Skip to content

Commit 3a4ae06

Browse files
skmcgrailskmcgrail
committed
Distribution Packaging Improvements
1 parent 7b2a86c commit 3a4ae06

File tree

10 files changed

+504
-65
lines changed

10 files changed

+504
-65
lines changed

.github/workflows/linux_x86_omnibus.yml

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -112,6 +112,24 @@ jobs:
112112
source /opt/compiler-env/setup-clang-9.sh
113113
./tests/ci/run_install_shared_and_static.sh
114114
115+
dist_pkg_tests:
116+
runs-on:
117+
- codebuild-aws-lc-ci-github-actions-${{ github.run_id }}-${{ github.run_attempt }}
118+
image:linux-5.0
119+
instance-size:small
120+
steps:
121+
- uses: actions/checkout@v5
122+
- name: Login to Amazon ECR
123+
id: login-ecr
124+
uses: aws-actions/amazon-ecr-login@v2
125+
- uses: ./.github/actions/codebuild-docker-run
126+
name: Run Container
127+
with:
128+
image: ${{ steps.login-ecr.outputs.registry }}/aws-lc/ubuntu:20.04
129+
run: |
130+
source /opt/compiler-env/setup-clang-9.sh
131+
./tests/ci/run_dist_pkg_tests.sh
132+
115133
# Build and test aws-lc without Perl/Go.
116134
minimal_tests:
117135
name: minimal-${{ matrix.image }}-${{ matrix.compiler }}-x86_64

CMakeLists.txt

Lines changed: 92 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -97,20 +97,39 @@ option(ENABLE_PRE_SONAME_BUILD "Build AWS-LC without SONAME configuration for sh
9797
option(ENABLE_SOURCE_MODIFICATION "Allow the build to update files in the source directory. This is typically done to update versioning." ON)
9898
option(DISABLE_CPU_JITTER_ENTROPY "Disable usage of CPU Jitter Entropy as an entropy source. This option cannot be used with the FIPS build. With this configuration, randomness generation might not use two independent entropy sources." OFF)
9999
option(GENERATE_RUST_BINDINGS "Generate Rust bindings using bindgen-cli" OFF)
100+
option(ENABLE_DIST_PKG "Enables a set of packaging that take highest presedence to any other packaging configuration i.e. ENABLE_PRE_SONAME_BUILD" OFF)
101+
option(ENABLE_DIST_PKG_OPENSSL_SHIM "Controls whether the OpenSSL shim componenets are installed when ENABLE_DIST_PKG is enabled" OFF)
102+
100103
set(RUST_BINDINGS_TARGET_VERSION "1.70" CACHE STRING "Minimum Rust version for generated bindings")
101104

102105
include(cmake/go.cmake)
103106

104-
if(NOT ENABLE_PRE_SONAME_BUILD AND BUILD_SHARED_LIBS AND UNIX AND NOT APPLE)
105-
set(PERFORM_SONAME_BUILD 1)
107+
if(ENABLE_DIST_PKG AND UNIX AND NOT APPLE)
108+
set(SET_LIB_SONAME 1)
109+
set(COHABITANT_HEADERS 1)
110+
if(ENABLE_DIST_PKG_OPENSSL_SHIM)
111+
set(INSTALL_OPENSSL_SHIM 1)
112+
else()
113+
set(INSTALL_OPENSSL_SHIM 0)
114+
endif()
115+
elseif(NOT ENABLE_PRE_SONAME_BUILD AND BUILD_SHARED_LIBS AND UNIX AND NOT APPLE)
116+
set(SET_LIB_SONAME 1)
117+
set(COHABITANT_HEADERS 0)
118+
set(INSTALL_OPENSSL_SHIM 1)
119+
else()
120+
set(SET_LIB_SONAME 0)
121+
set(COHABITANT_HEADERS 0)
122+
set(INSTALL_OPENSSL_SHIM 1)
123+
endif()
124+
125+
if(SET_LIB_SONAME)
106126
set(CRYPTO_LIB_NAME "${CRYPTO_LIB_NAME}-${SOFTWARE_NAME}")
107127
set(SSL_LIB_NAME "${SSL_LIB_NAME}-${SOFTWARE_NAME}")
108-
else()
109-
set(PERFORM_SONAME_BUILD 0)
110128
endif()
111129

112-
message(STATUS "ENABLE_PRE_SONAME_BUILD: ${ENABLE_PRE_SONAME_BUILD}")
113-
message(STATUS "PERFORM_SONAME_BUILD: ${PERFORM_SONAME_BUILD}")
130+
if(NOT ENABLE_PRE_SONAME_BUILD)
131+
message(WARNING "ENABLE_PRE_SONAME_BUILD option will be deprecated in a future release. Please see ENABLE_DIST_PKG and ENABLE_DIST_PKG_OPENSSL_SHIM")
132+
endif()
114133

115134
enable_language(C)
116135

@@ -168,8 +187,6 @@ else()
168187
message(STATUS "Entropy source configured: Dynamic (default: CPU Jitter)")
169188
endif()
170189

171-
172-
173190
if(${CMAKE_SYSTEM_NAME} STREQUAL "OpenBSD")
174191
# OpenBSD by defaults links with --execute-only this is problematic for two reasons:
175192
# 1. The FIPS shared and static builds need to compute the module signature hash by reading the .text section
@@ -262,8 +279,15 @@ elseif(NOT DEFINED CMAKE_INSTALL_LIBDIR)
262279
set(CMAKE_INSTALL_BINDIR "bin")
263280
endif()
264281

282+
# Set the install include directory based on whether a prefix subdirectory is desired
283+
if(COHABITANT_HEADERS)
284+
set(AWSLC_INSTALL_INCLUDEDIR "${CMAKE_INSTALL_INCLUDEDIR}/aws-lc")
285+
else()
286+
set(AWSLC_INSTALL_INCLUDEDIR "${CMAKE_INSTALL_INCLUDEDIR}")
287+
endif()
288+
265289
install(DIRECTORY include/openssl
266-
DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
290+
DESTINATION ${AWSLC_INSTALL_INCLUDEDIR}
267291
COMPONENT Development
268292
PATTERN boringssl_prefix_symbols.h EXCLUDE
269293
PATTERN boringssl_prefix_symbols_asm.h EXCLUDE
@@ -364,7 +388,7 @@ if(BORINGSSL_PREFIX AND BORINGSSL_PREFIX_SYMBOLS AND GO_EXECUTABLE)
364388
symbol_prefix_include/openssl/boringssl_prefix_symbols_nasm.inc)
365389

366390
install(DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include/openssl
367-
DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
391+
DESTINATION ${AWSLC_INSTALL_INCLUDEDIR}
368392
COMPONENT Development
369393
)
370394
elseif(BORINGSSL_PREFIX AND BORINGSSL_PREFIX_HEADERS)
@@ -384,7 +408,7 @@ elseif(BORINGSSL_PREFIX AND BORINGSSL_PREFIX_HEADERS)
384408
add_custom_target(boringssl_prefix_symbols)
385409

386410
install(DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include/openssl
387-
DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
411+
DESTINATION ${AWSLC_INSTALL_INCLUDEDIR}
388412
COMPONENT Development
389413
)
390414
elseif(BORINGSSL_PREFIX AND BORINGSSL_PREFIX_SYMBOLS AND NOT GO_EXECUTABLE)
@@ -398,7 +422,7 @@ else()
398422
add_custom_target(boringssl_prefix_symbols)
399423

400424
install(DIRECTORY include/openssl
401-
DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
425+
DESTINATION ${AWSLC_INSTALL_INCLUDEDIR}
402426
COMPONENT Development
403427
FILES_MATCHING
404428
PATTERN boringssl_prefix_symbols.h
@@ -1466,15 +1490,23 @@ endif()
14661490
file(GLOB OPENSSL_PKGCONFIGS "pkgconfig/*.pc.in")
14671491

14681492
include(cmake/JoinPaths.cmake)
1469-
join_paths(libdir_for_pc_file "\${prefix}" "${CMAKE_INSTALL_LIBDIR}")
1470-
join_paths(includedir_for_pc_file "\${prefix}" "${CMAKE_INSTALL_INCLUDEDIR}")
1471-
1472-
foreach(in_file ${OPENSSL_PKGCONFIGS})
1473-
file(RELATIVE_PATH in_file ${AWSLC_SOURCE_DIR} ${in_file})
1474-
string(REPLACE ".in" "" pc_file ${in_file})
1475-
configure_file(${in_file} ${CMAKE_CURRENT_BINARY_DIR}/${pc_file} @ONLY)
1476-
install(FILES ${CMAKE_CURRENT_BINARY_DIR}/${pc_file} DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig)
1477-
endforeach()
1493+
join_paths(LIBDIR_FOR_PC_FILE "\${prefix}" "${CMAKE_INSTALL_LIBDIR}")
1494+
join_paths(INCLUDEDIR_FOR_PC_FILE "\${prefix}" "${AWSLC_INSTALL_INCLUDEDIR}")
1495+
1496+
function(install_pkgconfig_file)
1497+
set(options "")
1498+
set(oneValueArgs TEMPLATE DEST)
1499+
set(multiValueArgs)
1500+
if(CMAKE_VERSION VERSION_LESS "3.7")
1501+
cmake_parse_arguments(arg "${options}" "${oneValueArgs}" "${multiValueArgs}" ${ARGN})
1502+
else()
1503+
cmake_parse_arguments(PARSE_ARGV 0 arg "${options}" "${oneValueArgs}" "${multiValueArgs}")
1504+
endif()
1505+
1506+
file(REAL_PATH ${arg_TEMPLATE} arg_TEMPLATE BASE_DIRECTORY ${AWSLC_SOURCE_DIR}/pkgconfig)
1507+
configure_file(${arg_TEMPLATE} ${CMAKE_CURRENT_BINARY_DIR}/pkgconfig/${arg_DEST} @ONLY)
1508+
install(FILES ${CMAKE_CURRENT_BINARY_DIR}/pkgconfig/${arg_DEST} DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig)
1509+
endfunction()
14781510

14791511
if(ENABLE_SOURCE_MODIFICATION)
14801512
configure_file(include/openssl/base.h.in ${AWSLC_SOURCE_DIR}/include/openssl/base.h @ONLY)
@@ -1483,3 +1515,42 @@ if(ENABLE_SOURCE_MODIFICATION)
14831515
configure_file(util/check-linkage.sh.in check-linkage.sh @ONLY)
14841516
endif()
14851517
endif()
1518+
1519+
install_pkgconfig_file(TEMPLATE product.pc.in DEST aws-lc.pc)
1520+
install_pkgconfig_file(TEMPLATE libcrypto.pc.in DEST lib${CRYPTO_LIB_NAME}.pc)
1521+
install_pkgconfig_file(TEMPLATE libssl.pc.in DEST lib${SSL_LIB_NAME}.pc)
1522+
1523+
if(INSTALL_OPENSSL_SHIM)
1524+
install_pkgconfig_file(TEMPLATE product.pc.in DEST openssl.pc)
1525+
1526+
# Create OpenSSL compatibility symlinks
1527+
if(BUILD_SHARED_LIBS)
1528+
if(SET_LIB_SONAME)
1529+
# When SONAME build is enabled, libraries have -awslc suffix
1530+
install(CODE "
1531+
execute_process(COMMAND \${CMAKE_COMMAND} -E create_symlink
1532+
lib${CRYPTO_LIB_NAME}.so \"\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}/libcrypto.so\")
1533+
execute_process(COMMAND \${CMAKE_COMMAND} -E create_symlink
1534+
lib${SSL_LIB_NAME}.so \"\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}/libssl.so\")
1535+
")
1536+
endif()
1537+
else()
1538+
if(SET_LIB_SONAME)
1539+
# When SONAME build is enabled, libraries have -awslc suffix
1540+
install(CODE "
1541+
execute_process(COMMAND \${CMAKE_COMMAND} -E create_symlink
1542+
lib${CRYPTO_LIB_NAME}.a \"\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}/libcrypto.a\")
1543+
execute_process(COMMAND \${CMAKE_COMMAND} -E create_symlink
1544+
lib${SSL_LIB_NAME}.a \"\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}/libssl.a\")
1545+
" COMPONENT Development)
1546+
endif()
1547+
endif()
1548+
1549+
if(COHABITANT_HEADERS)
1550+
# Always create the include directory symlink for OpenSSL compatibility
1551+
install(CODE "
1552+
execute_process(COMMAND \${CMAKE_COMMAND} -E create_symlink
1553+
aws-lc/openssl \"\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_INCLUDEDIR}/openssl\")
1554+
" COMPONENT Development)
1555+
endif()
1556+
endif()

crypto/CMakeLists.txt

Lines changed: 2 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -618,7 +618,7 @@ function(build_libcrypto)
618618
set_target_properties(${arg_NAME} PROPERTIES OUTPUT_NAME "${CRYPTO_LIB_NAME}")
619619
endif()
620620

621-
if(PERFORM_SONAME_BUILD)
621+
if(SET_LIB_SONAME)
622622
set_target_properties(${arg_NAME} PROPERTIES
623623
VERSION "${SOFTWARE_VERSION}"
624624
SOVERSION "${ABI_VERSION}")
@@ -923,7 +923,7 @@ install(TARGETS crypto
923923
ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
924924
LIBRARY
925925
DESTINATION ${CMAKE_INSTALL_LIBDIR}
926-
NAMELINK_SKIP)
926+
NAMELINK_COMPONENT Development)
927927

928928
if(MSVC AND CMAKE_BUILD_TYPE_LOWER MATCHES "relwithdebinfo" AND FIPS)
929929
install (FILES $<TARGET_FILE_DIR:crypto>/crypto.pdb DESTINATION ${CMAKE_INSTALL_LIBDIR})
@@ -947,13 +947,3 @@ install(EXPORT crypto-targets
947947
DESTINATION "${CMAKE_INSTALL_LIBDIR}/crypto/cmake/${TARGET_DIR}"
948948
NAMESPACE AWS::
949949
COMPONENT Development)
950-
951-
if(PERFORM_SONAME_BUILD)
952-
install(CODE "
953-
set(TGT lib${CRYPTO_LIB_NAME}.so.${ABI_VERSION})
954-
set(LNK \$ENV{DESTDIR}${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}/libcrypto.so)
955-
message(STATUS \"Creating symlink: \${LNK} → \${TGT}\")
956-
execute_process(COMMAND ${CMAKE_COMMAND} -E create_symlink \${TGT} \${LNK})
957-
"
958-
COMPONENT Development)
959-
endif()

pkgconfig/libcrypto.pc.in

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,9 @@
11
prefix=@CMAKE_INSTALL_PREFIX@
2-
libdir=@libdir_for_pc_file@
3-
includedir=@includedir_for_pc_file@
2+
libdir=@LIBDIR_FOR_PC_FILE@
3+
includedir=@INCLUDEDIR_FOR_PC_FILE@
44

5-
Name: AWS-LC-libcrypto
6-
Description: AWS-LC cryptography library
5+
Name: lib@CRYPTO_LIB_NAME@
6+
Description: AWS-LC Cryptographic Library (@SOFTWARE_VERSION@)
77
Version: @REPORTED_PKGCONFIG_VERSION@
8-
Libs: -L${libdir} -lcrypto
8+
Libs: -L${libdir} -l@CRYPTO_LIB_NAME@
99
Cflags: -I${includedir}

pkgconfig/libssl.pc.in

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
11
prefix=@CMAKE_INSTALL_PREFIX@
2-
libdir=@libdir_for_pc_file@
3-
includedir=@includedir_for_pc_file@
2+
libdir=@LIBDIR_FOR_PC_FILE@
3+
includedir=@INCLUDEDIR_FOR_PC_FILE@
44

5-
Name: AWS-LC-libssl
6-
Description: AWS-LC (OpenSSL SHIM)
5+
Name: lib@SSL_LIB_NAME@
6+
Description: AWS-LC TLS Library (@SOFTWARE_VERSION@)
77
Version: @REPORTED_PKGCONFIG_VERSION@
8-
Requires.private: libcrypto
9-
Libs: -L${libdir} -lssl
8+
Requires.private: lib@CRYPTO_LIB_NAME@
9+
Libs: -L${libdir} -l@SSL_LIB_NAME@
1010
Cflags: -I${includedir}

pkgconfig/openssl.pc.in

Lines changed: 0 additions & 8 deletions
This file was deleted.

pkgconfig/product.pc.in

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
prefix=@CMAKE_INSTALL_PREFIX@
2+
libdir=@LIBDIR_FOR_PC_FILE@
3+
includedir=@INCLUDEDIR_FOR_PC_FILE@
4+
5+
Name: AWS-LC
6+
Description: AWS-LC (@SOFTWARE_VERSION@)
7+
Version: @REPORTED_PKGCONFIG_VERSION@
8+
Requires: lib@CRYPTO_LIB_NAME@ lib@SSL_LIB_NAME@

ssl/CMakeLists.txt

Lines changed: 2 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ target_add_awslc_include_paths(TARGET ssl SCOPE PUBLIC)
5252
set_target_properties(ssl PROPERTIES
5353
OUTPUT_NAME "${SSL_LIB_NAME}")
5454

55-
if(PERFORM_SONAME_BUILD)
55+
if(SET_LIB_SONAME)
5656
set_target_properties(ssl PROPERTIES
5757
VERSION "${SOFTWARE_VERSION}"
5858
SOVERSION "${ABI_VERSION}")
@@ -117,7 +117,7 @@ install(TARGETS ssl
117117
ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
118118
LIBRARY
119119
DESTINATION ${CMAKE_INSTALL_LIBDIR}
120-
NAMELINK_SKIP
120+
NAMELINK_COMPONENT Development
121121
)
122122

123123
if(MSVC AND CMAKE_BUILD_TYPE_LOWER MATCHES "relwithdebinfo" AND FIPS)
@@ -142,13 +142,3 @@ install(EXPORT ssl-targets
142142
DESTINATION "${CMAKE_INSTALL_LIBDIR}/ssl/cmake/${TARGET_DIR}"
143143
NAMESPACE AWS::
144144
COMPONENT Development)
145-
146-
if(PERFORM_SONAME_BUILD)
147-
install(CODE "
148-
set(TGT lib${SSL_LIB_NAME}.so.${ABI_VERSION})
149-
set(LNK \$ENV{DESTDIR}${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}/libssl.so)
150-
message(STATUS \"Creating symlink: \${LNK} → \${TGT}\")
151-
execute_process(COMMAND ${CMAKE_COMMAND} -E create_symlink \${TGT} \${LNK})
152-
"
153-
COMPONENT Development)
154-
endif()

0 commit comments

Comments
 (0)