Linux-Integrity Archive on lore.kernel.org
 help / color / Atom feed
From: Vitaly Chikunov <vt@altlinux.org>
To: Petr Vorel <pvorel@suse.cz>
Cc: Mimi Zohar <zohar@linux.ibm.com>,
	linux-integrity@vger.kernel.org,
	Bruno Meneguele <bmeneg@redhat.com>
Subject: Re: [ima-evm-utils: PATCH 5/5] ima-evm-utils: travis: openssl gost engine
Date: Sat, 1 Aug 2020 00:06:53 +0300
Message-ID: <20200731210653.p5m4efy52melqwgs@altlinux.org> (raw)
In-Reply-To: <20200731204044.GC27841@dell5510>

On Fri, Jul 31, 2020 at 10:40:44PM +0200, Petr Vorel wrote:
> And when using suggested branch openssl_1_1_0, it also fails on make install
> $ ./tests/install-gost-engine.sh
> OpenSSL 1.1.1g  21 Apr 2020
> Cloning into 'engine'...
> remote: Enumerating objects: 63, done.
> remote: Counting objects: 100% (63/63), done.
> remote: Compressing objects: 100% (40/40), done.
> remote: Total 2738 (delta 33), reused 32 (delta 21), pack-reused 2675
> Receiving objects: 100% (2738/2738), 2.48 MiB | 2.09 MiB/s, done.
> Resolving deltas: 100% (1735/1735), done.
> -- The C compiler identification is GNU 10.1.1
> -- Detecting C compiler ABI info
> -- Detecting C compiler ABI info - done
> -- Check for working C compiler: /usr/bin/cc - skipped
> -- Detecting C compile features
> -- Detecting C compile features - done
> -- Found OpenSSL: /usr/lib64/libcrypto.so (found suitable version "1.1.1g", minimum required is "1.1")
> -- Check if the system is big endian
> -- Searching 16 bit integer
> -- Looking for sys/types.h
> -- Looking for sys/types.h - found
> -- Looking for stdint.h
> -- Looking for stdint.h - found
> -- Looking for stddef.h
> -- Looking for stddef.h - found
> -- Check size of unsigned short
> -- Check size of unsigned short - done
> -- Searching 16 bit integer - Using unsigned short
> -- Check if the system is big endian - little endian
> -- LITTLE_ENDIAN
> -- Configuring done
> -- Generating done
> -- Build files have been written to: /home/pvorel/install/src/ima-evm-utils.git/engine
> make: *** No rule to make target 'install'.  Stop.

It seems this branch does not have install target. I think,

- `engine/bin/gost.so` should be moved in platform dependent engines dir,
for example for debian9 it's `/usr/lib/x86_64-linux-gnu/engines-1.1/`
(found with strace).

- Or, just keep it as is, but `OPENSSL_ENGINES` env should be set to
`/home/pvorel/install/src/ima-evm-utils.git/engine/bin/`.

- Or even better, Bionic (which is supported by Travis) should have
  gost-engine already in the libengine-gost-openssl1.1 package.

  In that case `.travis.yml` should have `dist: bionic`.
    https://docs.travis-ci.com/user/reference/bionic/



> 
> => It'd be good to fix this and add some test with SSL=openssl variable.
> But the branch would have to be updated time to time.
> 
> BTW do you plan to test other crypto libraries?
> 
> Kind regards,
> Petr

  reply index

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-31 18:24 [ima-evm-utils: PATCH 0/5] initial travis support Mimi Zohar
2020-07-31 18:24 ` [ima-evm-utils: PATCH 1/5] ima-evm-utils: travis: define travis.yml Mimi Zohar
2020-07-31 18:24 ` [ima-evm-utils: PATCH 2/5] ima-evm-utils: travis: download, compile, and install a swTPM Mimi Zohar
2020-07-31 18:24 ` [ima-evm-utils: PATCH 3/5] ima-evm-utils: travis: dependency on TSS for initializing software TPM Mimi Zohar
2020-07-31 18:24 ` [ima-evm-utils: PATCH 4/5] ima-evm-utils: travis: support tpm2-tss Mimi Zohar
2020-07-31 18:24 ` [ima-evm-utils: PATCH 5/5] ima-evm-utils: travis: openssl gost engine Mimi Zohar
2020-07-31 18:56   ` Vitaly Chikunov
2020-07-31 20:18     ` Petr Vorel
2020-07-31 20:26       ` Vitaly Chikunov
2020-07-31 20:40         ` Petr Vorel
2020-07-31 21:06           ` Vitaly Chikunov [this message]
2020-07-31 22:32             ` Mimi Zohar
2020-08-03  3:09               ` Mimi Zohar
2020-08-03 13:07                 ` Petr Vorel
2020-08-03 14:29                   ` Mimi Zohar
2020-08-03 16:46                     ` Petr Vorel
2020-08-03 17:16                       ` Mimi Zohar
2020-08-04  7:22                         ` Petr Vorel
2020-08-04  7:54                           ` Petr Vorel
2020-08-04 13:23                             ` Mimi Zohar
2020-08-05  9:42                               ` Petr Vorel
2020-08-05 13:31                                 ` Mimi Zohar
2020-08-05 16:23                                   ` Vitaly Chikunov
2020-08-05 16:18                                 ` Vitaly Chikunov
2020-08-03 16:32               ` Vitaly Chikunov
2020-08-03 16:36                 ` Petr Vorel
2020-08-03 17:26             ` Mimi Zohar
2020-08-03 18:42               ` Vitaly Chikunov
2020-08-03  2:53           ` Mimi Zohar
2020-08-03 13:11             ` Petr Vorel
2020-08-03 14:33               ` Mimi Zohar
2020-08-04 12:05   ` [ima-evm-utils: PATCH v1 " Mimi Zohar
2020-08-04 14:45     ` Vitaly Chikunov
2020-08-04 18:11       ` Mimi Zohar
2020-07-31 20:19 ` [ima-evm-utils: PATCH 0/5] initial travis support Petr Vorel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200731210653.p5m4efy52melqwgs@altlinux.org \
    --to=vt@altlinux.org \
    --cc=bmeneg@redhat.com \
    --cc=linux-integrity@vger.kernel.org \
    --cc=pvorel@suse.cz \
    --cc=zohar@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Integrity Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-integrity/0 linux-integrity/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-integrity linux-integrity/ https://lore.kernel.org/linux-integrity \
		linux-integrity@vger.kernel.org
	public-inbox-index linux-integrity

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-integrity


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git