image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS7_BUILD
script:
- ./autogen.sh
- - ./configure --with-java CFLAGS=-g
+ - ./configure --with-java --enable-ppp-tests CFLAGS=-g
- make -j4
-# UTF-8 support is not available
+# auth-nonascii: UTF-8 support is not available in distro's ocserv package
- make VERBOSE=1 XFAIL_TESTS="auth-nonascii" -j4 check
tags:
- shared
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS7_BUILD
script:
- ./autogen.sh
- - ./configure --without-gnutls --with-openssl --with-java --without-openssl-version-check --enable-dtls-xfail --disable-dsa-tests CFLAGS=-g
+ - ./configure --without-gnutls --with-openssl --with-java --without-openssl-version-check --enable-dtls-xfail --disable-dsa-tests --enable-ppp-tests CFLAGS=-g
- make -j4
-# auth-nonascii: UTF-8 support is not available
+ # we don't want pppd to invoke any actual connection scripts
+ - mv /etc/ppp /etc/ppp.DISABLED
+# auth-nonascii: UTF-8 support is not available in distro's ocserv package
# dtls-psk: communication with ocserv fails for undetermined reasons marking as xfail until issue is identified
- make VERBOSE=1 XFAIL_TESTS="auth-nonascii dtls-psk" -j4 check
tags:
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS8_BUILD
script:
- ./autogen.sh
- - ./configure --with-java --without-gnutls-version-check --disable-dsa-tests CFLAGS=-g
+ - ./configure --with-java --without-gnutls-version-check --disable-dsa-tests --enable-ppp-tests CFLAGS=-g
- make -j4
-# UTF-8 support is not available
+ # we don't want pppd to invoke any actual connection scripts
+ - mv /etc/ppp /etc/ppp.DISABLED
+# auth-nonascii: UTF-8 support is not available in distro's ocserv package
- make VERBOSE=1 XFAIL_TESTS="auth-nonascii" -j4 check
tags:
- shared
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS8_BUILD
script:
- ./autogen.sh
- - ./configure --without-gnutls --with-openssl --with-java --without-openssl-version-check --disable-dsa-tests CFLAGS=-g
+ - ./configure --without-gnutls --with-openssl --with-java --without-openssl-version-check --disable-dsa-tests --enable-ppp-tests CFLAGS=-g
- make -j4
-# UTF-8 support is not available
-# OpenSSL 1.1.0 disables 3DES and RC4 by default (https://www.openssl.org/blog/blog/2016/08/24/sweet32/)
+ # we don't want pppd to invoke any actual connection scripts
+ - mv /etc/ppp /etc/ppp.DISABLED
+# auth-nonascii: UTF-8 support is not available in distro's ocserv package
+# obsolete-server-crypto: OpenSSL 1.1.0 disables 3DES and RC4 by default (https://www.openssl.org/blog/blog/2016/08/24/sweet32/)
- make VERBOSE=1 XFAIL_TESTS="auth-nonascii obsolete-server-crypto" -j4 check
tags:
- shared
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS6_BUILD
script:
- ./autogen.sh
+ # We should --enable-ppp-tests here, but they just aren't working. For reasons that are not
+ # clear, OpenConnect fails to handshake a TLS connection to socat 1.7.2 (from CentOS 6 EPEL).
- ./configure --with-java --without-openssl-version-check --enable-dtls-xfail CFLAGS=-g
- make -j4
-# UTF-8 support is not available
+ # we don't want pppd to invoke any actual connection scripts
+ - mv /etc/ppp /etc/ppp.DISABLED
+# auth-nonascii: UTF-8 support is not available in distro's ocserv package
- make VERBOSE=1 XFAIL_TESTS="bad_dtls_test auth-nonascii" -j4 check
tags:
- shared
Fedora/GnuTLS:
script:
- ./autogen.sh
- - ./configure --with-java --disable-dsa-tests --without-gnutls-version-check CFLAGS=-g
+ - ./configure --with-java --disable-dsa-tests --without-gnutls-version-check --enable-ppp-tests CFLAGS=-g
- make tmp-distdir
- cd openconnect-$(git describe --tags | sed s/^v//)
- - ./configure --with-java --disable-dsa-tests --without-gnutls-version-check CFLAGS=-g
+ - ./configure --with-java --disable-dsa-tests --without-gnutls-version-check --enable-ppp-tests CFLAGS=-g
- make -j4
- # Disable rdrand to work around https://bugzilla.redhat.com/1831086
+ # we don't want pppd to invoke any actual connection scripts
+ - mv /etc/ppp /etc/ppp.DISABLED
+# auth-pkcs11: Disable rdrand to work around https://bugzilla.redhat.com/1831086
- make VERBOSE=1 OPENSSL_ia32cap=~0x4000000000000000 -j4 check
tags:
- shared
Fedora/GnuTLS/clang:
script:
- ./autogen.sh
- - ./configure --with-java --disable-dsa-tests --without-gnutls-version-check CC=clang CFLAGS=-g
+ - ./configure --with-java --disable-dsa-tests --without-gnutls-version-check CC=clang --enable-ppp-tests CFLAGS=-g
- make tmp-distdir
- cd openconnect-$(git describe --tags | sed s/^v//)
- - ./configure --with-java --disable-dsa-tests --without-gnutls-version-check CC=clang CFLAGS=-g
+ - ./configure --with-java --disable-dsa-tests --without-gnutls-version-check CC=clang --enable-ppp-tests CFLAGS=-g
- make -j4
- # Disable rdrand to work around https://bugzilla.redhat.com/1831086
+ # we don't want pppd to invoke any actual connection scripts
+ - mv /etc/ppp /etc/ppp.DISABLED
+# auth-pkcs11: Disable rdrand to work around https://bugzilla.redhat.com/1831086
- make VERBOSE=1 OPENSSL_ia32cap=~0x4000000000000000 -j4 check
tags:
- shared
# Re-enable DSA since we test it
- update-crypto-policies --set LEGACY
- ./autogen.sh
- - ./configure --without-gnutls --with-openssl --without-openssl-version-check --disable-dsa-tests CFLAGS=-g
+ - ./configure --without-gnutls --with-openssl --without-openssl-version-check --disable-dsa-tests --enable-ppp-tests CFLAGS=-g
- make tmp-distdir
- cd openconnect-$(git describe --tags | sed s/^v//)
- - ./configure --without-gnutls --with-openssl --without-openssl-version-check --disable-dsa-tests CFLAGS=-g
+ - ./configure --without-gnutls --with-openssl --without-openssl-version-check --disable-dsa-tests --enable-ppp-tests CFLAGS=-g
- make -j4
-# OpenSSL 1.1.0 disables 3DES and RC4 by default (https://www.openssl.org/blog/blog/2016/08/24/sweet32/)
+ # we don't want pppd to invoke any actual connection scripts
+ - mv /etc/ppp /etc/ppp.DISABLED
+# auth-nonascii: UTF-8 support is not available in distro's ocserv package
+# obsolete-server-crypto: OpenSSL 1.1.0 disables 3DES and RC4 by default (https://www.openssl.org/blog/blog/2016/08/24/sweet32/)
- make VERBOSE=1 XFAIL_TESTS="obsolete-server-crypto" -j4 check
tags:
- shared
# Re-enable DSA since we test it
- update-crypto-policies --set LEGACY
- ./autogen.sh
- - ./configure CC=clang --without-gnutls --with-openssl --without-openssl-version-check --disable-dsa-tests CFLAGS=-g
+ - ./configure CC=clang --without-gnutls --with-openssl --without-openssl-version-check --disable-dsa-tests --enable-ppp-tests CFLAGS=-g
- make tmp-distdir
- cd openconnect-$(git describe --tags | sed s/^v//)
- - ./configure CC=clang --without-gnutls --with-openssl --without-openssl-version-check --disable-dsa-tests CFLAGS=-g
+ - ./configure CC=clang --without-gnutls --with-openssl --without-openssl-version-check --disable-dsa-tests --enable-ppp-tests CFLAGS=-g
- make -j4
- # auth-nonascii: UTF-8 support is not available in distro's ocserv package
+ # we don't want pppd to invoke any actual connection scripts
+ - mv /etc/ppp /etc/ppp.DISABLED
-# OpenSSL 1.1.0 disables 3DES and RC4 by default (https://www.openssl.org/blog/blog/2016/08/24/sweet32/)
+# obsolete-server-crypto: OpenSSL 1.1.0 disables 3DES and RC4 by default (https://www.openssl.org/blog/blog/2016/08/24/sweet32/)
- make VERBOSE=1 XFAIL_TESTS="obsolete-server-crypto" -j4 check
tags:
- shared
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$UBUNTU_BUILD
script:
- ./autogen.sh
- - ./configure --with-java CFLAGS=-g
+ - ./configure --with-java --enable-ppp-tests CFLAGS=-g
- make -j4
-# UTF-8 support is not available
+ # we don't want pppd to invoke any actual connection scripts
+ - mv /etc/ppp /etc/ppp.DISABLED
+ # For reasons that are unclear, but probably also unimportant, IPv6 is disabled by default on this CI
+ # image (verified in https://gitlab.com/openconnect/openconnect/-/jobs/1135199323#L335), and this will
+ # cause PPP tests using IPv6 to fail. So we must explicitly enable IPv6:
+ - sysctl net.ipv6.conf.all.disable_ipv6=0
- # obsolete-server-crypto: OpenSSL 1.1.0 disables 3DES and RC4 by default (https://www.openssl.org/blog/blog/2016/08/24/sweet32/)
+# auth-nonascii: UTF-8 support is not available in distro's ocserv package
- make VERBOSE=1 XFAIL_TESTS="auth-nonascii" -j4 check
tags:
- shared
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$UBUNTU_BUILD
script:
- ./autogen.sh
- - ./configure --without-gnutls --with-openssl --with-java --without-openssl-version-check --disable-dsa-tests CFLAGS=-g
+ - ./configure --without-gnutls --with-openssl --with-java --without-openssl-version-check --disable-dsa-tests --enable-ppp-tests CFLAGS=-g
- make -j4
-# UTF-8 support is not available
-# OpenSSL 1.1.0 disables 3DES and RC4 by default (https://www.openssl.org/blog/blog/2016/08/24/sweet32/)
+ # we don't want pppd to invoke any actual connection scripts
+ - mv /etc/ppp /etc/ppp.DISABLED
+ # For reasons that are unclear, but probably also unimportant, IPv6 is disabled by default on this CI
+ # image (verified in https://gitlab.com/openconnect/openconnect/-/jobs/1135199323#L335), and this will
+ # cause PPP tests using IPv6 to fail. So we must explicitly enable IPv6:
+ - sysctl net.ipv6.conf.all.disable_ipv6=0
+# auth-nonascii: UTF-8 support is not available in distro's ocserv package
+# obsolete-server-crypto: OpenSSL 1.1.0 disables 3DES and RC4 by default (https://www.openssl.org/blog/blog/2016/08/24/sweet32/)
- make VERBOSE=1 XFAIL_TESTS="auth-nonascii obsolete-server-crypto" -j4 check
tags:
- shared
projects / users / dwmw2 / openconnect.git / commitdiff