From eb88fbafd5eae8a3764f8ae8a9b6d3863c75ce35 Mon Sep 17 00:00:00 2001 From: Samuel Chiang Date: Wed, 19 Feb 2025 00:28:50 +0000 Subject: [PATCH] Fix and add CI for C++98 --- include/openssl/aead.h | 2 +- include/openssl/bn.h | 2 +- include/openssl/crypto.h | 2 +- include/openssl/curve25519.h | 2 +- include/openssl/ec.h | 2 +- include/openssl/service_indicator.h | 2 +- include/openssl/ssl.h | 14 +++++++------- .../cdk/codebuild/github_ci_linux_x86_omnibus.yaml | 10 ++++++++++ tests/ci/run_posix_tests.sh | 5 ----- .../{c99_gcc_test.sh => c99_cplusplus98_test.sh} | 14 ++++++++++---- 10 files changed, 33 insertions(+), 22 deletions(-) rename tests/coding_guidelines/{c99_gcc_test.sh => c99_cplusplus98_test.sh} (59%) diff --git a/include/openssl/aead.h b/include/openssl/aead.h index 7f9b262379..64df91ecfe 100644 --- a/include/openssl/aead.h +++ b/include/openssl/aead.h @@ -437,7 +437,7 @@ OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_gcm_tls13(void); // evp_aead_direction_t denotes the direction of an AEAD operation. enum evp_aead_direction_t { evp_aead_open, - evp_aead_seal, + evp_aead_seal }; // EVP_AEAD_CTX_init_with_direction calls |EVP_AEAD_CTX_init| for normal diff --git a/include/openssl/bn.h b/include/openssl/bn.h index ad539dad20..f96eae79bb 100644 --- a/include/openssl/bn.h +++ b/include/openssl/bn.h @@ -769,7 +769,7 @@ OPENSSL_EXPORT int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, enum bn_primality_result_t { bn_probably_prime, bn_composite, - bn_non_prime_power_composite, + bn_non_prime_power_composite }; // BN_enhanced_miller_rabin_primality_test tests whether |w| is probably a prime diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h index 0e81efcdf9..0f39e8ab1a 100644 --- a/include/openssl/crypto.h +++ b/include/openssl/crypto.h @@ -130,7 +130,7 @@ enum fips_counter_t { fips_counter_evp_aes_128_ctr = 2, fips_counter_evp_aes_256_ctr = 3, - fips_counter_max = 3, + fips_counter_max = 3 }; // FIPS_read_counter returns a counter of the number of times the specific diff --git a/include/openssl/curve25519.h b/include/openssl/curve25519.h index 430ec09f27..95511a920d 100644 --- a/include/openssl/curve25519.h +++ b/include/openssl/curve25519.h @@ -178,7 +178,7 @@ OPENSSL_EXPORT void ED25519_keypair_from_seed(uint8_t out_public_key[ED25519_PUB // must be “Alice” and the other be “Bob”. enum spake2_role_t { spake2_role_alice, - spake2_role_bob, + spake2_role_bob }; // SPAKE2_CTX_new creates a new |SPAKE2_CTX| (which can only be used for a diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 0c1b961c79..e00ed304af 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -92,7 +92,7 @@ typedef enum { // POINT_CONVERSION_HYBRID indicates that the point is encoded as z||x||y, // where z specifies which solution of the quadratic equation y is. - POINT_CONVERSION_HYBRID = 6, + POINT_CONVERSION_HYBRID = 6 } point_conversion_form_t; diff --git a/include/openssl/service_indicator.h b/include/openssl/service_indicator.h index ba2f4c449d..5f8f61180f 100644 --- a/include/openssl/service_indicator.h +++ b/include/openssl/service_indicator.h @@ -32,7 +32,7 @@ OPENSSL_EXPORT const char* awslc_version_string(void); enum FIPSStatus { AWSLC_NOT_APPROVED = 0, - AWSLC_APPROVED = 1, + AWSLC_APPROVED = 1 }; #if defined(AWSLC_FIPS) diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index f5dc36f3dc..e0df43e0b8 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1368,7 +1368,7 @@ OPENSSL_EXPORT void *SSL_CTX_get_default_passwd_cb_userdata(const SSL_CTX *ctx); enum ssl_private_key_result_t { ssl_private_key_success, ssl_private_key_retry, - ssl_private_key_failure, + ssl_private_key_failure }; // ssl_private_key_method_st (aka |SSL_PRIVATE_KEY_METHOD|) describes private @@ -2542,7 +2542,7 @@ enum ssl_ticket_aead_result_t { ssl_ticket_aead_ignore_ticket, // ssl_ticket_aead_error indicates that a fatal error occured and the // handshake should be terminated. - ssl_ticket_aead_error, + ssl_ticket_aead_error }; // ssl_ticket_aead_method_st (aka |SSL_TICKET_AEAD_METHOD|) contains methods @@ -2880,7 +2880,7 @@ OPENSSL_EXPORT void SSL_set_verify(SSL *ssl, int mode, enum ssl_verify_result_t { ssl_verify_ok, ssl_verify_invalid, - ssl_verify_retry, + ssl_verify_retry }; // SSL_CTX_set_custom_verify configures certificate verification. |mode| is one @@ -3817,7 +3817,7 @@ enum ssl_encryption_level_t { ssl_encryption_initial = 0, ssl_encryption_early_data, ssl_encryption_handshake, - ssl_encryption_application, + ssl_encryption_application }; // ssl_quic_method_st (aka |SSL_QUIC_METHOD|) describes custom QUIC hooks. @@ -4118,7 +4118,7 @@ enum ssl_early_data_reason_t { // The value of the largest entry. ssl_early_data_unsupported_with_custom_extension = 15, ssl_early_data_reason_max_value = - ssl_early_data_unsupported_with_custom_extension, + ssl_early_data_unsupported_with_custom_extension }; // SSL_get_early_data_reason returns details why 0-RTT was accepted or rejected @@ -4636,7 +4636,7 @@ enum ssl_renegotiate_mode_t { ssl_renegotiate_once, ssl_renegotiate_freely, ssl_renegotiate_ignore, - ssl_renegotiate_explicit, + ssl_renegotiate_explicit }; // SSL_set_renegotiate_mode configures how |ssl|, a client, reacts to @@ -4777,7 +4777,7 @@ enum ssl_select_cert_result_t { ssl_select_cert_retry = 0, // ssl_select_cert_error indicates that a fatal error occured and the // handshake should be terminated. - ssl_select_cert_error = -1, + ssl_select_cert_error = -1 }; // SSL_early_callback_ctx_extension_get searches the extensions in diff --git a/tests/ci/cdk/cdk/codebuild/github_ci_linux_x86_omnibus.yaml b/tests/ci/cdk/cdk/codebuild/github_ci_linux_x86_omnibus.yaml index ff2c84a34c..d6bfe7010d 100644 --- a/tests/ci/cdk/cdk/codebuild/github_ci_linux_x86_omnibus.yaml +++ b/tests/ci/cdk/cdk/codebuild/github_ci_linux_x86_omnibus.yaml @@ -14,6 +14,16 @@ batch: compute-type: BUILD_GENERAL1_SMALL image: 620771051181.dkr.ecr.us-west-2.amazonaws.com/aws-lc-docker-images-linux-x86:ubuntu-20.04_clang-8x_latest + - identifier: c99_cplusplus98_checker + buildspec: ./tests/ci/codebuild/common/run_simple_target.yml + env: + type: LINUX_CONTAINER + privileged-mode: false + compute-type: BUILD_GENERAL1_SMALL + image: 620771051181.dkr.ecr.us-west-2.amazonaws.com/aws-lc-docker-images-linux-x86:ubuntu-22.04_gcc-12x_latest + variables: + AWS_LC_CI_TARGET: "tests/coding_guidelines/c99_cplusplus98_test.sh" + - identifier: ubuntu1604_gcc5x_x86 buildspec: ./tests/ci/codebuild/common/run_simple_target.yml env: diff --git a/tests/ci/run_posix_tests.sh b/tests/ci/run_posix_tests.sh index 31a308fe94..162bc15687 100755 --- a/tests/ci/run_posix_tests.sh +++ b/tests/ci/run_posix_tests.sh @@ -38,11 +38,6 @@ build_and_test -DDISABLE_PERL=ON -DENABLE_DILITHIUM=ON echo "Testing building with AArch64 Data-Independent Timing (DIT) on." build_and_test -DENABLE_DATA_INDEPENDENT_TIMING=ON -DCMAKE_BUILD_TYPE=Release -DENABLE_DILITHIUM=ON -if [[ "${AWSLC_C99_TEST}" == "1" ]]; then - echo "Testing the C99 compatability of AWS-LC headers." - ./tests/coding_guidelines/c99_gcc_test.sh -fi - if [[ "${AWSLC_CODING_GUIDELINES_TEST}" == "1" ]]; then echo "Testing that AWS-LC is compliant with the coding guidelines." source ./tests/coding_guidelines/coding_guidelines_test.sh diff --git a/tests/coding_guidelines/c99_gcc_test.sh b/tests/coding_guidelines/c99_cplusplus98_test.sh similarity index 59% rename from tests/coding_guidelines/c99_gcc_test.sh rename to tests/coding_guidelines/c99_cplusplus98_test.sh index aff5e2c42d..02b348ab65 100755 --- a/tests/coding_guidelines/c99_gcc_test.sh +++ b/tests/coding_guidelines/c99_cplusplus98_test.sh @@ -24,8 +24,7 @@ INCLUDE_FILES=`ls $INCLUDE_DIR/openssl/*.h | grep -v $INCLUDE_DIR/openssl/arm_ar # some non-ISO practices, but not all — only those for which ISO C requires a # diagnostic, and some others for which diagnostics have been added." # https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html - -${CC} -std=c99 -c -I${INCLUDE_DIR} -include ${INCLUDE_FILES} -Wpedantic -fsyntax-only -Werror +${CC} -std=c99 -c -I${INCLUDE_DIR} $(echo ${INCLUDE_FILES} | sed 's/[^ ]* */-include &/g') -Wpedantic -fsyntax-only -Werror ./tests/compiler_features_tests/builtin_swap_check.c # AWS C SDKs conforms to C99. They set `C_STANDARD 99` which will set the # flag `-std=gnu99` @@ -34,5 +33,12 @@ ${CC} -std=c99 -c -I${INCLUDE_DIR} -include ${INCLUDE_FILES} -Wpedantic -fsyntax # https://cmake.org/cmake/help/latest/prop_tgt/C_STANDARD.html # # the c99 and gnu99 modes are different, so let's test both. - -${CC} -std=gnu99 -c -I${INCLUDE_DIR} -include ${INCLUDE_FILES} -Wpedantic -fsyntax-only -Werror +${CC} -std=gnu99 -c -I${INCLUDE_DIR} $(echo ${INCLUDE_FILES} | sed 's/[^ ]* */-include &/g') -Wpedantic -fsyntax-only -Werror ./tests/compiler_features_tests/builtin_swap_check.c + +# Our SSL headers use C++, but older compilers do not have the C++11 flag enabled by +# default. Not all consuming applications that use older compilers have enabled the +# C++11 feature flag. To ensure a smoother integration process for migrating +# applications, we should ensure that the default settings of older C++ compilers +# work with our header files. +${CXX} -std=c++98 -c -I${INCLUDE_DIR} $(echo ${INCLUDE_FILES} | sed 's/[^ ]* */-include &/g') -Wpedantic -fsyntax-only -Werror ./tests/compiler_features_tests/builtin_swap_check.c +${CXX} -std=gnu++98 -c -I${INCLUDE_DIR} $(echo ${INCLUDE_FILES} | sed 's/[^ ]* */-include &/g') -Wpedantic -fsyntax-only -Werror ./tests/compiler_features_tests/builtin_swap_check.c