From patchwork Tue Jun 8 05:24:34 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 1854 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director12.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id IGLSFBmMv2AUKQAAIUCqbw (envelope-from ) for ; Tue, 08 Jun 2021 11:26:17 -0400 Received: from proxy15.mail.ord1d.rsapps.net ([172.30.191.6]) by director12.mail.ord1d.rsapps.net with LMTP id KIKHFBmMv2A8dgAAIasKDg (envelope-from ) for ; Tue, 08 Jun 2021 11:26:17 -0400 Received: from smtp7.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy15.mail.ord1d.rsapps.net with LMTPS id GJjrExmMv2BYUwAAAY1PeQ (envelope-from ) for ; Tue, 08 Jun 2021 11:26:17 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp7.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: dd8a135c-c86d-11eb-88af-525400d0c497-1-1 Received: from [216.105.38.7] ([216.105.38.7:52410] helo=lists.sourceforge.net) by smtp7.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id DE/E9-27037-81C8FB06; Tue, 08 Jun 2021 11:26:16 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.92.3) (envelope-from ) id 1lqdb8-0003W6-2V; Tue, 08 Jun 2021 15:24:58 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) (envelope-from ) id 1lqdb5-0003Vt-SE for openvpn-devel@lists.sourceforge.net; Tue, 08 Jun 2021 15:24:55 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=GhbDk+GsM2uvv190CeXTlXcNmU/og68Y7I9Re4lCEsA=; b=DsTLKqZMUF+HSzPs7DnoXbiANK b8gx6QVQUlANO2hEt5+A7z11WfTL+uVYrF5fXAKIygNmdIErTSqiDj37G2nWIWm81xxAbE95NXeLQ uVcFDAnJr/k/ls1JpOfsbef2vbufHiEUmB2EHRsabMVN2fBNxc/5RPHaXBgvW0BAKQ+M=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:To:From: Sender:Reply-To:Cc:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=GhbDk+GsM2uvv190CeXTlXcNmU/og68Y7I9Re4lCEsA=; b=h SZcfGM+u+0Ao+6XrGqo303lyVVq9n9uTKMCTYnTaSdjJN/6d386CiWlyr+lnlLayMxk1U9WuG0Esg bdbgTjcO9nhkjb8CkwFiGBzG1MU3SFmlJH08vSWR7JcjcHF3gbDHcnHmtDP8bbo6umEQf3fc3fsV+ dkdx+BNaznV6rCWI=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) id 1lqday-0000PH-BY for openvpn-devel@lists.sourceforge.net; Tue, 08 Jun 2021 15:24:56 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94.2 (FreeBSD)) (envelope-from ) id 1lqdaj-0001Vb-OA for openvpn-devel@lists.sourceforge.net; Tue, 08 Jun 2021 17:24:33 +0200 Received: (nullmailer pid 1404047 invoked by uid 10006); Tue, 08 Jun 2021 15:24:34 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Tue, 8 Jun 2021 17:24:34 +0200 Message-Id: <20210608152434.1403999-1-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: openvpn.net] 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1lqday-0000PH-BY Subject: [Openvpn-devel] [PATCH] Add github actions X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox dummy0 gives strange errors on the Ubuntu 16 runner on github actions because dummy already exist, so use a more unique ovpn-dummy0 name instead. Github actions are a good alternative to travis-ci, which futrure is questionable at the moment without payment. The github actions also allows building on macOS and Windows (not included in this commit). The matrix is a bit different than Coverity and uses different Ubuntu version with their native OpenSSL (1.0.2, 1.1.1)/mbed TLS instead of manually compiling different OpenSSL versions on just Ubuntu 20.04. Signed-off-by: Arne Schwabe Acked-by: Lev Stipakov Signed-off-by: Arne Schwabe <arne@rfc2549.org>
--- .github/workflows/build.yaml | 184 +++++++++++++++++++++ tests/t_net.sh | 2 +- tests/unit_tests/openvpn/test_networking.c | 2 +- 3 files changed, 186 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/build.yaml diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml new file mode 100644 index 000000000..7ff379802 --- /dev/null +++ b/.github/workflows/build.yaml @@ -0,0 +1,184 @@ +# The name of our workflow +name: Build +on: [push, pull_request] + +jobs: + mingw: + strategy: + matrix: + include: + - target: mingw64 + chost: x86_64-w64-mingw32 + - target: mingw + chost: i686-w64-mingw32 + + runs-on: ubuntu-20.04 + env: + MAKEFLAGS: -j3 + LZO_VERSION: "2.10" + PKCS11_HELPER_VERSION: "1.26" + OPENSSL_VERSION: "1.1.1j" + TAP_WINDOWS_VERSION: "9.23.3" + CHOST: ${{ matrix.chost }} + TARGET: ${{ matrix.target }} + steps: + - name: Install dependencies + run: sudo apt update && sudo apt install -y mingw-w64 libtool automake autoconf man2html unzip + - name: Checkout ovpn-dco-win + uses: actions/checkout@v2 + with: + repository: OpenVPN/ovpn-dco-win + path: ovpn-dco-win + - name: Checkout OpenVPN + uses: actions/checkout@v2 + with: + path: openvpn + + - name: autoconf + run: autoreconf -fvi + working-directory: openvpn + + - name: Cache dependencies + id: cache + uses: actions/cache@v2 + with: + path: '~/mingw/' + key: ${{ matrix.target }}-mingw-${{ env.LZO_VERSION }}-${{ env.PKCS11_HELPER_VERSION }}-${{ env.TAP_WINDOWS_VERSION }} + + # Repeating if: steps.cache.outputs.cache-hit != 'true' + # on every step for building dependencies is ugly but + # I haven't found a better solution so far. + + - name: Download mingw depnendencies + if: steps.cache.outputs.cache-hit != 'true' + run: | + wget -c -P download-cache/ "https://build.openvpn.net/downloads/releases/tap-windows-${TAP_WINDOWS_VERSION}.zip" + wget -c -P download-cache/ "https://www.oberhumer.com/opensource/lzo/download/lzo-${LZO_VERSION}.tar.gz" + wget -c -P download-cache/ "https://github.com/OpenSC/pkcs11-helper/archive/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.gz" + wget -c -P download-cache/ "https://www.openssl.org/source/old/1.1.1/openssl-${OPENSSL_VERSION}.tar.gz" + tar zxf "download-cache/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.gz" + tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" + tar zxf "download-cache/lzo-${LZO_VERSION}.tar.gz" + unzip download-cache/tap-windows-${TAP_WINDOWS_VERSION}.zip + + - name: Configure OpenSSL + if: steps.cache.outputs.cache-hit != 'true' + run: ./Configure --cross-compile-prefix=${CHOST}- shared ${{ matrix.target }} no-capieng --prefix="${HOME}/mingw/opt" --openssldir="${HOME}/mingw/opt" -static-libgcc + working-directory: "./openssl-1.1.1j" + + - name: Build OpenSSL + if: steps.cache.outputs.cache-hit != 'true' + run: make + working-directory: "./openssl-1.1.1j/" + + - name: Install OpenSSL + if: steps.cache.outputs.cache-hit != 'true' + run: make install + working-directory: "./openssl-1.1.1j/" + + - name: autoreconf pkcs11-helper + if: steps.cache.outputs.cache-hit != 'true' + run: autoreconf -iv + working-directory: "./pkcs11-helper-pkcs11-helper-1.26" + + - name: configure pkcs11-helper + if: steps.cache.outputs.cache-hit != 'true' + run: OPENSSL_LIBS="-L${HOME}/mingw/opt/lib -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig ./configure --host=${CHOST} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu --disable-crypto-engine-gnutls --disable-crypto-engine-nss --disable-crypto-engine-polarssl --disable-crypto-engine-mbedtls + working-directory: "./pkcs11-helper-pkcs11-helper-1.26" + + - name: build pkcs11-helper + if: steps.cache.outputs.cache-hit != 'true' + run: make all + working-directory: "./pkcs11-helper-pkcs11-helper-1.26" + + - name: install pkcs11-helper + if: steps.cache.outputs.cache-hit != 'true' + run: make install + working-directory: "./pkcs11-helper-pkcs11-helper-1.26" + + - name: Configure lzo + if: steps.cache.outputs.cache-hit != 'true' + run: ./configure --host=${CHOST} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu + working-directory: "./lzo-2.10" + + - name: build lzo + if: steps.cache.outputs.cache-hit != 'true' + working-directory: "./lzo-2.10" + run: make + + - name: install lzo + if: steps.cache.outputs.cache-hit != 'true' + working-directory: "./lzo-2.10" + run: make install + + - name: copy tap-windows.h header + if: steps.cache.outputs.cache-hit != 'true' + run: cp ./tap-windows-9.23.3/include/tap-windows.h ${HOME}/mingw/opt/include/ + + - name: configure OpenVPN + run: PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig DCO_SOURCEDIR=$(realpath ../ovpn-dco-win) LDFLAGS=-L$HOME/mingw/opt/lib CFLAGS=-I$HOME/mingw/opt/include OPENSSL_LIBS="-L${HOME}/opt/lib -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PREFIX=$HOME/mingw/opt LZO_CFLAGS=-I$HOME/mingw/opt/include LZO_LIBS="-L${HOME}/mingw/opt/lib -llzo2" ./configure --host=${CHOST} --disable-lz4 --enable-dco + working-directory: openvpn + + - name: build OpenVPN + run: make -j3 + working-directory: openvpn + + ubuntu: + strategy: + matrix: + os: [ubuntu-16.04, ubuntu-18.04, ubuntu-20.04] + ssllib: [mbedtls, openssl] + + runs-on: ${{matrix.os}} + steps: + - name: Install dependencies + run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html libcmocka-dev python3-docutils libtool automake autoconf libmbedtls-dev + - name: Checkout OpenVPN + uses: actions/checkout@v2 + - name: autoconf + run: autoreconf -fvi + - name: configure --with-crypto-library=${{matrix.ssllib}} + run: ./configure + - name: make all + run: make -j3 + - name: make check + run: make check + + ubutun20-clang-asan: + strategy: + matrix: + os: [ubuntu-16.04, ubuntu-18.04] + ssllib: [mbedtls, openssl] + + runs-on: ubuntu-20.04 + steps: + - name: Install dependencies + run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf libmbedtls-dev + - name: Checkout OpenVPN + uses: actions/checkout@v2 + - name: autoconf + run: autoreconf -fvi + - name: configure + run: CFLAGS="-fsanitize=address -fno-omit-frame-pointer -O2" CC=clang ./configure --with-crypto-library=${{matrix.ssllib}} + - name: make all + run: make -j3 + - name: make check + run: make check + + + macos: + runs-on: macos-latest + steps: + - name: Checkout OpenVPN + uses: actions/checkout@v2 + - name: Install dependencies + run: brew install openssl lzo lz4 man2html cmocka libtool automake autoconf + - name: autoconf + run: autoreconf -fvi + - name: configure + run: OPENSSL_CFLAGS=-I/usr/local/opt/openssl@1.1/include OPENSSL_LIBS="-L/usr/local/opt/openssl@1.1/lib -lcrypto -lssl" ./configure + - name: make all + run: make -j4 + - name: make check + run: make check + diff --git a/tests/t_net.sh b/tests/t_net.sh index 246ee07bd..f9dba4040 100755 --- a/tests/t_net.sh +++ b/tests/t_net.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -IFACE="dummy0" +IFACE="ovpn-dummy0" UNIT_TEST="./unit_tests/openvpn/networking_testdriver" MAX_TEST=${1:-7} diff --git a/tests/unit_tests/openvpn/test_networking.c b/tests/unit_tests/openvpn/test_networking.c index e7c148f0e..9e9744f48 100644 --- a/tests/unit_tests/openvpn/test_networking.c +++ b/tests/unit_tests/openvpn/test_networking.c @@ -3,7 +3,7 @@ #include "networking.h" -static char *iface = "dummy0"; +static char *iface = "ovpn-dummy0"; static int net__iface_up(bool up)