diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index 692eac4a30e59ded5e751b19183682b485ddf373..0000000000000000000000000000000000000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,249 +0,0 @@ -version: 2.1 - -jobs: - linux: - parameters: - target: - type: string - library: - type: string - default: "" - dl_path: - type: string - default: "" - version: - type: string - default: "" - vendored: - type: boolean - default: false - no_run: - type: boolean - default: false - image: - type: string - default: 1.40.0 - docker: - - image: rust:<< parameters.image >> - environment: - RUST_BACKTRACE: 1 - OPENSSL_DIR: /opt/openssl - CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_LINKER: arm-linux-gnueabihf-gcc - CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_AR: arm-linux-gnueabihf-ar - CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_RUNNER: qemu-arm-static - steps: - - checkout - - run: apt-get update - - run: apt-get remove -y libssl-dev - - run: | - case "<< parameters.target >>" in - "i686-unknown-linux-gnu") - apt-get install -y --no-install-recommends gcc-multilib - ;; - "x86_64-unknown-linux-musl") - apt-get install -y --no-install-recommends musl-tools - ;; - "arm-unknown-linux-gnueabihf") - dpkg --add-architecture armhf - apt-get update - apt-get install -y --no-install-recommends \ - gcc-arm-linux-gnueabihf \ - libc6-dev:armhf \ - qemu-user-static - ;; - "x86_64-unknown-linux-gnu") - exit 0 - esac - - rustup target add << parameters.target >> - - unless: - condition: << parameters.vendored >> - steps: - - restore_cache: - key: openssl-<< parameters.target >>-<< parameters.library >>-<< parameters.version >> - - run: | - if [ -d "$OPENSSL_DIR" ]; then - exit 0 - fi - - case "<< parameters.library >>" in - "libressl") - URL="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-<< parameters.version >>.tar.gz" - ;; - "openssl") - URL="https://openssl.org/source<< parameters.dl_path >>/openssl-<< parameters.version >>.tar.gz" - ;; - esac - - case "<< parameters.target >>" in - "x86_64-unknown-linux-gnu") - OS_COMPILER=linux-x86_64 - OS_FLAGS="" - ;; - "i686-unknown-linux-gnu") - OS_COMPILER=linux-elf - OS_FLAGS=-m32 - ;; - "arm-unknown-linux-gnueabihf") - OS_COMPILER=linux-armv4 - OS_FLAGS="" - export AR=arm-linux-gnueabihf-ar - export CC=arm-linux-gnueabihf-gcc - ;; - esac - - mkdir /tmp/build - cd /tmp/build - - curl -L $URL | tar --strip-components=1 -xzf - - - case "<< parameters.library >>" in - "openssl") - ./Configure --prefix=$OPENSSL_DIR $OS_COMPILER -fPIC -g $OS_FLAGS no-shared - ;; - "libressl") - ./configure --prefix=$OPENSSL_DIR --disable-shared --with-pic - ;; - esac - - make - make install_sw - - save_cache: - key: openssl-<< parameters.target >>-<< parameters.library >>-<< parameters.version >> - paths: - - /opt/openssl - - restore_cache: - key: registry - - run: cargo generate-lockfile - - save_cache: - key: registry-{{ .BuildNum }} - paths: - - /usr/local/cargo/registry/index - - restore_cache: - key: deps-<< parameters.image >>-<< parameters.target >>-<< parameters.library >>-<< parameters.version >>-{{ checksum "Cargo.lock" }} - - run: | - cargo build \ - --manifest-path=openssl/Cargo.toml \ - <<# parameters.vendored >>--features vendored<> \ - --target << parameters.target >> - - run: | - cargo run \ - --manifest-path=systest/Cargo.toml \ - <<# parameters.vendored >>--features vendored<> \ - --target << parameters.target >> - - run: | - cargo test \ - --manifest-path=openssl-errors/Cargo.toml \ - <<# parameters.vendored >>--features openssl-sys/vendored<> \ - --target << parameters.target >> \ - <<# parameters.no_run >>--no-run<> - - run: | - ulimit -c unlimited - cargo test \ - --manifest-path=openssl/Cargo.toml \ - <<# parameters.vendored >>--features vendored<> \ - --target << parameters.target >> \ - <<# parameters.no_run >>--no-run<> - - save_cache: - key: deps-<< parameters.image >>-<< parameters.target >>-<< parameters.library >>-<< parameters.version >>-{{ checksum "Cargo.lock" }} - paths: - - /usr/local/cargo/registry/cache - - target - - run: - command: | - mkdir -p /tmp/core_dumps - find . -name "core.*" -exec cp \{\} /tmp/core_dumps \; - cp target/<< parameters.target >>/debug/openssl-* /tmp/core_dumps - when: on_fail - - store_artifacts: - path: /tmp/core_dumps - -openssl_111: &openssl_111 - library: openssl - version: 1.1.1i -openssl_110: &openssl_110 - library: openssl - version: 1.1.0l - dl_path: /old/1.1.0 -openssl_102: &openssl_102 - library: openssl - version: 1.0.2u - dl_path: /old/1.0.2 -openssl_101: &openssl_101 - library: openssl - version: 1.0.1u - dl_path: /old/1.0.1 - -workflows: - test: - jobs: - - linux: - name: musl-vendored - target: x86_64-unknown-linux-musl - vendored: true - - linux: - name: x86_64-vendored - target: x86_64-unknown-linux-gnu - vendored: true - - linux: - <<: *openssl_111 - name: x86_64-openssl-1.1.1 - target: x86_64-unknown-linux-gnu - - linux: - <<: *openssl_110 - name: x86_64-openssl-1.1.0 - target: x86_64-unknown-linux-gnu - - linux: - <<: *openssl_102 - name: x86_64-openssl-1.0.2 - target: x86_64-unknown-linux-gnu - - linux: - <<: *openssl_101 - name: x86_64-openssl-1.0.1 - target: x86_64-unknown-linux-gnu - - linux: - name: i686-vendored - target: i686-unknown-linux-gnu - vendored: true - - linux: - <<: *openssl_111 - name: i686-openssl-1.1.1 - target: i686-unknown-linux-gnu - - linux: - <<: *openssl_110 - name: i686-openssl-1.1.0 - target: i686-unknown-linux-gnu - - linux: - <<: *openssl_102 - name: i686-openssl-1.0.2 - target: i686-unknown-linux-gnu - - linux: - name: armhf-vendored - target: arm-unknown-linux-gnueabihf - vendored: true - no_run: true - - linux: - <<: *openssl_111 - name: armhf-openssl-1.1.1 - target: arm-unknown-linux-gnueabihf - no_run: true - - linux: - <<: *openssl_110 - name: armhf-openssl-1.1.0 - target: arm-unknown-linux-gnueabihf - no_run: true - - linux: - <<: *openssl_102 - name: armhf-openssl-1.0.2 - target: arm-unknown-linux-gnueabihf - no_run: true - - linux: - name: x86_64-libressl-2.5 - target: x86_64-unknown-linux-gnu - library: libressl - version: 2.5.5 - - linux: - name: x86_64-libressl-3.3.1 - target: x86_64-unknown-linux-gnu - library: libressl - version: 3.3.1 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bc83fb8fd0712b74b605d0ad8f64dde1ad733060..83fd907483479a0edae1a0381b4d558d8fafc30b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -27,32 +27,25 @@ jobs: steps: - uses: actions/checkout@v2 - uses: sfackler/actions/rustup@master - - name: Get rust version + - run: echo "::set-output name=version::$(rustc --version)" id: rust-version - run: echo "::set-output name=version::$(rustc --version)" - - name: Cache cargo index - uses: actions/cache@v1 + - uses: actions/cache@v1 with: path: ~/.cargo/registry/index key: index-${{ runner.os }}-${{ github.run_number }} restore-keys: | index-${{ runner.os }}- - - name: Create lockfile - run: cargo generate-lockfile - - name: Cache cargo registry - uses: actions/cache@v1 + - run: cargo generate-lockfile + - uses: actions/cache@v1 with: path: ~/.cargo/registry/cache key: registry-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} - - name: Fetch dependencies - run: cargo fetch - - name: Cache target directory - uses: actions/cache@v1 + - run: cargo fetch + - uses: actions/cache@v1 with: path: target - key: clippy-target-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} - - name: Run clippy - run: cargo clippy --all --all-targets + key: target-${{ github.job }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} + - run: cargo clippy --all --all-targets min-version: name: min-version @@ -60,32 +53,25 @@ jobs: steps: - uses: actions/checkout@v2 - uses: sfackler/actions/rustup@master - - name: Get rust version + - run: echo "::set-output name=version::$(rustc --version)" id: rust-version - run: echo "::set-output name=version::$(rustc --version)" - - name: Cache cargo index - uses: actions/cache@v1 + - uses: actions/cache@v1 with: path: ~/.cargo/registry/index key: index-${{ runner.os }}-${{ github.run_number }} restore-keys: | index-${{ runner.os }}- - - name: Create lockfile - run: cargo generate-lockfile - - name: Cache cargo registry - uses: actions/cache@v1 + - run: cargo generate-lockfile + - uses: actions/cache@v1 with: path: ~/.cargo/registry/cache key: registry-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} - - name: Fetch dependencies - run: cargo fetch - - name: Cache target directory - uses: actions/cache@v1 + - run: cargo fetch + - uses: actions/cache@v1 with: path: target - key: min-version-target-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} - - name: Check openssl - run: cargo check -p openssl + key: target-${{ github.job }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} + - run: cargo check -p openssl windows-vcpkg: name: windows-vcpkg @@ -95,40 +81,29 @@ jobs: steps: - uses: actions/checkout@v2 - uses: sfackler/actions/rustup@master - - name: Get rust version + - run: echo "::set-output name=version::$(rustc --version)" id: rust-version - run: echo "::set-output name=version::$(rustc --version)" - - name: Set vcpkg root - run: echo "VCPKG_ROOT=$env:VCPKG_INSTALLATION_ROOT" | Out-File -FilePath $env:GITHUB_ENV -Append - - name: Install OpenSSL - run: vcpkg install openssl:x64-windows - - name: Cache cargo index - uses: actions/cache@v1 + - run: echo "VCPKG_ROOT=$env:VCPKG_INSTALLATION_ROOT" | Out-File -FilePath $env:GITHUB_ENV -Append + - run: vcpkg install openssl:x64-windows + - uses: actions/cache@v1 with: path: ~/.cargo/registry/index key: index-${{ runner.os }}-${{ github.run_number }} restore-keys: | index-${{ runner.os }}- - - name: Create lockfile - run: cargo generate-lockfile - - name: Cache cargo registry - uses: actions/cache@v1 + - run: cargo generate-lockfile + - uses: actions/cache@v1 with: path: ~/.cargo/registry/cache key: registry-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} - - name: Fetch dependencies - run: cargo fetch - - name: Cache target directory - uses: actions/cache@v1 + - run: cargo fetch + - uses: actions/cache@v1 with: path: target - key: min-version-target-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} - - name: Run systest - run: cargo run -p systest - - name: Test openssl - run: cargo test -p openssl - - name: Test openssl-errors - run: cargo test -p openssl-errors + key: target-${{ github.job }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} + - run: cargo run -p systest + - run: cargo test -p openssl + - run: cargo test -p openssl-errors macos-homebrew: name: macos-homebrew @@ -153,7 +128,156 @@ jobs: - uses: actions/cache@v1 with: path: target - key: target-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} + key: target-${{ github.job }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} - run: cargo run -p systest - run: cargo test -p openssl - run: cargo test -p openssl-errors + + linux: + strategy: + fail-fast: false + matrix: + target: + - x86_64-unknown-linux-gnu + - i686-unknown-linux-gnu + - arm-unknown-linux-gnueabihf + library: + - name: openssl + version: vendored + - name: openssl + version: 1.1.1j + dl-path: / + - name: openssl + version: 1.1.0l + dl-path: /old/1.1.0 + - name: openssl + version: 1.0.2u + dl-path: /old/1.0.2 + - name: openssl + version: 1.0.1u + dl-path: /old/1.0.1 + include: + - target: x86_64-unknown-linux-gnu + library: + name: libressl + version: 2.5.5 + - target: x86_64-unknown-linux-gnu + library: + name: libressl + version: 3.3.1 + name: ${{ matrix.target }}-${{ matrix.library.name }}-${{ matrix.library.version }} + runs-on: ubuntu-latest + env: + OPENSSL_DIR: /opt/openssl + CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_LINKER: arm-linux-gnueabihf-gcc + CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_AR: arm-linux-gnueabihf-ar + CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_RUNNER: qemu-arm -L /usr/arm-linux-gnueabihf + steps: + - uses: actions/checkout@v2 + - uses: sfackler/actions/rustup@master + - run: echo "::set-output name=version::$(rustc --version)" + id: rust-version + - run: rustup target add ${{ matrix.target }} + - name: Install packages + run: | + case "${{ matrix.target }}" in + "x86_64-unknown-linux-gnu") + exit 0 + ;; + "i686-unknown-linux-gnu") + packages="gcc-multilib" + ;; + "arm-unknown-linux-gnueabihf") + packages="gcc-arm-linux-gnueabihf qemu-user" + ;; + esac + + sudo apt-get update + sudo apt-get install -y $packages + - uses: actions/cache@v2 + with: + path: /opt/openssl + key: openssl-${{ matrix.target }}-${{ matrix.library.name }}-${{ matrix.library.version }} + if: matrix.library.version != 'vendored' + id: openssl-cache + - name: Build OpenSSL + run: | + case "${{ matrix.library.name }}" in + "openssl") + url="https://openssl.org/source${{ matrix.library.dl-path }}/openssl-${{ matrix.library.version }}.tar.gz" + ;; + "libressl") + url="https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${{ matrix.library.version }}.tar.gz" + ;; + esac + + case "${{ matrix.target}}" in + "x86_64-unknown-linux-gnu") + OS_COMPILER=linux-x86_64 + OS_FLAGS="" + ;; + "i686-unknown-linux-gnu") + OS_COMPILER=linux-elf + OS_FLAGS=-m32 + ;; + "arm-unknown-linux-gnueabihf") + OS_COMPILER=linux-armv4 + OS_FLAGS="" + export AR=arm-linux-gnueabihf-ar + export CC=arm-linux-gnueabihf-gcc + ;; + esac + + mkdir /tmp/build + cd /tmp/build + + curl -L $url | tar --strip-components=1 -xzf - + + case "${{ matrix.library.name }}" in + "openssl") + ./Configure --prefix=$OPENSSL_DIR $OS_COMPILER -fPIC -g $OS_FLAGS no-shared + ;; + "libressl") + ./configure --prefix=$OPENSSL_DIR --disable-shared --with-pic + ;; + esac + + make + make install_sw + if: matrix.library.version != 'vendored' && !steps.openssl-cache.outputs.cache-hit + - run: echo "RUST_TEST_THREADS=1" >> $GITHUB_ENV + if: matrix.target == 'arm-unknown-linux-gnueabihf' + - uses: actions/cache@v1 + with: + path: ~/.cargo/registry/index + key: index-${{ runner.os }}-${{ github.run_number }} + restore-keys: | + index-${{ runner.os }}- + - run: cargo generate-lockfile + - uses: actions/cache@v1 + with: + path: ~/.cargo/registry/cache + key: registry-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} + - run: cargo fetch + - uses: actions/cache@v1 + with: + path: target + key: target-${{ matrix.target }}-${{ matrix.library.name }}-${{ matrix.library.version }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} + - name: Run systest + run: | + if [[ "${{ matrix.library.version }}" == "vendored" ]]; then + features="--features vendored" + fi + cargo run --manifest-path=systest/Cargo.toml --target ${{ matrix.target }} $features + - name: Test openssl + run: | + if [[ "${{ matrix.library.version }}" == "vendored" ]]; then + features="--features vendored" + fi + cargo test --manifest-path=openssl/Cargo.toml --target ${{ matrix.target }} $features + - name: Test openssl-errors + run: | + if [[ "${{ matrix.library.version }}" == "vendored" ]]; then + features="--features openssl-sys/vendored" + fi + cargo test --manifest-path=openssl-errors/Cargo.toml --target ${{ matrix.target }} $features diff --git a/openssl/src/encrypt.rs b/openssl/src/encrypt.rs index f80715cd9d290c1ed7e4f157e3d070c2aa1b4dbe..a1973f60c6de376629d8548e4e8eade2a78c63dd 100644 --- a/openssl/src/encrypt.rs +++ b/openssl/src/encrypt.rs @@ -39,6 +39,7 @@ //! decrypted.truncate(decrypted_len); //! assert_eq!(&*decrypted, data); //! ``` +#[cfg(any(ossl102, libressl310))] use libc::{c_int, c_void}; use std::{marker::PhantomData, ptr}; @@ -462,6 +463,7 @@ mod test { use hex::FromHex; use crate::encrypt::{Decrypter, Encrypter}; + #[cfg(any(ossl102, libressl310))] use crate::hash::MessageDigest; use crate::pkey::PKey; use crate::rsa::{Padding, Rsa}; diff --git a/openssl/src/pkey.rs b/openssl/src/pkey.rs index 32122e0b2504379b3bdc9e8ca954b07a2022c015..3515b1ec5b7a5c843b4353481cf2be9b5e913e09 100644 --- a/openssl/src/pkey.rs +++ b/openssl/src/pkey.rs @@ -471,7 +471,7 @@ impl PKey { } } - #[cfg(ossl110)] + #[cfg(ossl111)] fn generate_eddsa(nid: c_int) -> Result, ErrorStack> { unsafe { let kctx = cvt_p(ffi::EVP_PKEY_CTX_new_id(nid, ptr::null_mut()))?; diff --git a/openssl/src/sign.rs b/openssl/src/sign.rs index d53c62cb0aae04eccb1096a619b65697a5123ae7..ef2b9be1430456adc512720efd2286c42728aa31 100644 --- a/openssl/src/sign.rs +++ b/openssl/src/sign.rs @@ -644,7 +644,9 @@ mod test { use crate::nid::Nid; use crate::pkey::PKey; use crate::rsa::{Padding, Rsa}; - use crate::sign::{RsaPssSaltlen, Signer, Verifier}; + #[cfg(ossl111)] + use crate::sign::RsaPssSaltlen; + use crate::sign::{Signer, Verifier}; const INPUT: &str = "65794a68624763694f694a53557a49314e694a392e65794a7063334d694f694a71623255694c41304b49434a6c\ diff --git a/openssl/src/ssl/callbacks.rs b/openssl/src/ssl/callbacks.rs index 99cddb013b3c4f7559dd7641b481ee03997c027a..116c5445e07b6786f08f34b7ee09026cb72bb90f 100644 --- a/openssl/src/ssl/callbacks.rs +++ b/openssl/src/ssl/callbacks.rs @@ -28,6 +28,7 @@ use crate::ssl::{ }; #[cfg(ossl111)] use crate::ssl::{ClientHelloResponse, ExtensionContext}; +#[cfg(ossl111)] use crate::util::ForeignTypeRefExt; #[cfg(ossl111)] use crate::x509::X509Ref; diff --git a/openssl/src/x509/store.rs b/openssl/src/x509/store.rs index 97593c4975ed3777bc2ad613eaaf226a9da14c4a..35ca69aaca2db24679a5c216d60ff0cbbeb961b3 100644 --- a/openssl/src/x509/store.rs +++ b/openssl/src/x509/store.rs @@ -159,10 +159,7 @@ impl X509LookupRef { generic_foreign_type_and_impl_send_sync! { type CType = ffi::X509_LOOKUP_METHOD; - fn drop = |_method| { - #[cfg(ossl110)] - ffi::X509_LOOKUP_meth_free(_method); - }; + fn drop = X509_LOOKUP_meth_free; /// Method used to look up certificates and CRLs. pub struct X509LookupMethod; @@ -197,3 +194,12 @@ cfg_if! { } } } + +cfg_if! { + if #[cfg(ossl110)] { + use ffi::X509_LOOKUP_meth_free; + } else { + #[allow(bad_style)] + unsafe fn X509_LOOKUP_meth_free(_x: *mut ffi::X509_LOOKUP_METHOD) {} + } +}