NSS/BoGo Tests

From MozillaWiki
Jump to: navigation, search

BoGo is the TLS test suite for boringssl that can be easily ported to other TLS libraries (BoGo Porting).

Running BoGo Tests

Assuming a copy (in $SOURCE_DIR) and build (in $DISTDIR) of NSS are present. First get a copy of boringssl and checkout a specific version (check source for currently used revision).

   git clone https://boringssl.googlesource.com/boringssl
   cd boringssl
   git checkout ec55dc15d3a39e5f1a58bfd79148729f38f6acb4

Then you can run the BoGo tests.

   cd ssl/test/runner
   GOPATH="$PWD" go test -shim-path "$DISTDIR"/bin/nss_bogo_shim -loose-errors \
   -allow-unimplemented -shim-config "$SOURCE_DIR/gtests/nss_bogo_shim/config.json"

Updating BoGo Versions

Care is needed when upgrading the version of BoGo in use in tests/bogo/bogo.sh. Often new tests are added to BoGo that do not pass on NSS.

Before publicly posting any changes to our BoGo version or the "DisabledTests" list for nss_bogo_shim, each test failure needs to be individually triaged. If there are any suspicious failures, those must be addressed before we post about the upgrade. If there are questionable circumstances, it is better to ask on nss-dev than not.