tests: conditionalize SRP tests

Signed-off-by: Daiki Ueno <ueno@gnu.org>

7 files changed, 37 insertions, 9 deletions

diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am
index 34a8919994..a509d3cbc0 100644
--- a/fuzz/Makefile.am
+++ b/fuzz/Makefile.am
@@ -27,8 +27,6 @@ FUZZERS = \
  gnutls_reverse_idna_parser_fuzzer$(EXEEXT) \
  gnutls_server_fuzzer$(EXEEXT) \
  gnutls_server_rawpk_fuzzer$(EXEEXT) \
- gnutls_srp_client_fuzzer$(EXEEXT) \
- gnutls_srp_server_fuzzer$(EXEEXT) \
  gnutls_set_trust_file_fuzzer$(EXEEXT) \
  gnutls_x509_crl_parser_fuzzer$(EXEEXT) \
  gnutls_x509_crq_parser_fuzzer$(EXEEXT) \
@@ -37,6 +35,12 @@ FUZZERS = \
  gnutls_handshake_client_fuzzer$(EXEEXT) \
  gnutls_handshake_server_fuzzer$(EXEEXT)
 
+if ENABLE_SRP
+FUZZERS += \
+ gnutls_srp_client_fuzzer$(EXEEXT) \
+ gnutls_srp_server_fuzzer$(EXEEXT)
+endif
+
 check_PROGRAMS = $(FUZZERS)
 
 COMMON_SOURCES = main.c fuzzer.h
diff --git a/tests/rehandshake-switch-srp-id.c b/tests/rehandshake-switch-srp-id.c
index 0b5608505a..d3b23a7d51 100644
--- a/tests/rehandshake-switch-srp-id.c
+++ b/tests/rehandshake-switch-srp-id.c
@@ -24,23 +24,24 @@
 #include <config.h>
 #endif
 
-#include <stdio.h>
 #include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <gnutls/gnutls.h>
-#include "utils.h"
-#include "eagain-common.h"
 
 #ifndef ENABLE_SRP
 
-void doit(void)
+int main(void)
 {
 	exit(77);
 }
 
 #else
 
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <gnutls/gnutls.h>
+#include "utils.h"
+#include "eagain-common.h"
+
 /* This test checks whether the server switching certificates is detected
  * by the client */
 
diff --git a/tests/server-kx-neg-common.c b/tests/server-kx-neg-common.c
index 961d16074e..21476cdbb3 100644
--- a/tests/server-kx-neg-common.c
+++ b/tests/server-kx-neg-common.c
@@ -88,6 +88,7 @@ static void tls_log_func(int level, const char *str)
 	fprintf(stderr, "%s|<%d>| %s", side, level, str);
 }
 
+#ifdef ENABLE_SRP
 static int
 serv_srp_func(gnutls_session_t session, const char *username,
 	      gnutls_datum_t *salt, gnutls_datum_t *verifier, gnutls_datum_t *generator,
@@ -120,6 +121,7 @@ serv_srp_func(gnutls_session_t session, const char *username,
 
 	return 0;
 }
+#endif
 
 static void try(test_case_st *test)
 {
@@ -130,8 +132,10 @@ static void try(test_case_st *test)
 	gnutls_psk_server_credentials_t s_psk_cred;
 	gnutls_certificate_credentials_t s_cert_cred;
 	gnutls_certificate_credentials_t c_cert_cred;
+#ifdef ENABLE_SRP
 	gnutls_srp_server_credentials_t s_srp_cred;
 	gnutls_srp_client_credentials_t c_srp_cred;
+#endif
 	const gnutls_datum_t p3_2048 =
 	    { (void *)pkcs3_2048, strlen(pkcs3_2048) };
 	gnutls_dh_params_t dh_params = NULL;
@@ -155,8 +159,10 @@ static void try(test_case_st *test)
 	assert(gnutls_anon_allocate_server_credentials(&s_anon_cred) >= 0);
 	assert(gnutls_psk_allocate_client_credentials(&c_psk_cred) >= 0);
 	assert(gnutls_psk_allocate_server_credentials(&s_psk_cred) >= 0);
+#ifdef ENABLE_SRP
 	assert(gnutls_srp_allocate_client_credentials(&c_srp_cred) >= 0);
 	assert(gnutls_srp_allocate_server_credentials(&s_srp_cred) >= 0);
+#endif
 	assert(gnutls_certificate_allocate_credentials(&s_cert_cred) >= 0);
 	assert(gnutls_certificate_allocate_credentials(&c_cert_cred) >= 0);
 	assert(gnutls_dh_params_init(&dh_params) >= 0);
@@ -202,11 +208,13 @@ static void try(test_case_st *test)
 		gnutls_psk_set_server_credentials_function(s_psk_cred, serv_psk_func);
 	}
 
+#ifdef ENABLE_SRP
 	if (test->have_srp_cred) {
 		gnutls_credentials_set(server, GNUTLS_CRD_SRP, s_srp_cred);
 
 		gnutls_srp_set_server_credentials_function(s_srp_cred, serv_srp_func);
 	}
+#endif
 
 	if (test->have_rsa_decrypt_cert) {
 		assert(gnutls_certificate_set_x509_key_mem(s_cert_cred, &server_ca3_localhost_rsa_decrypt_cert, &server_ca3_key, GNUTLS_X509_FMT_PEM) >= 0);
@@ -236,11 +244,15 @@ static void try(test_case_st *test)
 	gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anon_cred);
 	gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, c_cert_cred);
 	gnutls_credentials_set(client, GNUTLS_CRD_PSK, c_psk_cred);
+#ifdef ENABLE_SRP
 	gnutls_credentials_set(client, GNUTLS_CRD_SRP, c_srp_cred);
+#endif
 
 	assert(gnutls_psk_set_client_credentials(c_psk_cred, "psk", &pskkey, GNUTLS_PSK_KEY_HEX) >= 0);
 
+#ifdef ENABLE_SRP
 	assert(gnutls_srp_set_client_credentials(c_srp_cred, "test1", "test") >= 0);
+#endif
 
 	gnutls_transport_set_push_function(server, server_push);
 	gnutls_transport_set_pull_function(server, server_pull);
@@ -267,8 +279,10 @@ static void try(test_case_st *test)
 	gnutls_anon_free_server_credentials(s_anon_cred);
 	gnutls_psk_free_client_credentials(c_psk_cred);
 	gnutls_psk_free_server_credentials(s_psk_cred);
+#ifdef ENABLE_SRP
 	gnutls_srp_free_client_credentials(c_srp_cred);
 	gnutls_srp_free_server_credentials(s_srp_cred);
+#endif
 	gnutls_certificate_free_credentials(s_cert_cred);
 	gnutls_certificate_free_credentials(c_cert_cred);
 	if (dh_params)
diff --git a/tests/tls10-server-kx-neg.c b/tests/tls10-server-kx-neg.c
index 8034b80617..e6d1c3e217 100644
--- a/tests/tls10-server-kx-neg.c
+++ b/tests/tls10-server-kx-neg.c
@@ -350,6 +350,7 @@ test_case_st tests[] = {
 		.server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0",
 		.client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.0"
 	},
+#ifdef ENABLE_SRP
 	{
 		.name = "TLS 1.0 SRP-RSA without cert cred",
 		.client_ret = GNUTLS_E_AGAIN,
@@ -417,6 +418,7 @@ test_case_st tests[] = {
 		.server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.0",
 		.client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.0"
 	}
+#endif
 };
 
 void doit(void)
diff --git a/tests/tls11-server-kx-neg.c b/tests/tls11-server-kx-neg.c
index b3b635dd4e..67bfda91d5 100644
--- a/tests/tls11-server-kx-neg.c
+++ b/tests/tls11-server-kx-neg.c
@@ -350,6 +350,7 @@ test_case_st tests[] = {
 		.server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1",
 		.client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.1"
 	},
+#ifdef ENABLE_SRP
 	{
 		.name = "TLS 1.1 SRP-RSA without cert cred",
 		.client_ret = GNUTLS_E_AGAIN,
@@ -417,6 +418,7 @@ test_case_st tests[] = {
 		.server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.1",
 		.client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.1"
 	}
+#endif
 };
 
 void doit(void)
diff --git a/tests/tls12-server-kx-neg.c b/tests/tls12-server-kx-neg.c
index e3a2de363a..00e28bb2bd 100644
--- a/tests/tls12-server-kx-neg.c
+++ b/tests/tls12-server-kx-neg.c
@@ -395,6 +395,7 @@ test_case_st tests[] = {
 		.server_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2",
 		.client_prio = "NORMAL:-KX-ALL:+RSA-PSK:-VERS-ALL:+VERS-TLS1.2"
 	},
+#ifdef ENABLE_SRP
 	{
 		.name = "TLS 1.2 SRP-RSA without cert cred",
 		.client_ret = GNUTLS_E_AGAIN,
@@ -462,6 +463,7 @@ test_case_st tests[] = {
 		.server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.2",
 		.client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.2"
 	},
+#endif
 
 #ifdef ENABLE_GOST
 	{
diff --git a/tests/tls13-server-kx-neg.c b/tests/tls13-server-kx-neg.c
index a4cca3faaf..4b68999a61 100644
--- a/tests/tls13-server-kx-neg.c
+++ b/tests/tls13-server-kx-neg.c
@@ -150,6 +150,7 @@ test_case_st tests[] = {
 		.client_prio = "NORMAL:-KX-ALL:+RSA-PSK:"PVERSION,
 		.exp_version = GNUTLS_TLS1_2,
 	},
+#ifdef ENABLE_SRP
 	{
 		.name = "TLS 1.3 SRP-RSA without cert cred",
 		.client_ret = GNUTLS_E_AGAIN,
@@ -224,6 +225,8 @@ test_case_st tests[] = {
 		.client_prio = "NORMAL:-KX-ALL:+SRP:"PVERSION,
 		.exp_version = GNUTLS_TLS1_2,
 	},
+#endif
+
 #ifdef ENABLE_GOST
 	{
 		.name = "TLS 1.3 server, TLS 1.2 client VKO-GOST-12 with cred and GOST-256 cert",