Skip to content

README.md: Add golang-fips/openssl note, other small adjustments #555

README.md: Add golang-fips/openssl note, other small adjustments

README.md: Add golang-fips/openssl note, other small adjustments #555

Workflow file for this run

on: [push, pull_request]
name: Test
jobs:
test:
strategy:
fail-fast: false
matrix:
go-version: [1.17.x]
openssl-version-build: [1.0.2, 1.1.0, 1.1.1, 3.0.1]
openssl-version-test: [1.0.2, 1.1.0, 1.1.1, 3.0.1]
runs-on: ubuntu-20.04
steps:
- name: Install build tools
run: sudo apt-get install -y build-essential
- name: Install Go
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go-version }}
- name: Checkout code
uses: actions/checkout@v2
- name: Install OpenSSL - Build
run: sudo sh ./scripts/openssl.sh ${{ matrix.openssl-version-build }}
- name: Check headers
working-directory: ./cmd/checkheader
run: go run . --ossl-include /usr/local/src/openssl-${{ matrix.openssl-version-build }}/include ../../openssl/openssl_funcs.h
if: ${{ matrix.openssl-version-build == matrix.openssl-version-test }}
- name: Set OpenSSL config and prove FIPS
run: |
sudo cp ./scripts/openssl-3.cnf /usr/local/ssl/openssl.cnf
go test -v -count 0 ./openssl | grep -q "FIPS enabled: true"
if: ${{ matrix.openssl-version-build == '3.0.1' }}
env:
GO_OPENSSL_VERSION_OVERRIDE: ${{ matrix.openssl-version-build }}
- name: Run Test - Build
# Run each test 10 times so the garbage collector chimes in
# and exercises the multiple finalizers we use.
# This can detect use-after-free and double-free issues.
run: go test -gcflags=all=-d=checkptr -count 10 -v ./...
env:
GO_OPENSSL_VERSION_OVERRIDE: ${{ matrix.openssl-version-build }}
- name: Run Test - Build - No version override
run: go test -gcflags=all=-d=checkptr -v ./...
- name: Run Test - Misc
run: go test -gcflags=all=-d=checkptr -v .
working-directory: ./misc
env:
GO_OPENSSL_VERSION_OVERRIDE: ${{ matrix.openssl-version-build }}
- name: Build Test - Build
run: go test -o test -c ./openssl
if: ${{ matrix.openssl-version-build != matrix.openssl-version-test }}
env:
GO_OPENSSL_VERSION_OVERRIDE: ${{ matrix.openssl-version-build }}
- name: Install OpenSSL - Test
run: sudo sh ./scripts/openssl.sh ${{ matrix.openssl-version-test }}
if: ${{ matrix.openssl-version-build != matrix.openssl-version-test }}
- name: Run Test 2 - Test
run: ./test -test.v
if: ${{ matrix.openssl-version-build != matrix.openssl-version-test }}
env:
GO_OPENSSL_VERSION_OVERRIDE: ${{ matrix.openssl-version-test }}