diff options
| author | Alex Crichton <[email protected]> | 2016-09-30 00:43:05 -0700 |
|---|---|---|
| committer | Alex Crichton <[email protected]> | 2016-10-12 22:49:55 -0700 |
| commit | 43c951f743e68fac5f45119eda7c994882a1d489 (patch) | |
| tree | 45169f1b92858a3ba2ad0287de1bf1ecb395804b /README.md | |
| parent | Rename NoPadding to None (diff) | |
| download | rust-openssl-43c951f743e68fac5f45119eda7c994882a1d489.tar.xz rust-openssl-43c951f743e68fac5f45119eda7c994882a1d489.zip | |
Add support for OpenSSL 1.1.0
This commit is relatively major refactoring of the `openssl-sys` crate as well
as the `openssl` crate itself. The end goal here was to support OpenSSL 1.1.0,
and lots of other various tweaks happened along the way. The major new features
are:
* OpenSSL 1.1.0 is supported
* OpenSSL 0.9.8 is no longer supported (aka all OSX users by default)
* All FFI bindings are verified with the `ctest` crate (same way as the `libc`
crate)
* CI matrixes are vastly expanded to include 32/64 of all platforms, more
OpenSSL version coverage, as well as ARM coverage on Linux
* The `c_helpers` module is completely removed along with the `gcc` dependency.
* The `openssl-sys` build script was completely rewritten
* Now uses `OPENSSL_DIR` to find the installation, not include/lib env vars.
* Better error messages for mismatched versions.
* Better error messages for failing to find OpenSSL on a platform (more can be
done here)
* Probing of OpenSSL build-time configuration to inform the API of the `*-sys`
crate.
* Many Cargo features have been removed as they're now enabled by default.
As this is a breaking change to both the `openssl` and `openssl-sys` crates this
will necessitate a major version bump of both. There's still a few more API
questions remaining but let's hash that out on a PR!
Closes #452
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 108 |
1 files changed, 55 insertions, 53 deletions
@@ -6,13 +6,16 @@ ## Building -rust-openssl depends on both the OpenSSL runtime libraries and headers. +rust-openssl depends on the OpenSSL runtime libraries version 1.0.1 or above. +Currently the libraries need to be present in the build environment before this +crate is compiled, and some instructions of how to do this are in the sections +below. ### Linux -On Linux, you can install OpenSSL via your package manager. The headers are -sometimes provided in a separate package than the runtime libraries - look for -something like `openssl-devel` or `libssl-dev`. +On Linux, you can typically install OpenSSL via your package manager. The +headers are sometimes provided in a separate package than the runtime libraries +- look for something like `openssl-devel` or `libssl-dev`. ```bash # On Ubuntu @@ -23,79 +26,78 @@ sudo pacman -S openssl sudo dnf install openssl-devel ``` +If installation via a package manager is not possible, or if you're cross +compiling to a separate target, you'll typically need to compile OpenSSL from +source. That can normally be done with: + +``` +curl -O https://www.openssl.org/source/openssl-1.1.0b.tar.gz +tar xf openssl-1.1.0b.tar.gz +cd openssl-1.1.0b +export CC=... +./Configure --prefix=... linux-x86_64 -fPIC +make -j$(nproc) +make install +``` + ### OSX -OpenSSL 0.9.8 is preinstalled on OSX. Some features are only available when -linking against OpenSSL 1.0.0 or greater; see below on how to point -rust-openssl to a separate installation. OSX releases starting at 10.11, "El -Capitan", no longer include OpenSSL headers which will prevent the `openssl` -crate from compiling. +Although OpenSSL 0.9.8 is preinstalled on OSX this library is being phased out +of OSX and this crate also does not support this version of OpenSSL. To use this +crate on OSX you'll need to install OpenSSL via some alternate means, typically +homebrew: -For OSX 10.11 you can use brew to install OpenSSL and then set the environment variables -as described below. ```bash brew install openssl -export OPENSSL_INCLUDE_DIR=`brew --prefix openssl`/include -export OPENSSL_LIB_DIR=`brew --prefix openssl`/lib ``` -May be necessary clean the repository with `cargo clean` before build again. +### Windows MSVC -### Windows +On MSVC it's unfortunately not always a trivial process acquiring OpenSSL. +Perhaps the easiest way to do this right now is to download [precompiled +binaries] and install them on your system. Currently it's recommended to +install the 1.1.0b light installation if you're choosing this route. -On Windows, consider building with [mingw-w64](http://mingw-w64.org/). -Build script will try to find mingw in `PATH` environment variable to provide -Cargo with location where openssl libs from mingw-w64 package may be found. +[precompiled binaries]: http://slproweb.com/products/Win32OpenSSL.html -mingw-w64 can be easily installed by using [MSYS2](http://msys2.github.io/). Install MSYS2 according to the instructions, and then, from an MSYS2 Shell, install mingw-w64: +Once a precompiled binary is installed you can configure this crate to find the +installation via an environment variable: -32-bit: -```bash -pacman -S mingw-w64-i686-gcc -``` - -64-bit -```bash -pacman -S mingw-w64-x86_64-gcc +``` +set OPENSSL_DIR=C:\OpenSSL-Win64 ``` -and then install the mingw-w64 toolchain. +After that, you're just a `cargo build` away! -32-bit: -```bash -pacman -S mingw-w64-i686-toolchain -``` +### Windows GNU (MinGW) -64-bit: -```bash -pacman -S mingw-w64-x86_64-toolchain -``` +The easiest way to acquire OpenSSL when working with MinGW is to ensure you're +using [MSYS2](http://msys2.github.io) and to then execute: -Alternatively, install OpenSSL from [here][1]. Cargo will not be able to find OpenSSL if it's -installed to the default location. You can either copy the `include/openssl` -directory, `libssl32.dll`, and `libeay32.dll` to locations that Cargo can find -or pass the location to Cargo via environment variables: +``` +# 32-bit +pacman -S mingw-w64-i686-openssl -```bash -env OPENSSL_LIB_DIR=C:/OpenSSL-Win64 OPENSSL_INCLUDE_DIR=C:/OpenSSL-Win64/include cargo build +# 64-bit +pacman -S mingw-w64-x86_64-openssl ``` +And after that, a `cargo build` should be all you need! + ### Manual configuration rust-openssl's build script will by default attempt to locate OpenSSL via -pkg-config. This will not work in some situations, for example, on systems that -don't have pkg-config, when cross compiling, or when using a copy of OpenSSL +pkg-config or other system-specific mechanisms. This will not work in some +situations however, for example cross compiling or when using a copy of OpenSSL other than the normal system install. The build script can be configured via environment variables: -* `OPENSSL_LIB_DIR` - If specified, a directory that will be used to find - OpenSSL runtime libraries. -* `OPENSSL_INCLUDE_DIR` - If specified, a directory that will be used to find - OpenSSL headers. -* `OPENSSL_STATIC` - If specified, OpenSSL libraries will be statically rather - than dynamically linked. -If either `OPENSSL_LIB_DIR` or `OPENSSL_INCLUDE_DIR` are specified, then the -build script will skip the pkg-config step. +* `OPENSSL_DIR` - If specified, a directory that will be used to find + OpenSSL installation. It's expected that under this directory the `include` + folder has header files and a `lib` folder has the runtime libraries. +* `OPENSSL_STATIC` - If specified, OpenSSL libraries will be statically rather + than dynamically linked. -[1]: http://slproweb.com/products/Win32OpenSSL.html +If `OPENSSL_DIR` is specified, then the build script will skip the pkg-config +step. |