From 1e5fd552ba3c92d7d88fc7a243bfc3ce547e486d Mon Sep 17 00:00:00 2001 From: Hugo Hakim Damer Date: Mon, 3 Mar 2025 18:41:23 +0100 Subject: [PATCH 1/2] wolfssl-sys: export cargo metadata for use by dependent crates Exporting root and include metadata of wolfssl allows other C library binding crates to link/build their C libraries to/for the same version of wolfssl as the wolfssl-sys crate, which helps prevent linking multiple versions of the same libraries at once. --- wolfssl-sys/build.rs | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/wolfssl-sys/build.rs b/wolfssl-sys/build.rs index 1602519b..fd921eab 100644 --- a/wolfssl-sys/build.rs +++ b/wolfssl-sys/build.rs @@ -266,6 +266,11 @@ fn main() -> std::io::Result<()> { let ignored_macros = IgnoreMacros(hash_ignored_macros); let wolfssl_include_dir = wolfssl_install_dir.join("include"); + // Set cargo metadata to allow dependent libraries to reference the built library. + // https://doc.rust-lang.org/cargo/reference/build-script-examples.html#using-another-sys-crate + println!("cargo:root={}", wolfssl_install_dir.to_str().unwrap()); + println!("cargo:include={}", wolfssl_include_dir.to_str().unwrap()); + // Build the Rust binding let builder = bindgen::Builder::default() .header("wrapper.h") From 8567a55e5b202c942fb9faa8aad8bd5113b6104b Mon Sep 17 00:00:00 2001 From: Hugo Hakim Damer Date: Mon, 3 Mar 2025 18:43:56 +0100 Subject: [PATCH 2/2] wolfssl-sys: expose some optional features as Cargo features --- wolfssl-sys/Cargo.toml | 9 +++++++++ wolfssl-sys/build.rs | 35 +++++++++++++++++++++++++++++++++-- wolfssl-sys/src/bindings.rs | 1 + 3 files changed, 43 insertions(+), 2 deletions(-) diff --git a/wolfssl-sys/Cargo.toml b/wolfssl-sys/Cargo.toml index 890cf7df..29aa056e 100644 --- a/wolfssl-sys/Cargo.toml +++ b/wolfssl-sys/Cargo.toml @@ -24,6 +24,15 @@ default = ["postquantum"] debug = [] postquantum = [] kyber_only = ["postquantum"] +# Configure feature flags +aesccm = [] +dh = [] +opensslall = [] +opensslextra = [] +psk = [] +# Define feature flags +ex_data = [] +alpn = [] [[example]] name = "connect_pq" diff --git a/wolfssl-sys/build.rs b/wolfssl-sys/build.rs index fd921eab..c1e10447 100644 --- a/wolfssl-sys/build.rs +++ b/wolfssl-sys/build.rs @@ -52,6 +52,8 @@ const PATCHES: &[&str] = &[ "fix-kyber-get-curve-name.patch", "fix-kyber-prf-non-avx2.patch", ]; +const OPTIONAL_FEATURES: &[&str] = &["aesccm", "dh", "opensslall", "opensslextra", "psk"]; +const MACRO_FEATURES: &[(&str, &str)] = &[("ex_data", "HAVE_EX_DATA"), ("alpn", "HAVE_ALPN")]; /** * Apply patch to wolfssl-src @@ -86,8 +88,6 @@ fn build_wolfssl(wolfssl_src: &Path) -> PathBuf { conf.reconf("-ivf") // Disable benchmarks .disable("benchmark", None) - // Disable DH key exchanges - .disable("dh", None) // Disable examples .disable("examples", None) // Disable old TLS versions @@ -141,6 +141,37 @@ fn build_wolfssl(wolfssl_src: &Path) -> PathBuf { .cflag("-DWOLFSSL_NO_SPHINCS") .cflag("-DWOLFSSL_TLS13_MIDDLEBOX_COMPAT"); + for feature in OPTIONAL_FEATURES { + // Determine if feature is enabled, enable or disable feature in configure + // script based on that. + // For each optional feature, cargo sets the CARGO_FEATURE_ env var, + // so we check for that. + // Using cfg!() only works in a compile-time context, so this is the best + // alternative that does not require defining extra macros. + if env::var(format!( + "CARGO_FEATURE_{}", + feature.to_uppercase().replace("-", "_") + )) + .is_ok() + { + conf.enable(feature, None); + } else { + conf.disable(feature, None); + } + } + for (feature_name, feature_define) in MACRO_FEATURES { + // Same as above, just for features that are enabled/disabled via defines. + // Alongside the feature name, MACRO_FEATURES contains the define name to set. + if env::var(format!( + "CARGO_FEATURE_{}", + feature_name.to_uppercase().replace("-", "_") + )) + .is_ok() + { + conf.cflag(format!("-D{}", feature_define)); + } + } + if cfg!(feature = "debug") { conf.enable("debug", None); conf.cflag("-DHAVE_SECRET_CALLBACK"); diff --git a/wolfssl-sys/src/bindings.rs b/wolfssl-sys/src/bindings.rs index 4d154958..bb576ff9 100644 --- a/wolfssl-sys/src/bindings.rs +++ b/wolfssl-sys/src/bindings.rs @@ -8,6 +8,7 @@ #![allow(clippy::identity_op)] #![allow(clippy::missing_safety_doc)] #![allow(clippy::ptr_offset_with_cast)] +#![allow(clippy::too_many_arguments)] include!(concat!(env!("OUT_DIR"), "/bindings.rs")); use std::os::raw::c_int;