mbedtls: support TLS 1.3 #15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright (C) Daniel Stenberg, <[email protected]>, et al. | |
# | |
# SPDX-License-Identifier: curl | |
name: ngtcp2-linux | |
on: | |
push: | |
branches: | |
- master | |
- '*/ci' | |
paths-ignore: | |
- '**/*.md' | |
- '**/CMakeLists.txt' | |
- '.azure-pipelines.yml' | |
- '.circleci/**' | |
- '.cirrus.yml' | |
- 'appveyor.*' | |
- 'CMake/**' | |
- 'packages/**' | |
- 'plan9/**' | |
- 'projects/**' | |
- 'winbuild/**' | |
pull_request: | |
branches: | |
- master | |
paths-ignore: | |
- '**/*.md' | |
- '**/CMakeLists.txt' | |
- '.azure-pipelines.yml' | |
- '.circleci/**' | |
- '.cirrus.yml' | |
- 'appveyor.*' | |
- 'CMake/**' | |
- 'packages/**' | |
- 'plan9/**' | |
- 'projects/**' | |
- 'winbuild/**' | |
concurrency: | |
# Hardcoded workflow filename as workflow name above is just Linux again | |
group: ngtcp2-${{ github.event.pull_request.number || github.sha }} | |
cancel-in-progress: true | |
permissions: {} | |
env: | |
MAKEFLAGS: -j 3 | |
quictls-version: 3.1.4+quic | |
gnutls-version: 3.8.3 | |
wolfssl-version: master | |
nghttp3-version: v1.2.0 | |
ngtcp2-version: v1.4.0 | |
nghttp2-version: v1.61.0 | |
mod_h2-version: v2.0.27 | |
jobs: | |
autotools: | |
name: ${{ matrix.build.name }} | |
runs-on: 'ubuntu-latest' | |
timeout-minutes: 60 | |
strategy: | |
fail-fast: false | |
matrix: | |
build: | |
- name: quictls | |
configure: >- | |
PKG_CONFIG_PATH="$HOME/nghttpx/lib/pkgconfig" LDFLAGS="-Wl,-rpath,$HOME/nghttpx/lib" | |
--with-ngtcp2=$HOME/nghttpx --enable-warnings --enable-werror --enable-debug --disable-ntlm | |
--with-test-nghttpx="$HOME/nghttpx/bin/nghttpx" | |
--with-openssl=$HOME/nghttpx | |
- name: gnutls | |
configure: >- | |
PKG_CONFIG_PATH="$HOME/nghttpx/lib/pkgconfig" LDFLAGS="-Wl,-rpath,$HOME/nghttpx/lib" | |
--with-ngtcp2=$HOME/nghttpx --enable-warnings --enable-werror --enable-debug | |
--with-test-nghttpx="$HOME/nghttpx/bin/nghttpx" | |
--with-gnutls=$HOME/nghttpx | |
- name: wolfssl | |
configure: >- | |
PKG_CONFIG_PATH="$HOME/nghttpx/lib/pkgconfig" LDFLAGS="-Wl,-rpath,$HOME/nghttpx/lib" | |
--with-ngtcp2=$HOME/nghttpx --enable-warnings --enable-werror --enable-debug | |
--with-test-nghttpx="$HOME/nghttpx/bin/nghttpx" | |
--with-wolfssl=$HOME/nghttpx | |
steps: | |
- run: | | |
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list | |
sudo apt-get update | |
sudo apt-get install libtool autoconf automake pkg-config stunnel4 \ | |
libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \ | |
nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \ | |
libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ | |
texinfo texlive texlive-extra-utils autopoint libev-dev \ | |
apache2 apache2-dev libnghttp2-dev | |
name: 'install prereqs and impacket, pytest, crypto, apache2' | |
- name: cache quictls | |
uses: actions/cache@v4 | |
id: cache-quictls-no-deprecated | |
env: | |
cache-name: cache-quictls-no-deprecated | |
with: | |
path: /home/runner/quictls | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.quictls-version }} | |
- if: steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' | |
run: | | |
cd $HOME | |
git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }} https://github.com/quictls/openssl quictls | |
cd quictls | |
./config no-deprecated --prefix=$HOME/nghttpx --libdir=$HOME/nghttpx/lib | |
make | |
name: 'build quictls' | |
- run: | | |
cd $HOME/quictls | |
make -j1 install_sw | |
name: 'install quictls' | |
- name: cache gnutls | |
uses: actions/cache@v4 | |
id: cache-gnutls | |
env: | |
cache-name: cache-gnutls | |
with: | |
path: /home/runner/gnutls | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.gnutls-version }} | |
- if: steps.cache-gnutls.outputs.cache-hit != 'true' | |
run: | | |
cd $HOME | |
git clone --quiet --depth=1 -b ${{ env.gnutls-version }} https://github.com/gnutls/gnutls.git | |
cd gnutls | |
./bootstrap | |
./configure --prefix=$HOME/nghttpx \ | |
PKG_CONFIG_PATH="$HOME/nghttpx/lib/pkgconfig" LDFLAGS="-Wl,-rpath,$HOME/nghttpx/lib -L$HOME/nghttpx/lib" \ | |
--with-included-libtasn1 --with-included-unistring \ | |
--disable-guile --disable-doc --disable-tests --disable-tools | |
make | |
name: 'build gnutls' | |
- run: | | |
cd $HOME/gnutls | |
make install | |
name: 'install gnutls' | |
- name: cache wolfssl | |
uses: actions/cache@v4 | |
id: cache-wolfssl | |
env: | |
cache-name: cache-wolfssl | |
with: | |
path: /home/runner/wolfssl | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.wolfssl-version }} | |
- if: steps.cache-wolfssl.outputs.cache-hit != 'true' || ${{ env.wolfssl-version }} == 'master' | |
run: | | |
cd $HOME | |
rm -rf wolfssl | |
git clone --quiet --depth=1 -b ${{ env.wolfssl-version }} https://github.com/wolfSSL/wolfssl.git | |
cd wolfssl | |
./autogen.sh | |
./configure --enable-all --enable-quic --prefix=$HOME/nghttpx | |
make | |
name: 'build wolfssl' | |
- run: | | |
cd $HOME/wolfssl | |
make install | |
name: 'install wolfssl' | |
- name: cache nghttp3 | |
uses: actions/cache@v4 | |
id: cache-nghttp3 | |
env: | |
cache-name: cache-nghttp3 | |
with: | |
path: /home/runner/nghttp3 | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.nghttp3-version }} | |
- if: steps.cache-nghttp3.outputs.cache-hit != 'true' | |
run: | | |
cd $HOME | |
git clone --quiet --depth=1 -b ${{ env.nghttp3-version }} https://github.com/ngtcp2/nghttp3 | |
cd nghttp3 | |
git submodule update --init | |
autoreconf -fi | |
./configure --prefix=$HOME/nghttpx PKG_CONFIG_PATH="$HOME/nghttpx/lib/pkgconfig" --enable-lib-only | |
make | |
name: 'build nghttp3' | |
- run: | | |
cd $HOME/nghttp3 | |
make install | |
name: 'install nghttp3' | |
# depends on all other cached libs built so far | |
- run: | | |
git clone --quiet --depth=1 -b ${{ env.ngtcp2-version }} https://github.com/ngtcp2/ngtcp2 | |
cd ngtcp2 | |
autoreconf -fi | |
./configure --prefix=$HOME/nghttpx PKG_CONFIG_PATH="$HOME/nghttpx/lib/pkgconfig" --enable-lib-only --with-openssl --with-gnutls --with-wolfssl | |
make install | |
name: 'install ngtcp2' | |
# depends on all other cached libs built so far | |
- run: | | |
git clone --quiet --depth=1 -b ${{ env.nghttp2-version }} https://github.com/nghttp2/nghttp2 | |
cd nghttp2 | |
autoreconf -fi | |
./configure --prefix=$HOME/nghttpx PKG_CONFIG_PATH="$HOME/nghttpx/lib/pkgconfig" --enable-http3 | |
make install | |
name: 'install nghttp2' | |
- name: cache mod_h2 | |
uses: actions/cache@v4 | |
id: cache-mod_h2 | |
env: | |
cache-name: cache-mod_h2 | |
with: | |
path: /home/runner/mod_h2 | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.mod_h2-version }} | |
- if: steps.cache-mod_h2.outputs.cache-hit != 'true' | |
run: | | |
cd $HOME | |
git clone --quiet --depth=1 -b ${{ env.mod_h2-version }} https://github.com/icing/mod_h2 | |
cd mod_h2 | |
autoreconf -fi | |
./configure | |
make | |
name: 'build mod_h2' | |
- run: | | |
cd $HOME/mod_h2 | |
sudo make install | |
name: 'install mod_h2' | |
- uses: actions/checkout@v4 | |
- run: | | |
sudo python3 -m pip install -r tests/requirements.txt -r tests/http/requirements.txt | |
name: 'install python test prereqs' | |
- run: autoreconf -fi | |
name: 'autoreconf' | |
- run: ./configure ${{ matrix.build.configure }} | |
name: 'configure' | |
- run: make V=1 | |
name: 'make' | |
- run: make V=1 examples | |
name: 'make examples' | |
- run: make V=1 -C tests | |
name: 'make tests' | |
- run: make V=1 test-ci | |
name: 'run tests' | |
env: | |
TFLAGS: "${{ matrix.build.tflags }}" | |
- run: pytest -v tests | |
name: 'run pytest' | |
env: | |
TFLAGS: "${{ matrix.build.tflags }}" | |
CURL_CI: github |