search

sfackler / rust-openssl

OpenSSL bindings for Rust
1.35k stars 728 forks source link

Still looking for system library even when vendored option was selected #1974

Closed nazar-pc closed 1 year ago

nazar-pc commented 1 year ago

I'm building library in Ubuntu 20.04 container and expected that neither pkg-config nor system library are required in case OpenSSL is vendored.

Apparently this is not the case and was quite unexpected. It would have been nice to remove those requirements.

sfackler commented 1 year ago

Those are not required when building a vendored copy.

nazar-pc commented 1 year ago

Hm, very strange, because in my project as soon as I remove pkg-config and libssl-dev from container image openssl-sys fails to compile.

Here is the Dockerfile, I tested it on x86-64: https://github.com/subspace/subspace/blob/f6d4f83cb67a32725f76b3799b8751635cb537b6/Dockerfile-node#L24-L25

Just changing those lines to not contain packages will cause build to fail.

OpenSSL is clearly vendored as can be seen in lock file: https://github.com/subspace/subspace/blob/f6d4f83cb67a32725f76b3799b8751635cb537b6/Cargo.lock#L6135

sfackler commented 1 year ago

The lockfile encodes all possible dependencies, not just those that have been activated. The string "vendored" does not appear anywhere in that repo, so it's not clear to me how you are trying to enable it: https://github.com/search?q=repo%3Asubspace%2Fsubspace%20vendored&type=code.

nazar-pc commented 1 year ago

GitHub search is only working on main branch. The change was introduced in mentioned commit alongside the only dependency that pulls openssl: https://github.com/subspace/subspace/commit/f6d4f83cb67a32725f76b3799b8751635cb537b6#diff-830551c68585b75b79d749f80858f28c9e5232eff45c393c5a509c7aab139ab5R28

sfackler commented 1 year ago

If you need it for prost, it is most likely a build dependency, not a runtime dependency.

nazar-pc commented 1 year ago

Not for prost, dependency tree here is fc-db > sqlx > sqlx-core > native-tls > openssl, which is why I added vendored openssl dependency alongside fc-db, such that cargo will unify features and make openssl compiled as vendored.

Interestingly, vendored feature does have positive impact on cross-compilation, I no longer need to install aarch64-specific libssl-dev and explain where it is, but native build does not compile.

sfackler commented 1 year ago

What is the full output of the failing build

nazar-pc commented 1 year ago

Output is as follows:

``` Compiling compiler_builtins v0.1.91 Compiling core v0.0.0 (/root/.rustup/toolchains/nightly-2023-05-16-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core) Compiling libc v0.2.143 Compiling cc v1.0.77 Compiling memchr v2.5.0 Compiling std v0.0.0 (/root/.rustup/toolchains/nightly-2023-05-16-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/std) Compiling proc-macro2 v1.0.60 Compiling unicode-ident v1.0.9 Compiling quote v1.0.28 Compiling libc v0.2.146 Compiling serde v1.0.164 Compiling version_check v0.9.4 Compiling autocfg v1.1.0 Compiling atomic-polyfill v1.0.2 Compiling typenum v1.16.0 Compiling thiserror v1.0.40 Compiling syn v1.0.109 Compiling parking_lot_core v0.9.8 Compiling cfg-if v1.0.0 Compiling futures-core v0.3.28 Compiling anyhow v1.0.71 Compiling futures-channel v0.3.28 Compiling critical-section v1.1.1 Compiling pkg-config v0.3.27 Compiling futures-task v0.3.28 Compiling futures-util v0.3.28 Compiling getrandom v0.1.16 Compiling subtle v2.4.1 Compiling unicode-xid v0.2.4 Compiling paste v1.0.12 Compiling convert_case v0.4.0 Compiling regex-syntax v0.7.2 Compiling itoa v1.0.6 Compiling lazy_static v1.4.0 Compiling target-lexicon v0.12.7 Compiling serde_json v1.0.97 Compiling ryu v1.0.13 Compiling crunchy v0.2.2 Compiling bytes v1.4.0 Compiling lock_api v0.4.10 Compiling generic-array v0.14.7 Compiling ahash v0.7.6 Compiling slab v0.4.8 Compiling indexmap v1.9.3 Compiling unwind v0.0.0 (/root/.rustup/toolchains/nightly-2023-05-16-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/unwind) Compiling ahash v0.8.3 Compiling num-traits v0.2.15 Compiling memoffset v0.8.0 Compiling crc32fast v1.3.2 Compiling cpp_demangle v0.3.5 Compiling log v0.4.19 Compiling ref-cast v1.0.16 Compiling crossbeam-utils v0.8.16 Compiling io-lifetimes v1.0.11 Compiling rustversion v1.0.12 Compiling memoffset v0.9.0 Compiling rustix v0.37.20 Compiling crossbeam-epoch v0.9.15 Compiling byteorder v1.4.3 Compiling arrayvec v0.7.3 Compiling rayon-core v1.11.0 Compiling cpufeatures v0.2.8 Compiling ppv-lite86 v0.2.17 Compiling once_cell v1.18.0 Compiling parking_lot_core v0.8.6 Compiling cranelift-isle v0.95.1 Compiling cranelift-codegen-shared v0.95.1 Compiling byte-slice-cast v1.2.2 Compiling rustix v0.36.14 Compiling zstd-safe v5.0.2+zstd.1.5.2 Compiling static_assertions v1.1.0 Compiling sp-std v8.0.0 (https://github.com/subspace/substrate?rev=28e33f78a3aa8ac4c6753108bc0471273ff6bf6f#28e33f78) Compiling cranelift-codegen-meta v0.95.1 Compiling wasmtime-cache v8.0.1 Compiling wasmtime v8.0.1 Compiling arrayref v0.3.7 Compiling keccak v0.1.4 Compiling async-trait v0.1.68 Compiling constant_time_eq v0.2.6 Compiling wasm-bindgen-shared v0.2.87 Compiling expander v2.0.0 Compiling fs-err v2.9.0 Compiling bumpalo v3.13.0 Compiling wasm-bindgen v0.2.87 Compiling tokio v1.28.2 Compiling smallvec v1.10.0 Compiling blake2b_simd v1.0.1 Compiling unicode-segmentation v1.10.1 Compiling proc-macro-error-attr v1.0.4 Compiling proc-macro-error v1.0.4 Compiling httparse v1.8.0 Compiling aho-corasick v1.0.2 Compiling bitflags v1.3.2 Compiling data-encoding v2.4.0 Compiling linux-raw-sys v0.3.8 Compiling proc-macro-warning v0.4.1 Compiling zstd-safe v6.0.5+zstd.1.5.4 Compiling cfg-expr v0.15.2 Compiling prometheus v0.13.3 Compiling semver v1.0.17 Compiling rustls v0.20.8 Compiling syn v2.0.18 Compiling num-integer v0.1.45 Compiling num-bigint v0.4.3 Compiling sc-executor-wasmtime v0.10.0-dev (https://github.com/subspace/substrate?rev=28e33f78a3aa8ac4c6753108bc0471273ff6bf6f#28e33f78) Compiling pin-project-lite v0.2.9 Compiling time-core v0.1.1 Compiling heck v0.4.1 Compiling platforms v3.0.2 Compiling tracing-core v0.1.31 Compiling tinyvec_macros v0.1.1 Compiling tempfile v3.6.0 Compiling time-macros v0.2.9 Compiling percent-encoding v2.3.0 Compiling unicode-bidi v0.3.13 Compiling tinyvec v1.6.0 Compiling oid-registry v0.6.1 Compiling prometheus-client v0.19.0 Compiling form_urlencoded v1.2.0 Compiling scopeguard v1.1.0 Compiling fastrand v1.9.0 Compiling hex v0.4.3 Compiling futures-sink v0.3.28 Compiling digest v0.9.0 Compiling crypto-common v0.1.6 Compiling block-buffer v0.10.4 Compiling sp-io v23.0.0 (https://github.com/subspace/substrate?rev=28e33f78a3aa8ac4c6753108bc0471273ff6bf6f#28e33f78) Compiling jobserver v0.1.26 Compiling getrandom v0.2.10 Compiling libsecp256k1-core v0.3.0 Compiling digest v0.10.7 Compiling num_cpus v1.15.0 Compiling futures-io v0.3.28 Compiling pin-utils v0.1.0 Compiling stable_deref_trait v1.2.0 Compiling rand_core v0.6.4 Compiling cc v1.0.79 Compiling curve25519-dalek v4.0.0-rc.1 Compiling sha2 v0.10.7 Compiling blake2 v0.10.6 Compiling sha3 v0.10.8 Compiling fallible-iterator v0.2.0 Compiling parking_lot v0.12.1 Compiling ansi_term v0.12.1 Compiling rand_core v0.5.1 Compiling rand_chacha v0.3.1 Compiling regex v1.8.4 Compiling hashbrown v0.12.3 Compiling generic-array v0.12.4 Compiling hashbrown v0.13.2 Compiling linux-raw-sys v0.1.4 Compiling rustc-demangle v0.1.23 Compiling rand v0.8.5 Compiling block-buffer v0.9.0 Compiling wasmtime-jit-debug v8.0.1 Compiling wasmtime-asm-macros v8.0.1 Compiling opaque-debug v0.3.0 Compiling regex-syntax v0.6.29 Compiling byte-tools v0.3.1 Compiling sha2 v0.9.9 Compiling unicode-normalization v0.1.22 Compiling digest v0.8.1 Compiling block-padding v0.1.5 Compiling wasmtime-jit-icache-coherence v8.0.1 Compiling iana-time-zone v0.1.57 Compiling rustc-hex v2.1.0 Compiling rand_chacha v0.2.2 Compiling block-buffer v0.7.3 Compiling uint v0.9.5 Compiling tracing-log v0.1.3 Compiling crypto-mac v0.11.1 Compiling crypto-mac v0.8.0 Compiling thread_local v1.1.7 Compiling sharded-slab v0.1.4 Compiling hash-db v0.16.0 Compiling libsecp256k1-gen-ecmult v0.3.0 Compiling libsecp256k1-gen-genmult v0.3.0 Compiling fake-simd v0.1.2 Compiling opaque-debug v0.2.3 Compiling rand v0.7.3 Compiling hmac v0.8.1 Compiling sha2 v0.8.2 Compiling environmental v1.1.4 Compiling arrayvec v0.5.2 Compiling pbkdf2 v0.8.0 Compiling hmac v0.11.0 Compiling pbkdf2 v0.11.0 Compiling hmac-drbg v0.3.0 Compiling hmac v0.12.1 Compiling num-format v0.4.4 Compiling base64 v0.13.1 Compiling idna v0.4.0 Compiling dyn-clone v1.0.11 Compiling tiny-keccak v2.0.2 Compiling rustc-hash v1.1.0 Compiling hash256-std-hasher v0.15.2 Compiling array-bytes v4.2.0 Compiling chrono v0.4.26 Compiling bs58 v0.4.0 Compiling libsecp256k1 v0.7.1 Compiling prettyplease v0.1.25 Compiling twox-hash v1.6.3 Compiling fixed-hash v0.8.0 Compiling adler v1.0.2 Compiling scratch v1.0.5 Compiling fixedbitset v0.4.2 Compiling trie-db v0.27.1 Compiling schnellru v0.2.1 Compiling memory-db v0.32.0 Compiling trie-root v0.18.0 Compiling miniz_oxide v0.6.2 Compiling nohash-hasher v0.2.0 Compiling multimap v0.8.3 Compiling Inflector v0.11.4 Compiling termcolor v1.2.0 Compiling snap v1.1.0 Compiling signature v1.6.4 Compiling unicode-width v0.1.10 Compiling cxxbridge-flags v1.0.97 Compiling ed25519 v1.5.3 Compiling integer-sqrt v0.1.5 Compiling spin v0.9.8 Compiling crossbeam-queue v0.3.8 Compiling radium v0.7.0 Compiling psm v0.1.21 Compiling secp256k1-sys v0.6.1 Compiling zstd-sys v2.0.8+zstd.1.5.5 Compiling backtrace v0.3.67 Compiling wasmtime-runtime v8.0.1 Compiling sp-core-hashing v9.0.0 (https://github.com/subspace/substrate?rev=28e33f78a3aa8ac4c6753108bc0471273ff6bf6f#28e33f78) Compiling ring v0.16.20 Compiling blst v0.3.10 (https://github.com/subspace/blst.git?rev=017edf9d7b943813b9ba2804a9eda20607b48139#017edf9d) Compiling libz-sys v1.1.9 Compiling url v2.4.0 Compiling blake3 v1.4.0 Compiling lz4-sys v1.9.4 Compiling link-cplusplus v1.0.8 Compiling codespan-reporting v0.11.1 Compiling cxx v1.0.97 Compiling cfg_aliases v0.1.1 Compiling openssl-sys v0.9.90 Compiling native-tls v0.2.11 Compiling parity-wasm v0.45.0 Compiling memfd v0.6.3 Compiling cranelift-codegen v0.95.1 Compiling rustls v0.21.2 Compiling openssl-src v111.26.0+1.1.1u Compiling num-rational v0.4.1 Compiling camino v1.1.4 Compiling vcpkg v0.2.15 Compiling static_init_macro v1.0.2 Compiling semver-parser v0.7.0 Compiling winnow v0.4.7 Compiling static_init v1.0.3 Compiling regex-automata v0.1.10 Compiling threadpool v1.8.1 Compiling semver v0.6.0 Compiling matrixmultiply v0.3.7 Compiling foreign-types-shared v0.1.1 Compiling sc-sysinfo v6.0.0-dev (https://github.com/subspace/substrate?rev=28e33f78a3aa8ac4c6753108bc0471273ff6bf6f#28e33f78) Compiling openssl v0.10.55 Compiling same-file v1.0.6 Compiling build-helper v0.1.1 Compiling foreign-types v0.3.2 error: failed to run custom build command for `openssl-sys v0.9.90` Caused by: process didn't exit successfully: `/code/target/production/build/openssl-sys-1b2cc4f2bb867d60/build-script-main` (exit status: 101) --- stdout cargo:rerun-if-env-changed=X86_64_UNKNOWN_LINUX_GNU_OPENSSL_LIB_DIR X86_64_UNKNOWN_LINUX_GNU_OPENSSL_LIB_DIR unset cargo:rerun-if-env-changed=OPENSSL_LIB_DIR OPENSSL_LIB_DIR unset cargo:rerun-if-env-changed=X86_64_UNKNOWN_LINUX_GNU_OPENSSL_INCLUDE_DIR X86_64_UNKNOWN_LINUX_GNU_OPENSSL_INCLUDE_DIR unset cargo:rerun-if-env-changed=OPENSSL_INCLUDE_DIR OPENSSL_INCLUDE_DIR unset cargo:rerun-if-env-changed=X86_64_UNKNOWN_LINUX_GNU_OPENSSL_DIR X86_64_UNKNOWN_LINUX_GNU_OPENSSL_DIR unset cargo:rerun-if-env-changed=OPENSSL_DIR OPENSSL_DIR unset cargo:rerun-if-env-changed=OPENSSL_NO_PKG_CONFIG cargo:rerun-if-env-changed=PKG_CONFIG_x86_64-unknown-linux-gnu cargo:rerun-if-env-changed=PKG_CONFIG_x86_64_unknown_linux_gnu cargo:rerun-if-env-changed=HOST_PKG_CONFIG cargo:rerun-if-env-changed=PKG_CONFIG cargo:rerun-if-env-changed=OPENSSL_STATIC cargo:rerun-if-env-changed=OPENSSL_DYNAMIC cargo:rerun-if-env-changed=PKG_CONFIG_ALL_STATIC cargo:rerun-if-env-changed=PKG_CONFIG_ALL_DYNAMIC cargo:rerun-if-env-changed=PKG_CONFIG_PATH_x86_64-unknown-linux-gnu cargo:rerun-if-env-changed=PKG_CONFIG_PATH_x86_64_unknown_linux_gnu cargo:rerun-if-env-changed=HOST_PKG_CONFIG_PATH cargo:rerun-if-env-changed=PKG_CONFIG_PATH cargo:rerun-if-env-changed=PKG_CONFIG_LIBDIR_x86_64-unknown-linux-gnu cargo:rerun-if-env-changed=PKG_CONFIG_LIBDIR_x86_64_unknown_linux_gnu cargo:rerun-if-env-changed=HOST_PKG_CONFIG_LIBDIR cargo:rerun-if-env-changed=PKG_CONFIG_LIBDIR cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR_x86_64-unknown-linux-gnu cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR_x86_64_unknown_linux_gnu cargo:rerun-if-env-changed=HOST_PKG_CONFIG_SYSROOT_DIR cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR cargo:rerun-if-env-changed=OPENSSL_STATIC cargo:rerun-if-env-changed=OPENSSL_DYNAMIC cargo:rerun-if-env-changed=PKG_CONFIG_ALL_STATIC cargo:rerun-if-env-changed=PKG_CONFIG_ALL_DYNAMIC cargo:rerun-if-env-changed=PKG_CONFIG_PATH_x86_64-unknown-linux-gnu cargo:rerun-if-env-changed=PKG_CONFIG_PATH_x86_64_unknown_linux_gnu cargo:rerun-if-env-changed=HOST_PKG_CONFIG_PATH cargo:rerun-if-env-changed=PKG_CONFIG_PATH cargo:rerun-if-env-changed=PKG_CONFIG_LIBDIR_x86_64-unknown-linux-gnu cargo:rerun-if-env-changed=PKG_CONFIG_LIBDIR_x86_64_unknown_linux_gnu cargo:rerun-if-env-changed=HOST_PKG_CONFIG_LIBDIR cargo:rerun-if-env-changed=PKG_CONFIG_LIBDIR cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR_x86_64-unknown-linux-gnu cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR_x86_64_unknown_linux_gnu cargo:rerun-if-env-changed=HOST_PKG_CONFIG_SYSROOT_DIR cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR run pkg_config fail: Could not run `PKG_CONFIG_ALLOW_SYSTEM_CFLAGS="1" "pkg-config" "--libs" "--cflags" "openssl"` The pkg-config command could not be found. Most likely, you need to install a pkg-config package for your OS. Try `apt install pkg-config`, or `yum install pkg-config`, or `pkg install pkg-config`, or `apk add pkgconfig` depending on your distribution. If you've already installed it, ensure the pkg-config command is one of the directories in the PATH environment variable. If you did not expect this build to link to a pre-installed system library, then check documentation of the openssl-sys crate for an option to build the library from source, or disable features or dependencies that require pkg-config. --- stderr thread 'main' panicked at ' Could not find directory of OpenSSL installation, and this `-sys` crate cannot proceed without this knowledge. If OpenSSL is installed and this crate had trouble finding it, you can set the `OPENSSL_DIR` environment variable for the compilation process. Make sure you also have the development packages of openssl installed. For example, `libssl-dev` on Ubuntu or `openssl-devel` on Fedora. If you're in a situation where you think the directory *should* be found automatically, please open a bug at https://github.com/sfackler/rust-openssl and include information about your system as well as this message. $HOST = x86_64-unknown-linux-gnu $TARGET = x86_64-unknown-linux-gnu openssl-sys = 0.9.90 It looks like you're compiling on Linux and also targeting Linux. Currently this requires the `pkg-config` utility to find OpenSSL but unfortunately `pkg-config` could not be found. If you have OpenSSL installed you can likely fix this by installing `pkg-config`. ', /root/.cargo/registry/src/index.crates.io-6f17d22bba15001f/openssl-sys-0.9.90/build/find_normal.rs:190:5 ```

It did download openssl-src, meaning vendor flag did take effect, yet it somehow is still trying to build non-vendored version :man_shrugging:

So far I was not able to reproduce it with trivial example, still looking into it.

sfackler commented 1 year ago

How confident are you that openssl is not a build dependency in addition to a runtime dependency?

nazar-pc commented 1 year ago

Here is minimal Cargo.toml:

[package]
name = "tmp"
version = "0.1.0"
edition = "2021"

[dependencies]
sqlx-macros = { features = ["_tls-native-tls"], version = "0.7.0-alpha.3" }
openssl = { version = "0.10.55", features = ["vendored"] }

And Dockerfile to build it:

FROM ubuntu:20.04

WORKDIR /code

RUN \
    apt-get update && \
    DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
        ca-certificates \
        curl \
        clang \
        make \
        perl && \
    curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y

COPY Cargo.toml /code/Cargo.toml
COPY src /code/src

RUN /root/.cargo/bin/cargo build

The issue seems to be from the fact that some of sqlx-macros's dependencies require openssl, but sqlx-macros itself is a proc-macro, so apparently feature unification doesn't affect it :interrobang:

sfackler commented 1 year ago

Features don't unify across build and runtime dependencies. If you want a vendored openssl in the build context you'll need to enable that too.

nazar-pc commented 1 year ago

Well, that was super strange, but it worked indeed. I didn't expect proc-macro to have their own "group" for feature unification, but on the other hand I do see why it would be the case.

Thanks for your patience, moving/adding it to build-dependencies helped.