wolfssl-sys: provide library paths to downstream crates, allow enabling some optional features

wolfssl-sys/Cargo.toml

@@ -24,6 +24,15 @@ default = ["postquantum"]
 debug = []
 postquantum = []
 kyber_only = ["postquantum"]
+# Configure feature flags
+aesccm = []
+dh = []
+opensslall = []
+opensslextra = []
+psk = []
+# Define feature flags
+ex_data = []
+alpn = []
 
 [[example]]
 name = "connect_pq"

wolfssl-sys/build.rs

@@ -52,6 +52,8 @@ const PATCHES: &[&str] = &[
     "fix-kyber-get-curve-name.patch",
     "fix-kyber-prf-non-avx2.patch",
 ];
+const OPTIONAL_FEATURES: &[&str] = &["aesccm", "dh", "opensslall", "opensslextra", "psk"];
+const MACRO_FEATURES: &[(&str, &str)] = &[("ex_data", "HAVE_EX_DATA"), ("alpn", "HAVE_ALPN")];
 
 /**
  * Apply patch to wolfssl-src
@@ -86,8 +88,6 @@ fn build_wolfssl(wolfssl_src: &Path) -> PathBuf {
     conf.reconf("-ivf")
         // Disable benchmarks
         .disable("benchmark", None)
-        // Disable DH key exchanges
-        .disable("dh", None)
         // Disable examples
         .disable("examples", None)
         // Disable old TLS versions
@@ -141,6 +141,37 @@ fn build_wolfssl(wolfssl_src: &Path) -> PathBuf {
         .cflag("-DWOLFSSL_NO_SPHINCS")
         .cflag("-DWOLFSSL_TLS13_MIDDLEBOX_COMPAT");
 
+    for feature in OPTIONAL_FEATURES {
+        // Determine if feature is enabled, enable or disable feature in configure
+        // script based on that.
+        // For each optional feature, cargo sets the CARGO_FEATURE_<name> env var,
+        // so we check for that.
+        // Using cfg!() only works in a compile-time context, so this is the best
+        // alternative that does not require defining extra macros.
+        if env::var(format!(
+            "CARGO_FEATURE_{}",
+            feature.to_uppercase().replace("-", "_")
+        ))
+        .is_ok()
+        {
+            conf.enable(feature, None);
+        } else {
+            conf.disable(feature, None);
+        }
+    }
+    for (feature_name, feature_define) in MACRO_FEATURES {
+        // Same as above, just for features that are enabled/disabled via defines.
+        // Alongside the feature name, MACRO_FEATURES contains the define name to set.
+        if env::var(format!(
+            "CARGO_FEATURE_{}",
+            feature_name.to_uppercase().replace("-", "_")
+        ))
+        .is_ok()
+        {
+            conf.cflag(format!("-D{}", feature_define));
+        }
+    }
+
     if cfg!(feature = "debug") {
         conf.enable("debug", None);
         conf.cflag("-DHAVE_SECRET_CALLBACK");
@@ -266,6 +297,11 @@ fn main() -> std::io::Result<()> {
     let ignored_macros = IgnoreMacros(hash_ignored_macros);
     let wolfssl_include_dir = wolfssl_install_dir.join("include");
 
+    // Set cargo metadata to allow dependent libraries to reference the built library.
+    // https://doc.rust-lang.org/cargo/reference/build-script-examples.html#using-another-sys-crate
+    println!("cargo:root={}", wolfssl_install_dir.to_str().unwrap());
+    println!("cargo:include={}", wolfssl_include_dir.to_str().unwrap());
+
     // Build the Rust binding
     let builder = bindgen::Builder::default()
         .header("wrapper.h")

wolfssl-sys/src/bindings.rs

@@ -8,6 +8,7 @@
 #![allow(clippy::identity_op)]
 #![allow(clippy::missing_safety_doc)]
 #![allow(clippy::ptr_offset_with_cast)]
+#![allow(clippy::too_many_arguments)]
 include!(concat!(env!("OUT_DIR"), "/bindings.rs"));
 
 use std::os::raw::c_int;