[openssl] OpenSSL_1_1_1-stable update
nic.tuv at gmail.com
nic.tuv at gmail.com
Wed Aug 18 22:05:08 UTC 2021
The branch OpenSSL_1_1_1-stable has been updated
via a7ce0c00a2eb8fe88786c4eb28e9ed385581eab7 (commit)
via 9e12ea3ae5d546f2be11a7c9864c80e7a1adfd73 (commit)
via 854b6fa89afcd4a683b3e91d701a4a045db60ad7 (commit)
via ce5b8f101db2b96bf893ddcc4c5a16a07fc41751 (commit)
via 6398f974e9cb26a8508584e732b9683797125652 (commit)
via 7952f04ddf8065ba4df7887f91fd5199d34a9d11 (commit)
via aa23aa759cf33b4f481fc719d42cb7bae8b2eaf0 (commit)
via 4c7b49d37dd7957d534da9cb1ff9b15886e34cda (commit)
via 4c038f59a3d962715344168412e60be7e9785f0a (commit)
via 048c06124d19f82ddefd2aa270327def6e1be917 (commit)
via d9fdb3a69e4192266f71d579143b9d504ebfb014 (commit)
via c10d86c9fdbbbf615c98a8679cf0fddab29b0265 (commit)
from 9d868840b821fddf895e3bf6b589ecf6be7b1b13 (commit)
- Log -----------------------------------------------------------------
commit a7ce0c00a2eb8fe88786c4eb28e9ed385581eab7
Author: Pauli <pauli at openssl.org>
Date: Tue Aug 17 23:34:52 2021 +1000
[github-ci] Add comment about our approach to GitHub Actions CI
Reviewed-by: Nicola Tuveri <nic.tuv at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/16252)
commit 9e12ea3ae5d546f2be11a7c9864c80e7a1adfd73
Author: Nicola Tuveri <nic.tuv at gmail.com>
Date: Sat Aug 7 09:54:08 2021 +0300
[github-ci][run-checker-merge.yml] Disable ubsan build
This commit temporarily disables the ubsan build,
due to failures to be investigated in a dedicated PR.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16252)
commit 854b6fa89afcd4a683b3e91d701a4a045db60ad7
Author: Nicola Tuveri <nic.tuv at gmail.com>
Date: Sat Aug 7 13:49:03 2021 +0300
[github-ci][ci.yml] Disable memory sanitizer build
In 1.1.1 currently we do not support running multiple tests in parallel,
and the `--debug -O1` msan build required more than 3h to run the tests.
This commit temporarily disables this build configuration.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16252)
commit ce5b8f101db2b96bf893ddcc4c5a16a07fc41751
Author: Nicola Tuveri <nic.tuv at gmail.com>
Date: Sat Aug 7 10:15:16 2021 +0300
[github-ci][run-checker-ci.yml] Disable no-tls1_3 tests
This commit temporarily disables tests for no-tls1_3,
due to failures to be investigated in a dedicated PR.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16252)
commit 6398f974e9cb26a8508584e732b9683797125652
Author: Nicola Tuveri <nic.tuv at gmail.com>
Date: Sat Aug 7 09:54:08 2021 +0300
[github-ci][ci.yml] Disable pyca external tests
This commit temporarily disables pyca external tests,
due to failures to be investigated in a dedicated PR.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16252)
commit 7952f04ddf8065ba4df7887f91fd5199d34a9d11
Author: Nicola Tuveri <nic.tuv at gmail.com>
Date: Sat Aug 7 09:53:08 2021 +0300
[github-ci][ci.yml] Disable krb5 external tests
This commit temporarily disables krb5 external tests,
due to failures to be investigated in a dedicated PR.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16252)
commit aa23aa759cf33b4f481fc719d42cb7bae8b2eaf0
Author: Nicola Tuveri <nic.tuv at gmail.com>
Date: Sat Aug 7 09:46:19 2021 +0300
[github-ci][cross-compiles.yml] Disable sparcv9
This commit temporarily disables cross-compiling tests for sparcv9, due
to failures to be investigated in a dedicated PR.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16252)
commit 4c7b49d37dd7957d534da9cb1ff9b15886e34cda
Author: Nicola Tuveri <nic.tuv at gmail.com>
Date: Fri Aug 6 18:37:02 2021 +0300
[github-ci] Import run-checker daily workflow from master
The daily run-checker is scheduled to start at 6:42, instead of the
start of the hour.
The official GitHub documentation remarks the following regarding
scheduled workflows:
> Note: The schedule event can be delayed during periods of high loads
> of GitHub Actions workflow runs. High load times include the start of
> every hour. To decrease the chance of delay, schedule your workflow to
> run at a different time of the hour.
42, obviously, has been picked because it is the answer to the ultimate
question of life, the universe, and everything.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16252)
commit 4c038f59a3d962715344168412e60be7e9785f0a
Author: Nicola Tuveri <nic.tuv at gmail.com>
Date: Fri Aug 6 18:37:02 2021 +0300
[github-ci] Import run-checker workflows from master
This commit does not include the daily run-checker workflow.
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16252)
commit 048c06124d19f82ddefd2aa270327def6e1be917
Author: Nicola Tuveri <nic.tuv at gmail.com>
Date: Fri Aug 6 18:26:11 2021 +0300
[github-ci] Import cross-compiles.yml workflow from master
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16252)
commit d9fdb3a69e4192266f71d579143b9d504ebfb014
Author: Nicola Tuveri <nic.tuv at gmail.com>
Date: Fri Aug 6 17:55:31 2021 +0300
[github-ci] Import windows.yml workflow from master
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16252)
commit c10d86c9fdbbbf615c98a8679cf0fddab29b0265
Author: Nicola Tuveri <nic.tuv at gmail.com>
Date: Fri Aug 6 17:49:32 2021 +0300
[github-ci] Sync ci.yml workflow with master
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16252)
-----------------------------------------------------------------------
Summary of changes:
.github/workflows/README.md | 40 +++++
.github/workflows/ci.yml | 293 +++++++++++++++++++++++---------
.github/workflows/cross-compiles.yml | 153 +++++++++++++++++
.github/workflows/run-checker-ci.yml | 38 +++++
.github/workflows/run-checker-daily.yml | 126 ++++++++++++++
.github/workflows/run-checker-merge.yml | 35 ++++
.github/workflows/windows.yml | 93 ++++++++++
7 files changed, 700 insertions(+), 78 deletions(-)
create mode 100644 .github/workflows/README.md
create mode 100644 .github/workflows/cross-compiles.yml
create mode 100644 .github/workflows/run-checker-ci.yml
create mode 100644 .github/workflows/run-checker-daily.yml
create mode 100644 .github/workflows/run-checker-merge.yml
create mode 100644 .github/workflows/windows.yml
diff --git a/.github/workflows/README.md b/.github/workflows/README.md
new file mode 100644
index 0000000000..ac956f0cf4
--- /dev/null
+++ b/.github/workflows/README.md
@@ -0,0 +1,40 @@
+## Rationale about our design for the GitHub Actions CI
+
+The balance is between the time taken and the number of jobs.
+We're allowed 180 concurrent jobs in total across the entire project.
+Currently we're running about 60 on pull_request, a few more on push and
+a pile per day.
+So three simultaneous PRs should finish quickly enough.
+Given that most jobs run quickly, this could scale up to 5 or 6 without
+problem.
+
+Moving more jobs into the `pull_request` category will limit the number
+of parallel builds (from different PRs) we can handle.
+We got into quite some strife over this with our older CI hosts
+-- remember builds taking the best part of a day to run.
+We really want to avoid that again.
+
+I've been trying to limit total job time per job to around 20-30 minutes
+(there are some longer ones I know of), with most jobs running in the
+sub 5 minute range.
+There are some longer lived CIs -- up to an hour and I try to delegate
+these to push or daily rather than pull_request.
+
+Still, there is no hard and fast rule about what runs when or where.
+Make a suggestion about bettering the CIs -- Ideally I'd like the
+`pull_request` jobs to be the ones catching most of the problems and the
+push and daily being predictably boring successes.
+Just make an effort to rationally justify the inclusions/changes.
+
+Things like the sanitiser builds, we know catch problems often.
+So even though they are slow they are worthwhile on `pull_request`.
+A lot of the daily builds are unlikely to catch much since they are
+checking options can be turned off and on, so they are fine not running
+as much.
+The demarkation between `pull_request` and `pull_request + push` is the
+difficult choice.
+I believe we should do all pull_request jobs as part of push too.
+The question is how many more should there be.
+
+I don't have a good answer but I think we're converging on a practical
+number and we should get better as we gain experience.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 5822e36ccb..6b61af9c03 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,4 +1,5 @@
-name: GitHub CI
+---
+name: GitHub CI for 1.1.1
on: [pull_request, push]
@@ -22,7 +23,7 @@ jobs:
- name: make build_generated
run: make -s build_generated
- name: make update
- run: make -s update
+ run: make update
- name: git diff
run: git diff --exit-code
@@ -37,111 +38,247 @@ jobs:
- name: make doc-nits
run: make doc-nits
+ # This checks that we use ANSI C language syntax and semantics.
+ # We are not as strict with libraries, but rather adapt to what's
+ # expected to be available in a certain version of each platform.
+ check-ansi:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout at v2
+ - name: config
+ run: CPPFLAGS=-ansi ./config no-asm no-makedepend enable-buildtest-c++ --strict-warnings -D_DEFAULT_SOURCE && perl configdata.pm --dump
+ - name: make
+ run: make -s -j4
+
basic_gcc:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout at v2
- - name: config
- run: ./config --strict-warnings && perl configdata.pm --dump
- - name: make
- run: make -s -j4
- - name: make test
- run: make test
+ - uses: actions/checkout at v2
+ - name: config
+ run: CC=gcc ./config --strict-warnings && perl configdata.pm --dump
+ - name: make
+ run: make -s -j4
+ - name: make test
+ run: make test
basic_clang:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout at v2
- - name: config
- run: CC=clang ./config --strict-warnings && perl configdata.pm --dump
- - name: make
- run: make -s -j4
- - name: make test
- run: make test
+ - uses: actions/checkout at v2
+ - name: config
+ run: CC=clang ./config --strict-warnings && perl configdata.pm --dump
+ - name: make
+ run: make -s -j4
+ - name: make test
+ run: make test
minimal:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout at v2
- - name: config
- run: ./config --strict-warnings no-shared no-dso no-pic no-aria no-async no-autoload-config no-blake2 no-bf no-camellia no-cast no-chacha no-cmac no-cms no-comp no-ct no-des no-dgram no-dh no-dsa no-dtls no-ec2m no-engine no-filenames no-gost no-idea no-mdc2 no-md4 no-multiblock no-nextprotoneg no-ocsp no-ocb no-poly1305 no-psk no-rc2 no-rc4 no-rmd160 no-seed no-siphash no-sm2 no-sm3 no-sm4 no-srp no-srtp no-ssl3 no-ssl3-method no-ts no-ui-console no-whirlpool no-asm -DOPENSSL_NO_SECURE_MEMORY -DOPENSSL_SMALL_FOOTPRINT && perl configdata.pm --dump
- - name: make
- run: make -s -j4
- - name: make test
- run: make test
+ - uses: actions/checkout at v2
+ - name: config
+ run: ./config --strict-warnings no-shared no-dso no-pic no-aria no-async no-autoload-config no-blake2 no-bf no-camellia no-cast no-chacha no-cmac no-cms no-comp no-ct no-des no-dgram no-dh no-dsa no-dtls no-ec2m no-engine no-filenames no-gost no-idea no-mdc2 no-md4 no-multiblock no-nextprotoneg no-ocsp no-ocb no-poly1305 no-psk no-rc2 no-rc4 no-rmd160 no-seed no-siphash no-sm2 no-sm3 no-sm4 no-srp no-srtp no-ssl3 no-ssl3-method no-ts no-ui-console no-whirlpool no-asm -DOPENSSL_NO_SECURE_MEMORY -DOPENSSL_SMALL_FOOTPRINT && perl configdata.pm --dump
+ - name: make
+ run: make -j4 # verbose, so no -s here
+ - name: make test
+ run: make test
- out-of-tree_build:
+ no-deprecated:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout at v2
- - name: setup build dir
- run: |
- set -eux
- mkdir -p ${myblddir:=../_build/nest/a/little/more}
- echo "mysrcdir=$(realpath .)" | tee -a $GITHUB_ENV
- echo "myblddir=$(realpath $myblddir)" | tee -a $GITHUB_ENV
- - name: config
- run: set -eux ; cd ${{ env.myblddir }} && ${{ env.mysrcdir }}/config --strict-warnings && perl configdata.pm --dump
- - name: make build_generated
- run: set -eux; cd ${{ env.myblddir }} && make -s build_generated
- - name: make update
- run: set -eux; cd ${{ env.myblddir }} && make update
- - name: make
- run: set -eux; cd ${{ env.myblddir }} && make -s -j4
- - name: make test (minimal subset)
- run: set -eux; cd ${{ env.myblddir }} && make test TESTS='0[0-9]'
+ - uses: actions/checkout at v2
+ - name: config
+ run: ./config --strict-warnings no-deprecated && perl configdata.pm --dump
+ - name: make
+ run: make -s -j4
+ - name: make test
+ run: make test
- no-deprecated:
+ no-shared:
+ strategy:
+ matrix:
+ os: [ ubuntu-latest, macos-latest ]
+ runs-on: ${{matrix.os}}
+ steps:
+ - uses: actions/checkout at v2
+ - name: config
+ run: ./config --strict-warnings no-shared && perl configdata.pm --dump
+ - name: make
+ run: make -s -j4
+ - name: make test
+ run: make test
+
+ address_ub_sanitizer:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout at v2
- - name: config
- run: ./config --strict-warnings no-deprecated && perl configdata.pm --dump
- - name: make
- run: make -s -j4
- - name: make test
- run: make test
+ - uses: actions/checkout at v2
+ - name: config
+ run: ./config --debug enable-asan enable-ubsan enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 && perl configdata.pm --dump
+ - name: make
+ run: make -s -j4
+ - name: make test
+ run: make test OPENSSL_TEST_RAND_ORDER=0
- sanitizers:
+# The memory sanitizer build is temporarily disabled as in 1.1.1 we do
+# not support running tests in parallel and this build configuration
+# requires more than 3h to run all tests sequentially.
+# memory_sanitizer:
+# runs-on: ubuntu-latest
+# steps:
+# - uses: actions/checkout at v2
+# - name: config
+# # --debug -O1 is to produce a debug build that runs in a reasonable amount of time
+# run: CC=clang ./config --debug -O1 -fsanitize=memory -DOSSL_SANITIZE_MEMORY -fno-optimize-sibling-calls enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 && perl configdata.pm --dump
+# - name: make
+# run: make -s -j4
+# - name: make test
+# run: make test
+
+ threads_sanitizer:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout at v2
- - name: config
- run: ./config --debug enable-asan enable-ubsan enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 && perl configdata.pm --dump
- - name: make
- run: make -s -j4
- - name: make test
- run: make test OPENSSL_TEST_RAND_ORDER=0
+ - uses: actions/checkout at v2
+ - name: config
+ run: CC=clang ./config --strict-warnings -fsanitize=thread && perl configdata.pm --dump
+ - name: make
+ run: make -s -j4
+ - name: make test
+ run: make TESTS=test_threads test
enable_non-default_options:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout at v2
- - name: config
- run: ./config --strict-warnings no-ec enable-ssl-trace enable-zlib enable-zlib-dynamic enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-egd && perl configdata.pm --dump
- - name: make
- run: make -s -j4
- - name: make test
- run: make test
+ - uses: actions/checkout at v2
+ - name: config
+ run: ./config --strict-warnings no-ec enable-ssl-trace enable-zlib enable-zlib-dynamic enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-egd && perl configdata.pm --dump
+ - name: make
+ run: make -s -j4
+ - name: make test
+ run: make test
legacy:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout at v2
- - name: config
- run: ./config -Werror --debug no-afalgeng no-shared enable-crypto-mdebug enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 && perl configdata.pm --dump
- - name: make
- run: make -s -j4
- - name: make test
- run: make test
+ - uses: actions/checkout at v2
+ - name: config
+ run: ./config -Werror --debug no-afalgeng no-shared enable-crypto-mdebug enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 && perl configdata.pm --dump
+ - name: make
+ run: make -s -j4
+ - name: make test
+ run: make test
buildtest:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout at v2
- - name: config
- run: ./config no-makedepend enable-buildtest-c++ --strict-warnings -D_DEFAULT_SOURCE && perl configdata.pm --dump
- - name: make
- run: make -s -j4
- - name: make test
- run: make test
+ - uses: actions/checkout at v2
+ - name: config
+ run: ./config no-asm no-makedepend enable-buildtest-c++ --strict-warnings -D_DEFAULT_SOURCE && perl configdata.pm --dump
+ - name: make
+ run: make -s -j4
+ - name: make test
+ run: make test
+
+ out-of-tree_build:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout at v2
+ - name: setup build dir
+ run: |
+ set -eux
+ mkdir -p ${myblddir:=../_build/nest/a/little/more}
+ echo "mysrcdir=$(realpath .)" | tee -a $GITHUB_ENV
+ echo "myblddir=$(realpath $myblddir)" | tee -a $GITHUB_ENV
+ - name: config
+ run: set -eux ; cd ${{ env.myblddir }} && ${{ env.mysrcdir }}/config --strict-warnings && perl configdata.pm --dump
+ - name: make build_generated
+ run: set -eux; cd ${{ env.myblddir }} && make -s build_generated
+ - name: make update
+ run: set -eux; cd ${{ env.myblddir }} && make update
+ - name: make
+ run: set -eux; cd ${{ env.myblddir }} && make -s -j4
+ - name: make test (minimal subset)
+ run: set -eux; cd ${{ env.myblddir }} && make test TESTS='0[0-9]'
+
+ out-of-source-and-install:
+ strategy:
+ matrix:
+ os: [ubuntu-latest, macos-latest ]
+ runs-on: ${{matrix.os}}
+ steps:
+ - uses: actions/checkout at v2
+ - name: extra preparations
+ run: |
+ mkdir ./build
+ mkdir ./install_dir
+ - name: config
+ run: ../config --strict-warnings --prefix=$(cd ../install_dir; pwd) && perl configdata.pm --dump
+ working-directory: ./build
+ - name: make
+ run: make -s -j4
+ working-directory: ./build
+ - name: make test
+ run: make test
+ working-directory: ./build
+ - name: make install
+ run: make install
+ working-directory: ./build
+
+ external-tests:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout at v2
+ with:
+ submodules: recursive
+ - name: package installs
+ run: |
+ sudo apt-get update
+ sudo apt-get -yq install bison gettext keyutils ldap-utils libldap2-dev libkeyutils-dev python3 python3-paste python3-pyrad slapd tcsh python3-virtualenv virtualenv python3-kdcproxy
+ - name: install cpanm and Test2::V0 for gost_engine testing
+ uses: perl-actions/install-with-cpanm at v1
+ with:
+ install: Test2::V0
+ - name: setup hostname workaround
+ run: sudo hostname localhost
+ - name: config
+ run: ./config --strict-warnings --debug no-afalgeng enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 enable-external-tests && perl configdata.pm --dump
+ - name: make
+ run: make -s -j4
+ - name: test external gost-engine
+ run: make test TESTS="test_external_gost_engine" VERBOSE=1
+# krb5 testing temporarily disabled due to failures to be investigated separately
+# - name: test external krb5
+# run: make test TESTS="test_external_krb5" VERBOSE=1
+
+# pyca testing temporarily disabled due to failures to be investigated separately
+# external-test-pyca:
+# runs-on: ubuntu-latest
+# strategy:
+# matrix:
+# RUST:
+# - 1.51.0
+# PYTHON:
+# - 3.9
+# steps:
+# - uses: actions/checkout at v2
+# with:
+# submodules: recursive
+# - name: package installs
+# run: |
+# sudo apt-get update
+# sudo apt-get -yq install python3-virtualenv virtualenv
+# - name: Configure OpenSSL
+# run: ./config --strict-warnings --debug enable-external-tests && perl configdata.pm --dump
+# - name: make
+# run: make -s -j4
+# - name: Setup Python
+# uses: actions/setup-python at v2.2.2
+# with:
+# python-version: ${{ matrix.PYTHON }}
+# - uses: actions-rs/toolchain at v1
+# with:
+# profile: minimal
+# toolchain: ${{ matrix.RUST }}
+# override: true
+# default: true
+# - name: test external pyca
+# run: make test TESTS="test_external_pyca" VERBOSE=1
diff --git a/.github/workflows/cross-compiles.yml b/.github/workflows/cross-compiles.yml
new file mode 100644
index 0000000000..dfc6b15b90
--- /dev/null
+++ b/.github/workflows/cross-compiles.yml
@@ -0,0 +1,153 @@
+---
+name: Cross Compile for 1.1.1
+
+on: [pull_request, push]
+
+jobs:
+ cross-compilation:
+ strategy:
+ fail-fast: false
+ matrix:
+ # The platform matrix specifies:
+ # arch: the architecture to build for, this defines the tool-chain
+ # prefix {arch}- and the Debian compiler package gcc-{arch}
+ # name.
+ # libs: the Debian package for the necessary link/runtime libraries.
+ # target: the OpenSSL configuration target to use, this is passed
+ # directly to the config command line.
+ # tests: omit this to run all the tests using QEMU, set it to "none"
+ # to never run the tests, otherwise it's value is passed to
+ # the "make test" command to allow selectiving disabling of
+ # tests.
+ platform: [
+ {
+ arch: aarch64-linux-gnu,
+ libs: libc6-dev-arm64-cross,
+ target: linux-aarch64
+ }, {
+ arch: alpha-linux-gnu,
+ libs: libc6.1-dev-alpha-cross,
+ target: linux-alpha-gcc
+ }, {
+ arch: arm-linux-gnueabi,
+ libs: libc6-dev-armel-cross,
+ target: linux-armv4,
+ tests: -test_includes -test_store -test_x509_store
+ }, {
+ arch: arm-linux-gnueabihf,
+ libs: libc6-dev-armhf-cross,
+ target: linux-armv4,
+ tests: -test_includes -test_store -test_x509_store
+ }, {
+ arch: hppa-linux-gnu,
+ libs: libc6-dev-hppa-cross,
+ target: -static linux-generic32,
+ tests: -test_includes -test_store -test_x509_store
+ }, {
+ arch: m68k-linux-gnu,
+ libs: libc6-dev-m68k-cross,
+ target: -static -m68040 linux-generic32,
+ tests: -test_includes -test_store -test_x509_store
+ }, {
+ arch: mips-linux-gnu,
+ libs: libc6-dev-mips-cross,
+ target: -static linux-mips32,
+ tests: -test_includes -test_store -test_x509_store
+ }, {
+ arch: mips64-linux-gnuabi64,
+ libs: libc6-dev-mips64-cross,
+ target: -static linux64-mips64,
+ }, {
+ arch: mipsel-linux-gnu,
+ libs: libc6-dev-mipsel-cross,
+ target: linux-mips32,
+ tests: -test_includes -test_store -test_x509_store
+ }, {
+ arch: powerpc64le-linux-gnu,
+ libs: libc6-dev-ppc64el-cross,
+ target: linux-ppc64le
+ }, {
+ arch: riscv64-linux-gnu,
+ libs: libc6-dev-riscv64-cross,
+ target: linux64-riscv64
+ }, {
+ arch: s390x-linux-gnu,
+ libs: libc6-dev-s390x-cross,
+ target: linux64-s390x
+ }, {
+ arch: sh4-linux-gnu,
+ libs: libc6-dev-sh4-cross,
+ target: no-async linux-generic32,
+ tests: -test_includes -test_store -test_x509_store
+ },
+
+ # These build with shared libraries but they crash when run
+ # They mirror static builds above in order to cover more of the
+ # code base.
+ {
+ arch: hppa-linux-gnu,
+ libs: libc6-dev-hppa-cross,
+ target: linux-generic32,
+ tests: none
+ }, {
+ arch: m68k-linux-gnu,
+ libs: libc6-dev-m68k-cross,
+ target: -mcfv4e linux-generic32,
+ tests: none
+ }, {
+ arch: mips-linux-gnu,
+ libs: libc6-dev-mips-cross,
+ target: linux-mips32,
+ tests: none
+ }, {
+ arch: mips64-linux-gnuabi64,
+ libs: libc6-dev-mips64-cross,
+ target: linux64-mips64,
+ tests: none
+ },
+
+ # sparcv9 is temporarily disabled due to failures during compilation
+ # # This build doesn't execute either with or without shared libraries.
+ # {
+ # arch: sparc64-linux-gnu,
+ # libs: libc6-dev-sparc64-cross,
+ # target: linux64-sparcv9,
+ # tests: none
+ # }
+ ]
+ runs-on: ubuntu-latest
+ steps:
+ - name: install packages
+ run: |
+ sudo apt-get update
+ sudo apt-get -yq --force-yes install \
+ gcc-${{ matrix.platform.arch }} \
+ ${{ matrix.platform.libs }}
+ - uses: actions/checkout at v2
+
+ - name: config
+ run: |
+ ./Configure --strict-warnings \
+ --cross-compile-prefix=${{ matrix.platform.arch }}- \
+ ${{ matrix.platform.target }}
+ - name: config dump
+ run: ./configdata.pm --dump
+
+ - name: make
+ run: make -s -j4
+
+ - name: install qemu
+ if: github.event_name == 'push' && matrix.platform.tests != 'none'
+ run: sudo apt-get -yq --force-yes install qemu-user
+
+ - name: make all tests
+ if: github.event_name == 'push' && matrix.platform.tests == ''
+ run: |
+ make test \
+ QEMU_LD_PREFIX=/usr/${{ matrix.platform.arch }}
+ - name: make some tests
+ if: github.event_name == 'push' && matrix.platform.tests != 'none' && matrix.platform.tests != ''
+ run: |
+ make test \
+ TESTS="${{ matrix.platform.tests }}" \
+ QEMU_LD_PREFIX=/usr/${{ matrix.platform.arch }}
diff --git a/.github/workflows/run-checker-ci.yml b/.github/workflows/run-checker-ci.yml
new file mode 100644
index 0000000000..7a171bff9d
--- /dev/null
+++ b/.github/workflows/run-checker-ci.yml
@@ -0,0 +1,38 @@
+---
+name: Run-checker CI for 1.1.1
+# Jobs run per pull request submission
+on: [pull_request, push]
+jobs:
+ run-checker:
+ strategy:
+ fail-fast: false
+ matrix:
+ opt: [
+ no-cms,
+ no-ct,
+ no-dtls,
+ no-ec,
+ no-ec2m,
+ no-sock,
+ no-srp,
+ no-srtp,
+ enable-ssl-trace,
+ no-tests,
+ no-threads,
+ no-tls,
+# no-tls1_3 temporarily disabled due to failures to be investigated separately
+# no-tls1_3,
+ no-ts,
+ no-ui,
+ ]
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout at v2
+ - name: config
+ run: CC=clang ./config --strict-warnings ${{ matrix.opt }}
+ - name: config dump
+ run: ./configdata.pm --dump
+ - name: make
+ run: make -s -j4
+ - name: make test
+ run: make test
diff --git a/.github/workflows/run-checker-daily.yml b/.github/workflows/run-checker-daily.yml
new file mode 100644
index 0000000000..c1b0327ae3
--- /dev/null
+++ b/.github/workflows/run-checker-daily.yml
@@ -0,0 +1,126 @@
+---
+name: Run-checker daily for 1.1.1
+# Jobs run daily on 1.1.1
+
+on:
+ schedule:
+ - cron: '42 6 * * *'
+jobs:
+ run-checker:
+ strategy:
+ fail-fast: false
+ matrix:
+ opt: [
+ 386,
+ no-afalgeng,
+ no-aria,
+ no-asan,
+ no-asm,
+ no-async,
+ no-autoalginit,
+ no-autoerrinit,
+ no-autoload-config,
+ no-bf,
+ no-blake2,
+ no-buildtest-c++,
+ no-camellia,
+ no-capieng,
+ no-cast,
+ no-chacha,
+ no-cmac,
+ no-comp,
+ enable-crypto-mdebug,
+ no-crypto-mdebug,
+ enable-crypto-mdebug-backtrace,
+ no-crypto-mdebug-backtrace,
+ no-deprecated,
+ no-des,
+ no-devcryptoeng,
+ no-dh,
+ no-dsa,
+ no-dtls1,
+ no-dtls1_2,
+ no-dtls1_2-method,
+ no-dtls1-method,
+ no-ecdh,
+ no-ecdsa,
+ enable-ec_nistp_64_gcc_128,
+ no-ec_nistp_64_gcc_128,
+ enable-egd,
+ no-egd,
+ no-engine,
+ no-external-tests,
+# no-tls1_3 temporarily disabled due to failures to be investigated separately
+# no-tls1_3,
+ no-fuzz-afl,
+ no-fuzz-libfuzzer,
+ no-gost,
+ enable-heartbeats,
+ no-heartbeats,
+ no-hw,
+ no-hw-padlock,
+ no-idea,
+ no-makedepend,
+ enable-md2,
+ no-md2,
+ no-md4,
+ no-mdc2,
+ no-msan,
+ no-multiblock,
+ no-nextprotoneg,
+ no-ocb,
+ no-ocsp,
+ no-pic,
+ no-pinshared,
+ no-poly1305,
+ no-posix-io,
+ no-psk,
+ no-rc2,
+ no-rc4,
+ enable-rc5,
+ no-rc5,
+ no-rdrand,
+ no-rfc3779,
+ no-ripemd,
+ no-rmd160,
+ no-scrypt,
+ no-sctp,
+ no-seed,
+ no-shared,
+ no-siphash,
+ no-sm2,
+ no-sm3,
+ no-sm4,
+ no-sse2,
+ no-ssl,
+ no-ssl3,
+ no-ssl3-method,
+ no-ssl-trace,
+ no-static-engine no-shared,
+ no-stdio,
+ no-tls1,
+ no-tls1_1,
+ no-tls1_1-method,
+ no-tls1_2,
+ no-tls1_2-method,
+ no-tls1-method,
+ no-ubsan,
+ no-ui-console,
+ enable-unit-test,
+ no-weak-ssl-ciphers,
+ no-whirlpool,
+ no-zlib,
+ enable-zlib-dynamic,
+ no-zlib-dynamic,
+ ]
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout at v2
+ - name: config
+ run: CC=clang ./config --strict-warnings ${{ matrix.opt }}
+ - name: config dump
+ run: ./configdata.pm --dump
+ - name: make
+ run: make -s -j4
+ - name: make test
+ run: make test
diff --git a/.github/workflows/run-checker-merge.yml b/.github/workflows/run-checker-merge.yml
new file mode 100644
index 0000000000..29419a2396
--- /dev/null
+++ b/.github/workflows/run-checker-merge.yml
@@ -0,0 +1,35 @@
+---
+name: Run-checker merge for 1.1.1
+# Jobs run per merge to 1.1.1
+
+on: [push]
+jobs:
+ run-checker:
+ strategy:
+ fail-fast: false
+ matrix:
+ opt: [
+ enable-asan no-shared no-asm -DOPENSSL_SMALL_FOOTPRINT,
+ no-dgram,
+ no-dso,
+ no-dynamic-engine,
+ no-engine no-shared,
+ no-err,
+ no-filenames,
+# ubsan build is temporarily disabled, due to failures to be investigated separately
+# enable-ubsan no-asm -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment,
+ no-unit-test,
+ enable-weak-ssl-ciphers,
+ enable-zlib,
+ ]
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout at v2
+ - name: config
+ run: CC=clang ./config --strict-warnings ${{ matrix.opt }}
+ - name: config dump
+ run: ./configdata.pm --dump
+ - name: make
+ run: make -s -j4
+ - name: make test
+ run: make test
diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml
new file mode 100644
index 0000000000..c11242a56f
--- /dev/null
+++ b/.github/workflows/windows.yml
@@ -0,0 +1,93 @@
+---
+name: Windows GitHub CI for 1.1.1
+
+on: [pull_request, push]
+
+jobs:
+ shared:
+ # Run a job for each of the specified target architectures:
+ strategy:
+ matrix:
+ os:
+ - windows-latest
+ - windows-2016
+ platform:
+ - arch: win64
+ config: VC-WIN64A
+ - arch: win32
+ config: VC-WIN32 --strict-warnings
+ runs-on: ${{matrix.os}}
+ steps:
+ - uses: actions/checkout at v2
+ - uses: ilammy/msvc-dev-cmd at v1
+ with:
+ arch: ${{ matrix.platform.arch }}
+ - uses: ilammy/setup-nasm at v1
+ with:
+ platform: ${{ matrix.platform.arch }}
+ - name: prepare the build directory
+ run: mkdir _build
+ - name: config
+ working-directory: _build
+ run: |
+ perl ..\Configure no-makedepend ${{ matrix.platform.config }}
+ perl configdata.pm --dump
+ - name: build
+ working-directory: _build
+ run: nmake /S
+ - name: test
+ working-directory: _build
+ run: nmake test VERBOSE_FAILURE=yes TESTS=-test_fuzz*
+ - name: install
+ # Run on 64 bit only as 32 bit is slow enough already
+ if: $${{ matrix.platform.arch == 'win64' }}
+ run: |
+ mkdir _dest
+ nmake install DESTDIR=_dest
+ working-directory: _build
+ plain:
+ strategy:
+ matrix:
+ os:
+ - windows-latest
+ - windows-2016
+ runs-on: ${{matrix.os}}
+ steps:
+ - uses: actions/checkout at v2
+ - uses: ilammy/msvc-dev-cmd at v1
+ - name: prepare the build directory
+ run: mkdir _build
+ - name: config
+ working-directory: _build
+ run: |
+ perl ..\Configure no-makedepend no-shared VC-WIN64A-masm
+ perl configdata.pm --dump
+ - name: build
+ working-directory: _build
+ run: nmake /S
+ - name: test
+ working-directory: _build
+ run: nmake test VERBOSE_FAILURE=yes
+ minimal:
+ strategy:
+ matrix:
+ os:
+ - windows-latest
+ - windows-2016
+ runs-on: ${{matrix.os}}
+ steps:
+ - uses: actions/checkout at v2
+ - uses: ilammy/msvc-dev-cmd at v1
+ - name: prepare the build directory
+ run: mkdir _build
+ - name: config
+ working-directory: _build
+ run: |
+ perl ..\Configure no-makedepend no-deprecated no-asm -DOPENSSL_SMALL_FOOTPRINT VC-WIN64A
+ perl configdata.pm --dump
+ - name: build
+ working-directory: _build
+ run: nmake # verbose, so no /S here
+ - name: test
+ working-directory: _build
+ run: nmake test VERBOSE_FAILURE=yes TESTS=-test_fuzz*
More information about the openssl-commits
mailing list