mirror of
https://github.com/openssl/openssl.git
synced 2024-11-27 05:21:51 +08:00
97bfbb98b0
the openssl application attempts to load a config file on startup always, calling x509_get_default_cert_area() to locate the file. On Windows builds with -DOSSL_WINCTX set, this fails if the corresponding registry keys are unset. allow openssl to continue to function properly for applets that don't actually require a configuration file. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24450)
201 lines
7.6 KiB
YAML
201 lines
7.6 KiB
YAML
# Copyright 2021-2024 The OpenSSL Project Authors. All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
# this file except in compliance with the License. You can obtain a copy
|
|
# in the file LICENSE in the source distribution or at
|
|
# https://www.openssl.org/source/license.html
|
|
|
|
name: Windows GitHub CI
|
|
|
|
on: [pull_request, push]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
shared:
|
|
# Run a job for each of the specified target architectures:
|
|
strategy:
|
|
matrix:
|
|
os:
|
|
- windows-2019
|
|
- windows-2022
|
|
platform:
|
|
- arch: win64
|
|
config: enable-fips
|
|
- arch: win32
|
|
config: --strict-warnings no-fips
|
|
runs-on: ${{ github.server_url == 'https://github.com' && matrix.os || format('{0}-self-hosted', matrix.os) }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: checkout fuzz/corpora submodule
|
|
run: git submodule update --init --depth 1 fuzz/corpora
|
|
- uses: ilammy/msvc-dev-cmd@v1
|
|
with:
|
|
arch: ${{ matrix.platform.arch }}
|
|
- uses: ilammy/setup-nasm@v1
|
|
with:
|
|
platform: ${{ matrix.platform.arch }}
|
|
- name: prepare the build directory
|
|
run: mkdir _build
|
|
- name: config
|
|
working-directory: _build
|
|
run: |
|
|
perl ..\Configure --banner=Configured no-makedepend -DOSSL_WINCTX=openssl ${{ matrix.platform.config }}
|
|
perl configdata.pm --dump
|
|
- name: build
|
|
working-directory: _build
|
|
run: nmake /S
|
|
- name: download coreinfo
|
|
uses: suisei-cn/actions-download-file@v1.6.0
|
|
with:
|
|
url: "https://download.sysinternals.com/files/Coreinfo.zip"
|
|
target: _build/coreinfo/
|
|
- name: Gather openssl version info
|
|
working-directory: _build
|
|
run: |
|
|
apps/openssl.exe version -v
|
|
apps/openssl.exe version -v | %{($_ -split '\s+')[1]}
|
|
apps/openssl.exe version -v | %{($_ -split '\s+')[1] -replace '([0-9]+\.[0-9]+)(\..*)','$1'}
|
|
echo "OSSL_VERSION=$(apps/openssl.exe version -v | %{($_ -split '\s+')[1] -replace '([0-9]+\.[0-9]+)(\..*)','$1'})" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
|
|
- name: Set registry keys
|
|
working-directory: _build
|
|
run: |
|
|
echo ${Env:OSSL_VERSION}
|
|
reg.exe add HKLM\SOFTWARE\OpenSSL-${Env:OSSL_VERSION}-openssl /v OPENSSLDIR /t REG_EXPAND_SZ /d TESTOPENSSLDIR /reg:32
|
|
reg.exe add HKLM\SOFTWARE\OpenSSL-${Env:OSSL_VERSION}-openssl /v ENGINESDIR /t REG_EXPAND_SZ /d TESTOPENSSLDIR /reg:32
|
|
reg.exe add HKLM\SOFTWARE\OpenSSL-${Env:OSSL_VERSION}-openssl /v MODULESDIR /t REG_EXPAND_SZ /d TESTOPENSSLDIR /reg:32
|
|
reg.exe query HKLM\SOFTWARE\OpenSSL-${Env:OSSL_VERSION}-openssl /v OPENSSLDIR /reg:32
|
|
- name: get cpu info
|
|
working-directory: _build
|
|
continue-on-error: true
|
|
run: |
|
|
7z.exe x coreinfo/Coreinfo.zip
|
|
./Coreinfo64.exe -accepteula -f
|
|
./apps/openssl.exe version -c
|
|
- name: Check platform symbol usage
|
|
working-directory: _build
|
|
run: perl ../util/checkplatformsyms.pl ../util/platform_symbols/windows-symbols.txt libcrypto-3-x64.dll ./libssl-3-x64.dll
|
|
- name: test
|
|
working-directory: _build
|
|
run: nmake test VERBOSE_FAILURE=yes TESTS=-test_fuzz* HARNESS_JOBS=4
|
|
- name: install
|
|
# Run on 64 bit only as 32 bit is slow enough already
|
|
if: ${{ matrix.platform.arch == 'win64' }}
|
|
run: |
|
|
mkdir _dest
|
|
nmake install DESTDIR=_dest
|
|
working-directory: _build
|
|
plain:
|
|
strategy:
|
|
matrix:
|
|
os:
|
|
- windows-2019
|
|
- windows-2022
|
|
runs-on: ${{ github.server_url == 'https://github.com' && matrix.os || format('{0}-self-hosted', matrix.os) }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: checkout fuzz/corpora submodule
|
|
run: git submodule update --init --depth 1 fuzz/corpora
|
|
- uses: ilammy/msvc-dev-cmd@v1
|
|
- name: prepare the build directory
|
|
run: mkdir _build
|
|
- name: config
|
|
working-directory: _build
|
|
run: |
|
|
perl ..\Configure --banner=Configured enable-demos no-makedepend no-shared no-fips enable-md2 enable-rc5 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-trace enable-crypto-mdebug -DOSSL_WINCTX=openssl VC-WIN64A-masm
|
|
perl configdata.pm --dump
|
|
- name: build
|
|
working-directory: _build
|
|
run: nmake /S
|
|
- name: download coreinfo
|
|
uses: suisei-cn/actions-download-file@v1.6.0
|
|
with:
|
|
url: "https://download.sysinternals.com/files/Coreinfo.zip"
|
|
target: _build/coreinfo/
|
|
- name: get cpu info
|
|
working-directory: _build
|
|
continue-on-error: true
|
|
run: |
|
|
7z.exe x coreinfo/Coreinfo.zip
|
|
./Coreinfo64.exe -accepteula -f
|
|
./apps/openssl.exe version -c
|
|
- name: test
|
|
working-directory: _build
|
|
run: nmake test VERBOSE_FAILURE=yes HARNESS_JOBS=4
|
|
minimal:
|
|
strategy:
|
|
matrix:
|
|
os:
|
|
- windows-2019
|
|
- windows-2022
|
|
runs-on: ${{ github.server_url == 'https://github.com' && matrix.os || format('{0}-self-hosted', matrix.os) }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: checkout fuzz/corpora submodule
|
|
run: git submodule update --init --depth 1 fuzz/corpora
|
|
- uses: ilammy/msvc-dev-cmd@v1
|
|
- name: prepare the build directory
|
|
run: mkdir _build
|
|
- name: config
|
|
working-directory: _build
|
|
run: |
|
|
perl ..\Configure --banner=Configured enable-demos no-makedepend no-bulk no-deprecated no-fips no-asm no-threads -DOPENSSL_SMALL_FOOTPRINT -DOSSL_WINCTX=openssl
|
|
perl configdata.pm --dump
|
|
- name: build
|
|
working-directory: _build
|
|
run: nmake # verbose, so no /S here
|
|
- name: download coreinfo
|
|
uses: suisei-cn/actions-download-file@v1.6.0
|
|
with:
|
|
url: "https://download.sysinternals.com/files/Coreinfo.zip"
|
|
target: _build/coreinfo/
|
|
- name: get cpu info
|
|
working-directory: _build
|
|
continue-on-error: true
|
|
run: |
|
|
7z.exe x coreinfo/Coreinfo.zip
|
|
./Coreinfo64.exe -accepteula -f
|
|
./apps/openssl.exe version -c
|
|
- name: test
|
|
working-directory: _build
|
|
run: nmake test VERBOSE_FAILURE=yes TESTS=-test_fuzz* HARNESS_JOBS=4
|
|
cygwin:
|
|
# Run a job for each of the specified target architectures:
|
|
strategy:
|
|
matrix:
|
|
os:
|
|
- windows-2019
|
|
# really worth while running, too? cygwin should mask this
|
|
# - windows-2022
|
|
platform:
|
|
- arch: win64
|
|
config: -DCMAKE_C_COMPILER=gcc --strict-warnings enable-demos no-fips
|
|
# are we really learning sth new from win32? So let's save some CO2 for now disabling this
|
|
# - arch: win32
|
|
# config: -DCMAKE_C_COMPILER=gcc --strict-warnings no-fips
|
|
runs-on: ${{ github.server_url == 'https://github.com' && matrix.os || format('{0}-self-hosted', matrix.os) }}
|
|
env:
|
|
CYGWIN_NOWINPATH: 1
|
|
SHELLOPTS: igncr
|
|
# Don't overwhelm github CI VMs:
|
|
MAKE_PARAMS: -j 4
|
|
steps:
|
|
# Checkout before cygwin can mess with PATH...
|
|
- uses: actions/checkout@v4
|
|
- uses: cygwin/cygwin-install-action@master
|
|
with:
|
|
packages: perl git make gcc-core
|
|
- name: Check repo
|
|
run: cygcheck -V
|
|
- name: Full cygcheck status
|
|
run: cygcheck -s -v -r -h
|
|
# Activate this if checkout action fails:
|
|
# - name: Clone repo
|
|
# run: bash -c "pwd && git clone --branch ${{ github.ref_name }} --depth 1 https://github.com/${{ github.repository }}.git"
|
|
- name: Full build
|
|
run: bash -c "gcc --version && ./config ${{ matrix.platform.config }} && make $MAKE_PARAMS"
|
|
# Disable testing for now. TBD: Need local cygwin installation to debug .
|
|
# - name: Run openssl tests
|
|
# run: bash -c "cd openssl && make V=1 test"
|