123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318 |
- name: hostap and wpa-supplicant Tests
- # START OF COMMON SECTION
- on:
- push:
- branches: [ 'master', 'main', 'release/**' ]
- pull_request:
- branches: [ '*' ]
- concurrency:
- group: ${{ github.workflow }}-${{ github.ref }}
- cancel-in-progress: true
- # END OF COMMON SECTION
- env:
- LINUX_REF: v6.6
- jobs:
- build_wolfssl:
- strategy:
- matrix:
- include:
- - build_id: hostap-vm-build1
- wolf_extra_config: --disable-tls13
- - build_id: hostap-vm-build2
- wolf_extra_config: >-
- --enable-wpas-dpp --enable-brainpool --with-eccminsz=192
- --enable-tlsv10 --enable-oldtls
- name: Build wolfSSL
- runs-on: ubuntu-latest
- # This should be a safe limit for the tests to run.
- timeout-minutes: 10
- steps:
- # No way to view the full strategy in the browser (really weird)
- - name: Print strategy
- run: |
- cat <<EOF
- ${{ toJSON(matrix) }}
- EOF
- - if: ${{ runner.debug }}
- name: Enable wolfSSL debug logging
- run: |
- echo "wolf_debug_flags=--enable-debug" >> $GITHUB_ENV
- - name: Build wolfSSL
- uses: wolfSSL/actions-build-autotools-project@v1
- with:
- path: wolfssl
- configure: >-
- --enable-wpas CPPFLAGS=-DWOLFSSL_STATIC_RSA
- ${{ env.wolf_debug_flags }} ${{ matrix.wolf_extra_config }}
- install: true
- - name: tar build-dir
- run: tar -zcf build-dir.tgz build-dir
- - name: Upload built lib
- uses: actions/upload-artifact@v4
- with:
- name: ${{ matrix.build_id }}
- path: build-dir.tgz
- retention-days: 5
- build_uml_linux:
- name: Build UML (UserMode Linux)
- runs-on: ubuntu-latest
- # This should be a safe limit for the tests to run.
- timeout-minutes: 10
- steps:
- - name: Checking if we have kernel in cache
- uses: actions/cache@v4
- id: cache
- with:
- path: linux/linux
- key: ${{ env.LINUX_REF }}
- lookup-only: true
- - name: Checkout hostap
- if: steps.cache.outputs.cache-hit != 'true'
- uses: actions/checkout@v4
- with:
- repository: julek-wolfssl/hostap-mirror
- path: hostap
- - name: Checkout linux
- if: steps.cache.outputs.cache-hit != 'true'
- uses: actions/checkout@v4
- with:
- repository: torvalds/linux
- path: linux
- - name: Compile linux
- if: steps.cache.outputs.cache-hit != 'true'
- run: |
- cp hostap/tests/hwsim/vm/kernel-config.uml linux/.config
- cd linux
- yes "" | ARCH=um make -j $(nproc)
- hostap_test:
- strategy:
- fail-fast: false
- matrix:
- # should hostapd be compiled with wolfssl
- hostapd: [true, false]
- # should wpa_supplicant be compiled with wolfssl
- wpa_supplicant: [true, false]
- # Fix the versions of hostap and osp to not break testing when a new
- # patch is added in to osp. Tests are read from the corresponding
- # configs/hostap_ref/tests file.
- config: [
- {
- hostap_ref: hostap_2_10,
- remove_teap: true,
- # TLS 1.3 does not work for this version
- build_id: hostap-vm-build1,
- },
- # Test the dpp patch
- {
- hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb,
- osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446,
- build_id: hostap-vm-build2
- },
- {
- hostap_ref: 07c9f183ea744ac04585fb6dd10220c75a5e2e74,
- osp_ref: e1876fbbf298ee442bc7ab8561331ebc7de17528,
- build_id: hostap-vm-build2
- },
- ]
- exclude:
- # don't test openssl on both sides
- - hostapd: false
- wpa_supplicant: false
- # no hostapd support for dpp yet
- - hostapd: true
- config: {
- hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb,
- osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446,
- build_id: hostap-vm-build2
- }
- name: hwsim test
- # For openssl 1.1
- runs-on: ubuntu-latest
- # This should be a safe limit for the tests to run.
- timeout-minutes: 45
- needs: [build_wolfssl, build_uml_linux]
- steps:
- - name: Checking if we have kernel in cache
- uses: actions/cache/restore@v4
- id: cache
- with:
- path: linux/linux
- key: ${{ env.LINUX_REF }}
- fail-on-cache-miss: true
- - name: show file structure
- run: tree
- # No way to view the full strategy in the browser (really weird)
- - name: Print strategy
- run: |
- cat <<EOF
- ${{ toJSON(matrix) }}
- EOF
- - name: Print computed job run ID
- run: |
- SHA_SUM=$(sha256sum << 'END_OF_HEREDOC' | cut -d " " -f 1
- ${{ toJSON(github) }}
- END_OF_HEREDOC
- )
- echo "our_job_run_id=$SHA_SUM" >> $GITHUB_ENV
- echo Our job run ID is $SHA_SUM
- - name: Checkout wolfSSL
- uses: actions/checkout@v4
- with:
- path: wolfssl
- - name: Download lib
- uses: actions/download-artifact@v4
- with:
- name: ${{ matrix.config.build_id }}
- - name: untar build-dir
- run: tar -xf build-dir.tgz
- - name: Install dependencies
- run: |
- # Don't prompt for anything
- export DEBIAN_FRONTEND=noninteractive
- sudo apt-get update
- # hostap dependencies
- sudo apt-get install -y libpcap0.8 libpcap-dev curl libcurl4-openssl-dev \
- libnl-3-dev binutils-dev libssl-dev libiberty-dev libnl-genl-3-dev \
- libnl-route-3-dev libdbus-1-dev bridge-utils tshark
- sudo pip3 install pycryptodome
- - name: Checkout hostap
- uses: actions/checkout@v4
- with:
- repository: julek-wolfssl/hostap-mirror
- path: hostap
- ref: ${{ matrix.config.hostap_ref }}
- - name: Update certs
- working-directory: hostap/tests/hwsim/auth_serv
- run: ./update.sh
- - if: ${{ matrix.config.osp_ref }}
- name: Checkout OSP
- uses: actions/checkout@v4
- with:
- repository: wolfssl/osp
- path: osp
- ref: ${{ matrix.config.osp_ref }}
- - if: ${{ matrix.config.osp_ref }}
- name: Apply patch files
- working-directory: hostap
- run: |
- for f in $GITHUB_WORKSPACE/osp/hostap-patches/pending/*
- do
- patch -p1 < $f
- done
- - name: Apply extra patches
- working-directory: hostap
- run: |
- FILE=$GITHUB_WORKSPACE/wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/extra.patch
- if [ -f "$FILE" ]; then
- patch -p1 < $FILE
- fi
- - if: ${{ matrix.hostapd }}
- name: Setup hostapd config file
- run: |
- cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/hostapd.config \
- hostap/hostapd/.config
- cat <<EOF >> hostap/hostapd/.config
- CFLAGS += -I$GITHUB_WORKSPACE/build-dir/include -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
- LIBS += -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
- EOF
- - if: ${{ matrix.wpa_supplicant }}
- name: Setup wpa_supplicant config file
- run: |
- cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/wpa_supplicant.config \
- hostap/wpa_supplicant/.config
- cat <<EOF >> hostap/wpa_supplicant/.config
- CFLAGS += -I$GITHUB_WORKSPACE/build-dir/include -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
- LIBS += -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
- EOF
- - name: Build hostap and wpa_supplicant
- working-directory: hostap/tests/hwsim/
- run: ./build.sh
- - if: ${{ matrix.hostapd }}
- name: Confirm hostapd linking with wolfSSL
- run: ldd hostap/hostapd/hostapd | grep wolfssl
- - if: ${{ matrix.wpa_supplicant }}
- name: Confirm wpa_supplicant linking with wolfSSL
- run: ldd hostap/wpa_supplicant/wpa_supplicant | grep wolfssl
- - if: ${{ matrix.config.remove_teap }}
- name: Remove EAP-TEAP from test configuration
- working-directory: hostap/tests/hwsim/auth_serv
- run: |
- sed -e 's/"erp-teap@example.com"\tTEAP//' -i eap_user.conf
- sed -e 's/"erp-teap@example.com"\tMSCHAPV2\t"password"\t\[2\]//' -i eap_user.conf
- sed -e 's/"TEAP"\t\tTEAP//' -i eap_user.conf
- sed -e 's/TEAP,//' -i eap_user.conf
- - if: ${{ runner.debug }}
- name: Enable hostap debug logging
- run: |
- echo "hostap_debug_flags=--debug" >> $GITHUB_ENV
- - name: Run tests
- id: testing
- working-directory: hostap/tests/hwsim/
- run: |
- cat <<EOF >> vm/vm-config
- KERNELDIR=$GITHUB_WORKSPACE/linux
- KVMARGS="-cpu host"
- EOF
- # Run tests in increments of 200 to not stall out the parallel-vm script
- while mapfile -t -n 200 ary && ((${#ary[@]})); do
- TESTS=$(printf '%s\n' "${ary[@]}" | tr '\n' ' ')
- HWSIM_RES=0 # Not set when command succeeds
- ./vm/parallel-vm.py ${{ env.hostap_debug_flags }} --nocurses $(nproc) $TESTS || HWSIM_RES=$?
- if [ "$HWSIM_RES" -ne "0" ]; then
- # Let's re-run the failing tests. We gather the failed tests from the log file.
- FAILED_TESTS=$(grep 'failed tests' /tmp/hwsim-test-logs/*-parallel.log | sed 's/failed tests: //' | tr ' ' '\n' | sort | uniq | tr '\n' ' ')
- printf 'failed tests: %s\n' "$FAILED_TESTS"
- ./vm/parallel-vm.py ${{ env.hostap_debug_flags }} --nocurses $(nproc) $FAILED_TESTS
- fi
- rm -r /tmp/hwsim-test-logs
- done < $GITHUB_WORKSPACE/wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/tests
- # The logs are quite big. It hasn't been useful so far so let's not waste
- # precious gh space.
- #- name: zip logs
- # if: ${{ failure() && steps.testing.outcome == 'failure' }}
- # working-directory: hostap/tests/hwsim/
- # run: |
- # rm /tmp/hwsim-test-logs/latest
- # zip -9 -r logs.zip /tmp/hwsim-test-logs
- #
- #- name: Upload failure logs
- # if: ${{ failure() && steps.testing.outcome == 'failure' }}
- # uses: actions/upload-artifact@v4
- # with:
- # name: hostap-logs-${{ env.our_job_run_id }}
- # path: hostap/tests/hwsim/logs.zip
- # retention-days: 5
|