[openssl] openssl-3.0 update

Dr. Paul Dale pauli at openssl.org
Thu Sep 2 09:24:25 UTC 2021 

The branch openssl-3.0 has been updated
       via  bc0812acef4f9001d771c7aa95b0bae61709ff09 (commit)
      from  d24b979dbf247ed3eecf973f3ee669a2e3b59e8f (commit)


- Log -----------------------------------------------------------------
commit bc0812acef4f9001d771c7aa95b0bae61709ff09
Author: Pauli <pauli at openssl.org>
Date:   Fri Aug 27 10:37:35 2021 +1000

    CI: add last run-checker fuzzing CIs to Actions
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16438)
    
    (cherry picked from commit f92bfddc1d4c4957c57337d7f4192c586cc09a5c)

-----------------------------------------------------------------------

Summary of changes:
 .github/workflows/fuzz-checker.yml | 61 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)
 create mode 100644 .github/workflows/fuzz-checker.yml

diff --git a/.github/workflows/fuzz-checker.yml b/.github/workflows/fuzz-checker.yml
new file mode 100644
index 0000000000..5b784deb10
--- /dev/null
+++ b/.github/workflows/fuzz-checker.yml
@@ -0,0 +1,61 @@
+name: Fuzz-checker CI
+
+on: [push]
+
+jobs:
+  fuzz-checker:
+    strategy:
+      fail-fast: false
+      matrix:
+        fuzzy: [
+          {
+            name: AFL,
+            config: enable-fuzz-afl no-module,
+            install: afl++-clang,
+            cc: afl-clang-fast
+          }, {
+            name: libFuzzer,
+            config: enable-fuzz-libfuzzer -DPEDANTIC enable-asan enable-ubsan,
+            libs: --with-fuzzer-lib=/usr/lib/llvm-12/lib/libFuzzer.a --with-fuzzer-include=/usr/lib/llvm-12/build/lib/clang/12.0.0/include/fuzzer,
+            install: libfuzzer-12-dev,
+            cc: clang-12,
+            linker: clang++-12,
+            tests: -test_memleak
+          }, {
+            name: libFuzzer+,
+            config: enable-fuzz-libfuzzer -DPEDANTIC enable-asan enable-ubsan -fsanitize-coverage=trace-cmp -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION,
+            libs: --with-fuzzer-lib=/usr/lib/llvm-12/lib/libFuzzer.a --with-fuzzer-include=/usr/lib/llvm-12/build/lib/clang/12.0.0/include/fuzzer,
+            extra: enable-fips enable-ec_nistp_64_gcc_128 -fno-sanitize=alignment enable-tls1_3 enable-weak-ssl-ciphers enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-nextprotoneg,
+            install: libfuzzer-12-dev,
+            cc: clang-12,
+            linker: clang++-12,
+            tests: -test_memleak
+          }
+        ]
+    runs-on: ubuntu-latest
+    steps:
+    - name: install packages
+      run: |
+        sudo apt-get update
+        sudo apt-get -yq --force-yes install ${{ matrix.fuzzy.install }}
+    - uses: actions/checkout at v2
+
+    - name: config
+      run: |
+        CC=${{ matrix.fuzzy.cc }} ./config --banner=Configured no-shared \
+            ${{ matrix.fuzzy.config }} ${{ matrix.fuzzy.libs }} ${{ matrix.fuzzy.extra }}
+
+    - name: config dump
+      run: ./configdata.pm --dump
+    - name: make with explicit linker
+      if: matrix.fuzzy.linker != ''
+      run: LDCMD=${{ matrix.fuzzy.linker }} make -s -j4
+    - name: make sans explicit linker
+      if: matrix.fuzzy.linker == ''
+      run: make -s -j4
+    - name: make test restricted
+      if: matrix.fuzzy.tests != ''
+      run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} TESTS="${{ matrix.fuzzy.tests }}"
+    - name: make test all
+      if: matrix.fuzzy.tests == ''
+      run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}

More information about the openssl-commits mailing list