diff mbox series

[Openvpn-devel,v3] Show version and double check we use the right TLS library in Github Actions

Message ID 20260313175324.12121-1-gert@greenie.muc.de
State New
Headers show
Series [Openvpn-devel,v3] Show version and double check we use the right TLS library in Github Actions | expand

Commit Message

Gert Doering March 13, 2026, 5:53 p.m. UTC 
From: Arne Schwabe <arne@rfc2549.org>

We recently discovered that the AWS-LC builds in Github Actions were
actually using OpenSSL. This will now cause an error if something like
this happens in the future again.

Change-Id: Ia929c949cceaabe21a2937ad3217052aec4b2b4c
Signed-off-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1566
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1566
This mail reflects revision 3 of this Change.

Signed-off-by line for the author was added as per our policy.

Acked-by according to Gerrit (reflected above):
Frank Lichtenheld <frank@lichtenheld.com>

Comments

Gert Doering March 13, 2026, 10:36 p.m. UTC | #1 
Very reasonable addition - "make sure we actually built & linked the
TLS library we're trying to test".  Tested via GHA.

Your patch has been applied to the master and release/2.7 branch.

commit a659605d8c14be58d9b556bc82ea8660b4fe4192 (master)
commit 1b2518e67c9a34f6176ddcae38aa25ae667bdb97 (release/2.7)
Author: Arne Schwabe
Date:   Fri Mar 13 18:53:16 2026 +0100

     Show version and double check we use the right TLS library in Github Actions

     Signed-off-by: Arne Schwabe <arne-openvpn@rfc2549.org>
     Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
     Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1566
     Message-Id: <20260313175324.12121-1-gert@greenie.muc.de>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36115.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering
diff mbox series

Patch

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 2a2616b..dd8e472 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -363,6 +363,10 @@ 
         run: ./configure --with-crypto-library=openssl ${{matrix.configureflags}} --enable-werror
       - name: make all
         run: make -j3
+      - name: Ensure the build uses LibreSSL
+        run: |
+          ./src/openvpn/openvpn --version
+          ./src/openvpn/openvpn --version | grep -q "library versions: LibreSSL"
       - name: configure checks
         run: echo 'RUN_SUDO="sudo -E"' >tests/t_server_null.rc
       - name: make check
@@ -422,6 +426,10 @@ 
         run: ./configure --with-crypto-library=mbedtls --enable-werror
       - name: make all
         run: make -j3
+      - name: Ensure the build uses mbed TLS 4.x
+        run: |
+          ./src/openvpn/openvpn --version
+          ./src/openvpn/openvpn --version | grep -q "library versions: mbed TLS 4."
       - name: configure checks
         run: echo 'RUN_SUDO="sudo -E"' >tests/t_server_null.rc
       - name: make check
@@ -486,6 +494,10 @@ 
           ./configure --with-crypto-library=openssl
       - name: make all
         run: make -j3
+      - name: Ensure the build uses AWS-LC
+        run: |
+          ./src/openvpn/openvpn --version
+          ./src/openvpn/openvpn --version | grep -q "library versions: AWS-LC"
       - name: configure checks
         run: echo 'RUN_SUDO="sudo -E"' >tests/t_server_null.rc
       - name: make check