[Git][NTPsec/ntpsec][master] CI/checks: have Coverity run Python 3 and have opttest (ab)use new tlscheck helper ...

Eric S. Raymond gitlab at mg.gitlab.com
Wed Sep 2 01:25:10 UTC 2020



Eric S. Raymond pushed to branch master at NTPsec / ntpsec


Commits:
0467d172 by James Browning at 2020-09-02T01:16:32+00:00
CI/checks: have Coverity run Python 3 and have opttest (ab)use new tlscheck helper ...

The tlscheck helper is badly written and probably neeed thrown under the bus soon.

- - - - -


3 changed files:

- .gitlab-ci.yml
- tests/option-tester.sh
- + wafhelpers/tlscheck


Changes:

=====================================
.gitlab-ci.yml
=====================================
@@ -377,7 +377,7 @@ coverity-scan:
     - curl -o /tmp/cov-analysis-linux64.tgz --form project=ntpsec --form token="${COVERITY_TOKEN}" https://scan.coverity.com/download/linux64
     - tar zxf /tmp/cov-analysis-linux64.tgz
     - python3 ./waf configure --disable-doc --disable-manpage --refclock=all
-    - cov-analysis-linux64-*/bin/cov-build --dir cov-int ./waf build
+    - cov-analysis-linux64-*/bin/cov-build --dir cov-int python3 ./waf build
     - tar czf ntpsec_coverity.tgz cov-int
     - curl --form token="${COVERITY_TOKEN}" --form email=security at ntpsec.org --form file=@ntpsec_coverity.tgz --form version="$(git rev-parse --short HEAD)" --form description="Automatic submission by gitlab-ci" https://scan.coverity.com/builds?project=ntpsec
   tags:


=====================================
tests/option-tester.sh
=====================================
@@ -25,6 +25,11 @@ then
   LINUX="--enable-seccomp"
 fi
 
+if [ -z ${PYTHON} ]
+then
+    PYTHON="python"
+fi
+
 DISABLE_NTS=""
 if pkg-config --version 2>/dev/null 1>/dev/null
 then
@@ -32,11 +37,11 @@ then
   then
     DISABLE_NTS="--disable-nts"
   fi
-fi
-
-if [ -z ${PYTHON} ]
-then
-    PYTHON="python"
+else
+  if ! $PYTHON ../wafhelpers/tlscheck
+  then
+    DISABLE_NTS="--disable-nts"
+  fi
 fi
 
 doit ()


=====================================
wafhelpers/tlscheck
=====================================
@@ -0,0 +1,20 @@
+
+#!/usr/bin/env python
+import ctypes
+
+try:
+    tls = ctypes.CDLL('libssl.so')
+    tls.OpenSSL_version_num.restype = ctypes.c_ulong
+    ver = tls.OpenSSL_version_num() # unsigned long OpenSSL_version_num();
+    # MNNFFPPS: major minor fix patch status
+    maj = (ver & 0xf0000000) >> 28
+    if maj > 2:
+        exit(0)
+    elif maj == 2:
+        exit(1)
+    trip = ver & 0xfffffff0
+    if trip < 0x10100000 or trip == 0x101000010:
+        exit(1)
+    exit(0)
+except Exception:
+    exit(1)



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/0467d172f3ff9f346e05818cc5e510b73337dddf

-- 
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/0467d172f3ff9f346e05818cc5e510b73337dddf
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20200902/1efbae8c/attachment-0001.htm>


More information about the vc mailing list