Before this patch, cmake did a single compilation pass when we enabled
both shared and static lib targets. This saves build time (esp. with
MinGW targets and cross-compiling), but has the disadvantage that static
libs built this way must have PIC enabled (offering slightly less
performance) and `dllexport` enabled also, which means that executables
linking the static libssh2 lib export its public symbols.
To avoid these downsides, this patch separates the two passes and
creates a non-PIC, non-`dllexport` static lib, even when also building
the shared lib.
- limit static-only build to a single platform (x64).
- skip running ctest for the static-only build.
- use MSVS 2013 for static-only builds. It's faster.
- run static-only test before WinCNG ones. Otherwise it's often skipped
due to WinCNG failures (#804).
With CMake builds supporting static-shared libssh2 builds in a single
pass, we no longer need to run static and shared jobs separately. For
the same effect it's enough to run builds with both shared and static
builds enabled. Halving CI jobs.
We add an extra run to test the CMake config-path without shared builds
enabled.
This allows to add useful jobs, e.g. MSVS 2022 or ZLIB-enabled builds
for Windows, valgrind builds or other useful stuff, without stretching
CI run times further.
Ref: #863
- `BUILD_SHARED_LIBS=ON` no longer disables building static lib.
When set, we build the static lib with PIC enabled.
For shared lib only, set `BUILD_STATIC_LIBS=OFF`. For static lib
without PIC, leave this option disabled.
- new setting: `BUILD_STATIC_LIBS`. `ON` by default.
Force-enabled when building examples or tests (we build those in
static mode always.)
- fix to exclude Windows Resource from the static lib.
- fix to not overwrite static lib with shared implib on Windows
platforms using identical suffix for them (MSVS). By using
`libssh2_imp<.ext>` implib filename.
- add support for `STATIC_LIB_SUFFIX` setting to set an optional suffix
(e.g. `_static`) for the static lib. (experimental, not documented).
Overrides the above when set.
- fix to set `dllexport` when building shared lib.
- set `TrackFileAccess=false` for MSVS.
For faster builds, shorter verbose logs.
- tests: new test linking against shared libssh2: `test_warmup_shared`
- tests: simplify 'runner' lib by merging 3 libs into a single one.
- tests: drop hack from `test_keyboard_interactive_auth_info_request`
build.
We no longer need to compile `src/misc.c` because we always link
libssh2 statically.
- tests: limit `FIXTURE_WORKDIR=` to the `runner` target.
TL;DR: Default behavior unchanged: static (no-PIC), no shared.
Enabling shared unchanged, but now also builds a static (PIC)
lib by default.
Based-on: b60dca8b64#547 by berney on github
Fixes: #547Fixes: #675Closes: #863
Fix or silence all C compiler warnings discovered with (or without)
`PICKY_COMPILER=ON` (in CMake). This means all warnings showing up in
CI (gcc, clang, MSVS 2013/2015), in local tests on macOS (clang 14) and
Windows cross-builds using gcc (12) and llvm/clang (14/15).
Also fix the expression `nread -= nread` in `sftp_RW_nonblock.c`.
Cherry-picked from: #846Closes#861
libssh2 built with OpenSSL and without its `EVP_aes_128_ctr()`, aka
`HAVE_EVP_AES_128_CTR`, option are working incorrectly. This option
wasn't always auto-detected by autotools up until recently (#811).
Non-cmake, non-autotools build methods never enabled it automatically.
OpenSSL supports this options since at least v1.0.2, which is already
EOLed and considered obsolete. OpenSSL forks (LibreSSL, BoringSSL)
supported it all along.
In this patch we enable this option unconditionally, now requiring
OpenSSL supporting this function, or one of its forks.
Also modernize OpenSSL lib references to what 1.0.2 and newer versions
have been using.
Fixes#739
- cmake: fix compiler warnings in `CheckNonblockingSocketSupport`.
detection functions.
Without this, these detections fail when `ENABLE_WERROR=ON`.
- cmake: disable ENABLE_WERROR for MSVC during symbol checks in `src`.
CMake's built-in symbol check function `check_symbol_exists()`
generate warnings with MSVC. With warnings considered errors, these
detections fail permanently. Our workaround is to disable
warnings-as-errors while running these checks.
```
CheckSymbolExists.c(8): warning C4054: 'type cast': from function pointer '__int64 (__cdecl *)(const char *,char **,int)' to data pointer 'int *'
in `return ((int*)(&strtoll))[argc];`
```
Ref: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46537222/job/4vg4yg333mu2lg9b
- example: replace `strcasecmp()` with C89 `strcmp()`.
To avoid using CMake symbol checks in `example`.
Another option is to duplicate the `check_symbol_exists()` workaround
from `src`, but I figure it's not worth the complexity. We use
`strcasecmp()` solely to check optional command-line options for
example programs, and those are fine as lower-case.
Without this, these detections fail when `ENABLE_WERROR=ON`.
- also delete `__function__` detection/use in `example`.
To avoid the complexity for the sake of using it at a single place in
of the example's error branch. Replace that use with a literal name of
the function.
- cmake: also use `CMakePushCheckState` functions instead of manual
save/restore.
Closes#857
- cmake: extend workaround for linking a test with shared libssh2.
One of the tests uses internal libssh2 functions, and with CMake it
compiles `src/misc.c` directly for this. `misc.c` references bcrypt /
blowfish code. This needs a workaround for build configs where libssh2
doesn't export these.
Before this patch, we enabled this workaround for MSVC.
In the patch we extend this to all Windows. There is no CI test for
this, but gcc and llvm/clang + mingw64 builds also need it. This may
well apply to other configurations (it should, as shared libs are not
supposed to export internal functions), so also make it easy to enable
it at a single point.
[ autotools builds force-link this one test against static libssh2. ]
- make `misc.c` not depend on bcrypt.
By moving out our `bcrypt_pbkdf()` wrapper into `bcrypt_pbkdf.c`
itself.
This allows to compile `misc.c` into tests without pulling in bcrypt /
blowfish functions, and simplify the above workaround.
Source code uses `HAVE_BCRYPT_PBKDF`, a leftover from original bcrypt
source. We never define this inside libssh2. Defining it breaks the
build, and this patch doesn't change that.
- make `bcrypt_pbkdf()` static.
While here, make the low-level `bcrypt_pbkdf()` function static to
avoid namespace pollution.
Closes#855
- add timeout to SSH connection wait loop in AppVeyor test prep.
(2 minutes)
- switch to per-step timeout for GitHub CI cmake/ctest runs.
(10 minutes)
ctest timeout (of 450 seconds) didn't seem to make any difference.
- `ctest` shows a the default timeout '10000000' (turns out to be
in seconds), cause infinite waits e.g. in case the necessary server
worker is not available.
CMake CI tests take approx:
- GitHub / Linux : 125 seconds
- AppVeyor / Windows: 300 seconds
New timeouts are: 450 and 900 seconds respectively.
- set timeouts for style-check, fuzz, Linux and Windows GitHub CI
jobs to avoid hanging forever.
Also:
- move `choco install` to before_test to make builds start faster
in `appveyor.yml`.
- fix some yamllint `ON`/`OFF`-confusion issue by quoting these
values in `appveyor.yml`.
- fix indentation in `appveyor.yml`.
- convert to GitHub workflows to LF line-ending.
Ref: https://github.com/libssh2/libssh2/pull/655#issuecomment-1472853493Closes#851
- build x64 first
x64 is the more interesting target. Most type conversion issues are
revealed here. Also more commonly used by now.
- test VS 2013 earlier
- test WinCNG earlier
- delete reference to no longer used VS 2008
After this patch we end up starting with all Shared builds (2015, 2013,
OpenSSL, WinCNG), then continue with Static ones. Shared/Static makes
a minor if any difference in builds/tests compared to different VS
versions of TLS backends.
--
CI run times:
Preparation + build takes:
8 x VS2015 4.5 mins -> total: 36
8 x VS2013 2 mins -> total: 16
Total: 52 mins
with our 30 tests, it increases to:
8 x VS2015 8-10 mins -> total: 72
8 x VS2013 6- 9 mins -> total: 60
Total: 132 mins
Without tests: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46475315
With tests: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46480549
- avoid outputting 4000 log lines by hiding the progress bar.
Reduces log size by 5x.
- decrease timeout (from the default 2700 seconds).
- omit unnecessary output.
Tested as part of #846
- add wolfSSL support.
- reduce size and redundant logic.
- fix a bunch of small issues.
- rework configuration, now with: `CC`, `AR`, `RC`, `TRIPLET`, `CFLAGS`,
`CPPFLAGS`, `LDFLAGS`, `RCFLAGS`, `LIBS`, `LIBSSH2_DLL_SUFFIX`,
`LIBSSH2_LDFLAGS_LIB`, `LIBSSH2_LDFLAGS_BIN` (and more).
- merge examples build into the main Makefile.
- relative dependency paths are now the same for building libssh2 or
examples.
- drop detection for obsolete OpenSSL versions (can be configure via new
`OPENSSL_LIBS`).
- merge dev/dist distribution zip options.
- build libssh2 with `-DHAVE_STRTOLL`.
- tidy-up.
- build examples in static mode by default (use `DYN` to build them in
shared mode).
- drop forced (in non-debug mode) `-O2`.
- drop Win9x support.
- deprecate `ARCH` in favour of custom options and `TRIPLET`.
- drop Windows resources from examples for simplicity
- drop `WITH_ZLIB`. Default `ZLIB_PATH` to enable zlib support.
- drop `LIBSSH2_DLL_A_SUFFIX`, use standard value `.dll` (as in
`libssh2.dll.a`).
- always link `bcrypt` (for LibreSSL and OpenSSL) and `crypt32`
(for wolfSSL).
- unhide executed build commands.
- fix mbedTLS `lib` path
- drop specific options to force static linking. Custom options seems
a better way for this.
- based on similar work made for curl:
a8861b6ccdCloses#842
Before this patch, with debug logging disabled, libssh2 code used a
variadic macro to catch `_libssh2_debug()` calls, and convert them to
no-ops. In certain conditions, it used an empty inline function instead.
Variadic macro is a C99 feature. It means that depending on compiler,
and build settings, it littered the build log with warnings about this.
The new solution uses the trick of passing the variable arg list as a
single argument and pass that down to the debug function with a regular
macro. When disabled, another regular C89-compatible macro converts it
to a no-op.
This makes inlining, C99 variadic macros and maintaining the conditions
for each unnecessary and also makes the codebase compile more
consistently, e.g. with forced C standards and/or picky warnings.
TL;DR: It makes this feature C89-compliant.
Building with wolfSSL or pre-OpenSSL v1.1.1 triggered it.
```
../src/openssl.h:130:5: warning: 'LIBRESSL_VERSION_NUMBER' is not defined, evaluates to 0 [-Wundef]
LIBRESSL_VERSION_NUMBER >= 0x3070000fL
^
```
Regression from 2e2812dde8
wolfSSL supports building with zlib as a dependency, that's the reason
for the ZLIB logic in the patch.
Also add it to `docs/INSTALL_CMAKE.md` and to the help text in
`src/CMakeLists.txt`.
Running tests not actually tested.
Follow-up to 9f217a17f6
Ref: #817
Flakiness got continously worse these last days. It didn't seem related
to recent commits. Flakiness also picked up in GitHub CI runs, something
rarely seen before. Manual restart consistently fixed them.
The repeating pattern was the _first_ test (`test_hostkey`) failing,
with `libssh2_session_handshake failed (-13): Failed getting banner`.
Failures came after a lengthy wait, suggesting a timeout.
I then reversed the order of the first two tests, and it turned out that
the _first_ test failed again (`test_hostkey_hash`). Also pointing to a
timeout issue.
Then I added a dummy test to "warm up" whatever needs warming up in the
layers of CI + Docker + ssh server and their interconnects. This helped,
and GitHub CI tests run without failure right for the first time.
AppVeyor CI also improved a little.
This patch adds a new first test called `test_warmup`, that creates a
new libssh2 session, and exits with success even if that attempt failed.
A stop-gap solution at best, and there is no guarantee it will continue
to fix this or similar future issues, but it's also untenable to have
almost every CI run fail for intermittent reasons.
In some [1] cases [2] it's not the first test failing intermittently.
That's a different issue, and this patch doesn't fix it.
[1] #804
[2] https://ci.appveyor.com/project/libssh2org/libssh2/builds/46440828/job/8rej6cq6itg7vc4w#L500
Turns out `test_keyboard_interactive_auth_info_request.c` requires
`src/libssh2_priv.h`, which in turn requires a correctly set
`HAVE_SNPRINTF`.
Follow-up to 4cdf785cd3.
Added in cf80f2f4b5 (on 2016-08-14),
with the title "Basic dockerised test suite".
It's not clear why a C standard was explicitly set, but a side-effect
of this is that CMake-built binaries diverged from ones built with
autotools or GNU Make (using the same compiler and configuration).
Another issue is that this may introduce ABI incompatibility with
binaries built with a different C standard flag, e.g. the C compiler
default or one used for other components of a final app.
Seems unlikely, but if our tests require this option, we should set it
for the CI builds only?
This restores socket libs to their pre-regression positions.
Without this, `ld` doesn't find `ws2_32` symbols when referenced
from TLS libs.
Regression from 31fb8860db
Should fix these warnings with MSVS 2013 and older:
`agent.c(294): warning C4013: '_libssh2_snprintf' undefined; assuming extern returning int`
Follow-up to 4cdf785cd3.
autotools builds already did auto-detect and set this mingw-specific
macro, but CMake and GNU Make builds did not. This patch fixes that.
Necessary for `src/scp.c`.
Add OpenSSL 3 and versionless DLL names. Also modernize warning messages
and variable names.
Do we need the OpenSSL-Windows-specific check and the related
`RUNTIME_DEPENDENCIES` feature? The list of OpenSSL DLLs was out of date
for 1.5 years without anybody noticing. Keeping it fresh is a chore and
copying around DLL dependencies rarely helps as much as expected. This
check also results in unuseful warnings in certain build scenarios, e.g.
when linking to OpenSSL statically.
Implement wolfSSL support for libssh2 when building with CMake.
Configuration example from curl-for-win:
```
-DCRYPTO_BACKEND=wolfSSL
-DWOLFSSL_LIBRARY=/path-to/wolfssl/lib/libwolfssl.a
-DWOLFSSL_INCLUDE_DIR=/path-to/wolfssl/include
```
Module `cmake/Findwolfssl.cmake` copied from:
e4d920c4b7/cmake/Findwolfssl.cmake
via commit:
296396d373
by Stefan Eissing
