Detect EOF while reading in libssl

[oweals/openssl.git] / .travis.yml

diff --git a/.travis.yml b/.travis.yml
index 33c3751a32fc1cff501e023101253617db6a85d7..d9a5f375b638e114693142cedcd2ee219c0b92c1 100644 (file)
--- a/.travis.yml
+++ b/.travis.yml
@@ -7,6 +7,7 @@ language: c
 cache: ccache
 git:
     submodules: false
+    quiet: true
 
 before_install:
     - if [ -n "$COVERALLS" ]; then
@@ -15,12 +16,11 @@ before_install:
     - if expr "$CONFIG_OPTS" ":" ".*enable-external-tests" > /dev/null; then
           git submodule update --init --recursive;
       fi;
+    - eval "${MATRIX_EVAL}"
 
-addons:
-    apt:
-        packages:
-            - ccache
-            - golang-1.6
+arch:
+    - amd64
+    - arm64
 
 os:
     - linux
@@ -33,10 +33,39 @@ compiler:
 env:
     - CONFIG_OPTS="" DESTDIR="_install"
     - CONFIG_OPTS="no-asm -Werror --debug no-afalgeng no-shared enable-crypto-mdebug enable-rc5 enable-md2"
-    - CONFIG_OPTS="no-asm no-makedepend --strict-warnings" BUILDONLY="yes" CHECKDOCS="yes" GENERATE="yes"
+    - CONFIG_OPTS="no-asm no-makedepend enable-buildtest-c++ --strict-warnings -D_DEFAULT_SOURCE" BUILDONLY="yes" CHECKDOCS="yes" GENERATE="yes" CPPFLAGS="-ansi"
 
 matrix:
     include:
+        - os: linux
+          arch: arm64
+          dist: bionic
+          compiler: clang
+          env: CONFIG_OPTS="--strict-warnings -D__NO_STRING_INLINES no-deprecated" BUILDONLY="yes"
+        - os: linux
+          arch: arm64
+          compiler: clang
+          addons:
+              apt:
+                  packages:
+                      - clang-6.0
+          env: EXTENDED_TEST="yes" CONFIG_OPTS="enable-msan disable-afalgeng -D__NO_STRING_INLINES -Wno-unused-command-line-argument" MATRIX_EVAL="CC=clang-6.0 && CXX=clang++-6.0"
+        - os: linux
+          arch: arm64
+          compiler: clang
+          addons:
+              apt:
+                  packages:
+                      - clang-6.0
+          env: EXTENDED_TEST="yes" CONFIG_OPTS="no-asm enable-ubsan enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-nextprotoneg no-shared enable-buildtest-c++ -fno-sanitize=alignment -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -D__NO_STRING_INLINES -Wno-unused-command-line-argument" MATRIX_EVAL="CC=clang-6.0 && CXX=clang++-6.0"
+        - os: linux
+          arch: s390x
+          compiler: gcc
+          env: CONFIG_OPTS="--strict-warnings"
+        - os: linux-ppc64le
+          sudo: false
+          compiler: clang
+          env: CONFIG_OPTS="--strict-warnings -D__NO_STRING_INLINES"
         - os: linux
           addons:
               apt:
@@ -46,10 +75,10 @@ matrix:
                   sources:
                       - ubuntu-toolchain-r-test
           compiler: gcc-5
-          env: CONFIG_OPTS="--strict-warnings" COMMENT="Move to the BORINGTEST build when interoperable"
+          env: CONFIG_OPTS="--strict-warnings no-ec enable-ssl-trace enable-zlib enable-zlib-dynamic enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-egd" COMMENT="Move to the BORINGTEST build when interoperable"
         - os: linux
-          compiler: clang-3.9
-          env: CONFIG_OPTS="--strict-warnings no-deprecated" BUILDONLY="yes"
+          compiler: clang
+          env: CONFIG_OPTS="--strict-warnings -D__NO_STRING_INLINES no-deprecated"
         - os: linux
           addons:
               apt:
@@ -58,12 +87,19 @@ matrix:
                       - gcc-mingw-w64
           compiler: i686-w64-mingw32-gcc
           env: CONFIG_OPTS="no-stdio" BUILDONLY="yes"
+        # Uncomment if there is reason to believe that PPC-specific problem
+        # can be diagnosed with this possibly >30 mins sanitizer build...
+        #- os: linux-ppc64le
+        #  sudo: false
+        #  compiler: gcc
+        #  env: EXTENDED_TEST="yes" CONFIG_OPTS="no-asm enable-asan enable-ubsan no-shared -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -D__NO_STRING_INLINES"
         - os: linux
           addons:
               apt:
                   packages:
                       - gcc-5
                       - g++-5
+                      - golang-1.6
                   sources:
                       - ubuntu-toolchain-r-test
           compiler: gcc-5
@@ -74,19 +110,21 @@ matrix:
                   packages:
                       - gcc-5
                       - g++-5
+                      - golang-1.6
                   sources:
                       - ubuntu-toolchain-r-test
           compiler: gcc-5
-          env:  EXTENDED_TEST="yes" CONFIG_OPTS="--debug enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-external-tests" BORINGSSL_TESTS="yes" CXX="g++-5" TESTS=95
+          # External test pyca-cryptography temporarily disabled due to long term travis failures
+          env:  EXTENDED_TEST="yes" CONFIG_OPTS="--debug enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-external-tests" BORINGSSL_TESTS="yes" CXX="g++-5" TESTS="test_external_boringssl test_external_krb5"
         - os: linux
-          compiler: clang-3.9
-          env: EXTENDED_TEST="yes" CONFIG_OPTS="enable-msan"
+          compiler: clang
+          env: EXTENDED_TEST="yes" CONFIG_OPTS="enable-msan -D__NO_STRING_INLINES -Wno-unused-command-line-argument"
         - os: linux
-          compiler: clang-3.9
-          env:  EXTENDED_TEST="yes" CONFIG_OPTS="no-asm enable-ubsan enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-nextprotoneg -fno-sanitize=alignment no-shared -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION"
+          compiler: clang
+          env:  EXTENDED_TEST="yes" CONFIG_OPTS="no-asm enable-ubsan enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-nextprotoneg no-shared -fno-sanitize=alignment -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -D__NO_STRING_INLINES -Wno-unused-command-line-argument"
         - os: linux
-          compiler: clang-3.9
-          env: EXTENDED_TEST="yes" CONFIG_OPTS="no-asm enable-asan enable-rc5 enable-md2 no-shared -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION"
+          compiler: clang
+          env: EXTENDED_TEST="yes" CONFIG_OPTS="no-asm enable-asan enable-rc5 enable-md2 no-shared -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -D__NO_STRING_INLINES -Wno-unused-command-line-argument"
         - os: linux
           addons:
               apt:
@@ -96,7 +134,7 @@ matrix:
                   sources:
                       - ubuntu-toolchain-r-test
           compiler: gcc-5
-          env: EXTENDED_TEST="yes" CONFIG_OPTS="--debug no-asm enable-ubsan enable-rc5 enable-md2 -DPEDANTIC" OPENSSL_TEST_RAND_ORDER=0
+          env: UBUNTU_GCC_HACK="yes" EXTENDED_TEST="yes" CONFIG_OPTS="--debug no-asm enable-ubsan enable-rc5 enable-md2 -DPEDANTIC" OPENSSL_TEST_RAND_ORDER=0
         - os: linux
           addons:
               apt:
@@ -113,16 +151,33 @@ matrix:
                       - gcc-mingw-w64
           compiler: x86_64-w64-mingw32-gcc
           env: EXTENDED_TEST="yes" CONFIG_OPTS="no-pic"
+        - os: linux
+          language: python
+          python: 3.7
+          dist: xenial    # required for Python 3.7 (travis-ci/travis-ci#9069)
+          sudo: required  # required for Python 3.7 (travis-ci/travis-ci#9069)
+          install: pip install flake8
+          before_script:
+            # stop the build if there are Python syntax errors or undefined names
+            - flake8 . --count --select=E901,E999,F821,F822,F823 --show-source --statistics
+            # exit-zero treats all errors as warnings.  The GitHub editor is 127 chars wide
+            - flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
+          script: true
+        - os: linux
+          compiler: gcc
+          env: CONFIGURE_TARGET="linux-generic32" CONFIG_OPTS="--strict-warnings no-shared no-dso no-pic no-aria no-async no-autoload-config no-blake2 no-bf no-camellia no-cast no-chacha no-cmac no-cms no-comp no-ct no-des no-dgram no-dh no-dsa no-dtls no-ec2m no-engine no-filenames no-gost no-idea no-mdc2 no-md4 no-multiblock no-nextprotoneg no-ocsp no-ocb no-poly1305 no-psk no-rc2 no-rc4 no-rmd160 no-seed no-siphash no-sm2 no-sm3 no-sm4 no-srp no-srtp no-ssl3 no-ssl3-method no-ts no-ui-console no-whirlpool no-asm -DOPENSSL_NO_SECURE_MEMORY -DOPENSSL_SMALL_FOOTPRINT"
     exclude:
         - os: linux
           compiler: clang
         - os: osx
           compiler: gcc
+        - arch: arm64
+          os: osx
 
 before_script:
     - env
     - if [ "$TRAVIS_PULL_REQUEST" != "false" -a -n "$EXTENDED_TEST" ]; then
-          (git log -1 $TRAVIS_COMMIT_RANGE | grep '\[extended tests\]' > /dev/null) || exit 0;
+          (git log -1 $TRAVIS_COMMIT_RANGE | grep '\[extended tests\]' > /dev/null) || travis_terminate 0;
       fi
     - if [ -n "$DESTDIR" ]; then
           sh .travis-create-release.sh $TRAVIS_OS_NAME;
@@ -135,6 +190,10 @@ before_script:
           srcdir=.;
           top=.;
       fi
+    - if [ -n "$UBUNTU_GCC_HACK" ]; then
+          $CC -dumpspecs | sed "s/--push-state//g; s/--pop-state/--as-needed/g" > gcc-specs.txt;
+          CC="$CC -specs=gcc-specs.txt";
+      fi
     - if [ "$CC" = i686-w64-mingw32-gcc ]; then
           export CROSS_COMPILE=${CC%%gcc}; unset CC;
           $srcdir/Configure mingw $CONFIG_OPTS -Wno-pedantic-ms-format;
@@ -152,7 +211,11 @@ before_script:
           elif which ccache >/dev/null; then
               CC="ccache $CC";
           fi;
-          $srcdir/config -v $CONFIG_OPTS;
+          if [ -n "$CONFIGURE_TARGET" ]; then
+              $srcdir/Configure $CONFIGURE_TARGET $CONFIG_OPTS;
+          else
+              $srcdir/config -v $CONFIG_OPTS;
+          fi;
       fi
     - ./configdata.pm --dump
     - cd $top
@@ -175,27 +238,31 @@ script:
     - if $make update; then
           echo -e '+\057 MAKE UPDATE OK';
       else
-          echo -e '+\057 MAKE UPDATE FAILED'; false;
-      fi;
-      git diff --exit-code
+          echo -e '+\057 MAKE UPDATE FAILED';
+          travis_terminate 1;
+      fi
+    - git diff --exit-code
     - if [ -n "$CHECKDOCS" ]; then
           if $make doc-nits; then
               echo -e '+\057\057 MAKE DOC-NITS OK';
           else
-              echo -e '+\057\057 MAKE DOC-NITS FAILED'; false;
+              echo -e '+\057\057 MAKE DOC-NITS FAILED';
+              travis_terminate 1;
           fi;
       fi
     - if [ -n "$GENERATE" ]; then
           if $make build_all_generated; then
               echo -e '+\057\057\057 MAKE BUILD_ALL_GENERATED OK';
           else
-              echo -e '+\057\057\057 MAKE BUILD_ALL_GENERATED FAILED'; false;
+              echo -e '+\057\057\057 MAKE BUILD_ALL_GENERATED FAILED';
+              travis_terminate 1;
           fi;
       fi
     - if $make2; then
           echo -e '+\057\057\057\057 MAKE OK';
       else
-          echo -e '+\057\057\057\057 MAKE FAILED'; false;
+          echo -e '+\057\057\057\057 MAKE FAILED';
+          travis_terminate 1;
       fi;
     - if [ -z "$BUILDONLY" ]; then
           if [ -n "$CROSS_COMPILE" ]; then
@@ -210,7 +277,8 @@ script:
           if HARNESS_VERBOSE=yes BORING_RUNNER_DIR=$top/boringssl/ssl/test/runner make test; then
               echo -e '+\057\057\057\057\057 MAKE TEST OK';
           else
-              echo -e '+\057\057\057\057\057 MAKE TEST FAILED'; false;
+              echo -e '+\057\057\057\057\057 MAKE TEST FAILED';
+              travis_terminate 1;
           fi;
       else
           if $make build_tests >~/build.log 2>&1; then
@@ -218,17 +286,17 @@ script:
           else
               echo -e '+\057\057\057\057\057\057 MAKE BUILD_TESTS FAILED';
               cat ~/build.log
-              false;
+              travis_terminate 1;
           fi;
       fi
     - if [ -n "$DESTDIR" ]; then
           mkdir "$top/$DESTDIR";
-          if $make install install_docs DESTDIR="$top/$DESTDIR" >~/install.log 2>&1 ; then
+          if $make install DESTDIR="$top/$DESTDIR" >~/install.log 2>&1 ; then
               echo -e '+\057\057\057\057\057\057\057 MAKE INSTALL OK';
           else
               echo -e '+\057\057\057\057\057\057\057 MAKE INSTALL FAILED';
               cat ~/install.log;
-              false;
+              travis_terminate 1;
           fi;
       fi
     - cd $top