From patchwork Wed Jan 29 22:16:19 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Shubham Mittal <smittals@amazon.com>
X-Patchwork-Id: 4108
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7000:a1c5:b0:5e7:b9eb:58e8 with SMTP id gc5csp28012mab;
        Wed, 29 Jan 2025 14:32:27 -0800 (PST)
X-Forwarded-Encrypted: i=2;
 AJvYcCXTWbgUzcWlmZp7+IY5icc11PE4oehuxi44oX7SL6ECQv4c817rNR4Kt2WVLeSlXSreSmsPkbG4rS0=@openvpn.net
X-Google-Smtp-Source: 
 AGHT+IHOtrFi+DTaoxxcfZIWeSauF88aDiimDJcp0tb49YFIZi4ETpipfTb/83XO4iqx3bgJMbqw
X-Received: by 2002:a05:6830:2901:b0:71d:f5fb:9980 with SMTP id
 46e09a7af769-7265675fcc2mr3234088a34.10.1738189946993;
        Wed, 29 Jan 2025 14:32:26 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1738189946; cv=none;
        d=google.com; s=arc-20240605;
        b=k61RxhDyv7BZQy5q+NiCtShdsKuQUSFu/mMFwF8geMOI1vw6cF9F15Gm3UzC0gMyzC
         QA/dRaMZPmjwvKO/62xkOnzcWfod1Ai1oBlyFyQK93/7IKxdWfD51mZdhaTFWJYpeVU5
         D126nMExNQwWTSTrA0p0cKM5ua76ON1jOzxRoYjxEifaAya2Uz+0gMUkaVCYVrWDXrt1
         smz9bMce7/Hr8/iuEb9JhBsSfSftPgAY1xXGcuwywrdfbKDzgCK4Q4oWi4DbseiWyOqe
         jJ8fD1bqHXZxjT+a4SQ8yQNTUihRV2K6yfAiK+5987A2HlpJ6G7l0EF8+0WPlkSa26nQ
         +Kxg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
        h=errors-to:content-transfer-encoding:reply-to:from:list-subscribe
         :list-help:list-post:list-archive:list-unsubscribe:list-id
         :precedence:subject:mime-version:references:in-reply-to:message-id
         :date:to:dkim-signature:dkim-signature:dkim-signature;
        bh=zJjBqoP9r/cHnhjocUVXxug3O86r8Z2Si1J1vvB3zZ8=;
        fh=M0IgS9BLcbDnxRvvrgNqqeQSdb7j85MQs+k/Km/mzfQ=;
        b=Ok+h55CnqebpSUBmpNBVYbv3z+IWsGYYakks9lPiJyWDqLBbCR1UucXa9nFT7qhhBS
         liB9G6QYp4Fz5w0TvaTHSMuLurwgoiHFwslVAY1VLdtaXqxCj5D3+dIcdDG/V1ysqvy4
         WqsN3Njqf30WcYcvtlSCls+TygWMYle1RENzvalFncOYNZ7Bu+wuwYFWMt/VpIllckMX
         ykaa57hzkcTM8nOMH+9BZ0T2dbyNNHf68dTN4R4uwA6nBmNKwMj4S+r7diFAcmFjy5/N
         RdtVVGLNpAgOWp2Ggnf9QPTgQNCDqqCIfiFHl95uLsD3WAJt0FqwaEuXyBo2g/tpgJbF
         1cug==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=M8tsBpDQ;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=ADGrtIg5;
       dkim=neutral (body hash did not verify) header.i=@amazon.com
 header.s=amazon201209 header.b=YscmdAh0;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=sourceforge.net
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
        by mx.google.com with ESMTPS id
 46e09a7af769-7266189a1b8si106339a34.141.2025.01.29.14.32.26
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 29 Jan 2025 14:32:26 -0800 (PST)
Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=M8tsBpDQ;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=ADGrtIg5;
       dkim=neutral (body hash did not verify) header.i=@amazon.com
 header.s=amazon201209 header.b=YscmdAh0;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=sourceforge.net
Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com)
	by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1tdGbc-0005fZ-Q9;
	Wed, 29 Jan 2025 22:32:20 +0000
Received: from [172.30.29.66] (helo=mx.sourceforge.net)
 by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <prvs=11782e5d4=smittals@amazon.com>)
 id 1tdGbb-0005fT-ET for openvpn-devel@lists.sourceforge.net;
 Wed, 29 Jan 2025 22:32:18 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version
 :References:In-Reply-To:Message-ID:Date:Subject:CC:To:From:Sender:Reply-To:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=Zd3nAo2zhnsop/AZMZoVbY3VvhWR0pRgatDEfW2Gszs=; b=M8tsBpDQxsfdVb17rYGU16dfX2
 DK9e7WgRHB3kTzzybz7CHb0GAkyonmIu1xftQ9wdy8R0JOWAM155ZVyDF1Gd42LsNhs3nQ1RgQaBd
 jJRJ5cm2tcyHphfu4AuD/K8a5oV+a6hfbCUibHZTmrn7h+DlW8rEbAG5OxtabKc9Px6E=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:
 In-Reply-To:Message-ID:Date:Subject:CC:To:From:Sender:Reply-To:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=Zd3nAo2zhnsop/AZMZoVbY3VvhWR0pRgatDEfW2Gszs=; b=ADGrtIg5ogTDM0j/tyg6CwN7o9
 JWDuKLUIc+J+pXSYf/3/TJOCoO887yEw/IvOgb3wBK44Dr8DFr8vZln/Pa3cRPhnhghKqubUwssNl
 w2DtQ5Z0PvvFmQNZQpU5GX6o8Mb4L7O7EeZBi54++DAsJMyIYY+Zc82NIBjoJK0pnZKs=;
Received: from smtp-fw-6001.amazon.com ([52.95.48.154])
 by sfi-mx-2.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95)
 id 1tdGbZ-0004pd-Pp for openvpn-devel@lists.sourceforge.net;
 Wed, 29 Jan 2025 22:32:18 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209;
 t=1738189938; x=1769725938;
 h=from:to:cc:subject:date:message-id:in-reply-to:
 references:mime-version:content-transfer-encoding;
 bh=Zd3nAo2zhnsop/AZMZoVbY3VvhWR0pRgatDEfW2Gszs=;
 b=YscmdAh07B2hJSsa+pyY9f0SPAZNqUKNWIWsYRiBALdIJlY5c2yTl+Jm
 wlqTNkWBQepBfUknEoMhFp/ikYHFOs2sWOyH62sXfS4H9sNAtsspI/d9h
 FtIoBrP/J8eRQkkBd4YU7eyLhhaVI/eak0f/Vki61YSjkMhTw6INP3YNk s=;
X-IronPort-AV: E=Sophos;i="6.13,244,1732579200"; d="scan'208";a="458124902"
Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO
 smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.43.8.2])
 by smtp-border-fw-6001.iad6.amazon.com with
 ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Jan 2025 22:16:27 +0000
Received: from EX19MTAUWC002.ant.amazon.com [10.0.21.151:39767]
 by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.61.44:2525]
 with esmtp (Farcaster)
 id f08d3742-abfd-482c-b3a1-fe46db808234;
 Wed, 29 Jan 2025 22:16:26 +0000 (UTC)
X-Farcaster-Flow-ID: f08d3742-abfd-482c-b3a1-fe46db808234
Received: from EX19D019UWA002.ant.amazon.com (10.13.139.58) by
 EX19MTAUWC002.ant.amazon.com (10.250.64.143) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39;
 Wed, 29 Jan 2025 22:16:26 +0000
Received: from EX19MTAUWA002.ant.amazon.com (10.250.64.202) by
 EX19D019UWA002.ant.amazon.com (10.13.139.58) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39;
 Wed, 29 Jan 2025 22:16:26 +0000
Received: from email-imr-corp-prod-iad-all-1a-93a35fb4.us-east-1.amazon.com
 (10.25.36.210) by mail-relay.amazon.com (10.250.64.203) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id
 15.2.1258.39 via Frontend Transport; Wed, 29 Jan 2025 22:16:26 +0000
Received: from 7cf34dea8443.amazon.com (unknown [10.119.85.14])
 by email-imr-corp-prod-iad-all-1a-93a35fb4.us-east-1.amazon.com (Postfix)
 with
 ESMTP id 3DF8C42EAF; Wed, 29 Jan 2025 22:16:25 +0000 (UTC)
To: <openvpn-devel@lists.sourceforge.net>
Date: Wed, 29 Jan 2025 14:16:19 -0800
Message-ID: <20250129221619.97113-1-smittals@amazon.com>
X-Mailer: git-send-email 2.39.5 (Apple Git-154)
In-Reply-To: <20250127235413.1925-1-smittals@amazon.com>
References: <20250127235413.1925-1-smittals@amazon.com>
MIME-Version: 1.0
X-Spam-Score: -3.8 (---)
X-Spam-Report: Spam detection software,
 running on the system "util-spamd-2.v13.lw.sourceforge.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  URL: https://github.com/OpenVPN/openvpn/pull/673 Acked-by:
 Arne Schwabe <arne@rfc2549.org> Signed-off-by: Shubham Mittal
 <smittals@amazon.com>
 --- .github/workflows/build.yaml | 62 +++++++++++++++++++ [...]
 Content analysis details:   (-3.8 points, 6.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -2.3 RCVD_IN_DNSWL_MED      RBL: Sender listed at https://www.dnswl.org/,
 medium trust [52.95.48.154 listed in list.dnswl.org]
 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE:
 The query to Validity was blocked.  See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243
 for more information.
 [52.95.48.154 listed in sa-accredit.habeas.com]
 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The
 query to Validity was blocked.  See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243
 for more information.
 [52.95.48.154 listed in bl.score.senderscore.com]
 0.0 RCVD_IN_MSPIKE_H4      RBL: Very Good reputation (+4)
 [52.95.48.154 listed in wl.mailspike.net]
 0.0 SPF_NONE               SPF: sender does not publish an SPF Record
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily
 valid
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
 envelope-from domain
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
 author's domain
 0.0 UNPARSEABLE_RELAY      Informational: message has unparseable relay
 lines 0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
 -1.3 DKIMWL_WL_HIGH         DKIMwl.org - High trust sender
X-Headers-End: 1tdGbZ-0004pd-Pp
Subject: [Openvpn-devel] [PATCH] Adding AWS-LC to the OpenVPN CI
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
X-Patchwork-Original-From: Shubham Mittal via Openvpn-devel
 <openvpn-devel@lists.sourceforge.net>
From: Shubham Mittal <smittals@amazon.com>
Reply-To: Shubham Mittal <smittals@amazon.com>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1822449245671597858?=
X-GMAIL-MSGID: =?utf-8?q?1822624262172041364?=

URL: https://github.com/OpenVPN/openvpn/pull/673
Acked-by: Arne Schwabe <arne@rfc2549.org>
Signed-off-by: Shubham Mittal <smittals@amazon.com>
---
 .github/workflows/build.yaml | 62 ++++++++++++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 90d52023..2c77004d 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -424,3 +424,65 @@ jobs:
         run: echo 'RUN_SUDO="sudo -E"' >tests/t_server_null.rc
       - name: make check
         run: make -j3 check VERBOSE=1
+
+  aws-lc:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-24.04]
+        ssllib: [ awslc ]
+        build: [ normal, asan ]
+        include:
+          - build: asan
+            cflags: "-fsanitize=address -fno-sanitize-recover=all  -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
+            ldflags: -fsanitize=address -fno-sanitize-recover=all
+            cc: clang
+            cxx: clang++
+          - build: normal
+            cflags: "-O2 -g"
+            ldflags: ""
+            cc: gcc
+            cxx: c++
+
+    name: "${{matrix.cc}} ${{matrix.build}} - ${{matrix.os}} - ${{matrix.ssllib}}"
+    runs-on: ${{matrix.os}}
+    env:
+      CFLAGS: ${{ matrix.cflags }}
+      LDFLAGS: ${{ matrix.ldflags }}
+      CC: ${{matrix.cc}}
+      CXX: ${{matrix.cxx}}
+      UBSAN_OPTIONS: print_stacktrace=1
+      AWS_LC_INSTALL: ${{ github.workspace }}/aws-lc/aws-lc-install
+
+    steps:
+      - name: Install dependencies
+        run: sudo apt update && sudo apt install -y cmake gcc ninja-build golang make liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils python3-jinja2 python3-jsonschema libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev
+      - name: "AWS-LC: checkout"
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          path: aws-lc
+          repository: aws/aws-lc
+          ref: v1.42.0
+      - name: "AWS-LC: build"
+        run: |
+          mkdir build
+          cd build
+          cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX="${{ env.AWS_LC_INSTALL }}" -DBUILD_SHARED_LIBS=1 ../
+          ninja install
+        working-directory: aws-lc
+      - name: Checkout OpenVPN
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - name: autoconf
+        run: autoreconf -fvi
+      - name: configure with AWS-LC
+        run: |
+          OPENSSL_CFLAGS="-I/${{ env.AWS_LC_INSTALL }}/include" \
+          OPENSSL_LIBS="-L/${{ env.AWS_LC_INSTALL }}/lib -lssl -lcrypto" \
+          LDFLAGS="-Wl, -rpath=/${{ env.AWS_LC_INSTALL }}/lib" \
+          ./configure --with-crypto-library=openssl
+      - name: make all
+        run: make -j3
+      - name: configure checks
+        run: echo 'RUN_SUDO="sudo -E"' >tests/t_server_null.rc
+      - name: make check
+        run: make -j3 check VERBOSE=1
\ No newline at end of file