Commit graph

81 commits

Author SHA1 Message Date
Richard Levitte
2da3f9687f Correct travis.yml to only build extended tests when explicitely asked to
The check for this was done by checking if $TRAVIS_EVENT_TYPE is
"pull_request".  The trouble is that when new data is pushed to an
already existing pull request, the event type is "push".

Better then to go with another documented variable, $TRAVIS_PULL_REQUEST,
which is "false" in non-PR builds.

Ref: https://docs.travis-ci.com/user/environment-variables/#Default-Environment-Variables

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3205)
2017-04-12 19:28:28 +02:00
Pauli
9ff79fa3e1 Add enable-aria where rc5 and md2 are built.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3046)
2017-03-28 08:42:22 -04:00
Richard Levitte
cd838c6552 Travis: make a separate job for external tests
Some of the external tests do not run well with 'no-shared'

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3007)
2017-03-21 23:24:34 +01:00
Andy Polyakov
22df22e7c3 .travis.yml: make git submodule update conditional.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-03-14 21:06:03 +01:00
Emilia Kasper
703324a7e7 Update master Travis to Trusty
This gets us a newer Clang, and newer Go.
1.1.0 already runs on Trusty without issues.

To do this, we need to disable afalgeng in the -Werror build.

afalgeng isn't compatible with the -Werror build on
Travis Trusty due to kernel header mismatch.

(See also 97043e46aa)

Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-03-14 19:00:40 +01:00
Andy Polyakov
b169c0ec40 .travis.yml: introduce concept of "extended tests"
Since CI is engaged on per merge request basis, it can be wasteful to
run each request through all the tests, especially those resource
consuming. Idea is to mark most of tests as "extended" and provide a
way to opt-in by marking last commit with [extended tests] tag. It's
still not as optimal as one could wish, as decision to skip a test
still requires machine time, and it's taken in configured environment,
i.e. with updates and additional packages installed...

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2292)
2017-02-24 16:06:01 +01:00
Andy Polyakov
31c1db92c6 .travis.yml: make package pulls conditional.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2292)
2017-02-24 16:05:05 +01:00
Andy Polyakov
e12e903e9a .travis.yml: remove osx from build matrix.
Travis OS X utilization and backlog statistics suggest that it became
bottleneck for our integration builds with requests piling up for days
during working days of the week. Suggestion is to remove osx till
capacity is lesser issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-02-19 21:27:57 +01:00
Rich Salz
b08ee30bf4 Add no-ec build
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2626)
2017-02-14 13:15:32 -05:00
Rich Salz
65c1f979ee Review comments; fail build if nits found
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2202)
2017-01-12 09:31:36 -05:00
Richard Levitte
29ee1be50c Run find-doc-nits in travis
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2202)
2017-01-12 09:31:36 -05:00
Richard Levitte
1307af2283 Travis: The TLS 1.3 code isn't interoperable yet, move it to its own build
We should move it back to the BORINGTEST build when we are approaching
interoperability.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2123)
2016-12-21 18:56:42 +01:00
Kurt Roeckx
2fd54ebadf Enable TLS1.3 and PEDANTIC in the coverage target
This make sure that the coverage is the same for the fuzzers and this
coverage target

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2088
2016-12-16 01:08:22 +01:00
Kurt Roeckx
2886a69ca5 travis: Use no-shared for the FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION targets
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #2025
2016-12-05 21:12:06 +01:00
Kurt Roeckx
ef2bf0f57c Run a some tests with -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
The fuzzers use -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION, and actually
get different results based on that. We should have at least some
targets that actually fully use the fuzz corpora.

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2023
2016-12-03 00:14:15 +01:00
Kurt Roeckx
20d14461fb coveralls: Use gcov-5 since we build it using gcc-5
Reviewed-by: Emilia Käsper <emilia@openssl.org>

GH: #2003
2016-11-24 21:28:31 +01:00
Emilia Kasper
ab29eca645 Run BoringSSL tests on Travis
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-11-24 12:21:33 +01:00
Richard Levitte
7b19543841 Travis: add a strict build
Clang on Linux seems to catch things that we might miss otherwise.
Also, throw in 'no-deprecated' to make sure we test that as well.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1839)
2016-11-04 14:12:06 +01:00
Richard Levitte
5e28b1c1e0 Secure our notification email.
Forks will have to define their own

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1821)
2016-11-02 01:58:59 +01:00
Rich Salz
42e22c7c4f Revert "Disable MDC2 by default."
This reverts commit ca1574cec2.
Not suitabled for a minor release as it breaks the ABI.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-11-01 10:43:05 -04:00
Rich Salz
ca1574cec2 Disable MDC2 by default.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-10-31 15:06:06 -04:00
Rich Salz
211bf9f23f Add NPN to an SSL3 build
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1629)
2016-10-24 08:09:43 -04:00
Andy Polyakov
b3943604f5 .travis.yml: minor optimizations:
- make 'pip install --user cpp-coveralls' conditional;
- limit no-stdio to single build per operating environment;
- omit enable-asan duplicate;

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-10-11 09:16:15 +02:00
Andy Polyakov
47d7ede82f .travis.yml: install wine on demand.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-10-11 09:14:55 +02:00
Richard Levitte
047a5da249 Travis: Do asan and msan with shared libraries
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-09-08 17:54:56 +02:00
Richard Levitte
ffb261ff19 Add a "config" for verbosity and use it with Travis
Modify VMS config.com to match

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-08-16 10:38:45 +02:00
Richard Levitte
a4ffbbeef6 Make "make" less verbose in Travis, except for the build only case
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-08-16 10:38:45 +02:00
Richard Levitte
b4aaf194f0 Travis: add a build with no-stdio
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-05 21:18:15 +02:00
Emilia Kasper
cec0a002ff Add --gcov-options '\-lp' to coverage
Should result in more accurate header file coverage, see
https://github.com/eddyxu/cpp-coveralls/issues/54

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-08-05 18:01:39 +02:00
Emilia Kasper
ad0a0a3a99 Add a coverage target
Run tests with coverage and report to coveralls.io

For simplicity, this currently only adds a single target in a
configuration that attempts to maximize coverage. The true CI coverage
from all the various builds may be a little larger.

The coverage run has the following configuration:
- no-asm: since we can't track asm coverage anyway, might as well measure the
  non-asm code coverage.
- Enable various disabled-by-default options:
  - rc5
  - md2
  - ec_nistp_64_gcc_128
  - ssl3
  - ssl3-method
  - weak-ssl-ciphers

Finally, observe that no-pic implies no-shared, and therefore running
both builds in the matrix is redundant.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-08-05 18:01:39 +02:00
Richard Levitte
262ee9a2c2 Travis: When testing installation, build in separate dir, otherwise in checkout
The rationale is that installation from a tarball is a common task
that everyone performs.  For all other builds, we do specialised
tests, and might as well build them directly in the checkout, which
also gives us fuzz corpora.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-08-04 16:49:36 +02:00
Emilia Kasper
29df3061b3 Add memory sanitizer config, and run on travis.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-28 21:43:27 +02:00
Richard Levitte
941b10bd95 Have the Travis builds do a "make update"
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-19 13:04:51 +02:00
Matt Caswell
eb5561cd77 Ensure Travis tests SSLv3
Switch on Travis testing of SSLv3.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-07-18 14:30:14 +01:00
Rich Salz
6f60a5a1c6 Restore clang builds in travis.yml
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-30 08:51:16 -04:00
Richard Levitte
a3414dc82c Travis: When testing install, install docs as well
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-21 14:52:34 +02:00
Rich Salz
6feb3c587e Avoid using latest clang since repo not available
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-20 16:28:42 -04:00
Rich Salz
a15cfae656 (Temporarily) don't download clang package
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-06-14 16:58:37 -04:00
Emilia Kasper
a7cbe963c3 Travis: update sanitizer configs
- Use the new enable-ubsan and enable-asan configuration options.
- Separate ubsan and asan runs.
- In addition, run shared ubsan tests to get more coverage.
  (Shared asan tests need a bit more thought to get them working.)

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-30 18:47:32 +02:00
Richard Levitte
d227a302a3 Try 'make install' with one of the Travis configurations
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-03 12:28:49 +02:00
Richard Levitte
9bf6eff7fe Travis: _srcdist, not _srcdir
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-20 18:39:01 +02:00
Richard Levitte
45c6e23c97 Remove --classic build entirely
The Unix build was the last to retain the classic build scheme.  The
new unified scheme has matured enough, even though some details may
need polishing.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-20 16:04:56 +02:00
Matt Caswell
e951eca8b4 Update Travis and Appveyor for change to shared by default
Update the Travis and Appveyor builds to explicitly state no-shared where
applicable.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-14 22:23:12 +01:00
Emilia Kasper
cdbf577973 Disable some sanitizer checks without PEDANTIC
Code without PEDANTIC has intentional "undefined" behaviour. To get best
coverage for both PEDANTIC and non-PEDANTIC codepaths, run the sanitizer
builds in two different configurations:
1) Without PEDANTIC but with alignment checks disabled.
2) With PEDANTIC.

To not overload Travis too much, run one build with clang and the other
with gcc (chosen at random).

Also remove a micro-optimization in CAST code to be able to
-fsanitize=shift. Whether shift sanitization is meaningful for crypto or
an obstacle is debatable but since this appears to be the only offender,
we might as well keep the check for now.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-10 01:50:45 +02:00
Emilia Kasper
b591470700 Adjust --strict-warnings builds in Travis
In Travis, do --strict-warnings on BUILDONLY configurations. This
ensures that the tests run even if --strict-warnings fail, and avoids
hiding unrelated test failures.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-10 01:50:16 +02:00
Emilia Kasper
d7a275eee3 Travis: build tests in BUILDONLY mode
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-14 16:38:48 +01:00
Emilia Kasper
4b8574461b Workaround for false -Warray-bounds in Travis
ccache + clang produces a false strcmp warning, see
https://llvm.org/bugs/show_bug.cgi?id=20144

Since this only happens with ccache and --strict-warnings, and
only with certain versions of glibc / clang, disabling
ccache is a reasonable short-term workaround.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-12 17:57:01 +01:00
Richard Levitte
8cffddc0f2 Travis - add missing semi-colon
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-10 10:00:00 +01:00
Richard Levitte
a70ca74086 Travis - don't use ccache with cross compiles
Although theoretically possible, Configure doesn't treat CC variable
set like this very well: CC="ccache i686-w64-mingw32-gcc"
Also, this Travis script doesn't recognise the possibility either.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-10 02:53:41 +01:00
Richard Levitte
32e4cc0cde Travis - the source directory is _srcdist, not _srcdir
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-03-10 01:31:06 +01:00