From 09d01eefb5f34e8d7ca05e814c4ccd1f94963104 Mon Sep 17 00:00:00 2001 From: Rodolphe Breard Date: Mon, 29 Jun 2020 20:29:34 +0200 Subject: [PATCH] Remove openssl calls from the acmed crate The TLS library is encapsulated by acme_common. --- acme_common/Cargo.toml | 1 + acme_common/build.rs | 72 +++++++++++++++++++++++++++++++++++++++ acme_common/src/crypto.rs | 2 ++ acmed/Cargo.toml | 7 ++-- acmed/build.rs | 59 -------------------------------- acmed/src/main.rs | 6 ++-- 6 files changed, 81 insertions(+), 66 deletions(-) create mode 100644 acme_common/build.rs diff --git a/acme_common/Cargo.toml b/acme_common/Cargo.toml index 4d9fcbb..9035b1f 100644 --- a/acme_common/Cargo.toml +++ b/acme_common/Cargo.toml @@ -21,6 +21,7 @@ handlebars = "3.0" log = "0.4" native-tls = "0.2" openssl = "0.10" +openssl-sys = "0.9" punycode = "0.4" serde_json = "1.0" syslog = "5.0" diff --git a/acme_common/build.rs b/acme_common/build.rs new file mode 100644 index 0000000..b9b5f8d --- /dev/null +++ b/acme_common/build.rs @@ -0,0 +1,72 @@ +use std::env; +use std::fs::File; +use std::io::prelude::*; +use std::io::BufReader; +use std::path::PathBuf; + +macro_rules! set_rustc_env_var { + ($name: expr, $value: expr) => {{ + println!("cargo:rustc-env={}={}", $name, $value); + }}; +} + +fn get_openssl_version_unit(n: u64, pos: u32) -> u64 { + let p = 0x000f_f000_0000 >> (8 * pos); + let n = n & p; + n >> (8 * (3 - pos) + 4) +} + +fn get_openssl_version(v: &str) -> String { + let v = u64::from_str_radix(&v, 16).unwrap(); + let mut version = vec![]; + for i in 0..3 { + let n = get_openssl_version_unit(v, i); + version.push(format!("{}", n)); + } + let version = version.join("."); + let p = get_openssl_version_unit(v, 3); + if p != 0 { + let p = p + 0x60; + let p = std::char::from_u32(p as u32).unwrap(); + format!("{}{}", version, p) + } else { + version + } +} + +fn get_lib_version(lib: &str) -> Option { + let pat = format!("\"checksum {} ", lib); + let mut lock_file = PathBuf::from(env::var("CARGO_MANIFEST_DIR").unwrap()); + lock_file.push("../Cargo.lock"); + let file = File::open(lock_file).unwrap(); + for line in BufReader::new(file).lines() { + let line = line.unwrap(); + if line.starts_with(&pat) { + let v: Vec<&str> = line.split(' ').collect(); + return Some(String::from(v[2])); + } + } + None +} + +fn set_tls() { + if let Ok(v) = env::var("DEP_OPENSSL_VERSION_NUMBER") { + let version = get_openssl_version(&v); + set_rustc_env_var!("ACMED_TLS_LIB_VERSION", version); + set_rustc_env_var!("ACMED_TLS_LIB_NAME", "OpenSSL"); + } + if let Ok(v) = env::var("DEP_OPENSSL_LIBRESSL_VERSION_NUMBER") { + let version = get_openssl_version(&v); + set_rustc_env_var!("ACMED_TLS_LIB_VERSION", version); + set_rustc_env_var!("ACMED_TLS_LIB_NAME", "LibreSSL"); + } + if env::var("CARGO_FEATURE_STANDALONE").is_ok() { + let version = get_lib_version("ring").unwrap(); + set_rustc_env_var!("ACMED_TLS_LIB_VERSION", version); + set_rustc_env_var!("ACMED_TLS_LIB_NAME", "ring"); + } +} + +fn main() { + set_tls(); +} diff --git a/acme_common/src/crypto.rs b/acme_common/src/crypto.rs index 6abc4f0..e9897a0 100644 --- a/acme_common/src/crypto.rs +++ b/acme_common/src/crypto.rs @@ -4,6 +4,8 @@ mod openssl_hash; mod openssl_keys; pub const DEFAULT_ALGO: &str = "rsa2048"; +pub const TLS_LIB_NAME: &str = env!("ACMED_TLS_LIB_NAME"); +pub const TLS_LIB_VERSION: &str = env!("ACMED_TLS_LIB_VERSION"); pub use key_type::KeyType; pub use openssl_certificate::{Csr, X509Certificate}; diff --git a/acmed/Cargo.toml b/acmed/Cargo.toml index 04446a2..d1017bc 100644 --- a/acmed/Cargo.toml +++ b/acmed/Cargo.toml @@ -19,14 +19,13 @@ clap = "2.32" handlebars = "3.0" log = "0.4" nom = "5.0" -openssl-sys = "0.9" serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" toml = "0.5" +[target.'cfg(unix)'.dependencies] +nix = "0.17" + [build-dependencies] serde = { version = "1.0", features = ["derive"] } toml = "0.5" - -[target.'cfg(unix)'.dependencies] -nix = "0.17" diff --git a/acmed/build.rs b/acmed/build.rs index 9a2715a..fa66262 100644 --- a/acmed/build.rs +++ b/acmed/build.rs @@ -5,7 +5,6 @@ use serde::Deserialize; use std::env; use std::fs::File; use std::io::prelude::*; -use std::io::BufReader; use std::path::PathBuf; macro_rules! set_rustc_env_var { @@ -68,63 +67,6 @@ fn set_lock() { } } -fn get_openssl_version_unit(n: u64, pos: u32) -> u64 { - let p = 0x000f_f000_0000 >> (8 * pos); - let n = n & p; - n >> (8 * (3 - pos) + 4) -} - -fn get_openssl_version(v: &str) -> String { - let v = u64::from_str_radix(&v, 16).unwrap(); - let mut version = vec![]; - for i in 0..3 { - let n = get_openssl_version_unit(v, i); - version.push(format!("{}", n)); - } - let version = version.join("."); - let p = get_openssl_version_unit(v, 3); - if p != 0 { - let p = p + 0x60; - let p = std::char::from_u32(p as u32).unwrap(); - format!("{}{}", version, p) - } else { - version - } -} - -fn get_lib_version(lib: &str) -> Option { - let pat = format!("\"checksum {} ", lib); - let mut lock_file = PathBuf::from(env::var("CARGO_MANIFEST_DIR").unwrap()); - lock_file.push("../Cargo.lock"); - let file = File::open(lock_file).unwrap(); - for line in BufReader::new(file).lines() { - let line = line.unwrap(); - if line.starts_with(&pat) { - let v: Vec<&str> = line.split(' ').collect(); - return Some(String::from(v[2])); - } - } - None -} - -fn set_tls() { - if let Ok(v) = env::var("DEP_OPENSSL_VERSION_NUMBER") { - let version = get_openssl_version(&v); - set_rustc_env_var!("ACMED_TLS_LIB_VERSION", version); - set_rustc_env_var!("ACMED_TLS_LIB_NAME", "OpenSSL"); - } - if let Ok(v) = env::var("DEP_OPENSSL_LIBRESSL_VERSION_NUMBER") { - let version = get_openssl_version(&v); - set_rustc_env_var!("ACMED_TLS_LIB_VERSION", version); - set_rustc_env_var!("ACMED_TLS_LIB_NAME", "LibreSSL"); - } - if env::var("CARGO_FEATURE_STANDALONE").is_ok() { - let version = get_lib_version("ring").unwrap(); - set_rustc_env_var!("ACMED_TLS_LIB_VERSION", version); - set_rustc_env_var!("ACMED_TLS_LIB_NAME", "ring"); - } -} - fn set_target() { if let Ok(target) = env::var("TARGET") { set_rustc_env_var!("ACMED_TARGET", target); @@ -133,6 +75,5 @@ fn set_target() { fn main() { set_target(); - set_tls(); set_lock(); } diff --git a/acmed/src/main.rs b/acmed/src/main.rs index fe930c7..8ac8ab5 100644 --- a/acmed/src/main.rs +++ b/acmed/src/main.rs @@ -1,5 +1,5 @@ use crate::main_event_loop::MainEventLoop; -use acme_common::{clean_pid_file, init_server}; +use acme_common::{clean_pid_file, crypto, init_server}; use clap::{App, Arg}; use log::error; @@ -40,8 +40,8 @@ fn main() { "{} {}\n\nCompiled with:\n {} {}\n {} {}", APP_VERSION, env!("ACMED_TARGET"), - env!("ACMED_TLS_LIB_NAME"), - env!("ACMED_TLS_LIB_VERSION"), + crypto::TLS_LIB_NAME, + crypto::TLS_LIB_VERSION, env!("ACMED_HTTP_LIB_NAME"), env!("ACMED_HTTP_LIB_VERSION") );