mirror of
https://github.com/nim-lang/Nim.git
synced 2025-12-29 09:24:36 +00:00
5b85444244
* Implement SSL/TLS certificate checking #782 * SSL: Add nimDisableCertificateValidation Remove NIM_SSL_CERT_VALIDATION env var tests/untestable/thttpclient_ssl.nim ran successfully on Linux with libssl 1.1.1d * SSL: update integ test to skip flapping tests * Revert .travis.yml change * nimDisableCertificateValidation disable imports Prevent loading symbols that are not defined on older SSL libs * SSL: disable verification in net.nim ..when nimDisableCertificateValidation is set * Update changelog * Fix peername type * Add define check for windows * Disable test on windows * Add exprimental GitHub action CI for SSL * Test nimDisableCertificateValidation
92 lines
2.7 KiB
YAML
92 lines
2.7 KiB
YAML
name: Nim SSL CI
|
|
on:
|
|
pull_request:
|
|
# Run only on changes on related files
|
|
paths:
|
|
- 'lib/pure/httpclient.nim'
|
|
- 'lib/pure/net.nim'
|
|
- 'lib/pure/ssl_certs.nim'
|
|
- 'lib/wrappers/openssl.nim'
|
|
- 'tests/stdlib/thttpclient_ssl*'
|
|
- 'tests/untestable/thttpclient_ssl*'
|
|
|
|
jobs:
|
|
build:
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
os: [ubuntu-18.04, macos-10.15, windows-2019]
|
|
cpu: [amd64]
|
|
name: '${{ matrix.os }} (${{ matrix.cpu }})'
|
|
runs-on: ${{ matrix.os }}
|
|
steps:
|
|
- name: 'Checkout'
|
|
uses: actions/checkout@v2
|
|
|
|
- name: 'Checkout csources'
|
|
uses: actions/checkout@v2
|
|
with:
|
|
repository: nim-lang/csources
|
|
path: csources
|
|
|
|
- name: 'Install dependencies (Linux amd64)'
|
|
if: runner.os == 'Linux' && matrix.cpu == 'amd64'
|
|
run: |
|
|
sudo apt-fast update -qq
|
|
DEBIAN_FRONTEND='noninteractive' \
|
|
sudo apt-fast install --no-install-recommends -y libssl1.1
|
|
- name: 'Install dependencies (macOS)'
|
|
if: runner.os == 'macOS'
|
|
run: brew install make
|
|
- name: 'Install dependencies (Windows)'
|
|
if: runner.os == 'Windows'
|
|
shell: bash
|
|
run: |
|
|
mkdir dist
|
|
curl -L https://nim-lang.org/download/mingw64.7z -o dist/mingw64.7z
|
|
curl -L https://nim-lang.org/download/dlls.zip -o dist/dlls.zip
|
|
7z x dist/mingw64.7z -odist
|
|
7z x dist/dlls.zip -obin
|
|
echo "::add-path::${{ github.workspace }}/dist/mingw64/bin"
|
|
|
|
- name: 'Add build binaries to PATH'
|
|
shell: bash
|
|
run: echo "::add-path::${{ github.workspace }}/bin"
|
|
|
|
- name: 'Build 1-stage compiler from csources'
|
|
shell: bash
|
|
run: |
|
|
ncpu=
|
|
case '${{ runner.os }}' in
|
|
'Linux')
|
|
ncpu=$(nproc)
|
|
;;
|
|
'macOS')
|
|
ncpu=$(sysctl -n hw.ncpu)
|
|
;;
|
|
'Windows')
|
|
ncpu=$NUMBER_OF_PROCESSORS
|
|
;;
|
|
esac
|
|
[[ -z "$ncpu" || $ncpu -le 0 ]] && ncpu=1
|
|
|
|
make -C csources -j $ncpu CC=gcc ucpu='${{ matrix.cpu }}'
|
|
|
|
- name: 'Build koch'
|
|
shell: bash
|
|
run: nim c koch
|
|
|
|
- name: 'Build the real compiler'
|
|
shell: bash
|
|
run: ./koch boot
|
|
|
|
- name: 'Run SSL nimDisableCertificateValidation integration tests'
|
|
shell: bash
|
|
run: nim c -d:nimDisableCertificateValidation -d:ssl -r -p:. tests/untestable/thttpclient_ssl_disabled.nim
|
|
|
|
- name: 'Run SSL certificate check integration tests'
|
|
# Not supported on Windows due to old openssl version
|
|
if: runner.os != 'Windows'
|
|
shell: bash
|
|
run: nim c -d:ssl -p:. --threads:on -r tests/untestable/thttpclient_ssl.nim
|