- name: OpenSSL 3.1
config: --enable-mods-shared=most --enable-maintainer-mode --disable-md --disable-http2 --disable-ldap --disable-crypto
env: |
- TEST_OPENSSL3=3.1.5
+ TEST_OPENSSL3=3.1.6
APR_VERSION=1.7.4
APU_VERSION=1.6.3
APU_CONFIG="--without-crypto"
config: --enable-mods-shared=most --enable-maintainer-mode --disable-md --disable-http2 --disable-ldap --disable-crypto
notest-cflags: -Werror -O2 -Wno-deprecated-declarations
env: |
- TEST_OPENSSL3=3.2.1
+ TEST_OPENSSL3=3.2.2
APR_VERSION=1.7.4
APU_VERSION=1.6.3
APU_CONFIG="--without-crypto"
- name: OpenSSL 3.2 no-engine
config: --enable-mods-shared=most --enable-maintainer-mode --disable-md --disable-http2 --disable-ldap --disable-crypto
env: |
- TEST_OPENSSL3=3.2.1
+ TEST_OPENSSL3=3.2.2
OPENSSL_CONFIG=no-engine
APR_VERSION=1.7.4
APU_VERSION=1.6.3
config: --enable-mods-shared=most --enable-maintainer-mode --disable-md --disable-http2 --disable-ldap --disable-crypto
notest-cflags: -Werror -O2
env: |
- TEST_OPENSSL3=3.3.0
+ TEST_OPENSSL3=3.3.1
OPENSSL_CONFIG=no-engine
APR_VERSION=1.7.4
APU_VERSION=1.6.3
mkdir -p build/openssl
pushd build/openssl
- curl "https://www.openssl.org/source/openssl-${TEST_OPENSSL3}.tar.gz" |
+ curl -L "https://github.com/openssl/openssl/releases/download/openssl-${TEST_OPENSSL3}/openssl-${TEST_OPENSSL3}.tar.gz" |
tar -xzf -
cd openssl-${TEST_OPENSSL3}
- ./Configure --prefix=$HOME/root/openssl3 shared no-tests ${OPENSSL_CONFIG}
+ # Build with RPATH so ./bin/openssl doesn't require $LD_LIBRARY_PATH
+ ./Configure --prefix=$HOME/root/openssl3 \
+ shared no-tests ${OPENSSL_CONFIG} \
+ '-Wl,-rpath=$(LIBRPATH)'
make $MFLAGS
make install_sw
touch $HOME/root/openssl-is-${TEST_OPENSSL3}
if test -v TEST_OPENSSL3; then
CONFIG="$CONFIG --with-ssl=$HOME/root/openssl3"
- export LD_LIBRARY_PATH=$HOME/root/openssl3/lib:$HOME/root/openssl3/lib64
+ # Temporarily set LD_RUN_PATH so that httpd/mod_ssl binaries pick
+ # up the custom OpenSSL build
+ export LD_RUN_PATH=$HOME/root/openssl3/lib:$HOME/root/openssl3/lib64
export PATH=$HOME/root/openssl3/bin:$PATH
openssl version
fi
$srcdir/configure --prefix=$PREFIX $CONFIG
make $MFLAGS
+if test -v TEST_OPENSSL3; then
+ # Clear the library/run paths so that anything else run during
+ # testing is not forced to use the custom OpenSSL build; e.g. perl,
+ # php-fpm, ...
+ unset LD_LIBRARY_PATH
+ unset LD_RUN_PATH
+fi
+
if test -v TEST_INSTALL; then
make install
pushd $PREFIX
export ASAN_OPTIONS="log_path=$PWD/asan.log:detect_leaks=0"
fi
+if test -v PHP_FPM; then
+ # Sanity test the executable exists.
+ $PHP_FPM --version
+fi
+
# Try to keep all potential coredumps from all processes
sudo sysctl -w kernel.core_uses_pid=1 2>/dev/null || true
# Systemd based systems might process core dumps via systemd-coredump.
fi
fi
+if test \( -v TEST_SSL -o -v TEST_OPENSSL3 \) \
+ -a -f test/perl-framework/t/logs/error_log; then
+ : -- Check OpenSSL version used by mod_ssl at compile- and run-time --
+ grep 'mod_ssl.*compiled against' test/perl-framework/t/logs/error_log | tail -n1 | grep --color=always 'OpenSSL/[^ ]*'
+ grep 'resuming normal operations' test/perl-framework/t/logs/error_log | tail -n1 | grep --color=always 'OpenSSL/[^ ]*'
+fi
+
if test -v TEST_SSL -a $RV -eq 0; then
pushd test/perl-framework
# Test loading encrypted private keys
./t/TEST -defines "TEST_SSL_DES3_KEY TEST_SSL_PASSPHRASE_EXEC" t/ssl
RV=$?
- # Log the OpenSSL version.
- grep 'mod_ssl.*compiled against' t/logs/error_log | tail -n 1
-
# Test various session cache backends
for cache in shmcb redis:localhost:6379 memcache:localhost:11211; do
test $RV -eq 0 || break
projects / thirdparty / apache / httpd.git / commitdiff
