search

cloudflare / boring

BoringSSL bindings for the Rust programming language.
367 stars 114 forks source link

Fix building with non bazel commits of boringssl #215

Closed rushilmehra closed 10 months ago

rushilmehra commented 10 months ago

We need to add /build/crypto and /build/ssl to the library search path to handle the case where we pass BORING_BSSL_SOURCE_PATH when building without enabling any fips features. Otherwise, non bazel commits will not work because /build/ itself will not contain any crypto libraries to link with

nox commented 10 months ago

We need to add /build/crypto and /build/ssl to the library search path to handle the case where we pass BORING_BSSL_SOURCE_PATH when building without enabling any fips features.

There are other issues when you do that, patches won't apply for example. The fix needs to be a bit more complex than that, e.g. require ASSUME_PATCHED if features that require patches are enabled.

I'd also rather tweak the build to check if it is a bazel build or not, and adjust the paths accordingly.

rushilmehra commented 10 months ago

We need to add /build/crypto and /build/ssl to the library search path to handle the case where we pass BORING_BSSL_SOURCE_PATH when building without enabling any fips features.

There are other issues when you do that, patches won't apply for example. The fix needs to be a bit more complex than that, e.g. require ASSUME_PATCHED if features that require patches are enabled.

I'd also rather tweak the build to check if it is a bazel build or not, and adjust the paths accordingly.

I updated the PR to require BORING_BSSL_ASSUME_PATCHED if you pass BORING_BSSL_SOURCE_PATH and depend on a feature that would apply a patch. As for updating paths based on the boringssl passed being bazel or not, I'm going to figure that out in a follow up PR because it's going to be a bit annoying. All the git patches assume a src/ directory is available, but for non bazel builds that isn't the case. I have a feeling I'll have to redo the patches to remove the src/ and just set src/ as the working directory for bazel versions of boringssl

rushilmehra commented 10 months ago

Okay now we pass -p2 to git apply when we identify a non bazel build. I tested this by changing the boringssl submodule to both a bazel and non-bazel commit, and enabling the rpk feature.

As an extra goodie, I made https://github.com/cloudflare/boring/pull/217 to make builds faster