Without this, openssl-sys can't compile on OpenBSD-current. As far as I can
tell, the only differences with respect to LibreSSL 5.5.4 are additional exposed
functions: there do not appear to be any breaking changes. Certainly all the
test suites in the repository succeed with this commit.
Prior to this commit in 43c951f743 the
ability to pass OPENSSL_LIBS was removed from the build.rs of
openssl-sys. This commit adds the ability to pass custom names for the
OPENSSL_LIBS back in. This is useful for when building openssl across
linux and windows with the same lib names (ssl:crypto) and the default
names provided by the build script are not valid.
I just ran into a case where I installed OpenSSL in a docker container but I
forgot to install pkg-config. Right now openssl-sys relies on pkg-config, so
print out a nice error about this.
Also cfg off SSLv3_method, since it's disabled in the OpenSSL that ships
with Arch Linux. More such flags can be added on demand - it doesn't
seem worth auditing everything for them.
This commit is relatively major refactoring of the `openssl-sys` crate as well
as the `openssl` crate itself. The end goal here was to support OpenSSL 1.1.0,
and lots of other various tweaks happened along the way. The major new features
are:
* OpenSSL 1.1.0 is supported
* OpenSSL 0.9.8 is no longer supported (aka all OSX users by default)
* All FFI bindings are verified with the `ctest` crate (same way as the `libc`
crate)
* CI matrixes are vastly expanded to include 32/64 of all platforms, more
OpenSSL version coverage, as well as ARM coverage on Linux
* The `c_helpers` module is completely removed along with the `gcc` dependency.
* The `openssl-sys` build script was completely rewritten
* Now uses `OPENSSL_DIR` to find the installation, not include/lib env vars.
* Better error messages for mismatched versions.
* Better error messages for failing to find OpenSSL on a platform (more can be
done here)
* Probing of OpenSSL build-time configuration to inform the API of the `*-sys`
crate.
* Many Cargo features have been removed as they're now enabled by default.
As this is a breaking change to both the `openssl` and `openssl-sys` crates this
will necessitate a major version bump of both. There's still a few more API
questions remaining but let's hash that out on a PR!
Closes#452
GNU linkers will sometimes aggressively try to strip objects and archives from a
linker command line in a left-to-right fashion. When a linker hits an object
file that doesn't satisfy any unresolved symbols, it will discard the object and
not re-visit it. This means that currently if symbols are depended upon in
libssl then some of the dependencies of libssl (in libcrypto) may have already
been stripped, causing a link error.
By swapping the order of what's linked it reflects the natural flow of
dependencies and the linker should figure everything out for us.
The OpenSSL "SSL_OP_*" flags are in constant flux between different OpenSSL
versions. To avoid having to change the Rust definitions, we implement our
own numbering system in Rust, and use an automatically-generated C shim to
convert the bitflags at runtime.
Steven Fackler