-
Notifications
You must be signed in to change notification settings - Fork 6.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[ngtcp2] fix: detect the libressl in vcpkg #40922
base: master
Are you sure you want to change the base?
Conversation
Reminder to all: libressl is not built in vcpkg CI. (Reason: conflict with openssl.) So this must be tested manually, thoroughly. |
@FrankXie05 This PR solve the regression when you have external openssl in the system, and ngtcp2[libressl] is detect it instead the vcpkg libressl. |
Has this change been submitted upstream? If they have a hard dependency on the libressl or boringssl fork(s) they should be doing this themselves. |
I didn't submit the change to upstream because this is unique to vcpkg. The cmake flag of openssl and the find_package(openssl) in upstream is to detect libressl/quictls/boringssl but not openssl itself. In vcpkg I choose libressl because is the only one that fit. Then we need unique find package for libressl that it will not detect other libs outside vcpkg. |
We have no reproducer for the claim, but it is proven wrong for x64-linux with vcpig-ci-libressl from #40924. Nevertheless this PR fixes a problem: libressl doesn't have a CMake wrapper, and plain |
I reproduce this claim on github ci action. on windows latest. |
@dg0yt I run your test port on github action windows ci. windows_logs_7696dc6fb70eff5b0a5079d78b9818f4dc486861.zip I reproduce the problem:
As I say, find_package(openssl) is detect openssl libs outside vcpkg, in github ci action, and this PR is fix that. |
@BillyONeal Please review my PR. thank you. |
@FrankXie05 @jimwang118 |
If upstream wants to detect libressl/quictls/boringssl but might get OpenSSL how is that not relevant to upstream? In particular hard coding that the answer is libressl and ignoring what the package says seems questionable.
It seems like this is a bug in the libressl port rather than something that should change in ngtcp2?
They are on vacation :) |
Upstream want to detect libressl/quictls/boringssl. When the not relevant lib is detected, like openssl, it not enable the quic ngtcp2 code. This is how upstream want it.
It not a bug in libressl, it by design how find_package work. First it detect in vcpkg, then it detect outside. (needed for many ports to detect libs outside vcpkg). The hidden bug maybe, when iterate, it show first the openssl. You can see that in the logs.
Thank you! I didn't know that :) |
44a9122
to
9289cb1
Compare
@BillyONeal Can other people in the team that available can review my PR? |
9289cb1
to
c8527be
Compare
|
Is upstream aware of libressl offering official CMake config? I believe they don't want users to be frustrated about |
@dg0yt Can you fix it for libressl port? |
Not planned. |
Then better to merge this fix until we find time to fix libressl. |
@FrankXie05 Can you put the review label? |
@ras0219-msft @vicroms @JavierMatosD @data-queue and I discussed this today. We agree that it could be acceptable to take this change given that the feature is named "libressl": "libressl": {
"description": "Compile with libressl",
"dependencies": [
"libressl"
]
}, However, we believe that is a mistake and thus the overall edit goes in the wrong direction. We also agree that this output:
suggests a bug in the LibreSSL port and should not be worked around in every downstream port that wants to consume LibreSSL in this way. Of note, this change breaks boringssl which presumably would work if someone overlayed boringssl -> libressl. We would be happy to accept a change that fixes LibreSSL to make this work (even though we have no means of testing this in CI, there's a special exception for libressl and boringssl as they were added before the addition of registries to the product) but we are not willing to take this change at this time. Thanks for your contribution to vcpkg and hope that makes sense! |
./vcpkg x-add-version --all
and committing the result.fix #40915