Maintain GitHub actions and other version references
in GHA.
Switch some GHA references from branch versions to
tag version so the pinning works correctly.
Change-Id: I06253be7ed783e3bf30e7df1d6da8ca888016711
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Yuriy Darnobyt <yura.uddr@gmail.com>
Message-Id: <20240906151243.69549-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg29087.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This avoids the error message triggering every night that the run
failed in forked repositories
Change-Id: Id95e0124d943912439c6ec6f562c0eb40d434163
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20240506155831.3524-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28627.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Github's documentation states: macos-11 label has been deprecated and
will no longer be available after 6/28/2024. Add macos14 which is nowadays
supported instead.
The github macos-14 runner is using the M1 platform with ARM, so this
requires a bit more adjustment of paths.
Change-Id: Ia70f230b2e9a78939d1875395205c8f48c4944b7
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20240502122231.672-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/search?l=mid&q=20240502122231.672-1-gert@greenie.muc.de
Signed-off-by: Gert Doering <gert@greenie.muc.de>
- Update to Node 20 versions of actions to avoid warnings
- Update to current vcpkg
- Update mbedTLS and LibreSSL to latest releases
Change-Id: I1ad6a0b1323ce0872f4a3299c5a9f18a982e0126
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Message-Id: <20240319154456.2967716-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28422.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
UTs for basic functionality, without management functions.
v2:
- add CMake support
- add GHA support for both MSVC and mingw
v3:
- fix distcheck by adding input/ directory to dist
Change-Id: I193aef06912f01426dd4ac298aadfab97dd75a35
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Message-Id: <20240127200716.10255-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28138.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This introduces a number of mock function to be able to compile
ssl_verify_*.c and ssl_mbedtls.c/ssl_openssl.c into a unit and adds
quite a number of files to that unit. But it allows similar unit tests
(in term of dependencies) to be added in the future.
Change-Id: Ie248d35d063bb6878f3dd42840c77ba0d6fa3381
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20240116214152.27316-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28028.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Make sure we get to see the test-suite.log on
failure.
Change-Id: Ie44a4b750605c4cc3ac1f75e1fa5ab85804ffa71
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Message-Id: <20240105142340.25735-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27943.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
- Update to latest stable release
- Work-around patches not required anymore
- Official URL of repo has changed
Change-Id: I9b8e69f2b9838cea4cb9001f4e8960b8a39724ef
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Message-Id: <20231201123649.18127-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27635.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
The -fno-sanitize-recover=all flag ensures that for all errors we actually
abort the tests in the automated testing and not just print some errors in red
that nobody sees. Also add the undefined tests to catch more bugs.
For libreSSL we do not add the udefined behaviour as we have (even with the
latest LibreSSL version) an undefined behaviour in LibreSSL itself.
Change-Id: I204b396dea9f22d68e8e091d181a85ffebde4c17
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20231022105756.21080-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27278.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Not on every push due to submit limits.
Use caching to not submit a scan for the same git commit
twice. Since we have many days without pushes to master
this saves a lot of Github and Coverity resources.
v2:
- add caching to not submit redundant scans
Change-Id: I302ccc82f9d5c43b58350bbbf7f16ad1c559248f
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230911110735.34491-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27001.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
We do this via explicit PRs now, generated by renovate.
This allows much better control over what state of the
code gets built.
Change-Id: I8b00d7d79a26ad4aaae529cb496e125398169b50
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230922103936.37230-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27060.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
I thought instead about moving this into a loop inside
powershell. But then error handling becomes annoying.
So let's GitHub handle it.
Change-Id: I9831f352c07b5c58a4e2d6a3dd5417842e0887d2
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20230718105233.620193-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26868.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This improves binary cache handling.
Change-Id: I4183edacc0295e9671c586cfcd77cf687015a22c
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230620135310.94455-6-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26755.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This is based on the initial CMake patch by
Arne Schwabe, but extends that to provide
a complete replacement for existing MinGW
build (autotools based) and MSVC build
(openvpn.sln).
The following features are added while switching
these builds to CMake:
- vcpkg support for MinGW build, allowing for
trivial cross-compilation on Linux
- Add unittests to MSVC build
- Rework MSVC config header generation, removing
need for separate headers between autotools
and MSVC
The following advantages are reasons for switching
to CMake over the existing MSVC build:
- Easier to maintain CMake files without IDE
than the sln and vcxproj files
- Able to maintain MSVC and MinGW build side-by-side
The plan is to completely remove the existing MSVC
build system but leave the existing autotools builds
in place as-is, including MinGW support.
CMake is not the intended build system for Unix-like
platforms and there are no current plans to switch
to it.
v2:
- Reduce default warning level for MSVC to /W2. With
/W3 the build is just much too noisy, making it
difficult to spot new warnings.
- Change MSVC CMake presets to have hardcoded build
type. When using pkg_search_module MSVC Multi-Config
builds do not work correctly at all since PkgConfig
doesn't seem to be able to create multi-config
libraries like find_package does.
- Change minGW presets to be Multi-Config capable.
- Remove OPENVPN_VERSION_MAJOR, OPENVPN_VERSION_MINOR,
OPENVPN_VERSION_PATCH from config.h.cmake.in.
They are not required and cause macro redefinition
warnings in MSVC (with openvpn-plugin.h). gcc doesn't
warn about this because the definitions are identical
so no need to fix this in autoheader config.h.in.
v3:
- Apply fixes by Lev Stipakov to match MSVC compile
options better to previous build.
- Apply change by Lev Stipakov to enable generation
of PDB files.
- Move /Brepro to its own commit. This is a behavior
change that should be more visible.
- Rebase on top of my dist fixes.
Change-Id: I237f28eca618d4fc476225b887c0be26cca362b1
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230620135310.94455-3-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26754.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
To be in line with current vcpkg packaging policies.
Change-Id: Ifad0965a2b724b0b278783ba9c0ad5a82274445d
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230331154214.613245-3-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26571.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
We need this for the MSI build. Previously this was enabled
by default.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20230330101536.533080-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26561.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
- Enabled for the Ubuntu 22.04 build (OpenSSL 3) and one of the
Ubuntu 20.04 builds (OpenSSL 1.1.1).
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20230322221456.1660425-3-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26485.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Github will stop supporting them on April, 1st.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Matthias Andree <matthias.andree@gmx.de>
Message-Id: <20230328100926.138233-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26541.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
With this change we extend the text exposed to people opening a bug in
the OpenVPN project.
Hopefully they will read and immediately understand that GH is not the
right place to report ossues about commercial products.
Change-Id: Idd039612698a6b08f9544450885d1a5f77fd95c6
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230226213420.21201-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26305.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
- Though named cryptoapi_testdriver, right now this only tests
parsing of thumbprint specified as a selector for --cryptioapicert
option. More tests coming..
v2: a line that belongs here was mistakenly included in the previous
commit. Corrected.
v3: add to list of tests run in github actions
v4: - correct comment above invalid strings (copy paste error)
- make invalid strings differ from correct value only in the
explicitly introduced invalid characters/separators (one had
two distinct errors which is not a robust test).
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230214200804.600405-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26268.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Automatically disabled when
- iproute2 is enabled
(Don't want to force people specifying --disable-dco explicitely)
- libnv is missing on FreeBSD
(FreeBSD version too old anyway)
Will still error out if libnl-genl is missing on Linux to
make people aware of new dependency.
v2: error out when libnl-genl is missing as discussed with ordex on
IRC.
v3:
- improvements to the messages, suggested by Selva
- further improvements to the default specification, trying to make it clear
- if enabling iproute2, do not test for libnl-genl
v4: add updates for GHA
v5:
- v4 was missing the changes of v3. v5 combines the changes from v3 and v4
- fix build failure GHA/ubuntu1804/mbedtls
- fix build failure GHA/ubuntu2204/libressl
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Antonio Quartulli <a@unstable.cc>
Message-Id: <20230215162654.52137-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26272.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This runs each test in its own action since order of stderr and stdout
is seemingly random in github action Windows output and this way at least
tests outputs are grouped by test
Patch v2: use -static-libgcc to avoid comping gcc runtime libraries.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Selva Nair <selva.nair@gmail.com>
Message-Id: <20230209163705.466173-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26204.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
During the build of LibreSSL portable it pulls in a branch from OpenBSD
upstream. Unfortunately they use master there instead of a fixed branch.
So we work around this issue.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230209163115.465548-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/search?l=mid&q=20230209163115.465548-1-arne@rfc2549.org
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This allows identifying the source of undefined behaviour more easily
from the github action logs.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20230130172936.3444840-4-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26102.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
The version 3.5.3 triggers undefined behaviour with the usan sanatizer.
Updating LibreSSSL to 3.7.0 does unfortunately does not fix the issue but
at least we are now using a current version.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20230130172936.3444840-3-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26105.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
If we want people to use GH issues, we should
probably offer some issue templates to give
guidance on what to include.
Based on GH's standard bug template.
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20221130133154.39454-2-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25589.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This also updates the host system to ubuntu 22.04 and remove the
ovpn-dco-win checkout as we now include the required headers in
our own repository.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Patch v2: rebase
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220826153026.337899-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25131.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
In order to build OpenVPN with DCO support on Windows there is no need
to pull the full ovpn-dco-win source code, because we now ship the
UAPI header within OpenVPN directly. This also eliminates the need
to specify the DCO_SOURCEDIR var.
At the same time, DCO is always enabled therefore passing --enable-dco
at configure time is not needed anymore.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220826084111.239523-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25120.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Also we don't officially support it, it is nice to know when we break it.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220822184147.281142-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25064.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This allows us to use newer versions of
dependencies, such as openssl 3.0.2 -> 3.0.5.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220820112755.285-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25042.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
In the case of the Microsoft action, this fixes security relevant issues
according to their release notes:
https://github.com/microsoft/setup-msbuild/releases
Unfortunately they don't appear to be following the usual scheme of v1
referring to all v1.x.x, but instead v1 just points to v1.0.0.
The primary change with all the Github-Provided actions is the switch to a
more up-to-date NodeJS version (16). Not all that relevant when you just
use the action as is, but on top of that, the old versions are in
low-maintenance mode, and basically are considered obsolete.
Github is actively migrating people to the latest ones via dependabot
wherever they can.
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20220817132302.538-1-timo@rothenpieler.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24954.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Linux builds need this now in order to retain capabilities when dropping
root privileges.
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220811113422.451-1-timo@rothenpieler.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24870.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
After successfult builds on all platforms,
start openvpn-build GHA which produces
Windows MSI installers.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Samuli Seppänen <samuli@openvpn.net>
Patchwork-Id: 2508
URL: https://patchwork.openvpn.net/patch/2508/
Message-Id: <20220605004013.319-1-lstipakov@gmail.com>
Signed-off-by: David Sommerseth <davids@openvpn.net>
This adds Ubuntu 22.04 to the Github actions. mbed TLS in 22.04 is still
old enough (2.28) to build with OpenVPN and GPL licensed.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220506132836.1318985-2-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24299.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This adds checking if the code style is still clean github actions with the
exact version of uncrustify that is required and might also be helpful for
external commiters to get notified about code style problem when running
the Github actions on their own repository.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220506132836.1318985-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24300.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Add vcpkg manifest file which lists
dependencies and enable manifest usage in
project file.
This simplifies build process by eliminating
separate "vcpkg install" step to install dependencies.
Since vcpkg added openssl3 port, remove ours.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220505121449.347-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24285.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
replace hardcoded directory names with env variable version info
bump pkcs11-helper version to 1.29.0
bump OpenSSL version to 1.1.1n
add OpenSSL version to cache key
use release file for pkcs11-helper archive
use OpenSSL URL endpoint with all/current versions
Signed-off-by: Marc Becker <becm@gmx.de>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220425215822.18569-1-becm@gmx.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24202.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
While on it, remove deprecated vcpkg_fail_port_install().
since we don't care about UWP/Linux/OS X here.
Also bump github actions's vcpkg commit id.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220317122357.111-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23985.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Add openssl3 vcpkg port, which is slightly modified version of
openssl1.1.1 port from official vcpkg repo.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20220126123502.403-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23662.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
