Alternative fix for CVE-2022-4304 #1141
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Cross Compile | |
on: [pull_request, push] | |
jobs: | |
cross-compilation: | |
strategy: | |
fail-fast: false | |
matrix: | |
# The platform matrix specifies: | |
# arch: the architecture to build for, this defines the tool-chain | |
# prefix {arch}- and the Debian compiler package gcc-{arch} | |
# name. | |
# libs: the Debian package for the necessary link/runtime libraries. | |
# target: the OpenSSL configuration target to use, this is passed | |
# directly to the config command line. | |
# tests: omit this to run all the tests using QEMU, set it to "none" | |
# to never run the tests, otherwise it's value is passed to | |
# the "make test" command to allow selectiving disabling of | |
# tests. | |
platform: [ | |
{ | |
arch: aarch64-linux-gnu, | |
libs: libc6-dev-arm64-cross, | |
target: linux-aarch64 | |
}, { | |
arch: arm-linux-gnueabi, | |
libs: libc6-dev-armel-cross, | |
target: linux-armv4, | |
tests: -test_includes -test_store -test_x509_store | |
}, { | |
arch: arm-linux-gnueabihf, | |
libs: libc6-dev-armhf-cross, | |
target: linux-armv4, | |
tests: -test_includes -test_store -test_x509_store | |
}, { | |
arch: mips-linux-gnu, | |
libs: libc6-dev-mips-cross, | |
target: -static linux-mips32, | |
tests: -test_includes -test_store -test_x509_store | |
}, { | |
arch: mips64-linux-gnuabi64, | |
libs: libc6-dev-mips64-cross, | |
target: -static linux64-mips64, | |
}, { | |
arch: mipsel-linux-gnu, | |
libs: libc6-dev-mipsel-cross, | |
target: linux-mips32, | |
tests: -test_includes -test_store -test_x509_store | |
}, { | |
arch: riscv64-linux-gnu, | |
libs: libc6-dev-riscv64-cross, | |
target: linux64-riscv64 | |
}, { | |
arch: s390x-linux-gnu, | |
libs: libc6-dev-s390x-cross, | |
target: linux64-s390x | |
}, | |
# These build with shared libraries but they crash when run | |
# They mirror static builds above in order to cover more of the | |
# code base. | |
{ | |
arch: mips-linux-gnu, | |
libs: libc6-dev-mips-cross, | |
target: linux-mips32, | |
tests: none | |
}, { | |
arch: mips64-linux-gnuabi64, | |
libs: libc6-dev-mips64-cross, | |
target: linux64-mips64, | |
tests: none | |
} | |
] | |
runs-on: ubuntu-latest | |
steps: | |
- name: install packages | |
run: | | |
sudo apt-get update | |
sudo apt-get -yq --force-yes install \ | |
gcc-${{ matrix.platform.arch }} \ | |
${{ matrix.platform.libs }} | |
- uses: actions/checkout@v2 | |
- name: config | |
run: | | |
./Configure --strict-warnings \ | |
--cross-compile-prefix=${{ matrix.platform.arch }}- \ | |
${{ matrix.platform.target }} | |
- name: config dump | |
run: ./configdata.pm --dump | |
- name: make | |
run: make -s -j4 | |
- name: install qemu | |
if: github.event_name == 'push' && matrix.platform.tests != 'none' | |
run: sudo apt-get -yq --force-yes install qemu-user | |
- name: make all tests | |
if: github.event_name == 'push' && matrix.platform.tests == '' | |
run: | | |
make test \ | |
QEMU_LD_PREFIX=/usr/${{ matrix.platform.arch }} | |
- name: make some tests | |
if: github.event_name == 'push' && matrix.platform.tests != 'none' && matrix.platform.tests != '' | |
run: | | |
make test \ | |
TESTS="${{ matrix.platform.tests }}" \ | |
QEMU_LD_PREFIX=/usr/${{ matrix.platform.arch }} |