Skip to content

crypto: replace ring AEAD API for header protection #5799

crypto: replace ring AEAD API for header protection

crypto: replace ring AEAD API for header protection #5799

Workflow file for this run

on: [push, pull_request]
name: Stable
env:
RUSTFLAGS: "-D warnings"
RUSTTOOLCHAIN: "stable"
jobs:
quiche:
runs-on: ubuntu-latest
strategy:
matrix:
tls-feature:
- "" # default, boringssl-vendored
- "boringssl-boring-crate"
- "openssl"
# Only run on "pull_request" event for external PRs. This is to avoid
# duplicate builds for PRs created from internal branches.
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
submodules: 'recursive'
- name: Install stable toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ env.RUSTTOOLCHAIN }}
components: clippy
- name: Unused dependency check
if: ${{ matrix.tls-feature == '' }}
uses: bnjbvr/cargo-machete@main
- name: Build OpenSSL
if: ${{ matrix.tls-feature == 'openssl' }}
run: |
git clone https://github.com/quictls/openssl
cd openssl
./Configure --prefix="$PWD/install"
make -j"$(nproc)"
make install -j"$(nproc)"
echo "PKG_CONFIG_PATH=$PWD" >> "$GITHUB_ENV"
echo "LD_LIBRARY_PATH=$PWD" >> "$GITHUB_ENV"
- name: Run cargo test
run: cargo test --verbose --all-targets --features=ffi,qlog,${{ matrix.tls-feature }}
# Need to run doc tests separately.
# (https://github.com/rust-lang/cargo/issues/6669)
- name: Run cargo doc test
run: cargo test --verbose --doc --features=ffi,qlog,${{ matrix.tls-feature }}
# NOTE: this is disabled as it fails when building changes that bump
# version of local crates (e.g. when doing a `qlog` release) that have not
# been published yet, and we couldn't find a workaround.
#
# - name: Run cargo package
# run: cargo package --verbose --workspace --exclude=quiche_apps --allow-dirty
- name: Run cargo clippy
run: cargo clippy --features=ffi,qlog,${{ matrix.tls-feature }} -- -D warnings
- name: Run cargo clippy on examples
run: cargo clippy --examples --features=ffi,qlog,${{ matrix.tls-feature }} -- -D warnings
- name: Run cargo doc
run: cargo doc --no-deps --all-features --document-private-items
- name: Build C examples
run: |
sudo apt-get install libev-dev uthash-dev
make -C quiche/examples
quiche_macos:
strategy:
matrix:
target:
- "macos-13" # Intel (x86_64)
- "macos-latest" # Apple Silicon (M1)
runs-on: ${{ matrix.target }}
# Only run on "pull_request" event for external PRs. This is to avoid
# duplicate builds for PRs created from internal branches.
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
submodules: 'recursive'
- name: Install stable toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ env.RUSTTOOLCHAIN }}
- name: Run cargo test
run: cargo test --verbose --all-targets --features ffi,qlog
- name: Build C examples
run: |
brew install libev uthash
make -C quiche/examples
quiche_ios:
runs-on: macos-latest
strategy:
matrix:
target: ["x86_64-apple-ios", "aarch64-apple-ios"]
# Only run on "pull_request" event for external PRs. This is to avoid
# duplicate builds for PRs created from internal branches.
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository
env:
IPHONEOS_DEPLOYMENT_TARGET: "10.0"
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
submodules: 'recursive'
- name: Install stable toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ env.RUSTTOOLCHAIN }}
targets: ${{ matrix.target }}
- name: Remove cdylib from iOS build
run: |
sed -i -e 's/, "cdylib"//g' quiche/Cargo.toml
- name: Run cargo build
run: cargo build --target=${{ matrix.target }} --verbose
quiche_windows:
runs-on: windows-2019
strategy:
matrix:
target: ["x86_64-pc-windows-msvc", "i686-pc-windows-msvc", "x86_64-pc-windows-gnu", "i686-pc-windows-gnu"]
# Only run on "pull_request" event for external PRs. This is to avoid
# duplicate builds for PRs created from internal branches.
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
submodules: 'recursive'
- name: Install stable toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ env.RUSTTOOLCHAIN }}
targets: ${{ matrix.target }}
- name: Set default toolchain
run: rustup default ${{ env.RUSTTOOLCHAIN }}-${{ matrix.target }}
- name: Set up MinGW for 64 bit
if: matrix.target == 'x86_64-pc-windows-gnu'
uses: bwoodsend/[email protected]
with:
tag: 12.2.0-16.0.0-10.0.0-msvcrt-r5
- name: Set up MinGW for 32 bit
if: matrix.target == 'i686-pc-windows-gnu'
uses: bwoodsend/[email protected]
with:
architecture: i686
tag: 12.2.0-16.0.0-10.0.0-msvcrt-r5
- name: Install dependencies
uses: crazy-max/ghaction-chocolatey@v3
with:
args: install nasm
- name: Run cargo build
if: endsWith(matrix.target, '-gnu')
run: cargo build --target=${{ matrix.target }} --verbose --all-targets --features=ffi,qlog
- name: Run cargo test
if: endsWith(matrix.target, '-msvc')
run: cargo test --target=${{ matrix.target }} --verbose --all-targets --features=ffi,qlog
quiche_multiarch:
runs-on: ubuntu-latest
strategy:
matrix:
target: ["aarch64-unknown-linux-gnu","armv7-unknown-linux-gnueabihf","i686-unknown-linux-gnu"]
# Only run on "pull_request" event for external PRs. This is to avoid
# duplicate builds for PRs created from internal branches.
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
submodules: 'recursive'
- name: Install stable toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ env.RUSTTOOLCHAIN }}
- name: Install cargo-binstall
uses: cargo-bins/cargo-binstall@main
- name: Install cross
run: cargo-binstall -y cross
- name: Run cargo test using cross
run: cross test --target=${{ matrix.target }} --verbose --all-targets --features=ffi,qlog
http3_test:
runs-on: ubuntu-latest
# Only run on "pull_request" event for external PRs. This is to avoid
# duplicate builds for PRs created from internal branches.
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
submodules: 'recursive'
- name: Install stable toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ env.RUSTTOOLCHAIN }}
components: clippy
- name: Run cargo test
run: cargo test --no-run --verbose --manifest-path=tools/http3_test/Cargo.toml
- name: Run cargo clippy
run: cargo clippy --manifest-path=tools/http3_test/Cargo.toml -- -D warnings
docker:
runs-on: ubuntu-latest
# Only run on "pull_request" event for external PRs. This is to avoid
# duplicate builds for PRs created from internal branches.
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
submodules: 'recursive'
- name: Build Docker images
run: make docker-build
android_ndk_lts:
runs-on: ubuntu-latest
env:
API_LEVEL: "21"
strategy:
matrix:
target: ["aarch64-linux-android","armv7-linux-androideabi","x86_64-linux-android","i686-linux-android"]
include:
- target: "aarch64-linux-android"
arch: "arm64-v8a"
- target: "armv7-linux-androideabi"
arch: "armeabi-v7a"
- target: "x86_64-linux-android"
arch: "x86_64"
- target: "i686-linux-android"
arch: "x86"
# Only run on "pull_request" event for external PRs. This is to avoid
# duplicate builds for PRs created from internal branches.
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
submodules: 'recursive'
- name: Install stable toolchain for the target
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ env.RUSTTOOLCHAIN }}
targets: ${{ matrix.target }}
- name: Install cargo-ndk
run: cargo install cargo-ndk
- name: Run cargo ndk
run: cargo ndk --manifest-path quiche/Cargo.toml -t ${{ matrix.arch }} -p ${{ env.API_LEVEL }} -- build --verbose --features ffi