[Openvpn-devel] Adding AWS-LC to the OpenVPN CI

Message ID	20250129221619.97113-1-smittals@amazon.com
State	New
Headers	show Return-Path: <openvpn-devel-bounces@lists.sourceforge.net> Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; To: <openvpn-devel@lists.sourceforge.net> Date: Wed, 29 Jan 2025 14:16:19 -0800 Message-ID: <20250129221619.97113-1-smittals@amazon.com> In-Reply-To: <20250127235413.1925-1-smittals@amazon.com> References: <20250127235413.1925-1-smittals@amazon.com> MIME-Version: 1.0 preview: URL: https://github.com/OpenVPN/openvpn/pull/673 Acked-by: Arne Schwabe <arne@rfc2549.org> Signed-off-by: Shubham Mittal <smittals@amazon.com> --- .github/workflows/build.yaml \| 62 +++++++++++++++++++ [...] Content analysis details: (-3.8 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [52.95.48.154 listed in list.dnswl.org] 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [52.95.48.154 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [52.95.48.154 listed in bl.score.senderscore.com] 0.0 RCVD_IN_MSPIKE_H4 RBL: Very Good reputation (+4) [52.95.48.154 listed in wl.mailspike.net] 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders -1.3 DKIMWL_WL_HIGH DKIMwl.org - High trust sender Subject: [Openvpn-devel] [PATCH] Adding AWS-LC to the OpenVPN CI Precedence: list From: Shubham Mittal via Openvpn-devel <openvpn-devel@lists.sourceforge.net> Reply-To: Shubham Mittal <smittals@amazon.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox
Series	[Openvpn-devel] Adding AWS-LC to the OpenVPN CI \| expand [Openvpn-devel] Adding AWS-LC to the OpenVPN CI

Message ID

20250129221619.97113-1-smittals@amazon.com

State

New

Headers

Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
To: <openvpn-devel@lists.sourceforge.net>
Date: Wed, 29 Jan 2025 14:16:19 -0800
Message-ID: <20250129221619.97113-1-smittals@amazon.com>
In-Reply-To: <20250127235413.1925-1-smittals@amazon.com>
References: <20250127235413.1925-1-smittals@amazon.com>
MIME-Version: 1.0
Subject: [Openvpn-devel] [PATCH] Adding AWS-LC to the OpenVPN CI
Precedence: list
From: Shubham Mittal via Openvpn-devel <openvpn-devel@lists.sourceforge.net>
Reply-To: Shubham Mittal <smittals@amazon.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net

Series

[Openvpn-devel] Adding AWS-LC to the OpenVPN CI | expand

Commit Message

Shubham Mittal Jan. 29, 2025, 10:16 p.m. UTC

URL: https://github.com/OpenVPN/openvpn/pull/673
Acked-by: Arne Schwabe <arne@rfc2549.org>
Signed-off-by: Shubham Mittal <smittals@amazon.com>
---
 .github/workflows/build.yaml | 62 ++++++++++++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 90d52023..2c77004d 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -424,3 +424,65 @@  jobs:
         run: echo 'RUN_SUDO="sudo -E"' >tests/t_server_null.rc
       - name: make check
         run: make -j3 check VERBOSE=1
+
+  aws-lc:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-24.04]
+        ssllib: [ awslc ]
+        build: [ normal, asan ]
+        include:
+          - build: asan
+            cflags: "-fsanitize=address -fno-sanitize-recover=all  -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
+            ldflags: -fsanitize=address -fno-sanitize-recover=all
+            cc: clang
+            cxx: clang++
+          - build: normal
+            cflags: "-O2 -g"
+            ldflags: ""
+            cc: gcc
+            cxx: c++
+
+    name: "${{matrix.cc}} ${{matrix.build}} - ${{matrix.os}} - ${{matrix.ssllib}}"
+    runs-on: ${{matrix.os}}
+    env:
+      CFLAGS: ${{ matrix.cflags }}
+      LDFLAGS: ${{ matrix.ldflags }}
+      CC: ${{matrix.cc}}
+      CXX: ${{matrix.cxx}}
+      UBSAN_OPTIONS: print_stacktrace=1
+      AWS_LC_INSTALL: ${{ github.workspace }}/aws-lc/aws-lc-install
+
+    steps:
+      - name: Install dependencies
+        run: sudo apt update && sudo apt install -y cmake gcc ninja-build golang make liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils python3-jinja2 python3-jsonschema libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev
+      - name: "AWS-LC: checkout"
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          path: aws-lc
+          repository: aws/aws-lc
+          ref: v1.42.0
+      - name: "AWS-LC: build"
+        run: |
+          mkdir build
+          cd build
+          cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX="${{ env.AWS_LC_INSTALL }}" -DBUILD_SHARED_LIBS=1 ../
+          ninja install
+        working-directory: aws-lc
+      - name: Checkout OpenVPN
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - name: autoconf
+        run: autoreconf -fvi
+      - name: configure with AWS-LC
+        run: |
+          OPENSSL_CFLAGS="-I/${{ env.AWS_LC_INSTALL }}/include" \
+          OPENSSL_LIBS="-L/${{ env.AWS_LC_INSTALL }}/lib -lssl -lcrypto" \
+          LDFLAGS="-Wl, -rpath=/${{ env.AWS_LC_INSTALL }}/lib" \
+          ./configure --with-crypto-library=openssl
+      - name: make all
+        run: make -j3
+      - name: configure checks
+        run: echo 'RUN_SUDO="sudo -E"' >tests/t_server_null.rc
+      - name: make check
+        run: make -j3 check VERBOSE=1
\ No newline at end of file

[Openvpn-devel] Adding AWS-LC to the OpenVPN CI

Commit Message

Patch