-
Notifications
You must be signed in to change notification settings - Fork 426
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
openssl-sys crate doesn't build with vendored feature enabled #1519
Comments
Got bitten by this as well. Is there a known workaround? |
I've tried compiling openssl with Bazel and providing it in the rules_rust/examples/crate_universe/WORKSPACE.bazel Lines 180 to 192 in 21eed19
But I still got the same error as @MichaelPaddon shared. I also tried using the openssl from my machine. I build on RBE but the openssl paths are the same on the host and execution machines: "openssl-sys": [crate.annotation(
build_script_env = {
"OPENSSL_LIB_DIR": "/usr/lib/x86_64-linux-gnu",
"OPENSSL_INCLUDE_DIR": "/usr/include/openssl",
"OPENSSL_STATIC": "1",
},
)], It still didn't work. For some reason, it cannot open the directories specified. One interesting thing I noticed: when I disable the sandbox, it does go a bit further, but fails when trying to configure/compile openssl. The only workaround I could find so far is to force dynamic linking instead of static link the openssl library. The annotation looks like that: "openssl-sys": [crate.annotation(
build_script_env = {
"OPENSSL_NO_VENDOR": "1",
},
)], But that is far from ideal. Hopefully, someone will find a fix to this issue. I also tried to disable the build script completely by setting |
I managed to get this working with static linking, at least on # //external/bazel/openssl/BUILD.build.bazel
"""An openssl build file based on a snippet found in the github issue:
https://github.com/bazelbuild/rules_foreign_cc/issues/337
"""
load("@rules_foreign_cc//foreign_cc:defs.bzl", "configure_make", "configure_make_variant")
# Read https://wiki.openssl.org/index.php/Compilation_and_Installation.
filegroup(
name = "all_srcs",
srcs = glob(["**"]),
)
CONFIGURE_OPTIONS = [
"no-comp",
"no-idea",
"no-weak-ssl-ciphers",
"no-shared",
]
LIB_NAME = "openssl"
MAKE_TARGETS = [
"build_libs",
"install_dev",
]
config_setting(
name = "clang_cl_compiler",
flag_values = {
"@bazel_tools//tools/cpp:compiler": "clang-cl",
},
visibility = ["//visibility:public"],
)
alias(
name = "openssl",
actual = select({
":clang_cl_compiler": "openssl_clang_cl",
"//conditions:default": "openssl_default",
}),
visibility = ["//visibility:public"],
)
configure_make_variant(
name = "openssl_clang_cl",
build_data = [
"@nasm//:nasm",
"@perl//:perl",
],
configure_command = "Configure",
configure_in_place = True,
configure_options = CONFIGURE_OPTIONS + [
# Target
"VC-WIN64A",
# Override environment variables set by higher-level Bazel targets.
# Most importantly, set the C++ compiler to be `cl` (as opposed to
#`clang-cl`). We're unsure whether OpenSSL can be built using
# clang-cl.
# TODO(#3): Investigate whether OpenSSL can
# build with clang-cl.
"CC=\"cl\"",
"ASFLAGS=\"-g\"",
"CFLAGS=\"/W3 /wd4090 /nologo /O2 /Zi /MP\"",
"LDFLAGS=\"/nologo /debug /Zi\"",
"ARFLAGS=\"/nologo\"",
"LD=\"link\"",
],
configure_prefix = "$PERL",
env = {
"PATH": "$(dirname $(execpath @nasm//:nasm)):$PATH",
"PERL": "$(execpath @perl//:perl)",
},
lib_name = LIB_NAME,
lib_source = ":all_srcs",
out_static_libs = [
"libssl.lib",
"libcrypto.lib",
],
targets = MAKE_TARGETS,
toolchain = "@rules_foreign_cc//toolchains:preinstalled_nmake_toolchain",
)
configure_make(
name = "openssl_default",
configure_command = "config",
configure_in_place = True,
configure_options = CONFIGURE_OPTIONS,
env = select({
"@platforms//os:macos": {"AR": ""},
"//conditions:default": {},
}),
lib_name = LIB_NAME,
lib_source = ":all_srcs",
# Note that for Linux builds libssl must be listed before
# libcrypto on the linker command-line.
out_static_libs = [
"libssl.a",
"libcrypto.a",
],
targets = MAKE_TARGETS,
)
filegroup(
name = "gen_dir",
srcs = [":openssl"],
output_group = "gen_dir",
visibility = ["//visibility:public"],
) # //WORKSPACE.bazel
############################################################
# General dependencies
############################################################
load("@bazel_tools//tools/build_defs/repo:git.bzl", "git_repository")
load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
# bazel-skylib is on an older version unless imported
load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
http_archive(
name = "bazel_skylib",
sha256 = "cd55a062e763b9349921f0f5db8c3933288dc8ba4f76dd9416aac68acee3cb94",
urls = [
"https://mirror.bazel.build/github.com/bazelbuild/bazel-skylib/releases/download/1.5.0/bazel-skylib-1.5.0.tar.gz",
"https://github.com/bazelbuild/bazel-skylib/releases/download/1.5.0/bazel-skylib-1.5.0.tar.gz",
],
)
load("@bazel_skylib//:workspace.bzl", "bazel_skylib_workspace")
bazel_skylib_workspace()
# rules_perl for OpenSSL
git_repository(
name = "rules_perl",
remote = "https://github.com/bazelbuild/rules_perl.git",
commit = "366b6aa76b12056a9e0cc23364686f25dcc41702",
)
load("@rules_perl//perl:deps.bzl", "perl_register_toolchains", "perl_rules_dependencies")
perl_rules_dependencies()
perl_register_toolchains()
# OpenSSL + foreign_cc rules
# Group the sources of the library so that rules in rules_foreign_cc have access to it
http_archive(
name = "rules_foreign_cc",
sha256 = "476303bd0f1b04cc311fc258f1708a5f6ef82d3091e53fd1977fa20383425a6a",
strip_prefix = "rules_foreign_cc-0.10.1",
url = "https://github.com/bazelbuild/rules_foreign_cc/releases/download/0.10.1/rules_foreign_cc-0.10.1.tar.gz",
)
load("@rules_foreign_cc//foreign_cc:repositories.bzl", "rules_foreign_cc_dependencies")
rules_foreign_cc_dependencies(register_built_pkgconfig_toolchain = True)
http_archive(
name = "openssl",
urls = ["https://github.com/openssl/openssl/archive/OpenSSL_1_1_1d.tar.gz"],
sha256 = "23011a5cc78e53d0dc98dfa608c51e72bcd350aa57df74c5d5574ba4ffb62e74",
strip_prefix = "openssl-OpenSSL_1_1_1d",
build_file = "bazel/openssl/BUILD.bazel"
)
# rules_rust
http_archive(
name = "rules_rust",
sha256 = "6357de5982dd32526e02278221bb8d6aa45717ba9bbacf43686b130aa2c72e1e",
urls = ["https://github.com/bazelbuild/rules_rust/releases/download/0.30.0/rules_rust-v0.30.0.tar.gz"],
)
load("@rules_rust//rust:repositories.bzl", "rules_rust_dependencies", "rust_register_toolchains")
rules_rust_dependencies()
rust_register_toolchains(
edition = "2021",
versions = [
"1.70.0",
]
)
# crate_universe
load("@rules_rust//crate_universe:repositories.bzl", "crate_universe_dependencies")
crate_universe_dependencies()
load("@rules_rust//crate_universe:defs.bzl", "crate", "crates_repository", "splicing_config")
crates_repository(
name = "crate_index",
cargo_lockfile = "//:Cargo.lock",
lockfile = "//:cargo-bazel-lock.json",
manifests = [
"//:Cargo.toml",
],
annotations = {
"openssl-sys": [crate.annotation(
build_script_data = [
"@openssl//:gen_dir",
"@openssl//:openssl",
],
build_script_data_glob = ["build/**/*.c"],
build_script_env = {
# "OPENSSL_DIR": "$(location @openssl//:gen_dir)",
# "OPENSSL_LIB_DIR": "$(execpath @openssl//:gen_dir)/lib",
"OPENSSL_STATIC": "1",
# "OPENSSL_NO_VENDOR": "1",
},
data = ["@openssl"],
deps = ["@openssl"],
)],
},
splicing_config = splicing_config(
resolver_version = "2",
)
)
load("@crate_index//:defs.bzl", "crate_repositories")
crate_repositories() NOTE:
|
Imports the openssl build from https://github.com/bazelbuild/rules_foreign_cc/blob/main/examples/third_party/openssl/ and follows the annotation process documented in bazelbuild/rules_rust#1519 (comment)
The crate builds fine using vanilla cargo.
The build script fails when it is trying to copy the openssl source:
When I disable sandboxing, the copy succeeds, but the make fails.
The text was updated successfully, but these errors were encountered: