As the mbedtls introduction commit says, mbedtls v3 is not available in
Debian 12 and Ubuntu 22.04/24.04.
Although to ensure we have sufficient build coverage, let's enable it
everywhere else. While also adding a permutation where it's the only
crypto implementation built-in.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Link: https://github.com/kmod-project/kmod/pull/426
Signed-off-by: Lucas De Marchi <demarchi@kernel.org>
git \
gtk-doc \
linux-stable-dev \
git \
gtk-doc \
linux-stable-dev \
meson \
openssl-dev \
scdoc \
meson \
openssl-dev \
scdoc \
gtk-doc \
linux-headers \
lld \
gtk-doc \
linux-headers \
lld \
export DEBIAN_FRONTEND=noninteractive
export TZ=Etc/UTC
export DEBIAN_FRONTEND=noninteractive
export TZ=Etc/UTC
+
+. /etc/os-release
+
+mbedtls_pkgs=()
+if [[ "$VERSION_CODENAME" != "bookworm" ]]; then
+ mbedtls_pkgs=("libmbedtls-dev")
+fi
+
apt-get update
apt-get install --yes \
bash \
apt-get update
apt-get install --yes \
bash \
libzstd-dev \
linux-headers-generic \
meson \
libzstd-dev \
linux-headers-generic \
meson \
scdoc \
zlib1g-dev \
zstd
scdoc \
zlib1g-dev \
zstd
libubsan \
libzstd-devel \
make \
libubsan \
libzstd-devel \
make \
meson \
openssl-devel \
scdoc \
meson \
openssl-devel \
scdoc \
matrix:
include:
- container: 'ubuntu:24.04'
matrix:
include:
- container: 'ubuntu:24.04'
- meson_setup: '-D b_sanitize=none -D build-tests=false'
+ meson_setup: '-D b_sanitize=none -D build-tests=false -Dmbedtls=disabled'
container:
image: ${{ matrix.container }}
container:
image: ${{ matrix.container }}
matrix:
include:
- container: 'ubuntu:24.04'
matrix:
include:
- container: 'ubuntu:24.04'
- meson_setup: '-D b_sanitize=none -D b_coverage=true'
+ meson_setup: '-D b_sanitize=none -D b_coverage=true -Dmbedtls=disabled'
container:
image: ${{ matrix.container }}
container:
image: ${{ matrix.container }}
only_bits: '64'
- container: 'archlinux:multilib-devel'
- container: 'debian:bookworm-slim'
only_bits: '64'
- container: 'archlinux:multilib-devel'
- container: 'debian:bookworm-slim'
- meson_setup: '-Dzstd=disabled -Dxz=disabled -Dzlib=disabled'
+ meson_setup: '-Dzstd=disabled -Dxz=disabled -Dzlib=disabled -Dmbedtls=disabled'
only_compiler: 'gcc'
- container: 'debian:unstable'
- container: 'fedora:latest'
only_bits: '64'
- container: 'ubuntu:22.04'
only_compiler: 'gcc'
- container: 'debian:unstable'
- container: 'fedora:latest'
only_bits: '64'
- container: 'ubuntu:22.04'
+ meson_setup: '-Dmbedtls=disabled'
- container: 'ubuntu:24.04'
- container: 'ubuntu:24.04'
+ meson_setup: '-Dmbedtls=disabled'
only_bits: '64'
custom: 'no-xz-dlopen-all'
- container: 'ubuntu:22.04'
only_bits: '64'
custom: 'no-xz-dlopen-all'
- container: 'ubuntu:22.04'
- meson_setup: '-Ddlopen=zstd,zlib'
+ meson_setup: '-Ddlopen=zstd,zlib -Dmbedtls=disabled'
only_bits: '64'
custom: 'dlopen-zstd-zlib'
only_bits: '64'
custom: 'dlopen-zstd-zlib'
only_compiler: 'gcc'
custom: 'custom-moduledir'
only_compiler: 'gcc'
custom: 'custom-moduledir'
+ # Variant without openssl - only mbedtls
+ - container: 'archlinux:multilib-devel'
+ meson_setup: '-Dopenssl=disabled'
+ only_bits: '64'
+ only_compiler: 'gcc'
+ custom: 'mbedtls-only'
+
container:
image: ${{ matrix.container }}
container:
image: ${{ matrix.container }}
should_fail -D dlopen=nonexistent
should_fail -D xz=disabled -D dlopen=xz
should_fail -D dlopen=nonexistent
should_fail -D xz=disabled -D dlopen=xz
- should_pass -D dlopen=xz
- should_pass -D dlopen=xz -D xz=enabled
+ should_pass -D mbedtls=disabled -D dlopen=xz
+ should_pass -D mbedtls=disabled -D dlopen=xz -D xz=enabled
if [[ "$2" == "32" ]]; then
echo "::notice::TODO fix and reuse the original options."
if [[ "$2" == "32" ]]; then
echo "::notice::TODO fix and reuse the original options."
- setup_options="$setup_options -Dzstd=disabled -Dxz=disabled -Dzlib=disabled -Dopenssl=disabled"
+ setup_options="$setup_options -Dzstd=disabled -Dxz=disabled -Dzlib=disabled -Dopenssl=disabled -Dmbedtls=disabled"
echo "::notice::TODO fix and re-enable sanitizer(s)."
setup_options="$setup_options -Db_sanitize=none"
echo "::notice::TODO fix and re-enable sanitizer(s)."
setup_options="$setup_options -Db_sanitize=none"
xz = 'enabled'
zlib = 'enabled'
openssl = 'enabled'
xz = 'enabled'
zlib = 'enabled'
openssl = 'enabled'
werror = true
b_sanitize = 'address,undefined'
werror = true
b_sanitize = 'address,undefined'
option(
'mbedtls',
type : 'feature',
option(
'mbedtls',
type : 'feature',
- value : 'disabled',
- description : 'MbedTLS support, PKCS7 signatures. Default: disabled',
+ value : 'enabled',
+ description : 'MbedTLS support, PKCS7 signatures. Default: enabled',
projects / thirdparty / kmod.git / commitdiff
