Merge pull request #68 from Geod24/add-ci

Add sslecho example, a missing const, and a CI script with multiple versions

Author: CyberShadow

.github/workflows/ci.yml

@@ -0,0 +1,114 @@
+# Test the bindings using various OpenSSL versions
+#
+# For Linux / Windows, we cannot rely on the package manager,
+# as each new release will come with a specific OpenSSL version,
+# and we don't have control over this.
+#
+# Instead, this workflow installs an explicit version, builds it,
+# and test the tls package with it.
+name: CI
+
+on: [push, pull_request]
+
+jobs:
+  deps:
+    strategy:
+      matrix:
+        os: [ ubuntu-latest ]
+        openssl:
+          - version: 1.0.2u
+            link: https://www.openssl.org/source/old/1.0.2/openssl-1.0.2u.tar.gz
+          - version: 1.1.0l
+            link: https://www.openssl.org/source/old/1.1.0/openssl-1.1.0l.tar.gz
+          - version: 1.1.1o
+            link: https://www.openssl.org/source/openssl-1.1.1o.tar.gz
+          - version: 3.0.3
+            link: https://www.openssl.org/source/openssl-3.0.3.tar.gz
+
+    runs-on: ${{ matrix.os }}
+    timeout-minutes: 15
+
+    # Build the OpenSSL version if not already cached
+    steps:
+    - name: 'Looking up cache'
+      id: cache-openssl
+      uses: actions/cache@v1
+      with:
+        path: ${{ github.workspace }}/openssl/
+        key: ${{ runner.os }}-${{ runner.arch }}-${{ matrix.openssl.version }}
+
+    - name: 'Download and build OpenSSL ${{ matrix.openssl.version }}'
+      if: steps.cache-openssl.outputs.cache-hit != 'true'
+      run: |
+        mkdir -p ${{ github.workspace }}/openssl/
+        pushd ${{ github.workspace }}/openssl/
+        wget -O download.tar.gz ${{ matrix.openssl.link }}
+        tar -xf download.tar.gz
+        pushd openssl-${{ matrix.openssl.version }}/
+        ./config --prefix=${{ github.workspace }}/openssl/install/
+        make install
+        echo "OpenSSL ${{ matrix.openssl.version }} has been installed in: ${{ github.workspace }}/openssl/install/"
+
+  # The previous job was separated to avoid a build once per matrix row,
+  # as opposed to once per platform / version as we want.
+  test:
+    needs: deps
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ ubuntu-latest ]
+        dc:
+          - dmd-latest
+          - ldc-latest
+        openssl:
+          - version: 1.0.2u
+            lib-dir: lib
+          - version: 1.1.0l
+            lib-dir: lib
+          - version: 1.1.1o
+            lib-dir: lib
+          - version: 3.0.3
+            lib-dir: lib64
+
+    runs-on: ${{ matrix.os }}
+    timeout-minutes: 60
+
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: Prepare compiler
+      uses: dlang-community/setup-dlang@v1
+      with:
+          compiler: ${{ matrix.dc }}
+
+    # Restore or install build openssl version
+    - name: 'Restore openssl from cache'
+      id: lookup-openssl
+      uses: actions/cache@v1
+      with:
+        path: ${{ github.workspace }}/openssl/
+        key: ${{ matrix.os }}-${{ matrix.openssl.version }}
+
+    - name: 'Make sure OpenSSL was loaded from cache'
+      if: steps.lookup-openssl.outputs.cache-hit != 'true'
+      run: exit 1
+
+    - name: 'Remove OpenSSL package, export env variables'
+      run: |
+        sudo apt-get remove -y libssl-dev
+        echo "PKG_CONFIG_PATH=${{ github.workspace }}/openssl/install/${{ matrix.openssl.lib-dir }}/pkgconfig/" >> $GITHUB_ENV
+        echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:${{ github.workspace }}/openssl/install/${{ matrix.openssl.lib-dir }}/" >> $GITHUB_ENV
+
+    - name: 'Run tests'
+      run: |
+        echo "pkg-config uses: $(pkg-config --modversion openssl)"
+        if [ `pkg-config --modversion openssl` != "${{ matrix.openssl.version }}" ]; then
+            echo "Expected version '${{ matrix.openssl.version }}' but got `pkg-config --modversion openssl`"
+            exit 1
+        fi
+        cd examples/sslecho/
+        ${{ github.workspace }}/openssl/install/bin/openssl req -batch -newkey rsa:4096 -x509 -sha256 -days 3650 -subj "/C=GB/CN=localhost" -nodes -out cert.pem -keyout key.pem
+        dub build
+        # TODO: FIXME: This currently does not work because certificate verification fails (works on my machine).
+        # But at least it links, which is a good starting point.
+        #$DC -run test.d

.gitignore

@@ -5,3 +5,6 @@
 /.dub/
 /openssl
 /*-test-library
+
+/examples/sslecho/sslecho
+/examples/sslecho/test

examples/sslecho/.gitignore

@@ -0,0 +1,15 @@
+.dub
+docs.json
+__dummy.html
+docs/
+/sslecho
+sslecho.so
+sslecho.dylib
+sslecho.dll
+sslecho.a
+sslecho.lib
+sslecho-test-*
+*.exe
+*.o
+*.obj
+*.lst

examples/sslecho/README.md

@@ -0,0 +1,15 @@
+# sslecho: A simple echo server
+
+This example was ported from [the official OpenSSL repository](https://github.com/openssl/openssl/tree/ef8040bce02758de86fc55412ee4ac9102f9ffab/demos/sslecho).
+The certificates can be generated using:
+```shell
+openssl req -batch -newkey rsa:4096 -x509 -sha256 -days 3650 -subj "/C=FR/CN=localhost" -nodes -out cert.pem -keyout key.pem
+```
+And 'localhost' was used as domain.
+
+The server and client need to be called with the following commands (respectively):
+```shell
+$ ./sslecho s # Starts the server
+$ ./sslecho c localhost
+```
+Note that using `127.0.0.1` will not work.

examples/sslecho/dub.json

@@ -0,0 +1,10 @@
+{
+    "name": "sslecho",
+    "description": "Port of OpenSSL demo of the same name",
+
+    "dependencies": {
+        "openssl": {
+            "path": "../../"
+        }
+    }
+}