Port of POSIX examples to freeBSD and Darwin

.github/workflows/freebsd.yml

@@ -0,0 +1,34 @@
+name: FreeBSD interop tests
+
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+jobs:
+  freebsd_test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Build and run tests on FreeBSD
+        id: test
+        uses: vmactions/freebsd-vm@v1
+        with:
+          copyback: false
+          usesh: true
+          prepare: |
+            set -ex
+            env IGNORE_OSVERSION=yes pkg update -f
+            env IGNORE_OSVERSION=yes pkg install -y gmake gcc wolfssl check vim
+            kldload if_tap || true
+            sysctl net.link.tap.up_on_open=1 || true
+          run: |
+            set -ex
+            cd "${GITHUB_WORKSPACE:-/root/work/github/workspace}"
+            gmake build/test-evloop build/test-wolfssl build/test-ttl-expired unit
+            ./build/test/unit
+            ./build/test-evloop
+            ./build/test-wolfssl
+            ./build/test-ttl-expired

.github/workflows/linux.yml

@@ -44,3 +44,15 @@ jobs:
         run: |
           ./build/test-ttl-expired
 
+      - name: Install check
+        run: |
+          sudo apt-get install -y check
+
+      - name: Build unit tests
+        run: |
+          make unit
+
+      - name: Run unit tests
+        run: |
+          build/test/unit
+

.github/workflows/macos.yml

@@ -0,0 +1,46 @@
+name: macOS interop tests
+
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+jobs:
+  macos_test:
+    runs-on: macos-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+
+      - name: Install dependencies
+        run: |
+          brew update
+          brew install make wolfssl check
+
+      - name: Build tests
+        run: |
+          PATH="/opt/homebrew/opt/make/libexec/gnubin:$PATH" \
+          gmake build/test-evloop build/test-wolfssl build/test-ttl-expired unit
+
+      - name: Run event loop test
+        run: |
+          sudo PATH="/opt/homebrew/opt/make/libexec/gnubin:$PATH" ./build/test-evloop
+        timeout-minutes: 3
+
+      - name: Run wolfSSL interop test
+        run: |
+          sudo PATH="/opt/homebrew/opt/make/libexec/gnubin:$PATH" ./build/test-wolfssl
+        timeout-minutes: 3
+
+      - name: Run unit tests
+        run: |
+          ./build/test/unit
+        timeout-minutes: 2
+
+      - name: Run TTL expired test
+        run: |
+          ./build/test-ttl-expired
+        timeout-minutes: 1

Makefile

@@ -3,6 +3,80 @@ CFLAGS:=-Wall -Werror -Wextra -I. -D_GNU_SOURCE
 CFLAGS+=-g -ggdb -Wdeclaration-after-statement
 LDFLAGS+=-pthread
 
+UNAME_S:=$(shell uname -s)
+UNAME_M:=$(shell uname -m)
+UNAME_LC:=$(shell echo $(UNAME_S) | tr 'A-Z' 'a-z')
+ifeq ($(UNAME_S),FreeBSD)
+  CFLAGS+=-I/usr/local/include
+  LDFLAGS+=-L/usr/local/lib
+endif
+ifeq ($(UNAME_S),Darwin)
+  BREW_PREFIX?=$(shell brew --prefix 2>/dev/null)
+  ifeq ($(filter command\ line environment,$(origin BREW_PREFIX)),)
+    ifeq ($(UNAME_M),arm64)
+      ARM_BREW_PREFIX:=$(shell /opt/homebrew/bin/brew --prefix 2>/dev/null)
+      ifneq ($(ARM_BREW_PREFIX),)
+        BREW_PREFIX:=$(ARM_BREW_PREFIX)
+      endif
+    endif
+  endif
+  ifeq ($(BREW_PREFIX),)
+    BREW_PREFIX:=/opt/homebrew
+  endif
+  WOLFSSL_PREFIX?=$(shell brew --prefix wolfssl 2>/dev/null)
+  ifeq ($(filter command\ line environment,$(origin WOLFSSL_PREFIX)),)
+    ifeq ($(UNAME_M),arm64)
+      ARM_WOLFSSL_PREFIX:=$(shell /opt/homebrew/bin/brew --prefix wolfssl 2>/dev/null)
+      ifneq ($(ARM_WOLFSSL_PREFIX),)
+        WOLFSSL_PREFIX:=$(ARM_WOLFSSL_PREFIX)
+      endif
+    endif
+  endif
+  ifneq ($(WOLFSSL_PREFIX),)
+    CFLAGS+=-I$(WOLFSSL_PREFIX)/include
+    LDFLAGS+=-L$(WOLFSSL_PREFIX)/lib
+  endif
+  CHECK_PREFIX?=$(shell brew --prefix check 2>/dev/null)
+  ifeq ($(filter command\ line environment,$(origin CHECK_PREFIX)),)
+    ifeq ($(UNAME_M),arm64)
+      ARM_CHECK_PREFIX:=$(shell /opt/homebrew/bin/brew --prefix check 2>/dev/null)
+      ifneq ($(ARM_CHECK_PREFIX),)
+        CHECK_PREFIX:=$(ARM_CHECK_PREFIX)
+      endif
+    endif
+  endif
+  ifeq ($(CHECK_PREFIX),)
+    CHECK_PREFIX:=$(BREW_PREFIX)
+  endif
+  ifneq ($(CHECK_PREFIX),)
+    UNIT_CFLAGS+=-I$(CHECK_PREFIX)/include
+    UNIT_LDFLAGS+=-L$(CHECK_PREFIX)/lib
+  endif
+endif
+
+
+TAP_SRC:=src/port/posix/tap_$(UNAME_LC).c
+ifeq ($(wildcard $(TAP_SRC)),)
+  TAP_SRC:=src/port/posix/tap_linux.c
+endif
+TAP_OBJ:=$(patsubst src/%.c,build/%.o,$(TAP_SRC))
+TAP_PIE_OBJ:=$(patsubst src/%.c,build/pie/%.o,$(TAP_SRC))
+
+ifeq ($(UNAME_S),Darwin)
+  BEGIN_GROUP:=
+  END_GROUP:=
+else
+  BEGIN_GROUP:=-Wl,--start-group
+  END_GROUP:=-Wl,--end-group
+endif
+
+CHECK_PKG_CFLAGS:=$(shell pkg-config --cflags check 2>/dev/null)
+CHECK_PKG_LIBS:=$(shell pkg-config --libs check 2>/dev/null)
+
+ifneq ($(CHECK_PKG_CFLAGS),)
+  UNIT_CFLAGS+=$(CHECK_PKG_CFLAGS)
+endif
+
 CPPCHECK=cppcheck
 CPPCHECK_FLAGS=--enable=warning,performance,portability,missingInclude \
 			   --suppress=missingIncludeSystem \
@@ -21,11 +95,27 @@ CPPCHECK_FLAGS=--enable=warning,performance,portability,missingInclude \
 			   --error-exitcode=1 --xml --xml-version=2
 
 OBJ=build/wolfip.o \
-	build/port/posix/linux_tap.o
+	$(TAP_OBJ)
+
+HAVE_WOLFSSL:=$(shell printf "#include <wolfssl/options.h>\nint main(void){return 0;}\n" | $(CC) $(CFLAGS) -x c - -c -o /dev/null 2>/dev/null && echo 1)
+
+# Require wolfSSL unless the requested goals are wolfSSL-independent (unit/cppcheck/clean).
+REQ_WOLFSSL_GOALS:=$(filter-out unit cppcheck clean,$(MAKECMDGOALS))
+ifeq ($(strip $(MAKECMDGOALS)),)
+  ifeq ($(HAVE_WOLFSSL),)
+    $(warning wolfSSL headers not found. Skipping wolfSSL-dependent targets)
+  endif
+else
+  ifneq ($(REQ_WOLFSSL_GOALS),)
+    ifeq ($(HAVE_WOLFSSL),)
+      $(error wolfSSL headers not found. Please install wolfSSL or adjust include paths)
+    endif
+  endif
+endif
 
 EXE=build/tcpecho build/tcp_netcat_poll build/tcp_netcat_select \
 	build/test-evloop build/test-dns build/test-wolfssl-forwarding \
-	build/test-ttl-expired build/test-wolfssl
+	build/test-ttl-expired build/test-wolfssl build/test-httpd
 LIB=libwolfip.so
 
 PREFIX=/usr/local
@@ -44,10 +134,10 @@ libtcpip.a: $(OBJ)
 
 libwolfip.so:CFLAGS+=-fPIC
 libwolfip.so:  build/pie/port/posix/bsd_socket.o build/pie/wolfip.o \
-	build/pie/port/posix/linux_tap.o
+	$(TAP_PIE_OBJ)
 	@mkdir -p `dirname $@` || true
 	@echo "[LD] $@"
-	@$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ -Wl,--start-group $(^) -Wl,--end-group
+	@$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $(BEGIN_GROUP) $(^) $(END_GROUP)
 
 
 clean:
@@ -61,40 +151,50 @@ asan:LDFLAGS+=-static-libasan
 
 # Test
 
-unit:LDFLAGS+=-lcheck -lm -lpthread -lrt -ldl -lsubunit
-build/test-evloop: $(OBJ) build/test/test_linux_eventloop.o
+ifeq ($(CHECK_PKG_LIBS),)
+  UNIT_LIBS=-lcheck -lm -lpthread -lrt -ldl -lsubunit
+  ifeq ($(UNAME_S),Darwin)
+    UNIT_LIBS=-lcheck -lm -lpthread
+  else ifeq ($(UNAME_S),FreeBSD)
+    UNIT_LIBS=-lcheck -lm -lpthread
+  endif
+else
+  UNIT_LIBS=$(CHECK_PKG_LIBS)
+endif
+
+unit:LDFLAGS+=$(UNIT_LIBS)
+build/test-evloop: $(OBJ) build/test/test_eventloop.o
 	@echo "[LD] $@"
-	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ -Wl,--start-group $(^) -Wl,--end-group
+	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(BEGIN_GROUP) $(^) $(END_GROUP)
 
-build/test-dns: $(OBJ) build/test/test_linux_dhcp_dns.o
+build/test-dns: $(OBJ) build/test/test_dhcp_dns.o
 	@echo "[LD] $@"
-	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ -Wl,--start-group $(^) -Wl,--end-group
+	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(BEGIN_GROUP) $(^) $(END_GROUP)
 
 build/tcpecho: $(OBJ) build/port/posix/bsd_socket.o build/test/tcp_echo.o
 	@echo "[LD] $@"
-	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ -Wl,--start-group $(^) -Wl,--end-group
+	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(BEGIN_GROUP) $(^) $(END_GROUP)
 
 build/tcp_netcat_poll: $(OBJ) build/port/posix/bsd_socket.o build/test/tcp_netcat_poll.o
 	@echo "[LD] $@"
-	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ -Wl,--start-group $(^) -Wl,--end-group
+	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(BEGIN_GROUP) $(^) $(END_GROUP)
 
 build/tcp_netcat_select: $(OBJ) build/port/posix/bsd_socket.o build/test/tcp_netcat_select.o
 	@echo "[LD] $@"
-	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ -Wl,--start-group $(^) -Wl,--end-group
+	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(BEGIN_GROUP) $(^) $(END_GROUP)
 
 
 build/test-wolfssl:CFLAGS+=-Wno-cpp -DWOLFSSL_DEBUG -DWOLFSSL_WOLFIP
 build/test-httpd:CFLAGS+=-Wno-cpp -DWOLFSSL_DEBUG -DWOLFSSL_WOLFIP -Isrc/http
 build/test-wolfssl-forwarding:CFLAGS+=-Wno-cpp -DWOLFSSL_DEBUG -DWOLFSSL_WOLFIP -DWOLFIP_MAX_INTERFACES=2 -DWOLFIP_ENABLE_FORWARDING=1
 
-
 build/test-wolfssl: $(OBJ) build/test/test_native_wolfssl.o build/port/wolfssl_io.o build/certs/server_key.o build/certs/ca_cert.o build/certs/server_cert.o
 	@echo "[LD] $@"
-	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ -Wl,--start-group $(^) -lwolfssl -Wl,--end-group
+	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(BEGIN_GROUP) $(^) -lwolfssl $(END_GROUP)
 
-build/test-wolfssl-forwarding: build/test/test_wolfssl_forwarding.o build/test/wolfip_forwarding.o build/port/posix/linux_tap.o build/port/wolfssl_io.o build/certs/server_key.o build/certs/ca_cert.o build/certs/server_cert.o
+build/test-wolfssl-forwarding: build/test/test_wolfssl_forwarding.o build/test/wolfip_forwarding.o $(TAP_OBJ) build/port/wolfssl_io.o build/certs/server_key.o build/certs/ca_cert.o build/certs/server_cert.o
 	@echo "[LD] $@"
-	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ -Wl,--start-group $(^) -lwolfssl -Wl,--end-group
+	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(BEGIN_GROUP) $(^) -lwolfssl $(END_GROUP)
 
 build/test/test_wolfssl_forwarding.o: CFLAGS+=-DWOLFIP_MAX_INTERFACES=2 -DWOLFIP_ENABLE_FORWARDING=1
 
@@ -106,11 +206,11 @@ build/test/wolfip_forwarding.o: src/wolfip.c
 build/test/test_ttl_expired.o: CFLAGS+=-DWOLFIP_MAX_INTERFACES=2 -DWOLFIP_ENABLE_FORWARDING=1
 build/test-ttl-expired: build/test/test_ttl_expired.o build/test/wolfip_forwarding.o
 	@echo "[LD] $@"
-	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ -Wl,--start-group $(^) -Wl,--end-group
+	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(BEGIN_GROUP) $(^) $(END_GROUP)
 
 build/test-httpd: $(OBJ) build/test/test_httpd.o build/port/wolfssl_io.o build/certs/server_key.o build/certs/server_cert.o build/http/httpd.o
 	@echo "[LD] $@"
-	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ -Wl,--start-group $(^) -lwolfssl -Wl,--end-group
+	@$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(BEGIN_GROUP) $(^) -lwolfssl $(END_GROUP)
 
 build/%.o: src/%.c
 	@mkdir -p `dirname $@` || true
@@ -154,9 +254,9 @@ unit: build/test/unit
 build/test/unit:
 	@mkdir -p build/test/
 	@echo "[CC] unit.c"
-	@$(CC) $(CFLAGS) -c src/test/unit/unit.c -o build/test/unit.o
+	@$(CC) $(CFLAGS) $(UNIT_CFLAGS) -c src/test/unit/unit.c -o build/test/unit.o
 	@echo "[LD] $@"
-	@$(CC) -o build/test/unit build/test/unit.o $(LDFLAGS)
+	@$(CC) build/test/unit.o -o build/test/unit $(UNIT_LDFLAGS) $(LDFLAGS)
 
 # Install dynamic library to re-link linux applications
 #

config.h

@@ -29,6 +29,6 @@
 
 /* Linux test configuration */
 #define WOLFIP_IP "10.10.10.2"
-#define LINUX_IP "10.10.10.1"
+#define HOST_STACK_IP "10.10.10.1"
 
 #endif

src/port/posix/bsd_socket.c

@@ -532,8 +532,8 @@ int poll(struct pollfd *fds, nfds_t nfds, int timeout) {
 
 
 /* Catch-all function to initialize a new tap device as the network interface.
- * This is defined in port/linux.c
- * */
+ * Implemented in port/posix/tap_*.c
+ */
 extern int tap_init(struct wolfIP_ll_dev *dev, const char *name, uint32_t host_ip);
 
 void *wolfIP_sock_posix_ip_loop(void *arg) {
@@ -552,12 +552,12 @@ void *wolfIP_sock_posix_ip_loop(void *arg) {
 }
 
 void __attribute__((constructor)) init_wolfip_posix() {
-    struct in_addr linux_ip; 
+    struct in_addr host_stack_ip; 
     struct wolfIP_ll_dev *tapdev;
     pthread_t wolfIP_thread;
     if (IPSTACK)
         return;
-    inet_aton(LINUX_IP, &linux_ip);
+    inet_aton(HOST_STACK_IP, &host_stack_ip);
     swap_socketcall(socket, "socket");
     swap_socketcall(bind, "bind");
     swap_socketcall(listen, "listen");
@@ -581,14 +581,13 @@ void __attribute__((constructor)) init_wolfip_posix() {
     pthread_mutex_init(&wolfIP_mutex, NULL);
     wolfIP_init_static(&IPSTACK);
     tapdev = wolfIP_getdev(IPSTACK);
-    if (tap_init(tapdev, "wtcp0", linux_ip.s_addr) < 0) {
+    if (tap_init(tapdev, "wtcp0", host_stack_ip.s_addr) < 0) {
         perror("tap init");
     }
     wolfIP_ipconfig_set(IPSTACK, atoip4(WOLFIP_IP), atoip4("255.255.255.0"),
-            atoip4(LINUX_IP));
+            atoip4(HOST_STACK_IP));
     printf("IP: manually configured - %s\n", WOLFIP_IP);
     sleep(1);
     pthread_create(&wolfIP_thread, NULL, wolfIP_sock_posix_ip_loop, IPSTACK);
     in_the_stack = 0;
 }
-