Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit 59c4dc6

Browse files
notrojnotroj
committedFeb 29, 2024
Try just OpenSSL 3.2.0 build.
1 parent 1e43793 commit 59c4dc6

File tree

4 files changed

+20
-241
lines changed

4 files changed

+20
-241
lines changed
 

‎.github/workflows/linux.yml

+10-231
Original file line numberDiff line numberDiff line change
@@ -28,253 +28,32 @@ jobs:
2828
fail-fast: false
2929
matrix:
3030
include:
31-
# -------------------------------------------------------------------------
32-
- name: Empty APLOGNO() test
33-
env: |
34-
SKIP_TESTING=1
35-
TEST_LOGNO=1
36-
# -------------------------------------------------------------------------
37-
- name: Default
38-
# -------------------------------------------------------------------------
39-
- name: All-static modules
40-
config: --enable-mods-static=reallyall
41-
# -------------------------------------------------------------------------
42-
- name: Prefork MPM, all-modules (except cgid)
43-
config: --enable-mods-shared=reallyall --with-mpm=prefork --disable-cgid
44-
# -------------------------------------------------------------------------
45-
- name: Worker MPM, all-modules
46-
config: --enable-mods-shared=reallyall --with-mpm=worker
47-
# -------------------------------------------------------------------------
48-
- name: Shared MPMs, all-modules
49-
config: --enable-mods-shared=reallyall --enable-mpms-shared=all
50-
# -------------------------------------------------------------------------
51-
- name: Event MPM, all-modules, mod_cgid only
52-
config: --enable-mods-shared=reallyall --with-mpm=event --disable-cgi
53-
# -------------------------------------------------------------------------
54-
- name: Event MPM, all-modules, no CMSG_DATA
55-
config: --enable-mods-shared=reallyall --with-mpm=event ac_cv_have_decl_CMSG_DATA=no
56-
# -------------------------------------------------------------------------
57-
- name: Default, all-modules + install
58-
config: --enable-mods-shared=reallyall
59-
env: |
60-
TEST_INSTALL=1
61-
APACHE_TEST_EXTRA_ARGS=-v
62-
# -------------------------------------------------------------------------
63-
- name: Default, all-modules, random test order
64-
config: --enable-mods-shared=reallyall
65-
env: |
66-
TEST_ARGS=-order=random
67-
# -------------------------------------------------------------------------
68-
- name: GCC 10 maintainer-mode w/-Werror, install + VPATH
31+
- name: OpenSSL 3.2 build
6932
config: --enable-mods-shared=reallyall --enable-maintainer-mode
70-
notest-cflags: -Werror -O2
71-
env: |
72-
CC=gcc-10
73-
TEST_VPATH=1
74-
TEST_INSTALL=1
75-
SKIP_TESTING=1
76-
# -------------------------------------------------------------------------
77-
- name: All-modules, APR 1.7.4, APR-util 1.6.3
78-
config: --enable-mods-shared=reallyall
7933
env: |
34+
TEST_OPENSSL3=3.2.1
8035
APR_VERSION=1.7.4
8136
APU_VERSION=1.6.3
82-
APU_CONFIG="--with-crypto --with-ldap"
83-
# -------------------------------------------------------------------------
84-
- name: APR 1.8.x, APR-util 1.7.x
85-
config: --enable-mods-shared=reallyall
86-
env: |
87-
APR_VERSION=1.8.x
88-
APU_VERSION=1.7.x
89-
APU_CONFIG="--with-crypto --with-ldap"
90-
CLEAR_CACHE=1
91-
# -------------------------------------------------------------------------
92-
- name: Pool-debug
93-
config: --enable-mods-shared=reallyall
94-
env: |
95-
APR_VERSION=1.7.x
96-
APR_CONFIG="--enable-pool-debug"
97-
APU_VERSION=1.7.x
98-
APU_CONFIG="--with-crypto --with-ldap"
99-
TEST_MALLOC=1
100-
CLEAR_CACHE=1
101-
# -------------------------------------------------------------------------
102-
- name: Shared MPMs (event), pool-debug, SSL/TLS variants
103-
config: --enable-mods-shared=reallyall --enable-mpms-shared=all --with-mpm=event
104-
env: |
105-
APR_VERSION=1.7.x
106-
APR_CONFIG="--enable-pool-debug"
107-
APU_VERSION=1.7.x
108-
APU_CONFIG="--with-crypto --with-ldap"
109-
TEST_MALLOC=1
110-
TEST_SSL=1
111-
CLEAR_CACHE=1
112-
# -------------------------------------------------------------------------
113-
- name: Shared MPMs (worker), pool-debug, SSL/TLS variants
114-
config: --enable-mods-shared=reallyall --enable-mpms-shared=all --with-mpm=worker
115-
env: |
116-
APR_VERSION=1.7.x
117-
APR_CONFIG="--enable-pool-debug"
118-
APU_VERSION=1.7.x
119-
APU_CONFIG="--with-crypto --with-ldap"
120-
TEST_MALLOC=1
121-
TEST_SSL=1
122-
CLEAR_CACHE=1
123-
# -------------------------------------------------------------------------
124-
- name: Shared MPMs (prefork), pool-debug, SSL/TLS variants
125-
config: --enable-mods-shared=reallyall --enable-mpms-shared=all --with-mpm=prefork
126-
env: |
127-
APR_VERSION=1.7.x
128-
APR_CONFIG="--enable-pool-debug"
129-
APU_VERSION=1.7.x
130-
APU_CONFIG="--with-crypto --with-ldap"
131-
TEST_MALLOC=1
132-
TEST_SSL=1
37+
APU_CONFIG="--with-crypto"
13338
CLEAR_CACHE=1
134-
# -------------------------------------------------------------------------
135-
- name: litmus WebDAV tests
136-
config: --enable-dav --enable-dav-fs
137-
env: |
138-
LITMUS=1
139-
TESTS="t/modules/dav.t"
140-
pkgs: litmus
141-
# -------------------------------------------------------------------------
142-
- name: litmus WebDAV tests, APR trunk, LMDB
143-
config: --enable-dav --enable-dav-fs
144-
pkgs: litmus liblmdb-dev
145-
env: |
146-
APR_VERSION=trunk
147-
APR_CONFIG="--with-lmdb --with-dbm=lmdb"
148-
LITMUS=1
149-
TESTS="t/modules/dav.t"
150-
# -------------------------------------------------------------------------
151-
# MFLAGS= works around https://bz.apache.org/bugzilla/show_bug.cgi?id=63942
152-
## TODO if: *condition_not_24x
153-
- name: Regenerate ap_expr
39+
- name: OpenSSL 3.2 -Werror build
15440
config: --enable-mods-shared=reallyall --enable-maintainer-mode
155-
notest-cflags: -Werror -Wno-deprecated-declarations
156-
env: |
157-
BUILDCONFIG="--with-regen-expr"
158-
MFLAGS=
159-
# -------------------------------------------------------------------------
160-
- name: APR 1.7.4, APR-util 1.6.3, LDAP
161-
config: --enable-mods-shared=reallyall
162-
pkgs: ldap-utils
163-
env: |
164-
APR_VERSION=1.7.4
165-
APU_VERSION=1.6.3
166-
APU_CONFIG="--with-crypto --with-ldap"
167-
TEST_MALLOC=1
168-
TEST_LDAP=1
169-
TEST_ARGS="-defines LDAP"
170-
TESTS="t/modules/"
171-
# -------------------------------------------------------------------------
172-
### TODO: if: *condition_not_24x
173-
- name: APR trunk thread debugging
174-
config: --enable-mods-shared=reallyall --with-mpm=event
175-
env: |
176-
APR_VERSION=trunk
177-
APR_CONFIG="--with-crypto --enable-thread-debug"
178-
# -------------------------------------------------------------------------
179-
- name: UBSan
180-
notest-cflags: -fsanitize=undefined -fno-sanitize-recover=undefined
181-
config: --enable-mods-shared=reallyall --disable-http2
182-
env: |
183-
NOTEST_LIBS=-lubsan
184-
TEST_UBSAN=1
185-
# -------------------------------------------------------------------------
186-
- name: ASan
187-
notest-cflags: -ggdb -fsanitize=address -fno-sanitize-recover=address -fno-omit-frame-pointer
188-
config: --enable-mods-shared=reallyall
189-
env: |
190-
APR_VERSION=1.7.x
191-
APU_VERSION=1.7.x
192-
APU_CONFIG="--with-crypto --with-ldap"
193-
TEST_ASAN=1
194-
CLEAR_CACHE=1
195-
# -------------------------------------------------------------------------
196-
- name: ASan, pool-debug
197-
notest-cflags: -ggdb -fsanitize=address -fno-sanitize-recover=address -fno-omit-frame-pointer
198-
config: --enable-mods-shared=reallyall
199-
env: |
200-
APR_VERSION=1.7.x
201-
APR_CONFIG="--enable-pool-debug"
202-
APU_VERSION=1.7.x
203-
APU_CONFIG="--with-crypto --with-ldap"
204-
TEST_ASAN=1
205-
CLEAR_CACHE=1
206-
# -------------------------------------------------------------------------
207-
- name: HTTP/2 test suite
208-
config: --enable-mods-shared=reallyall --with-mpm=event --enable-mpms-shared=all
209-
pkgs: curl python3-pytest nghttp2-client python3-cryptography python3-requests python3-multipart python3-filelock python3-websockets
210-
env: |
211-
APR_VERSION=1.7.4
212-
APU_VERSION=1.6.3
213-
APU_CONFIG="--with-crypto"
214-
NO_TEST_FRAMEWORK=1
215-
TEST_INSTALL=1
216-
TEST_H2=1
217-
TEST_CORE=1
218-
TEST_PROXY=1
219-
# -------------------------------------------------------------------------
220-
### TODO: if: *condition_not_24x
221-
### TODO: pebble install is broken.
222-
# - name: ACME test suite
223-
# config: --enable-mods-shared=reallyall --with-mpm=event --enable-mpms-shared=event
224-
# pkgs: >-
225-
# python3-pytest nghttp2-client python3-cryptography python3-requests python3-filelock
226-
# golang-1.17 curl
227-
# env: |
228-
# APR_VERSION=1.7.4
229-
# APU_VERSION=1.6.3
230-
# APU_CONFIG="--with-crypto"
231-
# GOROOT=/usr/lib/go-1.17
232-
# NO_TEST_FRAMEWORK=1
233-
# TEST_INSTALL=1
234-
# TEST_MD=1
235-
# -------------------------------------------------------------------------
236-
### TODO: if: *condition_not_24x
237-
- name: MOD_TLS test suite
238-
config: --enable-mods-shared=reallyall --with-mpm=event --enable-mpms-shared=event
239-
pkgs: curl python3-pytest nghttp2-client python3-cryptography python3-requests python3-multipart python3-filelock python3-websockets cargo cbindgen
41+
notest-cflags: -Werror -O2
24042
env: |
43+
TEST_OPENSSL3=3.2.1
24144
APR_VERSION=1.7.4
24245
APU_VERSION=1.6.3
24346
APU_CONFIG="--with-crypto"
244-
RUSTLS_VERSION="v0.10.0"
245-
NO_TEST_FRAMEWORK=1
246-
TEST_INSTALL=1
247-
TEST_MOD_TLS=1
248-
- name: Configured w/reduced exports
249-
config: --enable-reduced-exports --enable-maintainer-mode
250-
env: |
251-
SKIP_TESTING=1
252-
TEST_INSTALL=1
253-
# -------------------------------------------------------------------------
254-
- name: OpenSSL 3.2.0 build
47+
CLEAR_CACHE=1
48+
- name: OpenSSL 3.2 no-engine build
25549
config: --enable-mods-shared=reallyall --enable-maintainer-mode
25650
env: |
257-
TEST_OPENSSL=3.2.0
51+
TEST_OPENSSL3=3.2.1
52+
OPENSSL_CONFIG=no-engine
25853
APR_VERSION=1.7.4
25954
APU_VERSION=1.6.3
26055
APU_CONFIG="--with-crypto"
261-
TEST_INSTALL=1
26256
CLEAR_CACHE=1
263-
### TODO if: *condition_not_24x
264-
### TODO: Fails because :i386 packages are not being found.
265-
# - name: i386 Shared MPMs, most modules, maintainer-mode w/-Werror
266-
# config: --enable-mods-shared=reallyall --disable-xml2enc --disable-proxy-html --enable-mpms-shared=all --enable-maintainer-mode
267-
# pkgs: >-
268-
# cpanminus libc6-dev-i386 gcc-multilib libexpat1-dev:i386 libssl-dev:i386
269-
# lib32z1-dev libbrotli-dev:i386 libpcre2-dev:i386 libldap2-dev:i386 libtool-bin
270-
# perl-doc libapr1-dev libbrotli-dev:i386
271-
# env: |
272-
# PKG_CONFIG_PATH="/usr/lib/i386-linux-gnu/pkgconfig"
273-
# NOTEST_CFLAGS="-Werror"
274-
# CC="gcc -m32"
275-
# APR_VERSION=1.7.0
276-
# APU_VERSION=1.6.3
277-
# APU_CONFIG="--with-crypto --with-ldap"
27857
runs-on: ubuntu-latest
27958
timeout-minutes: 30
28059
env:

‎modules/ssl/ssl_engine_pphrase.c

+7-9
Original file line numberDiff line numberDiff line change
@@ -979,21 +979,19 @@ apr_status_t modssl_load_engine_keypair(server_rec *s, apr_pool_t *p,
979979
const char *certid, const char *keyid,
980980
X509 **pubkey, EVP_PKEY **privkey)
981981
{
982-
#if MODSSL_HAVE_OPENSSL_STORE
982+
#if MODSSL_HAVE_ENGINE_API
983983
SSLModConfigRec *mc = myModConfig(s);
984984

985985
/* For OpenSSL 3.x, use the STORE-based API if either ENGINE
986986
* support was not present compile-time, or if it's built but
987987
* SSLCryptoDevice is not configured. */
988-
#if MODSSL_HAVE_ENGINE_API
989-
if (!mc->szCryptoDevice)
988+
if (mc->szCryptoDevice)
989+
return modssl_load_keypair_engine(s, p, vhostid, certid, keyid,
990+
pubkey, privkey);
990991
#endif
991-
return modssl_load_keypair_store(s, p, vhostid, certid, keyid,
992-
pubkey, privkey);
993-
#endif
994-
#if MODSSL_HAVE_ENGINE_API
995-
return modssl_load_keypair_engine(s, p, vhostid, certid, keyid,
996-
pubkey, privkey);
992+
#if MODSSL_HAVE_OPENSSL_STORE
993+
return modssl_load_keypair_store(s, p, vhostid, certid, keyid,
994+
pubkey, privkey);
997995
#else
998996
return APR_ENOTIMPL;
999997
#endif

‎test/travis_before_linux.sh

+1-1
Original file line numberDiff line numberDiff line change
@@ -115,7 +115,7 @@ if test -v TEST_OPENSSL3; then
115115
curl "https://www.openssl.org/source/openssl-${TEST_OPENSSL3}.tar.gz" |
116116
tar -xzf -
117117
cd openssl-${TEST_OPENSSL3}
118-
./Configure --prefix=$HOME/root/openssl3 shared no-tests
118+
./Configure --prefix=$HOME/root/openssl3 shared no-tests ${OPENSSL_CONFIG}
119119
make $MFLAGS
120120
make install_sw
121121
touch $HOME/root/openssl-is-${TEST_OPENSSL3}

‎test/travis_run_linux.sh

+2
Original file line numberDiff line numberDiff line change
@@ -62,6 +62,8 @@ fi
6262
if test -v TEST_OPENSSL3; then
6363
CONFIG="$CONFIG --with-ssl=$HOME/root/openssl3"
6464
export LD_LIBRARY_PATH=$HOME/root/openssl3/lib:$HOME/root/openssl3/lib64
65+
export PATH=$HOME/root/openssl3/bin:$PATH
66+
openssl version
6567
fi
6668

6769
srcdir=$PWD

0 commit comments

Comments
 (0)
Please sign in to comment.