of the automake - msvc build is non functional yet and we need to decide whether we will just cross-compile bind9 using mingw-w64 or fix the msvc build - contributed dlz modules are not included neither in the autoconf nor automake
2018-08-07 10:46:53 -04:00
# Hey Emacs, this is -*- makefile-automake -*- file!
# vim: filetype=automake
Move the include Makefile.tests to the bottom of Makefile.am(s) The Makefile.tests was modifying global AM_CFLAGS and LDADD and could accidentally pull /usr/include to be listed before the internal libraries, which is known to cause problems if the headers from the previous version of BIND 9 has been installed on the build machine.
2021-04-21 08:22:18 -04:00
unit-local: check
Move all the unit tests to /tests/<libname>/ The unit tests are now using a common base, which means that lib/dns/tests/ code now has to include lib/isc/include/isc/test.h and link with lib/isc/test.c and lib/ns/tests has to include both libisc and libdns parts. Instead of cross-linking code between the directories, move the /lib/<foo>/test.c to /tests/<foo>.c and /lib/<foo>/include/<foo>test.h to /tests/include/tests/<foo>.h and create a single libtest.la convenience library in /tests/. At the same time, move the /lib/<foo>/tests/ to /tests/<foo>/ (but keep it symlinked to the old location) and adjust paths accordingly. In few places, we are now using absolute paths instead of relative paths, because the directory level has changed. By moving the directories under the /tests/ directory, the test-related code is kept in a single place and we can avoid referencing files between libns->libdns->libisc which is unhealthy because they live in a separate Makefile-space. In the future, the /bin/tests/ should be merged to /tests/ and symlink kept, and the /fuzz/ directory moved to /tests/fuzz/. (cherry picked from commit 2c3b2dabe9a6b3c4a10f6498a1169f39ed031eed)
2022-05-03 05:37:31 -04:00
if HAVE_CMOCKA
Move the include Makefile.tests to the bottom of Makefile.am(s) The Makefile.tests was modifying global AM_CFLAGS and LDADD and could accidentally pull /usr/include to be listed before the internal libraries, which is known to cause problems if the headers from the previous version of BIND 9 has been installed on the build machine.
2021-04-21 08:22:18 -04:00
TESTS = $(check_PROGRAMS)
Move all the unit tests to /tests/<libname>/ The unit tests are now using a common base, which means that lib/dns/tests/ code now has to include lib/isc/include/isc/test.h and link with lib/isc/test.c and lib/ns/tests has to include both libisc and libdns parts. Instead of cross-linking code between the directories, move the /lib/<foo>/test.c to /tests/<foo>.c and /lib/<foo>/include/<foo>test.h to /tests/include/tests/<foo>.h and create a single libtest.la convenience library in /tests/. At the same time, move the /lib/<foo>/tests/ to /tests/<foo>/ (but keep it symlinked to the old location) and adjust paths accordingly. In few places, we are now using absolute paths instead of relative paths, because the directory level has changed. By moving the directories under the /tests/ directory, the test-related code is kept in a single place and we can avoid referencing files between libns->libdns->libisc which is unhealthy because they live in a separate Makefile-space. In the future, the /bin/tests/ should be merged to /tests/ and symlink kept, and the /fuzz/ directory moved to /tests/fuzz/. (cherry picked from commit 2c3b2dabe9a6b3c4a10f6498a1169f39ed031eed)
2022-05-03 05:37:31 -04:00
endif HAVE_CMOCKA
Move the include Makefile.tests to the bottom of Makefile.am(s) The Makefile.tests was modifying global AM_CFLAGS and LDADD and could accidentally pull /usr/include to be listed before the internal libraries, which is known to cause problems if the headers from the previous version of BIND 9 has been installed on the build machine.
2021-04-21 08:22:18 -04:00
Move all the unit tests to /tests/<libname>/ The unit tests are now using a common base, which means that lib/dns/tests/ code now has to include lib/isc/include/isc/test.h and link with lib/isc/test.c and lib/ns/tests has to include both libisc and libdns parts. Instead of cross-linking code between the directories, move the /lib/<foo>/test.c to /tests/<foo>.c and /lib/<foo>/include/<foo>test.h to /tests/include/tests/<foo>.h and create a single libtest.la convenience library in /tests/. At the same time, move the /lib/<foo>/tests/ to /tests/<foo>/ (but keep it symlinked to the old location) and adjust paths accordingly. In few places, we are now using absolute paths instead of relative paths, because the directory level has changed. By moving the directories under the /tests/ directory, the test-related code is kept in a single place and we can avoid referencing files between libns->libdns->libisc which is unhealthy because they live in a separate Makefile-space. In the future, the /bin/tests/ should be merged to /tests/ and symlink kept, and the /fuzz/ directory moved to /tests/fuzz/. (cherry picked from commit 2c3b2dabe9a6b3c4a10f6498a1169f39ed031eed)
2022-05-03 05:37:31 -04:00
LOG_COMPILER = $(top_builddir)/tests/unit-test-driver.sh
Move the include Makefile.tests to the bottom of Makefile.am(s) The Makefile.tests was modifying global AM_CFLAGS and LDADD and could accidentally pull /usr/include to be listed before the internal libraries, which is known to cause problems if the headers from the previous version of BIND 9 has been installed on the build machine.
2021-04-21 08:22:18 -04:00
Avoid using C99 variable length arrays From an attacker's point of view, a VLA declaration is essentially a primitive for performing arbitrary arithmetic on the stack pointer. If the attacker can control the size of a VLA they have a very powerful tool for causing memory corruption. To mitigate this kind of attack, and the more general class of stack clash vulnerabilities, C compilers insert extra code when allocating a VLA to probe the growing stack one page at a time. If these probes hit the stack guard page, the program will crash. From the point of view of a C programmer, there are a few things to consider about VLAs: * If it is important to handle allocation failures in a controlled manner, don't use VLAs. You can use VLAs if it is OK for unreasonable inputs to cause an uncontrolled crash. * If the VLA is known to be smaller than some known fixed size, use a fixed size array and a run-time check to ensure it is large enough. This will be more efficient than the compiler's stack probes that need to cope with arbitrary-size VLAs. * If the VLA might be large, allocate it on the heap. The heap allocator can allocate multiple pages in one shot, whereas the stack clash probes work one page at a time. Most of the existing uses of VLAs in BIND are in test code where they are benign, but there was one instance in `named`, in the GSS-TSIG verification code, which has now been removed. This commit adjusts the style guide and the C compiler flags to allow VLAs in test code but not elsewhere. (cherry picked from commit 599c1d2a6b4539bb1f70f5b8a7321311b4bcb60a)
2022-03-18 10:50:36 -04:00
AM_CFLAGS += \
Move all the unit tests to /tests/<libname>/ The unit tests are now using a common base, which means that lib/dns/tests/ code now has to include lib/isc/include/isc/test.h and link with lib/isc/test.c and lib/ns/tests has to include both libisc and libdns parts. Instead of cross-linking code between the directories, move the /lib/<foo>/test.c to /tests/<foo>.c and /lib/<foo>/include/<foo>test.h to /tests/include/tests/<foo>.h and create a single libtest.la convenience library in /tests/. At the same time, move the /lib/<foo>/tests/ to /tests/<foo>/ (but keep it symlinked to the old location) and adjust paths accordingly. In few places, we are now using absolute paths instead of relative paths, because the directory level has changed. By moving the directories under the /tests/ directory, the test-related code is kept in a single place and we can avoid referencing files between libns->libdns->libisc which is unhealthy because they live in a separate Makefile-space. In the future, the /bin/tests/ should be merged to /tests/ and symlink kept, and the /fuzz/ directory moved to /tests/fuzz/. (cherry picked from commit 2c3b2dabe9a6b3c4a10f6498a1169f39ed031eed)
2022-05-03 05:37:31 -04:00
-I$(top_srcdir)/tests/include \
Avoid using C99 variable length arrays From an attacker's point of view, a VLA declaration is essentially a primitive for performing arbitrary arithmetic on the stack pointer. If the attacker can control the size of a VLA they have a very powerful tool for causing memory corruption. To mitigate this kind of attack, and the more general class of stack clash vulnerabilities, C compilers insert extra code when allocating a VLA to probe the growing stack one page at a time. If these probes hit the stack guard page, the program will crash. From the point of view of a C programmer, there are a few things to consider about VLAs: * If it is important to handle allocation failures in a controlled manner, don't use VLAs. You can use VLAs if it is OK for unreasonable inputs to cause an uncontrolled crash. * If the VLA is known to be smaller than some known fixed size, use a fixed size array and a run-time check to ensure it is large enough. This will be more efficient than the compiler's stack probes that need to cope with arbitrary-size VLAs. * If the VLA might be large, allocate it on the heap. The heap allocator can allocate multiple pages in one shot, whereas the stack clash probes work one page at a time. Most of the existing uses of VLAs in BIND are in test code where they are benign, but there was one instance in `named`, in the GSS-TSIG verification code, which has now been removed. This commit adjusts the style guide and the C compiler flags to allow VLAs in test code but not elsewhere. (cherry picked from commit 599c1d2a6b4539bb1f70f5b8a7321311b4bcb60a)
2022-03-18 10:50:36 -04:00
$(TEST_CFLAGS)
Complete rewrite the BIND 9 build system The rewrite of BIND 9 build system is a large work and cannot be reasonable split into separate merge requests. Addition of the automake has a positive effect on the readability and maintainability of the build system as it is more declarative, it allows conditional and we are able to drop all of the custom make code that BIND 9 developed over the years to overcome the deficiencies of autoconf + custom Makefile.in files. This squashed commit contains following changes: - conversion (or rather fresh rewrite) of all Makefile.in files to Makefile.am by using automake - the libtool is now properly integrated with automake (the way we used it was rather hackish as the only official way how to use libtool is via automake - the dynamic module loading was rewritten from a custom patchwork to libtool's libltdl (which includes the patchwork to support module loading on different systems internally) - conversion of the unit test executor from kyua to automake parallel driver - conversion of the system test executor from custom make/shell to automake parallel driver - The GSSAPI has been refactored, the custom SPNEGO on the basis that all major KRB5/GSSAPI (mit-krb5, heimdal and Windows) implementations support SPNEGO mechanism. - The various defunct tests from bin/tests have been removed: bin/tests/optional and bin/tests/pkcs11 - The text files generated from the MD files have been removed, the MarkDown has been designed to be readable by both humans and computers - The xsl header is now generated by a simple sed command instead of perl helper - The <irs/platform.h> header has been removed - cleanups of configure.ac script to make it more simpler, addition of multiple macros (there's still work to be done though) - the tarball can now be prepared with `make dist` - the system tests are partially able to run in oot build Here's a list of unfinished work that needs to be completed in subsequent merge requests: - `make distcheck` doesn't yet work (because of system tests oot run is not yet finished) - documentation is not yet built, there's a different merge request with docbook to sphinx-build rst conversion that needs to be rebased and adapted on top of the automake - msvc build is non functional yet and we need to decide whether we will just cross-compile bind9 using mingw-w64 or fix the msvc build - contributed dlz modules are not included neither in the autoconf nor automake
2018-08-07 10:46:53 -04:00
AM_CPPFLAGS += \
$(CMOCKA_CFLAGS) \
Fix loading plugins using just their filenames BIND 9 plugins are installed using Automake's pkglib_LTLIBRARIES stanza, which causes the relevant shared objects to be placed in the $(libdir)/@PACKAGE@/ directory, where @PACKAGE@ is expanded to the lowercase form of the first argument passed to AC_INIT(), i.e. "bind". Meanwhile, NAMED_PLUGINDIR - the preprocessor macro that the ns_plugin_expandpath() function uses for determining the absolute path to a plugin for which only a filename has been provided (rather than a path) - is set to $(libdir)/named. This discrepancy breaks loading plugins using just their filenames. Fix the issue (and also prevent it from reoccurring) by setting NAMED_PLUGINDIR to $(pkglibdir). (cherry picked from commit 5065c4686e08ad412eb0ff1e65cb8f4e18533439)
2022-04-22 07:27:12 -04:00
-DNAMED_PLUGINDIR=\"$(pkglibdir)\" \
Record skipped unit test as skipped in Automake framework
2021-01-18 13:15:44 -05:00
-DTESTS_DIR=\"$(abs_srcdir)\"
Complete rewrite the BIND 9 build system The rewrite of BIND 9 build system is a large work and cannot be reasonable split into separate merge requests. Addition of the automake has a positive effect on the readability and maintainability of the build system as it is more declarative, it allows conditional and we are able to drop all of the custom make code that BIND 9 developed over the years to overcome the deficiencies of autoconf + custom Makefile.in files. This squashed commit contains following changes: - conversion (or rather fresh rewrite) of all Makefile.in files to Makefile.am by using automake - the libtool is now properly integrated with automake (the way we used it was rather hackish as the only official way how to use libtool is via automake - the dynamic module loading was rewritten from a custom patchwork to libtool's libltdl (which includes the patchwork to support module loading on different systems internally) - conversion of the unit test executor from kyua to automake parallel driver - conversion of the system test executor from custom make/shell to automake parallel driver - The GSSAPI has been refactored, the custom SPNEGO on the basis that all major KRB5/GSSAPI (mit-krb5, heimdal and Windows) implementations support SPNEGO mechanism. - The various defunct tests from bin/tests have been removed: bin/tests/optional and bin/tests/pkcs11 - The text files generated from the MD files have been removed, the MarkDown has been designed to be readable by both humans and computers - The xsl header is now generated by a simple sed command instead of perl helper - The <irs/platform.h> header has been removed - cleanups of configure.ac script to make it more simpler, addition of multiple macros (there's still work to be done though) - the tarball can now be prepared with `make dist` - the system tests are partially able to run in oot build Here's a list of unfinished work that needs to be completed in subsequent merge requests: - `make distcheck` doesn't yet work (because of system tests oot run is not yet finished) - documentation is not yet built, there's a different merge request with docbook to sphinx-build rst conversion that needs to be rebased and adapted on top of the automake - msvc build is non functional yet and we need to decide whether we will just cross-compile bind9 using mingw-w64 or fix the msvc build - contributed dlz modules are not included neither in the autoconf nor automake
2018-08-07 10:46:53 -04:00
Stop the unit tests from running twice Move the libtest code into a 'libtest' subdirectory and make it one of the SUBDIRS in the tests Makefile. having it at the top level required having "." as one of the subdirs, and that caused the unit tests to be executed twice. (cherry picked from commit 568f65cc56370c211454d041c6b13d0d593cadab)
2022-05-03 22:43:23 -04:00
LDADD += \
$(top_builddir)/tests/libtest/libtest.la \
Complete rewrite the BIND 9 build system The rewrite of BIND 9 build system is a large work and cannot be reasonable split into separate merge requests. Addition of the automake has a positive effect on the readability and maintainability of the build system as it is more declarative, it allows conditional and we are able to drop all of the custom make code that BIND 9 developed over the years to overcome the deficiencies of autoconf + custom Makefile.in files. This squashed commit contains following changes: - conversion (or rather fresh rewrite) of all Makefile.in files to Makefile.am by using automake - the libtool is now properly integrated with automake (the way we used it was rather hackish as the only official way how to use libtool is via automake - the dynamic module loading was rewritten from a custom patchwork to libtool's libltdl (which includes the patchwork to support module loading on different systems internally) - conversion of the unit test executor from kyua to automake parallel driver - conversion of the system test executor from custom make/shell to automake parallel driver - The GSSAPI has been refactored, the custom SPNEGO on the basis that all major KRB5/GSSAPI (mit-krb5, heimdal and Windows) implementations support SPNEGO mechanism. - The various defunct tests from bin/tests have been removed: bin/tests/optional and bin/tests/pkcs11 - The text files generated from the MD files have been removed, the MarkDown has been designed to be readable by both humans and computers - The xsl header is now generated by a simple sed command instead of perl helper - The <irs/platform.h> header has been removed - cleanups of configure.ac script to make it more simpler, addition of multiple macros (there's still work to be done though) - the tarball can now be prepared with `make dist` - the system tests are partially able to run in oot build Here's a list of unfinished work that needs to be completed in subsequent merge requests: - `make distcheck` doesn't yet work (because of system tests oot run is not yet finished) - documentation is not yet built, there's a different merge request with docbook to sphinx-build rst conversion that needs to be rebased and adapted on top of the automake - msvc build is non functional yet and we need to decide whether we will just cross-compile bind9 using mingw-w64 or fix the msvc build - contributed dlz modules are not included neither in the autoconf nor automake
2018-08-07 10:46:53 -04:00
$(CMOCKA_LIBS)
Reference in a new issue Copy permalink