From patchwork Wed Aug 24 00:53:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 2718 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director9.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id IA9DAXsDBmPASAAAIUCqbw (envelope-from ) for ; Wed, 24 Aug 2022 06:54:51 -0400 Received: from proxy5.mail.ord1d.rsapps.net ([172.30.191.6]) by director9.mail.ord1d.rsapps.net with LMTP id +BcSAXsDBmN2UwAAalYnBA (envelope-from ) for ; Wed, 24 Aug 2022 06:54:51 -0400 Received: from smtp40.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy5.mail.ord1d.rsapps.net with LMTPS id 0ETbAHsDBmNHQwAA8Zzt7w (envelope-from ) for ; Wed, 24 Aug 2022 06:54:51 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp40.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: 2ce9472c-239b-11ed-95a9-525400f204c2-1-1 Received: from [216.105.38.7] ([216.105.38.7:52752] helo=lists.sourceforge.net) by smtp40.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 74/C8-22876-A7306036; Wed, 24 Aug 2022 06:54:50 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1oQo14-0002hK-DC; Wed, 24 Aug 2022 10:53:53 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1oQo10-0002h8-VJ for openvpn-devel@lists.sourceforge.net; Wed, 24 Aug 2022 10:53:43 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=+N1+2mzPULZisQ+ZYTMFL3KQ+9MyfxyTe9jXlAJoU+8=; b=RO7xfzNdUQG+vsgiAyiK0AZSWN 8xv4hw3J9mMWdU8jFBhFrDll4N8wLHfiuY449YhKn0kFf5PIRbE2ftDg0Cv73Ke6GhC4YfyIKJ38Y L+N+TWZYoFHkIg8AP3sEhEOLCb23JbOot3zsDx1xMKtdqRNGm3H0cLg8ChsFb65g+dBI=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:To:From: Sender:Reply-To:Cc:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=+N1+2mzPULZisQ+ZYTMFL3KQ+9MyfxyTe9jXlAJoU+8=; b=F vJOMeopUE7sQEgtq9gTk5yQAHfV+SQVWrWVOrc+u/m4V0hAozxkLXWTeqkaVcu7WIfn3M2F4oKBzs vpQmsosVfp1YFI4ZBbUT2KMVrg5zphk4MUG/S3tD1RXNn1z93Aj6E1EbGDRgEWswATAnrHcB4+Q4k 2kgXvHdgX9S1XhHI=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1oQo0g-0006fY-I2 for openvpn-devel@lists.sourceforge.net; Wed, 24 Aug 2022 10:53:25 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1oQo0V-0004DY-GU for openvpn-devel@lists.sourceforge.net; Wed, 24 Aug 2022 12:53:11 +0200 Received: (nullmailer pid 71336 invoked by uid 10006); Wed, 24 Aug 2022 10:53:11 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Wed, 24 Aug 2022 12:53:11 +0200 Message-Id: <20220824105311.71288-1-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This also updates the host system to ubuntu 22.04 and remove the ovpn-dco-win checkout as we now include the required headers in our own repository. Signed-off-by: Arne Schwabe --- .github/workflows/build.yaml | 31 ++++++++++++++ 1 file changed, 14 insertions(+), 17 deletions(-) Content analysis details: (0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Headers-End: 1oQo0g-0006fY-I2 Subject: [Openvpn-devel] [PATCH] Add OpenSSL 3.0 to mingw build X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox This also updates the host system to ubuntu 22.04 and remove the ovpn-dco-win checkout as we now include the required headers in our own repository. Signed-off-by: Arne Schwabe --- .github/workflows/build.yaml | 31 ++++++++++++++----------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index b0f67a785..f2472fdcf 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -39,31 +39,25 @@ jobs: strategy: fail-fast: false matrix: + osslver: [1.1.1q, 3.0.5] + target: [mingw64, mingw] include: - target: mingw64 chost: x86_64-w64-mingw32 - target: mingw chost: i686-w64-mingw32 - name: "gcc-mingw - ${{matrix.target}}" - - runs-on: ubuntu-20.04 + name: "gcc-mingw - ${{matrix.target}} - OSSL ${{ matrix.osslver }}" + runs-on: ubuntu-22.04 env: MAKEFLAGS: -j3 LZO_VERSION: "2.10" PKCS11_HELPER_VERSION: "1.29.0" - OPENSSL_VERSION: "1.1.1n" + OPENSSL_VERSION: "${{ matrix.osslver }}" TAP_WINDOWS_VERSION: "9.23.3" - CHOST: ${{ matrix.chost }} - TARGET: ${{ matrix.target }} steps: - name: Install dependencies run: sudo apt update && sudo apt install -y mingw-w64 libtool automake autoconf man2html unzip - - name: Checkout ovpn-dco-win - uses: actions/checkout@v3 - with: - repository: OpenVPN/ovpn-dco-win - path: ovpn-dco-win - name: Checkout OpenVPN uses: actions/checkout@v3 with: @@ -78,7 +72,7 @@ jobs: uses: actions/cache@v3 with: path: '~/mingw/' - key: ${{ matrix.target }}-mingw-${{ env.OPENSSL_VERSION }}-${{ env.LZO_VERSION }}-${{ env.PKCS11_HELPER_VERSION }}-${{ env.TAP_WINDOWS_VERSION }} + key: ${{ matrix.target }}-mingw-${{ matrix.osslver }}-${{ env.LZO_VERSION }}-${{ env.PKCS11_HELPER_VERSION }}-${{ env.TAP_WINDOWS_VERSION }} # Repeating if: steps.cache.outputs.cache-hit != 'true' # on every step for building dependencies is ugly but @@ -90,15 +84,15 @@ jobs: wget -c -P download-cache/ "https://build.openvpn.net/downloads/releases/tap-windows-${TAP_WINDOWS_VERSION}.zip" wget -c -P download-cache/ "https://www.oberhumer.com/opensource/lzo/download/lzo-${LZO_VERSION}.tar.gz" wget -c -P download-cache/ "https://github.com/OpenSC/pkcs11-helper/releases/download/pkcs11-helper-${PKCS11_HELPER_VERSION}/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2" - wget -c -P download-cache/ "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz" tar jxf "download-cache/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2" + wget -c -P download-cache/ "https://www.openssl.org/source/old/1.1.1/openssl-${OPENSSL_VERSION}.tar.gz" || wget -c -P download-cache/ "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz" tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" tar zxf "download-cache/lzo-${LZO_VERSION}.tar.gz" unzip download-cache/tap-windows-${TAP_WINDOWS_VERSION}.zip - name: Configure OpenSSL if: steps.cache.outputs.cache-hit != 'true' - run: ./Configure --cross-compile-prefix=${CHOST}- shared ${{ matrix.target }} no-capieng --prefix="${HOME}/mingw/opt" --openssldir="${HOME}/mingw/opt" -static-libgcc + run: ./Configure --cross-compile-prefix=${{ matrix.chost }}- shared ${{ matrix.target }} no-capieng --prefix="${HOME}/mingw/opt" --openssldir="${HOME}/mingw/opt" -static-libgcc working-directory: "./openssl-${{ env.OPENSSL_VERSION }}" - name: Build OpenSSL @@ -106,6 +100,9 @@ jobs: run: make working-directory: "./openssl-${{ env.OPENSSL_VERSION }}" + # OpenSSL 3.0.5 installs itself into mingw/opt/lib64 instead of + # mingw/opt/lib, so we include both dirs in the following steps + # (pkcs11-helper and OpenVPN) so the libraries will be found - name: Install OpenSSL if: steps.cache.outputs.cache-hit != 'true' run: make install @@ -118,7 +115,7 @@ jobs: - name: configure pkcs11-helper if: steps.cache.outputs.cache-hit != 'true' - run: OPENSSL_LIBS="-L${HOME}/mingw/opt/lib -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig ./configure --host=${CHOST} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu --disable-crypto-engine-gnutls --disable-crypto-engine-nss --disable-crypto-engine-polarssl --disable-crypto-engine-mbedtls + run: OPENSSL_LIBS="-L${HOME}/mingw/opt/lib -L${HOME}/mingw/opt/lib64 -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig ./configure --host=${{ matrix.chost }} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu --disable-crypto-engine-gnutls --disable-crypto-engine-nss --disable-crypto-engine-polarssl --disable-crypto-engine-mbedtls working-directory: "./pkcs11-helper-${{ env.PKCS11_HELPER_VERSION }}" - name: build pkcs11-helper @@ -133,7 +130,7 @@ jobs: - name: Configure lzo if: steps.cache.outputs.cache-hit != 'true' - run: ./configure --host=${CHOST} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu + run: ./configure --host=${{ matrix.chost }} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu working-directory: "./lzo-${{ env.LZO_VERSION }}" - name: build lzo @@ -151,7 +148,7 @@ jobs: run: cp ./tap-windows-${TAP_WINDOWS_VERSION}/include/tap-windows.h ${HOME}/mingw/opt/include/ - name: configure OpenVPN - run: PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig DCO_SOURCEDIR=$(realpath ../ovpn-dco-win) LDFLAGS=-L$HOME/mingw/opt/lib CFLAGS=-I$HOME/mingw/opt/include OPENSSL_LIBS="-L${HOME}/opt/lib -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PREFIX=$HOME/mingw/opt LZO_CFLAGS=-I$HOME/mingw/opt/include LZO_LIBS="-L${HOME}/mingw/opt/lib -llzo2" ./configure --host=${CHOST} --disable-lz4 --enable-dco + run: PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig DCO_SOURCEDIR=$(realpath ../ovpn-dco-win) LDFLAGS="-L$HOME/mingw/opt/lib -L$HOME/mingw/opt/lib64" CFLAGS=-I$HOME/mingw/opt/include OPENSSL_LIBS="-L${HOME}/opt/lib -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PREFIX=$HOME/mingw/opt LZO_CFLAGS=-I$HOME/mingw/opt/include LZO_LIBS="-L${HOME}/mingw/opt/lib -llzo2" ./configure --host=${{ matrix.chost }} --disable-lz4 --enable-dco working-directory: openvpn - name: build OpenVPN