wolfMQTT/.github/workflows/sec-websocket-test.yml at 94ea18444900cfbbf8a7e0e2767484c49f0e678c · yosuke-wolfssl/wolfMQTT · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144

name: Secure WebSocket Client Test with wolfSSL

on:
  push:
    branches: [ main, master ]
  pull_request:
    branches: [ main, master ]
  workflow_dispatch:

jobs:
  test-websocket:
    runs-on: ubuntu-latest

    steps:
    - name: Install Act dependencies
      if: ${{ env.ACT }}
      run: |
        apt-get update && apt-get install sudo git wget nmap netcat -y

    - name: Install dependencies
      run: |
        sudo apt-get update
        sudo apt-get install -y build-essential autoconf automake libtool cmake
        sudo apt-get install -y mosquitto-clients

    - uses: actions/checkout@master
      with:
        repository: wolfssl/wolfssl
        path: wolfssl
    - name: wolfssl autogen
      working-directory: ./wolfssl
      run: ./autogen.sh
    - name: wolfssl configure with libwebsocket and mosquitto
      working-directory: ./wolfssl
      run: ./configure --enable-libwebsockets --enable-mosquitto --enable-alpn
    - name: wolfssl make
      working-directory: ./wolfssl
      run: make
    - name: wolfssl make install
      working-directory: ./wolfssl
      run: sudo make install

    - name: Download libwebsockets
      run: |
        git clone https://github.com/warmcat/libwebsockets --branch v4.3.3 --single-branch

    - name: Build libwebsockets with wolfSSL
      run: |
        cd libwebsockets
        mkdir build
        cd build
        # Note: -Wno-error=sign-conversion works around a sign mismatch in
        # libwebsockets v4.3.3 openssl-server.c:311 (lws_filepos_t -> long)
        cmake .. -DLWS_WITH_WOLFSSL=1 -DLWS_WOLFSSL_INCLUDE_DIRS=/usr/local/include/wolfssl -DLWS_WOLFSSL_LIBRARIES=/usr/local/lib/libwolfssl.so -DLWS_WITH_EXTERNAL_POLL=1 -DLWS_WITHOUT_TESTAPPS=ON -DCMAKE_C_FLAGS="-Wno-error=sign-conversion"
        make
        sudo make install

    - name: Download mosquitto and apply wolfSSL OSP patch
      run: |
        git clone https://github.com/eclipse/mosquitto.git --branch v2.0.18  --single-branch
        cd mosquitto
        wget https://raw.githubusercontent.com/wolfSSL/osp/refs/heads/master/mosquitto/2.0.18.patch
        patch -p1 < 2.0.18.patch

    - name: Build mosquitto with wolfSSL and websocket support
      run: |
        cd mosquitto
        make WITH_TLS=wolfssl WITH_WEBSOCKETS=yes WITH_DOCS=no WITH_CJSON=no
        sudo make WITH_TLS=wolfssl WITH_WEBSOCKETS=yes WITH_DOCS=no WITH_CJSON=no install

    - uses: actions/checkout@master
      with:
        repository: wolfssl/wolfmqtt
        path: wolfmqtt
    - name: wolfmqtt autogen
      working-directory: ./wolfmqtt
      run: ./autogen.sh
    - name: Configure and build wolfMQTT
      working-directory: ./wolfmqtt
      run: |
        ./configure --enable-websocket
        make

    - name: Create Mosquitto config
      run: |
        echo "listener 11883" > mosquitto.conf
        echo "protocol mqtt" >> mosquitto.conf
        echo "listener 18080" >> mosquitto.conf
        echo "protocol websockets" >> mosquitto.conf
        echo "listener 18081" >> mosquitto.conf
        echo "protocol websockets" >> mosquitto.conf
        echo "cafile scripts/broker_test/ca-cert.pem" >> mosquitto.conf
        echo "certfile scripts/broker_test/server-cert.pem" >> mosquitto.conf
        echo "keyfile scripts/broker_test/server-key.pem" >> mosquitto.conf
        echo "allow_anonymous true" >> mosquitto.conf

    - name: Start Mosquitto broker
      working-directory: ./wolfmqtt
      run: |
        mosquitto -c ../mosquitto.conf -v -d
        # Wait for broker to start
        sleep 2

    - name: Verify broker is running
      run: |
        # Check if mosquitto is running
        pgrep mosquitto || (echo "Mosquitto failed to start" && exit 1)
        # Check if port 18081 is open
        nc -z localhost 18081 || (echo "WebSocket port 18081 is not open" && exit 1)

    - name: Publish test message
      run: |
        # Start a background process to publish messages
        (
          # Wait for client to connect and subscribe
          sleep 5
          # Publish a test message
          mosquitto_pub -t "test/topic" -m "Hello from WebSocket test" -p 11883
          # Publish a few more messages
          for i in {1..5}; do
            sleep 1
            mosquitto_pub -t "test/topic" -m "Test message $i" -p 11883
          done
        ) &

    - name: Run Secure WebSocket client
      working-directory: ./wolfmqtt
      run: |
        # Run the client with a timeout
        timeout 15s ./examples/websocket/websocket_client -t -h localhost -p 18081 -A scripts/broker_test/ca-cert.pem || exit_code=$?

        # Check if client received messages (exit code 124 means timeout occurred, which is expected)
        if [ "$exit_code" -eq 124 ]; then
          echo "Client ran successfully until timeout"
          exit 0
        elif [ "$exit_code" -ne 0 ]; then
          echo "Client failed with exit code $exit_code"
          exit 1
        fi

    - name: Stop Mosquitto broker
      run: |
        sudo killall mosquitto