Sample programs should not depend on test code
gilles-peskine-arm opened this issue · comments
Sample programs should not depend on test code. Users should be able to take a sample program's source code (just the .c
file) and link it against Mbed TLS.
Note that this applies only to sample programs, not to test programs (programs/fuzz/*
, programs/test/*
, programs/ssl/*2.c
). In addition, the use of test certificates in SSL sample programs is dubious, but it's a topic of its own (#9079).
In terms of build process, sample programs may need to be linked with test objects when the platform configuration points to test code (e.g. MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
). So programs/Makefile
should avoid passing -I ../test/...
but needs to link with ../test/src/*.o
.
As of 3.6+cb854d5d19e05339448afb03839bee7f7e3ecd23, there is one call to an mbedtls_test_
function in programs/x509/cert_write.c
.
Goal of this issue:
- No more headers from
tests/*
included by programs except as follows:programs/test/*
andprograms/fuzz/*
may include test headers.programs/ssl/ssl_test*
,programs/ssl/ssl_client2.c
,programs/ssl_server2.c
may include test headers.programs/ssl/*
may includetests/certs.h
.
- In as much as practical, do not pass
-I .../test/...
options inCFLAGS
when compiling programs that should not depend on test code.
Duplicate of #8484