[Openvpn-devel] Adding AWS-LC to the OpenVPN CI

Message ID	20250131205727.60957-1-smittals@amazon.com
State	Accepted
Headers	show Return-Path: <openvpn-devel-bounces@lists.sourceforge.net> Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; To: <openvpn-devel@lists.sourceforge.net> Date: Fri, 31 Jan 2025 12:57:27 -0800 Message-ID: <20250131205727.60957-1-smittals@amazon.com> In-Reply-To: <20250127235413.1925-1-smittals@amazon.com> References: <20250127235413.1925-1-smittals@amazon.com> MIME-Version: 1.0 preview: URL: https://github.com/OpenVPN/openvpn/pull/673 Acked-by: Arne Schwabe <arne@rfc2549.org> Signed-off-by: Shubham Mittal <smittals@amazon.com> --- .github/workflows/build.yaml \| 62 +++++++++++++++++++ [...] Content analysis details: (-3.8 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [99.78.197.218 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [99.78.197.218 listed in bl.score.senderscore.com] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [99.78.197.218 listed in list.dnswl.org] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines -1.3 DKIMWL_WL_HIGH DKIMwl.org - High trust sender Subject: [Openvpn-devel] [PATCH] Adding AWS-LC to the OpenVPN CI Precedence: list From: Shubham Mittal via Openvpn-devel <openvpn-devel@lists.sourceforge.net> Reply-To: Shubham Mittal <smittals@amazon.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox
Series	[Openvpn-devel] Adding AWS-LC to the OpenVPN CI \| expand [Openvpn-devel] Adding AWS-LC to the OpenVPN CI

Message ID

20250131205727.60957-1-smittals@amazon.com

State

Accepted

Headers

Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
To: <openvpn-devel@lists.sourceforge.net>
Date: Fri, 31 Jan 2025 12:57:27 -0800
Message-ID: <20250131205727.60957-1-smittals@amazon.com>
In-Reply-To: <20250127235413.1925-1-smittals@amazon.com>
References: <20250127235413.1925-1-smittals@amazon.com>
MIME-Version: 1.0
Subject: [Openvpn-devel] [PATCH] Adding AWS-LC to the OpenVPN CI
Precedence: list
From: Shubham Mittal via Openvpn-devel <openvpn-devel@lists.sourceforge.net>
Reply-To: Shubham Mittal <smittals@amazon.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net

Series

[Openvpn-devel] Adding AWS-LC to the OpenVPN CI | expand

Commit Message

Shubham Mittal Jan. 31, 2025, 8:57 p.m. UTC

URL: https://github.com/OpenVPN/openvpn/pull/673
Acked-by: Arne Schwabe <arne@rfc2549.org>
Signed-off-by: Shubham Mittal <smittals@amazon.com>
---
 .github/workflows/build.yaml | 62 ++++++++++++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)

Comments

Arne Schwabe Feb. 3, 2025, 12:03 p.m. UTC | #1

Am 31.01.25 um 21:57 schrieb Shubham Mittal:
> URL: https://github.com/OpenVPN/openvpn/pull/673
> Acked-by: Arne Schwabe <arne@rfc2549.org>
> Signed-off-by: Shubham Mittal <smittals@amazon.com>

Looks good now.

Acked-by: Arne Schwabe <arne@rfc2549.org>

Gert Doering Feb. 3, 2025, 12:48 p.m. UTC | #2

Your patch has been applied to the master branch.

For future submissions, please take a few things into account to make
our lives easier

  - please do not include the "Acked-By:" lines - this is added by me,
    after seeing a formal ACK on the mailing list or in Gerrit.
    Github PR reviews are not considered "formal ACK" for OpenVPN main
    (transparency and archiving requirements), as of today.

  - if you send a new version of the patch, please include "-v2", "-v3"
    etc. in the git-send-email (or git-format-patch) command, so it's
    clear which e-mail is which patch version, and also to which version
    a comment on the list applies.

thanks :-)

commit 060ead650450553214dad3e9856c500deb672bba
Author: Shubham Mittal
Date:   Fri Jan 31 12:57:27 2025 -0800

     Adding AWS-LC to the OpenVPN CI

     Signed-off-by: Shubham Mittal <smittals@amazon.com>
     Acked-by: Arne Schwabe <arne@rfc2549.org>
     Message-Id: <20250131205727.60957-1-smittals@amazon.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg30776.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 90d52023..88ec513b 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -424,3 +424,65 @@  jobs:
         run: echo 'RUN_SUDO="sudo -E"' >tests/t_server_null.rc
       - name: make check
         run: make -j3 check VERBOSE=1
+
+  aws-lc:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-24.04]
+        ssllib: [ awslc ]
+        build: [ normal, asan ]
+        include:
+          - build: asan
+            cflags: "-fsanitize=address -fno-sanitize-recover=all  -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
+            ldflags: -fsanitize=address -fno-sanitize-recover=all
+            cc: clang
+            cxx: clang++
+          - build: normal
+            cflags: "-O2 -g"
+            ldflags: ""
+            cc: gcc
+            cxx: c++
+
+    name: "${{matrix.cc}} ${{matrix.build}} - ${{matrix.os}} - ${{matrix.ssllib}}"
+    runs-on: ${{matrix.os}}
+    env:
+      CFLAGS: ${{ matrix.cflags }}
+      LDFLAGS: ${{ matrix.ldflags }}
+      CC: ${{matrix.cc}}
+      CXX: ${{matrix.cxx}}
+      UBSAN_OPTIONS: print_stacktrace=1
+      AWS_LC_INSTALL: ${{ github.workspace }}/aws-lc/aws-lc-install
+
+    steps:
+      - name: Install dependencies
+        run: sudo apt update && sudo apt install -y cmake gcc ninja-build golang make liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils python3-jinja2 python3-jsonschema libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev
+      - name: "AWS-LC: checkout"
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          path: aws-lc
+          repository: aws/aws-lc
+          ref: v1.42.0
+      - name: "AWS-LC: build"
+        run: |
+          mkdir build
+          cd build
+          cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX="${{ env.AWS_LC_INSTALL }}" -DBUILD_SHARED_LIBS=1 ../
+          ninja install
+        working-directory: aws-lc
+      - name: Checkout OpenVPN
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - name: autoconf
+        run: autoreconf -fvi
+      - name: configure with AWS-LC
+        run: |
+          OPENSSL_CFLAGS="-I/${{ env.AWS_LC_INSTALL }}/include" \
+          OPENSSL_LIBS="-L/${{ env.AWS_LC_INSTALL }}/lib -lssl -lcrypto" \
+          LDFLAGS="-Wl,-rpath=/${{ env.AWS_LC_INSTALL }}/lib" \
+          ./configure --with-crypto-library=openssl
+      - name: make all
+        run: make -j3
+      - name: configure checks
+        run: echo 'RUN_SUDO="sudo -E"' >tests/t_server_null.rc
+      - name: make check
+        run: make -j3 check VERBOSE=1
\ No newline at end of file

[Openvpn-devel] Adding AWS-LC to the OpenVPN CI

Commit Message

Comments

Patch