Add the openssl_vendored feature

rel breard-r#4
sraabe · Oct 10, 2020 · 8c0d208 · 8c0d208
1 parent 9ec48e7
commit 8c0d208
Show file tree

Hide file tree

Showing 9 changed files with 31 additions and 22 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -17,6 +17,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Added
 - In the configuration, `root_certificates` has been added to the `global` and `endpoint` sections as an array of strings representing the path to root certificate files.
+- At compilation, it is now possible to statically link OpenSSL using the `openssl_vendored` feature.
 
 
 ## [0.12.0] - 2020-09-26

diff --git a/Makefile b/Makefile
@@ -10,17 +10,19 @@ TARGET_DIR = ./target/release
 MAN_SRC_DIR = ./man/en
 MAN_DST_DIR = $(TARGET_DIR)/man
 
+FEATURES = openssl_dyn
+
 all: update acmed tacd man
 
 update:
 	cargo update
 
 acmed:
-	cargo build --release --bin acmed
+	cargo build --release --manifest-path "acmed/Cargo.toml" --no-default-features --features "$(FEATURES)"
 	strip "$(TARGET_DIR)/acmed"
 
 tacd:
-	cargo build --release --bin tacd
+	cargo build --release --manifest-path "tacd/Cargo.toml" --no-default-features --features "$(FEATURES)"
 	strip "$(TARGET_DIR)/tacd"
 
 man:

diff --git a/acme_common/Cargo.toml b/acme_common/Cargo.toml
@@ -14,7 +14,9 @@ name = "acme_common"
 
 [features]
 default = []
-openssl_dyn = ["openssl", "openssl-sys"]
+crypto_openssl = []
+openssl_dyn = ["crypto_openssl", "openssl", "openssl-sys"]
+openssl_vendored = ["crypto_openssl", "openssl/vendored", "openssl-sys/vendored"]
 
 [dependencies]
 attohttpc = { version = "0.15", default-features = false }

diff --git a/acme_common/src/crypto.rs b/acme_common/src/crypto.rs
@@ -4,15 +4,15 @@ use std::str::FromStr;
 
 mod jws_signature_algorithm;
 mod key_type;
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 mod openssl_certificate;
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 mod openssl_hash;
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 mod openssl_keys;
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 mod openssl_subject_attribute;
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 mod openssl_version;
 
 const APP_ORG: &str = "ACMEd";
@@ -80,13 +80,13 @@ impl fmt::Display for BaseHashFunction {
 
 pub use jws_signature_algorithm::JwsSignatureAlgorithm;
 pub use key_type::KeyType;
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 pub use openssl_certificate::{Csr, X509Certificate};
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 pub use openssl_hash::HashFunction;
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 pub use openssl_keys::{gen_keypair, KeyPair};
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 pub use openssl_subject_attribute::SubjectAttribute;
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 pub use openssl_version::{get_lib_name, get_lib_version};
diff --git a/acme_common/src/error.rs b/acme_common/src/error.rs
@@ -111,14 +111,14 @@ impl From<handlebars::TemplateRenderError> for Error {
     }
 }
 
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 impl From<native_tls::Error> for Error {
     fn from(error: native_tls::Error) -> Self {
         format!("{}", error).into()
     }
 }
 
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 impl From<openssl::error::ErrorStack> for Error {
     fn from(error: openssl::error::ErrorStack) -> Self {
         format!("{}", error).into()

diff --git a/acmed/Cargo.toml b/acmed/Cargo.toml
@@ -15,7 +15,9 @@ publish = false
 
 [features]
 default = ["openssl_dyn"]
-openssl_dyn = ["acme_common/openssl_dyn", "attohttpc/tls"]
+crypto_openssl = []
+openssl_dyn = ["crypto_openssl", "acme_common/openssl_dyn", "attohttpc/tls"]
+openssl_vendored = ["crypto_openssl", "acme_common/openssl_vendored", "attohttpc/tls"]
 
 [dependencies]
 acme_common = { path = "../acme_common" }

diff --git a/acmed/src/http.rs b/acmed/src/http.rs
@@ -1,11 +1,11 @@
 use crate::acme_proto::structs::{AcmeError, HttpApiError};
 use crate::endpoint::Endpoint;
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 use acme_common::crypto::X509Certificate;
 use acme_common::error::Error;
 use attohttpc::{charsets, header, Response, Session};
 use std::fs::File;
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 use std::io::prelude::*;
 use std::{thread, time};
 
@@ -159,7 +159,7 @@ fn get_session(root_certs: &[String]) -> Result<Session, Error> {
     session.try_header(header::ACCEPT_LANGUAGE, "en-US,en;q=0.5")?;
     session.try_header(header::USER_AGENT, &useragent)?;
     for crt_file in root_certs.iter() {
-        #[cfg(feature = "openssl_dyn")]
+        #[cfg(feature = "crypto_openssl")]
         {
             let mut buff = Vec::new();
             File::open(crt_file)?.read_to_end(&mut buff)?;

diff --git a/tacd/Cargo.toml b/tacd/Cargo.toml
@@ -14,7 +14,9 @@ publish = false
 
 [features]
 default = ["openssl_dyn"]
-openssl_dyn = ["acme_common/openssl_dyn"]
+crypto_openssl = []
+openssl_dyn = ["crypto_openssl", "acme_common/openssl_dyn"]
+openssl_vendored = ["crypto_openssl", "acme_common/openssl_vendored"]
 
 [dependencies]
 acme_common = { path = "../acme_common" }

diff --git a/tacd/src/main.rs b/tacd/src/main.rs
@@ -1,7 +1,7 @@
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 mod openssl_server;
 
-#[cfg(feature = "openssl_dyn")]
+#[cfg(feature = "crypto_openssl")]
 use crate::openssl_server::start as server_start;
 use acme_common::crypto::{get_lib_name, get_lib_version, HashFunction, KeyType, X509Certificate};
 use acme_common::error::Error;