diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:18:05 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:18:05 +0000 |
| commit | b46aad6df449445a9fc4aa7b32bd40005438e3f7 (patch) | |
| tree | 751aa858ca01f35de800164516b298887382919d /.github | |
| parent | Initial commit. (diff) | |
| download | haproxy-b46aad6df449445a9fc4aa7b32bd40005438e3f7.tar.xz haproxy-b46aad6df449445a9fc4aa7b32bd40005438e3f7.zip | |
Adding upstream version 2.9.5.upstream/2.9.5
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '.github')
| -rw-r--r-- | .github/ISSUE_TEMPLATE/Bug.yml | 108 | ||||
| -rw-r--r-- | .github/ISSUE_TEMPLATE/Code-Report.yml | 43 | ||||
| -rw-r--r-- | .github/ISSUE_TEMPLATE/Feature.yml | 50 | ||||
| -rw-r--r-- | .github/ISSUE_TEMPLATE/config.yml | 8 | ||||
| -rw-r--r-- | .github/errorfile | 209 | ||||
| -rw-r--r-- | .github/h2spec.config | 27 | ||||
| -rwxr-xr-x | .github/matrix.py | 269 | ||||
| -rw-r--r-- | .github/vtest.json | 14 | ||||
| -rw-r--r-- | .github/workflows/aws-lc.yml | 66 | ||||
| -rw-r--r-- | .github/workflows/codespell.yml | 20 | ||||
| -rw-r--r-- | .github/workflows/compliance.yml | 57 | ||||
| -rw-r--r-- | .github/workflows/contrib.yml | 25 | ||||
| -rw-r--r-- | .github/workflows/coverity.yml | 49 | ||||
| -rw-r--r-- | .github/workflows/cross-zoo.yml | 110 | ||||
| -rw-r--r-- | .github/workflows/fedora-rawhide.yml | 58 | ||||
| -rw-r--r-- | .github/workflows/musl.yml | 62 | ||||
| -rw-r--r-- | .github/workflows/openssl-nodeprecated.yml | 33 | ||||
| -rw-r--r-- | .github/workflows/vtest.yml | 162 | ||||
| -rw-r--r-- | .github/workflows/windows.yml | 67 |
19 files changed, 1437 insertions, 0 deletions
diff --git a/.github/ISSUE_TEMPLATE/Bug.yml b/.github/ISSUE_TEMPLATE/Bug.yml new file mode 100644 index 0000000..b56ecb7 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/Bug.yml @@ -0,0 +1,108 @@ +name: Bug Report +description: Report a problem with HAProxy to help us resolve it. +labels: +- 'type: bug' +- 'status: needs-triage' +body: +- type: markdown + attributes: + value: | + ## Welcome! + + You are about to *report a bug* you encountered in HAProxy. Please use the 'Feature Request' template if you want to propose a new feature instead. + + This issue tracker is used to track actual bugs. Please use [the forum](https://discourse.haproxy.org/) or mailing list if you have a question, e.g. to get help with building a configuration to achieve your desired behavior. + + The forum is at: https://discourse.haproxy.org/ + + The mailing list (no need to subscribe) is: haproxy@formilux.org + Subscribe to the list: haproxy+subscribe@formilux.org + Unsubscribe from the list: haproxy+unsubscribe@formilux.org + + Forum and mailing list are correct places for questions about HAProxy or general suggestions and topics, e.g. usage or documentation questions! This issue tracker is for tracking bugs and feature requests directly relating to the development of the software itself. + + Thanks for understanding, and for contributing to the project! +- type: textarea + id: description + attributes: + label: Detailed Description of the Problem + description: | + In this section, please try to concentrate on observations. Only describe what you observed directly. + validations: + required: true +- type: textarea + id: expected-behavior + attributes: + label: Expected Behavior + description: | + Explain why you consider the described behavior (above) to be wrong. What did you expect instead? + + Most likely this is a mismatch between HAProxy's documentation and HAProxy's behavior. + validations: + required: true +- type: textarea + id: steps + attributes: + label: Steps to Reproduce the Behavior + description: | + The more time you spend describing an easy way to reproduce the behavior (if this is possible), the easier it is for the project developers to fix it! + placeholder: | + 1. + 2. + 3. + validations: + required: true +- type: textarea + id: possible-cause + attributes: + label: Do you have any idea what may have caused this? + description: | + Simply leave this empty if you do not. +- type: textarea + id: possible-solution + attributes: + label: Do you have an idea how to solve the issue? + description: | + Simply leave this empty if you do not. +- type: textarea + id: configuration + attributes: + label: What is your configuration? + description: | + - Include as much configuration as possible, including global and default sections. + - Replace confidential data like domain names and IP addresses. + render: haproxy + validations: + required: true +- type: textarea + id: haproxy-vv + attributes: + label: 'Output of `haproxy -vv`' + description: | + Please run `haproxy -vv` (with two `v`) and paste the output into this field. + + Please also include the output of `uname -a` if you use HAProxy 2.1 or older. + render: plain + validations: + required: true +- type: textarea + id: last-output + attributes: + label: Last Outputs and Backtraces + description: | + If HAProxy crashed then please provide: + + 1. The last output from your HAProxy logs (e.g. from journalctl or syslog). + 2. A backtrace from a coredump (`t a a bt full`). + render: plain +- type: textarea + id: additional + attributes: + label: Additional Information + description: | + Any additional information about your environment that may be useful to know about. For example: + + - Any local patches applied + - Environment specificities + - Unusual workload + - Interesting observations or coincidences with events on other components diff --git a/.github/ISSUE_TEMPLATE/Code-Report.yml b/.github/ISSUE_TEMPLATE/Code-Report.yml new file mode 100644 index 0000000..41d1dd6 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/Code-Report.yml @@ -0,0 +1,43 @@ +name: Code Report +description: File a Code Report (for example from coverity or valgrind) +labels: +- 'type: code-report' +body: +- type: markdown + attributes: + value: | + ## Welcome! + + You are about to *report an issue found using an automated tool*. Please use the 'Bug Report' template if you encountered a regular bug. + + Please use the forum or mailing list if you have a question, e.g. to get help with building a configuration to achieve your desired behavior. +- type: input + id: tool + attributes: + label: Tool Name and Version + description: The name and version of the tool you used (e.g. valgrind-3.13.0, or Coverity) + validations: + required: true +- type: textarea + id: code-report + attributes: + label: Code Report + description: Please provide the full output of the tool here. + render: plain + validations: + required: true +- type: textarea + id: additional + attributes: + label: Additional Information + description: | + Any additional information about your environment (e.g. example configurations to trigger a memory leak). +- type: textarea + id: haproxy-vv + attributes: + label: 'Output of `haproxy -vv`' + render: plain + description: | + Please add the output of `haproxy -vv` you are currently using here, this helps us later to see what has changed in HAProxy when we revisit this issue after some time. + validations: + required: true diff --git a/.github/ISSUE_TEMPLATE/Feature.yml b/.github/ISSUE_TEMPLATE/Feature.yml new file mode 100644 index 0000000..8515256 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/Feature.yml @@ -0,0 +1,50 @@ +name: Feature Request +description: Suggest a new feature or enhancement for HAProxy. +labels: +- 'type: feature' +body: +- type: markdown + attributes: + value: | + ## Welcome! + + You are about to *request a feature* you are missing in HAProxy. + + This issue tracker is used to track feature requests and bug reports. Please use [the forum](https://discourse.haproxy.org/) or mailing list if you have a question, e.g. to get help with building a configuration to achieve your desired behavior. + + The forum is at: https://discourse.haproxy.org/ + + The mailing list (no need to subscribe) is: haproxy@formilux.org + Subscribe to the list: haproxy+subscribe@formilux.org + Unsubscribe from the list: haproxy+unsubscribe@formilux.org + + Forum and mailing list are correct places for questions about HAProxy or general suggestions and topics, e.g. usage or documentation questions! This issue tracker is for tracking bugs and feature requests directly relating to the development of the software itself. + + Thanks for understanding, and for contributing to the project! +- type: textarea + id: feature-request + attributes: + label: Your Feature Request + description: | + What should HAProxy do differently? Which functionality do you think we should add? Please describe the feature you would like us to add here. + validations: + required: true +- type: textarea + id: feature-explanation + attributes: + label: What are you trying to do? + description: | + This section should contain a brief description what you're trying to do, which would be possible after implementing the new feature. + validations: + required: true +- type: textarea + id: haproxy-vv + attributes: + label: 'Output of `haproxy -vv`' + render: plain + description: > + Please add the output of `haproxy -vv` you are currently using here, this helps us later to see what has changed in HAProxy when we revisit this issue after some time. + + Please *do not* enter "future version" or something similar. We are interested in the version you are *currently using*. + validations: + required: true diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000..4c1ddc6 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,8 @@ +blank_issues_enabled: true +contact_links: + - name: HAProxy Mailing List + url: https://www.mail-archive.com/haproxy@formilux.org/ + about: Questions are best directed to HAProxy Mailing list or the HAProxy Forum. + - name: HAProxy Forum + url: https://discourse.haproxy.org/ + about: Questions are best directed to HAProxy Mailing list or the HAProxy Forum. diff --git a/.github/errorfile b/.github/errorfile new file mode 100644 index 0000000..f15d8e0 --- /dev/null +++ b/.github/errorfile @@ -0,0 +1,209 @@ +HTTP/1.0 200 OK +Cache-Control: no-cache +Connection: close +Content-Type: text/html + +<html> +<body> +b1z6lx9BLl3rSuonLqkIJAn9k9Hsah5qGfx9aq3qWSw6Nn37AZBJ1lxI0UyI7zvjXIEjSEVdCS4U +k6rTW/LndurrbPieC6OcEBPMjzGtsfpR9IsZ3QH6/mtBGnvAtbhxAfhMZ/QQXkqfv0JPjuLdXBdM +Z9cInHOr4ykoETgRbHaNt9ykBv32nIKt81YxLtTOMyyFAzH/AVSHUs6PanUKhxG11Csqn5RnlvSj +PBCaF0lJAGvndF/1PTSIhzjEtXR3ZUzCfO03/j0q0/4+cduV5jf3XNFeICjY19OHKSMIWVN0XVht +bY2eSMG0LoL8TqWyv6VSnclsVM5S5LJe7prJtWFobEpU3AMZzzjMPsxDiyMGJhjbJa0TnsDGAwln +IVO5n56gtdUdhwWUnVn8ZYGZlFVjOQt++q6XL/Vhm+DFCArXZ6Xz8+mz1o109JpM28jHhxg6e7A1 +CF08n0mwN+adNFTi3Wg8D4RJOOQ90Q1bS/gmW7LtPjYxGuu8k27MjUspEHeeEr5rdAcBJbKiG8C9 +191DBDLxlJv/V4ZYG/FdGIqX/a2F7x03Uj7rsVnBPmOz7U0EbcHGcEEpZlSN9YLuUKvPXeZ8HWa9 +fbaGO39Yt+9DByPWC1Xyr65sPBH8eDURPdSDMh3Sr+16HH46anVI40tjK8NZC6jjFBQPfJBP6MVW +HZF1F48rZXxesnHLHaMESCvwTruBf5R4JjYB1gt1Vv76e4Pew1MTK3/1ooNPV5kvoBV5PSLkMDqx +XO6dxSC9Y3HzxhzkoRK56h7SWDbwxd5OmUHNvjm3k0QtVTAWsAEbJ5q/gp65ikG3+hGvp9xF80pU +C1dAxK9+MHg7Ya3UiV6G/dB9prc3v92lEVqtK5CNKzlFiWQHSF3H+sz4qPGlB2Ub8H0T59TSZcyu +oTFKi802BYc8UnPdUX+mf4Uda4Vad4dPE409UQ1XIEqI+2pCTgOCUm80xM2Hgyjpp8bi1mnv6rI1 +8jafv0e6S23Meb9d93E/MLm82KWfXHIjPkDFaTouGS78IJie3giG68U270AL1+gpUwNunW+Ez0Ch +AwKUOM5BUL9pFfRMeDshy8KfiDGr7enLupqa2xe65Hbo47eioZZfIb0AD3P7yzlciIUXsy5JAwCF +B+L0T+XuRUJuXCaJ+ioDmgW0PenJ6xfL/+BuJ9yVrMGYb0paL/cD7VSVDda1L7+VSbLW7sQ6BOHM +ZgFV6+O81p48hGDquMb9+eURGrFKhQFipUPEi5sTQ7ocmyRZIAI3VeEOdBsX6zuwR9a2L5aV4yZc +HoiQikOgAeF1O8FNoVBIKh6TvFIzG+JFxb64pfWiwku+njgQu/xXkhuDSnYh/tzzqwghzmKHpQQl +7fbxF7jBihOr4qTcD/fUNPNGZYAZnZk/+wuA/6NOqwJl7nV2E7Ht7N13E6RZqGzfcL8KWldZbuFL +cFUVZ7sxogftmAWhSrQ1Io4IcAqt19XL5uGFlAiELphh5v+3mWKVNh5kOaCIDcoOggaerDZMl05F +C/d5veJxVLFBsSKFfdADmGh/8g85JDQC1UJuHYXbmPKuQ3pzUZRg6a3JYoi9ssLz7GijrSmmgkXs +71+8TsvHFP193euCd9N981+Gp4NMxpVvWkrYFsjkdtkzSQBda4dUlJ/QhbbHoRAuzNl2zDkUU7SA +P7LCNw3SKJlCQlwDEtqNYuO6jiQBZcUnajdk/UKwVwiH/p6q8rg8bh+NPV04hTZraUoaKumsPG+5 +tCBRj/WxPDKWfLjpgLx2gJPU4SKJrKwbfSot+VVO0Tc9viV8Jl0PPOkcW3ixx3Hc9WEqj0QZYHsB +kUk4E/q8N5WDnvmCzp3t6tlpeNqqkXhvNOAg0XxVXmKE3pWEytX1iMdggdjnoo9dLLGcNwW5+tnw +XdAlEVuqcvTeKJfYT/RMxpfdB7bXsg6OGEokMEkZHltLPmlYkB9i+J6zpWgo0WCwjawocVc7Y9Lj +FfSezs/Fs2s8OJhFlrHQzh3SwZoyAXHgOPC1wJDanMZWjLASi6W7ds2H2FHuyKYfx/gJb02+d199 +1ac7QG3Vgi0QiNB+6D8vuj4r05jQgHj7REIvFwbvJX/eVCY2kle+nXjzOiTL9M4AoDdaW9Hfzoao +YnwcKslhmHhRl/Q+9jA0YX7TCHh/VcKg6+lao3ScQ5F+MjwZewK0lwOlE9Z7Oz5rDNwTdBe6LhwA +tTkeItrhm45IPdipFKRRcqY7OPV0GgHeqIg704hGnpzws0cJi++lpLi2c+387h28ymvUXArndPtF +at7mboqJ7XCi2mYBOa73e7Q58R5UBhNzZB+M+SbNM3Xi5hcbXMH1UtnHGx8E8uNS5oXQvm4Cm4k0 +v1g0jU5xxU3m8j6ze99Z6sFZ3EJ7IrIdIkKHl0jkr+WZww64BEKmNsJfh0nWO+5Bm50ZK+sNkvDg +PtjkehxsWaaERJ8aQeqzIVQTK81m6FqHYdcSsuxMiY2ZAQSnVRarmSJqyd2oPy5vEkCnS9yd2ha9 +bYqAREVHUEy//dw/XJAtttnZSgwAKdn+SRSQuDiWZ9GPs0k/zKuohKkSXkHPlhIDuer+lJ1Hs17m +r0JTCt2LQVXLdCbKScAHOm4wdGeeIyMsV8MJv/PIWoySW8PIm3IjjzFinphnj6COvvVJUYg6zvPb +1WN7ZU0UyI0nFklUVguc6RF2ByO9ZzZA7nmVXlFawnDc5UkotXSGYZJaiV9c44Mvqg8CgxbfLLk+ +OCOJgQF9xIEk0bUp/QAfKj6o5aP2qHr+YvKxxTxlEthlxdGyM+F8YX4WpR6wf2mbFjc6jWC67xk3 +F7zfTdXtmezimB6vUkRAf4P5yS8J6Q7m7JCE/V0CN0Z6fUG4Z/8cGxpVQwqD44McT257MqSdiwrp +C9NiXxqWiLXcj0NbUI0rxAlzSwzuFAjMdLpPOm3zjm6I3SltMKn9BPSOyz5Q4wclInCx6yvZAqK3 +r95cvb72qVEt7YJKaM3b6Vb0oQRMpSWyoYHZQ75WTwcwd8PRecAXGPqgn0e0GYUSfRqiBi5Z3tUp +eljOJvV9ujIs2rFeySLKVfkCfHvcCRVyFZwsiUO0W9NvvIy40lkHtFshFANYlDkJOznhLVSlUGNW +lNwSTjEuG/bcGiiAm4NogFSmu6ijWrrJZbFAjH2CSKkKJUxCpAeasm5nDBqXY6fmS56WLv+mZmlJ +qQx2aJ/yiGWg5h4auN4tyq7vM0S66X9+rg2c+vrxQBAaUbF+rGP6x44QE2FZS66Sptlh3/dY+CLn +7fuVLv2/2ROBRPN06XmmBF0l5VA51wCmozvcHXGgSNndTws7naVH6pu4tNwYje+sKV3xzzspY5ob +cZxtGGGfOMvGuZB8Utx7QgEXAM+RBTc3n1mCJdka2JL797YtSuysoiDmoKY16tQDzw5yQfkU5sbN +pvUFJZLTDBXdBMMisEzyfICsuIyv6A72TWdo9hGnfk1EfofSCuDWVv8Zt1L+FwtM0lkm73t0ILRa +EpmusX+2QFiJdjmpl744bCu4nsj/a/RQ4EmSdKHZXuCL8/pII+ebHY9LkruU4LgXsNa7ZCKCn8lo +RUq7p5/Iwz6tbJ/n2Zp4q5UKeTGtlAqfPicg18AmOwJZx/UunhFpAoPr3Au7wfM7aYTAm+6XRgRx +xXglcFDtGwipKH8Fkj2crhfaJ2GT2/4e0Abb70HW6yYlUHYKI8aMZ1fFXl0qzFbkOuq9I/4IEhLU +auZS898sqj2H6EZ78LE9r/tV1TjC55LS9mVVbmGptjtjSnXQKzwz0ecgUHTJ/BqugyUflq61ZjLg +6GX7+hisr1AJFs72g7aRJGXJHESmPb6fbsfWDqoLquR7NuYefaOsAJWQX8zkgocyIe9gGrHIE0Tt +ybdP4WtbUwn53drOs5A6UbpiSt1XVHps2gZcSkeGIRu7fnX9ZU53758/LKuLdyAQn44aInztqJMn +JVjFjZ4/3RwrDoPHyOwKbrjyWNWTqWBc6ewcLOFvYz4V35pvuXeT/JanX93foBv4O9aWgmjAjqC/ +j8SbRjEt145uKVP113AfvEgLFviOkKu1UOlRiOtqFsN/rSy/7AREhsH/7UO+qSYm3VsFiiUu5N00 +iENT45OeG2yGB/PcyOtSTiryHPZ0sBs9BaCmtCdHxXIRZg0oHk0As+GbsdyG+njF4DmNzrS0ypgt +tT4BkDWqn2s9zwIvOjE8G/zRHffn9VfwqGGrNVenszmkpyoGsmpfl212tUHnvF5i1Ffivj5y9ZMw +ESuq3BaH56cs4hEkq2qubjnhpcl41rSVCZLX0CNfS5uSBtPqknZTvWqH/i1y7NcA7jyj6muqR/Dk +VqoVcaAI/Oey0250AAIpnzGO4Kiv48qWqXhZjRIJvWwtwflLrqU3N5Ec1oh0/vEe33nt61rNsB8P +t0HZwz9aZfymYMRnzgA7tHDiRcGNIOWupWGnXRsisJdH/6T7HH3mup2lNklKvAwH9yM65cTeMDt1 +5/QZKTjlAKiJ8cXes6SE+HpKcTaDo1IQPXkYzv5i2x3D/Pteakic2djUXsQOB+V+Lsx2Koeb9yrq +sHtDRsl7q2uMUlH/u6vMV86AZXmm63Iji3Ktpihc+Qno9GDbA4PQYrvEPtcLGY5UJTpKUhSi5icn +RgQr1IKG0ALE9mH2nS/b9TJn34lzCaeiIMYfOe1Am9AR6bfXuI2riAT18xdGyZGOGzFjJOMtm7Ok +4VhuPnoiuYsmeH3jI/HclKKm2nbrv1g2FOK5z/7cXTFtqqzoIR+/U+Cfixi/A19M4lJwmYnZSRhJ +DMKtf4E8rrW1brFa+HJULcc775nyLTYrhPjio5ozar1/mLZm2eQiIFspHYL1oMh4IvhVXi2ABsq2 +NAyHSZ5UwxXg5jUUv9Z1I8CsNseXIGIiubTe1JQMeTrvzlnBpYhQv2W6LZ4V4EYk6/Af3ULGIQ7C +b2iS/xaa5X+JWHl1MJ4N6debH9OryCj51sPC2o7rAWu9a07RqdzarIVZuJkgvvBSyhHfF9aoOAdb +jOFW4wU79J1VDfVj3wTIGvY6qNru/s+Dapx4s9a0inqj6yX0i6uf1flNnSm+wesHLGhI1ae3uZuS +GBeo+0GiooJHFT+E9BlR+4lZKmr4+waJvCRJmyJ7y57eUWJQbviH0vazlDbJGVqdjRTKV6UgPFrV +xkVnbFBsNP40VnMfJbXiJN+iSkWPYtrQbEoFGpWhpqEcPmryiIApN2LllVGtGmkBBAM2+kQx9jud +EEV+B7+hhhC4Is1ntkbYHFVbIWFgxjbpwP408v5LGkoEnfV1Wdp3d8UtkrShvkOmG/VGtZq6uv9w +bZXMk8b1npQeN2eu7WK4cBDho4CuALLcUl+yO6BkPOibZCSEs2d3M/FMrGZfw+jm5EM30XLItvP4 +6Kg0NDudqumR3LQNtH0RGvlMmEHb47u2E97GgCiJomBP2/JxcFlSzTwLJL805UKWyISEfAvET+e9 +GkE+CoPOHbtsHUEybw3UGKfMUUMhPlC+oEUMwmyZD6JWfYSwygqL8aw0abtDMzOaEWrz0xfkd9ym +BnK9mTd79oPvFAh9qvbdUdgldxXcvIG19jzQ/1IVVz8LZVMJhOKg/yskLFABiTDJ2JXbpznjH1BH +zswQqmlcPqu/vNBFK59EYKhAZumQkjLxB/lPfJBzByPCCfM+dk7Pq5xTjbWLnrPHQoC5WaVrQiCj +Wcosd66Kg9CrXrL98auVQVIX6Oh/Sl6h6W5fqD/iOPUZp13AacEIRA38rwbsyR4ohfSxyHGkd24+ +GUJ/s+Rj7KlwiJEDQdMbJ5Dr4yqIvPLqMLyuz4soneIMdA7RCztmlieIgNnwTI5nzlESRzXoIkzk +KKvC2LPzypHnOhJ3XmZODFRs3Y/qKUIOdSBwDRayhHTnuVK1v21bB3EkFtWllqXf/qHUj19+YFuy +rD4ZvPmIuTxqXb0wPlnr52aE2M2p5068lG6hAvCpZH/uuZsNuaYATcaeBm5J0uvFpKITTHriUEcs +NtjSPf/Z7rn8VWBm6iGcTrrCC+w9LRagVdTxecg+NK5PVUoUVAGEhQXoL+ESGUanPOjFN7NwhM8J +WUagxHH7ALK8LuxrXktdkk7jalBI7U66aFnMxh44M/3yEcUsGH94/jqsC31cCNp4kE97BedfGyRR +jIkTpZAJg702y4k/LEkkcT+wzh0E3vtcpq1fx/3sXduBaxP8HrXSxAiIVDUqJcNy0PYkXLxxnVVW +8z3EDoe0ZZa7PSvYHA1NQHO/74e1T1Alv/ImPo6l7a5M+f2tXZ+75cw7dQgYmnFuGlinfvq12oNw +EwZhrs2WCAEzrjC/sFuPIn0IVqU8q6ve3BzD9YltbeEcJDLkRTOYNkvo8kF6s4uRchsig8FxFE4Q +Jxwravj5xyJpFUF6ZbhagtX3LIBT2/IrWAZgpNu9f4fq9lQ3wnP1UEgkv8o07LyyEV52ZrH6wn19 +sqB9S/6TgvTqO4FwteoxKTzhNI+0oXwloAQrYsmmkhjROu+BncuzKuj6m67mPKrjkudYup/xfVCL +ktYIcPIPCy0ahKdSD03CV2zBT8IF7B9skYoZxC0NvP3rPzl6w/h0wK0jJya12tVHZfqSu8WMD03C +AieOYB1+KoHL3PZsArTAnPGPbAU2VnwC6zFV1LXiq3yvqrtERZsD+xsZxMG2hTGM4jUCFgVrRN3X +Qh05FpC71nHR19z+vaSNJ5wJp6hWIQBTqjz/NWew908SGF1hAFAkzQAHb1a7RN/Cdq9l6WK4XmCg +0g4Vuix2sa8AceNCcuQ9LBimoUEvglkwvCxaxh0Es7xIumigdavavAPvpR2pGESn3S2dOTanYFyG +yJJfLVtH0VWgqzKRZJYg5jzHqcIE6Sh7VXroGIJezm0ykjMUVd3xOrTFW1lEqJI8YEwC5kVhjzhd +sCJNvEIENH0roJX3YiH05jatoKRRhJNF9bN45LKL319pPbZox35rZD23wxZCrrnEDxKOVhVL/ibY +8ITaT5qdDS+ngEEeZdzO8cMoPHbHKdZQgH6DivP5QTDcd9405pE41X4rSDbJaJ7fHonhQUbQR4Rb +TKp4nYKhb1stz3hvP5JqbGD5Lj+0EdeOCXdGk9mbAymoIko6D82n0tjRvA6cFoHI7aaRmzWN2N05 +hYCnpcK/NBFud7usuyAPFLBvaO5Xnar32EGnw9ykCTFjNdfgJjvOxHiE34kiRq/kn1DL5WKwq9EP +MRgEFZ+O7wElyfa6ZtRstJsdI9geoyogelNCpnv4MmRps91jNIjIqyznonsnjWv8+Nl1kzt6bGQR +QjeTfDofWHG/RuIdq9BlKUsqe/VJI1jeCG2kNZ0muWaa7G6K42W4eKp3XPLLiAahNEthtGb6PWDt +IjKhydJeLFWe2FCCBkffYflVZbDsUtS0OiFiBFXDxzKjv0lK1W+DkQ6Yyjh05bXWsdN4P8QRayx2 +SJRWqzhe05HFY75DZLnldGvP348mQmJPxsQQxiH0Gi94DajrNN5I4if1z71rLkyhbxpAu1y311AL +rKNO0CKv27lH3KdpFQlLG3xWQFD86m0RICfDf+SYdugAIPiUPqvJ/QEhkqGLXFgmYdLDfsyp95O1 +YY8K66uS7hlc+sOKRqCJ2Tu0KZP7O10NssRuUhwH1nRLmPUhFX+AyRvE52NAQ+qHppMwFWN2CqPt +YtrkBuzxWCpWuHREkvwoBFW0v8ahyAv33qZZOenJy3EY1R2XJis43tEGrh/40aMG8ktmF7mAS1d6 +ObU2MO0rqf6y7+l6OvnwhFaqokfwZxH3i/axRC3OAf2znpqDRDhsCQwFWzrgbC8ocCuOyntjx02v +yMX5gy2rSXQ0nqqrDLZ4WywJ6cBAxl6ltSP3lgnAlxMRcvbpU6DmMn9QBlTyzsrTpTq6PWjsukqX +0aARHpY5I0U334P6oTaWxDbn+N0IWNLm4MTFxMYsP04hajKfDTEtjhom4ZVy5O6mtc/UP2THyPwx +zK7ETgLItLThg0eKZApOZXpVj3NGN0VorIfrMLx9K6O1vxrkwY3Ybpk1wuSxWO51sXc211XjCOMa +r8axFnIynW2ngHy+hIVjEwG9NxK3ORYUN2I4spVJJGqLQ+b4wceUDSD/Cky1GkirdlWVkheAlkd2 +eLz9UIoJCWCx9BVhjY8ufW75pNsNjgcy27tpt49TJGpKyoXyoZGynksoCA/QzYVrCUn6VsNh0UjG +LlPQ+zFh4iyIYpvVemcOsu8HQZC1YIoumBwu8ukqpo0FBALnVX7jDmxcYMjxPBL/xWJyMF6GOfF8 +yTsxk6YKhaWZb0qCNyEqUQ5OmvoP7aboWOVXWRofWj4CriT13UzeOL5EfCh5GAmlEK8w7GdLq1QW +9LpedlGTHr/sSoeNPMqSS2KEZNvQAp1uff97M/Wr6ilWAQwQNXXESoJ8xgUTR/i8DUBVemedy6FU +DdFwv0/FOFaUqyxE5yjqibZCj82TIimq9CPPEJjHfiYswb1dwlEIWWcxg7XRb/lt2pBCaljrVDWo +64OUPoRICDbVGTiFXh2UuEpw6PDs4ouz+R+0eHeBV3VkFmO7n18nuP6CLFYTI+mz0L9E1eM5coNA +vpX4j76tnagQ3GSm5FBjcTLOG2I0f7MS+AvA5cjzLYzTCVeF73eyjgBlVwFk+U6Nkk0VPvwL22gu +sRQu0kthRNzkfd4sEFvF88vOEq1zuQEuI5zMVcNQ3eYgFXrKLnXQQJdYcJ95mkIbUfW95cNeruHc +rNv9GtoHx4RyWHB5GnTJCLvIdYsBtCd0jlW1R88kf8JeUaAOeoDRV7ScbIKO3xNRpn2P3PzPD884 +chFMCCx7qODm4/6q7onWO3lEsUEiXVFB+rBsN9ZzYmEmXfLuureTWWRZUaXfPY8LNVb+Zu+LPzcf +4kZ9+Fxowm9Q0s9r97K3fQKnxz7ptr/+D1McEKMXLGFCm1JA65PbyRsIo6drTYenzrn/QF4B+Shg +E2Fq5hlOfzpmeUNcHT6EgM02J+4bfjzOA06G9ZxPY4ZNvevOuMA+ITiXQMLpIHXTpZNvKDMBEvD6 +vfin7laoyn7zB45THToL7D1SCdj9IxtOD4UrAVSPAtjZ517JVNyMcRVGT8tfRzT8/AYVCeYY1G9M +GMv7fmTJ4FqvXQWfOIiQbQk5b6ZIkr7x55TasVxDZgDazhjgTy3gavKXTXB8NjSx6dLaP03I9A28 +44W32wh2KGCtv75P3b2WPaSt3oJVPp3SRrgt8a5QsPc21iDkAVLlOcWOqCnHXjiL5Ljtkots3idw +5qDH7vpviIhcoqxnhBcaTc0NEKHX8WxZBamiuLiceCVHTBNpbZbS031yGwHIVu3ZE3oLeCTG6Gzr +6/96lrWA9NW8NGxqS2LMlTZ6oR1pACLLnARSbhyUSpX4dmx7SjOcnBB/7tyAJ8wNHLreD3KK5Opo +IHrQInd08AefjqTaW6BUKhAKYIdeRKLWka6QnrrIOeWioL+xQaImTU3KJ1Lfao4CL9wp7c8DukoP +OYsCNtLgFNr70Yrb1jFYjYPsrtUw59NuSugmTotsCO+Etb2PsXgoCTO2j545sgSsm0y/qIXbZLAE +oB7hReI8JrT00f6YLW79C7SpZQ3P9O77G1IDfhxr+D7tIrRgqelyTiH2gBOBbC4jbaPt/Z4gsrHq +ncncllSvs6RxVHIEZbxz1eCCJDkTkbZqfzvHGh2X+RhG38Y9GaOdh+Ki26Cv6U1Wzds3t8W9DRSf +RCjz7YqN33mGQVSbG0DPTQ8VAQyfDHcyOMTvJtsiRYn0z1sXl7UcULT37IfHb7NJncWiSU6AHOkT +JaPbYs8Oh3eohYDzE6k3iSpUcSxxF0V3+kVkqAUrgFlUPRvoi65xYxqiMQ2DqAU8JbclkRPh7Gse +DEttqQiZ5vDH894otB+WxdyxlKWF/e4SBKC0d3m/4jtYN9xn/Kwc6xStW9phP59/kU+1p9YoGFOz +y8cHQSQ6aE+c9ySCYSpup2VHoI8vafA93kbZXsp8JqWgMO4hE3oqZo8y6QvapxiqWgLc3s6CeTMV +1akLpWpDFnhzA7hkB5xRLuE/XTbVSjELRcKVPFfVw42UMkzf7UXXUz2Y/MwhlnLo5H7lWUoYwQNS +mQ2bLA9jjbf/J7abcd6OgFnXtots4AnSpyY976Q589H8g0Godi2GEzZ6/lamDk7jmSaoA/r5LYVL +ecuMHI+FWP5sp+FQb1gBhxfF6zC+KMyvaDyV15/jGVbAwn9JNM+B6YJ/sjkiukVzruBz/8i3htmB +pp0RlgDfxGe5lpnVJSfoSkFi8psxkwzGraTnWhKvByrMGVJNZuchoV2Gis5ORnWLCFuok5jB43Lv +e9t9xkyXhaig95z2yy6/7cVEsIlOGfKnU1SKVu6JJ4kqDLvWd2Sf9aYq37fO3U833vA9GFHuNX93 +9gJxnrMpQpA+2T88XR2LmoMqfSQ3fV8KGkT6YZuNYe2G8GQ4bnDzO1CWN7gBNXmEw1tgusQwoX1+ +1n2zWhZkgEbxQw8H8tRtyGNzsadxCwQAmcqbwvc29s2QVBGipPTzkzqHfP9WBKr1QB2y0TQPsXcf +znTRIKSnk9/HYKkUpXHT8rdWcJQpuIpOQXpxDAb2hUOaIyOBPOHLdAVV0bbiS97DOeowytVIdr5l +KvLdo367gsKBln240ZUYxwLxU5o2fvUEdwCCxAbkFCI1NdamkOaRMS/ASNeduMWMMuFXmW4gmna0 +nponYLK1drlECpJK1LIeszRqMRnlQ2bKIZaNnhARDLx8J+qTdpVKPY5rnKPi8RueD8w4bgmETLkj +Pu7LVwGDM+KyLkfxiP5EHbjULcV23bOfucRGvUy0OP/Ciq8+IhibLohBnod6DPaJayPFN2xtYTii +aYk3e4YyaqQ5JZGMtx9TkanAdlu28rd69oO+AVHsAj+pXWTwfr3Jd7rNMlE9OCM0CBewcEhVl8XG +dERGMhSVPVARbfwaI67sFmHUr0X8mAsJ0yJoYqbLPIW5jiV1PbK6zkcaksDLLoMkIhJpASb/98+P +q5SKERK5j0rUcpTtr83wfNTPmxxTJzPK4i8Dd2dfv1zy8BF9seOylVQ5Lxw6xXaCrgStUVl8Gz0p +LJWduNunp8pqFiTK2uYeR1KcSabbEj9xPcbWw9zasQL8ycyUB9RoavKLf7MB+a8NK2OSXH5dfD5H +Pl1jcgMu6C9X9YbUtMyhOBbXirYqv80wWDAhLn0GmOn1Stg+sWjGv3UyssE9JZtfH3ExYsS6pWTz +XhFKN+Pvwrj6U2393x25W6MYqWWIIE8MVBVjB5z97WQ+B+A+jVrdno8XAWonBXwfSA7RX2+z8F+A +2AbBpIgGNbW0v7YbPdRinHWbXvccWQ+stNa8Rg3rhf0Z+c3AqMSzJMo3G1fK6565z1ZjPmQya0Qv +V0TRsXRtBPwJCaKOhweMRm/8cUoKBK0UT2D+xtbmag2hhlk+nX9rUAtAuH8zI15WZN+IzyImPNZg +xtBm9hK9yEWQcze0+vLvlGduZb0jh5nMiJaeDg8fADk8I46ZtKkbA595X12HG4szWKNPoeo6M6eg +lRRkV3UFyNqQv+EJspmiSWp3qwLN1+lAwdVRIf/58UrJCThn3FDe/EDThjMJD0/AmvEZ2QB6ptjD +ku8mAKuIM90NSkDayS1/mhAEQCThrEFsEc3yWrKtkZGl01eOTyRvVQcfzEfiG5nYJSIj7zz9NQ1K +JEoXNtz3NNmEYKxJ3IlaFcCl/RdWDcuHT3s86OoiuUb5FoQbxPsgkX75vUd0N7C4tBPFugzxDlho +e6BXgBTLS5miqes9Sld5L4q02q44VR07NfmY3LX72vFDcWX8mEpLtSOPnyu0LtzT71kVpWlt9aV2 +LvtCY1P7fsE+Ux9CtwSzLczYzxpu6d7QVQtbQQJLNDsxcGKrfiWfoP0EpAleG4DlrFgKE7DnKXw6 +uV6henTS8UGOGEgFmkAM5ogsZLsNght/Ty5PHwTWYgm/nBc3s1UEqSCpbl8CKZyRQys76I3yP4+J +bSgXCId3u2XZqYoUqfnaqcFaPzkn5evrIIelAbZQJRQioHN+++TsCh7RifuOSVMOswrFEtXfeSUI +JCvljAZBFFtl3PjzmKdP64oBaW5nMglSG1lBqTQe40qajHS0EfAsaLEbh8HsciQNE2krCKCkGSN8 +UkzmtQO7ErwvGVrmIuYbgJqzDcE2I2a/Z3Lac//hwBAcBsF+yfWLGXmNQiNcaHnmoZCkekctfJFV +lbPhaapODNLjhKoMXJkOvBk5MRJal0MMaBtUnxBCzeazIkkPxy1S6L1KGm85x+l6UtzHqPKuYF+w +KoOUlb+9jckpStrgll/o5xGUU/hgWsMZtfYTNiq2ShlpjxDT4OuimS26O2jTlCJl8nhbSxc23iC7 +EOSsV8DolO2oUF2JmBpfqQWsOG/88CZhQqN7CQWM734bLXDrSdYE4WI+YgINTnQvM6nZr+U6+kqp +2ORCVQ8huhM20uj0/+adTe1zowyijWi4aod6cLhQ7kZD4PFio5Y6omaHXLUNaPofPMFB3Bl9owKI +bhJJ0GJ8V/abRegfRHNve9w74BDFoPs1BZJBz3H9OEwguFKSk/Jr4ep5U2op9d7Um87FtUwWVtBd +bAyIanLdh3TGW1haNyhfiCk8aR5MlzAvBV9iuNK2aw5yxCgowa/VhuLQaIVFSrZrjvfwvFoYK1re +ke6nSM3n1/rmbu+BY6qG5u+3SQs4Oob9dD+y4nN7N1IhUY0jf4hYDfsUrexVdEsStu54riCyNLIL +czHtc+60dpqZFGFIbMJeDqgkUR6msurjr75bEwvuB80rMPbHTkbo9JNf4bBAxKf/IJiokE4J6Rjr +tFZTDMh48Rjp/zGumLhRPstHZHoz6ETMDmC2c5IsAF77F6ofytqS1i+81W6jIzAUhyyMKCi+EgM7 +Lo3rFzyeRVBMf4sgPajI2NnUpMzm9Zn4p/HlxxWu+wUu6bv4IjQS12jdA7OuRA03LaVr7vIJhOIc +g5lYj307khG0uIyZVa/Wh9/Bi0wCwecoACcebEeD+hIKvevZqR8VZBlB3DRoEzbOe1v9mnf7TzG4 +zReNRAT+TAuX19Ne8bmMT2ZYXsAGF3U+1aKNFuxaXVblO9HIKZ4g63/u0EK2ikt0zDpGIg0s7zD5 +dVA83t4xHTRa5H0S03336hd8FK9FgZ6+1tTCuxtdfOnGDCw53Uha0GHkK9O3GwBI7rdbP0bTvmx3 +iMawl6swyeSPAl1/yXZ6/ud8frt9V3tCiUiMO9FyN+F5E371JXHhfcY1D5/FQ0cAULzVUQtaxO/V +u/KzIZDZ/LjWl/e0iBhtZG1DFVws0djmdkZdlddoDSJyQRU4XPGQr3J9EF8+AelTMo51bGUPVEC7 +PO00NRw4XW228K61C4FTeq4vvUoCQjr73rmG/iDPS/trXsYQjU160a3Jb/aMFHY0x7kw5vT1h5Cf +ZR5sq/Ktlmattr81zgdYbN8/YHtFbISj9hctuHTTolv9zHgOJmuKMyS8UHQYrux8JFGKXjM4QNv0 +OOK09mIafWnAnlzHXwuvgdqZxUhua+Tn/C95Aps1SfwLxDmb8h++xwayZWAwGQ1/pjZGj2oneEQc +e4yF5lR+rPIMN6ggNA66WdsHUVUH8nU12a2tsPV/xN/0ODFy3R5Lt81SgUsjdhwqWrOwDWYKx7Lw +ULCsLvraD0LGdJnccojryAXkgLFRppVmwfHyEq61vAGkf6DDPPJC0nU6KogVthHztYPwjmUyaDkE +Hm5IT6qto6YhU0SwIcqdSq6xIXgVx85zKhLyXQfp8wTsAifaRqNqFePNCicZsXROlXgWMKz2VNaA +ppRsecTb+6fTbiO8GHslXR7uk5EZ/6Xa6CwKgOd5L+SzKSlVQb953TgLW16pW1yTDPrXE0ztQ2c0 +ACCm95j/y3DOhtU7/ZnijQb1VZlARiYrQ4jV5c5KkCStH5LYd2Im2PxUjfkloJQ8NCs9fTkmn7h7 +BeM6eVEXXX0J2KtLKyV4WeQxFuOuB7BSBoNKwSWV1Yt7jH2TqNQmqwp2RkHblR9ARxKPGpYDuds7 +ltfGDW/8EBPthF+ub5WNnYEjXHDxoV+OCoI9UvfNCO8gni8HJf1b+sTJhcc56S1tpcPziFcd6gTM +Mwk1ljLaBYqOhInkDi9G6ok2bsdrB1FJuvIXsmezJpal8Gn1KA/7iKtqv/w4v/O0LgH78/OCtFfl +aZgTbZ+ery6gsD7XqgB+KVBa6Ez4+5W03Q3Ocgbu1tAn1rmu+VmcVRAje/mo1ltvz3TuLDvGa9Te +5Wpg4Do/OBYu0Dsb/tjVC3f4g14/bDhpK/PJkjqtUCArMSdQcpE1aOzxS4ROGPPX/BP8uLuWbGAG +UOqbjhmn3y5AiinpTCC5BgUSvdX7igGf11d/+rktPCUtor50vzPfJFzI837MxhiWEf9Dfm9L7cV0 +HDu+PBHF1CE0gF+TaSeEgLf3cUdQfty2tfrqA+SUi8vebdaOBIVrdQwIf0MFYdxKSpYqhFshwIkx +n84YYfYNM4J8V5qwnkGaVGITbVo1orebXFKCeDYSiN+yeuZld2vV5Zz8FaptZCU0CN+rTyIldIK0 +j81EDgYcUKvjyxOYUxbH6UsuXmi2vZgQfbDMyQ79p6K03JaQAeaDvOjQLl4FdE6HGA8O4uM2aJyL +pZOnVjdj47zcX0Ah8F2TZ6YH76fMW+Qi2/s2RsVKnGLVWhzpSICmi5igcgeRSRsurUwUYUWsDl2E +zUg6G+n2AJFaJQItSJwoiixxKgVaMiducsVJ+Sr12nUKH59AGaVyx+nmk3SIMtpigPZtlnv2MRHp +3Fn9zV24EkGi6NkVLgslKEe8UOcYZOEZybzbkSz/24fiTyRAnaIb1PLH+zkwiXvPuXoaW/qRD+28 +mlCtWlm7vCSu6zcNk9Dp3AuDAB5HC5ruS1uPHHLQb6QSTElmMlYXV5UnyxQDbUBPybQ9R+5WzCp9 +A8gKZ4W3qAEALsmK6DfDayEepkLSz/1jseeq31ZkVxzytbZuGNtbVJn241QH0E/QoxPUQCfV133Z +iNec7okJorscEM9m6EfGPhBi5D5Jm/Q8fOLz2iu399MiDKDZu9yt9qEV7mh7 +</body> +</html> + diff --git a/.github/h2spec.config b/.github/h2spec.config new file mode 100644 index 0000000..745a637 --- /dev/null +++ b/.github/h2spec.config @@ -0,0 +1,27 @@ +global + log stdout local0 + tune.ssl.default-dh-param 2048 + tune.ssl.capture-buffer-size 1 + +defaults + mode http + + timeout connect 5s + timeout client 30s + timeout client-fin 1s + timeout server 30s + timeout server-fin 1s + timeout http-request 10s + timeout http-keep-alive 300s + + option logasap + option http-buffer-request + +frontend h2 + mode http + bind 127.0.0.1:8443 ssl crt reg-tests/ssl/common.pem alpn h2,http/1.1 + default_backend h2 + +backend h2 + errorfile 200 .github/errorfile + http-request deny deny_status 200 diff --git a/.github/matrix.py b/.github/matrix.py new file mode 100755 index 0000000..856704d --- /dev/null +++ b/.github/matrix.py @@ -0,0 +1,269 @@ +#!/usr/bin/python3 + +# Copyright 2019 Ilya Shipitsin <chipitsine@gmail.com> +# Copyright 2020 Tim Duesterhus <tim@bastelstu.be> +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version +# 2 of the License, or (at your option) any later version. + +import functools +import json +import re +import sys +import urllib.request +from os import environ +from packaging import version + +# +# this CI is used for both development and stable branches of HAProxy +# +# naming convention used, if branch name matches: +# +# "haproxy-" - stable branches +# otherwise - development branch (i.e. "latest" ssl variants, "latest" github images) +# + +def clean_ssl(ssl): + return ssl.replace("_VERSION", "").lower() + +def get_all_github_tags(url): + headers = {} + if environ.get("GITHUB_TOKEN") is not None: + headers["Authorization"] = "token {}".format(environ.get("GITHUB_TOKEN")) + request = urllib.request.Request(url, headers=headers) + try: + tags = urllib.request.urlopen(request) + except: + return None + tags = json.loads(tags.read().decode("utf-8")) + return [tag['name'] for tag in tags] + +@functools.lru_cache(5) +def determine_latest_openssl(ssl): + tags = get_all_github_tags("https://api.github.com/repos/openssl/openssl/tags") + if not tags: + return "OPENSSL_VERSION=failed_to_detect" + latest_tag = "" + for tag in tags: + if "openssl-" in tag: + if (not latest_tag) or (version.parse(tag[8:]) > version.parse(latest_tag[8:])): + latest_tag = tag + return "OPENSSL_VERSION={}".format(latest_tag[8:]) + +def aws_lc_version_string_to_num(version_string): + return tuple(map(int, version_string[1:].split('.'))) + +def aws_lc_version_valid(version_string): + return re.match('^v[0-9]+(\.[0-9]+)*$', version_string) + +@functools.lru_cache(5) +def determine_latest_aws_lc(ssl): + tags = get_all_github_tags("https://api.github.com/repos/aws/aws-lc/tags") + if not tags: + return "AWS_LC_VERSION=failed_to_detect" + valid_tags = list(filter(aws_lc_version_valid, tags)) + latest_tag = max(valid_tags, key=aws_lc_version_string_to_num) + return "AWS_LC_VERSION={}".format(latest_tag[1:]) + +@functools.lru_cache(5) +def determine_latest_libressl(ssl): + try: + libressl_download_list = urllib.request.urlopen( + "https://cdn.openbsd.org/pub/OpenBSD/LibreSSL/" + ) + except: + return "LIBRESSL_VERSION=failed_to_detect" + for line in libressl_download_list.readlines(): + decoded_line = line.decode("utf-8") + if "libressl-" in decoded_line and ".tar.gz.asc" in decoded_line: + l = re.split("libressl-|.tar.gz.asc", decoded_line)[1] + return "LIBRESSL_VERSION={}".format(l) + + +def clean_compression(compression): + return compression.replace("USE_", "").lower() + + +def get_asan_flags(cc): + return [ + "USE_OBSOLETE_LINKER=1", + 'DEBUG_CFLAGS="-g -fsanitize=address"', + 'LDFLAGS="-fsanitize=address"', + 'CPU_CFLAGS.generic="-O1"', + ] + +def main(ref_name): + print("Generating matrix for branch '{}'.".format(ref_name)) + + matrix = [] + + # Ubuntu + + if "haproxy-" in ref_name: + os = "ubuntu-22.04" # stable branch + else: + os = "ubuntu-latest" # development branch + + TARGET = "linux-glibc" + for CC in ["gcc", "clang"]: + matrix.append( + { + "name": "{}, {}, no features".format(os, CC), + "os": os, + "TARGET": TARGET, + "CC": CC, + "FLAGS": [], + } + ) + + matrix.append( + { + "name": "{}, {}, all features".format(os, CC), + "os": os, + "TARGET": TARGET, + "CC": CC, + "FLAGS": [ + "USE_ZLIB=1", + "USE_OT=1", + "OT_INC=${HOME}/opt-ot/include", + "OT_LIB=${HOME}/opt-ot/lib", + "OT_RUNPATH=1", + "USE_PCRE=1", + "USE_PCRE_JIT=1", + "USE_LUA=1", + "USE_OPENSSL=1", + "USE_SYSTEMD=1", + "USE_WURFL=1", + "WURFL_INC=addons/wurfl/dummy", + "WURFL_LIB=addons/wurfl/dummy", + "USE_DEVICEATLAS=1", + "DEVICEATLAS_SRC=addons/deviceatlas/dummy", + "USE_PROMEX=1", + "USE_51DEGREES=1", + "51DEGREES_SRC=addons/51degrees/dummy/pattern", + ], + } + ) + + # ASAN + + matrix.append( + { + "name": "{}, {}, ASAN, all features".format(os, CC), + "os": os, + "TARGET": TARGET, + "CC": CC, + "FLAGS": get_asan_flags(CC) + + [ + "USE_ZLIB=1", + "USE_OT=1", + "OT_INC=${HOME}/opt-ot/include", + "OT_LIB=${HOME}/opt-ot/lib", + "OT_RUNPATH=1", + "USE_PCRE=1", + "USE_PCRE_JIT=1", + "USE_LUA=1", + "USE_OPENSSL=1", + "USE_SYSTEMD=1", + "USE_WURFL=1", + "WURFL_INC=addons/wurfl/dummy", + "WURFL_LIB=addons/wurfl/dummy", + "USE_DEVICEATLAS=1", + "DEVICEATLAS_SRC=addons/deviceatlas/dummy", + "USE_PROMEX=1", + "USE_51DEGREES=1", + "51DEGREES_SRC=addons/51degrees/dummy/pattern", + ], + } + ) + + for compression in ["USE_ZLIB=1"]: + matrix.append( + { + "name": "{}, {}, gz={}".format(os, CC, clean_compression(compression)), + "os": os, + "TARGET": TARGET, + "CC": CC, + "FLAGS": [compression], + } + ) + + ssl_versions = [ + "stock", + "OPENSSL_VERSION=1.0.2u", + "OPENSSL_VERSION=1.1.1s", + "QUICTLS=yes", + "WOLFSSL_VERSION=5.6.4", + "AWS_LC_VERSION=1.16.0", + # "BORINGSSL=yes", + ] + + if "haproxy-" not in ref_name: # development branch + ssl_versions = ssl_versions + [ + "OPENSSL_VERSION=latest", + "LIBRESSL_VERSION=latest", + ] + + for ssl in ssl_versions: + flags = ["USE_OPENSSL=1"] + if ssl == "BORINGSSL=yes" or ssl == "QUICTLS=yes" or "LIBRESSL" in ssl or "WOLFSSL" in ssl or "AWS_LC" in ssl: + flags.append("USE_QUIC=1") + if "WOLFSSL" in ssl: + flags.append("USE_OPENSSL_WOLFSSL=1") + if "AWS_LC" in ssl: + flags.append("USE_OPENSSL_AWSLC=1") + if ssl != "stock": + flags.append("SSL_LIB=${HOME}/opt/lib") + flags.append("SSL_INC=${HOME}/opt/include") + if "LIBRESSL" in ssl and "latest" in ssl: + ssl = determine_latest_libressl(ssl) + if "OPENSSL" in ssl and "latest" in ssl: + ssl = determine_latest_openssl(ssl) + + matrix.append( + { + "name": "{}, {}, ssl={}".format(os, CC, clean_ssl(ssl)), + "os": os, + "TARGET": TARGET, + "CC": CC, + "ssl": ssl, + "FLAGS": flags, + } + ) + + # macOS + + if "haproxy-" in ref_name: + os = "macos-12" # stable branch + else: + os = "macos-latest" # development branch + + TARGET = "osx" + for CC in ["clang"]: + matrix.append( + { + "name": "{}, {}, no features".format(os, CC), + "os": os, + "TARGET": TARGET, + "CC": CC, + "FLAGS": [], + } + ) + + # Print matrix + + print(json.dumps(matrix, indent=4, sort_keys=True)) + + if environ.get("GITHUB_OUTPUT") is not None: + with open(environ.get("GITHUB_OUTPUT"), "a") as f: + print("matrix={}".format(json.dumps({"include": matrix})), file=f) + +if __name__ == "__main__": + if len(sys.argv) == 2: + ref_name = sys.argv[1] + main(ref_name) + else: + print("Usage: {} <ref_name>".format(sys.argv[0]), file=sys.stderr) + sys.exit(1) diff --git a/.github/vtest.json b/.github/vtest.json new file mode 100644 index 0000000..8e8165c --- /dev/null +++ b/.github/vtest.json @@ -0,0 +1,14 @@ +{ + "problemMatcher": [ + { + "owner": "vtest", + "pattern": [ + { + "regexp": "^#(\\s+top\\s+TEST\\s+(.*)\\s+FAILED.*)", + "file": 2, + "message": 1 + } + ] + } + ] +} diff --git a/.github/workflows/aws-lc.yml b/.github/workflows/aws-lc.yml new file mode 100644 index 0000000..e590000 --- /dev/null +++ b/.github/workflows/aws-lc.yml @@ -0,0 +1,66 @@ +name: AWS-LC + +on: + schedule: + - cron: "0 0 * * 4" + workflow_dispatch: + +permissions: + contents: read + +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install VTest + run: | + scripts/build-vtest.sh + - name: Determine latest AWS-LC release + id: get_aws_lc_release + run: | + result=$(cd .github && python3 -c "from matrix import determine_latest_aws_lc; print(determine_latest_aws_lc(''))") + echo $result + echo "result=$result" >> $GITHUB_OUTPUT + - name: Cache AWS-LC + id: cache_aws_lc + uses: actions/cache@v4 + with: + path: '~/opt/' + key: ssl-${{ steps.get_aws_lc_release.outputs.result }}-Ubuntu-latest-gcc + - name: Install AWS-LC + if: ${{ steps.cache_ssl.outputs.cache-hit != 'true' }} + run: env ${{ steps.get_aws_lc_release.outputs.result }} scripts/build-ssl.sh + - name: Compile HAProxy + run: | + make -j$(nproc) CC=gcc TARGET=linux-glibc \ + USE_OPENSSL_AWSLC=1 USE_QUIC=1 \ + SSL_LIB=${HOME}/opt/lib SSL_INC=${HOME}/opt/include \ + DEBUG="-DDEBUG_STRICT -DDEBUG_MEMORY_POOLS -DDEBUG_POOL_INTEGRITY" \ + ADDLIB="-Wl,-rpath,/usr/local/lib/ -Wl,-rpath,$HOME/opt/lib/" + sudo make install + - name: Show HAProxy version + id: show-version + run: | + ldd $(which haproxy) + haproxy -vv + echo "version=$(haproxy -v |awk 'NR==1{print $3}')" >> $GITHUB_OUTPUT + - name: Install problem matcher for VTest + run: echo "::add-matcher::.github/vtest.json" + - name: Run VTest for HAProxy + id: vtest + run: | + # This is required for macOS which does not actually allow to increase + # the '-n' soft limit to the hard limit, thus failing to run. + ulimit -n 65536 + make reg-tests VTEST_PROGRAM=../vtest/vtest REGTESTS_TYPES=default,bug,devel + - name: Show VTest results + if: ${{ failure() && steps.vtest.outcome == 'failure' }} + run: | + for folder in ${TMPDIR}/haregtests-*/vtc.*; do + printf "::group::" + cat $folder/INFO + cat $folder/LOG + echo "::endgroup::" + done + exit 1 diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml new file mode 100644 index 0000000..3d66f29 --- /dev/null +++ b/.github/workflows/codespell.yml @@ -0,0 +1,20 @@ +name: Spelling Check + +on: + schedule: + - cron: "0 0 * * 2" + +permissions: + contents: read + +jobs: + codespell: + runs-on: ubuntu-latest + if: ${{ github.repository_owner == 'haproxy' }} + steps: + - uses: actions/checkout@v4 + - uses: codespell-project/codespell-problem-matcher@v1 + - uses: codespell-project/actions-codespell@master + with: + skip: CHANGELOG,Makefile,*.fig,*.pem,./doc/design-thoughts,./doc/internals + ignore_words_list: ist,ists,hist,wan,ca,cas,que,ans,te,nd,referer,ot,uint,iif,fo,keep-alives,dosen,ifset,thrid,strack,ba,chck,hel,unx,mor,clen diff --git a/.github/workflows/compliance.yml b/.github/workflows/compliance.yml new file mode 100644 index 0000000..caf9624 --- /dev/null +++ b/.github/workflows/compliance.yml @@ -0,0 +1,57 @@ + +name: Spec Compliance + +on: + schedule: + - cron: "0 0 * * 3" + +permissions: + contents: read + +jobs: + h2spec: + name: h2spec + runs-on: ${{ matrix.os }} + strategy: + matrix: + include: + - TARGET: linux-glibc + CC: gcc + os: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install h2spec + id: install-h2spec + run: | + H2SPEC_VERSION=`curl --silent "https://api.github.com/repos/summerwind/h2spec/releases/latest" | jq -r -j '.tag_name'` + curl -fsSL https://github.com/summerwind/h2spec/releases/download/${H2SPEC_VERSION}/h2spec_linux_amd64.tar.gz -o h2spec.tar.gz + tar xvf h2spec.tar.gz + sudo install -m755 h2spec /usr/local/bin/h2spec + echo "version=${H2SPEC_VERSION}" >> $GITHUB_OUTPUT + - name: Compile HAProxy with ${{ matrix.CC }} + run: | + make -j$(nproc) all \ + ERR=1 \ + TARGET=${{ matrix.TARGET }} \ + CC=${{ matrix.CC }} \ + DEBUG="-DDEBUG_STRICT -DDEBUG_MEMORY_POOLS -DDEBUG_POOL_INTEGRITY" \ + USE_OPENSSL=1 + sudo make install + - name: Show HAProxy version + id: show-version + run: | + echo "::group::Show dynamic libraries." + if command -v ldd > /dev/null; then + # Linux + ldd $(which haproxy) + else + # macOS + otool -L $(which haproxy) + fi + echo "::endgroup::" + haproxy -vv + echo "version=$(haproxy -v |awk 'NR==1{print $3}')" >> $GITHUB_OUTPUT + - name: Launch HAProxy ${{ steps.show-version.outputs.version }} + run: haproxy -f .github/h2spec.config -D + - name: Run h2spec ${{ steps.install-h2spec.outputs.version }} + run: h2spec -Svtk -h 127.0.0.1 -p 8443 diff --git a/.github/workflows/contrib.yml b/.github/workflows/contrib.yml new file mode 100644 index 0000000..4e14744 --- /dev/null +++ b/.github/workflows/contrib.yml @@ -0,0 +1,25 @@ +name: Contrib + +on: + push: + +permissions: + contents: read + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Compile admin/halog/halog + run: | + make admin/halog/halog + - name: Compile dev/flags/flags + run: | + make dev/flags/flags + - name: Compile dev/poll/poll + run: | + make dev/poll/poll + - name: Compile dev/hpack + run: | + make dev/hpack/decode dev/hpack/gen-enc dev/hpack/gen-rht diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml new file mode 100644 index 0000000..0b3c4af --- /dev/null +++ b/.github/workflows/coverity.yml @@ -0,0 +1,49 @@ + +# +# scan results: https://scan.coverity.com/projects/haproxy +# + +name: Coverity + +on: + schedule: + - cron: "0 0 * * *" + +permissions: + contents: read + +jobs: + scan: + runs-on: ubuntu-latest + if: ${{ github.repository_owner == 'haproxy' }} + steps: + - uses: actions/checkout@v4 + - name: Install apt dependencies + run: | + sudo apt-get update + sudo apt-get install -y \ + liblua5.3-dev \ + libsystemd-dev + - name: Install QUICTLS + run: | + QUICTLS=yes scripts/build-ssl.sh + - name: Download Coverity build tool + run: | + wget -c -N https://scan.coverity.com/download/linux64 --post-data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=Haproxy" -O coverity_tool.tar.gz + mkdir coverity_tool + tar xzf coverity_tool.tar.gz --strip 1 -C coverity_tool + - name: Build WURFL + run: make -C addons/wurfl/dummy + - name: Build with Coverity build tool + run: | + export PATH=`pwd`/coverity_tool/bin:$PATH + cov-build --dir cov-int make CC=clang TARGET=linux-glibc USE_ZLIB=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_LUA=1 USE_OPENSSL=1 USE_QUIC=1 USE_SYSTEMD=1 USE_WURFL=1 WURFL_INC=addons/wurfl/dummy WURFL_LIB=addons/wurfl/dummy USE_DEVICEATLAS=1 DEVICEATLAS_SRC=addons/deviceatlas/dummy USE_51DEGREES=1 51DEGREES_SRC=addons/51degrees/dummy/pattern ADDLIB=\"-Wl,-rpath,$HOME/opt/lib/\" SSL_LIB=${HOME}/opt/lib SSL_INC=${HOME}/opt/include DEBUG+=-DDEBUG_STRICT=1 DEBUG+=-DDEBUG_USE_ABORT=1 + - name: Submit build result to Coverity Scan + run: | + tar czvf cov.tar.gz cov-int + curl --form token=${{ secrets.COVERITY_SCAN_TOKEN }} \ + --form email=chipitsine@gmail.com \ + --form file=@cov.tar.gz \ + --form version="Commit $GITHUB_SHA" \ + --form description="Build submitted via CI" \ + https://scan.coverity.com/builds?project=Haproxy diff --git a/.github/workflows/cross-zoo.yml b/.github/workflows/cross-zoo.yml new file mode 100644 index 0000000..d9864e2 --- /dev/null +++ b/.github/workflows/cross-zoo.yml @@ -0,0 +1,110 @@ +# +# this is naamed "zoo" after OpenSSL "cross zoo pipeline" +# +name: Cross Compile + +on: + schedule: + - cron: "0 0 21 * *" + +permissions: + contents: read + +jobs: + cross-compilation: + strategy: + matrix: + platform: [ + { + arch: aarch64-linux-gnu, + libs: libc6-dev-arm64-cross, + target: linux-aarch64 + }, { + arch: alpha-linux-gnu, + libs: libc6.1-dev-alpha-cross, + target: linux-alpha-gcc + }, { + arch: arm-linux-gnueabi, + libs: libc6-dev-armel-cross, + target: linux-armv4 + }, { + arch: arm-linux-gnueabihf, + libs: libc6-dev-armhf-cross, + target: linux-armv4 + }, { + arch: hppa-linux-gnu, + libs: libc6-dev-hppa-cross, + target: -static linux-generic32 + }, { + arch: m68k-linux-gnu, + libs: libc6-dev-m68k-cross, + target: -static -m68040 linux-latomic + }, { + arch: mips-linux-gnu, + libs: libc6-dev-mips-cross, + target: -static linux-mips32 + }, { + arch: mips64-linux-gnuabi64, + libs: libc6-dev-mips64-cross, + target: -static linux64-mips64 + }, { + arch: mipsel-linux-gnu, + libs: libc6-dev-mipsel-cross, + target: linux-mips32 + }, { + arch: powerpc64le-linux-gnu, + libs: libc6-dev-ppc64el-cross, + target: linux-ppc64le + }, { + arch: riscv64-linux-gnu, + libs: libc6-dev-riscv64-cross, + target: linux64-riscv64 + }, { + arch: s390x-linux-gnu, + libs: libc6-dev-s390x-cross, + target: linux64-s390x + }, { + arch: sh4-linux-gnu, + libs: libc6-dev-sh4-cross, + target: no-async linux-latomic + }, { + arch: hppa-linux-gnu, + libs: libc6-dev-hppa-cross, + target: linux-generic32, + }, { + arch: m68k-linux-gnu, + libs: libc6-dev-m68k-cross, + target: -mcfv4e linux-latomic + }, { + arch: mips-linux-gnu, + libs: libc6-dev-mips-cross, + target: linux-mips32 + }, { + arch: mips64-linux-gnuabi64, + libs: libc6-dev-mips64-cross, + target: linux64-mips64 + }, { + arch: sparc64-linux-gnu, + libs: libc6-dev-sparc64-cross, + target: linux64-sparcv9 + } + ] + runs-on: ubuntu-latest + steps: + - name: install packages + run: | + sudo apt-get update + sudo apt-get -yq --force-yes install \ + gcc-${{ matrix.platform.arch }} \ + ${{ matrix.platform.libs }} + - uses: actions/checkout@v4 + + + - name: install quictls + run: | + QUICTLS_EXTRA_ARGS="--cross-compile-prefix=${{ matrix.platform.arch }}- ${{ matrix.platform.target }}" QUICTLS=yes scripts/build-ssl.sh + + - name: Build + run: | + make ERR=1 CC=${{ matrix.platform.arch }}-gcc TARGET=linux-glibc USE_LIBCRYPT= USE_OPENSSL=1 USE_QUIC=1 USE_PROMEX=1 SSL_LIB=${HOME}/opt/lib SSL_INC=${HOME}/opt/include ADDLIB="-Wl,-rpath,${HOME}/opt/lib" + diff --git a/.github/workflows/fedora-rawhide.yml b/.github/workflows/fedora-rawhide.yml new file mode 100644 index 0000000..8f25781 --- /dev/null +++ b/.github/workflows/fedora-rawhide.yml @@ -0,0 +1,58 @@ +name: Fedora/Rawhide/QuicTLS + +on: + schedule: + - cron: "0 0 25 * *" + +permissions: + contents: read + +jobs: + build_and_test: + strategy: + matrix: + cc: [ gcc, clang ] + name: ${{ matrix.cc }} + runs-on: ubuntu-latest + container: + image: fedora:rawhide + steps: + - uses: actions/checkout@v4 + - name: Install dependencies + run: | + dnf -y install git pcre-devel zlib-devel pcre2-devel 'perl(FindBin)' perl-IPC-Cmd 'perl(File::Copy)' 'perl(File::Compare)' lua-devel socat findutils systemd-devel clang + - name: Install VTest + run: scripts/build-vtest.sh + - name: Install QuicTLS + run: QUICTLS=yes scripts/build-ssl.sh + - name: Build contrib tools + run: | + make admin/halog/halog + make dev/flags/flags + make dev/poll/poll + make dev/hpack/decode dev/hpack/gen-enc dev/hpack/gen-rht + - name: Compile HAProxy with ${{ matrix.cc }} + run: | + make -j3 CC=${{ matrix.cc }} V=1 ERR=1 TARGET=linux-glibc USE_OPENSSL=1 USE_QUIC=1 USE_ZLIB=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_LUA=1 USE_SYSTEMD=1 ADDLIB="-Wl,-rpath,${HOME}/opt/lib" SSL_LIB=${HOME}/opt/lib SSL_INC=${HOME}/opt/include + make install + - name: Show HAProxy version + id: show-version + run: | + echo "::group::Show dynamic libraries." + ldd $(command -v haproxy) + echo "::endgroup::" + haproxy -vv + echo "version=$(haproxy -v |awk 'NR==1{print $3}')" >> $GITHUB_OUTPUT + - name: Run VTest for HAProxy ${{ steps.show-version.outputs.version }} + id: vtest + run: | + make reg-tests VTEST_PROGRAM=../vtest/vtest REGTESTS_TYPES=default,bug,devel + - name: Show VTest results + if: ${{ failure() && steps.vtest.outcome == 'failure' }} + run: | + for folder in ${TMPDIR}/haregtests-*/vtc.*; do + printf "::group::" + cat $folder/INFO + cat $folder/LOG + echo "::endgroup::" + done diff --git a/.github/workflows/musl.yml b/.github/workflows/musl.yml new file mode 100644 index 0000000..930a22e --- /dev/null +++ b/.github/workflows/musl.yml @@ -0,0 +1,62 @@ +name: alpine/musl + +on: + push: + +permissions: + contents: read + +jobs: + musl: + name: gcc + runs-on: ubuntu-latest + container: + image: alpine:latest + options: --privileged --ulimit core=-1 --security-opt seccomp=unconfined + volumes: + - /tmp/core:/tmp/core + steps: + - name: Setup coredumps + run: | + ulimit -c unlimited + echo '/tmp/core/core.%h.%e.%t' > /proc/sys/kernel/core_pattern + - uses: actions/checkout@v4 + - name: Install dependencies + run: apk add gcc gdb make tar git python3 libc-dev linux-headers pcre-dev pcre2-dev openssl-dev lua5.3-dev grep socat curl musl-dbg lua5.3-dbg + - name: Install VTest + run: scripts/build-vtest.sh + - name: Build + run: make -j$(nproc) TARGET=linux-musl DEBUG_CFLAGS='-ggdb3' CC=cc V=1 USE_LUA=1 LUA_INC=/usr/include/lua5.3 LUA_LIB=/usr/lib/lua5.3 USE_OPENSSL=1 USE_PCRE2=1 USE_PCRE2_JIT=1 USE_PROMEX=1 + - name: Show version + run: ./haproxy -vv + - name: Show linked libraries + run: ldd haproxy + - name: Install problem matcher for VTest + # This allows one to more easily see which tests fail. + run: echo "::add-matcher::.github/vtest.json" + - name: Run VTest + id: vtest + run: make reg-tests VTEST_PROGRAM=../vtest/vtest REGTESTS_TYPES=default,bug,devel + - name: Show coredumps + if: ${{ failure() && steps.vtest.outcome == 'failure' }} + run: | + failed=false + ls /tmp/core/ + for file in /tmp/core/core.*; do + failed=true + printf "::group::" + gdb -ex 'thread apply all bt full' ./haproxy $file + echo "::endgroup::" + done + if [ "$failed" = true ]; then + exit 1; + fi + - name: Show results + if: ${{ failure() }} + run: | + for folder in /tmp/haregtests-*/vtc.*; do + printf "::group::" + cat $folder/INFO + cat $folder/LOG + echo "::endgroup::" + done diff --git a/.github/workflows/openssl-nodeprecated.yml b/.github/workflows/openssl-nodeprecated.yml new file mode 100644 index 0000000..a04c6cb --- /dev/null +++ b/.github/workflows/openssl-nodeprecated.yml @@ -0,0 +1,33 @@ +# +# special purpose CI: test against OpenSSL built in "no-deprecated" mode +# let us run those builds weekly +# +# for example, OpenWRT uses such OpenSSL builds (those builds are smaller) +# +# +# some details might be found at NL: https://www.mail-archive.com/haproxy@formilux.org/msg35759.html +# GH: https://github.com/haproxy/haproxy/issues/367 + +name: openssl no-deprecated + +on: + schedule: + - cron: "0 0 * * 4" + +permissions: + contents: read + +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install VTest + run: | + scripts/build-vtest.sh + - name: Compile HAProxy + run: | + make DEFINE="-DOPENSSL_API_COMPAT=0x10100000L -DOPENSSL_NO_DEPRECATED" -j3 CC=gcc ERR=1 TARGET=linux-glibc USE_OPENSSL=1 + - name: Run VTest + run: | + make reg-tests VTEST_PROGRAM=../vtest/vtest REGTESTS_TYPES=default,bug,devel diff --git a/.github/workflows/vtest.yml b/.github/workflows/vtest.yml new file mode 100644 index 0000000..7b5254b --- /dev/null +++ b/.github/workflows/vtest.yml @@ -0,0 +1,162 @@ +# Copyright 2019 Ilya Shipitsin <chipitsine@gmail.com> +# Copyright 2020 Tim Duesterhus <tim@bastelstu.be> +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version +# 2 of the License, or (at your option) any later version. + +name: VTest + +on: + push: + +permissions: + contents: read + +jobs: + # The generate-matrix job generates the build matrix using JSON output + # generated by .github/matrix.py. + generate-matrix: + name: Generate Build Matrix + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.set-matrix.outputs.matrix }} + steps: + - uses: actions/checkout@v4 + - name: Generate Build Matrix + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + id: set-matrix + run: python3 .github/matrix.py "${{ github.ref_name }}" + + # The Test job actually runs the tests. + Test: + name: ${{ matrix.name }} + needs: generate-matrix + runs-on: ${{ matrix.os }} + strategy: + matrix: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} + fail-fast: false + env: + # Configure a short TMPDIR to prevent failures due to long unix socket + # paths. + TMPDIR: /tmp + # Force ASAN output into asan.log to make the output more readable. + ASAN_OPTIONS: log_path=asan.log + OT_CPP_VERSION: 1.6.0 + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 100 +# +# Github Action cache key cannot contain comma, so we calculate it based on job name +# + - name: Generate cache key + id: generate-cache-key + run: | + echo "key=$(echo ${{ matrix.name }} | sha256sum | awk '{print $1}')" >> $GITHUB_OUTPUT + + - name: Cache SSL libs + if: ${{ matrix.ssl && matrix.ssl != 'stock' && matrix.ssl != 'BORINGSSL=yes' && matrix.ssl != 'QUICTLS=yes' }} + id: cache_ssl + uses: actions/cache@v4 + with: + path: '~/opt/' + key: ssl-${{ steps.generate-cache-key.outputs.key }} + + - name: Cache OpenTracing + if: ${{ contains(matrix.FLAGS, 'USE_OT=1') }} + id: cache_ot + uses: actions/cache@v4 + with: + path: '~/opt-ot/' + key: ot-${{ matrix.CC }}-${{ env.OT_CPP_VERSION }}-${{ contains(matrix.name, 'ASAN') }} + - name: Install apt dependencies + if: ${{ startsWith(matrix.os, 'ubuntu-') }} + run: | + sudo apt-get update + sudo apt-get install -y \ + liblua5.3-dev \ + libpcre2-dev \ + libsystemd-dev \ + ninja-build \ + socat + - name: Install brew dependencies + if: ${{ startsWith(matrix.os, 'macos-') }} + run: | + brew install socat + brew install lua + - name: Install VTest + run: | + scripts/build-vtest.sh + - name: Install SSL ${{ matrix.ssl }} + if: ${{ matrix.ssl && matrix.ssl != 'stock' && steps.cache_ssl.outputs.cache-hit != 'true' }} + run: env ${{ matrix.ssl }} scripts/build-ssl.sh + - name: Install OpenTracing libs + if: ${{ contains(matrix.FLAGS, 'USE_OT=1') && steps.cache_ot.outputs.cache-hit != 'true' }} + run: | + OT_PREFIX=${HOME}/opt-ot scripts/build-ot.sh + - name: Build WURFL + if: ${{ contains(matrix.FLAGS, 'USE_WURFL=1') }} + run: make -C addons/wurfl/dummy + - name: Compile HAProxy with ${{ matrix.CC }} + run: | + echo "::group::Show compiler's version" + echo | ${{ matrix.CC }} -v + echo "::endgroup::" + echo "::group::Show platform specific defines" + echo | ${{ matrix.CC }} -dM -xc -E - + echo "::endgroup::" + make -j$(nproc) all \ + ERR=1 \ + TARGET=${{ matrix.TARGET }} \ + CC=${{ matrix.CC }} \ + DEBUG="-DDEBUG_STRICT -DDEBUG_MEMORY_POOLS -DDEBUG_POOL_INTEGRITY" \ + ${{ join(matrix.FLAGS, ' ') }} \ + ADDLIB="-Wl,-rpath,/usr/local/lib/ -Wl,-rpath,$HOME/opt/lib/" + sudo make install + - name: Show HAProxy version + id: show-version + run: | + echo "::group::Show dynamic libraries." + if command -v ldd > /dev/null; then + # Linux + ldd $(which haproxy) + else + # macOS + otool -L $(which haproxy) + fi + echo "::endgroup::" + haproxy -vv + echo "version=$(haproxy -v |awk 'NR==1{print $3}')" >> $GITHUB_OUTPUT + - name: Install problem matcher for VTest + # This allows one to more easily see which tests fail. + run: echo "::add-matcher::.github/vtest.json" + - name: Run VTest for HAProxy ${{ steps.show-version.outputs.version }} + id: vtest + run: | + # This is required for macOS which does not actually allow to increase + # the '-n' soft limit to the hard limit, thus failing to run. + ulimit -n 65536 + make reg-tests VTEST_PROGRAM=../vtest/vtest REGTESTS_TYPES=default,bug,devel + - name: Config syntax check memleak smoke testing + if: ${{ contains(matrix.name, 'ASAN') }} + run: | + ./haproxy -f .github/h2spec.config -c + - name: Show VTest results + if: ${{ failure() && steps.vtest.outcome == 'failure' }} + run: | + for folder in ${TMPDIR}/haregtests-*/vtc.*; do + printf "::group::" + cat $folder/INFO + cat $folder/LOG + echo "::endgroup::" + done + shopt -s nullglob + for asan in asan.log*; do + echo "::group::$asan" + cat $asan + echo "::endgroup::" + done + exit 1 diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml new file mode 100644 index 0000000..b020d7c --- /dev/null +++ b/.github/workflows/windows.yml @@ -0,0 +1,67 @@ +# Copyright 2019 Ilya Shipitsin <chipitsine@gmail.com> +# Copyright 2020 Tim Duesterhus <tim@bastelstu.be> +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version +# 2 of the License, or (at your option) any later version. + +name: Windows + +on: + push: + +permissions: + contents: read + +jobs: + msys2: + name: ${{ matrix.name }} + runs-on: ${{ matrix.os }} + defaults: + run: + shell: msys2 {0} + strategy: + matrix: + include: + - name: "Windows, gcc, all features" + TARGET: cygwin + CC: gcc + os: windows-latest + FLAGS: + - USE_OPENSSL=1 + - USE_PCRE=1 + - USE_PCRE_JIT=1 + - USE_THREAD=1 + - USE_ZLIB=1 + steps: + - uses: actions/checkout@v4 + - uses: msys2/setup-msys2@v2 + with: + install: >- + coreutils + curl + diffutils + gawk + gcc + make + tar + openssl-devel + pcre-devel + zlib-devel + - name: Compile HAProxy with ${{ matrix.CC }} + run: | + echo "::group::Show platform specific defines" + echo | ${{ matrix.CC }} -dM -xc -E - + echo "::endgroup::" + make -j$(nproc) all \ + ERR=1 \ + TARGET=${{ matrix.TARGET }} \ + CC=${{ matrix.CC }} \ + DEBUG="-DDEBUG_STRICT -DDEBUG_MEMORY_POOLS -DDEBUG_POOL_INTEGRITY" \ + ${{ join(matrix.FLAGS, ' ') }} + - name: Show HAProxy version + id: show-version + run: | + ./haproxy -vv + echo "version=$(./haproxy -v |awk 'NR==1{print $3}')" >> $GITHUB_OUTPUT |