Skip to content

Support FreeBSD #55

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jan 5, 2024
Merged

Support FreeBSD #55

merged 2 commits into from
Jan 5, 2024

Conversation

cpu
Copy link
Member

@cpu cpu commented Jan 4, 2024

This branch relaxes the cfg gates that previously were Linux specific to allow Unix generally. Care is taken to ensure we still handle MacOS/iOS/Android specially where required.

FreeBSD in CI seems to be unable to use openssl-probe to find the system CA bundle, so we also add a BSD-specific dev-dependency on webpki-roots and update the real world verification suite to conditionally use the Verifier::new_with_extra_roots constructor to provide extra CA certs from webpki-roots.

It might be possible to fix the FreeBSD runner so that openssl-probe works (e.g. by curling a CA bundle into a different location, or setting the SSL_CERT_FILE env var) but this approach has the benefit of adding coverage for new_with_extra_roots.

Since GitHub actions doesn't offer FreeBSD runners we follow the Quinn project's lead and use vmactions/freebsd-vm@v1 to run a FreeBSD VM on the runner, and our tests within the VM.

Resolves #53

@cpu cpu self-assigned this Jan 4, 2024
cpu
cpu commented Jan 4, 2024
View reviewed changes
@cpu cpu mentioned this pull request Jan 4, 2024
Closed
complexspaces
complexspaces requested changes Jan 4, 2024
View reviewed changes
cpu added 2 commits January 4, 2024 19:03
@cpu
proj: relax cfg gates to allow FreeBSD
52b0664 
This commit relaxes the cfg gates that previously were Linux specific to
allow Unix generally. Care is taken to ensure we still handle
MacOS/iOS/Android specially where required.

FreeBSD in CI seems to be unable to use openssl-probe to find the system
CA bundle, so we also add a BSD-specific dev-dependency on webpki-roots
and update the real world verification suite to conditionally use the
`Verifier::new_with_extra_roots` constructor to provide extra CA certs
from webpki-roots.

It might be possible to fix the FreeBSD runner so that openssl-probe
works (e.g. by `curl`ing a CA bundle into a different location, or
setting the `SSL_CERT_FILE` env var) but this approach has the benefit
of adding coverage for `new_with_extra_roots`.
@cpu
ci: add FreeBSD cargo test job
7a6220b 
Since GitHub actions doesn't offer FreeBSD runners we follow the Quinn
project's lead and use `vmactions/freebsd-vm@v1` to run a FreeBSD VM on
the runner, and our tests within the VM.
@cpu cpu force-pushed the cpu-freebsd_dev branch from 4b642c7 to 7a6220b Compare January 5, 2024 00:07
@complexspaces complexspaces merged commit b51d933 into rustls:main Jan 5, 2024
@cpu cpu deleted the cpu-freebsd_dev branch January 5, 2024 14:19
@cpu cpu mentioned this pull request Jan 5, 2024
Merged
@cpu cpu mentioned this pull request Jan 15, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@complexspaces complexspaces complexspaces approved these changes

Assignees

@cpu cpu

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

FreeBSD support

2 participants

@cpu @complexspaces