summaryrefslogtreecommitdiffstats
path: root/.github
diff options
context:
space:
mode:
Diffstat (limited to '.github')
-rw-r--r--.github/workflows/build.yml299
-rw-r--r--.github/workflows/cflite_batch.yaml30
-rw-r--r--.github/workflows/cflite_cron.yaml19
-rw-r--r--.github/workflows/codeql-analysis.yml47
-rw-r--r--.github/workflows/interop.yml28
5 files changed, 423 insertions, 0 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 0000000..0c2abfc
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,299 @@
+name: build
+
+on: [push, pull_request]
+
+jobs:
+ build:
+ strategy:
+ matrix:
+ os: [ubuntu-22.04, macos-11]
+ compiler: [gcc, clang]
+ buildtool: [autotools, distcheck, cmake]
+ openssl: [openssl1, openssl3]
+ sockaddr: [native-sockaddr, generic-sockaddr]
+ exclude:
+ - os: macos-11
+ buildtool: distcheck
+ - compiler: gcc
+ buildtool: distcheck
+ - openssl: openssl3
+ buildtool: distcheck
+ - compiler: gcc
+ sockaddr: generic-sockaddr
+ - openssl: openssl3
+ sockaddr: generic-sockaddr
+ - buildtool: distcheck
+ sockaddr: generic-sockaddr
+ - buildtool: cmake
+ sockaddr: generic-sockaddr
+ - os: macos-11
+ compiler: gcc
+ - os: macos-11
+ openssl: openssl3
+
+ runs-on: ${{ matrix.os }}
+
+ steps:
+ - uses: actions/checkout@v3
+ - name: Startup
+ run: |
+ echo 'NGTCP2_SOURCE_DIR='"$PWD" >> $GITHUB_ENV
+ - name: Linux setup
+ if: runner.os == 'Linux'
+ run: |
+ sudo apt-get update
+ sudo apt-get install \
+ g++-12 \
+ clang-14 \
+ autoconf \
+ automake \
+ autotools-dev \
+ libtool \
+ pkg-config \
+ libcunit1-dev \
+ libssl-dev \
+ libev-dev \
+ libgnutls28-dev \
+ cmake \
+ cmake-data \
+ python3-pytest
+
+ echo 'NPROC='"$(nproc)" >> $GITHUB_ENV
+ - name: MacOS setup
+ if: runner.os == 'macOS'
+ run: |
+ brew install libev gnutls cunit autoconf automake pkg-config libtool
+
+ echo 'NPROC='"$(sysctl -n hw.ncpu)" >> $GITHUB_ENV
+ - name: Setup clang (Linux)
+ if: runner.os == 'Linux' && matrix.compiler == 'clang'
+ run: |
+ echo 'CC=clang-14' >> $GITHUB_ENV
+ echo 'CXX=clang++-14' >> $GITHUB_ENV
+ - name: Setup clang (MacOS)
+ if: runner.os == 'macOS' && matrix.compiler == 'clang'
+ run: |
+ echo 'CC=clang' >> $GITHUB_ENV
+ echo 'CXX=clang++' >> $GITHUB_ENV
+ - name: Setup gcc
+ if: runner.os == 'Linux' && matrix.compiler == 'gcc'
+ run: |
+ echo 'CC=gcc-12' >> $GITHUB_ENV
+ echo 'CXX=g++-12' >> $GITHUB_ENV
+ - name: Build OpenSSL v1.1.1
+ if: matrix.openssl == 'openssl1'
+ run: |
+ ./ci/build_openssl1.sh
+ - name: Build OpenSSL v3.0.x
+ if: matrix.openssl == 'openssl3'
+ run: |
+ ./ci/build_openssl3.sh
+ - name: Build BoringSSL
+ run: |
+ ./ci/build_boringssl.sh
+ - name: Build Picotls
+ run: |
+ ./ci/build_picotls.sh
+ - name: Build wolfSSL
+ run: |
+ ./ci/build_wolfssl.sh
+ - name: Build nghttp3
+ run: |
+ ./ci/build_nghttp3.sh
+ - name: Setup environment variables
+ run: |
+ PKG_CONFIG_PATH="$PWD/openssl/build/lib/pkgconfig:$PWD/openssl/build/lib64/pkgconfig:$PWD/wolfssl/build/lib/pkgconfig:$PWD/nghttp3/build/lib/pkgconfig"
+ LDFLAGS="$EXTRA_LDFLAGS -Wl,-rpath,$PWD/openssl/build/lib -Wl,-rpath,$PWD/openssl/build/lib64"
+ BORINGSSL_CFLAGS="-I$PWD/boringssl/include/"
+ BORINGSSL_LIBS="-L$PWD/boringssl/build/ssl -lssl -L$PWD/boringssl/build/crypto -lcrypto"
+ PICOTLS_CFLAGS="-I$PWD/picotls/include/"
+ PICOTLS_LIBS="-L$PWD/picotls/build -lpicotls-openssl -lpicotls-core"
+
+ echo 'PKG_CONFIG_PATH='"$PKG_CONFIG_PATH" >> $GITHUB_ENV
+ echo 'LDFLAGS='"$LDFLAGS" >> $GITHUB_ENV
+ echo 'BORINGSSL_CFLAGS='"$BORINGSSL_CFLAGS" >> $GITHUB_ENV
+ echo 'BORINGSSL_LIBS='"$BORINGSSL_LIBS" >> $GITHUB_ENV
+ echo 'PICOTLS_CFLAGS='"$PICOTLS_CFLAGS" >> $GITHUB_ENV
+ echo 'PICOTLS_LIBS='"$PICOTLS_LIBS" >> $GITHUB_ENV
+ - name: Enable ASAN
+ if: runner.os == 'Linux'
+ run: |
+ asanflags="-fsanitize=address,undefined -fno-sanitize-recover=undefined"
+
+ LDFLAGS="$LDFLAGS $asanflags"
+ CFLAGS="$CFLAGS $asanflags -g3"
+ CXXFLAGS="$CXXFLAGS $asanflags -g3"
+
+ echo 'LDFLAGS='"$LDFLAGS" >> $GITHUB_ENV
+ echo 'CFLAGS='"$CFLAGS" >> $GITHUB_ENV
+ echo 'CXXFLAGS='"$CXXFLAGS" >> $GITHUB_ENV
+ - name: BoringSSL pthread requirement
+ if: runner.os == 'Linux'
+ run: |
+ BORINGSSL_LIBS="$BORINGSSL_LIBS -pthread"
+
+ echo 'BORINGSSL_LIBS='"$BORINGSSL_LIBS" >> $GITHUB_ENV
+ - name: Enable generic sockaddr
+ if: matrix.sockaddr == 'generic-sockaddr'
+ run: |
+ CFLAGS="$CFLAGS -DNGTCP2_USE_GENERIC_SOCKADDR"
+ EXTRA_AUTOTOOLS_OPTS="$EXTRA_AUTOTOOLS_OPTS --enable-lib-only"
+
+ echo 'CFLAGS='"$CFLAGS" >> $GITHUB_ENV
+ echo 'EXTRA_AUTOTOOLS_OPTS='"$EXTRA_AUTOTOOLS_OPTS" >> $GITHUB_ENV
+ - name: Configure autotools
+ if: matrix.buildtool == 'autotools'
+ run: |
+ autoreconf -i && \
+ ./configure --enable-werror \
+ --with-openssl --with-gnutls --with-boringssl --with-wolfssl \
+ --with-picotls \
+ $EXTRA_AUTOTOOLS_OPTS
+ - name: Configure autotools for distcheck
+ if: matrix.buildtool == 'distcheck'
+ run: |
+ autoreconf -i && ./configure
+ - name: Configure cmake
+ if: matrix.buildtool == 'cmake'
+ run: |
+ autoreconf -i && ./configure
+ make dist
+
+ VERSION=$(grep PACKAGE_VERSION config.h | cut -d' ' -f3 | tr -d '"')
+ tar xf ngtcp2-$VERSION.tar.gz
+ cd ngtcp2-$VERSION
+ mkdir build
+ cd build
+
+ echo 'NGTCP2_BUILD_DIR='"$PWD" >> $GITHUB_ENV
+
+ cmake $CMAKE_OPTS \
+ -DENABLE_GNUTLS=ON \
+ -DENABLE_BORINGSSL=ON \
+ -DBORINGSSL_LIBRARIES="$BORINGSSL_LIBS" \
+ -DBORINGSSL_INCLUDE_DIR="$NGTCP2_SOURCE_DIR/boringssl/include/" \
+ -DENABLE_PICOTLS=ON \
+ -DPICOTLS_LIBRARIES="$PICOTLS_LIBS" \
+ -DPICOTLS_INCLUDE_DIR="$NGTCP2_SOURCE_DIR/picotls/include/" \
+ -DENABLE_WOLFSSL=ON ..
+ - name: Build ngtcp2
+ if: matrix.buildtool != 'distcheck'
+ run: |
+ [ -n "$NGTCP2_BUILD_DIR" ] && cd "$NGTCP2_BUILD_DIR"
+ make -j"$NPROC"
+ make -j"$NPROC" check
+ - name: Build ngtcp2 with distcheck
+ if: matrix.buildtool == 'distcheck'
+ run: |
+ make -j"$NPROC" distcheck \
+ DISTCHECK_CONFIGURE_FLAGS="--enable-werror --with-openssl --with-gnutls --with-boringssl $EXTRA_AUTOTOOLS_OPTS"
+ - name: examples/tests
+ if: matrix.buildtool == 'autotools' && matrix.sockaddr == 'native-sockaddr' && runner.os == 'Linux'
+ run: |
+ cd examples/tests
+ # Do not run resumption and earlydata between gtlsserver and
+ # wsslclient until ubuntu gets GnuTLS v3.7.5.
+ #
+ # There is an issue around the ticket age validation between
+ # gtlsserver and bsslclient that causes early data test
+ # failure; see https://gitlab.com/gnutls/gnutls/-/issues/1403
+ pytest-3 -v -k 'not (gnutls-wolfssl and (resume or earlydata)) and not (gnutls-boringssl and earlydata)'
+ - name: Integration test
+ if: matrix.buildtool != 'distcheck' && matrix.sockaddr == 'native-sockaddr'
+ run: |
+ [ -n "$NGTCP2_BUILD_DIR" ] && cd "$NGTCP2_BUILD_DIR"
+ "$NGTCP2_SOURCE_DIR"/ci/gen-certificate.sh
+
+ CLIENTS="client gtlsclient bsslclient wsslclient ptlsclient"
+ SERVERS="server gtlsserver bsslserver wsslserver ptlsserver"
+
+ for client in $CLIENTS; do
+ for server in $SERVERS; do
+ echo "# $client - $server"
+ ./examples/$server localhost 4433 cert/server.key cert/server.crt > sv.log 2>&1 &
+ SVPID="$!"
+ ./examples/$client localhost 4433 https://localhost/ --exit-on-first-stream-close
+ kill -INT "$SVPID"
+ sleep 5
+ if wait "$SVPID"; then
+ cat sv.log
+ else
+ cat sv.log
+ exit 1
+ fi
+ done
+ done
+
+ build-cross:
+ strategy:
+ matrix:
+ host: [x86_64-w64-mingw32, i686-w64-mingw32]
+ include:
+ - host: x86_64-w64-mingw32
+ oscc: mingw64
+ - host: i686-w64-mingw32
+ oscc: mingw
+
+ runs-on: ubuntu-22.04
+
+ env:
+ HOST: ${{ matrix.host }}
+ OSCC: ${{ matrix.oscc }}
+
+ steps:
+ - uses: actions/checkout@v3
+ - name: Linux setup
+ run: |
+ sudo dpkg --add-architecture i386
+ sudo apt-get update
+ sudo apt-get install \
+ gcc-mingw-w64 \
+ autoconf \
+ automake \
+ autotools-dev \
+ libtool \
+ pkg-config \
+ wine
+ - name: Build OpenSSL v1.1.1
+ run: |
+ ./ci/build_openssl1_cross.sh
+ - name: Build CUnit
+ run: |
+ curl -LO https://jaist.dl.sourceforge.net/project/cunit/CUnit/2.1-3/CUnit-2.1-3.tar.bz2
+ tar xf CUnit-2.1-3.tar.bz2
+ cd CUnit-2.1-3
+ ./bootstrap
+ ./configure --disable-shared --host="$HOST" --prefix="$PWD/build"
+ make -j$(nproc) install
+ - name: Setup environment variables
+ run: |
+ PKG_CONFIG_PATH="$PWD/openssl/build/lib/pkgconfig:$PWD/CUnit-2.1-3/build/lib/pkgconfig"
+
+ echo 'PKG_CONFIG_PATH='"$PKG_CONFIG_PATH" >> $GITHUB_ENV
+ - name: Configure autotools
+ run: |
+ autoreconf -i && \
+ ./configure --enable-werror --with-openssl --with-cunit --host="$HOST"
+ - name: Build ngtcp2
+ run: |
+ make -j$(nproc)
+ make -j$(nproc) check TESTS=""
+ - name: Run tests
+ if: matrix.host == 'x86_64-w64-mingw32'
+ run: |
+ cd tests
+ wine main.exe
+
+ build-windows:
+ runs-on: windows-latest
+
+ steps:
+ - uses: actions/checkout@v3
+ - name: Configure cmake
+ run: |
+ mkdir build
+ cd build
+ cmake ..
+ - name: Build ngtcp2
+ run: |
+ cmake --build build
diff --git a/.github/workflows/cflite_batch.yaml b/.github/workflows/cflite_batch.yaml
new file mode 100644
index 0000000..3bda75d
--- /dev/null
+++ b/.github/workflows/cflite_batch.yaml
@@ -0,0 +1,30 @@
+name: ClusterFuzzLite batch fuzzing
+on:
+ schedule:
+ - cron: '0 0/6 * * *'
+permissions: read-all
+jobs:
+ BatchFuzzing:
+ runs-on: ubuntu-latest
+ strategy:
+ fail-fast: false
+ matrix:
+ sanitizer:
+ - address
+ - undefined
+ - memory
+ steps:
+ - name: Build Fuzzers (${{ matrix.sanitizer }})
+ id: build
+ uses: google/clusterfuzzlite/actions/build_fuzzers@v1
+ with:
+ language: c++
+ sanitizer: ${{ matrix.sanitizer }}
+ - name: Run Fuzzers (${{ matrix.sanitizer }})
+ id: run
+ uses: google/clusterfuzzlite/actions/run_fuzzers@v1
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ fuzz-seconds: 3600
+ mode: 'batch'
+ sanitizer: ${{ matrix.sanitizer }}
diff --git a/.github/workflows/cflite_cron.yaml b/.github/workflows/cflite_cron.yaml
new file mode 100644
index 0000000..d46a4da
--- /dev/null
+++ b/.github/workflows/cflite_cron.yaml
@@ -0,0 +1,19 @@
+name: ClusterFuzzLite cron tasks
+on:
+ schedule:
+ - cron: '0 0 * * *'
+permissions: read-all
+jobs:
+ Pruning:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Build Fuzzers
+ id: build
+ uses: google/clusterfuzzlite/actions/build_fuzzers@v1
+ - name: Run Fuzzers
+ id: run
+ uses: google/clusterfuzzlite/actions/run_fuzzers@v1
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ fuzz-seconds: 600
+ mode: 'prune'
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000..bb3510a
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,47 @@
+name: "Code scanning - action"
+
+on:
+ push:
+ pull_request:
+ schedule:
+ - cron: '0 6 * * *'
+
+jobs:
+ CodeQL-Build:
+
+ # CodeQL runs on ubuntu-latest and windows-latest
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v3
+ with:
+ # We must fetch at least the immediate parents so that if this is
+ # a pull request then we can checkout the head.
+ fetch-depth: 2
+
+ # Initializes the CodeQL tools for scanning.
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v2
+ # Override language selection by uncommenting this and choosing your languages
+ # with:
+ # languages: go, javascript, csharp, python, cpp, java
+
+ # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
+ # If this step fails, then you should remove it and run the build manually (see below)
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@v2
+
+ # ℹī¸ Command-line programs to run using the OS shell.
+ # 📚 https://git.io/JvXDl
+
+ # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines
+ # and modify them (or add more) to build your code if your project
+ # uses a compiled language
+
+ #- run: |
+ # make bootstrap
+ # make release
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/interop.yml b/.github/workflows/interop.yml
new file mode 100644
index 0000000..1a41bf6
--- /dev/null
+++ b/.github/workflows/interop.yml
@@ -0,0 +1,28 @@
+name: interop
+
+on:
+ push:
+ branches:
+ - main
+
+jobs:
+ build:
+
+ runs-on: ubuntu-22.04
+
+ steps:
+ - uses: actions/checkout@v3
+ - name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v2
+ - name: Login to GitHub Container Registry
+ uses: docker/login-action@v2
+ with:
+ registry: ghcr.io
+ username: ${{ github.actor }}
+ password: ${{ secrets.GITHUB_TOKEN }}
+ - name: Build and publish interop docker image
+ uses: docker/build-push-action@v3
+ with:
+ context: interop
+ push: true
+ tags: ghcr.io/ngtcp2/ngtcp2-interop:latest