script cleanup: use #!/bin/bash on all scripts that use "echo -e" (/bin/sh is sometimes a non-Bourne/non-POSIX shell, e.g. dash/ash, with no support for "echo -e"); fix whitespace.

async-check.sh

@@ -2,7 +2,7 @@
 
 # async-check.sh
 
-# This script creates symbolic links to the required asynchronous 
+# This script creates symbolic links to the required asynchronous
 # file for using the asynchronous simulator and make check
 #
 #     $ ./async-check [keep]
@@ -32,7 +32,7 @@ then
 else
     # make a clone of the wolfAsyncCrypt repository
     git clone --depth 1 $ASYNC_REPO async
-    [ $? -ne 0 ] && echo "\n\nCouldn't checkout the wolfAsyncCrypt repository\n\n" && exit 1  
+    [ $? -ne 0 ] && echo "\n\nCouldn't checkout the wolfAsyncCrypt repository\n\n" && exit 1
 fi
 
 # setup auto-conf

autogen.sh

@@ -6,13 +6,13 @@
 # Git hooks should come before autoreconf.
 if [ -d .git ]; then
     if [ ! -d .git/hooks ]; then
-	mkdir .git/hooks || exit $?
+        mkdir .git/hooks || exit $?
     fi
     if [ ! -e .git/hooks/pre-commit ]; then
-	ln -s ../../pre-commit.sh .git/hooks/pre-commit || exit $?
+        ln -s ../../pre-commit.sh .git/hooks/pre-commit || exit $?
     fi
     if [ ! -e .git/hooks/pre-push ]; then
-	ln -s ../../pre-push.sh .git/hooks/pre-push || exit $?
+        ln -s ../../pre-push.sh .git/hooks/pre-push || exit $?
     fi
 fi
 

certs/ecc/genecc.sh

@@ -14,11 +14,11 @@ echo 2000 > ./certs/ecc/crlnumber
 # generate ECC 256-bit CA
 if [ -f ./certs/ca-ecc-key.pem ]; then
     openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -key ./certs/ca-ecc-key.pem -out ./certs/ca-ecc-cert.pem -sha256 \
-	-days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
+        -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
 else
     openssl ecparam -out ./certs/ca-ecc-key.par -name prime256v1
     openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc-key.par -keyout ./certs/ca-ecc-key.pem -out ./certs/ca-ecc-cert.pem -sha256 \
-	-days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
+        -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
 fi
 
 openssl x509 -in ./certs/ca-ecc-cert.pem -inform PEM -out ./certs/ca-ecc-cert.der -outform DER
@@ -43,18 +43,18 @@ openssl x509 -in ./certs/server-ecc.pem -outform der -out ./certs/server-ecc.der
 openssl x509 -req -in ./certs/server-ecc-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions server_cert -signkey ./certs/ecc-key.pem -text -out ./certs/server-ecc-self.pem
 openssl x509 -inform pem -in ./certs/server-ecc-self.pem -outform der -out ./certs/server-ecc-self.der
 
-rm ./certs/server-ecc-req.pem 
+rm ./certs/server-ecc-req.pem
 
 
 
 # generate ECC 384-bit CA
 if [ -f ./certs/ca-ecc384-key.pem ]; then
     openssl req -config ./certs/ecc/wolfssl_384.cnf -extensions v3_ca -x509 -nodes -key ./certs/ca-ecc384-key.pem -out ./certs/ca-ecc384-cert.pem -sha384 \
-	-days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
+        -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
 else
     openssl ecparam -out ./certs/ca-ecc384-key.par -name secp384r1
     openssl req -config ./certs/ecc/wolfssl_384.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc384-key.par -keyout ./certs/ca-ecc384-key.pem -out ./certs/ca-ecc384-cert.pem -sha384 \
-	-days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
+        -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
 fi
 
 openssl x509 -in ./certs/ca-ecc384-cert.pem -inform PEM -out ./certs/ca-ecc384-cert.der -outform DER
@@ -70,48 +70,48 @@ openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -gencrl -crldays 1000 -out
 # Generate ECC 384-bit server cert
 if [ -f ./certs/server-ecc384-key.pem ]; then
     openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -key ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
-	-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+        -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 else
     openssl ecparam -out ./certs/server-ecc384-key.par -name secp384r1
     openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/server-ecc384-key.par -keyout ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
-	-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+        -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 fi
 openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
-	-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+        -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 openssl ec -in ./certs/server-ecc384-key.pem -inform PEM -out ./certs/server-ecc384-key.der -outform DER
 
 # Sign server certificate
 openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -extensions server_cert -days 10950 -notext -md sha384 -in ./certs/server-ecc384-req.pem -out ./certs/server-ecc384-cert.pem
 openssl x509 -in ./certs/server-ecc384-cert.pem -outform der -out ./certs/server-ecc384-cert.der
 
-rm ./certs/server-ecc384-req.pem 
+rm ./certs/server-ecc384-req.pem
 rm ./certs/server-ecc384-key.par
 
 # Generate ECC 384-bit client cert
 if [ -f ./certs/client-ecc384-key.pem ]; then
     openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -key ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
-	-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+        -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 else
     openssl ecparam -out ./certs/client-ecc384-key.par -name secp384r1
     openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/client-ecc384-key.par -keyout ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
-	-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+        -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 fi
 openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
-	-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Clit/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+        -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Clit/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 openssl ec -in ./certs/client-ecc384-key.pem -inform PEM -out ./certs/client-ecc384-key.der -outform DER
 
 # Sign client certificate
 openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -extensions usr_cert -days 10950 -notext -md sha384 -in ./certs/client-ecc384-req.pem -out ./certs/client-ecc384-cert.pem
 openssl x509 -in ./certs/client-ecc384-cert.pem -outform der -out ./certs/client-ecc384-cert.der
 
-rm ./certs/client-ecc384-req.pem 
+rm ./certs/client-ecc384-req.pem
 rm ./certs/client-ecc384-key.par
 
 
 # Generate ECC Kerberos Keys
 if [ -f ./certs/ecc/secp256k1-key.pem ]; then
-	openssl ecparam -name secp256k1 -genkey -noout -out ./certs/ecc/secp256k1-key.pem
+        openssl ecparam -name secp256k1 -genkey -noout -out ./certs/ecc/secp256k1-key.pem
-	openssl ec -in ./certs/ecc/secp256k1-key.pem -inform PEM -out ./certs/ecc/secp256k1-key.der -outform DER
+        openssl ec -in ./certs/ecc/secp256k1-key.pem -inform PEM -out ./certs/ecc/secp256k1-key.der -outform DER
 fi
 # Create self-signed ECC Kerberos certificates
 openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/secp256k1-key.pem -out ./certs/ecc/server-secp256k1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256K1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
@@ -126,8 +126,8 @@ rm ./certs/ecc/client-secp256k1-req.pem
 
 # Generate ECC Brainpool Keys
 if [ -f ./certs/ecc/bp256r1-key.pem ]; then
-	openssl ecparam -name brainpoolP256r1 -genkey -noout -out ./certs/ecc/bp256r1-key.pem
+        openssl ecparam -name brainpoolP256r1 -genkey -noout -out ./certs/ecc/bp256r1-key.pem
-	openssl ec -in ./certs/ecc/bp256r1-key.pem -inform PEM -out ./certs/ecc/bp256r1-key.der -outform DER
+        openssl ec -in ./certs/ecc/bp256r1-key.pem -inform PEM -out ./certs/ecc/bp256r1-key.der -outform DER
 fi
 # Create self-signed ECC Brainpool certificates
 openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/bp256r1-key.pem -out ./certs/ecc/server-bp256r1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256BPR1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
@@ -143,7 +143,7 @@ rm ./certs/ecc/client-bp256r1-req.pem
 
 # update bad certificate with last byte in signature changed
 cp ./certs/server-ecc.der ./certs/test/server-cert-ecc-badsig.der
-sed '$s/.$/W/' ./certs/test/server-cert-ecc-badsig.der >> ./certs/test/server-cert-ecc-badsig-altered.der 
+sed '$s/.$/W/' ./certs/test/server-cert-ecc-badsig.der >> ./certs/test/server-cert-ecc-badsig-altered.der
 mv ./certs/test/server-cert-ecc-badsig-altered.der ./certs/test/server-cert-ecc-badsig.der
 openssl x509 -inform der -in ./certs/test/server-cert-ecc-badsig.der -outform pem -out ./certs/test/server-cert-ecc-badsig.pem
 

certs/gen_revoked.sh

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
     ###########################################################
     ########## update and sign server-revoked-key.pem ################

certs/intermediate/genintcerts.sh

@@ -6,9 +6,9 @@
 # RSA Server
 #  ROOT: ./certs/ca-cert.pem
 #      C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com)
-#    INTERMEDIATE: ./certs/intermediate/ca-int-cert.pem 
+#    INTERMEDIATE: ./certs/intermediate/ca-int-cert.pem
 #        C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate CA/emailAddress=info@wolfssl.com
-#      INTERMEDIATE2: ./certs/intermediate/ca-int2-cert.pem 
+#      INTERMEDIATE2: ./certs/intermediate/ca-int2-cert.pem
 #          C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate2 CA/emailAddress=info@wolfssl.com
 #        SERVER: ./certs/intermediate/server-int-cert.pem
 #            C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Server Chain/emailAddress=info@wolfssl.com
@@ -16,9 +16,9 @@
 # RSA Client
 #  ROOT: ./certs/ca-cert.pem
 #      C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com)
-#    INTERMEDIATE: ./certs/intermediate/ca-int-cert.pem 
+#    INTERMEDIATE: ./certs/intermediate/ca-int-cert.pem
 #        C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate CA/emailAddress=info@wolfssl.com
-#      INTERMEDIATE: ./certs/intermediate/ca-int2-cert.pem 
+#      INTERMEDIATE: ./certs/intermediate/ca-int2-cert.pem
 #          C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate2 CA/emailAddress=info@wolfssl.com
 #        CLIENT: ./certs/intermediate/client-int-cert.pem
 #            C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Client Chain/emailAddress=info@wolfssl.com
@@ -26,9 +26,9 @@
 # ECC Server
 #  ROOT: ./certs/ca-ecc-cert.pem
 #      C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-#    INTERMEDIATE: ./certs/intermediate/ca-int-ecc-cert.pem 
+#    INTERMEDIATE: ./certs/intermediate/ca-int-ecc-cert.pem
 #        C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate CA ECC/emailAddress=info@wolfssl.com
-#      INTERMEDIATE2: ./certs/intermediate/ca-int-ecc-cert.pem 
+#      INTERMEDIATE2: ./certs/intermediate/ca-int-ecc-cert.pem
 #          C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate2 CA ECC/emailAddress=info@wolfssl.com
 #        SERVER: ./certs/intermediate/server-int-ecc-cert.pem
 #            C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Server Chain ECC/emailAddress=info@wolfssl.com
@@ -36,9 +36,9 @@
 # ECC Client
 #  ROOT: ./certs/ca-ecc-cert.pem
 #      C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-#    INTERMEDIATE: ./certs/intermediate/ca-int-ecc-cert.pem 
+#    INTERMEDIATE: ./certs/intermediate/ca-int-ecc-cert.pem
 #        C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate CA ECC/emailAddress=info@wolfssl.com
-#      INTERMEDIATE2: ./certs/intermediate/ca-int2-ecc-cert.pem 
+#      INTERMEDIATE2: ./certs/intermediate/ca-int2-ecc-cert.pem
 #          C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Intermediate2 CA ECC/emailAddress=info@wolfssl.com
 #        CLIENT: ./certs/intermediate/client-int-ecc-cert.pem
 #            C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=wolfSSL Client Chain ECC/emailAddress=info@wolfssl.com
@@ -203,7 +203,7 @@ fi
 
 # Make sure required CA files exist and are populated
 rm -f ./certs/intermediate/index.*
-touch ./certs/intermediate/index.txt 
+touch ./certs/intermediate/index.txt
 if [ ! -f ./certs/intermediate/serial ]; then
     echo 1000 > ./certs/intermediate/serial
 fi

certs/test-pathlen/assemble-chains.sh

@@ -147,7 +147,7 @@ create_an_entity "chainJ" "chainJ-ICA1-no_pathlen.pem" "chainJ-ICA1-key.pem"
 ###########################################################
 # Success: PathLen of 0
 ## chainA-ICA1-pathlen0.pem: signed by ca-cert.pem
-## chainA-entity.pem: signed by chainA-ICA1-pathlen0.pem 
+## chainA-entity.pem: signed by chainA-ICA1-pathlen0.pem
 cat chainA-entity.pem chainA-ICA1-pathlen0.pem > chainA-assembled.pem
 
 # Success: PathLen of 1

certs/test/gen-testcerts.sh

@@ -54,16 +54,16 @@ build_test_cert_conf() {
     echo ""                                             >> "$1".conf
     if [ -n "$3" ]; then
         echo "[ req_ext ]"                              >> "$1".conf
-	case "$3" in
+        case "$3" in
-	    *DER*)
+            *DER*)
                echo "subjectAltName = $3"               >> "$1".conf
-	       ;;
+               ;;
-	    *)
+            *)
                echo "subjectAltName = @alt_names"       >> "$1".conf
                echo "[alt_names]"                       >> "$1".conf
                echo "DNS.1 = $3"                        >> "$1".conf
-	       ;;
+               ;;
-	esac
+        esac
     fi
 }
 

commit-tests.sh

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 #commit-tests.sh
 

pre-commit.sh

@@ -6,7 +6,7 @@
 # save current config
 echo "\n\nSaving current config\n\n"
 cp config.status tmp.status
-cp wolfssl/options.h tmp.options.h 
+cp wolfssl/options.h tmp.options.h
 
 # stash modified files, if any, that are not part of this commit, don't test
 # them
@@ -35,7 +35,7 @@ echo "\nRestoring current config\n"
 mv tmp.status config.status
 # don't show output in case error from above
 ./config.status >/dev/null 2>&1
-mv tmp.options.h wolfssl/options.h 
+mv tmp.options.h wolfssl/options.h
 make clean >/dev/null 2>&1
 make -j 8 >/dev/null 2>&1
 

pre-push.sh

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 #
 #
 # Our "pre-push" hook.

scripts/crl-revoked.test

@@ -143,7 +143,7 @@ run_hashdir_test() {
   fi
   ln -s ./crl/crl.pem "$crl_hash_name".r0
   popd
-  
+
   # starts the server on crl_port, -R generates ready file to be used as a
   # mutex lock, -c loads the revoked certificate. We capture the processid
   # into the variable server_pid
@@ -159,11 +159,11 @@ run_hashdir_test() {
 
   # get created port 0 ephemeral port
   crl_port="$(cat "$ready_file")"
-  
+
   # starts client on crl_port and captures the output from client
   capture_out=$(./examples/client/client -p $crl_port -9 2>&1)
   client_result=$?
-  
+
   wait $server_pid
   server_result=$?
 
@@ -183,7 +183,7 @@ run_hashdir_test() {
         echo ""
         exit_hash_dir_code=1
     esac
-  
+
   # clean up hashed cert and crl
   pushd ${CERT_DIR}
   rm "$ca_hash_name".0
@@ -213,4 +213,3 @@ run_test
 echo "exiting with $exit_code certificate was not revoked"
 exit $exit_code
 ########## end program ##########
-

scripts/external.test

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # external.test
 
@@ -16,16 +16,16 @@ if [ $? -ne 0 ]; then
     # cloudflare seems to change CAs quickly, disabled by default
     if test -n "$WOLFSSL_EXTERNAL_TEST"; then
 
-	BUILD_FLAGS="$(./examples/client/client '-#')"
+        BUILD_FLAGS="$(./examples/client/client '-#')"
-	if echo "$BUILD_FLAGS" | fgrep -q -e ' -DWOLFSSL_SNIFFER '; then
+        if echo "$BUILD_FLAGS" | fgrep -q -e ' -DWOLFSSL_SNIFFER '; then
-	    echo 'skipping WOLFSSL_EXTERNAL_TEST because -DWOLFSSL_SNIFFER configuration of build is incompatible.'
+            echo 'skipping WOLFSSL_EXTERNAL_TEST because -DWOLFSSL_SNIFFER configuration of build is incompatible.'
-	    exit 0
+            exit 0
-	fi
+        fi
 
-	if echo "$BUILD_FLAGS" | fgrep -v -q -e ' -DHAVE_ECC '; then
+        if echo "$BUILD_FLAGS" | fgrep -v -q -e ' -DHAVE_ECC '; then
-	    echo 'skipping WOLFSSL_EXTERNAL_TEST because -UHAVE_ECC configuration of build is incompatible.'
+            echo 'skipping WOLFSSL_EXTERNAL_TEST because -UHAVE_ECC configuration of build is incompatible.'
-	    exit 0
+            exit 0
-	fi
+        fi
 
         echo "WOLFSSL_EXTERNAL_TEST set, running test..."
     else

scripts/google.test

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # google.test
 

scripts/memtest.sh

@@ -4,21 +4,21 @@
 
 ./autogen.sh
 ./configure --enable-debug --disable-shared --enable-memtest \
-	--enable-opensslextra --enable-des3 --enable-dh --enable-ecc --enable-aesgcm --enable-aesccm \
+        --enable-opensslextra --enable-des3 --enable-dh --enable-ecc --enable-aesgcm --enable-aesccm \
-	--enable-sniffer --enable-psk --enable-camellia --enable-sha512 --enable-crl --enable-ocsp --enable-savesession \
+        --enable-sniffer --enable-psk --enable-camellia --enable-sha512 --enable-crl --enable-ocsp --enable-savesession \
-	--enable-savecert --enable-atomicuser --enable-pkcallbacks --enable-scep;
+        --enable-savecert --enable-atomicuser --enable-pkcallbacks --enable-scep;
 
-	#DTLS has issue with trapping client/server failure disconnect since its stateless. Need to find way to communicate failure through file system.
+        #DTLS has issue with trapping client/server failure disconnect since its stateless. Need to find way to communicate failure through file system.
-	#--enable-dtls
+        #--enable-dtls
 make
 
 for i in {1..1000}
 do
     echo "Trying $i...\n"
 
- 	./tests/unit.test > ./scripts/memtest.txt 2>&1
+        ./tests/unit.test > ./scripts/memtest.txt 2>&1
 
- 	RESULT=$?
+        RESULT=$?
- 	[ $RESULT -eq 139 ] && echo "Mem Seg Fault" && exit 1
+        [ $RESULT -eq 139 ] && echo "Mem Seg Fault" && exit 1
 done
 echo "Loop SUCCESS"

scripts/ocsp-stapling-with-ca-as-responder.test

@@ -52,12 +52,12 @@ wait_for_readyFile(){
     counter=0
 
     while [ ! -s "$1" -a "$counter" -lt 20 ]; do
-	if [[ -n "${2-}" ]]; then
+        if [[ -n "${2-}" ]]; then
-	    if ! kill -0 $2 2>&-; then
+            if ! kill -0 $2 2>&-; then
-		echo "pid $2 for port ${3-} exited before creating ready file.  bailing..."
+                echo "pid $2 for port ${3-} exited before creating ready file.  bailing..."
-		exit 1
+                exit 1
-	    fi
+            fi
-	fi
+        fi
         echo -e "waiting for ready file..."
         sleep 0.1
         counter=$((counter+ 1))
@@ -159,9 +159,9 @@ cleanup()
     rm -r "$WORKSPACE" || return 1
 
     if [[ ("$exit_status" == 1) && ($RETRIES_REMAINING -gt 0) ]]; then
-	echo "retrying..."
+        echo "retrying..."
-	RETRIES_REMAINING=$((RETRIES_REMAINING - 1))
+        RETRIES_REMAINING=$((RETRIES_REMAINING - 1))
-	exec $0 "$@"
+        exec $0 "$@"
     fi
 }
 trap cleanup EXIT INT TERM HUP
@@ -179,13 +179,13 @@ ca=certs/external/baltimore-cybertrust-root.pem
 get_first_free_port() {
     local ret="$1"
     while :; do
-	if [[ "$ret" -ge 65536 ]]; then
+        if [[ "$ret" -ge 65536 ]]; then
-	    ret=1024
+            ret=1024
-	fi
+        fi
-	if ! nc -z 127.0.0.1 "$ret"; then
+        if ! nc -z 127.0.0.1 "$ret"; then
-	    break
+            break
-	fi
+        fi
-	ret=$((ret+1))
+        ret=$((ret+1))
     done
     echo "$ret"
     return 0

scripts/ocsp-stapling.test

@@ -27,7 +27,7 @@ fi
 if ./examples/client/client '-#' | fgrep -q -e ' -DTEST_IPV6 '; then
     if [[ "$IPV6_SUPPORTED" == "no" ]]; then
         echo 'Skipping IPV6 test in environment lacking IPV6 support.'
-	exit 0
+        exit 0
     fi
     LOCALHOST='[::1]'
     LOCALHOST_FOR_NC='::1'
@@ -69,12 +69,12 @@ wait_for_readyFile(){
     counter=0
 
     while [ ! -s "$1" -a "$counter" -lt 20 ]; do
-	if [[ -n "${2-}" ]]; then
+        if [[ -n "${2-}" ]]; then
-	    if ! kill -0 $2 2>&-; then
+            if ! kill -0 $2 2>&-; then
-		echo "pid $2 for port ${3-} exited before creating ready file.  bailing..."
+                echo "pid $2 for port ${3-} exited before creating ready file.  bailing..."
-		exit 1
+                exit 1
-	    fi
+            fi
-	fi
+        fi
         echo -e "waiting for ready file..."
         sleep 0.1
         counter=$((counter+ 1))
@@ -175,9 +175,9 @@ cleanup()
     rm -r "$WORKSPACE" || return 1
 
     if [[ ("$exit_status" == 1) && ($RETRIES_REMAINING -gt 0) ]]; then
-	echo "retrying..."
+        echo "retrying..."
-	RETRIES_REMAINING=$((RETRIES_REMAINING - 1))
+        RETRIES_REMAINING=$((RETRIES_REMAINING - 1))
-	exec $0 "$@"
+        exec $0 "$@"
     fi
 }
 trap cleanup EXIT INT TERM HUP
@@ -207,13 +207,13 @@ fi
 get_first_free_port() {
     local ret="$1"
     while :; do
-	if [[ "$ret" -ge 65536 ]]; then
+        if [[ "$ret" -ge 65536 ]]; then
-	    ret=1024
+            ret=1024
-	fi
+        fi
-	if ! nc -z $V4V6_FLAG $LOCALHOST_FOR_NC "$ret"; then
+        if ! nc -z $V4V6_FLAG $LOCALHOST_FOR_NC "$ret"; then
-	    break
+            break
-	fi
+        fi
-	ret=$((ret+1))
+        ret=$((ret+1))
     done
     echo "$ret"
     return 0

scripts/ocsp-stapling2.test

@@ -35,7 +35,7 @@ fi
 if ./examples/client/client '-#' | fgrep -q -e ' -DTEST_IPV6 '; then
     if [[ "$IPV6_SUPPORTED" == "no" ]]; then
         echo 'Skipping IPV6 test in environment lacking IPV6 support.'
-	exit 0
+        exit 0
     fi
     LOCALHOST='[::1]'
     LOCALHOST_FOR_NC='-6 ::1'
@@ -78,12 +78,12 @@ wait_for_readyFile(){
     counter=0
 
     while [ ! -s $1 -a "$counter" -lt 20 ]; do
-	if [[ -n "${2-}" ]]; then
+        if [[ -n "${2-}" ]]; then
-	    if ! kill -0 $2 2>&-; then
+            if ! kill -0 $2 2>&-; then
-		echo "pid $2 for port ${3-} exited before creating ready file.  bailing..."
+                echo "pid $2 for port ${3-} exited before creating ready file.  bailing..."
-		exit 1
+                exit 1
-	    fi
+            fi
-	fi
+        fi
         echo -e "waiting for ready file..."
         sleep 0.1
         counter=$((counter+ 1))
@@ -196,9 +196,9 @@ cleanup()
     rm -r "$WORKSPACE" || return 1
 
     if [[ ("$exit_status" == 1) && ($RETRIES_REMAINING -gt 0) ]]; then
-	echo "retrying..."
+        echo "retrying..."
-	RETRIES_REMAINING=$((RETRIES_REMAINING - 1))
+        RETRIES_REMAINING=$((RETRIES_REMAINING - 1))
-	exec $0 "$@"
+        exec $0 "$@"
     fi
 }
 trap cleanup EXIT INT TERM HUP
@@ -226,13 +226,13 @@ fi
 get_first_free_port() {
     local ret="$1"
     while :; do
-	if [[ "$ret" -ge 65536 ]]; then
+        if [[ "$ret" -ge 65536 ]]; then
-	    ret=1024
+            ret=1024
-	fi
+        fi
-	if ! nc -z ${LOCALHOST_FOR_NC} "$ret"; then
+        if ! nc -z ${LOCALHOST_FOR_NC} "$ret"; then
-	    break
+            break
-	fi
+        fi
-	ret=$((ret+1))
+        ret=$((ret+1))
     done
     echo "$ret"
     return 0

scripts/ocsp.test

@@ -27,14 +27,14 @@ if [ "$OUTPUT" = "SNI is: ON" ]; then
     printf '\n\n%s\n\n' "SNI is on, proceed with globalsign test"
 
     if [ "$AM_BWRAPPED" != "yes" ]; then
-	# is our desired server there?
+        # is our desired server there?
-	"${SCRIPT_DIR}/ping.test" $server 2
+        "${SCRIPT_DIR}/ping.test" $server 2
-	RESULT=$?
+        RESULT=$?
-	if [ $RESULT -ne 0 ]; then
+        if [ $RESULT -ne 0 ]; then
             GL_UNREACHABLE=1
-	fi
+        fi
     else
-	RESULT=0
+        RESULT=0
     fi
 
     if [ $RESULT -eq 0 ]; then

scripts/openssl.test

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 #openssl.test
 

scripts/ping.test

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # ping.test
 

scripts/pkcallbacks.test

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 #pkcallbacks.test
 

scripts/psk.test

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # psk.test
 # copyright wolfSSL 2016

scripts/resume.test

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 #resume.test
 

scripts/sniffer-testsuite.test

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 #sniffer-testsuite.test
 

scripts/sniffer-tls13-gen.sh

@@ -62,7 +62,7 @@ fi
 
 # Run ./scripts/sniffer-tls13-gen.sh hrr
 if [ "$1" == "hrr" ]; then
-    # TLS v1.3 Hello Retry Request 
+    # TLS v1.3 Hello Retry Request
     ./examples/server/server -v 4 -i -x -g &
     sleep 0.1
 

scripts/tls13.test

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # tls13.test
 # Copyright wolfSSL 2016-2021
@@ -138,9 +138,9 @@ fi
 do_cleanup
 echo ""
 
-cat ./wolfssl/options.h | grep -F -e 'NO_CERTS'
+grep -F -e 'NO_CERTS' ./wolfssl/options.h
 NO_CERTS=$?
-cat ./wolfssl/options.h | grep -F -e 'WOLFSSL_NO_CLIENT_AUTH'
+grep -F -e 'WOLFSSL_NO_CLIENT_AUTH' ./wolfssl/options.h
 NO_CLIENT_AUTH=$?
 if [ $NO_CERTS -ne 0 -a $NO_CLIENT_AUTH -ne 0 ]; then
     # TLS 1.3 mutual auth required but client doesn't send certificates.
@@ -312,4 +312,3 @@ do_cleanup
 echo -e "\nALL Tests Passed"
 
 exit 0
-

scripts/unit.test.in

@@ -3,10 +3,10 @@
 if [ "${AM_BWRAPPED-}" != "yes" ]; then
     bwrap_path="$(command -v bwrap)"
     if [ -n "$bwrap_path" ]; then
-	exec "$bwrap_path" --unshare-net --dev-bind / / "@builddir@/tests/unit.test" "$@"
+        exec "$bwrap_path" --unshare-net --dev-bind / / "@builddir@/tests/unit.test" "$@"
     else
-	exec "@builddir@/tests/unit.test" "$@"
+        exec "@builddir@/tests/unit.test" "$@"
     fi
 else
-	exec "@builddir@/tests/unit.test" "$@"
+        exec "@builddir@/tests/unit.test" "$@"
 fi

src/ssl.c

@@ -17573,7 +17573,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
             rd->flags |= WOLFSSL_BIO_FLAG_READ;
         if (wr && !(wr->flags & WOLFSSL_BIO_FLAG_WRITE))
             wr->flags |= WOLFSSL_BIO_FLAG_WRITE;
-        
+
         ssl->biord = rd;
         ssl->biowr = wr;
 

wrapper/python/wolfssl/.ubuntu-provisioner.sh

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 [ "$(whoami)" != "root" ] && echo "Sorry, you are not root." && exit 1