Commit Graph

70 Commits

Author SHA1 Message Date
Richard Levitte
1307af2283 Travis: The TLS 1.3 code isn't interoperable yet, move it to its own build
We should move it back to the BORINGTEST build when we are approaching
interoperability.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2123)
2016-12-21 18:56:42 +01:00
Kurt Roeckx
2fd54ebadf Enable TLS1.3 and PEDANTIC in the coverage target
This make sure that the coverage is the same for the fuzzers and this
coverage target

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2088
2016-12-16 01:08:22 +01:00
Kurt Roeckx
2886a69ca5 travis: Use no-shared for the FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION targets
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #2025
2016-12-05 21:12:06 +01:00
Kurt Roeckx
ef2bf0f57c Run a some tests with -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
The fuzzers use -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION, and actually
get different results based on that. We should have at least some
targets that actually fully use the fuzz corpora.

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
2016-12-03 00:14:15 +01:00
Kurt Roeckx
20d14461fb coveralls: Use gcov-5 since we build it using gcc-5
Reviewed-by: Emilia Käsper <emilia@openssl.org>

GH: #2003
2016-11-24 21:28:31 +01:00
Emilia Kasper
ab29eca645 Run BoringSSL tests on Travis
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-11-24 12:21:33 +01:00
Richard Levitte
7b19543841 Travis: add a strict build
Clang on Linux seems to catch things that we might miss otherwise.
Also, throw in 'no-deprecated' to make sure we test that as well.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1839)
2016-11-04 14:12:06 +01:00
Richard Levitte
5e28b1c1e0 Secure our notification email.
Forks will have to define their own

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1821)
2016-11-02 01:58:59 +01:00
Rich Salz
42e22c7c4f Revert "Disable MDC2 by default."
This reverts commit ca1574cec2.
Not suitabled for a minor release as it breaks the ABI.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-11-01 10:43:05 -04:00
Rich Salz
ca1574cec2 Disable MDC2 by default.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-10-31 15:06:06 -04:00
Rich Salz
211bf9f23f Add NPN to an SSL3 build
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1629)
2016-10-24 08:09:43 -04:00
Andy Polyakov
b3943604f5 .travis.yml: minor optimizations:
- make 'pip install --user cpp-coveralls' conditional;
- limit no-stdio to single build per operating environment;
- omit enable-asan duplicate;

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-10-11 09:16:15 +02:00
Andy Polyakov
47d7ede82f .travis.yml: install wine on demand.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-10-11 09:14:55 +02:00
Richard Levitte
047a5da249 Travis: Do asan and msan with shared libraries
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-09-08 17:54:56 +02:00
Richard Levitte
ffb261ff19 Add a "config" for verbosity and use it with Travis
Modify VMS config.com to match

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-08-16 10:38:45 +02:00
Richard Levitte
a4ffbbeef6 Make "make" less verbose in Travis, except for the build only case
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-08-16 10:38:45 +02:00
Richard Levitte
b4aaf194f0 Travis: add a build with no-stdio
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-05 21:18:15 +02:00
Emilia Kasper
cec0a002ff Add --gcov-options '\-lp' to coverage
Should result in more accurate header file coverage, see
https://github.com/eddyxu/cpp-coveralls/issues/54

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-08-05 18:01:39 +02:00
Emilia Kasper
ad0a0a3a99 Add a coverage target
Run tests with coverage and report to coveralls.io

For simplicity, this currently only adds a single target in a
configuration that attempts to maximize coverage. The true CI coverage
from all the various builds may be a little larger.

The coverage run has the following configuration:
- no-asm: since we can't track asm coverage anyway, might as well measure the
  non-asm code coverage.
- Enable various disabled-by-default options:
  - rc5
  - md2
  - ec_nistp_64_gcc_128
  - ssl3
  - ssl3-method
  - weak-ssl-ciphers

Finally, observe that no-pic implies no-shared, and therefore running
both builds in the matrix is redundant.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-08-05 18:01:39 +02:00
Richard Levitte
262ee9a2c2 Travis: When testing installation, build in separate dir, otherwise in checkout
The rationale is that installation from a tarball is a common task
that everyone performs.  For all other builds, we do specialised
tests, and might as well build them directly in the checkout, which
also gives us fuzz corpora.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-08-04 16:49:36 +02:00
Emilia Kasper
29df3061b3 Add memory sanitizer config, and run on travis.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-28 21:43:27 +02:00
Richard Levitte
941b10bd95 Have the Travis builds do a "make update"
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-19 13:04:51 +02:00
Matt Caswell
eb5561cd77 Ensure Travis tests SSLv3
Switch on Travis testing of SSLv3.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-07-18 14:30:14 +01:00
Rich Salz
6f60a5a1c6 Restore clang builds in travis.yml
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-30 08:51:16 -04:00
Richard Levitte
a3414dc82c Travis: When testing install, install docs as well
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-21 14:52:34 +02:00
Rich Salz
6feb3c587e Avoid using latest clang since repo not available
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-20 16:28:42 -04:00
Rich Salz
a15cfae656 (Temporarily) don't download clang package
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-06-14 16:58:37 -04:00
Emilia Kasper
a7cbe963c3 Travis: update sanitizer configs
- Use the new enable-ubsan and enable-asan configuration options.
- Separate ubsan and asan runs.
- In addition, run shared ubsan tests to get more coverage.
  (Shared asan tests need a bit more thought to get them working.)

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-30 18:47:32 +02:00
Richard Levitte
d227a302a3 Try 'make install' with one of the Travis configurations
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-03 12:28:49 +02:00
Richard Levitte
9bf6eff7fe Travis: _srcdist, not _srcdir
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-20 18:39:01 +02:00
Richard Levitte
45c6e23c97 Remove --classic build entirely
The Unix build was the last to retain the classic build scheme.  The
new unified scheme has matured enough, even though some details may
need polishing.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-20 16:04:56 +02:00
Matt Caswell
e951eca8b4 Update Travis and Appveyor for change to shared by default
Update the Travis and Appveyor builds to explicitly state no-shared where
applicable.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-14 22:23:12 +01:00
Emilia Kasper
cdbf577973 Disable some sanitizer checks without PEDANTIC
Code without PEDANTIC has intentional "undefined" behaviour. To get best
coverage for both PEDANTIC and non-PEDANTIC codepaths, run the sanitizer
builds in two different configurations:
1) Without PEDANTIC but with alignment checks disabled.
2) With PEDANTIC.

To not overload Travis too much, run one build with clang and the other
with gcc (chosen at random).

Also remove a micro-optimization in CAST code to be able to
-fsanitize=shift. Whether shift sanitization is meaningful for crypto or
an obstacle is debatable but since this appears to be the only offender,
we might as well keep the check for now.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-10 01:50:45 +02:00
Emilia Kasper
b591470700 Adjust --strict-warnings builds in Travis
In Travis, do --strict-warnings on BUILDONLY configurations. This
ensures that the tests run even if --strict-warnings fail, and avoids
hiding unrelated test failures.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-10 01:50:16 +02:00
Emilia Kasper
d7a275eee3 Travis: build tests in BUILDONLY mode
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-14 16:38:48 +01:00
Emilia Kasper
4b8574461b Workaround for false -Warray-bounds in Travis
ccache + clang produces a false strcmp warning, see
https://llvm.org/bugs/show_bug.cgi?id=20144

Since this only happens with ccache and --strict-warnings, and
only with certain versions of glibc / clang, disabling
ccache is a reasonable short-term workaround.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-12 17:57:01 +01:00
Richard Levitte
8cffddc0f2 Travis - add missing semi-colon
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-10 10:00:00 +01:00
Richard Levitte
a70ca74086 Travis - don't use ccache with cross compiles
Although theoretically possible, Configure doesn't treat CC variable
set like this very well: CC="ccache i686-w64-mingw32-gcc"
Also, this Travis script doesn't recognise the possibility either.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-10 02:53:41 +01:00
Richard Levitte
32e4cc0cde Travis - the source directory is _srcdist, not _srcdir
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-03-10 01:31:06 +01:00
Richard Levitte
64b9d84bfd When grepping something starting with a dash, remember to use -e
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-03-09 22:34:27 +01:00
Richard Levitte
b7aacc3ac3 Restore building out of source with the unified build scheme
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-09 17:13:56 +01:00
Richard Levitte
9cae86d56f Fix travis builds
Travis doesn't seem to know about 'expr'

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-08 17:38:08 +01:00
Richard Levitte
c9aad4ff4f Only enable ccache if it's available
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-08 16:59:27 +01:00
Richard Levitte
bd5fbfe22b Use ccache for the unified builds
This may speed up our builds considerably

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-08 16:59:27 +01:00
Richard Levitte
de439d4428 For unified builds, make a separate build directory and build there
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-08 16:59:27 +01:00
Richard Levitte
69633bb4c9 We've switch to unified build scheme by default, reflect it in travis
We want to preserve a couple of classic builds still, the quickest is
to change all --unified to --classic

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-08 12:06:44 +01:00
Emilia Kasper
210efa8bad Trim Travis config part 3
- Only build & test two configurations. Make all the
  other build variants buildonly on gcc (clang on osx).
- Don't build with default clang at all on linux.
- Only use gcc-5 and clang-3.6 for the sanitizer builds. Re-running
  e.g. CONFIG_OPTS="shared" with them seems redundant.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-07 22:08:23 +01:00
Emilia Kasper
56cd71b46e Restore some mingw builds
"no-pic" builds have in fact been green (and reasonably fast), so
restore them while we figure out why tests without "no-pic" hang.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-07 14:53:38 +01:00
Emilia Kasper
b63447c115 Trim Travis config part 2
- Remove Win builds (temporarily). They're slow, allowed to fail,
  and therefore not useful as they are.
- Make the --unified part of the matrix build-only. (This can be
  swapped if --unified becomes the default)
- Only build 'no-engine' once, don't run any tests, but don't allow it
  to fail.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-07 12:46:35 +01:00
Emilia Kasper
3135650970 Trim the Travis config
- Remove no-asm. We've got to cut something, and this is at least
  partially covered by the sanitizer builds.
- Remove enable-crypto-mdebug from sanitizer
  builds. enable-crypto-mdebug has been shown to catch some static
  initialization bugs that the standard leak sanitizer can't so
  perhaps it has _some_ value; but we shouldn't let the two compete.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-06 22:37:18 +01:00