- ci/appveyor: add clang-cl job.
- ci/appvayor: optimize setting an env.
- build: fix clang-cl builds.
- build: fix `-Wcast-function-type` compiler warnings for OpenSSL 3.
- build: use `stdint.h` with MSVC when supported.
- src: use `PRId64` for MSVC where supported.
- src: avoid recursive macro definition for `recv()` and `send()`.
- session: silence `-Wcast-function-type` for `libssh2_session_callback_set2()`.
Sadly this function is still not fully warning-clean, and it
seems we'd need separate setter-getters for each callback
to avoid all warnings.
Closes#1484
To simplify the initialization. The ` Win64` method was meant for old
CMake versions not in use in CI.
Also pass the `-A` option without a space to make PowerShell pass
the option as expected by CMake.
Jobs consistently fail to connect to the test server (run in GHA) since
2024-Aug-29:
https://ci.appveyor.com/project/libssh2org/libssh2/builds/50498393
There was an earlier phase of failures one month before that, that got
fixed by increasing the wait for the server in
bf3af90b3f.
Thus, skip running tests in AppVeyor CI jobs, except: After some
experiments, it seems that running tests with the last OpenSSL job and
the last WinCrypt job _work_, which still leaves some coverage.
It remains to be seen how stable this is.
This is meant as a temporary fix till there is a solution to make all
jobs run tests reliable like up until a few months ago.
Closes#1461
The WinCNG backend currently only supports DSA and RSA. This PR
adds ECDSA support for host and user authentication.
* Disable WinCNG ECDSA support by default to maintain backward
compatibility for projects that target versions below Windows 10.
* Add cmake option `ENABLE_ECDSA_WINCNG` to guard ECDSA support.
* Update AppVeyor job matrix to only enable ECDSA on Server 2016+
The comment cited earlier is no longer true with recent CMake versions.
This options does actually enable parallel builds with MSVC since CMake
v3.26.0: https://gitlab.kitware.com/cmake/cmake/-/issues/20564
The effect isn't much for libssh2, because it spends most time in tests,
but let's enable it anyway for efficiency.
Ref: 0d08974633#884
Ref: 7a039d9a7a#867Closes#1294
- Dockerfile: use standard sep with `sed`
- Dockerfile: use single quotes in shell command
- appveyor.yml: use long-form option with `choco`
- tests/cmake: add language to test project
- reuse.yml: fix indentation
```
$ yamllint reuse.yml
reuse.yml
[...]
11:5 error wrong indentation: expected 6 but found 4 (indentation)
15:5 error wrong indentation: expected 6 but found 4 (indentation)
[...]
27:5 error wrong indentation: expected 6 but found 4 (indentation)
```
Cherry-picked from #1175
- All files have prominent copyright and SPDX identifier
- If not embedded in the file, in the .reuse/dep5 file
- All used licenses are in LICENSES/ (not shipped in tarballs)
- A new REUSE CI job verify that all files are OK
Assisted-by: Viktor Szakats
Closes#1084
Also:
- uppercase `(C)`.
- add missing 'All rights reserved.' lines.
- drop duplicate 'Author' lines.
- add copyright headers where missing.
- enable copyright header check in checksrc.
Reasons for deleting years (copied as-is from curl):
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING
Closes#1082
Add a non-static autotools build to GitHub Actions. Make this build
target i386 and libgcrypt, to test a new build combination if we are at
it.
Also:
- GHA: add necessary generic bits for i386 autotools builds.
- AppVeyor CI: teach it to ignore commits updating our GHA config.
Follow-up to 572c57c9d8#1072Closes#1074
Both autotools and cmake build both shared and static lib by default.
Ref: 896154bc17
Delete configuration enabling these explicitly in CI jobs.
Cherry-picked from #1036Closes#1036
"Unity" (aka "jumbo", aka "amalgamation" builds concatenate source files
before compiling. It has these benefits for example: faster builds,
improved code optimization, cleaner code. Let's support and test this.
- enable unity builds for some existing CI builds to test this build
scenario.
- tune `UNITY_BUILD_BATCH_SIZE` size.
- disable unity build for example and test programs (they use one source
each already).
You can enable it by passing `-DCMAKE_UNITY_BUILD=ON` to cmake.
Supported by CMake 3.16 and newer.
Ref: https://cmake.org/cmake/help/latest/prop_tgt/UNITY_BUILD.htmlCloses#1034
To not force this setting for local builds where they might serve
a good purpose.
It makes our CI runs slightly faster and we don't need to track
file changes in unattended, single, CI runs.
Cherry-picked from #1031
Instead of using hacks inside the build systems.
`SSHD` variable added to GitHub Actions is not currently used.
Added there to make it easy to experiment with these tests and
the path is non-trivial to discover. Using the Windows built-in
sshd server is another option (haven't discovered its path yet).
Cherry-picked from #1017
Add macOS CI jobs, both cmake and autotools for all supported crypto
backends (except BoringSSL), with debug, zlib enabled. Without running
tests. It also introduces OpenSSL 1.1 into the CI with a non-MSVC
compiler.
Credits to curl's `macos.yml`, that I used as a base.
Fix these issues uncovered by the new tests:
- openssl: fix warning when built with wolfSSL, or OpenSSL 1.1 and
earlier. CI missed it because apparently the only OpenSSL 1.1 test
we had used MSVC, which did not complain.
```
../src/openssl.c:3852:19: error: variable 'sslError' set but not used [-Werror,-Wunused-but-set-variable]
unsigned long sslError;
^
```
Regression from 097c8f0dae
- pem: add hack to build without MD5 crypto-backend support.
The Homebrew wolfSSL build comes with MD5 support disabled. We can
expect this becoming the norm. FIPS also requires MD5 disabled.
We deleted the same hack from `hostkey.c` a month ago:
ad6aae302a
A better fix would be to guard the MD5 logic with our `LIBSSH2_MD5`
macro.
```
pem.c:214:32: error: use of undeclared identifier 'MD5_DIGEST_LENGTH'; did you mean 'SHA_DIGEST_LENGTH'?
unsigned char secret[2*MD5_DIGEST_LENGTH];
^~~~~~~~~~~~~~~~~
SHA_DIGEST_LENGTH
```
Regression from 386e012292
- `configure.ac`: add crypto libs late.
Fix it by adding crypto libs to `LIBS` at the end of the configuration
process.
Otherwise `configure` links crypto libs while doing feature tests,
which can cause unwanted detections. For example LibreSSL publishes
the function `explicit_bzero()`, which masks the system alternative,
e.g. `memset_s()` on macOS. Then when trying to compile libssh2, its
declaration is missing:
```
bcrypt_pbkdf.c:93:5: error: implicit declaration of function 'explicit_bzero' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
_libssh2_explicit_zero(ciphertext, sizeof(ciphertext));
^
../src/misc.h:50:43: note: expanded from macro '_libssh2_explicit_zero'
^
```
Regression from 4f0f4bff5a
- cmake: fix to list our own include directory before the crypto libs',
when building tests.
Otherwise a global crypto header path, such as `/usr/local/include`,
containing an external `libssh2.h` of a different version, could cause
weird errors:
```
cc -DHAVE_CONFIG_H -DLIBSSH2_LIBGCRYPT \
-I../src -I../../src -I/usr/local/include -I[...]/libssh2/include \
-g -isysroot /Library/Developer/CommandLineTools/SDKs/MacOSX13.1.sdk \
-mmacosx-version-min=12.6 -MD -MT \
tests/CMakeFiles/test_aa_warmup.dir/test_aa_warmup.c.o \
-MF CMakeFiles/test_aa_warmup.dir/test_aa_warmup.c.o.d \
-o CMakeFiles/test_aa_warmup.dir/test_aa_warmup.c.o -c \
[...]/libssh2/tests/test_aa_warmup.c
```
```
[ 62%] Building C object tests/CMakeFiles/test_aa_warmup.dir/test_aa_warmup.c.o
In file included from /Users/runner/work/libssh2/libssh2/tests/test_aa_warmup.c:4:
In file included from /Users/runner/work/libssh2/libssh2/tests/runner.h:42:
In file included from /Users/runner/work/libssh2/libssh2/tests/session_fixture.h:43:
/Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:649:5: error: type name requires a specifier or qualifier
LIBSSH2_AUTHAGENT_FUNC((*authagent));
^
/Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:649:30: error: type specifier missing, defaults to 'int' [-Werror,-Wimplicit-int]
LIBSSH2_AUTHAGENT_FUNC((*authagent));
^
/Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:650:5: error: type name requires a specifier or qualifier
LIBSSH2_ADD_IDENTITIES_FUNC((*addLocalIdentities));
^
/Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:650:35: error: type specifier missing, defaults to 'int' [-Werror,-Wimplicit-int]
LIBSSH2_ADD_IDENTITIES_FUNC((*addLocalIdentities));
^
/Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:651:5: error: type name requires a specifier or qualifier
LIBSSH2_AUTHAGENT_SIGN_FUNC((*agentSignCallback));
^
/Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:651:35: error: type specifier missing, defaults to 'int' [-Werror,-Wimplicit-int]
LIBSSH2_AUTHAGENT_SIGN_FUNC((*agentSignCallback));
^
6 errors generated.
```
- `tests/session_fixture.h`: delete duplicate `libssh2.h`,
`libssh2_priv.h` already includes it.
Follow-up to a683133dfe
CI logs with these errors:
https://github.com/libssh2/libssh2/actions/runs/4824079094https://github.com/libssh2/libssh2/actions/runs/4824270819
curl's `macos.yml`: da2470de96/.github/workflows/macos.yml
Tidying-up while here:
- tests/session_fixture.h: delete duplicate `libssh2.h`.
`libssh2_priv.h` includes it already.
Follow-up to a683133dfe
- ci.yml: yamllint warnings and formatting.
- ci.yml: msvc section formatting and step-naming sync with macOS.
Follow-up to f4a4c05dc3
- ci.yml: enable `--enable-werror` for msys2 jobs.
Follow-up to 71cae949d5
- appveyor.yml: show OpenSSL versions, link to image content.
Closes#1013
Make the block count customizable in `test_read` via environment
`FIXTURE_XFER_COUNT`.
Set the custom count lower than the default when running on AppVeyor.
The goal is to reduce CI roundtrip times.
Closes#995
We had Windows Server 2012 R2 (8.1) and Windows Server 2019 (10) before
this patch. After, we also have Windows Server 2016 (10).
The WinCNG flakey tests should have a better chance when running on the
newer OS.
This update does not change the compiler mix.
Also change the test fixture to not use the `--quiet` option with the
`docker pull` commant. This option requires docker v19.03, and
AppVeyor's Visual Studio 2017 image doesn't support it. Log output did
not change without `--quiet`, so it seems safe to delete it. In case
we'd need it, another solution is to retry without `--quiet` if the
command fails. docker's exit status is 125 in that case.
Ref: https://github.com/libssh2/libssh2/issues/804#issuecomment-1515232799
Ref: https://www.appveyor.com/docs/windows-images-software/Closes#994
`CONFIGURATION` was never passed to the cmake command, so it had
never enabled logging when set to `Debug`.
Also `CONFIGURATION` is ambiguous depending on the "generator" used
by CMake. In case of Visual Studio, this is a build/ctest-time
setting, not a cmake-config parameter.
So set this permanently to `Release` and enable logging via our
dedicated CMake option `ENABLE_DEBUG_LOGGING`.
Tested in #979
Also:
- fix newly surfaced (bogus) warnings in examples with MSVS 2010:
```
..\..\example\direct_tcpip.c(262): warning C4127: conditional expression is constant
```
Happens for every `FD_SET()` macro reference.
Ref: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46677835/job/ni4hs97bh18c14ap
- silence MSVS 2010 predefined Windows macro warnings:
```
..\..\src\wincng.c(867): warning C4306: 'type cast' : conversion from 'int' to 'LPCSTR' of greater size
..\..\src\wincng.c(897): warning C4306: 'type cast' : conversion from 'int' to 'LPCSTR' of greater size
..\..\src\wincng.c(1132): warning C4306: 'type cast' : conversion from 'int' to 'LPCSTR' of greater size
```
Ref: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46678071/job/08t5ktvkcgdghp7rCloses#925
This results in better job names (now including CPU), avoiding the
complex exception rules, and fine-tuning the order and variation of
these tests.
Enable `LIBSSH2DEBUG` for two of the existing jobs.
- add MSVS 2022 WinCNG builds for x64 and ARM64,
replacing MSVS 2013 WinCNG builds for x64 and x86.
- add MSVS 2022 OpenSSL builds for x64.
- fix a compiler warning uncovered by the new ARM64 build:
```
tests\openssh_fixture.c(393,17): warning C4477: 'fprintf' : format string '%d' requires an argument of type 'int', but variadic argument 1 has type 'libssh2_socket_t'
tests\openssh_fixture.c(393,17): message : consider using '%lld' in the format string
tests\openssh_fixture.c(393,17): message : consider using '%Id' in the format string
tests\openssh_fixture.c(393,17): message : consider using '%I64d' in the format string
```
- echo the actual CMake command-line.
- cmake: echo the DLL filenames found by the OpenSSL DLL-finder
heuristics.
- cmake: delete `libcrypto.dll` and `libssl.dll` names from the above
logic.
I've added these in 19884e5055. That
resulted in CMake picking up a rogue `libcrypto.dll` (with no
`libssl.dll` pair) from `C:\Windows\System32\` on the
`Visual Studio 2022` image, breaking tests.
Turns out, OpenSSL v1.0.2 uses the "EAY" names, but let's not re-add
those either, because CMake mis-picks those up from
`C:/OpenSSL-Win64/bin/`, even while pointing `OPENSSL_ROOT_DIR` to a
v1.1.1 installation.
- cmake: set `NO_DEFAULT_PATH` for OpenSSL DLL lookup to avoid picking
up all kinds of wrong DLLs. CMake considers not the first, but the
_last_ hit the valid one. This happened to be
`C:/Program Files/Meson/lib*-1_1.dll` when using the
`Visual Studio 2022` image.
Ref: https://cmake.org/cmake/help/latest/command/find_file.html
- cmake: leave two commented debug lines that will be useful next time
the DLL detection lookup goes wrong.
Ref: https://cmake.org/cmake/help/latest/variable/CMAKE_FIND_DEBUG_MODE.html
- on error, also dump `CMakeFiles/CMakeConfigureLog.yaml` if it exists
(requires CMake 3.26 and newer)
`--parallel 2` did not seem to make builds faster. Neither did 4 or 6.
Delete this option from both GHA and AppVeyor jobs.
On AppVeyor, with VS, it uses MSBuild under the hood where apparently
`--parallel` doesn't do much [1]. The suggested MSBuild-specific option
`/p:CL_MPcount=2` did not improve build times either.
CMake spends significant time (comparable to building the project
itself) on feature detection, it'd be nice to execute those in parallel,
but I found not such CMake option.
[1] https://discourse.cmake.org/t/parallel-does-not-really-enable-parallel-compiles-with-msbuild/964
Partial revert of 7a039d9a7a
- limit static-only build to a single platform (x64).
- skip running ctest for the static-only build.
- use MSVS 2013 for static-only builds. It's faster.
- run static-only test before WinCNG ones. Otherwise it's often skipped
due to WinCNG failures (#804).
With CMake builds supporting static-shared libssh2 builds in a single
pass, we no longer need to run static and shared jobs separately. For
the same effect it's enough to run builds with both shared and static
builds enabled. Halving CI jobs.
We add an extra run to test the CMake config-path without shared builds
enabled.
This allows to add useful jobs, e.g. MSVS 2022 or ZLIB-enabled builds
for Windows, valgrind builds or other useful stuff, without stretching
CI run times further.
Ref: #863
- add timeout to SSH connection wait loop in AppVeyor test prep.
(2 minutes)
- switch to per-step timeout for GitHub CI cmake/ctest runs.
(10 minutes)
ctest timeout (of 450 seconds) didn't seem to make any difference.
