2025-02-17 23:22.11: New job: test robur-coop/miragevpn https://github.com/robur-coop/miragevpn.git#refs/pull/286/head (2ccf49fc2f29cb1262ddb51eb6bcf9943d7eab1e) (linux-x86_64:(lint-fmt)) Base: ocaml/opam:debian-12-ocaml-4.08@sha256:cb36ada8bb596f67e8e27c6261b722b395133d8890bdee127859b7e4173d7ac0 ocamlformat version: version 0.26.2 (from opam) To reproduce locally: git clone --recursive "https://github.com/robur-coop/miragevpn.git" && cd "miragevpn" && git fetch origin "refs/pull/286/head" && git reset --hard 2ccf49fc cat > Dockerfile <<'END-OF-DOCKERFILE' FROM ocaml/opam:debian-12-ocaml-4.08@sha256:cb36ada8bb596f67e8e27c6261b722b395133d8890bdee127859b7e4173d7ac0 USER 1000:1000 RUN cd ~/opam-repository && (git cat-file -e 3ee951993de4d18fd335fcea4ac7375cab56a637 || git fetch origin master) && git reset -q --hard 3ee951993de4d18fd335fcea4ac7375cab56a637 && git log --no-decorate -n1 --oneline && opam update -u RUN opam depext -i dune WORKDIR /src RUN opam depext -i ocamlformat=0.26.2 COPY --chown=1000:1000 . /src/ RUN opam exec -- dune build @fmt --ignore-promoted-rules || (echo "dune build @fmt failed"; exit 2) END-OF-DOCKERFILE docker build . END-REPRO-BLOCK 2025-02-17 23:22.11: Using cache hint "robur-coop/miragevpn-ocaml/opam:debian-12-ocaml-4.08@sha256:cb36ada8bb596f67e8e27c6261b722b395133d8890bdee127859b7e4173d7ac0-debian-12-4.08_opam-2.3-ocamlformat-3ee951993de4d18fd335fcea4ac7375cab56a637" 2025-02-17 23:22.11: Using OBuilder spec: ((from ocaml/opam:debian-12-ocaml-4.08@sha256:cb36ada8bb596f67e8e27c6261b722b395133d8890bdee127859b7e4173d7ac0) (user (uid 1000) (gid 1000)) (run (cache (opam-archives (target /home/opam/.opam/download-cache))) (network host) (shell "cd ~/opam-repository && (git cat-file -e 3ee951993de4d18fd335fcea4ac7375cab56a637 || git fetch origin master) && git reset -q --hard 3ee951993de4d18fd335fcea4ac7375cab56a637 && git log --no-decorate -n1 --oneline && opam update -u")) (run (cache (opam-archives (target /home/opam/.opam/download-cache))) (network host) (shell "opam depext -i dune")) (workdir /src) (run (cache (opam-archives (target /home/opam/.opam/download-cache))) (network host) (shell "opam depext -i ocamlformat=0.26.2")) (copy (src .) (dst /src/)) (run (shell "opam exec -- dune build @fmt --ignore-promoted-rules || (echo \"dune build @fmt failed\"; exit 2)")) ) 2025-02-17 23:22.11: Waiting for resource in pool OCluster 2025-02-17 23:33.53: Waiting for worker… 2025-02-17 23:37.23: Got resource from pool OCluster Building on toxis.caelum.ci.dev hint: Using 'master' as the name for the initial branch. This default branch name hint: is subject to change. To configure the initial branch name to use in all hint: of your new repositories, which will suppress this warning, call: hint: hint: git config --global init.defaultBranch <name> hint: hint: Names commonly chosen instead of 'master' are 'main', 'trunk' and hint: 'development'. The just-created branch can be renamed via this command: hint: hint: git branch -m <name> Initialised empty Git repository in /var/cache/obuilder/ocluster/git/miragevpn.git-21d3a6f47b6804c0032023ff681ca20ec1a57e57/.git/ HEAD is now at 2ccf49f use mirage_mtime/mirage_ptime/mirage_crypto_rng directly (from ocaml/opam:debian-12-ocaml-4.08@sha256:cb36ada8bb596f67e8e27c6261b722b395133d8890bdee127859b7e4173d7ac0) 2025-02-17 23:37.25 ---> using "00aea64e10ae0c7539e49349e74a22e5b31f7345320d1fcee09b4272923b54dc" from cache /: (user (uid 1000) (gid 1000)) /: (run (cache (opam-archives (target /home/opam/.opam/download-cache))) (network host) (shell "cd ~/opam-repository && (git cat-file -e 3ee951993de4d18fd335fcea4ac7375cab56a637 || git fetch origin master) && git reset -q --hard 3ee951993de4d18fd335fcea4ac7375cab56a637 && git log --no-decorate -n1 --oneline && opam update -u")) 3ee951993d Merge pull request #27253 from kit-ty-kate/opam-publish-ocamlfind.1.9.8 <><> Updating package repositories ><><><><><><><><><><><><><><><><><><><><><><> [opam-repository-archive] synchronised from git+https://github.com/ocaml/opam-repository-archive [default] synchronised from file:///home/opam/opam-repository default (at file:///home/opam/opam-repository): [INFO] opam 2.1 and 2.2 include many performance and security improvements over 2.0; please consider upgrading (https://opam.ocaml.org/doc/Install.html) Everything as up-to-date as possible (run with --verbose to show unavailable upgrades). However, you may "opam upgrade" these packages explicitly, which will ask permission to downgrade or uninstall the conflicting packages. Nothing to do. # Run eval $(opam env) to update the current shell environment 2025-02-17 23:37.25 ---> using "a2b067d7ec51a9ce9dbdcfff69585bbda9914f1f652552c54ea2751b9cd4a8b2" from cache /: (run (cache (opam-archives (target /home/opam/.opam/download-cache))) (network host) (shell "opam depext -i dune")) # Detecting depexts using vars: arch=x86_64, os=linux, os-distribution=debian, os-family=debian # No extra OS packages requirements found. # All required OS packages found. # Now letting opam install the packages The following actions will be performed: - install dune 3.17.2 <><> Gathering sources ><><><><><><><><><><><><><><><><><><><><><><><><><><><><> [dune.3.17.2] found in cache <><> Processing actions <><><><><><><><><><><><><><><><><><><><><><><><><><><><> -> installed dune.3.17.2 Done. # Run eval $(opam env) to update the current shell environment 2025-02-17 23:37.25 ---> using "278c27cd7e94fad42ea9b09f26ff9b1a4f456fb2dc1e18f1b22fd1731a3ca103" from cache /: (workdir /src) /src: (run (cache (opam-archives (target /home/opam/.opam/download-cache))) (network host) (shell "opam depext -i ocamlformat=0.26.2")) # Detecting depexts using vars: arch=x86_64, os=linux, os-distribution=debian, os-family=debian # No extra OS packages requirements found. # All required OS packages found. # Now letting opam install the packages The following actions will be performed: - install ocaml-version 3.7.3 [required by ocamlformat-lib] - install sexplib0 v0.14.0 [required by base] - install dune-build-info 3.17.2 [required by ocamlformat-lib] - install menhirLib 20240715 [required by ocamlformat-lib] - install menhirCST 20240715 [required by menhir] - install ocamlfind 1.9.8 [required by ocp-indent, astring, fpath, uuseg] - install menhirSdk 20240715 [required by ocamlformat-lib] - install ocamlbuild 0.15.0 [required by fpath, astring, uuseg] - install either 1.0.0 [required by ocamlformat-lib] - install cmdliner 1.3.0 [required by ocamlformat] - install result 1.5 [required by ocamlformat-lib] - install seq base [required by re] - install csexp 1.5.2 [required by ocamlformat-lib] - install camlp-streams 5.0.1 [required by ocamlformat-lib] - install fix 20230505 [required by ocamlformat-lib] - install base-bytes base [required by ocp-indent] - install menhir 20240715 [required by ocamlformat-lib] - install topkg 1.0.7 [required by fpath, astring, uuseg] - install re 1.11.0 [required by ocamlformat] - install dune-configurator 3.17.2 [required by base] - install ocp-indent 1.8.1 [required by ocamlformat-lib] - install uutf 1.0.3 [required by ocamlformat-lib] - install astring 0.8.5 [required by ocamlformat-lib] - install base v0.14.3 [required by ocamlformat-lib] - install uucp 15.0.0 [required by uuseg] - install fpath 0.7.3 [required by ocamlformat-lib] - install stdio v0.14.0 [required by ocamlformat-lib] - install uuseg 15.0.0 [required by ocamlformat-lib] - install ocamlformat-lib 0.26.2 [required by ocamlformat] - install ocamlformat 0.26.2 ===== 30 to install ===== <><> Gathering sources ><><><><><><><><><><><><><><><><><><><><><><><><><><><><> [astring.0.8.5] found in cache [base.v0.14.3] found in cache [camlp-streams.5.0.1] found in cache [cmdliner.1.3.0] found in cache [csexp.1.5.2] found in cache [dune-build-info.3.17.2] found in cache [dune-configurator.3.17.2] found in cache [either.1.0.0] found in cache [fix.20230505] found in cache [fpath.0.7.3] found in cache [menhir.20240715] found in cache [menhirCST.20240715] found in cache [menhirLib.20240715] found in cache [menhirSdk.20240715] found in cache [ocaml-version.3.7.3] found in cache [ocamlbuild.0.15.0] found in cache [ocamlfind.1.9.8] found in cache [ocamlformat.0.26.2] found in cache [ocamlformat-lib.0.26.2] found in cache [ocp-indent.1.8.1] found in cache [re.1.11.0] found in cache [result.1.5] found in cache [sexplib0.v0.14.0] found in cache [stdio.v0.14.0] found in cache [topkg.1.0.7] found in cache [uucp.15.0.0] found in cache [uuseg.15.0.0] found in cache [uutf.1.0.3] found in cache <><> Processing actions <><><><><><><><><><><><><><><><><><><><><><><><><><><><> -> installed seq.base -> installed camlp-streams.5.0.1 -> installed csexp.1.5.2 -> installed either.1.0.0 -> installed fix.20230505 -> installed cmdliner.1.3.0 -> installed menhirCST.20240715 -> installed menhirLib.20240715 -> installed menhirSdk.20240715 -> installed ocaml-version.3.7.3 -> installed re.1.11.0 -> installed result.1.5 -> installed sexplib0.v0.14.0 -> installed dune-build-info.3.17.2 -> installed dune-configurator.3.17.2 -> installed ocamlfind.1.9.8 -> installed base-bytes.base -> installed ocp-indent.1.8.1 -> installed ocamlbuild.0.15.0 -> installed base.v0.14.3 -> installed stdio.v0.14.0 -> installed topkg.1.0.7 -> installed uutf.1.0.3 -> installed astring.0.8.5 -> installed fpath.0.7.3 -> installed menhir.20240715 -> installed uucp.15.0.0 -> installed uuseg.15.0.0 -> installed ocamlformat-lib.0.26.2 -> installed ocamlformat.0.26.2 Done. <><> ocp-indent.1.8.1 installed successfully ><><><><><><><><><><><><><><><><><> => This package requires additional configuration for use in editors. Install package 'user-setup', or manually: * for Emacs, add these lines to ~/.emacs: (add-to-list 'load-path "/home/opam/.opam/4.08/share/emacs/site-lisp") (require 'ocp-indent) * for Vim, add this line to ~/.vimrc: set rtp^="/home/opam/.opam/4.08/share/ocp-indent/vim" # Run eval $(opam env) to update the current shell environment 2025-02-17 23:37.25 ---> using "979f70661cd1590a1432111283fed8d3b7fd3802ce9f69b11ca79fce07c9acd9" from cache /src: (copy (src .) (dst /src/)) 2025-02-17 23:37.26 ---> saved as "4cd4a008d10905c0afb779617ad10675bb4dd470f6bc714dae5d41a885e99910" /src: (run (shell "opam exec -- dune build @fmt --ignore-promoted-rules || (echo \"dune build @fmt failed\"; exit 2)")) File "app/key.ml", line 1, characters 0-0: diff --git a/_build/default/app/key.ml b/_build/default/app/.formatted/key.ml index fd00179..1b2f55f 100644 --- a/_build/default/app/key.ml +++ b/_build/default/app/.formatted/key.ml @@ -56,7 +56,9 @@ let setup_random_number_generator = function Mirage_crypto_rng.default_generator () | Some (_, time) -> let time () = Int64.of_float (Ptime.to_float_s (time ())) in - let g = Mirage_crypto_rng.create ~time (module Mirage_crypto_rng.Fortuna) in + let g = + Mirage_crypto_rng.create ~time (module Mirage_crypto_rng.Fortuna) + in Mirage_crypto_rng.set_default_generator g; Mirage_crypto_rng.default_generator () File "app/miragevpn_server_notun.ml", line 1, characters 0-0: diff --git a/_build/default/app/miragevpn_server_notun.ml b/_build/default/app/.formatted/miragevpn_server_notun.ml index 57f2cbc..5d5a74b 100644 --- a/_build/default/app/miragevpn_server_notun.ml +++ b/_build/default/app/.formatted/miragevpn_server_notun.ml @@ -296,7 +296,9 @@ let connect config test = let open Lwt.Infix in let connections = Hashtbl.create 7 in let is_not_taken ip = not (Hashtbl.mem connections ip) in - match Miragevpn.server ~really_no_authentication:true ~is_not_taken config with + match + Miragevpn.server ~really_no_authentication:true ~is_not_taken config + with | Error (`Msg msg) -> Logs.err (fun m -> m "server construction failed %s" msg); assert false File "mirage/miragevpn_mirage.ml", line 1, characters 0-0: diff --git a/_build/default/mirage/miragevpn_mirage.ml b/_build/default/mirage/.formatted/miragevpn_mirage.ml index bea3f97..46b22a5 100644 --- a/_build/default/mirage/miragevpn_mirage.ml +++ b/_build/default/mirage/.formatted/miragevpn_mirage.ml @@ -303,9 +303,7 @@ module Server (S : Tcpip.Stack.V4V6) = struct let connect ?really_no_authentication ?payloadv4_from_tunnel config stack = let connections = Hashtbl.create 7 in let is_not_taken ip = not (Hashtbl.mem connections ip) in - match - Miragevpn.server ?really_no_authentication ~is_not_taken config - with + match Miragevpn.server ?really_no_authentication ~is_not_taken config with | Error (`Msg msg) -> Log.err (fun m -> m "server construction failed %s" msg); exit 64 @@ -687,7 +685,11 @@ module Client_stack (S : Tcpip.Stack.V4V6) = struct (* need to ensure that our v4 payload is 8byte-bounded *) let ip_payload_len' = ip_payload_len - (ip_payload_len mod 8) in let hdr = - { hdr with id = Randomconv.int16 Mirage_crypto_rng.generate; off = 0x2000 } + { + hdr with + id = Randomconv.int16 Mirage_crypto_rng.generate; + off = 0x2000; + } in let pay, rest = Cstruct.split payload ip_payload_len' in let first = encode hdr pay in File "src/engine.ml", line 1, characters 0-0: diff --git a/_build/default/src/engine.ml b/_build/default/src/.formatted/engine.ml index ca1e8e3..07bc9e8 100644 --- a/_build/default/src/engine.ml +++ b/_build/default/src/.formatted/engine.ml @@ -194,8 +194,8 @@ let client ?pkcs12_password config = in Ok (state, action) -let server ?(really_no_authentication = false) ~is_not_taken - ?auth_user_pass server_config = +let server ?(really_no_authentication = false) ~is_not_taken ?auth_user_pass + server_config = let open Result.Syntax in let* () = Config.is_valid_server_config server_config in let+ () = @@ -213,11 +213,7 @@ let server ?(really_no_authentication = false) ~is_not_taken | _ -> Ok () in let port = Config_ext.server_bind_port server_config in - ( { - server_config; - is_not_taken; - auth_user_pass; - }, + ( { server_config; is_not_taken; auth_user_pass }, Config_ext.server_ip server_config, port ) @@ -316,7 +312,11 @@ let maybe_kex_client config tls = let open Result.Syntax in if Tls.Engine.handshake_in_progress tls then Ok (TLS_handshake tls, None) else - let pre_master, random1, random2 = (Mirage_crypto_rng.generate 48, Mirage_crypto_rng.generate 32, Mirage_crypto_rng.generate 32) in + let pre_master, random1, random2 = + ( Mirage_crypto_rng.generate 48, + Mirage_crypto_rng.generate 32, + Mirage_crypto_rng.generate 32 ) + in let options = Config.client_generate_connect_options config in let pull = Config.mem Pull config in let user_pass = Config.find Auth_user_pass config in @@ -856,8 +856,8 @@ let server_handle_tls_data config auth_user_pass is_not_taken session keys tls d Ok (ip_config, config, channel_st, out) | `Authentication_failed _tls -> Ok (Some `Exit, config, Expect_reset, out) -let incoming_control_server auth_user_pass is_not_taken config session - channel _key op data = +let incoming_control_server auth_user_pass is_not_taken config session channel + _key op data = let open Result.Syntax in match (channel.channel_st, op) with | ( Expect_reset, @@ -929,7 +929,9 @@ let incoming_control_server auth_user_pass is_not_taken config session let channel_st = if Tls.Engine.handshake_in_progress tls' then TLS_handshake tls' else - let random1, random2 = (Mirage_crypto_rng.generate 32, Mirage_crypto_rng.generate 32) and pre_master = "" in + let random1, random2 = + (Mirage_crypto_rng.generate 32, Mirage_crypto_rng.generate 32) + and pre_master = "" in TLS_established (tls', { State.pre_master; random1; random2 }) in let out = @@ -993,8 +995,8 @@ let incoming_control auth_user_pass is_not_taken config state session channel match state with | Client _ -> incoming_control_client config session channel op data | Server _ -> - incoming_control_server auth_user_pass is_not_taken config session - channel key op data + incoming_control_server auth_user_pass is_not_taken config session channel + key op data let expected_packet session transport data = let open Result.Syntax in @@ -1109,8 +1111,7 @@ let unpad block_size cs off = if len >= 0 && amount <= block_size then Ok (String.sub cs off len) else Error (`Msg "bad padding") -let out ?add_timestamp prefix_len (ctx : keys) hmac_algorithm compress data - = +let out ?add_timestamp prefix_len (ctx : keys) hmac_algorithm compress data = (* - compression only if configured (0xfa for uncompressed) the ~add_timestamp argument is only used in static key mode *) @@ -1243,14 +1244,21 @@ let outgoing s data = in let channel = incr s.channel out in let control_crypto = `Static keys in - Ok ({ s with control_crypto; channel; last_sent = Mirage_mtime.elapsed_ns () }, out) + Ok + ( { + s with + control_crypto; + channel; + last_sent = Mirage_mtime.elapsed_ns (); + }, + out ) | _, None -> Error `Not_ready | _, Some ctx -> let sess = s.session in let hmac_algorithm = Config.get Auth s.config in let ctx, out = - data_out ctx hmac_algorithm sess.compress sess.protocol - s.channel.keyid data + data_out ctx hmac_algorithm sess.compress sess.protocol s.channel.keyid + data in let channel = incr (set_keys s.channel ctx) out in Ok ({ s with channel; last_sent = Mirage_mtime.elapsed_ns () }, out) @@ -1326,7 +1334,9 @@ let maybe_rekey state = find Renegotiate_packets state.config ) with | Some y, _, _ - when y <= Duration.to_sec (Int64.sub (Mirage_mtime.elapsed_ns ()) state.channel.started) + when y + <= Duration.to_sec + (Int64.sub (Mirage_mtime.elapsed_ns ()) state.channel.started) && y > 0 -> true | _, Some b, _ when b <= state.channel.bytes && b > 0 -> true @@ -1803,8 +1813,7 @@ let incoming state control_crypto buf = | `Control (_, (_, _, data)) -> ( let* est, config, ch, out' = incoming_control state.auth_user_pass state.is_not_taken - state.config state.state state.session ch - key op data + state.config state.state state.session ch key op data in Log.debug (fun m -> m "out channel %a, pkts %d" pp_channel ch dune build @fmt failed "/usr/bin/env" "bash" "-c" "opam exec -- dune build @fmt --ignore-promoted-rules || (echo "dune build @fmt failed"; exit 2)" failed with exit status 2 2025-02-17 23:37.30: Job failed: Failed: Build failed