From 8c0d208fe54ac46a910fd72787b05502a06e5d22 Mon Sep 17 00:00:00 2001 From: Rodolphe Breard Date: Sat, 10 Oct 2020 20:14:31 +0200 Subject: [PATCH] Add the `openssl_vendored` feature rel #4 --- CHANGELOG.md | 1 + Makefile | 6 ++++-- acme_common/Cargo.toml | 4 +++- acme_common/src/crypto.rs | 20 ++++++++++---------- acme_common/src/error.rs | 4 ++-- acmed/Cargo.toml | 4 +++- acmed/src/http.rs | 6 +++--- tacd/Cargo.toml | 4 +++- tacd/src/main.rs | 4 ++-- 9 files changed, 31 insertions(+), 22 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1034511..892af65 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added - In the configuration, `root_certificates` has been added to the `global` and `endpoint` sections as an array of strings representing the path to root certificate files. +- At compilation, it is now possible to statically link OpenSSL using the `openssl_vendored` feature. ## [0.12.0] - 2020-09-26 diff --git a/Makefile b/Makefile index d21166e..6c2658d 100644 --- a/Makefile +++ b/Makefile @@ -10,17 +10,19 @@ TARGET_DIR = ./target/release MAN_SRC_DIR = ./man/en MAN_DST_DIR = $(TARGET_DIR)/man +FEATURES = openssl_dyn + all: update acmed tacd man update: cargo update acmed: - cargo build --release --bin acmed + cargo build --release --manifest-path "acmed/Cargo.toml" --no-default-features --features "$(FEATURES)" strip "$(TARGET_DIR)/acmed" tacd: - cargo build --release --bin tacd + cargo build --release --manifest-path "tacd/Cargo.toml" --no-default-features --features "$(FEATURES)" strip "$(TARGET_DIR)/tacd" man: diff --git a/acme_common/Cargo.toml b/acme_common/Cargo.toml index 172ac7e..d31bd7c 100644 --- a/acme_common/Cargo.toml +++ b/acme_common/Cargo.toml @@ -14,7 +14,9 @@ name = "acme_common" [features] default = [] -openssl_dyn = ["openssl", "openssl-sys"] +crypto_openssl = [] +openssl_dyn = ["crypto_openssl", "openssl", "openssl-sys"] +openssl_vendored = ["crypto_openssl", "openssl/vendored", "openssl-sys/vendored"] [dependencies] attohttpc = { version = "0.15", default-features = false } diff --git a/acme_common/src/crypto.rs b/acme_common/src/crypto.rs index ac9239c..c70d677 100644 --- a/acme_common/src/crypto.rs +++ b/acme_common/src/crypto.rs @@ -4,15 +4,15 @@ use std::str::FromStr; mod jws_signature_algorithm; mod key_type; -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] mod openssl_certificate; -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] mod openssl_hash; -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] mod openssl_keys; -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] mod openssl_subject_attribute; -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] mod openssl_version; const APP_ORG: &str = "ACMEd"; @@ -80,13 +80,13 @@ impl fmt::Display for BaseHashFunction { pub use jws_signature_algorithm::JwsSignatureAlgorithm; pub use key_type::KeyType; -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] pub use openssl_certificate::{Csr, X509Certificate}; -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] pub use openssl_hash::HashFunction; -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] pub use openssl_keys::{gen_keypair, KeyPair}; -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] pub use openssl_subject_attribute::SubjectAttribute; -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] pub use openssl_version::{get_lib_name, get_lib_version}; diff --git a/acme_common/src/error.rs b/acme_common/src/error.rs index 5802230..4e3dbab 100644 --- a/acme_common/src/error.rs +++ b/acme_common/src/error.rs @@ -111,14 +111,14 @@ impl From for Error { } } -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] impl From for Error { fn from(error: native_tls::Error) -> Self { format!("{}", error).into() } } -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] impl From for Error { fn from(error: openssl::error::ErrorStack) -> Self { format!("{}", error).into() diff --git a/acmed/Cargo.toml b/acmed/Cargo.toml index 8f2a881..281e4bb 100644 --- a/acmed/Cargo.toml +++ b/acmed/Cargo.toml @@ -15,7 +15,9 @@ publish = false [features] default = ["openssl_dyn"] -openssl_dyn = ["acme_common/openssl_dyn", "attohttpc/tls"] +crypto_openssl = [] +openssl_dyn = ["crypto_openssl", "acme_common/openssl_dyn", "attohttpc/tls"] +openssl_vendored = ["crypto_openssl", "acme_common/openssl_vendored", "attohttpc/tls"] [dependencies] acme_common = { path = "../acme_common" } diff --git a/acmed/src/http.rs b/acmed/src/http.rs index 477cd98..cea2af0 100644 --- a/acmed/src/http.rs +++ b/acmed/src/http.rs @@ -1,11 +1,11 @@ use crate::acme_proto::structs::{AcmeError, HttpApiError}; use crate::endpoint::Endpoint; -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] use acme_common::crypto::X509Certificate; use acme_common::error::Error; use attohttpc::{charsets, header, Response, Session}; use std::fs::File; -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] use std::io::prelude::*; use std::{thread, time}; @@ -159,7 +159,7 @@ fn get_session(root_certs: &[String]) -> Result { session.try_header(header::ACCEPT_LANGUAGE, "en-US,en;q=0.5")?; session.try_header(header::USER_AGENT, &useragent)?; for crt_file in root_certs.iter() { - #[cfg(feature = "openssl_dyn")] + #[cfg(feature = "crypto_openssl")] { let mut buff = Vec::new(); File::open(crt_file)?.read_to_end(&mut buff)?; diff --git a/tacd/Cargo.toml b/tacd/Cargo.toml index 2be7b87..3ee2521 100644 --- a/tacd/Cargo.toml +++ b/tacd/Cargo.toml @@ -14,7 +14,9 @@ publish = false [features] default = ["openssl_dyn"] -openssl_dyn = ["acme_common/openssl_dyn"] +crypto_openssl = [] +openssl_dyn = ["crypto_openssl", "acme_common/openssl_dyn"] +openssl_vendored = ["crypto_openssl", "acme_common/openssl_vendored"] [dependencies] acme_common = { path = "../acme_common" } diff --git a/tacd/src/main.rs b/tacd/src/main.rs index 92a5b60..c7557b2 100644 --- a/tacd/src/main.rs +++ b/tacd/src/main.rs @@ -1,7 +1,7 @@ -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] mod openssl_server; -#[cfg(feature = "openssl_dyn")] +#[cfg(feature = "crypto_openssl")] use crate::openssl_server::start as server_start; use acme_common::crypto::{get_lib_name, get_lib_version, HashFunction, KeyType, X509Certificate}; use acme_common::error::Error;