Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Specify version 3.1 while installing OpenSSL using brew. #217

Merged
merged 1 commit into from
Jul 18, 2023
Merged

Specify version 3.1 while installing OpenSSL using brew. #217

merged 1 commit into from
Jul 18, 2023

Conversation

ghost
Copy link

@ghost ghost commented Jul 18, 2023

Right now, the CircleCI job on macOS uses OpenSSL 3.0.1:

Warning: openssl@3 3.0.1 is already installed and up-to-date.
To reinstall 3.0.1, run:
brew reinstall openssl@3

-- Found OpenSSL: /usr/local/opt/openssl@3/lib/libcrypto.dylib (found suitable version "3.0.1", minimum required is "3.0")

However, OpenSSL 3.0.1 seems broken:

oqs-provider/scripts/runtests.sh

Lines 139 to 143 in 5250576

# Disable testing for version 3.0.1: Buggy as hell:
if "${OPENSSL_APP}" version | grep -q "OpenSSL 3.0.1"; then
echo "Skipping testing of buggy OpenSSL 3.0.1"
exit 0
fi

This leads to the following no-op test:

Test setup:
LD_LIBRARY_PATH=/usr/local/opt/openssl@3/lib
OPENSSL_APP=/usr/local/opt/openssl@3/bin/openssl
OPENSSL_CONF=/Users/distiller/project/scripts/openssl-ca.cnf
OPENSSL_MODULES=/Users/distiller/project/_build/lib
DYLD_LIBRARY_PATH=:/Users/distiller/project/.local/lib:/usr/local/opt/openssl@3/lib
No OQS-OpenSSL111 interop test because of absence of docker
Version information:
error registering dilithium2 with no hash
OpenSSL 3.0.1 14 Dec 2021 (Library: OpenSSL 3.0.1 14 Dec 2021)
error registering dilithium2 with no hash
Skipping testing of buggy OpenSSL 3.0.1

CircleCI received exit code 0

This commit tells homebrew to install at least OpenSSL 3.1.

This change should allow scripts/runtests.sh to fully run again on macOS.

@ghost ghost requested a review from baentsch as a code owner July 18, 2023 11:26
baentsch
baentsch approved these changes Jul 18, 2023
View reviewed changes
Copy link
Member

@baentsch baentsch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Didn't know one can request openssl@3.1 from brew--actually wonder why "...@3" doesn't take the latest (i.e., 3.1). But what the heck. This LGTM. Thanks!

@ghost
Copy link
Author

ghost commented Jul 18, 2023
edited by ghost
Loading

Didn't know one can request openssl@3.1 from brew--actually wonder why "...@3" doesn't take the latest (i.e., 3.1). But what the heck. This LGTM. Thanks!

In fact, @3 should tell homebrew to pick the latest version, however HOMEBREW_NO_AUTO_UPDATE prevents brew from fetching the latest version…
I'm trying without right now.

@ghost
Copy link
Author

ghost commented Jul 18, 2023

@baentsch it seems that it fixes the no-op test on macOS: CircleCI job.

Do you agree with the deletion of HOMEBREW_NO_AUTO_UPDATE=1?

@ghost ghost requested a review from baentsch July 18, 2023 12:16
baentsch
baentsch reviewed Jul 18, 2023
View reviewed changes
.circleci/config.yml Outdated Show resolved Hide resolved
Specify version 3.1 while installing OpenSSL using brew.
4de7d9a 
Right now, the [CircleCI job](https://app.circleci.com/pipelines/github/open-quantum-safe/oqs-provider/696/workflows/46170fbf-b924-490c-8196-283cff0dd767/jobs/1521)
on macOS uses OpenSSL 3.0.1:

> Warning: openssl@3 3.0.1 is already installed and up-to-date.
> To reinstall 3.0.1, run:
>  brew reinstall openssl@3

> -- Found OpenSSL: /usr/local/opt/openssl@3/lib/libcrypto.dylib (found suitable version "3.0.1", minimum required is "3.0")

However, OpenSSL 3.0.1 seems broken:

https://github.com/open-quantum-safe/oqs-provider/blob/5250576fc6384af40c3d0d8b04ee5d9675ce7721/scripts/runtests.sh#L139-L143

This leads to the following [no-op test](https://app.circleci.com/pipelines/github/open-quantum-safe/oqs-provider/696/workflows/46170fbf-b924-490c-8196-283cff0dd767/jobs/1521?invite=true#step-106-13):

```
Test setup:
LD_LIBRARY_PATH=/usr/local/opt/openssl@3/lib
OPENSSL_APP=/usr/local/opt/openssl@3/bin/openssl
OPENSSL_CONF=/Users/distiller/project/scripts/openssl-ca.cnf
OPENSSL_MODULES=/Users/distiller/project/_build/lib
DYLD_LIBRARY_PATH=:/Users/distiller/project/.local/lib:/usr/local/opt/openssl@3/lib
No OQS-OpenSSL111 interop test because of absence of docker
Version information:
error registering dilithium2 with no hash
OpenSSL 3.0.1 14 Dec 2021 (Library: OpenSSL 3.0.1 14 Dec 2021)
error registering dilithium2 with no hash
Skipping testing of buggy OpenSSL 3.0.1

CircleCI received exit code 0
```

This commit tells homebrew to install at least OpenSSL `3.1`.

This change should allow `scripts/runtests.sh` to fully run again on macOS.
@baentsch baentsch merged commit 080c3dd into open-quantum-safe:main Jul 18, 2023
@ghost ghost deleted the 3.1 branch July 18, 2023 15:42
@ghost ghost mentioned this pull request Jul 18, 2023
Merged
feventura pushed a commit to EntrustCorporation/oqs-provider that referenced this pull request Mar 16, 2024
@feventura
Specify version 3.1 while installing OpenSSL using brew. (open-quan…
907d469 
…tum-safe#217)

Right now, the [CircleCI job](https://app.circleci.com/pipelines/github/open-quantum-safe/oqs-provider/696/workflows/46170fbf-b924-490c-8196-283cff0dd767/jobs/1521)
on macOS uses OpenSSL 3.0.1:

> Warning: openssl@3 3.0.1 is already installed and up-to-date.
> To reinstall 3.0.1, run:
>  brew reinstall openssl@3

> -- Found OpenSSL: /usr/local/opt/openssl@3/lib/libcrypto.dylib (found suitable version "3.0.1", minimum required is "3.0")

However, OpenSSL 3.0.1 seems broken:

https://github.com/open-quantum-safe/oqs-provider/blob/5250576fc6384af40c3d0d8b04ee5d9675ce7721/scripts/runtests.sh#L139-L143

This leads to the following [no-op test](https://app.circleci.com/pipelines/github/open-quantum-safe/oqs-provider/696/workflows/46170fbf-b924-490c-8196-283cff0dd767/jobs/1521?invite=true#step-106-13):

```
Test setup:
LD_LIBRARY_PATH=/usr/local/opt/openssl@3/lib
OPENSSL_APP=/usr/local/opt/openssl@3/bin/openssl
OPENSSL_CONF=/Users/distiller/project/scripts/openssl-ca.cnf
OPENSSL_MODULES=/Users/distiller/project/_build/lib
DYLD_LIBRARY_PATH=:/Users/distiller/project/.local/lib:/usr/local/opt/openssl@3/lib
No OQS-OpenSSL111 interop test because of absence of docker
Version information:
error registering dilithium2 with no hash
OpenSSL 3.0.1 14 Dec 2021 (Library: OpenSSL 3.0.1 14 Dec 2021)
error registering dilithium2 with no hash
Skipping testing of buggy OpenSSL 3.0.1

CircleCI received exit code 0
```

This commit tells homebrew to install at least OpenSSL `3.1`.

This change should allow `scripts/runtests.sh` to fully run again on macOS.

Signed-off-by: Felipe Ventura <felipe.ventura@entrust.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@baentsch