[Openvpn-devel] [PATCH v2] src/openvpn/dco_freebsd.c: handle malloc failure
malloc was not checked against NULL, I was able to get core dump in case of failure Signed-off-by: Ilya Shipitsin --- v2: - style correction src/openvpn/dco_freebsd.c | 4 1 file changed, 4 insertions(+) diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c index abeb..af7776bb 100644 --- a/src/openvpn/dco_freebsd.c +++ b/src/openvpn/dco_freebsd.c @@ -594,6 +594,10 @@ dco_available(int msglevel) } buf = malloc(ifcr.ifcr_total * IFNAMSIZ); +if (!buf) +{ +goto out; +} ifcr.ifcr_count = ifcr.ifcr_total; ifcr.ifcr_buffer = buf; -- 2.35.3.windows.1 ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] src/openvpn/dco_freebsd.c: handle malloc failure
malloc was not checked against NULL, I was able to get core dump in case of failure Signed-off-by: Ilya Shipitsin --- src/openvpn/dco_freebsd.c | 5 + 1 file changed, 5 insertions(+) diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c index abeb..adbd1120 100644 --- a/src/openvpn/dco_freebsd.c +++ b/src/openvpn/dco_freebsd.c @@ -594,6 +594,11 @@ dco_available(int msglevel) } buf = malloc(ifcr.ifcr_total * IFNAMSIZ); +if (buf == NULL) +{ +close(fd); +return false; +} ifcr.ifcr_count = ifcr.ifcr_total; ifcr.ifcr_buffer = buf; -- 2.35.3.windows.1 ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] BUILD: MSVC: enable the Control-flow Enforcement Technology (CET) Shadow Stack mitigation
found by BinSkim, more details: https://docs.microsoft.com/en-us/cpp/build/reference/cetcompat?view=msvc-160 Signed-off-by: Ilya Shipitsin --- src/compat/Debug.props | 10 ++ src/compat/Release.props| 10 ++ src/openvpn/openvpn.vcxproj | 4 src/openvpnmsica/openvpnmsica-Debug.props | 10 ++ src/openvpnmsica/openvpnmsica-Release.props | 10 ++ src/openvpnserv/openvpnserv.vcxproj | 4 6 files changed, 48 insertions(+) diff --git a/src/compat/Debug.props b/src/compat/Debug.props index 31bb9d91..14d7a1f7 100644 --- a/src/compat/Debug.props +++ b/src/compat/Debug.props @@ -17,5 +17,15 @@ EditAndContinue + + + true + + + + + true + + \ No newline at end of file diff --git a/src/compat/Release.props b/src/compat/Release.props index 50eaa8de..df04ddf2 100644 --- a/src/compat/Release.props +++ b/src/compat/Release.props @@ -22,5 +22,15 @@ true + + + true + + + + + true + + \ No newline at end of file diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj index 65ee6839..38dd22de 100644 --- a/src/openvpn/openvpn.vcxproj +++ b/src/openvpn/openvpn.vcxproj @@ -158,6 +158,7 @@ Ncrypt.lib;gdi32.lib;ws2_32.lib;wininet.lib;crypt32.lib;iphlpapi.lib;winmm.lib;Fwpuclnt.lib;Rpcrt4.lib;setupapi.lib;Advapi32.lib $(OPENSSL_HOME)/lib;$(LZO_HOME)/lib;$(PKCS11H_HOME)/lib;%(AdditionalLibraryDirectories) Console + true @@ -173,6 +174,7 @@ Ncrypt.lib;gdi32.lib;ws2_32.lib;wininet.lib;crypt32.lib;iphlpapi.lib;winmm.lib;Fwpuclnt.lib;Rpcrt4.lib;setupapi.lib;Advapi32.lib $(OPENSSL_HOME)/lib;$(LZO_HOME)/lib;$(PKCS11H_HOME)/lib;%(AdditionalLibraryDirectories) Console + true @@ -204,6 +206,7 @@ Ncrypt.lib;gdi32.lib;ws2_32.lib;wininet.lib;crypt32.lib;iphlpapi.lib;winmm.lib;Fwpuclnt.lib;Rpcrt4.lib;setupapi.lib;Advapi32.lib $(OPENSSL_HOME)/lib;$(LZO_HOME)/lib;$(PKCS11H_HOME)/lib;%(AdditionalLibraryDirectories) Console + true @@ -220,6 +223,7 @@ Ncrypt.lib;gdi32.lib;ws2_32.lib;wininet.lib;crypt32.lib;iphlpapi.lib;winmm.lib;Fwpuclnt.lib;Rpcrt4.lib;setupapi.lib;Advapi32.lib $(OPENSSL_HOME)/lib;$(LZO_HOME)/lib;$(PKCS11H_HOME)/lib;%(AdditionalLibraryDirectories) Console + true diff --git a/src/openvpnmsica/openvpnmsica-Debug.props b/src/openvpnmsica/openvpnmsica-Debug.props index 43532cfe..c99346af 100644 --- a/src/openvpnmsica/openvpnmsica-Debug.props +++ b/src/openvpnmsica/openvpnmsica-Debug.props @@ -10,5 +10,15 @@ MultiThreadedDebug + + + true + + + + + true + + \ No newline at end of file diff --git a/src/openvpnmsica/openvpnmsica-Release.props b/src/openvpnmsica/openvpnmsica-Release.props index 47727b35..70f82713 100644 --- a/src/openvpnmsica/openvpnmsica-Release.props +++ b/src/openvpnmsica/openvpnmsica-Release.props @@ -11,5 +11,15 @@ Guard + + + true + + + + + true + + \ No newline at end of file diff --git a/src/openvpnserv/openvpnserv.vcxproj b/src/openvpnserv/openvpnserv.vcxproj index 5fd7d60b..65d03e3b 100644 --- a/src/openvpnserv/openvpnserv.vcxproj +++ b/src/openvpnserv/openvpnserv.vcxproj @@ -130,6 +130,7 @@ Userenv.lib;Iphlpapi.lib;ntdll.lib;Fwpuclnt.lib;Netapi32.lib;Shlwapi.lib;%(AdditionalDependencies) Console + true @@ -141,6 +142,7 @@ legacy_stdio_definitions.lib;Userenv.lib;Iphlpapi.lib;ntdll.lib;Fwpuclnt.lib;Netapi32.lib;Shlwapi.lib;%(AdditionalDependencies) Console + true @@ -163,6 +165,7 @@ Userenv.lib;Iphlpapi.lib;ntdll.lib;Fwpuclnt.lib;Netapi32.lib;Shlwapi.lib;%(AdditionalDependencies) Console + true @@ -174,6 +177,7 @@ legacy_stdio_definitions.lib;Userenv.lib;Iphlpapi.lib;ntdll.lib;Fwpuclnt.lib;Netapi32.lib;Shlwapi.lib;%(AdditionalDependencies) Console + true -- 2.29.2.windows.2 ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH v2] BUILD: enable CFG and Spectre mitigation for MSVC
found by BinSkim Signed-off-by: Ilya Shipitsin --- src/compat/Release.props| 1 + src/compat/compat.vcxproj | 6 ++ src/openvpn/openvpn.vcxproj | 9 + src/openvpnmsica/openvpnmsica-Release.props | 1 + src/openvpnmsica/openvpnmsica.vcxproj | 6 ++ src/openvpnserv/openvpnserv.vcxproj | 6 ++ src/tapctl/tapctl.vcxproj | 6 ++ 7 files changed, 35 insertions(+) diff --git a/src/compat/Release.props b/src/compat/Release.props index 63828b79..50eaa8de 100644 --- a/src/compat/Release.props +++ b/src/compat/Release.props @@ -15,6 +15,7 @@ MultiThreadedDLL ProgramDatabase NDEBUG;%(PreprocessorDefinitions) + Guard true diff --git a/src/compat/compat.vcxproj b/src/compat/compat.vcxproj index 49824783..fe03a51a 100644 --- a/src/compat/compat.vcxproj +++ b/src/compat/compat.vcxproj @@ -38,33 +38,39 @@ MultiByte true v142 +Spectre StaticLibrary MultiByte true v142 +Spectre StaticLibrary MultiByte true v142 +Spectre StaticLibrary MultiByte v142 +Spectre StaticLibrary MultiByte v142 +Spectre StaticLibrary MultiByte v142 +Spectre diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj index 5b3e0c6c..65ee6839 100644 --- a/src/openvpn/openvpn.vcxproj +++ b/src/openvpn/openvpn.vcxproj @@ -38,33 +38,39 @@ true NotSet v142 +Spectre Application true NotSet v142 +Spectre Application true NotSet v142 +Spectre Application NotSet v142 +Spectre Application NotSet v142 +Spectre Application NotSet v142 +Spectre @@ -191,6 +197,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -206,6 +213,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -221,6 +229,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard diff --git a/src/openvpnmsica/openvpnmsica-Release.props b/src/openvpnmsica/openvpnmsica-Release.props index 848fda8f..47727b35 100644 --- a/src/openvpnmsica/openvpnmsica-Release.props +++ b/src/openvpnmsica/openvpnmsica-Release.props @@ -8,6 +8,7 @@ MultiThreaded + Guard diff --git a/src/openvpnmsica/openvpnmsica.vcxproj b/src/openvpnmsica/openvpnmsica.vcxproj index c39b1240..11aa78bb 100644 --- a/src/openvpnmsica/openvpnmsica.vcxproj +++ b/src/openvpnmsica/openvpnmsica.vcxproj @@ -40,18 +40,21 @@ v142 Unicode true +Spectre DynamicLibrary true v142 Unicode +Spectre DynamicLibrary true v142 Unicode +Spectre DynamicLibrary @@ -60,6 +63,7 @@ true Unicode true +Spectre DynamicLibrary @@ -67,6 +71,7 @@ v142 true Unicode +Spectre DynamicLibrary @@ -74,6 +79,7 @@ v142 true Unicode +Spectre diff --git a/src/openvpnserv/openvpnserv.vcxproj b/src/openvpnserv/openvpnserv.vcxproj index 8009ab3d..5fd7d60b 100644 --- a/src/openvpnserv/openvpnserv.vcxproj +++ b/src/openvpnserv/openvpnserv.vcxproj @@ -38,33 +38,39 @@ Unicode true v142 +Spectre Application Unicode true v142 +Spectre Application Unicode true v142 +Spectre Application Unicode v142 +Spectre Application Unicode v142 +Spectre Application Unicode v142 +Spectre diff --git a/src/tapctl/tapctl.vcxproj b/src/tapctl/tapctl.vcxproj index ad96f02c..79da9d33 100644 --- a/src/tapctl/tapctl.vcxproj +++ b/src/tapctl/tapctl.vcxproj @@ -40,18 +40,21 @@ v142 Unicode true +Spectre Application true v142 Unicode +Spectre Application true v142 Unicode +Spectre Application @@ -60,6 +63,7 @@ true Unicode true +Spectre Application @@ -67,6 +71,7 @@ v142 true Unicode +Spectre Application @@ -74,6 +79,7 @@ v142 true Unicode +Spectre -- 2.29.2.windows.2 ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] BUILD: enable CFG and Spectre mitigation for MSVC
found by BinSkim Signed-off-by: Ilya Shipitsin --- src/compat/Debug.props| 1 + src/compat/Release.props | 1 + src/compat/compat.vcxproj | 6 ++ src/openvpn/openvpn.vcxproj | 12 src/openvpnmsica/openvpnmsica.props | 1 + src/openvpnmsica/openvpnmsica.vcxproj | 6 ++ src/openvpnserv/openvpnserv.vcxproj | 6 ++ src/tapctl/tapctl.vcxproj | 6 ++ 8 files changed, 39 insertions(+) diff --git a/src/compat/Debug.props b/src/compat/Debug.props index 31bb9d91..810609bf 100644 --- a/src/compat/Debug.props +++ b/src/compat/Debug.props @@ -15,6 +15,7 @@ _DEBUG;%(PreprocessorDefinitions) MultiThreadedDebugDLL EditAndContinue + Guard diff --git a/src/compat/Release.props b/src/compat/Release.props index 63828b79..50eaa8de 100644 --- a/src/compat/Release.props +++ b/src/compat/Release.props @@ -15,6 +15,7 @@ MultiThreadedDLL ProgramDatabase NDEBUG;%(PreprocessorDefinitions) + Guard true diff --git a/src/compat/compat.vcxproj b/src/compat/compat.vcxproj index 49824783..fe03a51a 100644 --- a/src/compat/compat.vcxproj +++ b/src/compat/compat.vcxproj @@ -38,33 +38,39 @@ MultiByte true v142 +Spectre StaticLibrary MultiByte true v142 +Spectre StaticLibrary MultiByte true v142 +Spectre StaticLibrary MultiByte v142 +Spectre StaticLibrary MultiByte v142 +Spectre StaticLibrary MultiByte v142 +Spectre diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj index 5b3e0c6c..8d27f9c6 100644 --- a/src/openvpn/openvpn.vcxproj +++ b/src/openvpn/openvpn.vcxproj @@ -38,33 +38,39 @@ true NotSet v142 +Spectre Application true NotSet v142 +Spectre Application true NotSet v142 +Spectre Application NotSet v142 +Spectre Application NotSet v142 +Spectre Application NotSet v142 +Spectre @@ -146,6 +152,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -161,6 +168,7 @@ Level2 true ..\compat;$(SolutionDir)include;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -176,6 +184,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -191,6 +200,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -206,6 +216,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -221,6 +232,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard diff --git a/src/openvpnmsica/openvpnmsica.props b/src/openvpnmsica/openvpnmsica.props index 074635d0..9e934a73 100644 --- a/src/openvpnmsica/openvpnmsica.props +++ b/src/openvpnmsica/openvpnmsica.props @@ -9,6 +9,7 @@ ..\compat;$(TAP_WINDOWS_HOME)/include;%(AdditionalIncludeDirectories) _WIN32_WINNT=_WIN32_WINNT_VISTA;%(PreprocessorDefinitions) + Guard Windows diff --git a/src/openvpnmsica/openvpnmsica.vcxproj b/src/openvpnmsica/openvpnmsica.vcxproj index c39b1240..11aa78bb 100644 --- a/src/openvpnmsica/openvpnmsica.vcxproj +++ b/src/openvpnmsica/openvpnmsica.vcxproj @@ -40,18 +40,21 @@ v142 Unicode true +Spectre DynamicLibrary true v142 Unicode +Spectre DynamicLibrary true v142 Unicode +Spectre DynamicLibrary @@ -60,6 +63,7 @@ true Unicode true +Spectre DynamicLibrary @@ -67,6 +71,7 @@ v142 true Unicode +Spectre DynamicLibrary @@ -74,6 +79,7 @@ v142 true Unicode +Spectre diff --git a/src/openvpnserv/openvpnserv.vcxproj b/src/openvpnserv/openvpnserv.vcxproj index 8009ab3d..5fd7d60b 100644 --- a/src/openvpnserv/openvpnserv.vcxproj +++ b/src/openvpnserv/openvpnserv.vcxproj @@ -38,33 +38,39 @@ Unicode true v142 +Spectre Application Unicode true v142 +Spectre Application Unicode true v142 +Spectre Application Unicode v142 +Spectre Application Unicode v142 +Spectre Application Unicode v142 +Spectre diff --git a/src/tapctl/tapctl.vcxproj b/src/tapctl/tapctl.vcxproj index ad96f02c..79da9d33 100644 --- a/src/tapctl/tapctl.vcxproj +++ b/src/tapctl
[Openvpn-devel] [PATCH] CI: github actions: keep "pdb" in artifacts
"pdb" files are important for example, for BinSkim analysis. Let us keep them --- .github/workflows/build.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index b2c16449..4c963114 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -227,3 +227,4 @@ jobs: path: | ${{ matrix.plat }}-Output/${{env.BUILD_CONFIGURATION}}/*.exe ${{ matrix.plat }}-Output/${{env.BUILD_CONFIGURATION}}/*.dll +${{ matrix.plat }}-Output/${{env.BUILD_CONFIGURATION}}/*.pdb \ No newline at end of file -- 2.29.2.windows.2 ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH v2] travis-ci: cleanup, refactor, upgrade ssl libraries
Both "compiler" and "exclude" are redundant, so remove them. Add openssl-1.0.1u to build matrix. Enable explicit apt update (it was disabled by default in travis-ci). Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> -- v2: Add openssl-1.0.1u to build matrix (thanks to Steffan Karger), Add explicit apt-get update (it was disabled by default in travis-ci) --- --- .travis.yml | 17 - 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/.travis.yml b/.travis.yml index 51645924..216f0a04 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,9 +5,6 @@ os: linux language: c -compiler: - - gcc - env: global: - JOBS=3 @@ -15,10 +12,10 @@ env: - TAP_WINDOWS_VERSION=9.21.2 - LZO_VERSION=2.10 - PKCS11_HELPER_VERSION=1.22 -- MBEDTLS_VERSION="2.5.1" +- MBEDTLS_VERSION="2.8.0" - MBEDTLS_CFLAGS="-I${PREFIX}/include" - MBEDTLS_LIBS="-L${PREFIX}/lib -lmbedtls -lmbedx509 -lmbedcrypto" -- OPENSSL_VERSION="1.0.2l" +- OPENSSL_VERSION="1.0.2o" - OPENSSL_CFLAGS="-I${PREFIX}/include" - OPENSSL_LIBS="-L${PREFIX}/lib -lssl -lcrypto" # The next declaration is the encrypted COVERITY_SCAN_TOKEN, created @@ -30,13 +27,16 @@ matrix: - env: SSLLIB="openssl" RUN_COVERITY="1" os: linux compiler: gcc -- env: SSLLIB="openssl" OPENSSL_VERSION="1.1.0f" +- env: SSLLIB="openssl" OPENSSL_VERSION="1.0.1u" + os: linux + compiler: gcc +- env: SSLLIB="openssl" OPENSSL_VERSION="1.1.0h" os: linux compiler: gcc - env: SSLLIB="openssl" CFLAGS="-fsanitize=address" os: linux compiler: clang -- env: SSLLIB="openssl" OPENSSL_VERSION="1.1.0f" +- env: SSLLIB="openssl" OPENSSL_VERSION="1.1.0h" os: linux compiler: clang - env: SSLLIB="mbedtls" @@ -65,11 +65,10 @@ matrix: - env: SSLLIB="openssl" EXTRA_CONFIG="--enable-small" os: linux compiler: clang - exclude: -- compiler: gcc addons: apt: +update: true packages: - liblzo2-dev - libpam0g-dev -- 2.14.3 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] travis-ci: cleanup and upgrade ssl libraries
both "compiler" and "exclude" are redundant, so remove them Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> --- .travis.yml | 13 - 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/.travis.yml b/.travis.yml index 51645924..1cbd96bc 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,9 +5,6 @@ os: linux language: c -compiler: - - gcc - env: global: - JOBS=3 @@ -15,10 +12,10 @@ env: - TAP_WINDOWS_VERSION=9.21.2 - LZO_VERSION=2.10 - PKCS11_HELPER_VERSION=1.22 -- MBEDTLS_VERSION="2.5.1" +- MBEDTLS_VERSION="2.8.0" - MBEDTLS_CFLAGS="-I${PREFIX}/include" - MBEDTLS_LIBS="-L${PREFIX}/lib -lmbedtls -lmbedx509 -lmbedcrypto" -- OPENSSL_VERSION="1.0.2l" +- OPENSSL_VERSION="1.0.2o" - OPENSSL_CFLAGS="-I${PREFIX}/include" - OPENSSL_LIBS="-L${PREFIX}/lib -lssl -lcrypto" # The next declaration is the encrypted COVERITY_SCAN_TOKEN, created @@ -30,13 +27,13 @@ matrix: - env: SSLLIB="openssl" RUN_COVERITY="1" os: linux compiler: gcc -- env: SSLLIB="openssl" OPENSSL_VERSION="1.1.0f" +- env: SSLLIB="openssl" OPENSSL_VERSION="1.1.0h" os: linux compiler: gcc - env: SSLLIB="openssl" CFLAGS="-fsanitize=address" os: linux compiler: clang -- env: SSLLIB="openssl" OPENSSL_VERSION="1.1.0f" +- env: SSLLIB="openssl" OPENSSL_VERSION="1.1.0h" os: linux compiler: clang - env: SSLLIB="mbedtls" @@ -65,8 +62,6 @@ matrix: - env: SSLLIB="openssl" EXTRA_CONFIG="--enable-small" os: linux compiler: clang - exclude: -- compiler: gcc addons: apt: -- 2.14.3 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] travis-ci: add pkcs11-helper patch identical to openvpn-build
currently patch of implementing RFC7512 URI Scheme is added during building windows installer. The same patch was added to travis-ci cross builds Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> --- .travis/build-deps.sh | 17 +- .travis/pkcs11-helper-001-RFC7512.patch | 656 2 files changed, 669 insertions(+), 4 deletions(-) create mode 100644 .travis/pkcs11-helper-001-RFC7512.patch diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index 96a030cc..6270a945 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -4,6 +4,11 @@ set -eux # Set defaults PREFIX="${PREFIX:-${HOME}/opt}" +die() { +echo "FATAL: $1" >&2 +exit 1 +} + download_tap_windows () { if [ ! -f "download-cache/tap-windows-${TAP_WINDOWS_VERSION}.zip" ]; then wget -P download-cache/ \ @@ -15,12 +20,12 @@ download_lzo () { if [ ! -f "download-cache/lzo-${LZO_VERSION}.tar.gz" ]; then wget -P download-cache/ \ "http://www.oberhumer.com/opensource/lzo/download/lzo-${LZO_VERSION}.tar.gz; +tar zxf download-cache/lzo-${LZO_VERSION}.tar.gz fi } build_lzo () { if [ "$(cat ${PREFIX}/.lzo-version)" != "${LZO_VERSION}" ]; then -tar zxf download-cache/lzo-${LZO_VERSION}.tar.gz ( cd "lzo-${LZO_VERSION}" @@ -36,12 +41,12 @@ download_pkcs11_helper () { if [ ! -f "pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2" ]; then wget -P download-cache/ \ "https://github.com/OpenSC/pkcs11-helper/releases/download/pkcs11-helper-${PKCS11_HELPER_VERSION}/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2; +tar jxf download-cache/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2 fi } build_pkcs11_helper () { if [ "$(cat ${PREFIX}/.pkcs11_helper-version)" != "${PKCS11_HELPER_VERSION}" ]; then -tar jxf download-cache/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2 ( cd "pkcs11-helper-${PKCS11_HELPER_VERSION}" @@ -158,8 +163,12 @@ if [ ! -z ${CHOST+x} ]; then unzip download-cache/tap-windows-${TAP_WINDOWS_VERSION}.zip download_lzo - build_lzo - download_pkcs11_helper + + for f in .travis/*.patch; do + patch -p1 < "${f}" || die "Patch '${f}'" + done + + build_lzo build_pkcs11_helper fi diff --git a/.travis/pkcs11-helper-001-RFC7512.patch b/.travis/pkcs11-helper-001-RFC7512.patch new file mode 100644 index ..ad21c854 --- /dev/null +++ b/.travis/pkcs11-helper-001-RFC7512.patch @@ -0,0 +1,656 @@ +diff --git a/pkcs11-helper-1.22/lib/pkcs11h-serialization.c b/pkcs11-helper-1.22/lib/pkcs11h-serialization.c +index ad275f8..1d077e4 100644 +--- a/pkcs11-helper-1.22/lib/pkcs11h-serialization.c b/pkcs11-helper-1.22/lib/pkcs11h-serialization.c +@@ -61,29 +61,127 @@ + + #if defined(ENABLE_PKCS11H_TOKEN) || defined(ENABLE_PKCS11H_CERTIFICATE) + ++#define URI_SCHEME "pkcs11:" ++ ++#define token_field_ofs(field) ((unsigned long)&(((struct pkcs11h_token_id_s *)0)->field)) ++#define token_field_size(field) sizeofstruct pkcs11h_token_id_s *)0)->field)) ++#define token_field(name, field) { name "=", sizeof(name), \ ++ token_field_ofs(field), token_field_size(field) } ++ ++static struct { ++ const char const *name; ++ size_t namelen; ++ unsigned long field_ofs; ++ size_t field_size; ++} __token_fields[] = { ++ token_field ("model", model), ++ token_field ("token", label), ++ token_field ("manufacturer", manufacturerID ), ++ token_field ("serial", serialNumber ), ++ { NULL }, ++}; ++ ++#define P11_URL_VERBATIM "abcdefghijklmnopqrstuvwxyz" \ ++"ABCDEFGHIJKLMNOPQRSTUVWXYZ" \ ++"0123456789_-." ++ ++static ++int ++__token_attr_escape(char *uri, char *attr, size_t attrlen) ++{ ++ int len = 0, i; ++ ++ for (i = 0; i < attrlen; i++) { ++ if (strchr(P11_URL_VERBATIM, attr[i])) { ++ if (uri) { ++ *(uri++) = attr[i]; ++ } ++ len++; ++ } else { ++ if (uri) { ++ sprintf(uri, "%%%02x", (unsigned char)attr[i]); ++ uri += 3; ++ } ++ len += 3; ++ } ++ } ++ return len; ++} ++ ++static ++CK_RV ++__generate_pkcs11_uri ( ++ OUT char * const sz, ++ IN OUT size_t *max, ++ IN const pkcs11h_certificate_id_t certificate_id, ++
[Openvpn-devel] [PATCH] travis-ci: modify openssl build script to support openssl-1.1.0
no-multilib is only supported on openssl-1.0.X, do not use it if OPENSSL_VERSION is 1.1.0 Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> --- .travis/build-deps.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index bc538853..1761932e 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -110,8 +110,9 @@ build_openssl_mingw () { export TARGET=mingw64 fi -./Configure --cross-compile-prefix=${CHOST}- shared \ - ${TARGET} no-multilib no-capieng --prefix="${PREFIX}" --openssldir="${PREFIX}" -static-libgcc +./Configure --cross-compile-prefix=${CHOST}- shared ${TARGET} \ + $([[ ${OPENSSL_VERSION} == "1.0."* ]] && echo "no-multilib") \ + no-capieng --prefix="${PREFIX}" --openssldir="${PREFIX}" -static-libgcc make install ) } -- 2.14.3 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH v3] travis-ci: add brew cache, remove ccache
1-2 minutes speedup osx builds by using brew cache. Also, ccache was removed for a while (builds fail after travis-ci upgraded clang to version 5.0.0) --- v2: this is a "v2" of previously issued "enable ccache for osx and mingw builds" patch. I decided not to enable ccache for mingw builds as it does not speedup them v3: removed ccache at all, because it fails on clang-5.0.0 .travis.yml | 2 +- .travis/build-deps.sh | 10 -- 2 files changed, 1 insertion(+), 11 deletions(-) diff --git a/.travis.yml b/.travis.yml index 1f669b30..43217b59 100644 --- a/.travis.yml +++ b/.travis.yml @@ -78,10 +78,10 @@ addons: - man2html cache: - ccache: true directories: - download-cache - ${HOME}/opt + - ${HOME}/Library/Caches/Homebrew before_install: - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then brew update ; fi diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index e787abab..bc538853 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -130,16 +130,6 @@ build_openssl () { fi } -# Enable ccache -if [ "${TRAVIS_OS_NAME}" != "osx" ] && [ -z ${CHOST+x} ]; then -# ccache not available on osx, see: -# https://github.com/travis-ci/travis-ci/issues/5567 -# also ccache not enabled for cross builds -mkdir -p "${HOME}/bin" -ln -s "$(which ccache)" "${HOME}/bin/${CC}" -PATH="${HOME}/bin:${PATH}" -fi - if [ ! -z ${CHOST+x} ]; then # # openvpn requires at least mingw-gcc-4.9, which is available at xenial repo -- 2.14.3 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] travis-ci: speedup osx build by enabling brew cache
1-2 minutes speedup by using brew cache, also ccache is no more disabled for osx build (even it does not speedup significantly, it simplifies the overall script) --- this is a "v2" of previously issued "enable ccache for osx and mingw builds" patch. I decided not to enable ccache for mingw builds as it does not speedup them .travis.yml | 5 +++-- .travis/build-deps.sh | 7 ++- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/.travis.yml b/.travis.yml index 1f669b30..34e0ac04 100644 --- a/.travis.yml +++ b/.travis.yml @@ -82,10 +82,11 @@ cache: directories: - download-cache - ${HOME}/opt + - ${HOME}/Library/Caches/Homebrew before_install: - - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then brew update ; fi - - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then brew install lzo; fi + - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then brew update; fi + - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then brew install lzo ccache; fi install: - if [ ! -z "${CHOST}" ]; then unset CC; fi diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index e787abab..e7036b6b 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -130,11 +130,8 @@ build_openssl () { fi } -# Enable ccache -if [ "${TRAVIS_OS_NAME}" != "osx" ] && [ -z ${CHOST+x} ]; then -# ccache not available on osx, see: -# https://github.com/travis-ci/travis-ci/issues/5567 -# also ccache not enabled for cross builds +# Enable ccache except cross builds +if [ -z ${CHOST+x} ]; then mkdir -p "${HOME}/bin" ln -s "$(which ccache)" "${HOME}/bin/${CC}" PATH="${HOME}/bin:${PATH}" -- 2.14.3 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] travis-ci: enable ccache for osx and mingw builds
-- ccache was now tested by me and works for osx and mingw builds as well --- .travis.yml | 2 +- .travis/build-deps.sh | 14 ++ 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/.travis.yml b/.travis.yml index 366e6599..8efb1cbd 100644 --- a/.travis.yml +++ b/.travis.yml @@ -88,7 +88,7 @@ cache: before_install: - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then brew update ; fi - - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then brew install lzo; fi + - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then brew install lzo ccache; fi install: - if [ ! -z "${CHOST}" ]; then unset CC; fi diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index e787abab..001565f3 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -130,15 +130,13 @@ build_openssl () { fi } -# Enable ccache -if [ "${TRAVIS_OS_NAME}" != "osx" ] && [ -z ${CHOST+x} ]; then -# ccache not available on osx, see: -# https://github.com/travis-ci/travis-ci/issues/5567 -# also ccache not enabled for cross builds -mkdir -p "${HOME}/bin" -ln -s "$(which ccache)" "${HOME}/bin/${CC}" -PATH="${HOME}/bin:${PATH}" +mkdir -p "${HOME}/bin" +if [ -z ${CHOST+x} ]; then +ln -s "$(which ccache)" "${HOME}/bin/${CC}" +else +ln -s "$(which ccache)" "${HOME}/bin/${CHOST}-cc" fi +PATH="${HOME}/bin:${PATH}" if [ ! -z ${CHOST+x} ]; then # -- 2.13.3 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH 0/1] travis-ci: libressl support for osx
Tunnelblick ships openvpn binary built with libressl (see https://github.com/Tunnelblick/Tunnelblick/issues/317 ) Ilya Shipitsin (1): travis-ci: add libressl build for osx .travis.yml| 5 + .travis/build-check.sh | 4 .travis/build-deps.sh | 31 +++ 3 files changed, 40 insertions(+) -- 2.13.3 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] v2 travis-ci: update pkcs11-helper to 1.22
use pkcs11-helper from https://github.com/OpenSC/pkcs11-helper/ to match build process used in windows installer build Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> --- v2: break lines up into 80-char, thanks Steffan Karger .travis.yml | 2 +- .travis/build-deps.sh | 8 ++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index db90e03a..fc98a4d0 100644 --- a/.travis.yml +++ b/.travis.yml @@ -14,7 +14,7 @@ env: - PREFIX="${HOME}/opt" - TAP_WINDOWS_VERSION=9.21.2 - LZO_VERSION=2.10 -- PKCS11_HELPER_VERSION=1.11 +- PKCS11_HELPER_VERSION=1.22 - MBEDTLS_VERSION="2.4.0" - MBEDTLS_CFLAGS="-I${PREFIX}/include" - MBEDTLS_LIBS="-L${PREFIX}/lib -lmbedtls -lmbedx509 -lmbedcrypto" diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index 9cc18584..e787abab 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -35,7 +35,7 @@ build_lzo () { download_pkcs11_helper () { if [ ! -f "pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2" ]; then wget -P download-cache/ \ - "http://downloads.sourceforge.net/project/opensc/pkcs11-helper/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2; + "https://github.com/OpenSC/pkcs11-helper/releases/download/pkcs11-helper-${PKCS11_HELPER_VERSION}/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2; fi } @@ -46,7 +46,11 @@ build_pkcs11_helper () { cd "pkcs11-helper-${PKCS11_HELPER_VERSION}" ./configure --host=${CHOST} --program-prefix='' --libdir=${PREFIX}/lib \ - --prefix=${PREFIX} --build=x86_64-pc-linux-gnu --disable-crypto-engine-gnutls --disable-crypto-engine-nss + --prefix=${PREFIX} --build=x86_64-pc-linux-gnu \ + --disable-crypto-engine-gnutls \ + --disable-crypto-engine-nss \ + --disable-crypto-engine-polarssl \ + --disable-crypto-engine-mbedtls make all install ) echo "${PKCS11_HELPER_VERSION}" > "${PREFIX}/.pkcs11_helper-version" -- 2.13.3 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH 1/3] travis-ci: update pkcs11-helper to 1.22
use pkcs11-helper from https://github.com/OpenSC/pkcs11-helper/ to match build process used in windows installer build --- .travis.yml | 2 +- .travis/build-deps.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index db90e03a..fc98a4d0 100644 --- a/.travis.yml +++ b/.travis.yml @@ -14,7 +14,7 @@ env: - PREFIX="${HOME}/opt" - TAP_WINDOWS_VERSION=9.21.2 - LZO_VERSION=2.10 -- PKCS11_HELPER_VERSION=1.11 +- PKCS11_HELPER_VERSION=1.22 - MBEDTLS_VERSION="2.4.0" - MBEDTLS_CFLAGS="-I${PREFIX}/include" - MBEDTLS_LIBS="-L${PREFIX}/lib -lmbedtls -lmbedx509 -lmbedcrypto" diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index 9cc18584..7d8f911b 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -35,7 +35,7 @@ build_lzo () { download_pkcs11_helper () { if [ ! -f "pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2" ]; then wget -P download-cache/ \ - "http://downloads.sourceforge.net/project/opensc/pkcs11-helper/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2; + "https://github.com/OpenSC/pkcs11-helper/releases/download/pkcs11-helper-${PKCS11_HELPER_VERSION}/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2; fi } @@ -46,7 +46,7 @@ build_pkcs11_helper () { cd "pkcs11-helper-${PKCS11_HELPER_VERSION}" ./configure --host=${CHOST} --program-prefix='' --libdir=${PREFIX}/lib \ - --prefix=${PREFIX} --build=x86_64-pc-linux-gnu --disable-crypto-engine-gnutls --disable-crypto-engine-nss + --prefix=${PREFIX} --build=x86_64-pc-linux-gnu --disable-crypto-engine-gnutls --disable-crypto-engine-nss --disable-crypto-engine-polarssl --disable-crypto-engine-mbedtls make all install ) echo "${PKCS11_HELPER_VERSION}" > "${PREFIX}/.pkcs11_helper-version" -- 2.13.3 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH 2/3] travis-ci: update openssl to 1.0.2l, update mbedtls to 2.5.1
--- .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index fc98a4d0..0b531529 100644 --- a/.travis.yml +++ b/.travis.yml @@ -15,10 +15,10 @@ env: - TAP_WINDOWS_VERSION=9.21.2 - LZO_VERSION=2.10 - PKCS11_HELPER_VERSION=1.22 -- MBEDTLS_VERSION="2.4.0" +- MBEDTLS_VERSION="2.5.1" - MBEDTLS_CFLAGS="-I${PREFIX}/include" - MBEDTLS_LIBS="-L${PREFIX}/lib -lmbedtls -lmbedx509 -lmbedcrypto" -- OPENSSL_VERSION="1.0.2k" +- OPENSSL_VERSION="1.0.2l" - OPENSSL_CFLAGS="-I${PREFIX}/include" - OPENSSL_LIBS="-L${PREFIX}/lib -lssl -lcrypto" -- 2.13.3 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH 3/3] add a test to "openvpn --help"
inspired by https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13808.html --- tests/Makefile.am | 2 +- tests/t_usage.sh | 29 + 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100755 tests/t_usage.sh diff --git a/tests/Makefile.am b/tests/Makefile.am index 0795680c..7306d1d1 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -14,7 +14,7 @@ MAINTAINERCLEANFILES = \ SUBDIRS = unit_tests -test_scripts = t_client.sh +test_scripts = t_client.sh t_usage.sh if ENABLE_CRYPTO test_scripts += t_lpback.sh t_cltsrv.sh endif diff --git a/tests/t_usage.sh b/tests/t_usage.sh new file mode 100755 index ..f4845468 --- /dev/null +++ b/tests/t_usage.sh @@ -0,0 +1,29 @@ +#!/bin/sh +# +# run "openvpn --help" +# - check that openvpn did not crash +# +# prerequisites: +# - openvpn binary in current directory +# +# inspired by https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13808.html +# + +top_builddir="${top_builddir:-..}" + +if [ ! -x "${top_builddir}/src/openvpn/openvpn" ] +then +echo "no (executable) openvpn binary in current build tree. FAIL." >&2 +exit 1 +fi + +exit_code=0 + +"${top_builddir}/src/openvpn/openvpn" --help >/dev/null + +if [ $? -ne 1 ] +then + exit_code=1 +fi + +exit $exit_code -- 2.13.3 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] win32 build: check for ENETUNREACH
Currently, we do not check for mingw-gcc version. For example, Debian 7 is shipped with 4.6.3, which does not know about ENETUNREACH --- this is for 2.4 and HEAD branches configure.ac | 14 ++ 1 file changed, 14 insertions(+) diff --git a/configure.ac b/configure.ac index 60bb465..80b26ff 100644 --- a/configure.ac +++ b/configure.ac @@ -708,6 +708,20 @@ m4_define( [setsockopt getsockopt getsockname poll]dnl ) if test "${WIN32}" = "yes"; then + +# +# check for ENETUNREACH +# at least Debian 7 is shipped with gcc-mingw-w64-4.6.3, which is too old +# +AC_COMPILE_IFELSE([AC_LANG_PROGRAM( +[[#include +#if !defined (ENETUNREACH) +# error ENETUNREACH not defined +#endif +]])], + , + [AC_MSG_ERROR([gcc-mingw is too old, please update])]) + # normal autoconf function checking does not find inet_ntop/inet_pton # because they need to include the actual header file and link ws2_32.dll LIBS="${LIBS} -lws2_32" -- 2.9.4 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] travis-ci: added gcc and clang openssl-1.1.0 builds
openssl build script was modified according to official openssl manual: https://wiki.openssl.org/index.php/Compilation_and_Installation --- .travis.yml | 6 ++ .travis/build-deps.sh | 6 +++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index bb44222..db90e03 100644 --- a/.travis.yml +++ b/.travis.yml @@ -27,9 +27,15 @@ matrix: - env: SSLLIB="openssl" os: linux compiler: gcc +- env: SSLLIB="openssl" OPENSSL_VERSION="1.1.0f" + os: linux + compiler: gcc - env: SSLLIB="openssl" os: linux compiler: clang +- env: SSLLIB="openssl" OPENSSL_VERSION="1.1.0f" + os: linux + compiler: clang - env: SSLLIB="mbedtls" os: linux compiler: gcc diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index c5c1188..9cc1858 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -82,7 +82,7 @@ download_openssl () { build_openssl_linux () { ( cd "openssl-${OPENSSL_VERSION}/" -./config shared --openssldir="${PREFIX}" -DPURIFY +./config shared --prefix="${PREFIX}" --openssldir="${PREFIX}" -DPURIFY make all install_sw ) } @@ -91,7 +91,7 @@ build_openssl_osx () { ( cd "openssl-${OPENSSL_VERSION}/" ./Configure darwin64-x86_64-cc shared \ ---openssldir="${PREFIX}" -DPURIFY +--prefix="${PREFIX}" --openssldir="${PREFIX}" -DPURIFY make depend all install_sw ) } @@ -107,7 +107,7 @@ build_openssl_mingw () { fi ./Configure --cross-compile-prefix=${CHOST}- shared \ - ${TARGET} no-multilib no-capieng --openssldir="${PREFIX}" -static-libgcc + ${TARGET} no-multilib no-capieng --prefix="${PREFIX}" --openssldir="${PREFIX}" -static-libgcc make install ) } -- 2.5.5 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] v4, travis-ci: add 2 mingw "build only" configurations
Inspired by https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13032.html build options are taken from regular windows installer builds Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> --- v2: moved download/build dependencies into functions, changed cross build detection from shell expansion ${CHOST+x} to more recognised -z "${CHOST}", which required changing 'set -eux' to 'set -ex'. Added comments to make code readable without looking into commit message. v3: fixed "trailing whitespaces" found by Samuli Seppänen. Added back "set -u", thanks to Steffan Karger. Changed repo manipulation to "apt-add-repository", thanks to Nathan Stratton Treadway. v4: moved build/test logic into separate script running with "set -eux", thanks to Steffan Karger .travis.yml| 22 ++-- .travis/build-check.sh | 30 .travis/build-deps.sh | 98 +++--- 3 files changed, 135 insertions(+), 15 deletions(-) create mode 100755 .travis/build-check.sh diff --git a/.travis.yml b/.travis.yml index 3c0aa7d..bb44222 100644 --- a/.travis.yml +++ b/.travis.yml @@ -12,6 +12,9 @@ env: global: - JOBS=3 - PREFIX="${HOME}/opt" +- TAP_WINDOWS_VERSION=9.21.2 +- LZO_VERSION=2.10 +- PKCS11_HELPER_VERSION=1.11 - MBEDTLS_VERSION="2.4.0" - MBEDTLS_CFLAGS="-I${PREFIX}/include" - MBEDTLS_LIBS="-L${PREFIX}/lib -lmbedtls -lmbedx509 -lmbedcrypto" @@ -50,6 +53,12 @@ matrix: os: osx osx_image: xcode7.3 compiler: clang +- env: SSLLIB="openssl" CHOST=x86_64-w64-mingw32 + os: linux + compiler: ": Win64 build only" +- env: SSLLIB="openssl" CHOST=i686-w64-mingw32 + os: linux + compiler: ": Win32 build only" exclude: - compiler: gcc @@ -60,6 +69,7 @@ addons: - libpam0g-dev - liblz4-dev - linux-libc-dev + - man2html cache: ccache: true @@ -72,16 +82,8 @@ before_install: - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then brew install lzo; fi install: + - if [ ! -z "${CHOST}" ]; then unset CC; fi - .travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log && exit 1) script: - - if [ "${TRAVIS_OS_NAME}" = "linux" ]; then export LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH}"; fi - - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then export DYLD_LIBRARY_PATH="${PREFIX}/lib:${DYLD_LIBRARY_PATH}"; fi - - autoreconf -vi - - ./configure --with-crypto-library="${SSLLIB}" ${EXTRA_CONFIG} || (cat config.log && exit 1) - - make -j$JOBS - - src/openvpn/openvpn --version || true - - if [ "${TRAVIS_OS_NAME}" = "linux" ]; then ldd src/openvpn/openvpn; fi - - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then otool -L src/openvpn/openvpn; fi - - make check - - $EXTRA_SCRIPT + - .travis/build-check.sh diff --git a/.travis/build-check.sh b/.travis/build-check.sh new file mode 100755 index 000..5ef8c6c --- /dev/null +++ b/.travis/build-check.sh @@ -0,0 +1,30 @@ +#!/bin/sh +set -eux + +if [ "${TRAVIS_OS_NAME}" = "linux" ]; then + export LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH:-}" +fi + +if [ "${TRAVIS_OS_NAME}" = "osx" ]; then + export DYLD_LIBRARY_PATH="${PREFIX}/lib:${DYLD_LIBRARY_PATH:-}" +fi + +autoreconf -vi + +if [ -z ${CHOST+x} ]; then + ./configure --with-crypto-library="${SSLLIB}" ${EXTRA_CONFIG:-} || (cat config.log && exit 1) + make -j$JOBS + src/openvpn/openvpn --version || true + if [ "${TRAVIS_OS_NAME}" = "linux" ]; then ldd src/openvpn/openvpn; fi + if [ "${TRAVIS_OS_NAME}" = "osx" ]; then otool -L src/openvpn/openvpn; fi + make check + ${EXTRA_SCRIPT:-} +else + export TAP_CFLAGS="-I${PWD}/tap-windows-${TAP_WINDOWS_VERSION}/include" + export LZO_CFLAGS="-I${PREFIX}/include" + export LZO_LIBS="-L${PREFIX}/lib -llzo2" + export PKCS11_HELPER_LIBS="-L${PREFIX}/lib -lpkcs11-helper" + export PKCS11_HELPER_CFLAGS="-I${PREFIX}/include" + ./configure --with-crypto-library="${SSLLIB}" --host=${CHOST} --build=x86_64-pc-linux-gnu --enable-pkcs11 --disable-plugins || (cat config.log && exit 1) + make -j${JOBS} +fi diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index 3ffba0b..c5c1188 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -4,6 +4,55 @@ set -eux # Set defaults PREFIX="${PREFIX:-${HOME}/opt}" +download_tap_windows () { +if [ ! -f "download-cache/tap-windows-${TAP_WINDOWS_VERSION}.
[Openvpn-devel] [PATCH] v3: resolve format string warnings
[src/openvpn/options.c:1163]: (warning) %x in format string (no. 1) requires 'unsigned int *' but the argument type is 'signed int *'. [src/openvpn/route.c:3187]: (warning) %d in format string (no. 5) requires 'int *' but the argument type is 'unsigned int *'. Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> --- v2: use "uint8_t" in options.c, thanks to Gert Doering v3: switch back to "unsigned int", thanks to David Sommerseth src/openvpn/options.c | 2 +- src/openvpn/route.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index dcb6ecf..2bc7e62 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -1147,7 +1147,7 @@ parse_hash_fingerprint(const char *str, int nbytes, int msglevel, struct gc_aren const char *cp = str; uint8_t *ret = (uint8_t *) gc_malloc(nbytes, true, gc); char term = 1; -int byte; +unsigned int byte; char bs[3]; for (i = 0; i < nbytes; ++i) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 08998d5..ecfa60f 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -3184,7 +3184,7 @@ get_default_gateway(struct route_gateway_info *rgi) unsigned int flags = 0; char name[16]; name[0] = 0; -const int np = sscanf(line, "%15s\t%x\t%x\t%x\t%*s\t%*s\t%d\t%x", +const int np = sscanf(line, "%15s\t%x\t%x\t%x\t%*s\t%*s\t%u\t%x", name, _x, _x, -- 2.5.5 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] travis-ci: add 2 mingw "build only configurations"
Inspired by https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13032.html build options are taken from regular windows installer builds Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> --- .travis.yml | 30 +--- .travis/build-deps.sh | 55 ++- 2 files changed, 73 insertions(+), 12 deletions(-) diff --git a/.travis.yml b/.travis.yml index 3c0aa7d..9ab30a2 100644 --- a/.travis.yml +++ b/.travis.yml @@ -12,6 +12,9 @@ env: global: - JOBS=3 - PREFIX="${HOME}/opt" +- TAP_WINDOWS_VERSION=9.21.2 +- LZO_VERSION=2.10 +- PKCS11_HELPER_VERSION=1.11 - MBEDTLS_VERSION="2.4.0" - MBEDTLS_CFLAGS="-I${PREFIX}/include" - MBEDTLS_LIBS="-L${PREFIX}/lib -lmbedtls -lmbedx509 -lmbedcrypto" @@ -50,6 +53,12 @@ matrix: os: osx osx_image: xcode7.3 compiler: clang +- env: SSLLIB="openssl" CHOST=x86_64-w64-mingw32 + os: linux + compiler: ": Win64 build only" +- env: SSLLIB="openssl" CHOST=i686-w64-mingw32 + os: linux + compiler: ": Win32 build only" exclude: - compiler: gcc @@ -60,6 +69,7 @@ addons: - libpam0g-dev - liblz4-dev - linux-libc-dev + - man2html cache: ccache: true @@ -72,16 +82,22 @@ before_install: - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then brew install lzo; fi install: + - if [ ! -z "${CHOST+xxx}" ]; then unset CC; unset CXX; fi - .travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log && exit 1) script: - if [ "${TRAVIS_OS_NAME}" = "linux" ]; then export LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH}"; fi - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then export DYLD_LIBRARY_PATH="${PREFIX}/lib:${DYLD_LIBRARY_PATH}"; fi - autoreconf -vi - - ./configure --with-crypto-library="${SSLLIB}" ${EXTRA_CONFIG} || (cat config.log && exit 1) - - make -j$JOBS - - src/openvpn/openvpn --version || true - - if [ "${TRAVIS_OS_NAME}" = "linux" ]; then ldd src/openvpn/openvpn; fi - - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then otool -L src/openvpn/openvpn; fi - - make check - - $EXTRA_SCRIPT + - if [ -z "${CHOST+xxx}" ]; then + ./configure --with-crypto-library="${SSLLIB}" ${EXTRA_CONFIG} || (cat config.log && exit 1); + make -j$JOBS; + src/openvpn/openvpn --version || true; + if [ "${TRAVIS_OS_NAME}" = "linux" ]; then ldd src/openvpn/openvpn; fi; + if [ "${TRAVIS_OS_NAME}" = "osx" ]; then otool -L src/openvpn/openvpn; fi; + make check; + $EXTRA_SCRIPT; +else + TAP_CFLAGS="-I${PWD}/tap-windows-${TAP_WINDOWS_VERSION}/include" LZO_CFLAGS="-I${PREFIX}/include" LZO_LIBS="-L${PREFIX}/lib -llzo2" PKCS11_HELPER_LIBS="-L${PREFIX}/lib -lpkcs11-helper" PKCS11_HELPER_CFLAGS="-I${PREFIX}/include" ./configure --host=${CHOST} --build=x86_64-pc-linux-gnu --enable-pkcs11 --disable-plugins || (cat config.log && exit 1); + make -j$JOBS; +fi diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index 3ffba0b..18f40ec 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -31,7 +31,6 @@ download_openssl () { } build_openssl_linux () { -tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" ( cd "openssl-${OPENSSL_VERSION}/" ./config shared --openssldir="${PREFIX}" -DPURIFY @@ -40,7 +39,6 @@ build_openssl_linux () { } build_openssl_osx () { -tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" ( cd "openssl-${OPENSSL_VERSION}/" ./Configure darwin64-x86_64-cc shared \ @@ -49,9 +47,25 @@ build_openssl_osx () { ) } +build_openssl_mingw () { +( +cd "openssl-${OPENSSL_VERSION}/" + +if [ "${CHOST}" = "i686-w64-mingw32" ]; then export target=mingw; fi +if [ "${CHOST}" = "x86_64-w64-mingw32" ]; then export target=mingw64; fi + +./Configure --cross-compile-prefix=${CHOST}- shared \ + $target no-multilib no-capieng --openssldir="${PREFIX}" -static-libgcc +make install +) +} + build_openssl () { if [ "$(cat ${PREFIX}/.openssl-version)" != "${OPENSSL_VERSION}" ]; then -if [ "${TRAVIS_OS_NAME}" = "osx" ]; then +tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz" +if [ ! -z ${CHOST+xxx} ]; then +build_openssl_mingw +elif [ "${TRAVIS_OS_NAME}" = "osx" ]; then
[Openvpn-devel] [PATCH] v2: resolve format string warnings
[src/openvpn/options.c:1163]: (warning) %x in format string (no. 1) requires 'unsigned int *' but the argument type is 'signed int *'. [src/openvpn/route.c:3187]: (warning) %d in format string (no. 5) requires 'int *' but the argument type is 'unsigned int *'. v2: use "uint8_t" in options.c, thanks to Gert Doering Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> --- src/openvpn/options.c | 4 ++-- src/openvpn/route.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index dcb6ecf..6aa72dc 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -1147,7 +1147,7 @@ parse_hash_fingerprint(const char *str, int nbytes, int msglevel, struct gc_aren const char *cp = str; uint8_t *ret = (uint8_t *) gc_malloc(nbytes, true, gc); char term = 1; -int byte; +uint8_t byte; char bs[3]; for (i = 0; i < nbytes; ++i) @@ -1164,7 +1164,7 @@ parse_hash_fingerprint(const char *str, int nbytes, int msglevel, struct gc_aren { msg(msglevel, "format error in hash fingerprint hex byte: %s", str); } -ret[i] = (uint8_t)byte; +ret[i] = byte; term = *cp++; if (term != ':' && term != 0) { diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 08998d5..ecfa60f 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -3184,7 +3184,7 @@ get_default_gateway(struct route_gateway_info *rgi) unsigned int flags = 0; char name[16]; name[0] = 0; -const int np = sscanf(line, "%15s\t%x\t%x\t%x\t%*s\t%*s\t%d\t%x", +const int np = sscanf(line, "%15s\t%x\t%x\t%x\t%*s\t%*s\t%u\t%x", name, _x, _x, -- 2.5.5 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] resolve format string warnings
[src/openvpn/options.c:1163]: (warning) %x in format string (no. 1) requires 'unsigned int *' but the argument type is 'signed int *'. [src/openvpn/route.c:3187]: (warning) %d in format string (no. 5) requires 'int *' but the argument type is 'unsigned int *'. Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> --- src/openvpn/options.c | 2 +- src/openvpn/route.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index dcb6ecf..2bc7e62 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -1147,7 +1147,7 @@ parse_hash_fingerprint(const char *str, int nbytes, int msglevel, struct gc_aren const char *cp = str; uint8_t *ret = (uint8_t *) gc_malloc(nbytes, true, gc); char term = 1; -int byte; +unsigned int byte; char bs[3]; for (i = 0; i < nbytes; ++i) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 08998d5..ecfa60f 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -3184,7 +3184,7 @@ get_default_gateway(struct route_gateway_info *rgi) unsigned int flags = 0; char name[16]; name[0] = 0; -const int np = sscanf(line, "%15s\t%x\t%x\t%x\t%*s\t%*s\t%d\t%x", +const int np = sscanf(line, "%15s\t%x\t%x\t%x\t%*s\t%*s\t%u\t%x", name, _x, _x, -- 2.5.5 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] travis-ci: remove unused files
Those files were commited by mistake. I implemented building dependencies in 4 separate scripts, later Steffan Karger combined all 4 scripts into "build-deps.sh". Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> --- .travis/build-mbedtls-linux.sh | 9 - .travis/build-mbedtls-osx.sh | 9 - .travis/build-openssl-linux.sh | 12 .travis/build-openssl-osx.sh | 11 --- 4 files changed, 41 deletions(-) delete mode 100755 .travis/build-mbedtls-linux.sh delete mode 100755 .travis/build-mbedtls-osx.sh delete mode 100755 .travis/build-openssl-linux.sh delete mode 100755 .travis/build-openssl-osx.sh diff --git a/.travis/build-mbedtls-linux.sh b/.travis/build-mbedtls-linux.sh deleted file mode 100755 index dc92aaf..000 --- a/.travis/build-mbedtls-linux.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh - -if [ ! -f download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz ]; then - wget -O download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz https://tls.mbed.org/download/mbedtls-${MBEDTLS_VERSION}-apache.tgz; -fi - -tar zxf download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz -cd mbedtls-${MBEDTLS_VERSION} && make > build.log 2>&1 || (cat build.log && exit 1) -make install DESTDIR=$MBEDTLS_PREFIX && cd .. diff --git a/.travis/build-mbedtls-osx.sh b/.travis/build-mbedtls-osx.sh deleted file mode 100755 index dc92aaf..000 --- a/.travis/build-mbedtls-osx.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh - -if [ ! -f download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz ]; then - wget -O download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz https://tls.mbed.org/download/mbedtls-${MBEDTLS_VERSION}-apache.tgz; -fi - -tar zxf download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz -cd mbedtls-${MBEDTLS_VERSION} && make > build.log 2>&1 || (cat build.log && exit 1) -make install DESTDIR=$MBEDTLS_PREFIX && cd .. diff --git a/.travis/build-openssl-linux.sh b/.travis/build-openssl-linux.sh deleted file mode 100755 index 84f4aae..000 --- a/.travis/build-openssl-linux.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh - -if [ ! -f download-cache/openssl-${OPENSSL_VERSION}.tar.gz ]; then - wget -O download-cache/openssl-${OPENSSL_VERSION}.tar.gz https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz; -fi - -tar zxf download-cache/openssl-${OPENSSL_VERSION}.tar.gz -cd openssl-${OPENSSL_VERSION}/ -./config shared --prefix=$OPENSSL_PREFIX -DPURIFY > build.log 2>&1 || (cat build.log && exit 1) -make > build.log 2>&1 || (cat build.log && exit 1) -make install_sw > build.log 2>&1 || (cat build.log && exit 1) -cd .. diff --git a/.travis/build-openssl-osx.sh b/.travis/build-openssl-osx.sh deleted file mode 100755 index 61c8016..000 --- a/.travis/build-openssl-osx.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -if [ ! -f download-cache/openssl-${OPENSSL_VERSION}.tar.gz ]; then -wget -O download-cache/openssl-${OPENSSL_VERSION}.tar.gz https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz; -fi - -tar zxf download-cache/openssl-${OPENSSL_VERSION}.tar.gz -cd openssl-${OPENSSL_VERSION}/ -./Configure darwin64-x86_64-cc shared --prefix=$OPENSSL_PREFIX -DPURIFY > build.log 2>&1 || (cat build.log && exit 1) -make depend install > build.log 2>&1 || (cat build.log && exit 1) -cd .. -- 2.5.5 -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] travis-ci: add "make distcheck" to test scenario, V2
in rare cases openvpn is built from tarball, it happens during "installer build" process. "make distcheck" helps to prevent problems during such builds. V2: limit "make distcheck" to one build configuration Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> --- .travis.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index a68374a..3c0aa7d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -33,7 +33,7 @@ matrix: - env: SSLLIB="mbedtls" os: linux compiler: clang -- env: SSLLIB="openssl" EXTRA_CONFIG="--disable-crypto" +- env: SSLLIB="openssl" EXTRA_CONFIG="--disable-crypto" EXTRA_SCRIPT="make distcheck" os: linux compiler: clang - env: SSLLIB="openssl" EXTRA_CONFIG="--disable-lzo" @@ -84,3 +84,4 @@ script: - if [ "${TRAVIS_OS_NAME}" = "linux" ]; then ldd src/openvpn/openvpn; fi - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then otool -L src/openvpn/openvpn; fi - make check + - $EXTRA_SCRIPT -- 2.5.5 -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] travis-ci: add "make distcheck" to test scenario
in rare cases openvpn is built from tarball, it happens during "installer build" process. "make distcheck" helps to prevent problems during such builds. Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index a68374a..6ebfa39 100644 --- a/.travis.yml +++ b/.travis.yml @@ -79,6 +79,7 @@ script: - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then export DYLD_LIBRARY_PATH="${PREFIX}/lib:${DYLD_LIBRARY_PATH}"; fi - autoreconf -vi - ./configure --with-crypto-library="${SSLLIB}" ${EXTRA_CONFIG} || (cat config.log && exit 1) + - make distcheck > build.log 2>&1 || (cat build.log && exit 1) - make -j$JOBS - src/openvpn/openvpn --version || true - if [ "${TRAVIS_OS_NAME}" = "linux" ]; then ldd src/openvpn/openvpn; fi -- 2.5.5 -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] v2, add PR template in order to simplify new developers cooperate properly if they open PR. discussed here: https://sourceforge.net/p/openvpn/mailman/message/35601310/
v2: @mattock has changed links and provided an example of "git send-email" --- .github/PULL_REQUEST_TEMPLATE.md | 15 +++ 1 file changed, 15 insertions(+) create mode 100644 .github/PULL_REQUEST_TEMPLATE.md diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 000..a8653d8 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,15 @@ +# Thank you for your contribution + +You are welcome to open PR, but they are used for discussion only. All +patches must eventually go to the openvpn-devel mailing list for review: + +* https://lists.sourceforge.net/lists/listinfo/openvpn-devel + +Please send your patch using [git-send-email](https://git-scm.com/docs/git-send-email). For example to send your latest commit to the list: + +$ git send-email --to=openvpn-devel@lists.sourceforge.net HEAD~1 + +For details, see these Wiki articles: + +* https://community.openvpn.net/openvpn/wiki/Contributing +* https://community.openvpn.net/openvpn/wiki/DeveloperDocumentation -- 2.5.5 -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] Resolve several travis-ci issues
MBEDTLS_VERSION, OPENSSL_VERSION were defined twice - in both .travis.yml and .travis/build-deps.sh files, the last one defined OPENSSL_VERSION via nonexistent OPENSSL_VERION variable, which lead us to use openssl-1.0.1 instead of openssl-1.0.2, I removed variable definition from build-deps.sh "cache: [ apt: true ]" is not a travis supported option, it was introduced by mistake, I removed it LD_LIBRARY_PATH was defined for the entire test run, it includes custom openssl build, which was picked by "wget", so "wget" could not verify SSL cert at https://www.openssl.org sometimes. We do not want wget to pick our custom LD_LIBRARY_PATH, so I moved that variable to "script" section LD_LIBRARY_PATH was defined for both linux and osx environments, for the second DYLD_LIBRARY_PATH must be defined instead v2: Upgrade openssl, mbedtls to the most recent versions v3: DYLD_LIBRARY_PATH was defined via LD_LIBRARY_PATH by mistake --- .travis.yml | 8 .travis/build-deps.sh | 2 -- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.travis.yml b/.travis.yml index 369db97..a68374a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -12,13 +12,12 @@ env: global: - JOBS=3 - PREFIX="${HOME}/opt" -- MBEDTLS_VERSION="2.2.1" +- MBEDTLS_VERSION="2.4.0" - MBEDTLS_CFLAGS="-I${PREFIX}/include" - MBEDTLS_LIBS="-L${PREFIX}/lib -lmbedtls -lmbedx509 -lmbedcrypto" -- OPENSSL_VERSION="1.0.1t" +- OPENSSL_VERSION="1.0.2k" - OPENSSL_CFLAGS="-I${PREFIX}/include" - OPENSSL_LIBS="-L${PREFIX}/lib -lssl -lcrypto" -- LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH}" matrix: include: @@ -63,7 +62,6 @@ addons: - linux-libc-dev cache: - apt: true ccache: true directories: - download-cache @@ -77,6 +75,8 @@ install: - .travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log && exit 1) script: + - if [ "${TRAVIS_OS_NAME}" = "linux" ]; then export LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH}"; fi + - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then export DYLD_LIBRARY_PATH="${PREFIX}/lib:${DYLD_LIBRARY_PATH}"; fi - autoreconf -vi - ./configure --with-crypto-library="${SSLLIB}" ${EXTRA_CONFIG} || (cat config.log && exit 1) - make -j$JOBS diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index bda54ee..3ffba0b 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -2,8 +2,6 @@ set -eux # Set defaults -MBEDTLS_VERSION="${MBEDTLS_VERSION:-2.2.1}" -OPENSSL_VERSION="${OPENSSL_VERION:-1.0.2h}" PREFIX="${PREFIX:-${HOME}/opt}" download_mbedtls () { -- 2.5.5 -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] Resolve several travis-ci issues
MBEDTLS_VERSION, OPENSSL_VERSION were defined twice - in both .travis.yml and .travis/build-deps.sh files, the last one defined OPENSSL_VERSION via nonexistent OPENSSL_VERION variable, which lead us to use openssl-1.0.1 instead of openssl-1.0.2, I removed variable definition from build-deps.sh "cache: [ apt: true ]" is not a travis supported option, it was introduced by mistake, I removed it LD_LIBRARY_PATH was defined for the entire test run, it includes custom openssl build, which was picked by "wget", so "wget" could not verify SSL cert at https://www.openssl.org sometimes. We do not want wget to pick our custom LD_LIBRARY_PATH, so I moved that variable to "script" section LD_LIBRARY_PATH was defined for both linux and osx environments, for the second DYLD_LIBRARY_PATH must be defined instead v2: Upgrade openssl, mbedtls to the most recent versions --- .travis.yml | 8 .travis/build-deps.sh | 2 -- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.travis.yml b/.travis.yml index 369db97..9741d6d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -12,13 +12,12 @@ env: global: - JOBS=3 - PREFIX="${HOME}/opt" -- MBEDTLS_VERSION="2.2.1" +- MBEDTLS_VERSION="2.4.0" - MBEDTLS_CFLAGS="-I${PREFIX}/include" - MBEDTLS_LIBS="-L${PREFIX}/lib -lmbedtls -lmbedx509 -lmbedcrypto" -- OPENSSL_VERSION="1.0.1t" +- OPENSSL_VERSION="1.0.2k" - OPENSSL_CFLAGS="-I${PREFIX}/include" - OPENSSL_LIBS="-L${PREFIX}/lib -lssl -lcrypto" -- LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH}" matrix: include: @@ -63,7 +62,6 @@ addons: - linux-libc-dev cache: - apt: true ccache: true directories: - download-cache @@ -77,6 +75,8 @@ install: - .travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log && exit 1) script: + - if [ "${TRAVIS_OS_NAME}" = "linux" ]; then export LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH}"; fi + - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then export DYLD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH}"; fi - autoreconf -vi - ./configure --with-crypto-library="${SSLLIB}" ${EXTRA_CONFIG} || (cat config.log && exit 1) - make -j$JOBS diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index bda54ee..3ffba0b 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -2,8 +2,6 @@ set -eux # Set defaults -MBEDTLS_VERSION="${MBEDTLS_VERSION:-2.2.1}" -OPENSSL_VERSION="${OPENSSL_VERION:-1.0.2h}" PREFIX="${PREFIX:-${HOME}/opt}" download_mbedtls () { -- 2.5.5 -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] Resolve several travis-ci issues
MBEDTLS_VERSION, OPENSSL_VERSION were defined twice - in both .travis.yml and .travis/build-deps.sh files, the last one defined OPENSSL_VERSION via nonexistent OPENSSL_VERION variable, which lead us to use openssl-1.0.1 instead of openssl-1.0.2, I removed variable definition from build-deps.sh "cache: [ apt: true ]" is not a travis supported option, it was introduced by mistake, I removed it LD_LIBRARY_PATH was defined for the entire test run, it includes custom openssl build, which was picked by "wget", so "wget" could not verify SSL cert at https://www.openssl.org sometimes. We do not want wget to pick our custom LD_LIBRARY_PATH, so I moved that variable to "script" section LD_LIBRARY_PATH was defined for both linux and osx environments, for the second DYLD_LIBRARY_PATH must be defined instead v2: Upgrade openssl, mbedtls to the most recent versions --- .travis.yml | 7 +++ .travis/build-deps.sh | 2 -- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/.travis.yml b/.travis.yml index 369db97..dd340f5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -12,13 +12,12 @@ env: global: - JOBS=3 - PREFIX="${HOME}/opt" -- MBEDTLS_VERSION="2.2.1" +- MBEDTLS_VERSION="2.4.0" - MBEDTLS_CFLAGS="-I${PREFIX}/include" - MBEDTLS_LIBS="-L${PREFIX}/lib -lmbedtls -lmbedx509 -lmbedcrypto" -- OPENSSL_VERSION="1.0.1t" +- OPENSSL_VERSION="1.0.2k" - OPENSSL_CFLAGS="-I${PREFIX}/include" - OPENSSL_LIBS="-L${PREFIX}/lib -lssl -lcrypto" -- LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH}" matrix: include: @@ -63,7 +62,6 @@ addons: - linux-libc-dev cache: - apt: true ccache: true directories: - download-cache @@ -77,6 +75,7 @@ install: - .travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log && exit 1) script: + - export LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH}" - autoreconf -vi - ./configure --with-crypto-library="${SSLLIB}" ${EXTRA_CONFIG} || (cat config.log && exit 1) - make -j$JOBS diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index bda54ee..3ffba0b 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -2,8 +2,6 @@ set -eux # Set defaults -MBEDTLS_VERSION="${MBEDTLS_VERSION:-2.2.1}" -OPENSSL_VERSION="${OPENSSL_VERION:-1.0.2h}" PREFIX="${PREFIX:-${HOME}/opt}" download_mbedtls () { -- 2.5.5 -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] Resolve several travis-ci issues
MBEDTLS_VERSION, OPENSSL_VERSION were defined twice - in both .travis.yml and .travis/build-deps.sh files, the last one defined OPENSSL_VERSION via nonexistent OPENSSL_VERION variable, which lead us to use openssl-1.0.1 instead of openssl-1.0.2, I removed variable definition from build-deps.sh "cache: [ apt: true ]" is not a travis supported option, it was introduced by mistake, I removed it LD_LIBRARY_PATH was defined for the entire test run, it includes custom openssl build, which was picked by "wget", so "wget" could not verify SSL cert at https://www.openssl.org sometimes. We do not want wget to pick our custom LD_LIBRARY_PATH, so I moved that variable to "script" section LD_LIBRARY_PATH was defined for both linux and osx environments, for the second DYLD_LIBRARY_PATH must be defined instead --- .travis.yml | 3 +-- .travis/build-deps.sh | 2 -- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index 369db97..f3727fa 100644 --- a/.travis.yml +++ b/.travis.yml @@ -18,7 +18,6 @@ env: - OPENSSL_VERSION="1.0.1t" - OPENSSL_CFLAGS="-I${PREFIX}/include" - OPENSSL_LIBS="-L${PREFIX}/lib -lssl -lcrypto" -- LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH}" matrix: include: @@ -63,7 +62,6 @@ addons: - linux-libc-dev cache: - apt: true ccache: true directories: - download-cache @@ -77,6 +75,7 @@ install: - .travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log && exit 1) script: + - export LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH}" - autoreconf -vi - ./configure --with-crypto-library="${SSLLIB}" ${EXTRA_CONFIG} || (cat config.log && exit 1) - make -j$JOBS diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh index bda54ee..3ffba0b 100755 --- a/.travis/build-deps.sh +++ b/.travis/build-deps.sh @@ -2,8 +2,6 @@ set -eux # Set defaults -MBEDTLS_VERSION="${MBEDTLS_VERSION:-2.2.1}" -OPENSSL_VERSION="${OPENSSL_VERION:-1.0.2h}" PREFIX="${PREFIX:-${HOME}/opt}" download_mbedtls () { -- 2.5.5 -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] cppcheck finding: add "ASSERT( maxoutput > 0 || separator != NULL )" to prevent possible null pointer derefence
--- src/openvpn/buffer.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c index 52c6ab9..57bded9 100644 --- a/src/openvpn/buffer.c +++ b/src/openvpn/buffer.c @@ -438,10 +438,12 @@ format_hex_ex (const uint8_t *data, int size, int maxoutput, unsigned int space_break_flags, const char* separator, struct gc_arena *gc) { - struct buffer out = alloc_buf_gc (maxoutput ? maxoutput : + int i; + struct buffer out; + ASSERT( maxoutput > 0 || separator != NULL ); + out = alloc_buf_gc (maxoutput ? maxoutput : ((size * 2) + (size / (space_break_flags & FHE_SPACE_BREAK_MASK)) * (int) strlen (separator) + 2), gc); - int i; for (i = 0; i < size; ++i) { if (separator && i && !(i % (space_break_flags & FHE_SPACE_BREAK_MASK))) -- 2.5.5 -- ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] enable "--disable-crypto" build configuration
--- .travis.yml | 4 1 file changed, 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index 452c48e..369db97 100644 --- a/.travis.yml +++ b/.travis.yml @@ -51,10 +51,6 @@ matrix: os: osx osx_image: xcode7.3 compiler: clang - allow_failures: -- env: SSLLIB="openssl" EXTRA_CONFIG="--disable-crypto" - os: linux - compiler: clang exclude: - compiler: gcc -- 2.5.5 -- ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] travis-ci refactor by Steffan Karger
From: Steffan KargerSigned-off-by: Steffan Karger --- .travis.yml | 63 -- .travis/build-deps.sh | 85 +++ 2 files changed, 119 insertions(+), 29 deletions(-) create mode 100755 .travis/build-deps.sh diff --git a/.travis.yml b/.travis.yml index 6f719a1..452c48e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -11,43 +11,49 @@ compiler: env: global: - JOBS=3 -- MBEDTLS_VERSION=2.2.1 -- MBEDTLS_PREFIX=~/opt/mbedtls -- MBEDTLS_LIBS="-L$MBEDTLS_PREFIX/lib -lmbedtls -lmbedx509 -lmbedcrypto" -- MBEDTLS_CFLAGS="-I$MBEDTLS_PREFIX/include" -- OPENSSL_VERSION=1.0.1t -- OPENSSL_PREFIX=~/opt/openssl -- OPENSSL_LIB=$OPENSSL_PREFIX/lib -- OPENSSL_INC=$OPENSSL_PREFIX/include -- OPENSSL_CFLAGS="-I$OPENSSL_PREFIX/include" -- OPENSSL_LIBS="-L$OPENSSL_PREFIX/lib -lssl -lcrypto" +- PREFIX="${HOME}/opt" +- MBEDTLS_VERSION="2.2.1" +- MBEDTLS_CFLAGS="-I${PREFIX}/include" +- MBEDTLS_LIBS="-L${PREFIX}/lib -lmbedtls -lmbedx509 -lmbedcrypto" +- OPENSSL_VERSION="1.0.1t" +- OPENSSL_CFLAGS="-I${PREFIX}/include" +- OPENSSL_LIBS="-L${PREFIX}/lib -lssl -lcrypto" +- LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH}" matrix: include: -- env: CONFIG="--with-crypto-library=openssl" +- env: SSLLIB="openssl" + os: linux compiler: gcc -- env: CONFIG="--with-crypto-library=openssl" +- env: SSLLIB="openssl" + os: linux compiler: clang -- env: CONFIG="--with-crypto-library=mbedtls" +- env: SSLLIB="mbedtls" + os: linux compiler: gcc -- env: CONFIG="--with-crypto-library=mbedtls" +- env: SSLLIB="mbedtls" + os: linux compiler: clang -- env: CONFIG="--with-crypto-library=openssl --disable-crypto" +- env: SSLLIB="openssl" EXTRA_CONFIG="--disable-crypto" + os: linux compiler: clang -- env: CONFIG="--with-crypto-library=openssl --disable-lzo" +- env: SSLLIB="openssl" EXTRA_CONFIG="--disable-lzo" + os: linux compiler: clang -- env: CONFIG="--with-crypto-library=openssl --enable-small" +- env: SSLLIB="openssl" EXTRA_CONFIG="--enable-small" + os: linux compiler: clang -- env: CONFIG="--with-crypto-library=openssl" +- env: SSLLIB="openssl" os: osx osx_image: xcode7.3 compiler: clang -- env: CONFIG="--with-crypto-library=mbedtls" +- env: SSLLIB="mbedtls" os: osx osx_image: xcode7.3 compiler: clang allow_failures: -- env: CONFIG="--with-crypto-library=openssl --disable-crypto" +- env: SSLLIB="openssl" EXTRA_CONFIG="--disable-crypto" + os: linux compiler: clang exclude: - compiler: gcc @@ -65,21 +71,20 @@ cache: ccache: true directories: - download-cache + - ${HOME}/opt before_install: - - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew update ; fi - - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew install lzo; fi + - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then brew update ; fi + - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then brew install lzo; fi install: - - mkdir ~/bin && ln -s $(which ccache) ~/bin/$CC && export PATH=$HOME/bin:$PATH - - if [ ! -d download-cache ]; then mkdir download-cache; fi - - if [[ $CONFIG == *"--with-crypto-library=openssl"* ]]; then .travis/build-openssl-${TRAVIS_OS_NAME}.sh; fi - - if [[ $CONFIG == *"--with-crypto-library=mbedtls"* ]]; then .travis/build-mbedtls-${TRAVIS_OS_NAME}.sh; fi + - .travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log && exit 1) script: - autoreconf -vi - - ./configure $CONFIG || (cat config.log && exit 1) + - ./configure --with-crypto-library="${SSLLIB}" ${EXTRA_CONFIG} || (cat config.log && exit 1) - make -j$JOBS - - if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then ldd src/openvpn/openvpn; fi - - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then otool -L src/openvpn/openvpn; fi + - src/openvpn/openvpn --version || true + - if [ "${TRAVIS_OS_NAME}" = "linux" ]; then ldd src/openvpn/openvpn; fi + - if [ "${TRAVIS_OS_NAME}" = "osx" ]; then otool -L src/openvpn/openvpn; fi - make check diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh new file mode 100755 index 000..bda54ee --- /dev/null +++ b/.travis/build-deps.sh @@ -0,0 +1,85 @@ +#!/bin/sh +set -eux + +# Set defaults +MBEDTLS_VERSION="${MBEDTLS_VERSION:-2.2.1}" +OPENSSL_VERSION="${OPENSSL_VERION:-1.0.2h}" +PREFIX="${PREFIX:-${HOME}/opt}" + +download_mbedtls () { +if [ ! -f "download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz" ]; then +wget -P download-cache/ \ + "https://tls.mbed.org/download/mbedtls-${MBEDTLS_VERSION}-apache.tgz; +fi +} + +build_mbedtls () { +if [ "$(cat ${PREFIX}/.mbedtls-version)" != "${MBEDTLS_VERSION}" ]; then +tar zxf download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz +( +
[Openvpn-devel] [PATCH] initial travis-ci support
--- .travis.yml| 85 ++ .travis/build-mbedtls-linux.sh | 10 + .travis/build-mbedtls-osx.sh | 9 + .travis/build-openssl-linux.sh | 12 ++ .travis/build-openssl-osx.sh | 11 ++ 5 files changed, 127 insertions(+) create mode 100644 .travis.yml create mode 100755 .travis/build-mbedtls-linux.sh create mode 100755 .travis/build-mbedtls-osx.sh create mode 100755 .travis/build-openssl-linux.sh create mode 100755 .travis/build-openssl-osx.sh diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 000..6f719a1 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,85 @@ +sudo: required +dist: trusty + +os: linux + +language: c + +compiler: + - gcc + +env: + global: +- JOBS=3 +- MBEDTLS_VERSION=2.2.1 +- MBEDTLS_PREFIX=~/opt/mbedtls +- MBEDTLS_LIBS="-L$MBEDTLS_PREFIX/lib -lmbedtls -lmbedx509 -lmbedcrypto" +- MBEDTLS_CFLAGS="-I$MBEDTLS_PREFIX/include" +- OPENSSL_VERSION=1.0.1t +- OPENSSL_PREFIX=~/opt/openssl +- OPENSSL_LIB=$OPENSSL_PREFIX/lib +- OPENSSL_INC=$OPENSSL_PREFIX/include +- OPENSSL_CFLAGS="-I$OPENSSL_PREFIX/include" +- OPENSSL_LIBS="-L$OPENSSL_PREFIX/lib -lssl -lcrypto" + +matrix: + include: +- env: CONFIG="--with-crypto-library=openssl" + compiler: gcc +- env: CONFIG="--with-crypto-library=openssl" + compiler: clang +- env: CONFIG="--with-crypto-library=mbedtls" + compiler: gcc +- env: CONFIG="--with-crypto-library=mbedtls" + compiler: clang +- env: CONFIG="--with-crypto-library=openssl --disable-crypto" + compiler: clang +- env: CONFIG="--with-crypto-library=openssl --disable-lzo" + compiler: clang +- env: CONFIG="--with-crypto-library=openssl --enable-small" + compiler: clang +- env: CONFIG="--with-crypto-library=openssl" + os: osx + osx_image: xcode7.3 + compiler: clang +- env: CONFIG="--with-crypto-library=mbedtls" + os: osx + osx_image: xcode7.3 + compiler: clang + allow_failures: +- env: CONFIG="--with-crypto-library=openssl --disable-crypto" + compiler: clang + exclude: +- compiler: gcc + +addons: + apt: +packages: + - liblzo2-dev + - libpam0g-dev + - liblz4-dev + - linux-libc-dev + +cache: + apt: true + ccache: true + directories: + - download-cache + +before_install: + - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew update ; fi + - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew install lzo; fi + +install: + - mkdir ~/bin && ln -s $(which ccache) ~/bin/$CC && export PATH=$HOME/bin:$PATH + - if [ ! -d download-cache ]; then mkdir download-cache; fi + - if [[ $CONFIG == *"--with-crypto-library=openssl"* ]]; then .travis/build-openssl-${TRAVIS_OS_NAME}.sh; fi + - if [[ $CONFIG == *"--with-crypto-library=mbedtls"* ]]; then .travis/build-mbedtls-${TRAVIS_OS_NAME}.sh; fi + +script: + - autoreconf -vi + - ./configure $CONFIG || (cat config.log && exit 1) + - make -j$JOBS + - if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then ldd src/openvpn/openvpn; fi + - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then otool -L src/openvpn/openvpn; fi + - make check diff --git a/.travis/build-mbedtls-linux.sh b/.travis/build-mbedtls-linux.sh new file mode 100755 index 000..c21f4e6 --- /dev/null +++ b/.travis/build-mbedtls-linux.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +if [ ! -f download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz ]; then + wget -O download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz https://tls.mbed.org/download/mbedtls-${MBEDTLS_VERSION}-apache.tgz; +fi + +tar zxf download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz +cd mbedtls-${MBEDTLS_VERSION} && make > build.log 2>&1 || (cat build.log && exit 1) +make install DESTDIR=$MBEDTLS_PREFIX && cd .. + diff --git a/.travis/build-mbedtls-osx.sh b/.travis/build-mbedtls-osx.sh new file mode 100755 index 000..e7f07ea --- /dev/null +++ b/.travis/build-mbedtls-osx.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +if [ ! -f download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz ]; then + wget -O download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz https://tls.mbed.org/download/mbedtls-${MBEDTLS_VERSION}-apache.tgz; +fi + +tar zxf download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz +cd mbedtls-${MBEDTLS_VERSION} && make > build.log 2>&1 || (cat build.log && exit 1) +make install DESTDIR=$MBEDTLS_PREFIX && cd .. diff --git a/.travis/build-openssl-linux.sh b/.travis/build-openssl-linux.sh new file mode 100755 index 000..931e2c9 --- /dev/null +++ b/.travis/build-openssl-linux.sh @@ -0,0 +1,12 @@ +#!/bin/sh + +if [ ! -f download-cache/openssl-${OPENSSL_VERSION}.tar.gz ]; then + wget -O download-cache/openssl-${OPENSSL_VERSION}.tar.gz https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz; +fi + +tar zxf download-cache/openssl-${OPENSSL_VERSION}.tar.gz +cd openssl-${OPENSSL_VERSION}/ +./config shared --prefix=$OPENSSL_PREFIX -DPURIFY > build.log 2>&1 || (cat
[Openvpn-devel] [PATCH] initial travis-ci support
--- .travis.yml| 85 ++ .travis/build-mbedtls-linux.sh | 10 + .travis/build-mbedtls-osx.sh | 9 + .travis/build-openssl-linux.sh | 12 ++ .travis/build-openssl-osx.sh | 11 ++ 5 files changed, 127 insertions(+) create mode 100644 .travis.yml create mode 100755 .travis/build-mbedtls-linux.sh create mode 100755 .travis/build-mbedtls-osx.sh create mode 100755 .travis/build-openssl-linux.sh create mode 100755 .travis/build-openssl-osx.sh diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 000..6f719a1 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,85 @@ +sudo: required +dist: trusty + +os: linux + +language: c + +compiler: + - gcc + +env: + global: +- JOBS=3 +- MBEDTLS_VERSION=2.2.1 +- MBEDTLS_PREFIX=~/opt/mbedtls +- MBEDTLS_LIBS="-L$MBEDTLS_PREFIX/lib -lmbedtls -lmbedx509 -lmbedcrypto" +- MBEDTLS_CFLAGS="-I$MBEDTLS_PREFIX/include" +- OPENSSL_VERSION=1.0.1t +- OPENSSL_PREFIX=~/opt/openssl +- OPENSSL_LIB=$OPENSSL_PREFIX/lib +- OPENSSL_INC=$OPENSSL_PREFIX/include +- OPENSSL_CFLAGS="-I$OPENSSL_PREFIX/include" +- OPENSSL_LIBS="-L$OPENSSL_PREFIX/lib -lssl -lcrypto" + +matrix: + include: +- env: CONFIG="--with-crypto-library=openssl" + compiler: gcc +- env: CONFIG="--with-crypto-library=openssl" + compiler: clang +- env: CONFIG="--with-crypto-library=mbedtls" + compiler: gcc +- env: CONFIG="--with-crypto-library=mbedtls" + compiler: clang +- env: CONFIG="--with-crypto-library=openssl --disable-crypto" + compiler: clang +- env: CONFIG="--with-crypto-library=openssl --disable-lzo" + compiler: clang +- env: CONFIG="--with-crypto-library=openssl --enable-small" + compiler: clang +- env: CONFIG="--with-crypto-library=openssl" + os: osx + osx_image: xcode7.3 + compiler: clang +- env: CONFIG="--with-crypto-library=mbedtls" + os: osx + osx_image: xcode7.3 + compiler: clang + allow_failures: +- env: CONFIG="--with-crypto-library=openssl --disable-crypto" + compiler: clang + exclude: +- compiler: gcc + +addons: + apt: +packages: + - liblzo2-dev + - libpam0g-dev + - liblz4-dev + - linux-libc-dev + +cache: + apt: true + ccache: true + directories: + - download-cache + +before_install: + - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew update ; fi + - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew install lzo; fi + +install: + - mkdir ~/bin && ln -s $(which ccache) ~/bin/$CC && export PATH=$HOME/bin:$PATH + - if [ ! -d download-cache ]; then mkdir download-cache; fi + - if [[ $CONFIG == *"--with-crypto-library=openssl"* ]]; then .travis/build-openssl-${TRAVIS_OS_NAME}.sh; fi + - if [[ $CONFIG == *"--with-crypto-library=mbedtls"* ]]; then .travis/build-mbedtls-${TRAVIS_OS_NAME}.sh; fi + +script: + - autoreconf -vi + - ./configure $CONFIG || (cat config.log && exit 1) + - make -j$JOBS + - if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then ldd src/openvpn/openvpn; fi + - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then otool -L src/openvpn/openvpn; fi + - make check diff --git a/.travis/build-mbedtls-linux.sh b/.travis/build-mbedtls-linux.sh new file mode 100755 index 000..c21f4e6 --- /dev/null +++ b/.travis/build-mbedtls-linux.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +if [ ! -f download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz ]; then + wget -O download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz https://tls.mbed.org/download/mbedtls-${MBEDTLS_VERSION}-apache.tgz; +fi + +tar zxf download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz +cd mbedtls-${MBEDTLS_VERSION} && make > build.log 2>&1 || (cat build.log && exit 1) +make install DESTDIR=$MBEDTLS_PREFIX && cd .. + diff --git a/.travis/build-mbedtls-osx.sh b/.travis/build-mbedtls-osx.sh new file mode 100755 index 000..e7f07ea --- /dev/null +++ b/.travis/build-mbedtls-osx.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +if [ ! -f download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz ]; then + wget -O download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz https://tls.mbed.org/download/mbedtls-${MBEDTLS_VERSION}-apache.tgz; +fi + +tar zxf download-cache/mbedtls-${MBEDTLS_VERSION}-apache.tgz +cd mbedtls-${MBEDTLS_VERSION} && make > build.log 2>&1 || (cat build.log && exit 1) +make install DESTDIR=$MBEDTLS_PREFIX && cd .. diff --git a/.travis/build-openssl-linux.sh b/.travis/build-openssl-linux.sh new file mode 100755 index 000..931e2c9 --- /dev/null +++ b/.travis/build-openssl-linux.sh @@ -0,0 +1,12 @@ +#!/bin/sh + +if [ ! -f download-cache/openssl-${OPENSSL_VERSION}.tar.gz ]; then + wget -O download-cache/openssl-${OPENSSL_VERSION}.tar.gz https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz; +fi + +tar zxf download-cache/openssl-${OPENSSL_VERSION}.tar.gz +cd openssl-${OPENSSL_VERSION}/ +./config shared --prefix=$OPENSSL_PREFIX -DPURIFY > build.log 2>&1 || (cat