Merge pull request #5232 from gilles-peskine-arm/dlopen-test-2.x
Dlopen test 2.x
diff --git a/programs/.gitignore b/programs/.gitignore
index 5d3c5bd..d402607 100644
--- a/programs/.gitignore
+++ b/programs/.gitignore
@@ -54,6 +54,7 @@
test/benchmark
test/cpp_dummy_build
test/cpp_dummy_build.cpp
+test/dlopen
test/ecp-bench
test/query_compile_time_config
test/selftest
diff --git a/programs/Makefile b/programs/Makefile
index 550887a..2d0f705 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -18,6 +18,12 @@
-lmbedx509$(SHARED_SUFFIX) \
-lmbedcrypto$(SHARED_SUFFIX)
+ifeq ($(shell uname -s),Linux)
+DLOPEN_LDFLAGS ?= -ldl
+else
+DLOPEN_LDFLAGS ?=
+endif
+
include ../3rdparty/Makefile.inc
LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
@@ -55,6 +61,18 @@
LOCAL_LDFLAGS += -lz
endif
+# Only build the dlopen test in shared library builds, and not when building
+# for Windows.
+ifdef BUILD_DLOPEN
+# Don't override the value
+else ifdef WINDOWS_BUILD
+BUILD_DLOPEN =
+else ifdef SHARED
+BUILD_DLOPEN = y
+else
+BUILD_DLOPEN =
+endif
+
APPS = \
aes/crypt_and_hash$(EXEXT) \
hash/generic_sum$(EXEXT) \
@@ -114,6 +132,10 @@
APPS += ssl/ssl_pthread_server$(EXEXT)
endif
+ifdef BUILD_DLOPEN
+APPS += test/dlopen
+endif
+
ifdef TEST_CPP
APPS += test/cpp_dummy_build$(EXEXT)
endif
@@ -318,6 +340,15 @@
echo " CXX test/cpp_dummy_build.cpp"
$(CXX) $(LOCAL_CXXFLAGS) $(CXXFLAGS) test/cpp_dummy_build.cpp $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+ifdef BUILD_DLOPEN
+test/dlopen$(EXEXT): test/dlopen.c $(DEP)
+ echo " CC test/dlopen.c"
+# Do not link any test objects (that would bring in a static dependency on
+# libmbedcrypto at least). Do not link with libmbed* (that would defeat the
+# purpose of testing dynamic loading).
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/dlopen.c $(LDFLAGS) $(DLOPEN_LDFLAGS) -o $@
+endif
+
test/query_config.o: test/query_config.c test/query_config.h $(DEP)
echo " CC test/query_config.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c test/query_config.c -o $@
@@ -379,6 +410,7 @@
rm -f $(APPS)
-rm -f ssl/ssl_pthread_server$(EXEXT)
-rm -f test/cpp_dummy_build.cpp test/cpp_dummy_build$(EXEXT)
+ -rm -f test/dlopen$(EXEXT)
else
if exist *.o del /Q /F *.o
if exist *.exe del /Q /F *.exe
diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index 04ec7fc..403797c 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@@ -35,6 +35,13 @@
target_link_libraries(cpp_dummy_build ${mbedcrypto_target})
endif()
+if(USE_SHARED_MBEDTLS_LIBRARY AND
+ NOT ${CMAKE_SYSTEM_NAME} MATCHES "[Ww][Ii][Nn]")
+ add_executable(dlopen "dlopen.c")
+ target_include_directories(dlopen PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../include)
+ target_link_libraries(dlopen ${CMAKE_DL_LIBS})
+endif()
+
foreach(exe IN LISTS executables_libs executables_mbedcrypto)
set(extra_sources "")
if(exe STREQUAL "query_compile_time_config")
diff --git a/programs/test/dlopen.c b/programs/test/dlopen.c
new file mode 100644
index 0000000..2ee5316
--- /dev/null
+++ b/programs/test/dlopen.c
@@ -0,0 +1,116 @@
+/*
+ * Test dynamic loading of libmbed*
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/platform.h"
+#if !defined(MBEDTLS_PLATFORM_C)
+#include <stdio.h>
+#include <stdlib.h>
+#define mbedtls_fprintf fprintf
+#define mbedtls_printf printf
+#define mbedtls_exit exit
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#include "mbedtls/x509_crt.h"
+#endif
+
+#if defined(__APPLE__)
+#define SO_SUFFIX ".dylib"
+#else
+#define SO_SUFFIX ".so"
+#endif
+
+#define CRYPTO_SO_FILENAME "libmbedcrypto" SO_SUFFIX
+#define X509_SO_FILENAME "libmbedx509" SO_SUFFIX
+#define TLS_SO_FILENAME "libmbedtls" SO_SUFFIX
+
+#include <dlfcn.h>
+
+#define CHECK_DLERROR( function, argument ) \
+ do \
+ { \
+ char *CHECK_DLERROR_error = dlerror ( ); \
+ if( CHECK_DLERROR_error != NULL ) \
+ { \
+ fprintf( stderr, "Dynamic loading error for %s(%s): %s\n", \
+ function, argument, CHECK_DLERROR_error ); \
+ mbedtls_exit( MBEDTLS_EXIT_FAILURE ); \
+ } \
+ } \
+ while( 0 )
+
+int main( void )
+{
+#if defined(MBEDTLS_MD_C) || defined(MBEDTLS_SSL_TLS_C)
+ unsigned n;
+#endif
+
+#if defined(MBEDTLS_SSL_TLS_C)
+ void *tls_so = dlopen( TLS_SO_FILENAME, RTLD_NOW );
+ CHECK_DLERROR( "dlopen", TLS_SO_FILENAME );
+ const int *( *ssl_list_ciphersuites )( void ) =
+ dlsym( tls_so, "mbedtls_ssl_list_ciphersuites" );
+ CHECK_DLERROR( "dlsym", "mbedtls_ssl_list_ciphersuites" );
+ const int *ciphersuites = ssl_list_ciphersuites( );
+ for( n = 0; ciphersuites[n] != 0; n++ )
+ /* nothing to do, we're just counting */;
+ mbedtls_printf( "dlopen(%s): %u ciphersuites\n",
+ TLS_SO_FILENAME, n );
+ dlclose( tls_so );
+ CHECK_DLERROR( "dlclose", TLS_SO_FILENAME );
+#endif /* MBEDTLS_SSL_TLS_C */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+ void *x509_so = dlopen( X509_SO_FILENAME, RTLD_NOW );
+ CHECK_DLERROR( "dlopen", X509_SO_FILENAME );
+ const mbedtls_x509_crt_profile *profile =
+ dlsym( x509_so, "mbedtls_x509_crt_profile_default" );
+ CHECK_DLERROR( "dlsym", "mbedtls_x509_crt_profile_default" );
+ mbedtls_printf( "dlopen(%s): Allowed md mask: %08x\n",
+ X509_SO_FILENAME, (unsigned) profile->allowed_mds );
+ dlclose( x509_so );
+ CHECK_DLERROR( "dlclose", X509_SO_FILENAME );
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_MD_C)
+ void *crypto_so = dlopen( CRYPTO_SO_FILENAME, RTLD_NOW );
+ CHECK_DLERROR( "dlopen", CRYPTO_SO_FILENAME );
+ const int *( *md_list )( void ) =
+ dlsym( crypto_so, "mbedtls_md_list" );
+ CHECK_DLERROR( "dlsym", "mbedtls_md_list" );
+ const int *mds = md_list( );
+ for( n = 0; mds[n] != 0; n++ )
+ /* nothing to do, we're just counting */;
+ mbedtls_printf( "dlopen(%s): %u hashes\n",
+ CRYPTO_SO_FILENAME, n );
+ dlclose( crypto_so );
+ CHECK_DLERROR( "dlclose", CRYPTO_SO_FILENAME );
+#endif /* MBEDTLS_MD_C */
+
+ return( 0 );
+}
+
diff --git a/programs/test/dlopen_demo.sh b/programs/test/dlopen_demo.sh
new file mode 100755
index 0000000..2dde3eb
--- /dev/null
+++ b/programs/test/dlopen_demo.sh
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+# Run the shared library dynamic loading demo program.
+# This is only expected to work when Mbed TLS is built as a shared library.
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -e -u
+
+program_dir="${0%/*}"
+program="$program_dir/dlopen"
+top_dir="$program_dir/../.."
+library_dir="$top_dir/library"
+
+# ELF-based Unix-like (Linux, *BSD, Solaris, ...)
+if [ -n "${LD_LIBRARY_PATH-}" ]; then
+ LD_LIBRARY_PATH="$library_dir:$LD_LIBRARY_PATH"
+else
+ LD_LIBRARY_PATH="$library_dir"
+fi
+export LD_LIBRARY_PATH
+
+# OSX/macOS
+if [ -n "${DYLD_LIBRARY_PATH-}" ]; then
+ DYLD_LIBRARY_PATH="$library_dir:$DYLD_LIBRARY_PATH"
+else
+ DYLD_LIBRARY_PATH="$library_dir"
+fi
+export DYLD_LIBRARY_PATH
+
+echo "Running dynamic loading test program: $program"
+echo "Loading libraries from: $library_dir"
+"$program"
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index bbc2d9c..b10dc6e 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -2423,6 +2423,7 @@
msg "build/test: make shared" # ~ 40s
make SHARED=1 all check
ldd programs/util/strerror | grep libmbedcrypto
+ programs/test/dlopen_demo.sh
}
component_test_cmake_shared () {
@@ -2431,6 +2432,7 @@
make
ldd programs/util/strerror | grep libmbedcrypto
make test
+ programs/test/dlopen_demo.sh
}
test_build_opt () {