search

aws / s2n-tls

An implementation of the TLS/SSL protocols
https://aws.github.io/s2n-tls/usage-guide/
Apache License 2.0
4.53k stars 711 forks source link

Add older gcc version in CI #4098

Open maddeleine opened 1 year ago

maddeleine commented 1 year ago

Security issue notifications

If you discover a potential security issue in s2n we ask that you notify AWS Security via our vulnerability reporting page. Please do not create a public github issue.

Problem:

We want to find bugs on RHEL5, and recently we had an issue where new code wouldn't compile on gcc 4.1.2, which is the version of gcc that comes with RHEL5.

Solution:

We should alter the codebuild logic to build using 4.1.2 instead of 4.8: https://github.com/aws/s2n-tls/blob/57943c89ffaaee2cdf6e3043e912e5643401236d/codebuild/bin/s2n_set_build_preset.sh#L56-L59

Requirements / Acceptance Criteria:

You should be able to see the feature flag error when building. This bug only exists in 4.1.2. However note that the bug doesn't actually cause the build to fail, it just causes all feature flags to evaluate to false.

dougch commented 1 year ago

There is a docker image for Centos5, unfortunately the online software repos appear to be archived (?). The next solution would be to download the dvd isos and build a private repository: http://bay.uchicago.edu/centos-vault/5.11/isos/x86_64/

also #1488 where I talked about using Ubuntu7 todo this, still a fair bit of work.