krb5.yml 3.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103
  1. name: Kerberos 5 Tests
  2. # START OF COMMON SECTION
  3. on:
  4. push:
  5. branches: [ 'master', 'main', 'release/**' ]
  6. pull_request:
  7. branches: [ '*' ]
  8. concurrency:
  9. group: ${{ github.workflow }}-${{ github.ref }}
  10. cancel-in-progress: true
  11. # END OF COMMON SECTION
  12. jobs:
  13. build_wolfssl:
  14. name: Build wolfSSL
  15. # Just to keep it the same as the testing target
  16. if: github.repository_owner == 'wolfssl'
  17. runs-on: ubuntu-22.04
  18. # This should be a safe limit for the tests to run.
  19. timeout-minutes: 5
  20. steps:
  21. - name: workaround high-entropy ASLR
  22. # not needed after either an update to llvm or runner is done
  23. run: sudo sysctl vm.mmap_rnd_bits=28
  24. - name: Build wolfSSL
  25. uses: wolfSSL/actions-build-autotools-project@v1
  26. with:
  27. path: wolfssl
  28. configure: --enable-krb CC='gcc -fsanitize=address'
  29. install: true
  30. - name: tar build-dir
  31. run: tar -zcf build-dir.tgz build-dir
  32. - name: Upload built lib
  33. uses: actions/upload-artifact@v4
  34. with:
  35. name: wolf-install-krb5
  36. path: build-dir.tgz
  37. retention-days: 5
  38. krb5_check:
  39. strategy:
  40. fail-fast: false
  41. matrix:
  42. # List of releases to test
  43. ref: [ 1.21.1 ]
  44. name: ${{ matrix.ref }}
  45. if: github.repository_owner == 'wolfssl'
  46. runs-on: ubuntu-22.04
  47. # This should be a safe limit for the tests to run.
  48. timeout-minutes: 8
  49. needs: build_wolfssl
  50. steps:
  51. - name: Download lib
  52. uses: actions/download-artifact@v4
  53. with:
  54. name: wolf-install-krb5
  55. - name: untar build-dir
  56. run: tar -xf build-dir.tgz
  57. - name: Checkout OSP
  58. uses: actions/checkout@v4
  59. with:
  60. repository: wolfssl/osp
  61. path: osp
  62. - name: Checkout krb5
  63. uses: actions/checkout@v4
  64. with:
  65. repository: krb5/krb5
  66. ref: krb5-${{ matrix.ref }}-final
  67. path: krb5
  68. - name: Apply patch
  69. working-directory: ./krb5
  70. run: |
  71. patch -p1 < $GITHUB_WORKSPACE/osp/krb5/Patch-for-Kerberos-5-${{ matrix.ref }}.patch
  72. - name: workaround high-entropy ASLR
  73. # not needed after either an update to llvm or runner is done
  74. run: sudo sysctl vm.mmap_rnd_bits=28
  75. - name: Build krb5
  76. working-directory: ./krb5/src
  77. run: |
  78. autoreconf -ivf
  79. # Using rpath because LD_LIBRARY_PATH is overwritten during testing
  80. export WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include -I$GITHUB_WORKSPACE/build-dir/include/wolfssl -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib"
  81. export WOLFSSL_LIBS="-lwolfssl -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib"
  82. ./configure --with-crypto-impl=wolfssl --with-tls-impl=wolfssl --disable-pkinit \
  83. CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address'
  84. CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address' make -j
  85. - name: Run tests
  86. working-directory: ./krb5/src
  87. run: |
  88. CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address' make -j check