wolfSSH support for using TPM based key for authentication #409
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: wolfSSHd Test | |
on: | |
push: | |
branches: [ '*' ] | |
pull_request: | |
branches: [ '*' ] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
create_matrix: | |
runs-on: ubuntu-latest | |
outputs: | |
versions: ${{ steps.json.outputs.versions }} | |
steps: | |
- name: Create wolfSSL version matrix | |
id: json | |
run: | | |
current=`curl -s https://api.github.com/repos/wolfssl/wolfssl/releases | grep tag_name | cut -d : -f 2,3 | tr -d \" | tr -d , | tr -d ' ' | head -1` | |
last=`curl -s https://api.github.com/repos/wolfssl/wolfssl/releases | grep tag_name | cut -d : -f 2,3 | tr -d \" | tr -d , | tr -d ' ' | head -2 | tail -1` | |
VERSIONS=$(echo "[ \"master\", \"$current\", \"$last\" ]") | |
echo "wolfSSL versions found: $VERSIONS" | |
echo "versions=$VERSIONS" >> $GITHUB_OUTPUT | |
build_wolfssl: | |
needs: create_matrix | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ ubuntu-latest ] | |
wolfssl: ${{ fromJson(needs.create_matrix.outputs['versions']) }} | |
name: Build wolfssl | |
runs-on: ${{ matrix.os }} | |
timeout-minutes: 4 | |
steps: | |
- name: Checking cache for wolfssl | |
uses: actions/cache@v4 | |
id: cache-wolfssl | |
with: | |
path: build-dir/ | |
key: wolfssh-sshd-wolfssl-${{ matrix.wolfssl }}-${{ matrix.os }} | |
lookup-only: true | |
- name: Checkout, build, and install wolfssl | |
if: steps.cache-wolfssl.outputs.cache-hit != 'true' | |
uses: wolfSSL/actions-build-autotools-project@v1 | |
with: | |
repository: wolfssl/wolfssl | |
ref: ${{ matrix.wolfssl }} | |
path: wolfssl | |
configure: --enable-all | |
check: false | |
install: true | |
build_wolfssh: | |
needs: | |
- build_wolfssl | |
- create_matrix | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ ubuntu-latest ] | |
wolfssl: ${{ fromJson(needs.create_matrix.outputs['versions']) }} | |
name: Build and test wolfsshd | |
runs-on: ${{ matrix.os }} | |
timeout-minutes: 10 | |
steps: | |
- name: Checking cache for wolfssl | |
uses: actions/cache@v4 | |
with: | |
path: build-dir/ | |
key: wolfssh-sshd-wolfssl-${{ matrix.wolfssl }}-${{ matrix.os }} | |
fail-on-cache-miss: true | |
- uses: actions/checkout@v4 | |
with: | |
path: wolfssh/ | |
- name: autogen | |
working-directory: ./wolfssh/ | |
run: ./autogen.sh | |
- name: configure | |
working-directory: ./wolfssh/ | |
run : | | |
./configure --enable-all LDFLAGS="-L${{ github.workspace }}/build-dir/lib" CPPFLAGS="-I${{ github.workspace }}/build-dir/include -DWOLFSSH_NO_FPKI -DWOLFSSH_NO_SFTP_TIMEOUT -DWOLFSSH_MAX_SFTP_RW=4000000 -DMAX_PATH_SZ=120" | |
- name: make check | |
working-directory: ./wolfssh/ | |
run: make check | |
- name: Run wolfSSHd tests | |
working-directory: ./wolfssh/apps/wolfsshd/test | |
run: | | |
git log -3 | |
sudo ./run_all_sshd_tests.sh | |
# could use optimization with caching | |
- name: Test memory after close down | |
working-directory: ./wolfssh/ | |
run: | | |
sudo apt-get install valgrind | |
touch sshd_config.txt | |
./configure --enable-all LDFLAGS="-L${{ github.workspace }}/build-dir/lib" CPPFLAGS="-I${{ github.workspace }}/build-dir/include -DWOLFSSH_NO_FPKI -DWOLFSSH_NO_SFTP_TIMEOUT -DWOLFSSH_MAX_SFTP_RW=4000000 -DMAX_PATH_SZ=120" --enable-static --disable-shared && make | |
sudo timeout --preserve-status -s 2 5 valgrind --error-exitcode=1 --leak-check=full ./apps/wolfsshd/wolfsshd -D -f sshd_config -h ./keys/server-key.pem -d -p 22222 |