Build with Nix #29
Build with Nix #29
Conversation
Currently, only running different versions of OpenSSL is implemented as PoC to see if it would work. You can either build it or run it directly with: ``` $ nix run '.?submodules=1#openssl_316' list-libs # uses OpenSSL 3.1.6 $ nix run '.?submodules=1#openssl_322' list-libs # uses OpenSSL 3.2.2 $ nix run '.?submodules=1' list-libs # uses OpenSSL 3.3.1 ``` Adding new versions is possible, check `packages` part of `flake.nix`. To see the supported versions run: ``` $ nix flake show ```
|
Oh and one more thing. Can you make the version of the library propagate as an environment variable to the build and run environment? Then in the Makefile we can pass it on as a define to the compiler and thus get it in the shim code so that we can do ifdefs based on it. |
Yes. Both should be somewhat simple and straightforward. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #29 +/- ##
============================================
+ Coverage 62.65% 62.66% +0.01%
+ Complexity 1349 1348 -1
============================================
Files 133 133
Lines 9358 9348 -10
Branches 1288 1287 -1
============================================
- Hits 5863 5858 -5
+ Misses 2882 2877 -5
Partials 613 613
☔ View full report in Codecov by Sentry. |
In order to prevent problems with dynamic linking of OpenSSL, LibreSSL and BoringSSL -- that all have libcrypto.so -- we link statically into the providers.
|
Few more things I thought of:
|
I would not actually do any of these. The second one especially, I would keep the applet and reader subprojects as they are. |
Building with Nix is one way of allowing multiple versions of tested libs to be running at the same time. Currently, few versions of OpenSSL are possible, check the commit message for more details.
More work is needed before merging this.