Commit Graph

235 Commits

Author SHA1 Message Date
dependabot[bot]
51c85496dc Bump actions/setup-python from 4.7.1 to 5.0.0
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.7.1 to 5.0.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4.7.1...v5.0.0)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
CLA: trivial

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22963)
2023-12-20 11:43:32 +01:00
Matt Caswell
5ccd4dec6f Add a daily test for an alternative value for SSL3_ALIGN_PAYLOAD
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23021)
2023-12-19 10:47:29 +00:00
Dmitry Misharov
ce42b72cb1 run Windows GitHub CI workflow on self-hosted runners
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23042)
2023-12-19 11:11:28 +01:00
Dmitry Misharov
834a2d7088 run GitHub CI workflow on self-hosted runners
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23042)
2023-12-19 11:11:28 +01:00
Dmitry Misharov
625287bc80 run Cross Compiles workflow on self-hosted runner
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23042)
2023-12-19 11:11:28 +01:00
dependabot[bot]
c4496b8f5e Bump actions/download-artifact from 3 to 4
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

CLA: trivial

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23052)
2023-12-18 11:06:02 +01:00
dependabot[bot]
1ee0560f43 Bump actions/upload-artifact from 3 to 4
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

CLA: trivial

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23053)
2023-12-18 10:59:11 +01:00
Richard Levitte
266a3553d7 Modify 'out-of-source-and-install' to work with a read-only source tree
This also adds the configuration options 'enable-quic'.

Fixes #22907

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/22908)
2023-12-07 07:44:52 +01:00
Tomas Mraz
d177754686 fips-label.yml: Cleanup the FIPS artifact before downloading and unzipping ABIDIFF one
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22952)
2023-12-05 15:02:52 +01:00
Tomas Mraz
5cd004222d Use severity: ABI changed label instead of CI failure for ABIDIFF
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22901)
2023-12-05 14:40:05 +01:00
Dmitry Misharov
6b7a11d8aa Add self-hosted runners
Added self-hosted runners for freebsd-x86_64 and ubuntu-aarch64.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Anton Arapov <anton@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22804)
2023-11-30 08:48:58 +01:00
Tomas Mraz
40a24c20a8 When abidiff fails print out the XML diff
This can be useful for fixing the CI if needed
without the necessity to run abidw locally.

Also rename the CI job to make its purpose clearer.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22689)
2023-11-24 15:14:15 +01:00
Tomas Mraz
0414f89d5c Cross Compiles CI: Run evp tests on pull requests
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22750)
2023-11-23 15:13:53 +00:00
dependabot[bot]
5f6b08e218 Bump actions/github-script from 6 to 7
Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
CLA: trivial

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22730)
2023-11-15 11:37:46 +01:00
Neil Horman
dcfd8cfd4a Update ci and ABI xml files to validate function parameters
libabigail is currenly only validating symbol presence and version
information in ci.  We should also be validating function parameters,
types, etc.  To do this we need to build the library with -g so the
dwarf information is available for libabigail to interrogate

while we're at it, also add a script to re-generate the xml that abidiff
uses for comparison during ci runs, to make updates easier

Fixes #22712

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22713)
2023-11-15 11:08:17 +01:00
Tomas Mraz
456b32ba4f Rearrange some CI jobs
Those less useful should be in daily or on-push runs.

Those more likely triggering CI failure that do not
take too much time should be in main on pull request CI.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22693)
2023-11-14 13:57:23 +01:00
Tomas Mraz
9e75a0b911 Fix CI breakage due to ABIDIFF failure
Also sync libcrypto.num and libssl.num with 3.2 branch and
fix the EVP_DigestSqueeze symbol version.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/22688)
2023-11-10 16:38:39 +01:00
Neil Horman
4ede274cf9 Introduce libabigail checking in ci
It would be nice if we could monitor the consistency of our ABI from PR to PR,
to ensure there are no inadvertent changes to the library ABI.

Introduce a new CI job that runs the libabigail tools to build an ABI
representation of the PR-built library and compares it to a stored/expected
representation, reporting any discrepancies it finds.

Fixes #22571

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22589)
2023-11-06 07:52:27 +00:00
Neil Horman
796e5f9648 Create a rudimentary symbol scanning script
We would like to be able to log and audit the symbols we use in openssl
so that we might catch when a new platform symbols is referecned

Add such a script (just on unix platforms for now) that gathers the used
symbols not belonging to libcrypto or libssl, and compare it to a prior
known set of used symbols.  Error out if a new symbol is found

Add this script to the ci workflow in CI to capture newly
introduced platform symbols

Fixes #22330

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22478)
2023-11-01 16:32:26 +01:00
Sam James
bdcaa80fd5 CI: add Clang 17
Signed-off-by: Sam James <sam@gentoo.org>

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22570)
2023-11-01 16:24:21 +01:00
Dmitry Misharov
d030bac57c remove setup-perl actiond from windows jobs
Windows runner have Perl preinstalled.
https://github.com/actions/runner-images/blob/main/images/win/Windows2022-Readme.md

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/22555)
2023-11-01 10:55:51 +01:00
Tomas Mraz
dc1cc3e483 fuzz-checker.yml: Revert inadvertent change from fac61ea
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22501)
2023-10-25 10:05:27 +01:00
Tomas Mraz
fac61ea461 quic_record, quicapi, and quicfaults tests do not support fuzzing builds
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22472)
2023-10-23 13:45:09 +01:00
Tomas Mraz
bde5411049 run-checker-daily.yml: If the openssl app is not built do not run it
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22443)
2023-10-23 10:44:14 +01:00
Matt Caswell
27d8827052 Further tweaks to the CI runs for fuzzing
Have a new job just to run the fuzz tests with fuzzing build mode enabled.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
2023-10-23 10:08:22 +01:00
Matt Caswell
d8bf5ea19d Drop FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION for some builds
Some builds that weren't doing fuzzing were defining this which makes no
sense and is not appropriate for non-fuzzing builds.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22368)
2023-10-23 10:08:22 +01:00
Tomas Mraz
10767fd9db Windows CI: Add some non-default options to check they are working
Some of the non-default options that enable more
code to be built need to be enabled in one of the
Windows builds to avoid regressions.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22347)
2023-10-13 15:04:42 +02:00
Tomas Mraz
2989041548 provider-compatibility.yml: Correct the directory where opensslwrap.sh is being run
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22322)
2023-10-10 16:46:13 +02:00
Tomas Mraz
4ace824852 Windows CI: Continue on error during cpuinfo
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22293)
2023-10-06 11:18:00 +02:00
dependabot[bot]
456e6ca5d7 Bump suisei-cn/actions-download-file from 1.3.0 to 1.4.0
Bumps [suisei-cn/actions-download-file](https://github.com/suisei-cn/actions-download-file) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/suisei-cn/actions-download-file/releases)
- [Commits](https://github.com/suisei-cn/actions-download-file/compare/v1.3.0...v1.4.0)

---
updated-dependencies:
- dependency-name: suisei-cn/actions-download-file
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22268)
2023-10-04 19:14:20 +02:00
Tomas Mraz
4a1bdb0b7a coveralls: Drop no-shared and -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22222)
2023-10-03 17:23:58 +02:00
Dmitry Misharov
2d374e1c66 GH action workflows: Add cpu report before 'make test'
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22232)
2023-10-03 15:53:25 +02:00
Tomas Mraz
07829409b6 coveralls: Fix invocation of lcov
Fixes recent regression from commit febe8cf4de

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22258)
2023-10-03 08:39:49 +02:00
dependabot[bot]
f7e7bbcd78 Bump actions/setup-python from 4.7.0 to 4.7.1
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.7.0 to 4.7.1.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4.7.0...v4.7.1)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22254)
2023-10-03 08:32:51 +02:00
Dmitry Misharov
febe8cf4de remove files under test directory from coverage report
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22212)
2023-10-02 15:56:25 +02:00
Pauli
54e60d2a05 Provider cross version checks warning
Add a warning note to the provider cross version checks indicating that a
pull request branch will not be used if execution is set to on pull request.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)
2023-09-27 17:22:54 +01:00
Dmitry Misharov
e900942587 os zoo ci
Use a Github Actions expression to set value for the environment
variable.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22130)
2023-09-20 08:17:17 +10:00
Tomas Mraz
798d69c867 coveralls.yml: Improve coverage mapping and remove 1.1.1
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22104)
2023-09-17 22:13:16 +10:00
Pauli
8f51b2279e Use correct version of 3.1 build for FIPS provider.
We're (currently) intending to validate 3.1.2 against FIPS 140-3.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/22088)
2023-09-14 14:33:57 +10:00
dependabot[bot]
ebce766bb8 Bump coverallsapp/github-action from 2.2.1 to 2.2.3
Bumps [coverallsapp/github-action](https://github.com/coverallsapp/github-action) from 2.2.1 to 2.2.3.
- [Release notes](https://github.com/coverallsapp/github-action/releases)
- [Commits](https://github.com/coverallsapp/github-action/compare/v2.2.1...v2.2.3)

---
updated-dependencies:
- dependency-name: coverallsapp/github-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22012)
2023-09-08 10:15:29 +02:00
Matt Caswell
da1c088f59 Copyright year updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
2023-09-07 09:59:15 +01:00
Pauli
09d73d7ba1 fips compatibility: update 3.1.1 to 3.1.2
The plan at the moment is to validate 3.1.2 all going well.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21962)
2023-09-06 18:15:56 +10:00
dependabot[bot]
d4231af60a Bump actions/checkout from 2 to 4
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

CLA: trivial

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21953)
2023-09-05 10:02:04 +02:00
Tomas Mraz
975f372a6f Revert "drop! Make failing tests run on pull request to test"
This reverts commit 86051eb2bb.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21843)
2023-08-25 13:39:09 +02:00
Tomas Mraz
597ff76e28 Revert "drop! Make OS Zoo on pull request to test"
This reverts commit 467e5c1fb7.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21843)
2023-08-25 13:39:07 +02:00
Tomas Mraz
467e5c1fb7 drop! Make OS Zoo on pull request to test
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21825)
2023-08-25 12:05:34 +01:00
Tomas Mraz
86051eb2bb drop! Make failing tests run on pull request to test
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21823)
2023-08-25 12:04:00 +01:00
Xu Yizhou
6399d7856c Optimize SM2 on aarch64
Signed-off-by: Xu Yizhou <xuyizhou1@huawei.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20754)
2023-08-24 14:57:35 +02:00
dependabot[bot]
bdff325831 Bump coverallsapp/github-action from 2.2.0 to 2.2.1
Bumps [coverallsapp/github-action](https://github.com/coverallsapp/github-action) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/coverallsapp/github-action/releases)
- [Commits](https://github.com/coverallsapp/github-action/compare/v2.2.0...v2.2.1)

---
updated-dependencies:
- dependency-name: coverallsapp/github-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21454)
2023-07-14 10:12:21 +02:00
dependabot[bot]
dbe36351dc Bump actions/setup-python from 4.6.1 to 4.7.0
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.6.1 to 4.7.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4.6.1...v4.7.0)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21455)
2023-07-14 10:08:01 +02:00