From patchwork Fri Aug 26 05:30:26 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 2733 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director13.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id cOghDV7nCGORQQAAIUCqbw (envelope-from ) for ; Fri, 26 Aug 2022 11:31:42 -0400 Received: from proxy3.mail.ord1d.rsapps.net ([172.30.191.6]) by director13.mail.ord1d.rsapps.net with LMTP id wIbADF7nCGPeMQAA91zNiA (envelope-from ) for ; Fri, 26 Aug 2022 11:31:42 -0400 Received: from smtp5.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy3.mail.ord1d.rsapps.net with LMTPS id eElkDF7nCGMKNwAA7WKfLA (envelope-from ) for ; Fri, 26 Aug 2022 11:31:42 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp5.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: 2e54a628-2554-11ed-bc5e-525400d73c44-1-1 Received: from [216.105.38.7] ([216.105.38.7:35980] helo=lists.sourceforge.net) by smtp5.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id D7/80-20651-C57E8036; Fri, 26 Aug 2022 11:31:41 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1oRbI8-0000Jj-Rp; Fri, 26 Aug 2022 15:30:40 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1oRbI7-0000JU-Bh for openvpn-devel@lists.sourceforge.net; Fri, 26 Aug 2022 15:30:39 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=iTBgtpKwuJhRFJaQmxhr4N9guCK7/F1NnbSDdYGJRvo=; b=nCOjLk+1CoTmE7seZ75o/ad7jC 3r7ngzKhY5WBkMz9NG1c+GSkyn7dGJ7RwvipnkbxvswFyXV+vmhoAA31nkWy9zfhAN2mg4Km1rDWB H2ckZ892MVsxg254RsAjc9SJQCzy3/0OGw/yGJfYAgdMb8TdWwoLwIQqxEe6b0YEFljA=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:To:From: Sender:Reply-To:Cc:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=iTBgtpKwuJhRFJaQmxhr4N9guCK7/F1NnbSDdYGJRvo=; b=j HG7yDySj4UyarCg/bUtwPNg5NKOtqBZVnBoIB0rYm6JBEaszdOXsvE6pksmhX7dak1nL18lF/hhTm fQtxFphWE6fyARvliIl9aJEhE7X2kT8OCFLjVBo1pd6TAKDkheplN29CPlOdjyszf5ojHy4GoJJ5z i1gPb0fiKLijBIqQ=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1oRbI5-001ddd-LN for openvpn-devel@lists.sourceforge.net; Fri, 26 Aug 2022 15:30:39 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1oRbHu-000JHI-HY for openvpn-devel@lists.sourceforge.net; Fri, 26 Aug 2022 17:30:26 +0200 Received: (nullmailer pid 337945 invoked by uid 10006); Fri, 26 Aug 2022 15:30:26 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Fri, 26 Aug 2022 17:30:26 +0200 Message-Id: <20220826153026.337899-1-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This also updates the host system to ubuntu 22.04 and remove the ovpn-dco-win checkout as we now include the required headers in our own repository. Signed-off-by: Arne Schwabe Patch v2: rebase Content analysis details: (0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Headers-End: 1oRbI5-001ddd-LN Subject: [Openvpn-devel] [PATCH v2] Add OpenSSL 3.0 to mingw build X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox This also updates the host system to ubuntu 22.04 and remove the ovpn-dco-win checkout as we now include the required headers in our own repository. Signed-off-by: Arne Schwabe Patch v2: rebase Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- .github/workflows/build.yaml | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index f182a4fe4..f34f6a266 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -39,23 +39,22 @@ jobs: strategy: fail-fast: false matrix: + osslver: [1.1.1q, 3.0.5] + target: [mingw64, mingw] include: - target: mingw64 chost: x86_64-w64-mingw32 - target: mingw chost: i686-w64-mingw32 - name: "gcc-mingw - ${{matrix.target}}" - - runs-on: ubuntu-20.04 + name: "gcc-mingw - ${{matrix.target}} - OSSL ${{ matrix.osslver }}" + runs-on: ubuntu-22.04 env: MAKEFLAGS: -j3 LZO_VERSION: "2.10" PKCS11_HELPER_VERSION: "1.29.0" - OPENSSL_VERSION: "1.1.1n" + OPENSSL_VERSION: "${{ matrix.osslver }}" TAP_WINDOWS_VERSION: "9.23.3" - CHOST: ${{ matrix.chost }} - TARGET: ${{ matrix.target }} steps: - name: Install dependencies run: sudo apt update && sudo apt install -y mingw-w64 libtool automake autoconf man2html unzip @@ -73,7 +72,7 @@ jobs: uses: actions/cache@v3 with: path: '~/mingw/' - key: ${{ matrix.target }}-mingw-${{ env.OPENSSL_VERSION }}-${{ env.LZO_VERSION }}-${{ env.PKCS11_HELPER_VERSION }}-${{ env.TAP_WINDOWS_VERSION }} + key: ${{ matrix.target }}-mingw-${{ matrix.osslver }}-${{ env.LZO_VERSION }}-${{ env.PKCS11_HELPER_VERSION }}-${{ env.TAP_WINDOWS_VERSION }} # Repeating if: steps.cache.outputs.cache-hit != 'true' # on every step for building dependencies is ugly but @@ -85,15 +84,15 @@ jobs: wget -c -P download-cache/ "https://build.openvpn.net/downloads/releases/tap-windows-${TAP_WINDOWS_VERSION}.zip" wget -c -P download-cache/ "https://www.oberhumer.com/opensource/lzo/download/lzo-${LZO_VERSION}.tar.gz" wget -c -P download-cache/ "https://github.com/OpenSC/pkcs11-helper/releases/download/pkcs11-helper-${PKCS11_HELPER_VERSION}/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2" - wget -c -P download-cache/ "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz" tar jxf "download-cache/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2" + wget -c -P download-cache/ "https://www.openssl.org/source/old/1.1.1/openssl-${OPENSSL_VERSION}.tar.gz" || wget -c -P download-cache/ "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz" tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" tar zxf "download-cache/lzo-${LZO_VERSION}.tar.gz" unzip download-cache/tap-windows-${TAP_WINDOWS_VERSION}.zip - name: Configure OpenSSL if: steps.cache.outputs.cache-hit != 'true' - run: ./Configure --cross-compile-prefix=${CHOST}- shared ${{ matrix.target }} no-capieng --prefix="${HOME}/mingw/opt" --openssldir="${HOME}/mingw/opt" -static-libgcc + run: ./Configure --cross-compile-prefix=${{ matrix.chost }}- shared ${{ matrix.target }} no-capieng --prefix="${HOME}/mingw/opt" --openssldir="${HOME}/mingw/opt" -static-libgcc working-directory: "./openssl-${{ env.OPENSSL_VERSION }}" - name: Build OpenSSL @@ -101,6 +100,9 @@ jobs: run: make working-directory: "./openssl-${{ env.OPENSSL_VERSION }}" + # OpenSSL 3.0.5 installs itself into mingw/opt/lib64 instead of + # mingw/opt/lib, so we include both dirs in the following steps + # (pkcs11-helper and OpenVPN) so the libraries will be found - name: Install OpenSSL if: steps.cache.outputs.cache-hit != 'true' run: make install @@ -113,7 +115,7 @@ jobs: - name: configure pkcs11-helper if: steps.cache.outputs.cache-hit != 'true' - run: OPENSSL_LIBS="-L${HOME}/mingw/opt/lib -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig ./configure --host=${CHOST} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu --disable-crypto-engine-gnutls --disable-crypto-engine-nss --disable-crypto-engine-polarssl --disable-crypto-engine-mbedtls + run: OPENSSL_LIBS="-L${HOME}/mingw/opt/lib -L${HOME}/mingw/opt/lib64 -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig ./configure --host=${{ matrix.chost }} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu --disable-crypto-engine-gnutls --disable-crypto-engine-nss --disable-crypto-engine-polarssl --disable-crypto-engine-mbedtls working-directory: "./pkcs11-helper-${{ env.PKCS11_HELPER_VERSION }}" - name: build pkcs11-helper @@ -128,7 +130,7 @@ jobs: - name: Configure lzo if: steps.cache.outputs.cache-hit != 'true' - run: ./configure --host=${CHOST} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu + run: ./configure --host=${{ matrix.chost }} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu working-directory: "./lzo-${{ env.LZO_VERSION }}" - name: build lzo @@ -146,7 +148,7 @@ jobs: run: cp ./tap-windows-${TAP_WINDOWS_VERSION}/include/tap-windows.h ${HOME}/mingw/opt/include/ - name: configure OpenVPN - run: PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig LDFLAGS=-L$HOME/mingw/opt/lib CFLAGS=-I$HOME/mingw/opt/include OPENSSL_LIBS="-L${HOME}/opt/lib -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PREFIX=$HOME/mingw/opt LZO_CFLAGS=-I$HOME/mingw/opt/include LZO_LIBS="-L${HOME}/mingw/opt/lib -llzo2" ./configure --host=${CHOST} --disable-lz4 + run: PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig LDFLAGS=-L$HOME/mingw/opt/lib CFLAGS=-I$HOME/mingw/opt/include OPENSSL_LIBS="-L${HOME}/opt/lib -L$HOME/mingw/opt/lib64 -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PREFIX=$HOME/mingw/opt LZO_CFLAGS=-I$HOME/mingw/opt/include LZO_LIBS="-L${HOME}/mingw/opt/lib -llzo2" ./configure --host=${{ matrix.chost }} --disable-lz4 working-directory: openvpn - name: build OpenVPN