This repository has been archived by the owner on Nov 29, 2024. It is now read-only.
Version: Set to 2.5.11-20240814 #168
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# The name of our workflow | |
name: Build | |
on: [push, pull_request] | |
jobs: | |
mingw: | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- target: mingw64 | |
chost: x86_64-w64-mingw32 | |
- target: mingw | |
chost: i686-w64-mingw32 | |
name: "gcc-mingw - ${{matrix.target}}" | |
runs-on: ubuntu-20.04 | |
env: | |
MAKEFLAGS: -j3 | |
LZO_VERSION: "2.10" | |
PKCS11_HELPER_VERSION: "1.26" | |
OPENSSL_VERSION: "1.1.1j" | |
TAP_WINDOWS_VERSION: "9.23.3" | |
WINTUN_VERSION: "0.14.1" | |
CHOST: ${{ matrix.chost }} | |
TARGET: ${{ matrix.target }} | |
steps: | |
- name: Install dependencies | |
run: sudo apt update && sudo apt install -y mingw-w64 libtool automake autoconf man2html unzip | |
- name: Checkout ovpn-dco-win | |
uses: actions/checkout@v2 | |
with: | |
repository: OpenVPN/ovpn-dco-win | |
path: ovpn-dco-win | |
- name: Checkout OpenVPN | |
uses: actions/checkout@v2 | |
with: | |
path: openvpn | |
- name: autoconf | |
run: autoreconf -fvi | |
working-directory: openvpn | |
- name: Cache dependencies | |
id: cache | |
uses: actions/cache@v2 | |
with: | |
path: '~/mingw/' | |
key: ${{ matrix.target }}-mingw-${{ env.LZO_VERSION }}-${{ env.PKCS11_HELPER_VERSION }}-${{ env.TAP_WINDOWS_VERSION }}-${{ env.WINTUN_VERSION }} | |
# Repeating if: steps.cache.outputs.cache-hit != 'true' | |
# on every step for building dependencies is ugly but | |
# I haven't found a better solution so far. | |
- name: Download mingw depnendencies | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: | | |
wget -c -P download-cache/ "https://build.openvpn.net/downloads/releases/tap-windows-${TAP_WINDOWS_VERSION}.zip" | |
wget -c -P download-cache/ "https://www.wintun.net/builds/wintun-${WINTUN_VERSION}.zip" | |
wget -c -P download-cache/ "https://www.oberhumer.com/opensource/lzo/download/lzo-${LZO_VERSION}.tar.gz" | |
wget -c -P download-cache/ "https://github.com/OpenSC/pkcs11-helper/archive/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.gz" | |
wget -c -P download-cache/ "https://www.openssl.org/source/old/1.1.1/openssl-${OPENSSL_VERSION}.tar.gz" | |
tar zxf "download-cache/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.gz" | |
tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" | |
tar zxf "download-cache/lzo-${LZO_VERSION}.tar.gz" | |
unzip download-cache/tap-windows-${TAP_WINDOWS_VERSION}.zip | |
unzip download-cache/wintun-${WINTUN_VERSION}.zip | |
- name: Configure OpenSSL | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: ./Configure --cross-compile-prefix=${CHOST}- shared ${{ matrix.target }} no-capieng --prefix="${HOME}/mingw/opt" --openssldir="${HOME}/mingw/opt" -static-libgcc | |
working-directory: "./openssl-1.1.1j" | |
- name: Build OpenSSL | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: make | |
working-directory: "./openssl-1.1.1j/" | |
- name: Install OpenSSL | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: make install | |
working-directory: "./openssl-1.1.1j/" | |
- name: autoreconf pkcs11-helper | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: autoreconf -iv | |
working-directory: "./pkcs11-helper-pkcs11-helper-1.26" | |
- name: configure pkcs11-helper | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: OPENSSL_LIBS="-L${HOME}/mingw/opt/lib -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig ./configure --host=${CHOST} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu --disable-crypto-engine-gnutls --disable-crypto-engine-nss --disable-crypto-engine-polarssl --disable-crypto-engine-mbedtls | |
working-directory: "./pkcs11-helper-pkcs11-helper-1.26" | |
- name: build pkcs11-helper | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: make all | |
working-directory: "./pkcs11-helper-pkcs11-helper-1.26" | |
- name: install pkcs11-helper | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: make install | |
working-directory: "./pkcs11-helper-pkcs11-helper-1.26" | |
- name: Configure lzo | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: ./configure --host=${CHOST} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu | |
working-directory: "./lzo-2.10" | |
- name: build lzo | |
if: steps.cache.outputs.cache-hit != 'true' | |
working-directory: "./lzo-2.10" | |
run: make | |
- name: install lzo | |
if: steps.cache.outputs.cache-hit != 'true' | |
working-directory: "./lzo-2.10" | |
run: make install | |
- name: copy tap-windows.h header | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: cp ./tap-windows-9.23.3/include/tap-windows.h ${HOME}/mingw/opt/include/ | |
- name: copy wintun.h header | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: cp ./wintun/include/wintun.h ${HOME}/mingw/opt/include/ | |
- name: configure OpenVPN | |
run: PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig DCO_SOURCEDIR=$(realpath ../ovpn-dco-win) LDFLAGS=-L$HOME/mingw/opt/lib CFLAGS=-I$HOME/mingw/opt/include OPENSSL_LIBS="-L${HOME}/opt/lib -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PREFIX=$HOME/mingw/opt LZO_CFLAGS=-I$HOME/mingw/opt/include LZO_LIBS="-L${HOME}/mingw/opt/lib -llzo2" ./configure --host=${CHOST} --disable-lz4 --enable-dco | |
working-directory: openvpn | |
- name: build OpenVPN | |
run: make -j3 | |
working-directory: openvpn | |
ubuntu: | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-18.04, ubuntu-20.04, ubuntu-22.04] | |
sslpkg: [libmbedtls-dev] | |
ssllib: [mbedtls] | |
libname: [mbed TLS] | |
include: | |
- os: ubuntu-18.04 | |
sslpkg: "libssl1.0-dev" | |
ssllib: openssl | |
libname: OpenSSL 1.0.2 | |
- os: ubuntu-18.04 | |
sslpkg: "libssl-dev" | |
libname: OpenSSL 1.1.1 | |
ssllib: openssl | |
- os: ubuntu-20.04 | |
sslpkg: "libssl-dev" | |
libname: OpenSSL 1.1.1 | |
ssllib: openssl | |
- os: ubuntu-22.04 | |
sslpkg: "libssl-dev" | |
libname: OpenSSL 3.0.2 | |
ssllib: openssl | |
- os: ubuntu-20.04 | |
sslpkg: "libssl-dev" | |
libname: OpenSSL 1.1.1 | |
ssllib: openssl | |
extraconf: "--enable-iproute2" | |
- os: ubuntu-20.04 | |
sslpkg: "libssl-dev" | |
libname: OpenSSL 1.1.1 | |
ssllib: openssl | |
extraconf: "--enable-async-push" | |
- os: ubuntu-20.04 | |
sslpkg: "libssl-dev" | |
libname: OpenSSL 1.1.1 | |
ssllib: openssl | |
extraconf: "--disable-management" | |
- os: ubuntu-20.04 | |
sslpkg: "libssl-dev" | |
libname: OpenSSL 1.1.1 | |
ssllib: openssl | |
extraconf: "--enable-small" | |
- os: ubuntu-20.04 | |
sslpkg: "libssl-dev" | |
libname: OpenSSL 1.1.1 | |
ssllib: openssl | |
extraconf: "--disable-lzo --disable-lz4" | |
name: "gcc - ${{matrix.os}} - ${{matrix.libname}} ${{matrix.extraconf}}" | |
env: | |
SSLPKG: "${{matrix.sslpkg}}" | |
runs-on: ${{matrix.os}} | |
steps: | |
- name: Install dependencies | |
run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html libcmocka-dev python3-docutils libtool automake autoconf ${SSLPKG} | |
- name: Checkout OpenVPN | |
uses: actions/checkout@v2 | |
- name: autoconf | |
run: autoreconf -fvi | |
- name: configure | |
run: ./configure --with-crypto-library=${{matrix.ssllib}} ${{matrix.extraconf}} | |
- name: make all | |
run: make -j3 | |
- name: make check | |
run: make check | |
ubuntu-clang-asan: | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-20.04] | |
ssllib: [mbedtls, openssl] | |
name: "clang-asan - ${{matrix.os}} - ${{matrix.ssllib}}" | |
runs-on: ${{matrix.os}} | |
steps: | |
- name: Install dependencies | |
run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf libmbedtls-dev | |
- name: Checkout OpenVPN | |
uses: actions/checkout@v2 | |
- name: autoconf | |
run: autoreconf -fvi | |
- name: configure | |
run: CFLAGS="-fsanitize=address -fno-omit-frame-pointer -O2" CC=clang ./configure --with-crypto-library=${{matrix.ssllib}} | |
- name: make all | |
run: make -j3 | |
- name: make check | |
run: make check | |
macos: | |
runs-on: macos-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
ossl: [ 1.1, 3 ] | |
build: [ normal, asan ] | |
include: | |
- build: asan | |
cflags: "-fsanitize=address -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1" | |
ldflags: -fsanitize=address | |
# Our build system ignores LDFLAGS for plugins | |
configureflags: --disable-plugin-auth-pam --disable-plugin-down-root | |
- build: normal | |
cflags: "-O2 -g" | |
ldflags: "" | |
configureflags: "" | |
name: "macOS - OpenSSL ${{matrix.ossl}} - ${{matrix.build}}" | |
env: | |
CFLAGS: ${{ matrix.cflags }} | |
LDFLAGS: ${{ matrix.ldflags }} | |
OPENSSL_CFLAGS: -I/usr/local/opt/openssl@${{matrix.ossl}}/include | |
OPENSSL_LIBS: "-L/usr/local/opt/openssl@${{matrix.ossl}}/lib -lcrypto -lssl" | |
steps: | |
- name: Install dependencies | |
run: brew install [email protected] openssl@3 lzo lz4 man2html cmocka libtool automake autoconf | |
- name: Checkout OpenVPN | |
uses: actions/checkout@v2 | |
- name: autoconf | |
run: autoreconf -fvi | |
- name: configure | |
run: ./configure ${{matrix.configureflags}} | |
- name: make all | |
run: make -j4 | |
- name: make check | |
run: make check | |
msvc: | |
strategy: | |
fail-fast: false | |
matrix: | |
plat: [ARM64, Win32, x64] | |
include: | |
- plat: ARM64 | |
triplet: arm64 | |
- plat: Win32 | |
triplet: x86 | |
- plat: x64 | |
triplet: x64 | |
name: "msbuild - ${{matrix.triplet}} - openssl" | |
env: | |
BUILD_CONFIGURATION: Release | |
VCPKG_OVERLAY_PORTS: ${{ github.workspace }}/contrib/vcpkg-ports | |
VCPKG_OVERLAY_TRIPLETS: ${{ github.workspace }}/contrib/vcpkg-triplets | |
runs-on: windows-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Add MSBuild to PATH | |
uses: microsoft/setup-msbuild@v1 | |
- name: Set up Python | |
uses: actions/setup-python@v2 | |
with: | |
python-version: '3.x' | |
- name: Install rst2html | |
run: python -m pip install --upgrade pip rst2html | |
- name: Restore artifacts, or setup vcpkg (do not install any package) | |
uses: lukka/run-vcpkg@v10 | |
with: | |
vcpkgGitCommitId: '4b766c1cd17205e1b768c4fadfd5f867c1d0510e' | |
appendedCacheKey: '${{matrix.triplet}}' | |
- name: Run MSBuild consuming vcpkg.json | |
working-directory: ${{env.GITHUB_WORKSPACE}} | |
run: | | |
vcpkg integrate install | |
msbuild /m /p:Configuration=${{env.BUILD_CONFIGURATION}} /p:Platform="${{ matrix.plat }}" . | |
- name: Archive artifacts | |
uses: actions/upload-artifact@v2 | |
with: | |
name: artifacts-${{ matrix.plat }} | |
path: | | |
${{ matrix.plat }}-Output/${{env.BUILD_CONFIGURATION}}/*.exe | |
${{ matrix.plat }}-Output/${{env.BUILD_CONFIGURATION}}/*.dll | |
${{ matrix.plat }}-Output/${{env.BUILD_CONFIGURATION}}/*.pdb | |
doc/openvpn.8.html |