Linux-Integrity Archive on lore.kernel.org
 help / color / Atom feed
From: Vitaly Chikunov <vt@altlinux.org>
To: Mimi Zohar <zohar@linux.ibm.com>
Cc: linux-integrity@vger.kernel.org, Petr Vorel <pvorel@suse.cz>,
	Bruno Meneguele <bmeneg@redhat.com>
Subject: Re: [ima-evm-utils: PATCH 5/5] ima-evm-utils: travis: openssl gost engine
Date: Fri, 31 Jul 2020 21:56:33 +0300
Message-ID: <20200731185633.kqgcz4dwfa4ruyld@altlinux.org> (raw)
In-Reply-To: <20200731182408.696931-6-zohar@linux.ibm.com>

Mimi,

On Fri, Jul 31, 2020 at 02:24:08PM -0400, Mimi Zohar wrote:
> The openssl version on travis doesn't have gost openssl engine support.
> Download from source, rebuild and install local version.
> 
> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
> ---
>  .travis.yml                  |  7 +++++++
>  tests/install-gost-engine.sh | 10 ++++++++++
>  2 files changed, 17 insertions(+)
>  create mode 100755 tests/install-gost-engine.sh
> 
> diff --git a/.travis.yml b/.travis.yml
> index 11a827c02f0a..f5fb2c1da448 100644
> --- a/.travis.yml
> +++ b/.travis.yml
> @@ -15,6 +15,13 @@ matrix:
>     include:
>       - env: TSS=ibmtss
>       - env: TSS=tpm2-tss
> +
> +before_install:
> +   - if [ "${SSL}" = "openssl" ]; then
> +        ./tests/install-gost-engine.sh;
> +        openssl version;
> +     fi
> +
>  install:
>     - if [ "${TSS}" = "tpm2-tss" ]; then
>             sudo apt-get install lcov pandoc autoconf-archive liburiparser-dev;
> diff --git a/tests/install-gost-engine.sh b/tests/install-gost-engine.sh
> new file mode 100755
> index 000000000000..01bcf2c3bc21
> --- /dev/null
> +++ b/tests/install-gost-engine.sh
> @@ -0,0 +1,10 @@
> +#!/bin/sh
> +
> +openssl version
> +
> +git clone https://github.com/gost-engine/engine.git

gost-engine master branch corresponds to openssl-3.0 which is probably
not on Travis systems yet. I think branch `openssl_1_1_0` should be used.

  git clone --branch openssl_1_1_0 https://github.com/gost-engine/engine.git

Thanks,

> +cd engine
> +#cmake -DOPENSSL_INCLUDE_DIR=/usr/local/include/openssl -DOPENSSL_SSL_LIBRARY=/usr/local/lib64/libss.so -DOPENSSL_CRYPTO_LIBRARY=/usr/local/lib64/libcrypto.so -DOPENSSL_ENGINES_DIR=/usr/local/lib64/engines-1.1 .
> +cmake .
> +sudo make install
> +cd ..
> -- 
> 2.18.4

  reply index

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-31 18:24 [ima-evm-utils: PATCH 0/5] initial travis support Mimi Zohar
2020-07-31 18:24 ` [ima-evm-utils: PATCH 1/5] ima-evm-utils: travis: define travis.yml Mimi Zohar
2020-07-31 18:24 ` [ima-evm-utils: PATCH 2/5] ima-evm-utils: travis: download, compile, and install a swTPM Mimi Zohar
2020-07-31 18:24 ` [ima-evm-utils: PATCH 3/5] ima-evm-utils: travis: dependency on TSS for initializing software TPM Mimi Zohar
2020-07-31 18:24 ` [ima-evm-utils: PATCH 4/5] ima-evm-utils: travis: support tpm2-tss Mimi Zohar
2020-07-31 18:24 ` [ima-evm-utils: PATCH 5/5] ima-evm-utils: travis: openssl gost engine Mimi Zohar
2020-07-31 18:56   ` Vitaly Chikunov [this message]
2020-07-31 20:18     ` Petr Vorel
2020-07-31 20:26       ` Vitaly Chikunov
2020-07-31 20:40         ` Petr Vorel
2020-07-31 21:06           ` Vitaly Chikunov
2020-07-31 22:32             ` Mimi Zohar
2020-08-03  3:09               ` Mimi Zohar
2020-08-03 13:07                 ` Petr Vorel
2020-08-03 14:29                   ` Mimi Zohar
2020-08-03 16:46                     ` Petr Vorel
2020-08-03 17:16                       ` Mimi Zohar
2020-08-04  7:22                         ` Petr Vorel
2020-08-04  7:54                           ` Petr Vorel
2020-08-04 13:23                             ` Mimi Zohar
2020-08-05  9:42                               ` Petr Vorel
2020-08-05 13:31                                 ` Mimi Zohar
2020-08-05 16:23                                   ` Vitaly Chikunov
2020-08-05 16:18                                 ` Vitaly Chikunov
2020-08-11 17:33                                 ` Petr Vorel
2020-08-11 22:04                                   ` Mimi Zohar
2020-08-12 13:05                                     ` Petr Vorel
2020-08-03 16:32               ` Vitaly Chikunov
2020-08-03 16:36                 ` Petr Vorel
2020-08-03 17:26             ` Mimi Zohar
2020-08-03 18:42               ` Vitaly Chikunov
2020-08-03  2:53           ` Mimi Zohar
2020-08-03 13:11             ` Petr Vorel
2020-08-03 14:33               ` Mimi Zohar
2020-08-04 12:05   ` [ima-evm-utils: PATCH v1 " Mimi Zohar
2020-08-04 14:45     ` Vitaly Chikunov
2020-08-04 18:11       ` Mimi Zohar
2020-07-31 20:19 ` [ima-evm-utils: PATCH 0/5] initial travis support Petr Vorel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200731185633.kqgcz4dwfa4ruyld@altlinux.org \
    --to=vt@altlinux.org \
    --cc=bmeneg@redhat.com \
    --cc=linux-integrity@vger.kernel.org \
    --cc=pvorel@suse.cz \
    --cc=zohar@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Integrity Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-integrity/0 linux-integrity/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-integrity linux-integrity/ https://lore.kernel.org/linux-integrity \
		linux-integrity@vger.kernel.org
	public-inbox-index linux-integrity

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-integrity


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git