s2n-quic
s2n-quic copied to clipboard
aws
Build issues on macOS
Problem:
Using s2n-quic as a dependency in a project/crate on macOS doesn't build successfully by default. Unclear what's needed to get it to build with the default s2n-tls provider. Building s2n-quic on it's own from a clone builds fine though.
error: failed to run custom build command for `s2n-tls-sys v0.0.8`
Caused by:
process didn't exit successfully: `/Users/jerome/AstroProjects/Experiments/cryptotest/target/debug/build/s2n-tls-sys-a3e92bdd97e4c1c6/build-script-build` (exit status: 101)
--- stdout
CMAKE_TOOLCHAIN_FILE_aarch64-apple-darwin = None
CMAKE_TOOLCHAIN_FILE_aarch64_apple_darwin = None
HOST_CMAKE_TOOLCHAIN_FILE = None
CMAKE_TOOLCHAIN_FILE = None
CMAKE_GENERATOR_aarch64-apple-darwin = None
CMAKE_GENERATOR_aarch64_apple_darwin = None
HOST_CMAKE_GENERATOR = None
CMAKE_GENERATOR = None
CMAKE_PREFIX_PATH_aarch64-apple-darwin = None
CMAKE_PREFIX_PATH_aarch64_apple_darwin = None
HOST_CMAKE_PREFIX_PATH = None
CMAKE_PREFIX_PATH = None
CMAKE_aarch64-apple-darwin = None
CMAKE_aarch64_apple_darwin = None
HOST_CMAKE = None
CMAKE = None
running: "cmake" "/Users/jerome/.cargo/registry/src/github.com-1ecc6299db9ec823/s2n-tls-sys-0.0.8/lib" "-DCMAKE_INSTALL_PREFIX=/Users/jerome/AstroProjects/Experiments/cryptotest/target/debug/build/s2n-tls-sys-bd9766d5bca2f190/out" "-DCMAKE_C_FLAGS= -ffunction-sections -fdata-sections -fPIC -arch arm64" "-DCMAKE_C_COMPILER=/usr/bin/cc" "-DCMAKE_CXX_FLAGS= -ffunction-sections -fdata-sections -fPIC -arch arm64" "-DCMAKE_CXX_COMPILER=/usr/bin/c++" "-DCMAKE_ASM_FLAGS= -ffunction-sections -fdata-sections -fPIC -arch arm64" "-DCMAKE_ASM_COMPILER=/usr/bin/cc" "-DCMAKE_BUILD_TYPE=Debug" "-DBUILD_TESTING=off"
-- Detected CMAKE_SYSTEM_PROCESSOR as arm64
-- Detected 64-Bit system
-- madvise() support detected
-- minherit() support detected
-- Configuring incomplete, errors occurred!
See also "/Users/jerome/AstroProjects/Experiments/cryptotest/target/debug/build/s2n-tls-sys-bd9766d5bca2f190/out/build/CMakeFiles/CMakeOutput.log".
See also "/Users/jerome/AstroProjects/Experiments/cryptotest/target/debug/build/s2n-tls-sys-bd9766d5bca2f190/out/build/CMakeFiles/CMakeError.log".
--- stderr
cargo:rerun-if-env-changed=S2N_TLS_DIR
cargo:rerun-if-env-changed=S2N_TLS_LIB_DIR
cargo:rerun-if-env-changed=S2N_TLS_INCLUDE_DIR
cargo:rerun-if-env-changed=CARGO_FEATURE_CMAKE
cargo:rerun-if-env-changed=CARGO_FEATURE_PQ
CMake Error at /opt/homebrew/Cellar/cmake/3.22.3/share/cmake/Modules/FindPackageHandleStandardArgs.cmake:230 (message):
Could NOT find crypto (missing: crypto_LIBRARY crypto_INCLUDE_DIR)
Call Stack (most recent call first):
/opt/homebrew/Cellar/cmake/3.22.3/share/cmake/Modules/FindPackageHandleStandardArgs.cmake:594 (_FPHSA_FAILURE_MESSAGE)
cmake/modules/Findcrypto.cmake:67 (find_package_handle_standard_args)
CMakeLists.txt:499 (find_package)
thread 'main' panicked at '
command did not execute successfully, got: exit status: 1
build script failed, must exit now', /Users/jerome/.cargo/registry/src/github.com-1ecc6299db9ec823/cmake-0.1.48/src/lib.rs:975:5
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
warning: build failed, waiting for other jobs to finish...
Solution:
Ideally it should build without issue, or if it requires openssl for example to be installed via homebrew, docs/readme could mention that. Though installing it I haven't had luck for it finding it yet.
Requirements / Acceptance Criteria:
Out of scope:
Maybe these links can help you. https://stackoverflow.com/questions/29651258/install-openssl-devel-on-mac https://stackoverflow.com/questions/16248775/cmake-not-able-to-find-openssl-library/69268455#69268455
Hi Jeremy,
Could you provide the Cargo.toml you are using in your project?
Here's my Cargo.toml for my crate I made testing out s2n-quic.
[package]
name = "quictest"
version = "0.1.0"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
s2n-quic = { version = "1.5.0" } #, features = ["provider-tls-rustls", "hash_hasher", "zerocopy", "ring", "zerocopy-derive", "zeroize", "cuckoofilter"], default-features = false }
clap = { version = "3.2.6", features = ["cargo", "derive"] }
tokio = { version = "1.19.2", features = ["rt-multi-thread", "io-util", "io-std"] }
identity-manager = { path = "../identity-manager", version = "0.1.0" }
# for testing
rustls = { version = "0.19.1", features = ["dangerous_configuration"] }
I did try to get it to find my openssl installed via homebrew but wasn't having luck, was trying CMAKE_PREFIX_PATH being set to the prefix path for openssl, but some other env var is missing according to the build.rs output, just not sure what yet as there's a bunch it checks. Probably be good if that can output what is missing.
Are you wanting to use s2n-tls or rustls? If you're using rustls then it shouldn't be building s2n-tls at all. Is that identity-manager crate also depending on s2n-quic?
(as a side-note, you really only need features = ["provider-tls-rustls", "provider-address-token-default"], rather than listing all of those packages)
If you are trying to use s2n-tls, CMake should really only be used when the post-quantum feature is enabled, so I'm not sure why it's being used here... Is there something else in your tree enabling that feature (inside of identity-manager, perhaps?) If I build your cargo.toml on my x86 macbook, it successfully builds and doesn't use CMake.
In any case, we depend on the openssl-sys crate to resolve the openssl package: https://github.com/aws/s2n-tls/blob/aa8f7fbb5e8afb649230f70917dd6bbe31702019/bindings/rust/s2n-tls-sys/build.rs#L154. So if that's giving us an invalid or unexpected location for the artifact we may not properly link to it.
so gave a try on my intel mac just to be sure there isn't something weird with aarch64, but seems to be same. I have openssl installed via homebrew on both, tried clean & re-building with default features for s2n-quic and it still can't find openssl. I also tried setting these as homebrew mentioned after installing openssl:
PKG_CONFIG_PATH=/usr/local/opt/[email protected]/lib/pkgconfig
CPPFLAGS=-I/usr/local/opt/[email protected]/include
LDFLAGS=-L/usr/local/opt/[email protected]/lib
also identity-manager doesn't include quic/s2n/etc at all, it only uses rustls and some other crates to deal with certificates only.
I am running into this issue on Linux when using cargo workspace.
Could NOT find crypto (missing: crypto_LIBRARY)
I added two cargo projects with cargo new, so the basic hello world. It didn't matter if I tried to use rustls, it's still trying to configure s2n-tls. In either case, the configuration step fails with the error above. I only had one dependency in all tests.
#s2n-quic = "1"
s2n-quic = { version = "1", features = ["provider-tls-rustls"] }
Without a cargo workspace project, the same kind of hello world app builds and runs as expected.
I just tested this on a current MBP:
On a fresh project with only a s2n-quic dependency, attempting to build with provider-tls-rustls results in the project still attempting to compile s2n-tls.
When I set default-features=false it doesn't attempt to compile s2n-tls, but then s2n-quic fails to compile because of missing dependencies:
cuckoofilter, hash_hasher, zerocopy, zeroize,
I was able to get things compiling with s2n-tls using
brew upgrade openssl
brew link --force openssl
pkg-config --modversion openssl
export LDFLAGS="-L/opt/homebrew/opt/openssl@3/lib"
export CPPFLAGS="-I/opt/homebrew/opt/openssl@3/include"
You need to also enable the default address token provider as well, as shown in the rustls example. https://github.com/aws/s2n-quic/blob/9e5372e2655ae00490a7bbc1e97a5dd19114a232/examples/rustls-provider/Cargo.toml#L9
We do need to improve the error message there.