[openssl-dev] [openssl.org #3907] Script testssl uses bash feature (non-POSIX)

[Rainer Jung via RT]

The script test/testssl uses the "local" keywork in test_cipher() since 
commit 
https://github.com/openssl/openssl/commit/e8356e32aed70d139eae2d05aeaeb160509262aa 
(master, merged at least to 1.0.1 and 1.0.2).

This keyword is non-POSIX but the script is supposed to be run with 
/bin/sh. E.g. on Solaris systems this will produce an error

./testssl: local: not found

because the shell does not understand "local" as a keyword and tries to 
find an executable "local" in the path.

Currently this error is not fatal, because the keyword is used to mark 
the variables "cipher" and "protocol" as local. They are set from the 
first and second arguments of the function, which is simply ignored when 
the error happens. Fortunately all calls to the function pass global 
variables "cipher" and "protocol" as first and second arguments, so the 
failure is transparent since the global variables of the same name 
already have the correct values. $cipher and $protocol will still 
provide the correct contents in the function.

Possible fixes are:

- demand running the script using bash. Not all systems might provide 
bash though.

- simply removing the local keyword. Currently the script would 
overwrite the global variables cipher and protocol in test_cipher(), but 
those are only used to actually pass arguments to this function, so 
overwriting has no side effect

- removing the local keyword and renaming the local variables cipher and 
protocol so something like localCipher and localProtocol to remind about 
their scope. I suggest using this workaround.

I think there's no POSIX compliant way to scope variables in shell, at 
least not without playing difficult to read eval games.

Thanks,

Rainer

_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod