From c28c947e25f20b1009e193449021717d9a02d6ee Mon Sep 17 00:00:00 2001 From: Antoine Date: Fri, 11 Oct 2024 21:26:58 +0200 Subject: [PATCH] Allow choosing which dependency to use for SSL --- .github/workflows/ci.yml | 10 +++---- README.md | 45 ++++++++++++++++++++-------- build.zig | 64 ++++++++++++++++++++++++++-------------- build.zig.zon | 6 ++-- 4 files changed, 82 insertions(+), 43 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0933d8e..dddcf96 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,19 +14,19 @@ jobs: strategy: fail-fast: false matrix: - zig-version: ["master", "0.13.0"] + zig-version: ["master"] os: [ubuntu-latest] - build-options: ["-Ddisable-ssl -Ddisable-zlib -Ddisable-zstd"] + build-options: ["-Dssl=None -Ddisable-zlib -Ddisable-zstd", "-Dssl=OpenSSL", "-Dssl=LibreSSL"] include: - - zig-version: "master" + - zig-version: "0.13.0" os: ubuntu-latest - build-options: "" + build-options: "-Dssl=None -Ddisable-zlib -Ddisable-zstd" #- zig-version: "master" # os: macos-latest # Apple Silicon (M1) # build-options: "-Ddisable-ssl" - zig-version: "master" os: macos-13 # Intel macOS - build-options: "-Ddisable-ssl" + build-options: "-Dssl=LibreSSL" runs-on: ${{ matrix.os }} diff --git a/README.md b/README.md index f0a7ba6..9406e90 100644 --- a/README.md +++ b/README.md @@ -4,25 +4,20 @@ Provides a package to be used by the zig package manager for C programs. ## Status -| Architecture \ OS | Linux | MacOS | -|:------------------|:------|-------------------| -| x86_64 | ✅ | ☑️ `-Ddisable-ssl` | -| arm 64 | __?__ | ☑️ `-Ddisable-ssl` | +| Architecture \ OS | Linux | MacOS | +|:------------------|:-----------|-------| +| x86_64 | ✅ | ✅ | +| arm 64 | (untested) | ✅ | -Optional dependencies used by default: -- openssl -- zlib -- zstd - -| Refname | PostgreSQL version | Zig `0.12.x` | Zig `0.13.x` | Zig `0.14.0-dev` | -|----------|--------------------|--------------|--------------|------------------| -| `5.16.4` | `REL_16_4` | ✅ | ✅ | ✅ | +| Refname | PostgreSQL version | Zig `0.12.x` | Zig `0.13.x` | Zig `0.14.0-dev` | +|------------|--------------------|--------------|--------------|------------------| +| `5.16.4+1` | `REL_16_4` | ❌ | ✅ | ✅ | ## Use Add the dependency in your `build.zig.zon` by running the following command: ```zig -zig fetch --save git+https://github.com/allyourcodebase/libpq#5.16.4 +zig fetch --save git+https://github.com/allyourcodebase/libpq#5.16.4+1 ``` Then, in your `build.zig`: @@ -33,3 +28,27 @@ const libpq = postgres.artifact("pq"); // wherever needed: exe.linkLibrary(libpq); ``` + +## Options + +``` + -Dssl=[enum] Choose which dependency to use for SSL. Defaults to LibreSSL + Supported Values: + OpenSSL + LibreSSL + None + -Ddisable-zlib=[bool] Remove zlib as a dependency + -Ddisable-zstd=[bool] Remove zstd as a dependency +``` + +## Bump dependencies + +To update this project dependencies: + +```bash +zig fetch --save=upstream git+https://github.com/postgres/postgres#REL_16_4 +zig fetch --save git+https://github.com/allyourcodebase/openssl#3.3.0 +zig fetch --save git+https://github.com/allyourcodebase/libressl#3.9.2+1 +zig fetch --save git+https://github.com/allyourcodebase/zlib#1.3.1 +zig fetch --save git+https://github.com/allyourcodebase/zstd#1.5.6-1 +``` diff --git a/build.zig b/build.zig index fc33ed5..d42a2f9 100644 --- a/build.zig +++ b/build.zig @@ -3,6 +3,8 @@ const std = @import("std"); const version = .{ .major = 16, .minor = 4 }; const libpq_path = "src/interfaces/libpq"; +const ssl_type = enum { OpenSSL, LibreSSL, None }; + pub fn build(b: *std.Build) !void { const target = b.standardTargetOptions(.{}); const optimize = b.standardOptimizeOption(.{}); @@ -14,7 +16,7 @@ pub fn build(b: *std.Build) !void { else => return error.OsNotSupported, }; - const disable_ssl = b.option(bool, "disable-ssl", "Remove OpenSSL as a dependency and disallow encrypted communications") orelse false; + const ssl_option = b.option(ssl_type, "ssl", "Choose which dependency to use for SSL among OpenSSL, LibreSSL and None. Defaults to LibreSSL") orelse .LibreSSL; const disable_zlib = b.option(bool, "disable-zlib", "Remove zlib as a dependency") orelse false; const disable_zstd = b.option(bool, "disable-zstd", "Remove zstd as a dependency") orelse false; @@ -70,11 +72,45 @@ pub fn build(b: *std.Build) !void { lib.installConfigHeader(header); } - if (!disable_ssl) { - if (b.lazyDependency("libressl", .{ .target = target, .optimize = optimize })) |openssl_dep| { - const openssl = openssl_dep.artifact("ssl"); - lib.linkLibrary(openssl); - } + var use_openssl: ?u8 = null; + var use_ssl: ?u8 = null; + + switch (ssl_option) { + .OpenSSL => { + use_ssl = 1; + use_openssl = 1; + if (b.lazyDependency("openssl", .{ .target = target, .optimize = optimize })) |openssl_dep| { + const openssl = openssl_dep.artifact("openssl"); + lib.linkLibrary(openssl); + } + }, + .LibreSSL => { + use_ssl = 1; + if (b.lazyDependency("libressl", .{ .target = target, .optimize = optimize })) |libressl_dep| { + const libressl = libressl_dep.artifact("ssl"); + lib.linkLibrary(libressl); + } + }, + .None => {}, + } + + pg_config.addValues(.{ + .USE_OPENSSL = use_ssl, + .OPENSSL_API_COMPAT = .@"0x10001000L", + .HAVE_LIBCRYPTO = use_ssl, + .HAVE_LIBSSL = use_ssl, + .HAVE_OPENSSL_INIT_SSL = use_ssl, + .HAVE_SSL_CTX_SET_CERT_CB = use_openssl, + .HAVE_SSL_CTX_SET_NUM_TICKETS = use_ssl, + .HAVE_X509_GET_SIGNATURE_INFO = use_openssl, + .HAVE_X509_GET_SIGNATURE_NID = use_ssl, + .HAVE_BIO_METH_NEW = use_ssl, + .HAVE_HMAC_CTX_FREE = use_ssl, + .HAVE_HMAC_CTX_NEW = use_ssl, + .HAVE_ASN1_STRING_GET0_DATA = use_ssl, + }); + + if (ssl_option != .None) { lib.addCSourceFiles(.{ .root = upstream.path(libpq_path), .files = &.{ @@ -105,22 +141,6 @@ pub fn build(b: *std.Build) !void { .flags = &CFLAGS, }); } - const usessl: ?u8 = if (disable_ssl) null else 1; - pg_config.addValues(.{ - .USE_OPENSSL = usessl, - .OPENSSL_API_COMPAT = .@"0x10001000L", - .HAVE_LIBCRYPTO = usessl, - .HAVE_LIBSSL = usessl, - .HAVE_OPENSSL_INIT_SSL = usessl, - .HAVE_SSL_CTX_SET_CERT_CB = null, - .HAVE_SSL_CTX_SET_NUM_TICKETS = usessl, - .HAVE_X509_GET_SIGNATURE_INFO = null, - .HAVE_X509_GET_SIGNATURE_NID = usessl, - .HAVE_BIO_METH_NEW = usessl, - .HAVE_HMAC_CTX_FREE = usessl, - .HAVE_HMAC_CTX_NEW = usessl, - .HAVE_ASN1_STRING_GET0_DATA = usessl, - }); if (!disable_zlib) { if (b.lazyDependency("zlib", .{ .target = target, .optimize = optimize })) |zlib_dep| { diff --git a/build.zig.zon b/build.zig.zon index bb86b2c..589f543 100644 --- a/build.zig.zon +++ b/build.zig.zon @@ -12,8 +12,8 @@ .lazy = true, }, .libressl = .{ - .url = "git+https://github.com/allyourcodebase/libressl?ref=3.9.2#a373b82991947b694196ee630bd6a648d71e2b3f", - .hash = "1220b1536d43ed8ce79ee05c53929f90b67dd299e61dfa249fa8f476f17eee46a95f", + .url = "git+https://github.com/allyourcodebase/libressl?ref=3.9.2+1#02abfefee4e4eda28ce53c637b3c0d204ace8a6d", + .hash = "12201f5cc06c88f191696106723797449baacb6ea38b07b6cf31c18c0382a6bea33e", .lazy = true, }, .zlib = .{ @@ -22,7 +22,7 @@ .lazy = true, }, .zstd = .{ - .url = "git+https://github.com/allyourcodebase/zstd.git?ref=1.5.6-1#3247ffbcbc31f014027a5776a25c4261054e9fe9", + .url = "git+https://github.com/allyourcodebase/zstd?ref=1.5.6-1#3247ffbcbc31f014027a5776a25c4261054e9fe9", .hash = "12200dbfe91946451bab186f584edbec9f9f7fdbcf818ad984b7182fea655b3c10e3", .lazy = true, },