From: Arran Cudbard-Bell Date: Sun, 1 Sep 2024 17:20:22 +0000 (-0600) Subject: Fix builds with alternative versions of OpenSSL X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c39dd3fbc1803557b609b9f17b998fbe2a1e602e;p=thirdparty%2Ffreeradius-server.git Fix builds with alternative versions of OpenSSL --- diff --git a/.github/actions/freeradius-alt-deps/action.yml b/.github/actions/freeradius-alt-deps/action.yml index db8fc44a1f..87e2648d1d 100644 --- a/.github/actions/freeradius-alt-deps/action.yml +++ b/.github/actions/freeradius-alt-deps/action.yml @@ -1,10 +1,20 @@ name: freeradius-alt-deps +inputs: + openssl_version: + description: 'The version of OpenSSL to build' + required: true + default: '3.0.1' + openssl_args: + description: 'Arguments to pass to OpenSSL configure' + required: true + default: | + --prefix=/opt/openssl \ + --openssldir=/usr/lib/ssl \ + --debug runs: using: composite - steps: - # # Build using some alternative libraries # @@ -12,28 +22,37 @@ runs: # MIT Kerberos -> HEIMDAL Kerberos # OpenSSL 1.0 -> OpenSSL 3.0 # - - name: 'Fetch OpenSSL 3.0 SHA' + - name: 'Fetch OpenSSL SHA' id: opensslshasum shell: bash run: | - wget -qO- http://www.openssl.org/source/openssl-$ALT_OPENSSL.tar.gz.sha256 | sed -ne 's/^\s\+/shasum=/p' >> $GITHUB_OUTPUT + wget -qO- http://www.openssl.org/source/openssl-${{ inputs.openssl_version }}.tar.gz.sha256 | sed -ne 's/^\s\+/shasum=/p' >> $GITHUB_OUTPUT - - name: 'Restore OpenSSL 3.0 from the cache' + - name: 'Restore OpenSSL from the cache' uses: actions/cache@v4 id: openssl-cache with: path: /opt/openssl/ - key: openssl3-${{ steps.opensslshasum.outputs.shasum }} + key: openssl3-${{ steps.opensslshasum.outputs.shasum }}-${{ inputs.openssl_args }} - - name: 'Build OpenSSL 3.0 (if cache stale)' + # + # Build OpenSSL from source + # + # We specify the system's normal home directory for OpenSSL + # so that the normal root certificates are available. + # + # If this causes problems in future, the system openssl.cnf + # can be overwritten with a custom one. + # + - name: 'Build OpenSSL (if cache stale)' if: ${{ steps.openssl-cache.outputs.cache-hit != 'true' }} shell: bash run: | cd ~ - wget https://www.openssl.org/source/openssl-$ALT_OPENSSL.tar.gz - tar xzf openssl-$ALT_OPENSSL.tar.gz - cd openssl-$ALT_OPENSSL - ./Configure --prefix=/opt/openssl --openssldir=. --debug + wget https://www.openssl.org/source/openssl-${{inputs.openssl_version}}.tar.gz + tar xzf openssl-${{inputs.openssl_version}}.tar.gz + cd openssl-${{inputs.openssl_version}} + ./Configure ${{ inputs.openssl_args }} make -j `nproc` make install_sw diff --git a/.github/workflows/ci-macos.yml b/.github/workflows/ci-macos.yml index 1beae9396d..878a5b3e41 100644 --- a/.github/workflows/ci-macos.yml +++ b/.github/workflows/ci-macos.yml @@ -21,7 +21,6 @@ env: DO_BUILD: yes HOSTAPD_BUILD_DIR: eapol_test.ci HOSTAPD_GIT_TAG: hostap_2_11 - ALT_OPENSSL: "3.0.2" DEBIAN_FRONTEND: noninteractive CI: 1 GH_ACTIONS: 1 diff --git a/.github/workflows/ci-sanitizers.yml b/.github/workflows/ci-sanitizers.yml index aee1ab93a4..48e11873da 100644 --- a/.github/workflows/ci-sanitizers.yml +++ b/.github/workflows/ci-sanitizers.yml @@ -23,7 +23,6 @@ env: DO_BUILD: yes HOSTAPD_BUILD_DIR: eapol_test.ci HOSTAPD_GIT_TAG: hostap_2_11 - ALT_OPENSSL: "3.0.2" DEBIAN_FRONTEND: noninteractive CI: 1 GH_ACTIONS: 1 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1627c51079..6b2d9e8c83 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -23,7 +23,6 @@ env: DO_BUILD: yes HOSTAPD_BUILD_DIR: eapol_test.ci HOSTAPD_GIT_TAG: hostap_2_11 - ALT_OPENSSL: "3.0.2" DEBIAN_FRONTEND: noninteractive CI: 1 GH_ACTIONS: 1