- GUILD=/usr/bin/guild2.2
- guile_snarf=/usr/bin/guile-snarf2.2
- export GUILE GUILD guile_snarf
- - CFLAGS="-std=c99 -O2 -g" dash ./configure --disable-gcc-warnings --cache-file $CCACHE_FILE --prefix=/usr --libdir=/usr/lib64 --disable-cxx --disable-non-suiteb-curves --enable-gtk-doc --disable-maintainer-mode
+ - CFLAGS="-std=c99 -O2 -g" dash ./configure --disable-gcc-warnings --cache-file $CCACHE_FILE --prefix=/usr --libdir=/usr/lib64 --disable-cxx --disable-non-suiteb-curves --enable-gtk-doc --disable-maintainer-mode --with-pkcs12-iter-count=10000
- make -j$BUILDJOBS -C doc stamp-vti
- make -j$BUILDJOBS -C doc stamp-1
- make -j$BUILDJOBS -C doc stamp_enums
- export LSAN_OPTIONS=suppressions=$(pwd)/devel/lsan.supp
- export CFLAGS="-std=c99 -O1 -g -Wno-cpp -Werror -fno-omit-frame-pointer -fsanitize=undefined,bool,alignment,null,enum,bounds-strict,address,leak,nonnull-attribute -fno-sanitize-recover=all -fsanitize-address-use-after-scope"
- export CXXFLAGS="$CFLAGS"
- - dash ./configure --cache-file $CCACHE_FILE --disable-guile --disable-doc --disable-hardware-acceleration
+ - dash ./configure --cache-file $CCACHE_FILE --disable-guile --disable-doc --disable-hardware-acceleration --with-pkcs12-iter-count=10000
- sed -i 's/-Werror/-Wno-parentheses -Werror/g' src/Makefile
- make -j$BUILDJOBS
# Use $BUILDJOBS since the fuzzers should use mainly CPU (no blocking I/O)
- make -j$BUILDJOBS check -C fuzz GNUTLS_CPUID_OVERRIDE=0x8
- make -j$BUILDJOBS check -C fuzz GNUTLS_CPUID_OVERRIDE=0x20
- make -j$CHECKJOBS check -C tests
- - dash ./configure --cache-file $CCACHE_FILE --disable-guile --disable-doc --disable-hardware-acceleration --with-default-trust-store-pkcs11="pkcs11:" --with-system-priority-file=/etc/crypto-policies/back-ends/gnutls.config --with-default-priority-string=@SYSTEM
+ - dash ./configure --cache-file $CCACHE_FILE --disable-guile --disable-doc --disable-hardware-acceleration --with-pkcs12-iter-count=10000 --with-default-trust-store-pkcs11="pkcs11:" --with-system-priority-file=/etc/crypto-policies/back-ends/gnutls.config --with-default-priority-string=@SYSTEM
- make clean
- sed -i 's/-Werror/-Wno-parentheses -Werror/g' src/Makefile
- make -j$BUILDJOBS
- export LSAN_OPTIONS=suppressions=$(pwd)/devel/lsan.supp
- export CFLAGS="-std=c99 -O1 -g -Wno-cpp -Werror -fno-omit-frame-pointer -fsanitize=undefined,bool,alignment,null,enum,bounds-strict,address,leak,nonnull-attribute -fno-sanitize-recover=all -fsanitize-address-use-after-scope -DAGGRESSIVE_REALLOC"
- export CXXFLAGS="$CFLAGS"
- - dash ./configure --cache-file $CCACHE_FILE --disable-guile --disable-doc --disable-hardware-acceleration
+ - dash ./configure --cache-file $CCACHE_FILE --disable-guile --disable-doc --disable-hardware-acceleration --with-pkcs12-iter-count=10000
- sed -i 's/-Werror/-Wno-parentheses -Werror/g' src/Makefile
- make -j$BUILDJOBS
# Use $BUILDJOBS since the fuzzers should use mainly CPU (no blocking I/O)
- make -j$BUILDJOBS check -C fuzz GNUTLS_CPUID_OVERRIDE=0x8
- make -j$BUILDJOBS check -C fuzz GNUTLS_CPUID_OVERRIDE=0x20
- make -j$CHECKJOBS check -C tests
- - dash ./configure --cache-file $CCACHE_FILE --disable-guile --disable-doc --disable-hardware-acceleration --with-default-trust-store-pkcs11="pkcs11:" --with-system-priority-file=/etc/crypto-policies/back-ends/gnutls.config --with-default-priority-string=@SYSTEM
+ - dash ./configure --cache-file $CCACHE_FILE --disable-guile --disable-doc --disable-hardware-acceleration --with-pkcs12-iter-count=10000 --with-default-trust-store-pkcs11="pkcs11:" --with-system-priority-file=/etc/crypto-policies/back-ends/gnutls.config --with-default-priority-string=@SYSTEM
- make clean
- sed -i 's/-Werror/-Wno-parentheses -Werror/g' src/Makefile
- make -j$BUILDJOBS
needs:
- fedora/bootstrap
script:
- - dash ./configure --cache-file $CCACHE_FILE --disable-gcc-warnings --disable-full-test-suite --disable-doc --disable-guile --disable-tools --enable-tests
+ - dash ./configure --cache-file $CCACHE_FILE --disable-gcc-warnings --disable-full-test-suite --disable-doc --disable-guile --disable-tools --enable-tests --with-pkcs12-iter-count=10000
- make -j$BUILDJOBS
# build tests, but don't execute them
- make -j$BUILDJOBS check TESTS=""
--disable-gcc-warnings --with-system-priority-file=""
--disable-gost
--disable-guile
+ --with-pkcs12-iter-count=10000
- make -j$BUILDJOBS
# build tests, but don't execute them
- make -j$BUILDJOBS check TESTS=""
- fedora/bootstrap
script:
- update-crypto-policies --set LEGACY
- - dash ./configure --disable-tls13-interop --disable-gcc-warnings --cache-file $CCACHE_FILE --enable-sha1-support --enable-ssl3-support --enable-seccomp-tests --disable-doc --disable-guile --disable-strict-der-time
+ - dash ./configure --disable-tls13-interop --disable-gcc-warnings --cache-file $CCACHE_FILE --enable-sha1-support --enable-ssl3-support --enable-seccomp-tests --disable-doc --disable-guile --disable-strict-der-time --with-pkcs12-iter-count=10000
- make -j$BUILDJOBS
# build tests, but don't execute them
- make -j$BUILDJOBS check TESTS=""
needs:
- fedora/bootstrap
script:
- - dash ./configure --disable-gcc-warnings --cache-file $CCACHE_FILE --disable-non-suiteb-curves --enable-fips140-mode --disable-doc --disable-full-test-suite --disable-guile
+ - dash ./configure --disable-gcc-warnings --cache-file $CCACHE_FILE --disable-non-suiteb-curves --enable-fips140-mode --disable-doc --disable-full-test-suite --disable-guile --with-pkcs12-iter-count=10000
- make -j$BUILDJOBS
# build tests, but don't execute them
- GNUTLS_FORCE_FIPS_MODE=1 make -j$BUILDJOBS check TESTS=""
- make -j$BUILDJOBS
- make -j$BUILDJOBS install
- popd
- - PKG_CONFIG_PATH=${PWD}/$NETTLE_DIR/lib64/pkgconfig dash ./configure --disable-gcc-warnings --disable-doc --disable-guile
+ - PKG_CONFIG_PATH=${PWD}/$NETTLE_DIR/lib64/pkgconfig dash ./configure --disable-gcc-warnings --disable-doc --disable-guile --with-pkcs12-iter-count=10000
- make -j$BUILDJOBS
- make -j$BUILDJOBS check TESTS=""
- fedora/bootstrap
script:
# gcc in fedora31 inlines strcmp in a way that causes valgrind errors
- - CFLAGS="-O2 -g -fno-builtin-strcmp" ./configure --disable-gcc-warnings --disable-doc --cache-file $CCACHE_FILE --disable-guile --disable-full-test-suite --enable-valgrind-tests
+ - CFLAGS="-O2 -g -fno-builtin-strcmp" ./configure --disable-gcc-warnings --disable-doc --cache-file $CCACHE_FILE --disable-guile --disable-full-test-suite --enable-valgrind-tests --with-pkcs12-iter-count=10000
- make -j$BUILDJOBS
- make -j$BUILDJOBS check TESTS=""
only:
- fedora/bootstrap
script:
# gcc in fedora31 inlines strcmp in a way that causes valgrind errors
- - CFLAGS="-O2 -g -fno-builtin-strcmp -DAGGRESSIVE_REALLOC" ./configure --disable-gcc-warnings --disable-doc --cache-file $CCACHE_FILE --disable-guile --disable-full-test-suite --enable-valgrind-tests
+ - CFLAGS="-O2 -g -fno-builtin-strcmp -DAGGRESSIVE_REALLOC" ./configure --disable-gcc-warnings --disable-doc --cache-file $CCACHE_FILE --disable-guile --disable-full-test-suite --enable-valgrind-tests --with-pkcs12-iter-count=10000
- make -j$BUILDJOBS
- make -j$BUILDJOBS check TESTS=""
only:
- fedora/bootstrap
script:
- CFLAGS="-fsanitize=thread -g -O2" CXXFLAGS=$CFLAGS
- dash ./configure --disable-gcc-warnings --disable-doc --cache-file $CCACHE_FILE --disable-non-suiteb-curves --disable-guile --enable-fips140-mode --disable-full-test-suite
+ dash ./configure --disable-gcc-warnings --disable-doc --cache-file $CCACHE_FILE --disable-non-suiteb-curves --disable-guile --enable-fips140-mode --disable-full-test-suite --with-pkcs12-iter-count=10000
- make -j$BUILDJOBS
- make -j$BUILDJOBS -C tests check SUBDIRS=. TESTS="" TSAN_OPTIONS="suppressions=$(pwd)/devel/tsan.supp" GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS=1 GNUTLS_FORCE_FIPS_MODE=1
- fedora/bootstrap
#TODO originally, before_script was set to "/bin/true".. is there a reason not to create the cache?
script:
- - scan-build ./configure --cache-file $CCACHE_FILE --disable-doc --disable-guile --enable-fips140-mode
+ - scan-build ./configure --cache-file $CCACHE_FILE --disable-doc --disable-guile --enable-fips140-mode --with-pkcs12-iter-count=10000
- make -j$BUILDJOBS syntax-check gnulib_dir=$GNULIB_SRCDIR
- make -j$BUILDJOBS -C gl
- scan-build --status-bugs -o scan-build-lib make -j$BUILDJOBS -C lib
- GUILD=/usr/bin/guild2.2
- guile_snarf=/usr/bin/guile-snarf2.2
- export GUILE GUILD guile_snarf
- - CFLAGS="-g -Og" dash ./configure --disable-gcc-warnings --cache-file $CCACHE_FILE --prefix=/usr --libdir=/usr/lib64 --enable-code-coverage --disable-maintainer-mode --disable-doc
+ - CFLAGS="-g -Og" dash ./configure --disable-gcc-warnings --cache-file $CCACHE_FILE --prefix=/usr --libdir=/usr/lib64 --enable-code-coverage --disable-maintainer-mode --disable-doc --with-pkcs12-iter-count=10000
- make -j$BUILDJOBS
- make -j$BUILDJOBS check TESTS=""
tags:
needs:
- debian/bootstrap
script:
- - dash ./configure --enable-oldgnutls-interop --disable-gcc-warnings --cache-file $CCACHE_FILE --disable-doc --disable-guile LDFLAGS='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now'
+ - dash ./configure --enable-oldgnutls-interop --disable-gcc-warnings --cache-file $CCACHE_FILE --disable-doc --disable-guile --with-pkcs12-iter-count=10000 LDFLAGS='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now'
- make -j$BUILDJOBS
- make -j$BUILDJOBS check TESTS=""
- dash ./configure --build=$build --host=$host --disable-gcc-warnings
--cache-file $CCACHE_FILE --disable-doc --disable-guile
--without-p11-kit --disable-full-test-suite
+ --with-pkcs12-iter-count=10000
- make -j$BUILDJOBS
# build tests, but don't execute them
- make -j$BUILDJOBS check TESTS=""
script:
# - mount -t binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc
# - echo ':DOSWin:M::MZ::/usr/bin/wine:' > /proc/sys/fs/binfmt_misc/register
- - dash ./configure --disable-gcc-warnings --host=${arch_name}-w64-mingw32 --target=${arch_name}-w64-mingw32 --cache-file $CCACHE_FILE --with-included-libtasn1 --disable-guile --disable-nls --with-included-unistring --enable-local-libopts --disable-non-suiteb-curves --disable-full-test-suite --disable-doc
+ - dash ./configure --disable-gcc-warnings --host=${arch_name}-w64-mingw32 --target=${arch_name}-w64-mingw32 --cache-file $CCACHE_FILE --with-included-libtasn1 --disable-guile --disable-nls --with-included-unistring --enable-local-libopts --disable-non-suiteb-curves --disable-full-test-suite --disable-doc --with-pkcs12-iter-count=10000
# since we use --enable-local-libopts the generated files must equal the .bak
- mingw${arch_bits}-make -j$BUILDJOBS -C src certtool-args.c.bak
- cmp src/certtool-args.c src/certtool-args.c.bak || false # TODO not really sure about what is this for
projects / thirdparty / gnutls.git / commitdiff
