From b7e8a053008571d97c1cff71b1a0dfbfd2d2309a Mon Sep 17 00:00:00 2001
From: Arne Schwabe <arne@rfc2549.org>
Date: Thu, 11 Aug 2022 19:27:12 +0200
Subject: [PATCH] Add wolfSSL to github actions

This builds wolfSSL as part of the github actions with gcc and clang+asan
and will allow us to see how well wolfSSL is maintaining the support in
OpenVPN.

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
---
 .github/workflows/build.yaml | 70 ++++++++++++++++++++++++++++++++++++
 1 file changed, 70 insertions(+)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 90d520231..3f9a475e4 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -34,6 +34,76 @@ jobs:
       - name: Set job status
         run: test ! -s uncrustify-changes.patch
         working-directory: openvpn
+  wolfssl:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-20.04]
+        ssllib: [wolfssl]
+        build: [normal, asan ]
+        include:
+        - build: asan
+          cflags: "-fsanitize=address,undefined -fno-sanitize-recover=all  -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
+          ldflags: -fsanitize=address,undefined -fno-sanitize-recover=all
+          cc: clang
+        - build: normal
+          cflags: "-O2 -g"
+          ldflags: ""
+          configureflags: ""
+          cc: gcc
+
+    name: "${{matrix.cc}} ${{matrix.build}} - ${{matrix.os}} - ${{matrix.ssllib}}"
+    runs-on: ${{matrix.os}}
+    env:
+      CFLAGS: ${{ matrix.cflags }}
+      LDFLAGS: ${{ matrix.ldflags }}
+      CC: ${{matrix.cc}}
+      UBSAN_OPTIONS: print_stacktrace=1
+
+    steps:
+      - name: Install dependencies
+        run: sudo apt update && sudo apt install -y build-essential liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf libmbedtls-dev pkg-config libcap-ng-dev libnl-genl-3-dev
+
+      - name: Cache dependencies
+        id: cache
+        uses: actions/cache@v3
+        with:
+          path: '/opt/wolfssl'
+          key: ${{ matrix.build }}-wolfSSL
+      - name: "wolfSSL: checkout"
+        if: steps.cache.outputs.cache-hit != 'true'
+        uses: actions/checkout@v3
+        with:
+          path: wolfssl
+          repository: wolfSSL/wolfssl
+      - name: "wolfSSL: autoconf"
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: autoreconf -fvi
+        working-directory: wolfssl
+      - name: "wolfSSL: configure"
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: ./configure --enable-openvpn --prefix=/opt/wolfssl
+        working-directory: wolfssl
+      - name: "wolfSSL: make all"
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: make -j3
+        working-directory: wolfssl
+      - name: "wolfSSL: make install"
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: sudo make install
+        working-directory: wolfssl
+      - name: "ldconfig"
+        run: sudo ldconfig
+      - name: Checkout OpenVPN
+        uses: actions/checkout@v3
+      - name: autoconf
+        run: autoreconf -fvi
+      - name: configure ${{matrix.configureflag}}
+        run: PKG_CONFIG_PATH=/opt/wolfssl/lib/pkgconfig ./configure --with-crypto-library=${{matrix.ssllib}} --enable-werror
+      - name: make all
+        run: make -j3
+      - name: make check
+        run: make check VERBOSE=1
 
   mingw:
     strategy: