Skip to content

Minimal Solaris/OpenIndiana support to Cmake and clean up -Werror #548

Minimal Solaris/OpenIndiana support to Cmake and clean up -Werror

Minimal Solaris/OpenIndiana support to Cmake and clean up -Werror #548

Workflow file for this run

# The name of our workflow
name: Build
on:
push:
pull_request:
jobs:
checkuncrustify:
name: "Check code style with Uncrustify"
# Ubuntu 22.04 has uncrustify 0.72_f
runs-on: ubuntu-22.04
steps:
- name: Install dependencies
run: sudo apt update && sudo apt install -y uncrustify
- name: Checkout OpenVPN
uses: actions/checkout@v3
with:
path: openvpn
- name: Show uncrustify version
run: uncrustify --version
- name: Run uncrustify
run: ./dev-tools/reformat-all.sh
working-directory: openvpn
- name: Check for changes
run: git diff --output=uncrustify-changes.patch
working-directory: openvpn
- name: Show changes on standard output
run: git diff
working-directory: openvpn
- uses: actions/upload-artifact@v3
with:
name: uncrustify-changes.patch
path: 'openvpn/uncrustify-changes.patch'
- name: Set job status
run: test ! -s uncrustify-changes.patch
working-directory: openvpn
wolfssl:
strategy:
fail-fast: false
matrix:
os: [ubuntu-20.04]
ssllib: [wolfssl]
build: [normal, asan ]
include:
- build: asan
cflags: "-fsanitize=address,undefined -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
ldflags: -fsanitize=address,undefined -fno-sanitize-recover=all
cc: clang
- build: normal
cflags: "-O2 -g"
ldflags: ""
configureflags: ""
cc: gcc
name: "${{matrix.cc}} ${{matrix.build}} - ${{matrix.os}} - ${{matrix.ssllib}}"
runs-on: ${{matrix.os}}
env:
CFLAGS: ${{ matrix.cflags }}
LDFLAGS: ${{ matrix.ldflags }}
CC: ${{matrix.cc}}
UBSAN_OPTIONS: print_stacktrace=1
steps:
- name: Install dependencies
run: sudo apt update && sudo apt install -y build-essential liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf libmbedtls-dev pkg-config libcap-ng-dev libnl-genl-3-dev
- name: Cache dependencies
id: cache
uses: actions/cache@v3
with:
path: '/opt/wolfssl'
key: ${{ matrix.build }}-wolfSSL
- name: "wolfSSL: checkout"
if: steps.cache.outputs.cache-hit != 'true'
uses: actions/checkout@v3
with:
path: wolfssl
repository: wolfSSL/wolfssl
- name: "wolfSSL: autoconf"
if: steps.cache.outputs.cache-hit != 'true'
run: autoreconf -fvi
working-directory: wolfssl
- name: "wolfSSL: configure"
if: steps.cache.outputs.cache-hit != 'true'
run: ./configure --enable-openvpn --prefix=/opt/wolfssl
working-directory: wolfssl
- name: "wolfSSL: make all"
if: steps.cache.outputs.cache-hit != 'true'
run: make -j3
working-directory: wolfssl
- name: "wolfSSL: make install"
if: steps.cache.outputs.cache-hit != 'true'
run: sudo make install
working-directory: wolfssl
- name: "ldconfig"
run: sudo ldconfig
- name: Checkout OpenVPN
uses: actions/checkout@v3
- name: autoconf
run: autoreconf -fvi
- name: configure ${{matrix.configureflag}}
run: PKG_CONFIG_PATH=/opt/wolfssl/lib/pkgconfig ./configure --with-crypto-library=${{matrix.ssllib}} --enable-werror
- name: make all
run: make -j3
- name: make check
run: make check
mbedtls-git:
strategy:
fail-fast: false
matrix:
os: [ubuntu-22.04]
ssllib: [mbedtls]
build: [normal, asan]
mbedver: [v3.5.0, v2.28.5]
include:
- build: asan
cflags: "-fsanitize=address,undefined -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
ldflags: -fsanitize=address,undefined -fno-sanitize-recover=all
cc: clang
cmakebuild: ASan
- build: normal
cflags: "-O2 -g"
ldflags: ""
configureflags: ""
cc: gcc
cmakebuild: Release
name: "${{matrix.cc}} ${{matrix.build}} - ${{matrix.os}} - mbed TLS ${{matrix.mbedver}}"
runs-on: ${{matrix.os}}
env:
CFLAGS: ${{ matrix.cflags }}
LDFLAGS: ${{ matrix.ldflags }}
CC: ${{matrix.cc}}
UBSAN_OPTIONS: print_stacktrace=1
MBEDTLS_CFLAGS: -I/opt/mbedtls/include
MBEDTLS_LIBS: -L/opt/mbedtls/lib -lmbedtls -lmbedx509 -lmbedcrypto
steps:
- name: Install dependencies
run: sudo apt update && sudo apt install -y build-essential liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev cmake
- name: Cache dependencies
id: cache
uses: actions/cache@v3
with:
path: '/opt/mbedtls'
key: ${{ matrix.build }}-mbedtls-${{matrix.mbedver}}-${{matrix.cmakebuild}}
- name: "mbed TLS: checkout ${{matrix.mbedver}}"
if: steps.cache.outputs.cache-hit != 'true'
uses: actions/checkout@v3
with:
path: mbedtls
repository: mbed-TLS/mbedtls
ref: ${{matrix.mbedver}}
- name: "mbed TLS: cmake"
if: steps.cache.outputs.cache-hit != 'true'
run: cmake -DCMAKE_BUILD_TYPE=${{matrix.cmakebuild}} -DUSE_SHARED_MBEDTLS_LIBRARY=On -DCMAKE_INSTALL_PREFIX=/opt/mbedtls -B mbedbuild -S mbedtls
- name: "mbed TLS: build"
if: steps.cache.outputs.cache-hit != 'true'
run: cmake --build mbedbuild
- name: "mbed TLS: install"
if: steps.cache.outputs.cache-hit != 'true'
run: cmake --install mbedbuild
- name: add /opt/mbedtls/lib to ld.so.conf.d
run: echo /opt/mbedtls/lib | sudo tee /etc/ld.so.conf.d/mbedtls.conf
- name: "ldconfig"
run: sudo ldconfig
- name: Checkout OpenVPN
uses: actions/checkout@v3
- name: autoconf
run: autoreconf -fvi
- name: configure ${{matrix.configureflag}}
run: PKG_CONFIG_PATH=/opt/mbedtls/lib/pkgconfig ./configure --with-crypto-library=${{matrix.ssllib}} --enable-werror
- name: make all
run: make -j3
- name: make check
run: make check
mingw:
strategy:
fail-fast: false
matrix:
arch: [x86, x64]
name: "gcc-mingw - ${{ matrix.arch }} - OSSL"
runs-on: ubuntu-22.04
env:
VCPKG_ROOT: ${{ github.workspace }}/vcpkg
steps:
- name: Install dependencies
run: sudo apt update && sudo apt install -y mingw-w64 unzip cmake ninja-build build-essential wget python3-docutils man2html-base
- name: Checkout OpenVPN
uses: actions/checkout@v3
- name: Restore from cache and install vcpkg
uses: lukka/run-vcpkg@v11
with:
vcpkgGitCommitId: '1ba9a2591f15af5900f2ce2b3e2bf31771e3ac48'
vcpkgJsonGlob: '**/mingw/vcpkg.json'
- name: Run CMake with vcpkg.json manifest
uses: lukka/run-cmake@v10
with:
configurePreset: mingw-${{ matrix.arch }}
buildPreset: mingw-${{ matrix.arch }}
buildPresetAdditionalArgs: "['--config Debug']"
- uses: actions/upload-artifact@v3
with:
name: openvpn-mingw-${{ matrix.arch }}
path: |
${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/Debug/*.exe
${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/Debug/*.dll
!${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/Debug/test_*.exe
- uses: actions/upload-artifact@v3
with:
name: openvpn-mingw-${{ matrix.arch }}-tests
path: |
${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/Debug/test_*.exe
${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/Debug/*.dll
mingw-unittest:
needs: [ mingw ]
strategy:
fail-fast: false
matrix:
arch: [x86, x64]
test: [argv, auth_token, buffer, cryptoapi, crypto, misc, ncp, packet_id, pkt, provider, tls_crypt]
runs-on: windows-latest
name: "mingw unittest ${{ matrix.test }} - ${{ matrix.arch }} - OSSL"
steps:
- name: Retrieve mingw unittest
uses: actions/download-artifact@v3
with:
name: openvpn-mingw-${{ matrix.arch }}-tests
path: unittests
- name: Run ${{ matrix.test }} unit test
run: ./unittests/test_${{ matrix.test }}.exe
- name: Run reflect unit test
run: ./unittests/test_reflect.exe
ubuntu:
strategy:
fail-fast: false
matrix:
os: [ubuntu-20.04, ubuntu-22.04]
sslpkg: [libmbedtls-dev]
ssllib: [mbedtls]
libname: [mbed TLS]
include:
- os: ubuntu-20.04
sslpkg: "libssl-dev"
libname: OpenSSL 1.1.1
ssllib: openssl
- os: ubuntu-22.04
sslpkg: "libssl-dev"
libname: OpenSSL 3.0.2
ssllib: openssl
pkcs11pkg: "libpkcs11-helper1-dev softhsm2 gnutls-bin"
extraconf: --enable-pkcs11
- os: ubuntu-20.04
sslpkg: "libssl-dev"
libname: OpenSSL 1.1.1
ssllib: openssl
pkcs11pkg: "libpkcs11-helper1-dev softhsm2 gnutls-bin"
extraconf: "--enable-iproute2 --enable-pkcs11"
- os: ubuntu-20.04
sslpkg: "libssl-dev"
libname: OpenSSL 1.1.1
ssllib: openssl
extraconf: "--enable-async-push"
- os: ubuntu-20.04
sslpkg: "libssl-dev"
libname: OpenSSL 1.1.1
ssllib: openssl
extraconf: "--disable-management"
- os: ubuntu-20.04
sslpkg: "libssl-dev"
libname: OpenSSL 1.1.1
ssllib: openssl
extraconf: "--enable-small"
- os: ubuntu-20.04
sslpkg: "libssl-dev"
libname: OpenSSL 1.1.1
ssllib: openssl
extraconf: "--disable-lzo --disable-lz4"
name: "gcc - ${{matrix.os}} - ${{matrix.libname}} ${{matrix.extraconf}}"
env:
SSLPKG: "${{matrix.sslpkg}}"
PKCS11PKG: "${{matrix.pkcs11pkg}}"
runs-on: ${{matrix.os}}
steps:
- name: Install dependencies
run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev libnl-genl-3-dev linux-libc-dev man2html libcmocka-dev python3-docutils libtool automake autoconf ${SSLPKG} ${PKCS11PKG}
- name: Checkout OpenVPN
uses: actions/checkout@v3
- name: autoconf
run: autoreconf -fvi
- name: configure
run: ./configure --with-crypto-library=${{matrix.ssllib}} ${{matrix.extraconf}} --enable-werror
- name: make all
run: make -j3
- name: make check
run: make check
ubuntu-clang-asan:
strategy:
fail-fast: false
matrix:
os: [ubuntu-20.04]
ssllib: [mbedtls, openssl]
name: "clang-asan - ${{matrix.os}} - ${{matrix.ssllib}}"
env:
UBSAN_OPTIONS: print_stacktrace=1
runs-on: ${{matrix.os}}
steps:
- name: Install dependencies
run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev libnl-genl-3-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf libmbedtls-dev
- name: Checkout OpenVPN
uses: actions/checkout@v3
- name: autoconf
run: autoreconf -fvi
- name: configure
run: CFLAGS="-fsanitize=address,undefined -fno-sanitize-recover=all -fno-omit-frame-pointer -O2" CC=clang ./configure --with-crypto-library=${{matrix.ssllib}} --enable-werror
- name: make all
run: make -j3
- name: make check
run: make check
macos:
strategy:
fail-fast: false
matrix:
ssllib: [ openssl11, openssl3, libressl]
build: [ normal, asan ]
os: [macos-11, macos-12, macos-13]
include:
- build: asan
cflags: "-fsanitize=address,undefined -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
ldflags: -fsanitize=address,undefined -fno-sanitize-recover=all
# Our build system ignores LDFLAGS for plugins
configureflags: --disable-plugin-auth-pam --disable-plugin-down-root
- build: normal
cflags: "-O2 -g"
ldflags: ""
configureflags: ""
- ssllib: openssl11
libdir: [email protected]
configuressllib: ""
- ssllib: openssl3
libdir: openssl@3
configuressllib: ""
- ssllib: libressl
libdir: libressl
configuressllib: "--with-openssl-engine=no"
runs-on: ${{matrix.os}}
name: "${{matrix.os}} - ${{matrix.libdir}} - ${{matrix.build}}"
env:
CFLAGS: ${{ matrix.cflags }}
LDFLAGS: ${{ matrix.ldflags }}
OPENSSL_CFLAGS: "-I/usr/local/opt/${{matrix.libdir}}/include"
OPENSSL_LIBS: "-L/usr/local/opt/${{matrix.libdir}}/lib -lcrypto -lssl"
UBSAN_OPTIONS: print_stacktrace=1
steps:
- name: Install dependencies
run: brew install [email protected] openssl@3 lzo lz4 man2html cmocka libtool automake autoconf libressl
- name: Checkout OpenVPN
uses: actions/checkout@v3
- name: autoconf
run: autoreconf -fvi
- name: configure
run: ./configure --enable-werror ${{matrix.configureflags}} ${{matrix.configuressllib}}
- name: make all
run: make -j4
- name: make check
run: make check
msvc:
strategy:
fail-fast: false
matrix:
arch: [amd64, x86, arm64]
name: "msbuild - ${{ matrix.arch }} - openssl"
env:
BUILD_CONFIGURATION: Release
runs-on: windows-latest
steps:
- uses: actions/checkout@v3
- uses: lukka/get-cmake@latest
- name: Install rst2html
run: python -m pip install --upgrade pip docutils
- name: Restore artifacts, or setup vcpkg (do not install any package)
uses: lukka/run-vcpkg@v11
with:
vcpkgGitCommitId: '1ba9a2591f15af5900f2ce2b3e2bf31771e3ac48'
vcpkgJsonGlob: '**/windows/vcpkg.json'
- name: Run CMake with vcpkg.json manifest (NO TESTS)
uses: lukka/run-cmake@v10
if: ${{ matrix.arch == 'arm64' }}
with:
configurePreset: win-${{ matrix.arch }}-release
buildPreset: win-${{ matrix.arch }}-release
- name: Run CMake with vcpkg.json manifest
uses: lukka/run-cmake@v10
if: ${{ matrix.arch != 'arm64' }}
with:
configurePreset: win-${{ matrix.arch }}-release
buildPreset: win-${{ matrix.arch }}-release
testPreset: win-${{ matrix.arch }}-release
- uses: actions/upload-artifact@v3
with:
name: openvpn-msvc-${{ matrix.arch }}
path: |
${{ github.workspace }}/out/**/*.exe
${{ github.workspace }}/out/**/*.dll
!${{ github.workspace }}/out/**/test_*.exe
!${{ github.workspace }}/out/**/CMakeFiles/**
!${{ github.workspace }}/out/**/vcpkg_installed/**
libressl:
strategy:
fail-fast: false
matrix:
os: [ubuntu-22.04]
ssllib: [libressl]
build: [ normal, asan ]
configureflags: ["--with-openssl-engine=no"]
include:
- build: asan
cflags: "-fsanitize=address -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
ldflags: -fsanitize=address -fno-sanitize-recover=all
cc: clang
- build: normal
cflags: "-O2 -g"
ldflags: ""
cc: gcc
name: "${{matrix.cc}} ${{matrix.build}} - ${{matrix.os}} - ${{matrix.ssllib}}"
runs-on: ${{matrix.os}}
env:
CFLAGS: ${{ matrix.cflags }}
LDFLAGS: ${{ matrix.ldflags }}
CC: ${{matrix.cc}}
UBSAN_OPTIONS: print_stacktrace=1
steps:
- name: Install dependencies
run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev
- name: "libressl: checkout"
uses: actions/checkout@v3
with:
path: libressl
repository: libressl-portable/portable
ref: v3.7.0
# LibreSSL has master in the OPENBSD_BRANCH by default even in the tagged releases
# Manually use the OpenBSD branch that is more appropiate and remove git pull that
# breaks when checking out a tag instead of branch
- name: "libressl: fix build"
run: |
echo libressl-v3.7.0 > OPENBSD_BRANCH
sed -i -e 's/ git pull --rebase//' update.sh
working-directory: libressl
- name: "libressl: autogen.sh"
run: ./autogen.sh
working-directory: libressl
- name: "libressl: autoconf"
run: autoreconf -fvi
working-directory: libressl
- name: "libressl: configure"
run: ./configure
working-directory: libressl
- name: "libressl: make all"
run: make -j3
working-directory: libressl
- name: "libressl: make install"
run: sudo make install
working-directory: libressl
- name: "ldconfig"
run: sudo ldconfig
- name: Checkout OpenVPN
uses: actions/checkout@v3
- name: autoconf
run: autoreconf -fvi
- name: configure
run: ./configure --with-crypto-library=openssl ${{matrix.configureflags}} --enable-werror
- name: make all
run: make -j3
- name: make check
run: make check
mbedtls3:
strategy:
fail-fast: false
matrix:
os: [ubuntu-22.04]
build: [ normal, asan ]
mbedtlsver: [ v3.5.1, v2.28.6 ]
include:
- build: asan
cflags: "-fsanitize=address -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
ldflags: -fsanitize=address -fno-sanitize-recover=all
cc: clang
- build: normal
cflags: "-O2 -g"
ldflags: ""
cc: gcc
name: "${{matrix.cc}} ${{matrix.build}} - ${{matrix.os}} - mbed TLS ${{matrix.mbedtlsver}}"
runs-on: ${{matrix.os}}
env:
CFLAGS: ${{ matrix.cflags }}
LDFLAGS: ${{ matrix.ldflags }}
CC: ${{matrix.cc}}
UBSAN_OPTIONS: print_stacktrace=1
MBEDTLS_CFLAGS: -I/opt/mbedtls/include
MBEDTLS_LIBS: -L/opt/mbedtls/lib -lmbedtls -lmbedx509 -lmbedcrypto
steps:
- name: Install dependencies
run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils python3-jinja2 python3-jsonschema libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev
- name: Cache mbed TLS
id: cache
uses: actions/cache@v3
with:
path: '/opt/mbedtls'
key: ${{ matrix.build }}-mbedtls-${{matrix.mbedtlsver}}-${{matrix.cmakebuild}}
- name: "Mbed TLS: checkout"
uses: actions/checkout@v3
with:
path: mbedtls
repository: Mbed-TLS/mbedtls
ref: ${{ matrix.mbedtlsver }}
if: steps.cache.outputs.cache-hit != 'true'
- name: "Mbed TLS: make no_test"
run: make -j3 no_test SHARED=1
working-directory: mbedtls
if: steps.cache.outputs.cache-hit != 'true'
- name: "Mbed TLS: make install"
run: sudo make install DESTDIR=/opt/mbedtls
working-directory: mbedtls
if: steps.cache.outputs.cache-hit != 'true'
- name: add /opt/mbedtls/lib to ld.so.conf.d
run: echo /opt/mbedtls/lib | sudo tee /etc/ld.so.conf.d/mbedtls.conf
- name: "ldconfig"
run: sudo ldconfig
- name: Checkout OpenVPN
uses: actions/checkout@v3
- name: autoconf
run: autoreconf -fvi
- name: configure
run: ./configure --with-crypto-library=mbedtls
- name: make all
run: make -j3
- name: make check
run: make check