luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9ea40e7bb1
curl/.github/workflows/http3-linux.yml
Stefan Eissing 952770dc65
gnutls: fix connection state check on handshake 
When running curl event based, connect attempts stalled as the 'done'
check was using the wrong state in gnutls.

Add event based pytest runs to all http3 jobs and the openssl and
mbedtls ones on linux.

Closes #16423
2025-02-22 01:01:10 +01:00

521 lines
20 KiB
YAML
Raw Blame History

# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
#
# SPDX-License-Identifier: curl
name: Linux HTTP/3
'on':
push:
branches:
- master
- '*/ci'
paths-ignore:
- '**/*.md'
- '.circleci/**'
- 'appveyor.*'
- 'packages/**'
- 'plan9/**'
- 'projects/**'
- 'winbuild/**'
pull_request:
branches:
- master
paths-ignore:
- '**/*.md'
- '.circleci/**'
- 'appveyor.*'
- 'packages/**'
- 'plan9/**'
- 'projects/**'
- 'winbuild/**'
concurrency:
# Hardcoded workflow filename as workflow name above is just Linux again
group: http3-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
permissions: {}
env:
MAKEFLAGS: -j 5
# handled in renovate.json
openssl-version: 3.4.1
# handled in renovate.json
quictls-version: 3.3.0
# renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com
gnutls-version: 3.8.9
# renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
wolfssl-version: 5.7.6
# renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com
nghttp3-version: 1.8.0
# renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com
ngtcp2-version: 1.11.0
# renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com
nghttp2-version: 1.64.0
# renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com
quiche-version: 0.23.2
jobs:
build-cache:
runs-on: ubuntu-latest
steps:
- name: 'cache quictls'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-quictls-no-deprecated
env:
cache-name: cache-quictls-no-deprecated
with:
path: ~/quictls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1
- name: 'cache gnutls'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-gnutls
env:
cache-name: cache-gnutls
with:
path: ~/gnutls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }}
- name: 'cache wolfssl'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-wolfssl
env:
cache-name: cache-wolfssl
with:
path: ~/wolfssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }}
- name: 'cache nghttp3'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-nghttp3
env:
cache-name: cache-nghttp3
with:
path: ~/nghttp3/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }}
- name: 'cache ngtcp2'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-ngtcp2
env:
cache-name: cache-ngtcp2
with:
path: ~/ngtcp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}-${{ env.quictls-version }}-${{ env.gnutls-version }}-${{ env.wolfssl-version }}
- name: 'cache nghttp2'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-nghttp2
env:
cache-name: cache-nghttp2
with:
path: ~/nghttp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}-${{ env.quictls-version }}-${{ env.ngtcp2-version }}-${{ env.nghttp3-version }}
- id: settings
if: |
steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' ||
steps.cache-gnutls.outputs.cache-hit != 'true' ||
steps.cache-wolfssl.outputs.cache-hit != 'true' ||
steps.cache-nghttp3.outputs.cache-hit != 'true' ||
steps.cache-ngtcp2.outputs.cache-hit != 'true' ||
steps.cache-nghttp2.outputs.cache-hit != 'true'
run: |
echo 'needs-build=true' >> $GITHUB_OUTPUT
- name: 'install build prereqs'
if: steps.settings.outputs.needs-build == 'true'
run: |
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
sudo apt-get -o Dpkg::Use-Pty=0 update
sudo apt-get -o Dpkg::Use-Pty=0 install \
libtool autoconf automake pkgconf stunnel4 \
libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \
nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \
libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \
texinfo texlive texlive-extra-utils autopoint libev-dev \
apache2 apache2-dev libnghttp2-dev
echo 'CC=gcc-12' >> $GITHUB_ENV
echo 'CXX=g++-12' >> $GITHUB_ENV
- name: 'build quictls'
if: steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }}-quic1 https://github.com/quictls/openssl quictls
cd quictls
./config no-deprecated --prefix=$PWD/build --libdir=lib no-makedepend no-apps no-docs no-tests
make
make -j1 install_sw
- name: 'build gnutls'
if: steps.cache-gnutls.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b ${{ env.gnutls-version }} https://github.com/gnutls/gnutls.git
cd gnutls
./bootstrap
./configure --disable-dependency-tracking --prefix=$PWD/build \
LDFLAGS="-Wl,-rpath,$PWD/build/lib -L$PWD/build/lib" \
--with-included-libtasn1 --with-included-unistring \
--disable-guile --disable-doc --disable-tests --disable-tools
make
make install
- name: 'build wolfssl'
if: steps.cache-wolfssl.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b v${{ env.wolfssl-version }}-stable https://github.com/wolfSSL/wolfssl.git
cd wolfssl
./autogen.sh
./configure --disable-dependency-tracking --enable-all --enable-quic \
--disable-benchmark --disable-crypttests --disable-examples --prefix=$PWD/build
make
make install
- name: 'build nghttp3'
if: steps.cache-nghttp3.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b v${{ env.nghttp3-version }} https://github.com/ngtcp2/nghttp3
cd nghttp3
git submodule update --init --depth=1
autoreconf -fi
./configure --disable-dependency-tracking --prefix=$PWD/build \
PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig" \
--enable-lib-only
make
make install
- name: 'build ngtcp2'
if: steps.cache-ngtcp2.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b v${{ env.ngtcp2-version }} https://github.com/ngtcp2/ngtcp2
cd ngtcp2
autoreconf -fi
./configure --disable-dependency-tracking --prefix=$PWD/build \
PKG_CONFIG_PATH="$HOME/quictls/build/lib/pkgconfig:$HOME/gnutls/build/lib/pkgconfig:$HOME/wolfssl/build/lib/pkgconfig" \
--enable-lib-only --with-openssl --with-gnutls --with-wolfssl
make install
- name: 'build nghttp2'
if: steps.cache-nghttp2.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b v${{ env.nghttp2-version }} https://github.com/nghttp2/nghttp2
cd nghttp2
autoreconf -fi
./configure --disable-dependency-tracking --prefix=$PWD/build \
PKG_CONFIG_PATH="$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig" \
LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" \
--enable-http3
make install
linux:
name: ${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.build.name }}
needs:
- build-cache
runs-on: 'ubuntu-latest'
timeout-minutes: 45
strategy:
fail-fast: false
matrix:
build:
- name: quictls
PKG_CONFIG_PATH: '$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig'
configure: >-
LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib"
--with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
--with-openssl=$HOME/quictls/build --enable-ssls-export
--with-libuv
- name: gnutls
PKG_CONFIG_PATH: '$HOME/gnutls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig'
configure: >-
LDFLAGS="-Wl,-rpath,$HOME/gnutls/build/lib"
--with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
--with-gnutls=$HOME/gnutls/build --enable-ssls-export
--with-libuv
- name: wolfssl
PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig'
configure: >-
LDFLAGS="-Wl,-rpath,$HOME/wolfssl/build/lib"
--with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
--with-wolfssl=$HOME/wolfssl/build
--enable-ech --enable-ssls-export
--with-libuv
- name: wolfssl
PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig'
generate: >-
-DCURL_USE_WOLFSSL=ON -DUSE_NGTCP2=ON -DENABLE_DEBUG=ON
-DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx"
-DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx"
-DUSE_ECH=ON
-DCURL_USE_LIBUV=ON
- name: openssl-quic
PKG_CONFIG_PATH: '$HOME/openssl/build/lib64/pkgconfig'
configure: >-
LDFLAGS="-Wl,-rpath,$HOME/openssl/build/lib64"
--enable-warnings --enable-werror --enable-debug --disable-ntlm
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
--with-openssl=$HOME/openssl/build --with-openssl-quic
--with-nghttp3=$HOME/nghttp3/build
--with-libuv
- name: quiche
configure: >-
LDFLAGS="-Wl,-rpath,$HOME/quiche/target/release"
--with-openssl=$HOME/quiche/quiche/deps/boringssl/src
--enable-warnings --enable-werror --enable-debug
--with-quiche=$HOME/quiche/target/release
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
--with-ca-fallback
--with-libuv
- name: quiche
PKG_CONFIG_PATH: '$HOME/quiche/target/release'
generate: >-
-DOPENSSL_ROOT_DIR=$HOME/quiche/quiche/deps/boringssl/src -DENABLE_DEBUG=ON
-DUSE_QUICHE=ON
-DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx"
-DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx"
-DCURL_CA_FALLBACK=ON
-DCURL_USE_LIBUV=ON
steps:
- name: 'install prereqs'
run: |
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
sudo apt-get -o Dpkg::Use-Pty=0 update
sudo apt-get -o Dpkg::Use-Pty=0 install \
libtool autoconf automake ninja-build pkgconf stunnel4 \
libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \
nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \
libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \
texinfo texlive texlive-extra-utils autopoint libev-dev libuv1-dev \
apache2 apache2-dev libnghttp2-dev vsftpd
python3 -m venv $HOME/venv
echo 'CC=gcc-12' >> $GITHUB_ENV
echo 'CXX=g++-12' >> $GITHUB_ENV
- name: 'cache quictls'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-quictls-no-deprecated
env:
cache-name: cache-quictls-no-deprecated
with:
path: ~/quictls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1
fail-on-cache-miss: true
- name: 'cache gnutls'
if: matrix.build.name == 'gnutls'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-gnutls
env:
cache-name: cache-gnutls
with:
path: ~/gnutls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }}
fail-on-cache-miss: true
- name: 'cache wolfssl'
if: matrix.build.name == 'wolfssl'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-wolfssl
env:
cache-name: cache-wolfssl
with:
path: ~/wolfssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }}
fail-on-cache-miss: true
- name: 'cache nghttp3'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-nghttp3
env:
cache-name: cache-nghttp3
with:
path: ~/nghttp3/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }}
fail-on-cache-miss: true
- name: 'cache ngtcp2'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-ngtcp2
env:
cache-name: cache-ngtcp2
with:
path: ~/ngtcp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}-${{ env.quictls-version }}-${{ env.gnutls-version }}-${{ env.wolfssl-version }}
fail-on-cache-miss: true
- name: 'cache nghttp2'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-nghttp2
env:
cache-name: cache-nghttp2
with:
path: ~/nghttp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}-${{ env.quictls-version }}-${{ env.ngtcp2-version }}-${{ env.nghttp3-version }}
fail-on-cache-miss: true
- name: 'cache openssl'
if: matrix.build.name == 'openssl-quic'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-openssl
env:
cache-name: cache-openssl
with:
path: ~/openssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.openssl-version }}
- name: 'install openssl'
if: matrix.build.name == 'openssl-quic' && steps.cache-openssl.outputs.cache-hit != 'true'
run: |
git clone --quiet --depth=1 -b openssl-${{ env.openssl-version }} https://github.com/openssl/openssl
cd openssl
./config --prefix=$HOME/openssl/build no-makedepend no-apps no-docs no-tests
make
make -j1 install_sw
cat exporters/openssl.pc
- name: 'cache quiche'
if: matrix.build.name == 'quiche'
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
id: cache-quiche
env:
cache-name: cache-quiche
with:
path: ~/quiche
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quiche-version }}
- name: 'build quiche and boringssl'
if: matrix.build.name == 'quiche' && steps.cache-quiche.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b ${{ env.quiche-version }} --recursive https://github.com/cloudflare/quiche.git
cd quiche
#### Work-around https://github.com/curl/curl/issues/7927 #######
#### See https://github.com/alexcrichton/cmake-rs/issues/131 ####
sed -i -e 's/cmake = "0.1"/cmake = "=0.1.45"/' quiche/Cargo.toml
cargo build -v --package quiche --release --features ffi,pkg-config-meta,qlog --verbose
ln -s libquiche.so target/release/libquiche.so.0
mkdir -v quiche/deps/boringssl/src/lib
ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/
# include dir
# $HOME/quiche/quiche/deps/boringssl/src/include
# lib dir
# $HOME/quiche/quiche/deps/boringssl/src/lib
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
persist-credentials: false
- name: 'autoreconf'
if: ${{ matrix.build.configure }}
run: autoreconf -fi
- name: 'configure'
run: |
if [ -n '${{ matrix.build.PKG_CONFIG_PATH }}' ]; then
export PKG_CONFIG_PATH="${{ matrix.build.PKG_CONFIG_PATH }}"
fi
if [ -n '${{ matrix.build.generate }}' ]; then
cmake -B . -G Ninja \
-DCMAKE_C_COMPILER_TARGET=$(uname -m)-pc-linux-gnu -DBUILD_STATIC_LIBS=ON \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \
${{ matrix.build.generate }}
else
./configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
${{ matrix.build.configure }}
fi
- name: 'configure log'
if: ${{ !cancelled() }}
run: cat config.log CMakeFiles/CMakeConfigureLog.yaml 2>/dev/null || true
- name: 'curl_config.h'
run: |
echo '::group::raw'; cat lib/curl_config.h || true; echo '::endgroup::'
grep -F '#define' lib/curl_config.h | sort || true
- name: 'test configs'
run: |
cat tests/config || true
cat tests/http/config.ini || true
- name: 'build'
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
cmake --build . --verbose
else
make V=1
fi
- name: 'check curl -V output'
run: ./src/curl -V
- name: 'build tests'
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
cmake --build . --verbose --target testdeps
else
make V=1 -C tests
fi
- name: 'install test prereqs'
run: |
source $HOME/venv/bin/activate
python3 -m pip install -r tests/requirements.txt
- name: 'run tests'
env:
TFLAGS: '${{ matrix.build.tflags }}'
run: |
source $HOME/venv/bin/activate
if [ -n '${{ matrix.build.generate }}' ]; then
cmake --build . --verbose --target test-ci
else
make V=1 test-ci
fi
- name: 'install pytest prereqs'
run: |
source $HOME/venv/bin/activate
python3 -m pip install -r tests/http/requirements.txt
- name: 'run pytest event based'
env:
TFLAGS: '${{ matrix.build.tflags }}'
CURL_TEST_EVENT: 1
CURL_CI: github
PYTEST_ADDOPTS: '--color=yes'
run: |
source $HOME/venv/bin/activate
if [ -n '${{ matrix.build.generate }}' ]; then
cmake --build . --verbose --target curl-pytest-ci
else
make V=1 pytest-ci
fi
- name: 'build examples'
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
cmake --build . --verbose --target curl-examples
else
make V=1 examples
fi
Reference in New Issue View Git Blame Copy Permalink