1 # Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved.
3 # Licensed under the Apache License 2.0 (the "License"). You may not use
4 # this file except in compliance with the License. You can obtain a copy
5 # in the file LICENSE in the source distribution or at
6 # https://www.openssl.org/source/license.html
8 name: Run-checker daily
47 enable-crypto-mdebug-backtrace,
48 no-crypto-mdebug-backtrace,
60 enable-ec_nistp_64_gcc_128,
61 no-ec_nistp_64_gcc_128,
67 enable-fips enable-acvp-tests,
68 enable-fips no-tls1_3,
115 no-static-engine no-shared,
134 -DOPENSSL_NO_BUILTIN_OVERFLOW_CHECKING,
135 -DSSL3_ALIGN_PAYLOAD=4
137 runs-on: ubuntu-latest
139 - uses: actions/checkout@v4
140 - name: checkout fuzz/corpora submodule
141 run: git submodule update --init --depth 1 fuzz/corpora
143 run: CC=clang ./config --banner=Configured --strict-warnings ${{ matrix.opt }}
145 run: ./configdata.pm --dump
151 if [ -x apps/openssl ] ; then ./util/opensslwrap.sh version -c ; fi
153 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
156 runs-on: ubuntu-latest
158 - uses: actions/checkout@v4
159 - name: checkout fuzz/corpora submodule
160 run: git submodule update --init --depth 1 fuzz/corpora
161 - name: Install Dependencies for sctp option
164 sudo apt-get -yq install lksctp-tools libsctp-dev
166 - name: Check SCTP and enable auth
168 continue-on-error: true
171 sudo sysctl -w net.sctp.auth_enable=1
174 if: steps.sctp_auth.outcome == 'success' && steps.sctp_auth.conclusion == 'success'
175 run: CC=clang ./config --banner=Configured --strict-warnings enable-sctp
178 if: steps.sctp_auth.outcome == 'success' && steps.sctp_auth.conclusion == 'success'
179 run: ./configdata.pm --dump
182 if: steps.sctp_auth.outcome == 'success' && steps.sctp_auth.conclusion == 'success'
188 ./util/opensslwrap.sh version -c
191 if: steps.sctp_auth.outcome == 'success' && steps.sctp_auth.conclusion == 'success'
192 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
194 enable_brotli_dynamic:
195 runs-on: ubuntu-latest
197 - name: install brotli
200 sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install brotli libbrotli1 libbrotli-dev
201 - name: checkout openssl
202 uses: actions/checkout@v4
203 - name: checkout fuzz/corpora submodule
204 run: git submodule update --init --depth 1 fuzz/corpora
206 run: ./config enable-comp enable-brotli enable-brotli-dynamic && perl configdata.pm --dump
212 ./util/opensslwrap.sh version -c
214 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
217 runs-on: ubuntu-latest
222 sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install zstd libzstd1 libzstd-dev
223 - name: checkout openssl
224 uses: actions/checkout@v4
225 - name: checkout fuzz/corpora submodule
226 run: git submodule update --init --depth 1 fuzz/corpora
228 run: ./config enable-comp enable-zstd enable-zstd-dynamic && perl configdata.pm --dump
234 ./util/opensslwrap.sh version -c
236 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
238 enable_brotli_and_zstd_dynamic:
239 runs-on: ubuntu-latest
241 - name: install brotli and zstd
244 sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install brotli libbrotli1 libbrotli-dev
245 sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install zstd libzstd1 libzstd-dev
246 - name: checkout openssl
247 uses: actions/checkout@v4
248 - name: checkout fuzz/corpora submodule
249 run: git submodule update --init --depth 1 fuzz/corpora
251 run: ./config enable-comp enable-brotli enable-brotli-dynamic enable-zstd enable-zstd-dynamic && perl configdata.pm --dump
257 ./util/opensslwrap.sh version -c
259 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
261 enable_brotli_and_asan_ubsan:
262 runs-on: ubuntu-latest
264 - name: install brotli
267 sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install brotli libbrotli1 libbrotli-dev
268 - name: checkout openssl
269 uses: actions/checkout@v4
270 - name: checkout fuzz/corpora submodule
271 run: git submodule update --init --depth 1 fuzz/corpora
272 - name: Adjust ASLR for sanitizer
274 sudo cat /proc/sys/vm/mmap_rnd_bits
275 sudo sysctl -w vm.mmap_rnd_bits=28
277 run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-comp enable-brotli -DPEDANTIC && perl configdata.pm --dump
283 ./util/opensslwrap.sh version -c
285 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0
287 enable_zstd_and_asan_ubsan:
288 runs-on: ubuntu-latest
293 sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install zstd libzstd1 libzstd-dev
294 - name: checkout openssl
295 uses: actions/checkout@v4
296 - name: checkout fuzz/corpora submodule
297 run: git submodule update --init --depth 1 fuzz/corpora
298 - name: Adjust ASLR for sanitizer
300 sudo cat /proc/sys/vm/mmap_rnd_bits
301 sudo sysctl -w vm.mmap_rnd_bits=28
303 run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-comp enable-zstd -DPEDANTIC && perl configdata.pm --dump
309 ./util/opensslwrap.sh version -c
311 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0
316 os: [ ubuntu-latest, macos-13, macos-14 ]
317 runs-on: ${{matrix.os}}
319 - uses: actions/checkout@v4
320 - name: checkout fuzz/corpora submodule
321 run: git submodule update --init --depth 1 fuzz/corpora
323 run: CC=gcc ./config --banner=Configured enable-tfo --strict-warnings && perl configdata.pm --dump
327 run: ./util/opensslwrap.sh version -c
329 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
332 runs-on: ubuntu-latest
334 - uses: actions/checkout@v4
335 - name: checkout fuzz/corpora submodule
336 run: git submodule update --init --depth 1 fuzz/corpora
338 run: ./config --banner=Configured no-asm no-makedepend enable-buildtest-c++ enable-fips --strict-warnings -D_DEFAULT_SOURCE && perl configdata.pm --dump
344 ./util/opensslwrap.sh version -c
346 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}