Skip to content

Commit

Permalink
Allow choosing which dependency to use for SSL
Browse files Browse the repository at this point in the history
  • Loading branch information
agagniere committed Oct 11, 2024
1 parent 036533a commit bcda3b2
Show file tree
Hide file tree
Showing 4 changed files with 82 additions and 43 deletions.
10 changes: 5 additions & 5 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,19 +14,19 @@ jobs:
strategy:
fail-fast: false
matrix:
zig-version: ["master", "0.13.0"]
zig-version: ["master"]
os: [ubuntu-latest]
build-options: ["-Ddisable-ssl -Ddisable-zlib -Ddisable-zstd"]
build-options: ["-Dssl=None -Ddisable-zlib -Ddisable-zstd", "-Dssl=OpenSSL", "-Dssl=LibreSSL"]
include:
- zig-version: "master"
- zig-version: "0.13.0"
os: ubuntu-latest
build-options: ""
build-options: "-Dssl=None -Ddisable-zlib -Ddisable-zstd"
#- zig-version: "master"
# os: macos-latest # Apple Silicon (M1)
# build-options: "-Ddisable-ssl"
- zig-version: "master"
os: macos-13 # Intel macOS
build-options: "-Ddisable-ssl"
build-options: "-Dssl=LibreSSL"

runs-on: ${{ matrix.os }}

Expand Down
45 changes: 32 additions & 13 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,25 +4,20 @@ Provides a package to be used by the zig package manager for C programs.

## Status

| Architecture \ OS | Linux | MacOS |
|:------------------|:------|-------------------|
| x86_64 || ☑️ `-Ddisable-ssl` |
| arm 64 | __?__ | ☑️ `-Ddisable-ssl` |
| Architecture \ OS | Linux | MacOS |
|:------------------|:-----------|-------|
| x86_64 | | |
| arm 64 | (untested) | |

Optional dependencies used by default:
- openssl
- zlib
- zstd

| Refname | PostgreSQL version | Zig `0.12.x` | Zig `0.13.x` | Zig `0.14.0-dev` |
|----------|--------------------|--------------|--------------|------------------|
| `5.16.4` | `REL_16_4` ||||
| Refname | PostgreSQL version | Zig `0.12.x` | Zig `0.13.x` | Zig `0.14.0-dev` |
|------------|--------------------|--------------|--------------|------------------|
| `5.16.4+1` | `REL_16_4` ||||

## Use

Add the dependency in your `build.zig.zon` by running the following command:
```zig
zig fetch --save git+https://github.com/allyourcodebase/libpq#5.16.4
zig fetch --save git+https://github.com/allyourcodebase/libpq#5.16.4+1
```

Then, in your `build.zig`:
Expand All @@ -33,3 +28,27 @@ const libpq = postgres.artifact("pq");
// wherever needed:
exe.linkLibrary(libpq);
```

## Options

```
-Dssl=[enum] Choose which dependency to use for SSL. Defaults to LibreSSL
Supported Values:
OpenSSL
LibreSSL
None
-Ddisable-zlib=[bool] Remove zlib as a dependency
-Ddisable-zstd=[bool] Remove zstd as a dependency
```

## Bump dependencies

To update this project dependencies:

```bash
zig fetch --save=upstream git+https://github.com/postgres/postgres#REL_16_4
zig fetch --save git+https://github.com/allyourcodebase/openssl#3.3.0
zig fetch --save git+https://github.com/allyourcodebase/libressl#3.9.2+1
zig fetch --save git+https://github.com/allyourcodebase/zlib#1.3.1
zig fetch --save git+https://github.com/allyourcodebase/zstd#1.5.6-1
```
64 changes: 42 additions & 22 deletions build.zig
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ const std = @import("std");
const version = .{ .major = 16, .minor = 4 };
const libpq_path = "src/interfaces/libpq";

const ssl_type = enum { OpenSSL, LibreSSL, None };

pub fn build(b: *std.Build) !void {
const target = b.standardTargetOptions(.{});
const optimize = b.standardOptimizeOption(.{});
Expand All @@ -14,7 +16,7 @@ pub fn build(b: *std.Build) !void {
else => return error.OsNotSupported,
};

const disable_ssl = b.option(bool, "disable-ssl", "Remove OpenSSL as a dependency and disallow encrypted communications") orelse false;
const ssl_option = b.option(ssl_type, "ssl", "Choose which dependency to use for SSL among OpenSSL, LibreSSL and None. Defaults to LibreSSL") orelse .LibreSSL;
const disable_zlib = b.option(bool, "disable-zlib", "Remove zlib as a dependency") orelse false;
const disable_zstd = b.option(bool, "disable-zstd", "Remove zstd as a dependency") orelse false;

Expand Down Expand Up @@ -70,11 +72,45 @@ pub fn build(b: *std.Build) !void {
lib.installConfigHeader(header);
}

if (!disable_ssl) {
if (b.lazyDependency("libressl", .{ .target = target, .optimize = optimize })) |openssl_dep| {
const openssl = openssl_dep.artifact("ssl");
lib.linkLibrary(openssl);
}
var use_openssl: ?u8 = null;
var use_ssl: ?u8 = null;

switch (ssl_option) {
.OpenSSL => {
use_ssl = 1;
use_openssl = 1;
if (b.lazyDependency("openssl", .{ .target = target, .optimize = optimize })) |openssl_dep| {
const openssl = openssl_dep.artifact("openssl");
lib.linkLibrary(openssl);
}
},
.LibreSSL => {
use_ssl = 1;
if (b.lazyDependency("libressl", .{ .target = target, .optimize = optimize })) |libressl_dep| {
const libressl = libressl_dep.artifact("ssl");
lib.linkLibrary(libressl);
}
},
.None => {},
}

pg_config.addValues(.{
.USE_OPENSSL = use_ssl,
.OPENSSL_API_COMPAT = .@"0x10001000L",
.HAVE_LIBCRYPTO = use_ssl,
.HAVE_LIBSSL = use_ssl,
.HAVE_OPENSSL_INIT_SSL = use_ssl,
.HAVE_SSL_CTX_SET_CERT_CB = use_openssl,
.HAVE_SSL_CTX_SET_NUM_TICKETS = use_ssl,
.HAVE_X509_GET_SIGNATURE_INFO = use_openssl,
.HAVE_X509_GET_SIGNATURE_NID = use_ssl,
.HAVE_BIO_METH_NEW = use_ssl,
.HAVE_HMAC_CTX_FREE = use_ssl,
.HAVE_HMAC_CTX_NEW = use_ssl,
.HAVE_ASN1_STRING_GET0_DATA = use_ssl,
});

if (ssl_option != .None) {
lib.addCSourceFiles(.{
.root = upstream.path(libpq_path),
.files = &.{
Expand Down Expand Up @@ -105,22 +141,6 @@ pub fn build(b: *std.Build) !void {
.flags = &CFLAGS,
});
}
const usessl: ?u8 = if (disable_ssl) null else 1;
pg_config.addValues(.{
.USE_OPENSSL = usessl,
.OPENSSL_API_COMPAT = .@"0x10001000L",
.HAVE_LIBCRYPTO = usessl,
.HAVE_LIBSSL = usessl,
.HAVE_OPENSSL_INIT_SSL = usessl,
.HAVE_SSL_CTX_SET_CERT_CB = null,
.HAVE_SSL_CTX_SET_NUM_TICKETS = usessl,
.HAVE_X509_GET_SIGNATURE_INFO = null,
.HAVE_X509_GET_SIGNATURE_NID = usessl,
.HAVE_BIO_METH_NEW = usessl,
.HAVE_HMAC_CTX_FREE = usessl,
.HAVE_HMAC_CTX_NEW = usessl,
.HAVE_ASN1_STRING_GET0_DATA = usessl,
});

if (!disable_zlib) {
if (b.lazyDependency("zlib", .{ .target = target, .optimize = optimize })) |zlib_dep| {
Expand Down
6 changes: 3 additions & 3 deletions build.zig.zon
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,8 @@
.lazy = true,
},
.libressl = .{
.url = "git+https://github.com/allyourcodebase/libressl?ref=3.9.2#a373b82991947b694196ee630bd6a648d71e2b3f",
.hash = "1220b1536d43ed8ce79ee05c53929f90b67dd299e61dfa249fa8f476f17eee46a95f",
.url = "git+https://github.com/allyourcodebase/libressl?ref=3.9.2+1#02abfefee4e4eda28ce53c637b3c0d204ace8a6d",
.hash = "12201f5cc06c88f191696106723797449baacb6ea38b07b6cf31c18c0382a6bea33e",
.lazy = true,
},
.zlib = .{
Expand All @@ -22,7 +22,7 @@
.lazy = true,
},
.zstd = .{
.url = "git+https://github.com/allyourcodebase/zstd.git?ref=1.5.6-1#3247ffbcbc31f014027a5776a25c4261054e9fe9",
.url = "git+https://github.com/allyourcodebase/zstd?ref=1.5.6-1#3247ffbcbc31f014027a5776a25c4261054e9fe9",
.hash = "12200dbfe91946451bab186f584edbec9f9f7fdbcf818ad984b7182fea655b3c10e3",
.lazy = true,
},
Expand Down

0 comments on commit bcda3b2

Please sign in to comment.