diff options
| -rw-r--r-- | .github/workflows/linux.yml | 8 | ||||
| -rwxr-xr-x | test/travis_before_linux.sh | 7 | ||||
| -rwxr-xr-x | test/travis_run_linux.sh | 27 |
3 files changed, 32 insertions, 10 deletions
diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 0e42a0d349..5942e143ce 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -273,7 +273,7 @@ jobs: - name: OpenSSL 3.1 config: --enable-mods-shared=most --enable-maintainer-mode --disable-md --disable-http2 --disable-ldap --disable-crypto env: | - TEST_OPENSSL3=3.1.5 + TEST_OPENSSL3=3.1.6 APR_VERSION=1.7.4 APU_VERSION=1.6.3 APU_CONFIG="--without-crypto" @@ -282,7 +282,7 @@ jobs: config: --enable-mods-shared=most --enable-maintainer-mode --disable-md --disable-http2 --disable-ldap --disable-crypto notest-cflags: -Werror -O2 -Wno-deprecated-declarations env: | - TEST_OPENSSL3=3.2.1 + TEST_OPENSSL3=3.2.2 APR_VERSION=1.7.4 APU_VERSION=1.6.3 APU_CONFIG="--without-crypto" @@ -290,7 +290,7 @@ jobs: - name: OpenSSL 3.2 no-engine config: --enable-mods-shared=most --enable-maintainer-mode --disable-md --disable-http2 --disable-ldap --disable-crypto env: | - TEST_OPENSSL3=3.2.1 + TEST_OPENSSL3=3.2.2 OPENSSL_CONFIG=no-engine APR_VERSION=1.7.4 APU_VERSION=1.6.3 @@ -300,7 +300,7 @@ jobs: config: --enable-mods-shared=most --enable-maintainer-mode --disable-md --disable-http2 --disable-ldap --disable-crypto notest-cflags: -Werror -O2 env: | - TEST_OPENSSL3=3.3.0 + TEST_OPENSSL3=3.3.1 OPENSSL_CONFIG=no-engine APR_VERSION=1.7.4 APU_VERSION=1.6.3 diff --git a/test/travis_before_linux.sh b/test/travis_before_linux.sh index 4094959b50..79b983c0ab 100755 --- a/test/travis_before_linux.sh +++ b/test/travis_before_linux.sh @@ -119,10 +119,13 @@ if test -v TEST_OPENSSL3; then mkdir -p build/openssl pushd build/openssl - curl "https://www.openssl.org/source/openssl-${TEST_OPENSSL3}.tar.gz" | + curl -L "https://github.com/openssl/openssl/releases/download/openssl-${TEST_OPENSSL3}/openssl-${TEST_OPENSSL3}.tar.gz" | tar -xzf - cd openssl-${TEST_OPENSSL3} - ./Configure --prefix=$HOME/root/openssl3 shared no-tests ${OPENSSL_CONFIG} + # Build with RPATH so ./bin/openssl doesn't require $LD_LIBRARY_PATH + ./Configure --prefix=$HOME/root/openssl3 \ + shared no-tests ${OPENSSL_CONFIG} \ + '-Wl,-rpath=$(LIBRPATH)' make $MFLAGS make install_sw touch $HOME/root/openssl-is-${TEST_OPENSSL3} diff --git a/test/travis_run_linux.sh b/test/travis_run_linux.sh index 89b2cd8e6f..7f99b23415 100755 --- a/test/travis_run_linux.sh +++ b/test/travis_run_linux.sh @@ -61,7 +61,9 @@ fi if test -v TEST_OPENSSL3; then CONFIG="$CONFIG --with-ssl=$HOME/root/openssl3" - export LD_LIBRARY_PATH=$HOME/root/openssl3/lib:$HOME/root/openssl3/lib64 + # Temporarily set LD_RUN_PATH so that httpd/mod_ssl binaries pick + # up the custom OpenSSL build + export LD_RUN_PATH=$HOME/root/openssl3/lib:$HOME/root/openssl3/lib64 export PATH=$HOME/root/openssl3/bin:$PATH openssl version fi @@ -78,6 +80,14 @@ builddir=$PWD $srcdir/configure --prefix=$PREFIX $CONFIG make $MFLAGS +if test -v TEST_OPENSSL3; then + # Clear the library/run paths so that anything else run during + # testing is not forced to use the custom OpenSSL build; e.g. perl, + # php-fpm, ... + unset LD_LIBRARY_PATH + unset LD_RUN_PATH +fi + if test -v TEST_INSTALL; then make install pushd $PREFIX @@ -119,6 +129,11 @@ if test -v TEST_ASAN; then export ASAN_OPTIONS="log_path=$PWD/asan.log:detect_leaks=0" fi +if test -v PHP_FPM; then + # Sanity test the executable exists. + $PHP_FPM --version +fi + # Try to keep all potential coredumps from all processes sudo sysctl -w kernel.core_uses_pid=1 2>/dev/null || true # Systemd based systems might process core dumps via systemd-coredump. @@ -176,15 +191,19 @@ if ! test -v NO_TEST_FRAMEWORK; then fi fi +if test \( -v TEST_SSL -o -v TEST_OPENSSL3 \) \ + -a -f test/perl-framework/t/logs/error_log; then + : -- Check OpenSSL version used by mod_ssl at compile- and run-time -- + grep 'mod_ssl.*compiled against' test/perl-framework/t/logs/error_log | tail -n1 | grep --color=always 'OpenSSL/[^ ]*' + grep 'resuming normal operations' test/perl-framework/t/logs/error_log | tail -n1 | grep --color=always 'OpenSSL/[^ ]*' +fi + if test -v TEST_SSL -a $RV -eq 0; then pushd test/perl-framework # Test loading encrypted private keys ./t/TEST -defines "TEST_SSL_DES3_KEY TEST_SSL_PASSPHRASE_EXEC" t/ssl RV=$? - # Log the OpenSSL version. - grep 'mod_ssl.*compiled against' t/logs/error_log | tail -n 1 - # Test various session cache backends for cache in shmcb redis:localhost:6379 memcache:localhost:11211; do test $RV -eq 0 || break |