From b090804227596b1814bbb6c6cdcf89347270371e Mon Sep 17 00:00:00 2001 From: Aidan Hobson Sayers Date: Mon, 12 Dec 2016 17:51:35 +0000 Subject: [PATCH 1/2] Allow OPENSSL_{LIB,INCLUDE}_DIR to override OPENSSL_DIR --- README.md | 6 ++++++ openssl-sys/build.rs | 20 ++++++++++++++------ 2 files changed, 20 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 30b92e8e..9c3e30a2 100644 --- a/README.md +++ b/README.md @@ -102,6 +102,12 @@ The build script can be configured via environment variables: * `OPENSSL_DIR` - If specified, a directory that will be used to find OpenSSL installation. It's expected that under this directory the `include` folder has header files and a `lib` folder has the runtime libraries. +* `OPENSSL_LIB_DIR` - If specified, a directory that will be used to find + OpenSSL libraries. Overrides the `lib` folder implied by `OPENSSL_DIR` + (if specified). +* `OPENSSL_INCLUDE_DIR` - If specified, a directory that will be used to find + OpenSSL header files. Overrides the `include` folder implied by `OPENSSL_DIR` + (if specified). * `OPENSSL_STATIC` - If specified, OpenSSL libraries will be statically rather than dynamically linked. diff --git a/openssl-sys/build.rs b/openssl-sys/build.rs index b6c8c2de..ce173192 100644 --- a/openssl-sys/build.rs +++ b/openssl-sys/build.rs @@ -11,17 +11,25 @@ use std::process::Command; fn main() { let target = env::var("TARGET").unwrap(); - let openssl_dir = env::var_os("OPENSSL_DIR").unwrap_or_else(|| { - find_openssl_dir(&target) - }); + let lib_dir = env::var_os("OPENSSL_LIB_DIR").map(PathBuf::from); + let include_dir = env::var_os("OPENSSL_INCLUDE_DIR").map(PathBuf::from); + + let (lib_dir, include_dir) = if lib_dir.is_none() || include_dir.is_none() { + let openssl_dir = env::var_os("OPENSSL_DIR").unwrap_or_else(|| { + find_openssl_dir(&target) + }); + let openssl_dir = Path::new(&openssl_dir); + let lib_dir = lib_dir.unwrap_or_else(|| openssl_dir.join("lib")); + let include_dir = include_dir.unwrap_or_else(|| openssl_dir.join("include")); + (lib_dir, include_dir) + } else { + (lib_dir.unwrap(), include_dir.unwrap()) + }; - let lib_dir = Path::new(&openssl_dir).join("lib"); - let include_dir = Path::new(&openssl_dir).join("include"); if !Path::new(&lib_dir).exists() { panic!("OpenSSL library directory does not exist: {}", lib_dir.to_string_lossy()); } - if !Path::new(&include_dir).exists() { panic!("OpenSSL include directory does not exist: {}", include_dir.to_string_lossy()); From 65d45bcad8766b335f50979a285e36d3e00cdc21 Mon Sep 17 00:00:00 2001 From: Philipp Keck Date: Wed, 14 Dec 2016 17:55:07 +0100 Subject: [PATCH 2/2] Explain how to install trusted root certificates The slproweb.com OpenSSL distribution does not contain root certificates, so they need to be downloaded and installed manually to avoid certificate warnings when making requests. --- README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/README.md b/README.md index 9c3e30a2..0f1eb435 100644 --- a/README.md +++ b/README.md @@ -73,6 +73,18 @@ installation via an environment variable: set OPENSSL_DIR=C:\OpenSSL-Win64 ``` +Note that this OpenSSL distribution does not ship with any root certificates. +So to make requests to servers on the internet, you have to install them +manually. Download the [cacert.pem file from here], copy it somewhere safe +(`C:\OpenSSL-Win64\certs` is a good place) and point the `SSL_CERT_FILE` +environment variable there: + +``` +set SSL_CERT_FILE=C:\OpenSSL-Win64\certs\cacert.pem +``` + +[cacert.pem file from here]: https://curl.haxx.se/docs/caextract.html + After that, you're just a `cargo build` away! ### Windows GNU (MinGW)