hostap.yml 10 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294
  1. name: hostap and wpa-supplicant Tests
  2. # START OF COMMON SECTION
  3. on:
  4. push:
  5. branches: [ 'master', 'main', 'release/**' ]
  6. pull_request:
  7. branches: [ '*' ]
  8. concurrency:
  9. group: ${{ github.workflow }}-${{ github.ref }}
  10. cancel-in-progress: true
  11. # END OF COMMON SECTION
  12. jobs:
  13. build_wolfssl:
  14. strategy:
  15. matrix:
  16. include:
  17. - build_id: hostap-build1
  18. wolf_extra_config: --disable-tls13
  19. - build_id: hostap-build2
  20. wolf_extra_config: --enable-brainpool --enable-wpas-dpp
  21. name: Build wolfSSL
  22. if: github.repository_owner == 'wolfssl'
  23. # Just to keep it the same as the testing target
  24. runs-on: ubuntu-20.04
  25. # This should be a safe limit for the tests to run.
  26. timeout-minutes: 4
  27. steps:
  28. # No way to view the full strategy in the browser (really weird)
  29. - name: Print strategy
  30. run: |
  31. cat <<EOF
  32. ${{ toJSON(matrix) }}
  33. EOF
  34. - if: ${{ runner.debug }}
  35. name: Enable wolfSSL debug logging
  36. run: |
  37. echo "wolf_debug_flags=--enable-debug" >> $GITHUB_ENV
  38. - name: Build wolfSSL
  39. uses: wolfSSL/actions-build-autotools-project@v1
  40. with:
  41. path: wolfssl
  42. configure: >-
  43. --enable-wpas CFLAGS=-DWOLFSSL_STATIC_RSA
  44. ${{ env.wolf_debug_flags }} ${{ matrix.wolf_extra_config }}
  45. install: true
  46. - name: Upload built lib
  47. uses: actions/upload-artifact@v4
  48. with:
  49. name: ${{ matrix.build_id }}
  50. path: build-dir
  51. retention-days: 5
  52. # Build wpa_supplicant with wolfSSL and hostapd with OpenSSL and interop.
  53. hostap_test:
  54. strategy:
  55. fail-fast: false
  56. matrix:
  57. # should hostapd be compiled with wolfssl
  58. hostapd: [true, false]
  59. # should wpa_supplicant be compiled with wolfssl
  60. wpa_supplicant: [true, false]
  61. # Fix the versions of hostap and osp to not break testing when a new
  62. # patch is added in to osp. hostap_cherry_pick is used to apply the
  63. # commit that updates the certificates used for testing. Tests are read
  64. # from the corresponding configs/hostap_ref/tests file.
  65. config: [
  66. {
  67. hostap_ref: hostap_2_10,
  68. hostap_cherry_pick: 36fcbb1a4ee4aa604f15079eae2ffa4fe7f44680,
  69. remove_teap: true,
  70. # TLS 1.3 does not work for this version
  71. build_id: hostap-build1,
  72. },
  73. # Test the dpp patch
  74. {
  75. hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb,
  76. hostap_cherry_pick: 36fcbb1a4ee4aa604f15079eae2ffa4fe7f44680,
  77. osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446,
  78. build_id: hostap-build2
  79. },
  80. ]
  81. # parallelize the tests to be able to run all tests within 10 minutes
  82. # Update the <total server> in the ./run-tests.py step when changing.
  83. server: [1, 2, 3, 4, 5]
  84. exclude:
  85. # don't test openssl on both sides
  86. - hostapd: false
  87. wpa_supplicant: false
  88. # no hostapd support for dpp yet
  89. - hostapd: true
  90. config: {
  91. hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb,
  92. osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446,
  93. build_id: hostap-build2
  94. }
  95. name: hwsim test
  96. if: github.repository_owner == 'wolfssl'
  97. # For openssl 1.1
  98. runs-on: ubuntu-20.04
  99. # This should be a safe limit for the tests to run.
  100. timeout-minutes: 12
  101. needs: build_wolfssl
  102. steps:
  103. # No way to view the full strategy in the browser (really weird)
  104. - name: Print strategy
  105. run: |
  106. cat <<EOF
  107. ${{ toJSON(matrix) }}
  108. EOF
  109. - name: Print computed job run ID
  110. run: |
  111. SHA_SUM=$(sha256sum << 'END_OF_HEREDOC' | cut -d " " -f 1
  112. ${{ toJSON(github) }}
  113. END_OF_HEREDOC
  114. )
  115. echo "our_job_run_id=$SHA_SUM" >> $GITHUB_ENV
  116. echo Our job run ID is $SHA_SUM
  117. - name: Checkout wolfSSL
  118. uses: actions/checkout@v4
  119. with:
  120. path: wolfssl
  121. - name: Install dependencies
  122. run: |
  123. # Don't prompt for anything
  124. export DEBIAN_FRONTEND=noninteractive
  125. sudo apt-get update
  126. # hostap dependencies
  127. sudo apt-get install -y libpcap0.8 libpcap-dev curl libcurl4-openssl-dev \
  128. libnl-3-dev binutils-dev libssl-dev libiberty-dev libnl-genl-3-dev \
  129. libnl-route-3-dev libdbus-1-dev linux-modules-extra-`uname -r` \
  130. bridge-utils
  131. sudo pip3 install pycryptodome
  132. - name: Enable mac80211
  133. run: |
  134. sudo modprobe mac80211
  135. lsmod | grep mac80211
  136. - if: ${{ runner.debug }}
  137. name: Enable hostap debug logging
  138. run: |
  139. echo "hostap_debug_flags=-d" >> $GITHUB_ENV
  140. - name: Download lib
  141. uses: actions/download-artifact@v4
  142. with:
  143. name: ${{ matrix.config.build_id }}
  144. path: build-dir
  145. - name: Setup d-bus
  146. working-directory: wolfssl/.github/workflows/hostap-files
  147. run: |
  148. sudo cp dbus-wpa_supplicant.conf /usr/share/dbus-1/system.d/wpa_supplicant.conf
  149. sudo service dbus reload
  150. # This is super hack-ish :P
  151. # If you are trying to reproduce this on a more generic system, you can
  152. # just run `sudo apt install linux-modules-extra-$(uname -r)` and
  153. # this should have the module in the package. No need to compile it.
  154. - name: Compile and install mac80211_hwsim
  155. working-directory: wolfssl/.github/workflows/hostap-files
  156. run: |
  157. # The tag will be the first two numbers of from uname -r
  158. LINUX_TAG=$(uname -r | grep -oP '^\d+\.\d+')
  159. # Download the correct version of the driver
  160. wget https://raw.githubusercontent.com/torvalds/linux/v$LINUX_TAG/drivers/net/wireless/mac80211_hwsim.c
  161. wget https://raw.githubusercontent.com/torvalds/linux/v$LINUX_TAG/drivers/net/wireless/mac80211_hwsim.h
  162. make
  163. sudo make install
  164. sudo modprobe mac80211_hwsim
  165. lsmod | grep mac80211_hwsim
  166. sudo rmmod mac80211_hwsim
  167. - name: Checkout hostap
  168. uses: actions/checkout@v4
  169. with:
  170. repository: julek-wolfssl/hostap-mirror
  171. path: hostap
  172. ref: ${{ matrix.config.hostap_ref }}
  173. # necessary for cherry pick step
  174. fetch-depth: 0
  175. - if: ${{ matrix.config.hostap_cherry_pick }}
  176. name: Cherry pick certificate update
  177. working-directory: hostap
  178. run: git cherry-pick -n -X theirs ${{ matrix.config.hostap_cherry_pick }}
  179. - if: ${{ matrix.config.osp_ref }}
  180. name: Checkout OSP
  181. uses: actions/checkout@v4
  182. with:
  183. repository: wolfssl/osp
  184. path: osp
  185. ref: ${{ matrix.config.osp_ref }}
  186. - if: ${{ matrix.config.osp_ref }}
  187. name: Apply patch files
  188. working-directory: hostap
  189. run: |
  190. for f in $GITHUB_WORKSPACE/osp/hostap-patches/pending/*
  191. do
  192. patch -p1 < $f
  193. done
  194. - if: ${{ matrix.hostapd }}
  195. name: Setup hostapd config file
  196. run: |
  197. cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/hostapd.config \
  198. hostap/hostapd/.config
  199. cat <<EOF >> hostap/hostapd/.config
  200. CFLAGS += -I$GITHUB_WORKSPACE/build-dir/include -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
  201. LIBS += -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
  202. EOF
  203. - if: ${{ matrix.wpa_supplicant }}
  204. name: Setup wpa_supplicant config file
  205. run: |
  206. cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/wpa_supplicant.config \
  207. hostap/wpa_supplicant/.config
  208. cat <<EOF >> hostap/wpa_supplicant/.config
  209. CFLAGS += -I$GITHUB_WORKSPACE/build-dir/include -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
  210. LIBS += -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
  211. EOF
  212. - name: Build hostap
  213. working-directory: hostap/tests/hwsim/
  214. run: ./build.sh
  215. - if: ${{ matrix.hostapd }}
  216. name: Confirm hostapd linking with wolfSSL
  217. run: ldd hostap/hostapd/hostapd | grep wolfssl
  218. - if: ${{ matrix.wpa_supplicant }}
  219. name: Confirm wpa_supplicant linking with wolfSSL
  220. run: ldd hostap/wpa_supplicant/wpa_supplicant | grep wolfssl
  221. - if: ${{ matrix.config.remove_teap }}
  222. name: Remove EAP-TEAP from test configuration
  223. working-directory: hostap/tests/hwsim/auth_serv
  224. run: |
  225. sed -e 's/"erp-teap@example.com"\tTEAP//' -i eap_user.conf
  226. sed -e 's/"erp-teap@example.com"\tMSCHAPV2\t"password"\t\[2\]//' -i eap_user.conf
  227. sed -e 's/"TEAP"\t\tTEAP//' -i eap_user.conf
  228. sed -e 's/TEAP,//' -i eap_user.conf
  229. - name: Run tests
  230. id: testing
  231. working-directory: hostap/tests/hwsim/
  232. run: |
  233. # Run tests in increments of 50 to cut down on the uploaded log size.
  234. while mapfile -t -n 50 ary && ((${#ary[@]})); do
  235. TESTS=$(printf '%s\n' "${ary[@]}" | tr '\n' ' ')
  236. # Retry up to three times
  237. for i in {1..3}; do
  238. HWSIM_RES=0 # Not set when command succeeds
  239. # Logs can grow quickly especially in debug mode
  240. sudo rm -rf logs
  241. sudo ./start.sh
  242. sudo ./run-tests.py ${{ env.hostap_debug_flags }} --split ${{ matrix.server }}/5 $TESTS || HWSIM_RES=$?
  243. sudo ./stop.sh
  244. if [ "$HWSIM_RES" -eq "0" ]; then
  245. break
  246. fi
  247. done
  248. echo "test ran $i times"
  249. if [ "$HWSIM_RES" -ne "0" ]; then
  250. exit $HWSIM_RES
  251. fi
  252. done < $GITHUB_WORKSPACE/wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/tests
  253. - name: Change failure log permissions
  254. if: ${{ failure() && steps.testing.outcome == 'failure' }}
  255. working-directory: hostap/tests/hwsim/
  256. run: |
  257. sudo chown -R $USER:$USER logs
  258. zip -9 -r logs.zip logs/current
  259. - name: Upload failure logs
  260. if: ${{ failure() && steps.testing.outcome == 'failure' }}
  261. uses: actions/upload-artifact@v4
  262. with:
  263. name: hostap-logs-${{ env.our_job_run_id }}
  264. path: hostap/tests/hwsim/logs.zip
  265. retention-days: 5