-
Notifications
You must be signed in to change notification settings - Fork 104
146 lines (128 loc) · 5.5 KB
/
sshd-test.yml
File metadata and controls
146 lines (128 loc) · 5.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
name: wolfSSHd Test
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
create_matrix:
runs-on: ubuntu-latest
outputs:
versions: ${{ steps.json.outputs.versions }}
steps:
- name: Create wolfSSL version matrix
id: json
run: |
current=`curl -s https://api.github.com/repos/wolfssl/wolfssl/releases | grep tag_name | cut -d : -f 2,3 | tr -d \" | tr -d , | tr -d ' ' | head -1`
last=`curl -s https://api.github.com/repos/wolfssl/wolfssl/releases | grep tag_name | cut -d : -f 2,3 | tr -d \" | tr -d , | tr -d ' ' | head -2 | tail -1`
VERSIONS=$(echo "[ \"master\", \"$current\", \"$last\" ]")
echo "wolfSSL versions found: $VERSIONS"
echo "versions=$VERSIONS" >> $GITHUB_OUTPUT
build_wolfssl:
needs: create_matrix
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest ]
wolfssl: ${{ fromJson(needs.create_matrix.outputs['versions']) }}
name: Build wolfssl
runs-on: ${{ matrix.os }}
timeout-minutes: 4
steps:
- name: Checking cache for wolfssl
uses: actions/cache@v4
id: cache-wolfssl
with:
path: build-dir/
key: wolfssh-sshd-wolfssl-${{ matrix.wolfssl }}-${{ matrix.os }}
lookup-only: true
- name: Checkout, build, and install wolfssl
if: steps.cache-wolfssl.outputs.cache-hit != 'true'
uses: wolfSSL/actions-build-autotools-project@v1
with:
repository: wolfssl/wolfssl
ref: ${{ matrix.wolfssl }}
path: wolfssl
configure: --enable-all
check: false
install: true
build_wolfssh:
needs:
- build_wolfssl
- create_matrix
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest ]
wolfssl: ${{ fromJson(needs.create_matrix.outputs['versions']) }}
name: Build and test wolfsshd
runs-on: ${{ matrix.os }}
timeout-minutes: 10
steps:
- name: Checking cache for wolfssl
uses: actions/cache@v4
with:
path: build-dir/
key: wolfssh-sshd-wolfssl-${{ matrix.wolfssl }}-${{ matrix.os }}
fail-on-cache-miss: true
- uses: actions/checkout@v4
with:
path: wolfssh/
- name: autogen
working-directory: ./wolfssh/
run: ./autogen.sh
- name: configure
working-directory: ./wolfssh/
run : |
./configure --enable-all LDFLAGS="-L${{ github.workspace }}/build-dir/lib" CPPFLAGS="-I${{ github.workspace }}/build-dir/include -DWOLFSSH_NO_FPKI -DWOLFSSH_NO_SFTP_TIMEOUT -DWOLFSSH_MAX_SFTP_RW=4000000 -DMAX_PATH_SZ=120"
- name: make check
working-directory: ./wolfssh/
run: make check
- name: Run wolfSSHd tests
working-directory: ./wolfssh/apps/wolfsshd/test
run: |
git log -3
sudo ./run_all_sshd_tests.sh
# could use optimization with caching
- name: Test memory after close down
working-directory: ./wolfssh/
run: |
sudo apt-get -y update
sudo apt-get -y install valgrind
touch sshd_config.txt
./configure --enable-all LDFLAGS="-L${{ github.workspace }}/build-dir/lib" CPPFLAGS="-I${{ github.workspace }}/build-dir/include -DWOLFSSH_NO_FPKI -DWOLFSSH_NO_SFTP_TIMEOUT -DWOLFSSH_MAX_SFTP_RW=4000000 -DMAX_PATH_SZ=120" --enable-static --disable-shared && make
sudo timeout --preserve-status -s 2 5 valgrind --error-exitcode=1 --leak-check=full ./apps/wolfsshd/wolfsshd -D -f sshd_config -h ./keys/server-key.pem -d -p 22222
# regression test, check that cat command does not hang
- name: Test cat command for hanging
working-directory: ./wolfssh/
timeout-minutes: 1
run: |
touch sshd_config.txt
echo "AuthorizedKeysFile $PWD/authorized_keys_test" >> sshd_config.txt
cat ./keys/hansel-*.pub > authorized_keys_test
sed -i.bak "s/hansel/$USER/" ./authorized_keys_test
./configure --enable-all LDFLAGS="-L${{ github.workspace }}/build-dir/lib" CPPFLAGS="-I${{ github.workspace }}/build-dir/include -DWOLFSSH_NO_FPKI -DWOLFSSH_NO_SFTP_TIMEOUT -DWOLFSSH_MAX_SFTP_RW=4000000 -DMAX_PATH_SZ=120" --enable-static --disable-shared && make
sudo ./apps/wolfsshd/wolfsshd -f sshd_config.txt -h ./keys/server-key.pem -p 22225
chmod 600 ./keys/hansel-key-rsa.pem
tail -c 50000 /dev/urandom > test
while ! nc -z 127.0.0.1 22225; do echo "waiting for wolfSSHd"; sleep 0.2; done
cat test | ssh -vvv -T -i ./keys/hansel-key-rsa.pem -oStrictHostKeyChecking=no 127.0.0.1 -p 22225 'cat > test-file'
diff test ~/test-file
sudo pkill wolfsshd
- name: configure with debug
working-directory: ./wolfssh/
run : |
./configure --enable-all --enable-debug LDFLAGS="-L${{ github.workspace }}/build-dir/lib" CPPFLAGS="-I${{ github.workspace }}/build-dir/include -DWOLFSSH_NO_FPKI -DWOLFSSH_NO_SFTP_TIMEOUT -DWOLFSSH_MAX_SFTP_RW=4000000 -DMAX_PATH_SZ=120"
- name: make
working-directory: ./wolfssh/
run: make
# ssh_kex_algos.sh requires debug output otherwise it is skipped
- name: Run wolfSSHd tests with debug
working-directory: ./wolfssh/apps/wolfsshd/test
run: |
git log -3
sudo ./run_all_sshd_tests.sh --match ssh_kex_algos.sh