From patchwork Tue Nov 21 16:59:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "plaisthos (Code Review)" X-Patchwork-Id: 3471 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:53c1:b0:f2:62eb:61c1 with SMTP id u1csp517886dye; Tue, 21 Nov 2023 09:01:17 -0800 (PST) X-Google-Smtp-Source: AGHT+IEmt7aA79sfEYY8yzPKgJ/2CCKCiYzrX1JPI8CfEW8E+fYRaCMs5JKDZw3PnHmdt4wwA436 X-Received: by 2002:a05:6a00:1d8b:b0:6cb:b6e3:e007 with SMTP id z11-20020a056a001d8b00b006cbb6e3e007mr4593496pfw.2.1700586077078; Tue, 21 Nov 2023 09:01:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700586077; cv=none; d=google.com; s=arc-20160816; b=ojKc/Wjqpli9uPCWv9HyYhvdtmI1t/H4auV93bbk1kzqajn2iL3r+WLgbHoUID+g2t rAx5Toj0y0fTO4fES62cZhQpHa0CiAr12/vQP96W2bofwf6Iu5z4qACl7PC+XXXCjCXx Cq0RGthiiCMC4UYS4sgCAxg7jExjvKzlXjXuQvQTtXFqZrH2ydaf81vJ17IPFRWUAWzS pRj0IAqvSSC2dDp1ErSPoErZ3XDiC1l5K/Dy8Nx7EhM/Jj45ZLqe03dp/LNZP1I2il5y xbB4hYBf/oyPF8TUiPnRYF7/Au1RsO++RL5raHcMDmxQn1luI89cZc2XAWU1nDpC2w/z hy3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:cc:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:user-agent :mime-version:message-id:references:auto-submitted:to:date:from :dkim-signature:dkim-signature:dkim-signature; bh=+jo+Mls9X9t9isR5/+grJ7715pASMwF/uyFJr8ZdZRM=; fh=lm0MLPW7DntlrDqRECIiC9JlE1uPxhepE0URYHIf+eE=; b=CNsB9JQmXZqJqB1yOfnNQxYZ+MZpqpRQUWqPlWSQZPiyVjv9Jx4m+Aa9dA9DjGNJgg 46tJnlno/ydzI/gNOB2bbvkYVfPnqT9j15xwYJ/uS/jd9FiAyFor+BwJGTSh6ruqq2bg +3TGmjlyo44bQc9VyB+1ivEwgV2PS10afC8RzuDB2ziSXve2ikCI329aooQiSV7SaGJw ZsJBMkk+51EffS1mwak4mCqfvIw554H8XuUbAkZjH+LSHmMkvW9NHLUyQkkixz2bU7MZ dybHmFOwPqWYXhS8Dxz6ZfuValAoCkjQDLUN8ujn4+cfTXVUD711EJ5wHlEwky7HG8PD 8I8g== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=BrLhXPCK; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=bRTnfNAC; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=W1cQPJsR; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id m66-20020a625845000000b006cb4b976a21si7882182pfb.130.2023.11.21.09.01.16 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 21 Nov 2023 09:01:17 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=BrLhXPCK; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=bRTnfNAC; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=W1cQPJsR; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1r5U6h-0002mG-7a; Tue, 21 Nov 2023 17:00:16 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1r5U6e-0002m9-KY for openvpn-devel@lists.sourceforge.net; Tue, 21 Nov 2023 17:00:13 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:To:Date: From:Sender:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help: List-Subscribe:List-Post:List-Owner:List-Archive; bh=vAjFj9FqS1QR5kjjZYru52XQ7e8t+1gVJ4u/lXOI42I=; b=BrLhXPCK00OZ7046Sq1qCsJ3er UOsusouzUI3wvwkzFK2tJAkcjikGGEUcnGEMFDadl1whlNMtoM1Z8nnDTAxEUlVjyA4HzCvhDPEJX e7hNF7sdELwhjojNNjiuOm45HhFySSsocCqi9JDyWvtcTFb4jXpmZPl8MaIHyVayV/Hs=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To: References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:From:Sender:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post: List-Owner:List-Archive; bh=vAjFj9FqS1QR5kjjZYru52XQ7e8t+1gVJ4u/lXOI42I=; b=b RTnfNACfznXy7+1oWAfqotF6DyRJMKGoZS1LslTZK3JjQo8YMpNlV9hqRj5y5kM+Jup7JODxap/n0 2usH8Bw9jNNxR/tpf80dOz/STmPpTUWGHYbk6sYWtBZKorgOOH00dqSfpAM5wBuxddFgwwX4nN7dj DTuRrer5S61iDJa8=; Received: from mail-wr1-f53.google.com ([209.85.221.53]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1r5U6Y-00C3v7-8g for openvpn-devel@lists.sourceforge.net; Tue, 21 Nov 2023 17:00:12 +0000 Received: by mail-wr1-f53.google.com with SMTP id ffacd0b85a97d-332ce50450dso537023f8f.1 for ; Tue, 21 Nov 2023 09:00:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=openvpn.net; s=google; t=1700585999; x=1701190799; darn=lists.sourceforge.net; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from:from:to:cc :subject:date:message-id:reply-to; bh=vAjFj9FqS1QR5kjjZYru52XQ7e8t+1gVJ4u/lXOI42I=; b=W1cQPJsRvII8yjtfDi0tvXLwGx+olIKqrwxolI4QVUsIc7gqjjBdVEcXOYqW0CIy2y VBqkA9n/WzMBPVIPRedz2Bk3s6yngYDG8qTKJBOb0tRYHTJRzcID+NThbw41FPcwJK6l cfXwImFXeFVwbJugu1gUYYsq8IfWN8lwhJGRIJCvkkIfCiHhR19ltDyOktvMqiZ+G/fb DU2AOYOmyiHkcn3ofvV5oEQlRQ/420Eocx3DItaSSSRrgCZbIbTVoMWqyt+JvIEzToCC 7YcbEABfCkI9A9ToIxErmd9HdmDfkUs2mEXaa0x2sAD9HuGvrEohwZDEMLCzeXp5YGgd DvOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700585999; x=1701190799; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=vAjFj9FqS1QR5kjjZYru52XQ7e8t+1gVJ4u/lXOI42I=; b=lWqhdaQBVEMJEGRK9U4XvwfkEHYA+ZbnQNZJw1QG0l9/xYsZw1o9COrKHM1zP7InQq HjsMGmQbYczdPsC0fZCTHdA3vW5DSthp7KhGxFM4qOPaFiVs/PdYJrfqfzxokg4a35Mi AcjVEat8ZFVWf4TSPr+AYsgvf/UjugUkFobfOBriVgcALLTFQK1i+n18v2t8UErV6YPP IoAjloLR7llNXrnsDZKcPrEbpVM2ZUPebQ/bHuKgPfykDPyNi+WjVqM/nXoDkJbsUxhz OpYzMJV3sUBwt4KAib0hmFYAGDXTw8IT5b/Kw4UPK5CuSaChScf0Poi8T8N5TKtodkze g6gw== X-Gm-Message-State: AOJu0YxTWRrlt4LuN/DNrffRyVAJ2VMQBXq/vD9LliymNffFqebpQN27 9MldJ9vewz1yAulgWQfuVf63FiQU6DKmkTsEBQQ= X-Received: by 2002:a5d:5703:0:b0:32f:7f6c:72a6 with SMTP id a3-20020a5d5703000000b0032f7f6c72a6mr5562812wrv.16.1700585998769; Tue, 21 Nov 2023 08:59:58 -0800 (PST) Received: from gerrit.openvpn.in (ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78]) by smtp.gmail.com with ESMTPSA id q16-20020adfcd90000000b0032d9caeab0fsm14962094wrj.77.2023.11.21.08.59.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 08:59:58 -0800 (PST) From: "plaisthos (Code Review)" X-Google-Original-From: "plaisthos (Code Review)" X-Gerrit-PatchSet: 1 Date: Tue, 21 Nov 2023 16:59:57 +0000 To: flichtenheld Auto-Submitted: auto-generated X-Gerrit-MessageType: newchange X-Gerrit-Change-Id: I39fb3f05b6245af9ae5dd666bfc53ed07e5cfb24 X-Gerrit-Change-Number: 455 X-Gerrit-Project: openvpn X-Gerrit-ChangeURL: X-Gerrit-Commit: 4ebb0d66b74034312ab6339b97e664eb644f9468 References: Message-ID: <0ba5481265f54ac3c4b528d514804c7fdf455338-HTML@gerrit.openvpn.net> MIME-Version: 1.0 User-Agent: Gerrit/3.8.2 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Attention is currently required from: flichtenheld. Hello flichtenheld, I'd like you to do a code review. Please visit Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.221.53 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.221.53 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP 0.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.0 T_SCC_BODY_TEXT_LINE No description available. 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted Colors in HTML X-Headers-End: 1r5U6Y-00C3v7-8g Subject: [Openvpn-devel] [S] Change in openvpn[master]: Cache mbed TLS dependency and build latest 2.x mbed TLS as well X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: arne-openvpn@rfc2549.org, openvpn-devel@lists.sourceforge.net, frank@lichtenheld.com Cc: openvpn-devel Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1783193746111563991?= X-GMAIL-MSGID: =?utf-8?q?1783193746111563991?= X-getmail-filter-classifier: gerrit message type newchange Attention is currently required from: flichtenheld. Hello flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/455?usp=email to review the following change. Change subject: Cache mbed TLS dependency and build latest 2.x mbed TLS as well ...................................................................... Cache mbed TLS dependency and build latest 2.x mbed TLS as well Change-Id: I39fb3f05b6245af9ae5dd666bfc53ed07e5cfb24 --- M .github/workflows/build.yaml 1 file changed, 23 insertions(+), 7 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/55/455/1 diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index cd72f3d..c1f42dd 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -366,8 +366,8 @@ fail-fast: false matrix: os: [ubuntu-22.04] - ssllib: [mbedtls3] build: [ normal, asan ] + mbedtlsver: [ v3.5.1, v2.28.6 ] include: - build: asan cflags: "-fsanitize=address -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1" @@ -378,29 +378,45 @@ ldflags: "" cc: gcc - name: "${{matrix.cc}} ${{matrix.build}} - ${{matrix.os}} - ${{matrix.ssllib}}" + name: "${{matrix.cc}} ${{matrix.build}} - ${{matrix.os}} - mbed TLS ${{matrix.mbedtlsver}}" runs-on: ${{matrix.os}} env: CFLAGS: ${{ matrix.cflags }} LDFLAGS: ${{ matrix.ldflags }} CC: ${{matrix.cc}} UBSAN_OPTIONS: print_stacktrace=1 + MBEDTLS_CFLAGS: -I/opt/mbedtls/include + MBEDTLS_LIBS: -L/opt/mbedtls/lib -lmbedtls -lmbedx509 -lmbedcrypto steps: - name: Install dependencies run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils python3-jinja2 python3-jsonschema libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev - - name: "mbedtls: checkout" + + - name: Cache mbed TLS + id: cache + uses: actions/cache@v3 + with: + path: '/opt/mbedtls' + key: ${{ matrix.build }}-mbedtls-${{matrix.mbedtlsver}}-${{matrix.cmakebuild}} + - name: "Mbed TLS: checkout" uses: actions/checkout@v3 with: path: mbedtls repository: Mbed-TLS/mbedtls - ref: v3.5.0 - - name: "mbedtls: make no_test" + ref: ${{ matrix.mbedtlsver} + if: steps.cache.outputs.cache-hit != 'true' + - name: "Mbed TLS: make no_test" run: make -j3 no_test SHARED=1 working-directory: mbedtls - - name: "mbedtls: make install" - run: sudo make install DESTDIR=/usr + if: steps.cache.outputs.cache-hit != 'true' + - name: "Mbed TLS: make install" + run: sudo make install DESTDIR=/opt/mbedtls working-directory: mbedtls + if: steps.cache.outputs.cache-hit != 'true' + - name: add /opt/mbedtls/lib to ld.so.conf.d + run: echo /opt/mbedtls/lib | sudo tee /etc/ld.so.conf.d/mbedtls.conf + - name: "ldconfig" + run: sudo ldconfig - name: Checkout OpenVPN uses: actions/checkout@v3 - name: autoconf