From feabef52fa51f92a4d7ef43c304c5c8c3eea78d9 Mon Sep 17 00:00:00 2001 From: Felix Schlegel Date: Tue, 3 Oct 2023 18:12:56 +0200 Subject: [PATCH 1/3] Ship with BoringSSL Motivation: No need to install `libressl` on machine to build project. Modifications: * add dependency to `swift-nio-ssl` to obtain copy of `BoringSSL` * create bridging headers allowing `librdkafka` to build with `BoringSSL` copy from `swift-nio-ssl` Additional Changes: * use `swift-service-lifecycle` version `2.1.0` instead of `beta` --- Package.swift | 14 ++++---------- Sources/COpenSSL/module.modulemap | 0 Sources/Crdkafka/custom/include/openssl/err.h | 15 +++++++++++++++ Sources/Crdkafka/custom/include/openssl/evp.h | 15 +++++++++++++++ Sources/Crdkafka/custom/include/openssl/hmac.h | 15 +++++++++++++++ Sources/Crdkafka/custom/include/openssl/pkcs12.h | 15 +++++++++++++++ Sources/Crdkafka/custom/include/openssl/sha.h | 15 +++++++++++++++ Sources/Crdkafka/custom/include/openssl/ssl.h | 15 +++++++++++++++ Sources/Crdkafka/custom/include/openssl/x509.h | 15 +++++++++++++++ .../Crdkafka/custom/include/openssl/x509_vfy.h | 15 +++++++++++++++ docker/Dockerfile | 1 - 11 files changed, 124 insertions(+), 11 deletions(-) delete mode 100644 Sources/COpenSSL/module.modulemap create mode 100644 Sources/Crdkafka/custom/include/openssl/err.h create mode 100644 Sources/Crdkafka/custom/include/openssl/evp.h create mode 100644 Sources/Crdkafka/custom/include/openssl/hmac.h create mode 100644 Sources/Crdkafka/custom/include/openssl/pkcs12.h create mode 100644 Sources/Crdkafka/custom/include/openssl/sha.h create mode 100644 Sources/Crdkafka/custom/include/openssl/ssl.h create mode 100644 Sources/Crdkafka/custom/include/openssl/x509.h create mode 100644 Sources/Crdkafka/custom/include/openssl/x509_vfy.h diff --git a/Package.swift b/Package.swift index 2a1d99e8..6078d0db 100644 --- a/Package.swift +++ b/Package.swift @@ -46,7 +46,8 @@ let package = Package( ], dependencies: [ .package(url: "https://github.com/apple/swift-nio.git", from: "2.55.0"), - .package(url: "https://github.com/swift-server/swift-service-lifecycle.git", from: "2.0.0-beta.1"), + .package(url: "https://github.com/apple/swift-nio-ssl", .upToNextMajor(from: "2.25.0")), + .package(url: "https://github.com/swift-server/swift-service-lifecycle.git", from: "2.1.0"), .package(url: "https://github.com/apple/swift-log.git", from: "1.0.0"), // The zstd Swift package produces warnings that we cannot resolve: // https://github.com/facebook/zstd/issues/3328 @@ -56,7 +57,7 @@ let package = Package( .target( name: "Crdkafka", dependencies: [ - "COpenSSL", + .product(name: "NIOSSL", package: "swift-nio-ssl"), .product(name: "libzstd", package: "zstd"), ], exclude: rdkafkaExclude, @@ -65,6 +66,7 @@ let package = Package( cSettings: [ // dummy folder, because config.h is included as "../config.h" in librdkafka .headerSearchPath("./custom/config/dummy"), + .headerSearchPath("./custom/include"), .headerSearchPath("./librdkafka/src"), ], linkerSettings: [ @@ -88,14 +90,6 @@ let package = Package( "Kafka", ] ), - .systemLibrary( - name: "COpenSSL", - pkgConfig: "openssl", - providers: [ - .brew(["libressl"]), - .apt(["libssl-dev"]), - ] - ), .testTarget( name: "KafkaTests", dependencies: ["Kafka"] diff --git a/Sources/COpenSSL/module.modulemap b/Sources/COpenSSL/module.modulemap deleted file mode 100644 index e69de29b..00000000 diff --git a/Sources/Crdkafka/custom/include/openssl/err.h b/Sources/Crdkafka/custom/include/openssl/err.h new file mode 100644 index 00000000..61a232a5 --- /dev/null +++ b/Sources/Crdkafka/custom/include/openssl/err.h @@ -0,0 +1,15 @@ +//===----------------------------------------------------------------------===// +// +// This source file is part of the swift-kafka-client open source project +// +// Copyright (c) 2023 Apple Inc. and the swift-kafka-client project authors +// Licensed under Apache License v2.0 +// +// See LICENSE.txt for license information +// See CONTRIBUTORS.txt for the list of swift-kafka-client project authors +// +// SPDX-License-Identifier: Apache-2.0 +// +//===----------------------------------------------------------------------===// + +#include "CNIOBoringSSL_err.h" diff --git a/Sources/Crdkafka/custom/include/openssl/evp.h b/Sources/Crdkafka/custom/include/openssl/evp.h new file mode 100644 index 00000000..54218188 --- /dev/null +++ b/Sources/Crdkafka/custom/include/openssl/evp.h @@ -0,0 +1,15 @@ +//===----------------------------------------------------------------------===// +// +// This source file is part of the swift-kafka-client open source project +// +// Copyright (c) 2023 Apple Inc. and the swift-kafka-client project authors +// Licensed under Apache License v2.0 +// +// See LICENSE.txt for license information +// See CONTRIBUTORS.txt for the list of swift-kafka-client project authors +// +// SPDX-License-Identifier: Apache-2.0 +// +//===----------------------------------------------------------------------===// + +#include "CNIOBoringSSL_evp.h" diff --git a/Sources/Crdkafka/custom/include/openssl/hmac.h b/Sources/Crdkafka/custom/include/openssl/hmac.h new file mode 100644 index 00000000..60a44389 --- /dev/null +++ b/Sources/Crdkafka/custom/include/openssl/hmac.h @@ -0,0 +1,15 @@ +//===----------------------------------------------------------------------===// +// +// This source file is part of the swift-kafka-client open source project +// +// Copyright (c) 2023 Apple Inc. and the swift-kafka-client project authors +// Licensed under Apache License v2.0 +// +// See LICENSE.txt for license information +// See CONTRIBUTORS.txt for the list of swift-kafka-client project authors +// +// SPDX-License-Identifier: Apache-2.0 +// +//===----------------------------------------------------------------------===// + +#include "CNIOBoringSSL_hmac.h" diff --git a/Sources/Crdkafka/custom/include/openssl/pkcs12.h b/Sources/Crdkafka/custom/include/openssl/pkcs12.h new file mode 100644 index 00000000..5d13efe2 --- /dev/null +++ b/Sources/Crdkafka/custom/include/openssl/pkcs12.h @@ -0,0 +1,15 @@ +//===----------------------------------------------------------------------===// +// +// This source file is part of the swift-kafka-client open source project +// +// Copyright (c) 2023 Apple Inc. and the swift-kafka-client project authors +// Licensed under Apache License v2.0 +// +// See LICENSE.txt for license information +// See CONTRIBUTORS.txt for the list of swift-kafka-client project authors +// +// SPDX-License-Identifier: Apache-2.0 +// +//===----------------------------------------------------------------------===// + +#include "CNIOBoringSSL_pkcs12.h" diff --git a/Sources/Crdkafka/custom/include/openssl/sha.h b/Sources/Crdkafka/custom/include/openssl/sha.h new file mode 100644 index 00000000..e58bcc98 --- /dev/null +++ b/Sources/Crdkafka/custom/include/openssl/sha.h @@ -0,0 +1,15 @@ +//===----------------------------------------------------------------------===// +// +// This source file is part of the swift-kafka-client open source project +// +// Copyright (c) 2023 Apple Inc. and the swift-kafka-client project authors +// Licensed under Apache License v2.0 +// +// See LICENSE.txt for license information +// See CONTRIBUTORS.txt for the list of swift-kafka-client project authors +// +// SPDX-License-Identifier: Apache-2.0 +// +//===----------------------------------------------------------------------===// + +#include "CNIOBoringSSL_sha.h" diff --git a/Sources/Crdkafka/custom/include/openssl/ssl.h b/Sources/Crdkafka/custom/include/openssl/ssl.h new file mode 100644 index 00000000..634d88d4 --- /dev/null +++ b/Sources/Crdkafka/custom/include/openssl/ssl.h @@ -0,0 +1,15 @@ +//===----------------------------------------------------------------------===// +// +// This source file is part of the swift-kafka-client open source project +// +// Copyright (c) 2023 Apple Inc. and the swift-kafka-client project authors +// Licensed under Apache License v2.0 +// +// See LICENSE.txt for license information +// See CONTRIBUTORS.txt for the list of swift-kafka-client project authors +// +// SPDX-License-Identifier: Apache-2.0 +// +//===----------------------------------------------------------------------===// + +#include "CNIOBoringSSL_ssl.h" diff --git a/Sources/Crdkafka/custom/include/openssl/x509.h b/Sources/Crdkafka/custom/include/openssl/x509.h new file mode 100644 index 00000000..3db443e9 --- /dev/null +++ b/Sources/Crdkafka/custom/include/openssl/x509.h @@ -0,0 +1,15 @@ +//===----------------------------------------------------------------------===// +// +// This source file is part of the swift-kafka-client open source project +// +// Copyright (c) 2023 Apple Inc. and the swift-kafka-client project authors +// Licensed under Apache License v2.0 +// +// See LICENSE.txt for license information +// See CONTRIBUTORS.txt for the list of swift-kafka-client project authors +// +// SPDX-License-Identifier: Apache-2.0 +// +//===----------------------------------------------------------------------===// + +#include "CNIOBoringSSL_x509.h" diff --git a/Sources/Crdkafka/custom/include/openssl/x509_vfy.h b/Sources/Crdkafka/custom/include/openssl/x509_vfy.h new file mode 100644 index 00000000..aba8dcb1 --- /dev/null +++ b/Sources/Crdkafka/custom/include/openssl/x509_vfy.h @@ -0,0 +1,15 @@ +//===----------------------------------------------------------------------===// +// +// This source file is part of the swift-kafka-client open source project +// +// Copyright (c) 2023 Apple Inc. and the swift-kafka-client project authors +// Licensed under Apache License v2.0 +// +// See LICENSE.txt for license information +// See CONTRIBUTORS.txt for the list of swift-kafka-client project authors +// +// SPDX-License-Identifier: Apache-2.0 +// +//===----------------------------------------------------------------------===// + +#include "CNIOBoringSSL_x509_vfy.h" diff --git a/docker/Dockerfile b/docker/Dockerfile index f1d19afd..31ae9a21 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -15,7 +15,6 @@ ENV LANGUAGE en_US.UTF-8 # Dependencies RUN apt-get update RUN apt-get install libsasl2-dev -y -RUN apt-get install libssl-dev -y # tools RUN mkdir -p $HOME/.tools From d9f66e38f8e90d605960bd0928f7d5f58c524799 Mon Sep 17 00:00:00 2001 From: Felix Schlegel Date: Thu, 5 Oct 2023 01:04:42 +0200 Subject: [PATCH 2/3] Use _GNU_SOURCE macro to build Crdkafka Modifications: * add `_GNU_SOURCE` macro to `Crdkafka` target to fix build error "error: '(anonymous struct)::__fds_bits' from module 'CNIOBoringSSL' is not present in definition of 'fd_set' provided earlier" for Swift 5.9 onwards --- Package.swift | 1 + 1 file changed, 1 insertion(+) diff --git a/Package.swift b/Package.swift index 6078d0db..53cf60dc 100644 --- a/Package.swift +++ b/Package.swift @@ -68,6 +68,7 @@ let package = Package( .headerSearchPath("./custom/config/dummy"), .headerSearchPath("./custom/include"), .headerSearchPath("./librdkafka/src"), + .define("_GNU_SOURCE", to: "1"), // Fix build error for Swift 5.9 onwards ], linkerSettings: [ .linkedLibrary("curl"), From f074c2a7e6ebb69d8660269bc7d54968d425f460 Mon Sep 17 00:00:00 2001 From: Felix Schlegel Date: Thu, 5 Oct 2023 01:06:54 +0200 Subject: [PATCH 3/3] Update Package.swift Co-authored-by: Franz Busch --- Package.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Package.swift b/Package.swift index 53cf60dc..8d463327 100644 --- a/Package.swift +++ b/Package.swift @@ -46,7 +46,7 @@ let package = Package( ], dependencies: [ .package(url: "https://github.com/apple/swift-nio.git", from: "2.55.0"), - .package(url: "https://github.com/apple/swift-nio-ssl", .upToNextMajor(from: "2.25.0")), + .package(url: "https://github.com/apple/swift-nio-ssl", from: "2.25.0"), .package(url: "https://github.com/swift-server/swift-service-lifecycle.git", from: "2.1.0"), .package(url: "https://github.com/apple/swift-log.git", from: "1.0.0"), // The zstd Swift package produces warnings that we cannot resolve: