From 1f7376a5de19ca350c0f5aed6f5dda21c939dda0 Mon Sep 17 00:00:00 2001 From: Daniel McCarney Date: Sat, 18 Jan 2025 10:15:58 -0500 Subject: [PATCH 1/3] ci: remove stale comment RE: MSRV/cargo-c The workflow is using the latest cargo-c release, not one tailored to a Minimum Supported Rust Version (MSRV). --- .github/workflows/linux.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index e5d91d9..d2abb2d 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -91,7 +91,6 @@ jobs: - name: Install cargo-c if: matrix.rustls-version == 'main' env: - # Version picked for MSRV compat. LINK: https://github.com/lu-zero/cargo-c/releases/latest/download/ CARGO_C_FILE: cargo-c-x86_64-unknown-linux-musl.tar.gz run: | From 681edd04406fe1a25d2076b7fc5fa844e16bba04 Mon Sep 17 00:00:00 2001 From: Daniel McCarney Date: Sat, 18 Jan 2025 10:18:45 -0500 Subject: [PATCH 2/3] ci: install w/ cargo-c instead of cmake cmake is only required for the client/server example binaries. For mod_tls we only need the librustls bits and can use cargo-c directly. cargo-c respects the host OS pattern of putting libs in an arch-specific subdir. To make the older 0.14.x Makefile install and the cargo-c install equivalent we override this behaviour by setting --libdir. --- .github/workflows/linux.yml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index d2abb2d..7e704a9 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -96,16 +96,17 @@ jobs: run: | curl -L $LINK/$CARGO_C_FILE | tar xz -C ~/.cargo/bin - - name: 'build rustls-ffi (cmake)' + - name: 'build rustls-ffi (cargo-c)' if: matrix.rustls-version == 'main' run: | cd $HOME/rustls-ffi - cmake \ - -DCRYPTO_PROVIDER=${{matrix.crypto}} \ - -DDYN_LINK=on \ - -DCMAKE_BUILD_TYPE=Release \ - -S librustls -B build - cmake --build build --config "Release" + cargo capi install \ + --libdir lib \ + --prefix "$HOME/rustls-ffi/build/rust" \ + --release \ + --locked \ + --no-default-features \ + --features ${{ matrix.crypto }} - name: 'install test prereqs' run: | From 3280e4f49723178b2a7457d203d05cf4612c4de8 Mon Sep 17 00:00:00 2001 From: Daniel McCarney Date: Sat, 18 Jan 2025 10:37:15 -0500 Subject: [PATCH 3/3] ci: restore aws-lc-rs crypto provider in matrix This works without issue with the main branch of rustls-ffi. For the 0.14.1 release when using the Makefile to install there's an upstream issue where the CFLAGS intended for the rustls-ffi client/server examples are _also_ used when building librustls and its rust dependencies. This includes aws-lc-sys, which at the version used by librustls/rustls/aws-lc-rs (0.21.1) produces errors under the pedantic settings used by rustls-ffi for its examples. The warnings have been fixed upstream, but not for the version in use by rustls-ffi 0.14.x. To work around this issue we pass CFLAGS="" when running the make install for librustls 0.14.1. --- .github/workflows/linux.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 7e704a9..5ef0e28 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -52,7 +52,7 @@ jobs: crypto: - ring # aws-lc-sys v0.21.1 is not building due to compiler warnings - # - aws-lc-rs + - aws-lc-rs rustls-version: - v0.14.1 - main @@ -86,7 +86,7 @@ jobs: if: matrix.rustls-version != 'main' run: | cd $HOME/rustls-ffi - make DESTDIR=$HOME/rustls-ffi/build/rust CRYPTO_PROVIDER=${{ matrix.crypto }} install + make CFLAGS="" DESTDIR=$HOME/rustls-ffi/build/rust CRYPTO_PROVIDER=${{ matrix.crypto }} install - name: Install cargo-c if: matrix.rustls-version == 'main'