diff --git a/.github/workflows/docker-OpenWrt.yml b/.github/workflows/docker-OpenWrt.yml index a343f4d90..25508b4c3 100644 --- a/.github/workflows/docker-OpenWrt.yml +++ b/.github/workflows/docker-OpenWrt.yml @@ -20,7 +20,7 @@ jobs: - name: Upload libwolfssl.so uses: actions/upload-artifact@v3 with: - name: libwolfssl.so + name: openwrt-libwolfssl.so path: src/.libs/libwolfssl.so retention-days: 1 compile_container: @@ -36,7 +36,7 @@ jobs: - uses: docker/setup-buildx-action@v2 - uses: actions/download-artifact@v3 with: - name: libwolfssl.so + name: openwrt-libwolfssl.so path: Docker/OpenWrt/. - name: Build but dont push uses: docker/build-push-action@v3 diff --git a/.github/workflows/hostap.yml b/.github/workflows/hostap.yml index 9624f90ca..10bc77ccd 100644 --- a/.github/workflows/hostap.yml +++ b/.github/workflows/hostap.yml @@ -4,6 +4,46 @@ on: workflow_call: jobs: + build_wolfssl: + strategy: + matrix: + include: + - build_id: hostap-build1 + wolf_extra_config: --disable-tls13 + - build_id: hostap-build2 + wolf_extra_config: --enable-brainpool --enable-wpas-dpp + name: Build wolfSSL + # Just to keep it the same as the testing target + runs-on: ubuntu-20.04 + steps: + # No way to view the full strategy in the browser (really weird) + - name: Print strategy + run: | + cat <> $GITHUB_ENV + + - name: Build wolfSSL + uses: wolfSSL/actions-build-autotools-project@v1 + with: + path: wolfssl + configure: >- + --enable-wpas CFLAGS=-DWOLFSSL_STATIC_RSA + ${{ env.wolf_debug_flags }} ${{ matrix.wolf_extra_config }} + install: true + + - name: Upload built lib + uses: actions/upload-artifact@v3 + with: + name: ${{ matrix.build_id }} + path: build-dir + retention-days: 1 + # Build wpa_supplicant with wolfSSL and hostapd with OpenSSL and interop. hostap_test: strategy: @@ -23,13 +63,13 @@ jobs: hostap_cherry_pick: 698c05da2bd3233b005d45873caa852bc29b32c5, remove_teap: true, # TLS 1.3 does not work for this version - wolf_extra_config: --disable-tls13, + build_id: hostap-build1, }, # Test the dpp patch { hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb, osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446, - wolf_extra_config: --enable-brainpool --enable-wpas-dpp + build_id: hostap-build2 }, ] # parallelize the tests to be able to run all tests within 10 minutes @@ -44,11 +84,12 @@ jobs: config: { hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb, osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446, - wolf_extra_config: --enable-brainpool --enable-wpas-dpp + build_id: hostap-build2 } name: hwsim test # For openssl 1.1 runs-on: ubuntu-20.04 + needs: build_wolfssl steps: # No way to view the full strategy in the browser (really weird) - name: Print strategy @@ -57,6 +98,11 @@ jobs: ${{ toJSON(matrix) }} EOF + - name: Checkout wolfSSL + uses: actions/checkout@v3 + with: + path: wolfssl + - name: Install dependencies run: | # Don't prompt for anything @@ -75,19 +121,15 @@ jobs: lsmod | grep mac80211 - if: ${{ runner.debug }} - name: Enable wolfSSL and hostap debug logging + name: Enable hostap debug logging run: | - echo "wolf_debug_flags=--enable-debug" >> $GITHUB_ENV echo "hostap_debug_flags=-d" >> $GITHUB_ENV - - name: Build wolfSSL - uses: wolfSSL/actions-build-autotools-project@v1 + - name: Download lib + uses: actions/download-artifact@v3 with: - path: wolfssl - configure: >- - --enable-wpas CFLAGS=-DWOLFSSL_STATIC_RSA - ${{ env.wolf_debug_flags }} ${{ matrix.config.wolf_extra_config }} - install: true + name: ${{ matrix.config.build_id }} + path: build-dir - name: Setup d-bus working-directory: wolfssl/.github/workflows/hostap-files diff --git a/.github/workflows/openvpn.yml b/.github/workflows/openvpn.yml index f0d907b7d..cf943544f 100644 --- a/.github/workflows/openvpn.yml +++ b/.github/workflows/openvpn.yml @@ -4,13 +4,9 @@ on: workflow_call: jobs: - openvpn_check: - strategy: - fail-fast: false - matrix: - # List of refs to test - ref: [ master, release/2.6, v2.6.0 ] - name: ${{ matrix.ref }} + build_wolfssl: + name: Build wolfSSL + # Just to keep it the same as the testing target runs-on: ubuntu-latest steps: - name: Build wolfSSL @@ -20,6 +16,29 @@ jobs: configure: --enable-openvpn install: true + - name: Upload built lib + uses: actions/upload-artifact@v3 + with: + name: wolf-install-openvpn + path: build-dir + retention-days: 1 + + openvpn_check: + strategy: + fail-fast: false + matrix: + # List of refs to test + ref: [ master, release/2.6, v2.6.0 ] + name: ${{ matrix.ref }} + runs-on: ubuntu-latest + needs: build_wolfssl + steps: + - name: Download lib + uses: actions/download-artifact@v3 + with: + name: wolf-install-openvpn + path: build-dir + - name: Install dependencies run: | sudo apt-get update @@ -29,6 +48,10 @@ jobs: - if: ${{ matrix.ref != 'master' }} name: Build and test openvpn with fsanitize + run: | + echo 'extra_c_flags=CFLAGS="-fsanitize=address -fno-omit-frame-pointer -O2"' >> $GITHUB_ENV + + - name: Build and test openvpn uses: wolfSSL/actions-build-autotools-project@v1 with: repository: OpenVPN/openvpn @@ -38,19 +61,9 @@ jobs: --with-crypto-library=wolfssl WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl" WOLFSSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl" - CFLAGS="-fsanitize=address -fno-omit-frame-pointer -O2" - check: true - - - if: ${{ matrix.ref == 'master' }} - name: Build and test openvpn without fsanitize - uses: wolfSSL/actions-build-autotools-project@v1 - with: - repository: OpenVPN/openvpn - ref: ${{ matrix.ref }} - path: openvpn - configure: >- - --with-crypto-library=wolfssl - WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl" - WOLFSSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl" + ${{ env.extra_c_flags }} check: true + - name: Confirm OpenVPN built with wolfSSL + working-directory: ./openvpn + run: ldd src/openvpn/openvpn | grep wolfssl diff --git a/.github/workflows/stunnel.yml b/.github/workflows/stunnel.yml index f782a8f2c..2f8f1de45 100644 --- a/.github/workflows/stunnel.yml +++ b/.github/workflows/stunnel.yml @@ -4,13 +4,9 @@ on: workflow_call: jobs: - stunnel_check: - strategy: - fail-fast: false - matrix: - # List of releases to test - ref: [ 5.67 ] - name: ${{ matrix.ref }} + build_wolfssl: + name: Build wolfSSL + # Just to keep it the same as the testing target runs-on: ubuntu-latest steps: - name: Build wolfSSL @@ -19,6 +15,29 @@ jobs: path: wolfssl configure: --enable-stunnel install: true + + - name: Upload built lib + uses: actions/upload-artifact@v3 + with: + name: wolf-install-stunnel + path: build-dir + retention-days: 1 + + stunnel_check: + strategy: + fail-fast: false + matrix: + # List of releases to test + ref: [ 5.67 ] + name: ${{ matrix.ref }} + runs-on: ubuntu-latest + needs: build_wolfssl + steps: + - name: Download lib + uses: actions/download-artifact@v3 + with: + name: wolf-install-stunnel + path: build-dir - name: Checkout OSP uses: actions/checkout@v3