-
Notifications
You must be signed in to change notification settings - Fork 712
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
doc: document generating bindings with prebuilt libs2n #4872
Changes from 5 commits
dbbb9af
419b833
2ccf18e
ffc506d
0ac27e0
206b570
ef35761
33f8c91
40f01e8
0630834
522fe12
1f7207f
2128083
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change | ||||
---|---|---|---|---|---|---|
@@ -1,3 +1,43 @@ | ||||||
This crates provides low level rust bindings for [s2n-tls](https://github.com/aws/s2n-tls) which are autogenerated with [bindgen](https://github.com/rust-lang/rust-bindgen) | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
Since you're here... |
||||||
|
||||||
This crate is not intended for direct consumption by end consumers. Interested developers should instead look at the [s2n-tls](https://crates.io/crates/s2n-tls) or [s2n-tls-tokio](https://crates.io/crates/s2n-tls-tokio) crates. These provide higher-level, more ergonomic bindings than the `s2n-tls-sys` crate. | ||||||
This crate is not intended for direct consumption by end consumers. Interested developers should instead look at the [s2n-tls](https://crates.io/crates/s2n-tls) or [s2n-tls-tokio](https://crates.io/crates/s2n-tls-tokio) crates. These provide higher-level, more ergonomic bindings than the `s2n-tls-sys` crate. | ||||||
jmayclin marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||
|
||||||
# Bring Your Own libs2n | ||||||
|
||||||
The `s2n-tls-sys` crate contains the raw C code of `s2n-tls`. By default, it follows this build process: | ||||||
|
||||||
1. Uses the system C compiler to build `libs2n.a` | ||||||
2. Links the built `libs2n.a` to the Rust bindings | ||||||
jmayclin marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||
3. Links against `aws-lc` through the `aws-lc-rs` crate | ||||||
|
||||||
However, you can customize this process to use your own pre-built libs2n library. Here's how you can do that: | ||||||
|
||||||
1. Clone [s2n-tls](https://github.com/aws/s2n-tls) and compile your preferred configuration of s2n-tls. | ||||||
|
||||||
You may choose to link against a specific libcrypto at this step. For more information, see [Building with a specific libcrypto](https://github.com/aws/s2n-tls/blob/main/docs/BUILD.md#building-with-a-specific-libcrypto). | ||||||
Also see [Building s2n-tls](https://github.com/aws/s2n-tls/blob/main/docs/BUILD.md#building-s2n-tls) for further guidance on configuring s2n-tls for your own use case. | ||||||
``` | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Hmmm. I don't think you need to include instructions for building s2n if you've already linked to our build page? Is there a specific cmake flag that a user would need to turn on to create the prebuilt libs2n? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. No, static/shared shouldn't matter in linking the prebuilt libs2n. I will remove this instruction. |
||||||
cmake . -Bbuild -DBUILD_SHARED_LIBS=on -DBUILD_TESTING=off | ||||||
cmake --build build -- -j $(nproc) | ||||||
``` | ||||||
|
||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
|
||||||
2. `cd` into your rust project and set environment variables to your libs2n library sources. | ||||||
|
||||||
jmayclin marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||
This tells the bindings to link to pre-built libs2n when running the build script for s2n-tls-sys | ||||||
``` | ||||||
export S2N_TLS_LIB_DIR=<PATH_TO_ROOT_OF_S2N_TLS>/build/lib | ||||||
export S2N_TLS_INCLUDE_DIR=<PATH_TO_ROOT_OF_S2N_TLS>/api | ||||||
export LD_LIBRARY_PATH=$S2N_TLS_LIB_DIR:$LD_LIBRARY_PATH | ||||||
``` | ||||||
|
||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
|
||||||
`S2N_TLS_LIB_DIR` points to the folder containing `libs2n.a`/`lins2n.so` artifact that you would like s2n-tls-sys to link against. | ||||||
`S2N_TLS_INCLUDE_DIR` points to the folder containing header files for `libs2n.a`/`lins2n.so` artifact. | ||||||
`LD_LIBRARY_PATH` adds the path to `libs2n.a`/`lins2n.so` artifact for dynamic linker's search path. | ||||||
|
||||||
jmayclin marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||
3. Build your project. This triggers the build script for s2n-tls-sys | ||||||
|
||||||
``` | ||||||
cargo build | ||||||
``` | ||||||
|
||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It's weird to put this note at the bottom of the page. You want motivation for "why" to run these commands to come before the instructions, not after. |
||||||
This method is useful if you want the bindings to be built with a non-default libcrypto. Currently, the default libcrypto when generating rust bindings is `aws-lc`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: I prefer a more "imperative" tone. (use, link) instead of "uses", "links".