wincng: move _libssh2_aes_ctr_increment() from misc, make static
#18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright (C) The libssh2 project and its contributors. | |
| # | |
| # SPDX-License-Identifier: BSD-3-Clause | |
| # | |
| name: CI | |
| on: | |
| push: | |
| branches: [master] | |
| pull_request: | |
| branches: [master] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} | |
| cancel-in-progress: true | |
| permissions: {} | |
| jobs: | |
| check_style: | |
| name: 'style-check' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'checksrc' | |
| run: ./ci/checksrc.sh | |
| shellcheck: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'shellcheck' | |
| run: ./ci/shellcheck.sh | |
| spellcheck: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 'install tools' | |
| run: pip install --break-system-packages -U codespell | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'spellcheck' | |
| run: ./ci/spellcheck.sh | |
| build_integration: | |
| name: 'integration' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 60 | |
| env: | |
| CC: clang | |
| MAKEFLAGS: -j5 | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'cmake' | |
| run: | | |
| sudo apt-get -o Dpkg::Use-Pty=0 install libssl-dev | |
| ./tests/cmake/test.sh | |
| build_linux: | |
| name: 'linux' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 60 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| compiler: [gcc, clang] | |
| arch: [amd64] | |
| crypto: [OpenSSL, wolfSSL, Libgcrypt, mbedTLS] | |
| build: [cmake] | |
| zlib: ['OFF', 'ON'] | |
| include: | |
| - compiler: gcc | |
| arch: amd64 | |
| crypto: OpenSSL | |
| build: autotools | |
| zlib: 'OFF' | |
| - compiler: clang | |
| arch: amd64 | |
| crypto: OpenSSL | |
| build: autotools | |
| zlib: 'OFF' | |
| - compiler: clang | |
| arch: amd64 | |
| crypto: OpenSSL | |
| build: autotools | |
| zlib: 'ON' | |
| target: 'distcheck' | |
| - compiler: clang | |
| arch: amd64 | |
| crypto: OpenSSL | |
| build: autotools | |
| zlib: 'ON' | |
| target: 'maketgz' | |
| - compiler: gcc | |
| arch: amd64 | |
| crypto: OpenSSL-3-no-deprecated | |
| build: cmake | |
| zlib: 'ON' | |
| - compiler: gcc | |
| arch: amd64 | |
| crypto: OpenSSL-111-from-source | |
| build: cmake | |
| zlib: 'ON' | |
| - compiler: gcc | |
| arch: amd64 | |
| crypto: OpenSSL-110-from-source | |
| build: cmake | |
| zlib: 'ON' | |
| - compiler: gcc | |
| arch: amd64 | |
| crypto: OpenSSL-102-from-source | |
| build: cmake | |
| zlib: 'ON' | |
| - compiler: gcc | |
| arch: amd64 | |
| crypto: BoringSSL | |
| build: cmake | |
| zlib: 'ON' | |
| - compiler: gcc | |
| arch: amd64 | |
| crypto: LibreSSL | |
| build: cmake | |
| zlib: 'ON' | |
| - compiler: gcc | |
| arch: i386 | |
| crypto: mbedTLS | |
| build: cmake | |
| zlib: 'ON' | |
| - compiler: clang | |
| arch: amd64 | |
| crypto: wolfSSL-from-source | |
| build: cmake | |
| zlib: 'ON' | |
| - compiler: clang | |
| arch: amd64 | |
| crypto: wolfSSL-from-source-prev | |
| build: cmake | |
| zlib: 'ON' | |
| - compiler: clang | |
| arch: i386 | |
| crypto: Libgcrypt | |
| build: autotools | |
| zlib: 'ON' | |
| options: --disable-static | |
| env: | |
| CC: ${{ matrix.compiler }} | |
| mbedtls-version: 3.6.2 | |
| wolfssl-version: 5.7.4 | |
| wolfssl-version-prev: 5.5.4 | |
| boringssl-version: 0.20241024.0 | |
| libressl-version: 4.0.0 | |
| openssl-version: 3.4.0 | |
| openssl111-version: 1.1.1w | |
| openssl110-version: 1.1.0l | |
| openssl102-version: 1.0.2u | |
| steps: | |
| - name: 'install architecture' | |
| if: ${{ matrix.arch != 'amd64' }} | |
| run: | | |
| sudo dpkg --add-architecture '${{ matrix.arch }}' | |
| sudo apt-get -o Dpkg::Use-Pty=0 update | |
| sudo apt-get -o Dpkg::Use-Pty=0 install gcc-multilib build-essential zlib1g-dev:${{ matrix.arch }} | |
| - name: 'install packages' | |
| run: | | |
| [ '${{ matrix.crypto }}' = 'OpenSSL' ] && pkg='libssl-dev' | |
| [ '${{ matrix.crypto }}' = 'wolfSSL' ] && pkg='libwolfssl-dev' | |
| [ '${{ matrix.crypto }}' = 'Libgcrypt' ] && pkg='libgcrypt-dev' | |
| if [ -n "${pkg}" ]; then | |
| sudo apt-get -o Dpkg::Use-Pty=0 install "${pkg}:${{ matrix.arch }}" | |
| fi | |
| - name: 'cache mbedTLS' | |
| if: ${{ matrix.crypto == 'mbedTLS' }} | |
| uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 | |
| id: cache-mbedtls | |
| with: | |
| path: ~/usr | |
| key: ${{ runner.os }}-mbedtls-${{ env.mbedtls-version }}-${{ matrix.arch }} | |
| - name: 'install mbedTLS from source' | |
| if: ${{ matrix.crypto == 'mbedTLS' }} | |
| run: | | |
| if [ '${{ steps.cache-mbedtls.outputs.cache-hit }}' != 'true' ]; then | |
| curl -fsS -L https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-${{ env.mbedtls-version }}/mbedtls-${{ env.mbedtls-version }}.tar.bz2 | tar -xjf - | |
| cd mbedtls-${{ env.mbedtls-version }} | |
| if [ '${{ matrix.arch }}' = 'i386' ]; then | |
| crossoptions='-DCMAKE_SYSTEM_NAME=Linux -DCMAKE_SYSTEM_VERSION=1 -DCMAKE_SYSTEM_PROCESSOR=${{ matrix.arch }}' | |
| cflags='-m32 -mpclmul -msse2 -maes' | |
| fi | |
| cmake -B . ${crossoptions} \ | |
| -DCMAKE_C_FLAGS="${cflags}" \ | |
| -DENABLE_PROGRAMS=OFF \ | |
| -DENABLE_TESTING=OFF \ | |
| -DUSE_STATIC_MBEDTLS_LIBRARY=OFF \ | |
| -DUSE_SHARED_MBEDTLS_LIBRARY=ON \ | |
| -DCMAKE_INSTALL_PREFIX="$HOME/usr" | |
| cmake --build . --parallel 5 | |
| cmake --install . | |
| cd .. | |
| fi | |
| echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$HOME/usr/lib" >> $GITHUB_ENV | |
| echo "TOOLCHAIN_OPTION=$TOOLCHAIN_OPTION -DCMAKE_PREFIX_PATH=$HOME/usr" >> $GITHUB_ENV | |
| - name: 'install wolfSSL from source' | |
| if: ${{ startsWith(matrix.crypto, 'wolfSSL-from-source') }} | |
| run: | | |
| if [ '${{ matrix.crypto }}' = 'wolfSSL-from-source' ]; then | |
| WOLFSSLVER=${{ env.wolfssl-version }} | |
| else | |
| WOLFSSLVER=${{ env.wolfssl-version-prev }} | |
| options='-DWOLFSSL_OPENSSLEXTRA=ON' | |
| fi | |
| curl -fsS -L https://github.com/wolfSSL/wolfssl/archive/refs/tags/v$WOLFSSLVER-stable.tar.gz | tar -xzf - | |
| cd wolfssl-$WOLFSSLVER-stable | |
| cmake -B bld ${options} \ | |
| -DWOLFSSL_LIBSSH2=ON \ | |
| -DBUILD_SELFTEST=OFF \ | |
| -DWOLFSSL_OPENSSLALL=ON \ | |
| -DWOLFSSL_EXAMPLES=OFF \ | |
| -DWOLFSSL_CRYPT_TESTS=OFF \ | |
| -DCMAKE_C_FLAGS='-fPIC -DWOLFSSL_AESGCM_STREAM' \ | |
| -DCMAKE_INSTALL_PREFIX="$HOME/usr" | |
| cmake --build bld --parallel 5 | |
| cmake --install bld | |
| cd .. | |
| echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$HOME/usr/lib" >> $GITHUB_ENV | |
| echo "TOOLCHAIN_OPTION=$TOOLCHAIN_OPTION -DCMAKE_PREFIX_PATH=$HOME/usr" >> $GITHUB_ENV | |
| - name: 'cache BoringSSL' | |
| if: ${{ matrix.crypto == 'BoringSSL' }} | |
| uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 | |
| id: cache-boringssl | |
| with: | |
| path: ~/usr | |
| key: ${{ runner.os }}-boringssl-${{ env.boringssl-version }}-${{ matrix.arch }} | |
| - name: 'install BoringSSL from source' | |
| if: ${{ matrix.crypto == 'BoringSSL' }} | |
| run: | | |
| if [ '${{ steps.cache-boringssl.outputs.cache-hit }}' != 'true' ]; then | |
| mkdir boringssl | |
| cd boringssl | |
| curl -fsS https://boringssl.googlesource.com/boringssl/+archive/${{ env.boringssl-version }}.tar.gz | tar -xzf - | |
| # Skip tests to finish the build faster | |
| echo 'set_target_properties(decrepit bssl_shim test_fips boringssl_gtest test_support_lib urandom_test crypto_test ssl_test decrepit_test all_tests pki pki_test run_tests PROPERTIES EXCLUDE_FROM_ALL TRUE)' >> ./CMakeLists.txt | |
| cmake -B . \ | |
| -DOPENSSL_SMALL=ON \ | |
| -DCMAKE_C_FLAGS=-fPIC \ | |
| -DCMAKE_INSTALL_PREFIX="$HOME/usr" | |
| cmake --build . --parallel 5 | |
| cmake --install . | |
| cd .. | |
| fi | |
| echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$HOME/usr/lib" >> $GITHUB_ENV | |
| echo "TOOLCHAIN_OPTION=$TOOLCHAIN_OPTION -DCMAKE_PREFIX_PATH=$HOME/usr" >> $GITHUB_ENV | |
| - name: 'cache LibreSSL' | |
| if: ${{ matrix.crypto == 'LibreSSL' }} | |
| uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 | |
| id: cache-libressl | |
| with: | |
| path: ~/usr | |
| key: ${{ runner.os }}-libressl-${{ env.libressl-version }}-${{ matrix.arch }} | |
| - name: 'install LibreSSL from source' | |
| if: ${{ matrix.crypto == 'LibreSSL' }} | |
| run: | | |
| if [ '${{ steps.cache-libressl.outputs.cache-hit }}' != 'true' ]; then | |
| curl -fsS -L https://github.com/libressl/portable/releases/download/v${{ env.libressl-version }}/libressl-${{ env.libressl-version }}.tar.gz | tar -xzf - | |
| cd libressl-${{ env.libressl-version }} | |
| cmake -B . \ | |
| -DLIBRESSL_APPS=OFF \ | |
| -DLIBRESSL_TESTS=OFF \ | |
| -DCMAKE_INSTALL_PREFIX="$HOME/usr" | |
| cmake --build . --parallel 5 | |
| cmake --install . | |
| cd .. | |
| fi | |
| echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$HOME/usr/lib" >> $GITHUB_ENV | |
| echo "TOOLCHAIN_OPTION=$TOOLCHAIN_OPTION -DCMAKE_PREFIX_PATH=$HOME/usr" >> $GITHUB_ENV | |
| - name: 'cache OpenSSL' | |
| if: ${{ matrix.crypto == 'OpenSSL-3-no-deprecated' }} | |
| uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 | |
| id: cache-openssl | |
| with: | |
| path: ~/usr | |
| key: ${{ runner.os }}-openssl-${{ env.openssl-version }}-${{ matrix.arch }} | |
| - name: 'install OpenSSL from source' | |
| if: ${{ matrix.crypto == 'OpenSSL-3-no-deprecated' }} | |
| run: | | |
| if [ '${{ steps.cache-openssl.outputs.cache-hit }}' != 'true' ]; then | |
| curl -fsS -L https://github.com/openssl/openssl/releases/download/openssl-${{ env.openssl-version }}/openssl-${{ env.openssl-version }}.tar.gz | tar -xzf - | |
| cd openssl-${{ env.openssl-version }} | |
| ./Configure no-deprecated \ | |
| no-apps no-docs no-tests no-makedepend \ | |
| no-comp no-quic no-legacy --prefix="$HOME/usr" | |
| make -j5 install_sw | |
| cd .. | |
| fi | |
| echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$HOME/usr/lib" >> $GITHUB_ENV | |
| echo "TOOLCHAIN_OPTION=$TOOLCHAIN_OPTION -DCMAKE_PREFIX_PATH=$HOME/usr" >> $GITHUB_ENV | |
| - name: 'cache OpenSSL 1.1.1' | |
| if: ${{ matrix.crypto == 'OpenSSL-111-from-source' }} | |
| uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 | |
| id: cache-openssl111 | |
| with: | |
| path: ~/usr | |
| key: ${{ runner.os }}-openssl-${{ env.openssl111-version }}-${{ matrix.arch }} | |
| - name: 'install OpenSSL 1.1.1 from source' | |
| if: ${{ matrix.crypto == 'OpenSSL-111-from-source' }} | |
| run: | | |
| if [ '${{ steps.cache-openssl111.outputs.cache-hit }}' != 'true' ]; then | |
| curl -fsS -L https://github.com/openssl/openssl/releases/download/OpenSSL_1_1_1w/openssl-${{ env.openssl111-version }}.tar.gz | tar -xzf - | |
| cd openssl-${{ env.openssl111-version }} | |
| ./config no-unit-test no-makedepend --prefix="$HOME/usr" no-tests | |
| make -j5 | |
| make -j1 install_sw | |
| cd .. | |
| fi | |
| echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$HOME/usr/lib" >> $GITHUB_ENV | |
| echo "TOOLCHAIN_OPTION=$TOOLCHAIN_OPTION -DCMAKE_PREFIX_PATH=$HOME/usr" >> $GITHUB_ENV | |
| - name: 'cache OpenSSL 1.1.0' | |
| if: ${{ matrix.crypto == 'OpenSSL-110-from-source' }} | |
| uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 | |
| id: cache-openssl110 | |
| with: | |
| path: ~/usr | |
| key: ${{ runner.os }}-openssl-${{ env.openssl110-version }}-${{ matrix.arch }} | |
| - name: 'install OpenSSL 1.1.0 from source' | |
| if: ${{ matrix.crypto == 'OpenSSL-110-from-source' }} | |
| run: | | |
| if [ '${{ steps.cache-openssl110.outputs.cache-hit }}' != 'true' ]; then | |
| curl -fsS -L https://github.com/openssl/openssl/releases/download/OpenSSL_1_1_0l/openssl-${{ env.openssl110-version }}.tar.gz | tar -xzf - | |
| cd openssl-${{ env.openssl110-version }} | |
| ./config no-unit-test no-makedepend --prefix="$HOME/usr" | |
| make -j5 | |
| make -j1 install_sw | |
| cd .. | |
| fi | |
| echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$HOME/usr/lib" >> $GITHUB_ENV | |
| echo "TOOLCHAIN_OPTION=$TOOLCHAIN_OPTION -DCMAKE_PREFIX_PATH=$HOME/usr" >> $GITHUB_ENV | |
| - name: 'cache OpenSSL 1.0.2' | |
| if: ${{ matrix.crypto == 'OpenSSL-102-from-source' }} | |
| uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 | |
| id: cache-openssl102 | |
| with: | |
| path: ~/usr | |
| key: ${{ runner.os }}-openssl-${{ env.openssl102-version }}-${{ matrix.arch }} | |
| - name: 'install OpenSSL 1.0.2 from source' | |
| if: ${{ matrix.crypto == 'OpenSSL-102-from-source' }} | |
| run: | | |
| if [ '${{ steps.cache-openssl102.outputs.cache-hit }}' != 'true' ]; then | |
| curl -fsS -L https://github.com/openssl/openssl/releases/download/OpenSSL_1_0_2u/openssl-${{ env.openssl102-version }}.tar.gz | tar -xzf - | |
| cd openssl-${{ env.openssl102-version }} | |
| ./config no-unit-test no-makedepend --prefix="$HOME/usr" -fPIC | |
| make -j5 | |
| make -j1 install_sw | |
| cd .. | |
| fi | |
| echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$HOME/usr/lib" >> $GITHUB_ENV | |
| echo "TOOLCHAIN_OPTION=$TOOLCHAIN_OPTION -DCMAKE_PREFIX_PATH=$HOME/usr" >> $GITHUB_ENV | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'autotools autoreconf' | |
| if: ${{ matrix.build == 'autotools' }} | |
| run: autoreconf -fi | |
| - name: 'autotools configure' | |
| if: ${{ matrix.build == 'autotools' && matrix.target != 'maketgz' }} | |
| run: | | |
| if [ '${{ matrix.arch }}' = 'i386' ]; then | |
| crossoptions='--host=i686-pc-linux-gnu' | |
| export CFLAGS=-m32 | |
| fi | |
| mkdir bld && cd bld && ../configure --enable-werror --enable-debug \ | |
| ${crossoptions} ${{ matrix.options }} \ | |
| --disable-dependency-tracking || { tail -n 1000 config.log; false; } | |
| - name: 'autotools build' | |
| if: ${{ matrix.build == 'autotools' && !matrix.target }} | |
| run: make -C bld -j5 | |
| - name: 'autotools tests' | |
| if: ${{ matrix.build == 'autotools' && !matrix.target }} | |
| timeout-minutes: 10 | |
| run: make -C bld check V=1 || { cat bld/tests/*.log; false; } | |
| - name: 'autotools distcheck' | |
| if: ${{ matrix.target == 'distcheck' }} | |
| timeout-minutes: 10 | |
| run: make -C bld distcheck | |
| - name: 'maketgz' | |
| if: ${{ matrix.target == 'maketgz' }} | |
| timeout-minutes: 10 | |
| run: | | |
| export SOURCE_DATE_EPOCH=1711526400 | |
| ./configure --enable-werror --disable-debug \ | |
| ${{ matrix.options }} --disable-dependency-tracking | |
| ./maketgz 99.98.97 | |
| # Test reproducibility | |
| mkdir run1; mv ./libssh2-99.98.97.* run1/ | |
| make clean | |
| ./maketgz 99.98.97 | |
| mkdir run2; cp -p ./libssh2-99.98.97.* run2/ | |
| diff run1 run2 | |
| # Test build from tarball | |
| tar -xvf libssh2-99.98.97.tar.gz | |
| cd libssh2-99.98.97 | |
| ./configure --enable-werror --enable-debug --prefix="${HOME}/temp" \ | |
| ${{ matrix.options }} --disable-dependency-tracking | |
| make -j5 install | |
| cd .. | |
| # Verify install | |
| diff -u <(find docs -name '*.3' -printf '%f\n' | grep -v template | sort) <(find "${HOME}/temp/share/man/man3" -name '*.3' -printf '%f\n' | sort) | |
| diff -u <(find include -name '*.h' -printf '%f\n' | sort) <(find "${HOME}/temp/include" -name '*.h' -printf '%f\n' | sort) | |
| rm -rf libssh2-99.98.97 | |
| - name: 'cmake configure' | |
| if: ${{ matrix.build == 'cmake' }} | |
| run: | | |
| if [ '${{ matrix.crypto }}' = 'BoringSSL' ] || \ | |
| [ '${{ matrix.crypto }}' = 'LibreSSL' ] || \ | |
| [[ '${{ matrix.crypto }}' = 'OpenSSL-'* ]]; then | |
| crypto='OpenSSL' | |
| elif [[ '${{ matrix.crypto }}' = 'wolfSSL-'* ]]; then | |
| crypto='wolfSSL' | |
| else | |
| crypto='${{ matrix.crypto }}' | |
| fi | |
| [ '${{ matrix.arch }}' = 'i386' ] && crossoptions='-DCMAKE_SYSTEM_NAME=Linux -DCMAKE_SYSTEM_VERSION=1 -DCMAKE_SYSTEM_PROCESSOR=${{ matrix.arch }} -DCMAKE_C_FLAGS=-m32' | |
| cmake -B bld ${crossoptions} $TOOLCHAIN_OPTION \ | |
| -DCMAKE_UNITY_BUILD=ON \ | |
| -DENABLE_WERROR=ON \ | |
| -DCRYPTO_BACKEND=${crypto} \ | |
| -DENABLE_ZLIB_COMPRESSION=${{ matrix.zlib }} \ | |
| || { cat bld/CMakeFiles/CMake*.yaml; false; } | |
| - name: 'cmake build' | |
| if: ${{ matrix.build == 'cmake' }} | |
| run: cmake --build bld --parallel 5 --target package | |
| - name: 'cmake tests' | |
| if: ${{ matrix.build == 'cmake' }} | |
| timeout-minutes: 10 | |
| run: | | |
| export OPENSSH_SERVER_IMAGE=ghcr.io/libssh2/ci_tests_openssh_server:$(git rev-parse --short=20 HEAD:tests/openssh_server) | |
| cd bld && ctest -VV --output-on-failure | |
| build_linux_cross_mingw64: | |
| name: 'linux -> mingw-w64' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| build: [autotools, cmake] | |
| compiler: [gcc] | |
| env: | |
| TRIPLET: 'x86_64-w64-mingw32' | |
| steps: | |
| - name: 'install packages' | |
| run: sudo apt-get -o Dpkg::Use-Pty=0 install mingw-w64 ${{ matrix.build == 'cmake' && 'ninja-build' || '' }} | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'autotools autoreconf' | |
| if: ${{ matrix.build == 'autotools' }} | |
| run: autoreconf -fi | |
| - name: 'autotools configure' | |
| if: ${{ matrix.build == 'autotools' }} | |
| run: mkdir bld && cd bld && ../configure --enable-werror --enable-debug --host="${TRIPLET}" --disable-dependency-tracking || { tail -n 1000 config.log; false; } | |
| - name: 'autotools build' | |
| if: ${{ matrix.build == 'autotools' }} | |
| run: make -C bld -j5 | |
| - name: 'cmake configure' | |
| if: ${{ matrix.build == 'cmake' }} | |
| run: | | |
| cmake -B bld -G Ninja \ | |
| -DCMAKE_SYSTEM_NAME=Windows \ | |
| -DCMAKE_C_COMPILER_TARGET=${TRIPLET} \ | |
| -DCMAKE_C_COMPILER=${TRIPLET}-gcc \ | |
| -DCMAKE_UNITY_BUILD=ON \ | |
| -DENABLE_WERROR=ON \ | |
| || { cat bld/CMakeFiles/CMake*.yaml; false; } | |
| - name: 'cmake build' | |
| if: ${{ matrix.build == 'cmake' }} | |
| run: cmake --build bld --parallel 5 | |
| build_cygwin: | |
| name: 'cygwin' | |
| runs-on: windows-latest | |
| timeout-minutes: 30 | |
| env: | |
| SHELLOPTS: 'igncr' | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - { build: 'automake', platform: 'x86_64', compiler: 'gcc' } | |
| - { build: 'cmake' , platform: 'x86_64', compiler: 'gcc' } | |
| steps: | |
| - run: git config --global core.autocrlf input | |
| - uses: cygwin/cygwin-install-action@f61179d72284ceddc397ed07ddb444d82bf9e559 # v5 | |
| with: | |
| platform: ${{ matrix.platform }} | |
| packages: ${{ matrix.build == 'automake' && 'autoconf libtool make' || 'ninja' }} ${{ matrix.build }} gcc-core gcc-g++ binutils libssl-devel zlib-devel | |
| site: https://mirrors.kernel.org/sourceware/cygwin/ | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'autotools' | |
| if: ${{ matrix.build == 'automake' }} | |
| timeout-minutes: 10 | |
| shell: C:\cygwin\bin\bash.exe '{0}' | |
| run: | | |
| export PATH="/usr/bin:$(cygpath ${SYSTEMROOT})/System32" | |
| autoreconf -fi | |
| mkdir bld && cd bld && ../configure --enable-werror --enable-debug \ | |
| --with-crypto=openssl \ | |
| --disable-docker-tests \ | |
| --disable-dependency-tracking || { tail -n 1000 config.log; false; } | |
| make -j5 | |
| make check V=1 || { cat tests/*.log; false; } | |
| - name: 'cmake' | |
| if: ${{ matrix.build == 'cmake' }} | |
| timeout-minutes: 10 | |
| shell: C:\cygwin\bin\bash.exe '{0}' | |
| run: | | |
| export PATH="/usr/bin:$(cygpath ${SYSTEMROOT})/System32" | |
| cmake -B bld -G Ninja \ | |
| -DCMAKE_UNITY_BUILD=ON \ | |
| -DENABLE_WERROR=ON \ | |
| -DENABLE_DEBUG_LOGGING=ON \ | |
| -DCRYPTO_BACKEND=OpenSSL \ | |
| -DOPENSSL_ROOT_DIR=/usr/lib \ | |
| -DENABLE_ZLIB_COMPRESSION=ON \ | |
| -DRUN_DOCKER_TESTS=OFF \ | |
| -DRUN_SSHD_TESTS=OFF \ | |
| || { cat bld/CMakeFiles/CMake*.yaml; false; } | |
| cmake --build bld --parallel 5 | |
| cd bld && ctest -VV --output-on-failure | |
| build_msys2: | |
| name: 'msys2' | |
| runs-on: windows-latest | |
| timeout-minutes: 30 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - { build: 'autotools', sys: msys , crypto: openssl, env: x86_64 } | |
| - { build: 'cmake' , sys: msys , crypto: OpenSSL, env: x86_64 } | |
| - { build: 'autotools', sys: mingw64, crypto: wincng , env: x86_64 } | |
| - { build: 'autotools', sys: mingw64, crypto: openssl, env: x86_64 } | |
| - { build: 'autotools', sys: mingw32, crypto: openssl, env: i686 } | |
| - { build: 'autotools', sys: ucrt64 , crypto: openssl, env: ucrt-x86_64 } | |
| - { build: 'autotools', sys: clang64, crypto: openssl, env: clang-x86_64 } | |
| - { build: 'autotools', sys: clang64, crypto: wincng , env: clang-x86_64 } | |
| - { build: 'cmake' , sys: ucrt64 , crypto: OpenSSL, env: ucrt-x86_64 } | |
| - { build: 'cmake' , sys: clang64, crypto: OpenSSL, env: clang-x86_64 } | |
| - { build: 'cmake' , sys: mingw64, crypto: OpenSSL, env: x86_64, test: 'uwp' } | |
| - { build: 'cmake' , sys: mingw64, crypto: OpenSSL, env: x86_64, test: 'no-options' } | |
| steps: | |
| - uses: msys2/setup-msys2@d44ca8e88d8b43d56cf5670f91747359d5537f97 # v2 | |
| if: ${{ matrix.sys == 'msys' }} | |
| with: | |
| msystem: ${{ matrix.sys }} | |
| install: gcc ${{ matrix.build }} ${{ matrix.build == 'autotools' && 'make' || 'ninja' }} openssl-devel zlib-devel | |
| - uses: msys2/setup-msys2@d44ca8e88d8b43d56cf5670f91747359d5537f97 # v2 | |
| if: ${{ matrix.sys != 'msys' }} | |
| with: | |
| msystem: ${{ matrix.sys }} | |
| install: >- | |
| mingw-w64-${{ matrix.env }}-cc | |
| mingw-w64-${{ matrix.env }}-${{ matrix.build }} ${{ matrix.build == 'autotools' && 'make' || '' }} | |
| mingw-w64-${{ matrix.env }}-openssl | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'autotools autoreconf' | |
| if: ${{ matrix.build == 'autotools' }} | |
| shell: msys2 {0} | |
| run: autoreconf -fi | |
| - name: 'autotools configure' | |
| if: ${{ matrix.build == 'autotools' }} | |
| env: | |
| SSHD: 'C:/Program Files/Git/usr/bin/sshd.exe' | |
| shell: msys2 {0} | |
| run: | | |
| if [ '${{ matrix.crypto }}' = 'wincng' ] && [[ '${{ matrix.env }}' = 'clang'* ]]; then | |
| options='--enable-ecdsa-wincng' | |
| fi | |
| # sshd tests sometimes hang | |
| mkdir bld && cd bld && ../configure --enable-werror --enable-debug \ | |
| --with-crypto=${{ matrix.crypto }} \ | |
| --disable-docker-tests \ | |
| --disable-sshd-tests \ | |
| ${options} \ | |
| --disable-dependency-tracking || { tail -n 1000 config.log; false; } | |
| - name: 'autotools build' | |
| if: ${{ matrix.build == 'autotools' }} | |
| shell: msys2 {0} | |
| run: make -C bld -j5 | |
| - name: 'autotools tests' | |
| if: ${{ matrix.build == 'autotools' }} | |
| timeout-minutes: 10 | |
| shell: msys2 {0} | |
| run: make -C bld check V=1 || { cat bld/tests/*.log; false; } | |
| - name: 'cmake configure' | |
| if: ${{ matrix.build == 'cmake' }} | |
| shell: msys2 {0} | |
| run: | | |
| if [[ '${{ matrix.env }}' = 'clang'* ]]; then | |
| options='-DCMAKE_C_COMPILER=clang' | |
| else | |
| options='-DCMAKE_C_COMPILER=gcc' | |
| fi | |
| if [ '${{ matrix.test }}' = 'uwp' ]; then | |
| options+=' -DCMAKE_SYSTEM_NAME=WindowsStore -DCMAKE_SYSTEM_VERSION=10.0' | |
| pacman --noconfirm --ask 20 --noprogressbar --sync --needed 'mingw-w64-${{ matrix.env }}-winstorecompat-git' | |
| specs="$(realpath gcc-specs-uwp)" | |
| gcc -dumpspecs | sed -e 's/-lmingwex/-lwindowsapp -lmingwex -lwindowsapp -lwindowsappcompat/' -e 's/-lmsvcrt/-lmsvcr120_app/' > "${specs}" | |
| cflags="-specs=$(cygpath -w "${specs}") -DWINSTORECOMPAT -DWINAPI_FAMILY=WINAPI_FAMILY_APP" | |
| elif [ '${{ matrix.test }}' = 'no-options' ]; then | |
| options+=' -DLIBSSH2_NO_DEPRECATED=ON' | |
| cflags='-DLIBSSH2_NO_MD5 -DLIBSSH2_NO_MD5_PEM -DLIBSSH2_NO_HMAC_RIPEMD -DLIBSSH2_DSA_ENABLE -DLIBSSH2_NO_AES_CBC -DLIBSSH2_NO_AES_CTR -DLIBSSH2_NO_BLOWFISH -DLIBSSH2_NO_RC4 -DLIBSSH2_NO_CAST -DLIBSSH2_NO_3DES' | |
| else | |
| cflags='' | |
| fi | |
| cmake -B bld -G Ninja ${options} \ | |
| -DCMAKE_C_FLAGS="${cflags}" \ | |
| -DCMAKE_UNITY_BUILD=ON \ | |
| -DENABLE_WERROR=ON \ | |
| -DENABLE_DEBUG_LOGGING=ON \ | |
| -DCRYPTO_BACKEND=${{ matrix.crypto }} \ | |
| -DENABLE_ZLIB_COMPRESSION=ON \ | |
| -DRUN_DOCKER_TESTS=OFF \ | |
| -DRUN_SSHD_TESTS=OFF \ | |
| -DCMAKE_VERBOSE_MAKEFILE=ON \ | |
| || { cat bld/CMakeFiles/CMake*.yaml; false; } | |
| - name: 'cmake build' | |
| if: ${{ matrix.build == 'cmake' }} | |
| shell: msys2 {0} | |
| run: cmake --build bld --parallel 5 | |
| - name: 'cmake tests' | |
| # UWP missing 'msvcr120_app.dll', fails with exit code 0xc0000135 | |
| if: ${{ matrix.build == 'cmake' && matrix.test != 'uwp' }} | |
| timeout-minutes: 10 | |
| shell: msys2 {0} | |
| run: cd bld && ctest -VV --output-on-failure | |
| build_msvc: | |
| name: 'msvc' | |
| runs-on: windows-latest | |
| timeout-minutes: 30 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - { arch: x64 , plat: windows, crypto: WinCNG , wincng_ecdsa: 'OFF', log: 'OFF', shared: 'OFF', zlib: 'OFF', unity: 'ON' } | |
| - { arch: x64 , plat: windows, crypto: WinCNG , wincng_ecdsa: 'ON' , log: 'ON' , shared: 'ON' , zlib: 'OFF', unity: 'ON' } | |
| - { arch: x64 , plat: windows, crypto: OpenSSL, wincng_ecdsa: 'OFF', log: 'OFF', shared: 'ON' , zlib: 'OFF', unity: 'ON' } | |
| - { arch: x64 , plat: uwp , crypto: WinCNG , wincng_ecdsa: 'OFF', log: 'OFF', shared: 'ON' , zlib: 'OFF', unity: 'ON' } | |
| - { arch: arm64, plat: windows, crypto: WinCNG , wincng_ecdsa: 'ON' , log: 'OFF', shared: 'ON' , zlib: 'OFF', unity: 'ON' } | |
| - { arch: arm64, plat: uwp , crypto: WinCNG , wincng_ecdsa: 'ON' , log: 'OFF', shared: 'ON' , zlib: 'OFF', unity: 'OFF' } | |
| - { arch: x86 , plat: windows, crypto: WinCNG , wincng_ecdsa: 'OFF', log: 'OFF', shared: 'ON' , zlib: 'OFF', unity: 'ON' } | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'cmake configure' | |
| shell: bash | |
| run: | | |
| archgen=${{ matrix.arch }}; [ "${archgen}" = 'x86' ] && archgen='Win32' | |
| if [ '${{ matrix.plat }}' = 'uwp' ]; then | |
| system='WindowsStore' | |
| options='-DCMAKE_SYSTEM_VERSION=10.0' | |
| else | |
| system='Windows' | |
| fi | |
| cmake -B bld ${options} \ | |
| -DCMAKE_SYSTEM_NAME=${system} \ | |
| -DCMAKE_TOOLCHAIN_FILE=C:/vcpkg/scripts/buildsystems/vcpkg.cmake \ | |
| -DCMAKE_GENERATOR_PLATFORM=${archgen} \ | |
| -DVCPKG_TARGET_TRIPLET=${{ matrix.arch }}-${{ matrix.plat }} \ | |
| -DCMAKE_VS_GLOBALS=TrackFileAccess=false \ | |
| -DCMAKE_UNITY_BUILD=${{ matrix.unity }} \ | |
| -DENABLE_WERROR=ON \ | |
| -DENABLE_DEBUG_LOGGING=${{ matrix.log }} \ | |
| -DBUILD_SHARED_LIBS=${{ matrix.shared }} \ | |
| -DCRYPTO_BACKEND=${{ matrix.crypto }} \ | |
| -DENABLE_ECDSA_WINCNG=${{ matrix.wincng_ecdsa }} \ | |
| -DENABLE_ZLIB_COMPRESSION=${{ matrix.zlib }} \ | |
| -DRUN_DOCKER_TESTS=OFF \ | |
| -DRUN_SSHD_TESTS=OFF \ | |
| || { cat bld/CMakeFiles/CMake*.yaml; false; } | |
| - name: 'cmake build' | |
| run: cmake --build bld --parallel 5 --target package --config Release | |
| - name: 'cmake tests' | |
| # UWP binaries require a CRT DLL that is not found. Static CRT not supported. | |
| if: ${{ matrix.arch != 'arm64' && matrix.plat != 'uwp' }} | |
| timeout-minutes: 10 | |
| run: cd bld && ctest -VV -C Release --output-on-failure | |
| build_macos: | |
| name: 'macOS (${{ matrix.build }}, ${{ matrix.crypto.name }})' | |
| runs-on: macos-latest | |
| timeout-minutes: 30 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| build: [autotools, cmake] | |
| crypto: | |
| - name: 'OpenSSL 3' | |
| install: openssl | |
| configure: --with-crypto=openssl --with-libssl-prefix="$(brew --prefix)/opt/openssl" | |
| cmake: -DCRYPTO_BACKEND=OpenSSL -DOPENSSL_ROOT_DIR="$(brew --prefix)/opt/openssl" | |
| - name: 'OpenSSL 1.1' | |
| install: [email protected] | |
| configure: --with-crypto=openssl --with-libssl-prefix="$(brew --prefix)/opt/[email protected]" | |
| cmake: -DCRYPTO_BACKEND=OpenSSL -DOPENSSL_ROOT_DIR="$(brew --prefix)/opt/[email protected]" | |
| - name: 'LibreSSL' | |
| install: libressl | |
| configure: --with-crypto=openssl --with-libssl-prefix="$(brew --prefix)/opt/libressl" | |
| cmake: -DCRYPTO_BACKEND=OpenSSL -DOPENSSL_ROOT_DIR="$(brew --prefix)/opt/libressl" | |
| - name: 'wolfSSL' | |
| install: wolfssl | |
| configure: --with-crypto=wolfssl --with-libwolfssl-prefix="$(brew --prefix)" | |
| cmake: -DCRYPTO_BACKEND=wolfSSL | |
| - name: 'Libgcrypt' | |
| install: libgcrypt | |
| configure: --with-crypto=libgcrypt --with-libgcrypt-prefix="$(brew --prefix)" | |
| cmake: -DCRYPTO_BACKEND=Libgcrypt | |
| - name: 'mbedTLS' | |
| install: mbedtls | |
| configure: --with-crypto=mbedtls --with-libmbedcrypto-prefix="$(brew --prefix)" | |
| cmake: -DCRYPTO_BACKEND=mbedTLS | |
| steps: | |
| - name: 'install packages' | |
| run: brew install ${{ matrix.build == 'autotools' && 'automake libtool' || 'ninja' }} ${{ matrix.crypto.install }} | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'autotools autoreconf' | |
| if: ${{ matrix.build == 'autotools' }} | |
| run: autoreconf -fi | |
| - name: 'autotools configure' | |
| if: ${{ matrix.build == 'autotools' }} | |
| run: | | |
| mkdir bld && cd bld && ../configure --enable-werror --enable-debug \ | |
| --with-libz ${{ matrix.crypto.configure }} \ | |
| --disable-docker-tests \ | |
| --disable-sshd-tests \ | |
| --disable-dependency-tracking || { tail -n 1000 config.log; false; } | |
| - name: 'autotools build' | |
| if: ${{ matrix.build == 'autotools' }} | |
| run: make -C bld -j4 V=1 | |
| - name: 'autotools tests' | |
| if: ${{ matrix.build == 'autotools' }} | |
| timeout-minutes: 10 | |
| run: make -C bld check V=1 || { cat bld/tests/*.log; false; } | |
| - name: 'cmake configure' | |
| if: ${{ matrix.build == 'cmake' }} | |
| run: | | |
| cmake -B bld -G Ninja ${{ matrix.crypto.cmake }} \ | |
| -DCMAKE_UNITY_BUILD=ON \ | |
| -DENABLE_WERROR=ON \ | |
| -DENABLE_DEBUG_LOGGING=ON \ | |
| -DENABLE_ZLIB_COMPRESSION=ON \ | |
| -DRUN_DOCKER_TESTS=OFF \ | |
| -DRUN_SSHD_TESTS=OFF \ | |
| || { cat bld/CMakeFiles/CMake*.yaml; false; } | |
| - name: 'cmake build' | |
| if: ${{ matrix.build == 'cmake' }} | |
| run: cmake --build bld --parallel 4 | |
| - name: 'cmake tests' | |
| if: ${{ matrix.build == 'cmake' }} | |
| timeout-minutes: 10 | |
| run: cd bld && ctest -VV --output-on-failure | |
| build_netbsd: | |
| name: 'NetBSD (cmake, openssl, clang)' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: ['x86_64', 'arm64'] | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'cmake' | |
| uses: cross-platform-actions/action@fe0167d8082ac584754ef3ffb567fded22642c7d # v0.27.0 | |
| with: | |
| operating_system: 'netbsd' | |
| version: '10.1' | |
| architecture: ${{ matrix.arch }} | |
| run: | | |
| # https://pkgsrc.se/ | |
| sudo pkgin -y install cmake ninja-build | |
| cmake -B bld -G Ninja \ | |
| -DCMAKE_UNITY_BUILD=ON \ | |
| -DENABLE_WERROR=ON \ | |
| -DENABLE_DEBUG_LOGGING=ON \ | |
| -DCRYPTO_BACKEND=OpenSSL \ | |
| -DBUILD_STATIC_LIBS=OFF \ | |
| -DRUN_DOCKER_TESTS=OFF \ | |
| -DRUN_SSHD_TESTS=OFF \ | |
| || { cat bld/CMakeFiles/CMake*.yaml; false; } | |
| cmake --build bld --parallel 3 | |
| build_openbsd: | |
| name: 'OpenBSD (cmake, libressl, clang)' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: ['x86_64'] | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'cmake' | |
| uses: cross-platform-actions/action@fe0167d8082ac584754ef3ffb567fded22642c7d # v0.27.0 | |
| with: | |
| operating_system: 'openbsd' | |
| version: '7.5' | |
| architecture: ${{ matrix.arch }} | |
| run: | | |
| # https://openbsd.app/ | |
| sudo pkg_add cmake ninja | |
| pkg_info || true | |
| cmake -B bld -G Ninja \ | |
| -DCMAKE_UNITY_BUILD=ON \ | |
| -DENABLE_WERROR=ON \ | |
| -DENABLE_DEBUG_LOGGING=ON \ | |
| -DCRYPTO_BACKEND=OpenSSL \ | |
| -DBUILD_STATIC_LIBS=OFF \ | |
| -DRUN_DOCKER_TESTS=OFF \ | |
| -DRUN_SSHD_TESTS=OFF \ | |
| || { cat bld/CMakeFiles/CMake*.yaml; false; } | |
| cmake --build bld --parallel 3 | |
| build_freebsd: | |
| name: 'FreeBSD (autotools, openssl, clang)' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| env: | |
| CC: clang | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: ['x86_64', 'arm64'] | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'autotools' | |
| uses: cross-platform-actions/action@fe0167d8082ac584754ef3ffb567fded22642c7d # v0.27.0 | |
| with: | |
| operating_system: 'freebsd' | |
| version: '14.1' | |
| architecture: ${{ matrix.arch }} | |
| environment_variables: 'CC' | |
| run: | | |
| # https://ports.freebsd.org/ | |
| sudo pkg install -y autoconf automake libtool | |
| autoreconf -fi | |
| mkdir bld && cd bld && ../configure --enable-werror --enable-debug \ | |
| --with-crypto=openssl \ | |
| --disable-docker-tests \ | |
| --disable-dependency-tracking || { tail -n 1000 config.log; false; } | |
| make -j3 | |
| make check V=1 || { cat tests/*.log; false; } | |
| build_omnios: | |
| name: 'OmniOS (autotools, openssl, gcc, amd64)' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| persist-credentials: false | |
| - name: 'autotools' | |
| uses: vmactions/omnios-vm@16b5996777bc675acd3d537f13df536a526cd16d # v1 | |
| with: | |
| usesh: true | |
| # https://pkg.omnios.org/r151050/core/en/index.shtml | |
| prepare: pkg install build-essential libtool | |
| run: | | |
| autoreconf -fi | |
| mkdir bld && cd bld && ../configure --enable-werror --enable-debug \ | |
| --with-crypto=openssl \ | |
| --disable-docker-tests \ | |
| --disable-dependency-tracking || { tail -n 1000 config.log; false; } | |
| gmake -j3 | |
| gmake check V=1 || { cat tests/*.log; false; } |