Skip to content

Fix ECC OpenSSL cmake check on Windows #828

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jschlyter merged 1 commit into from
Dec 7, 2025
Merged

Fix ECC OpenSSL cmake check on Windows #828

jschlyter merged 1 commit into from
Dec 7, 2025

Conversation

@bukka
Copy link
Contributor

@bukka bukka commented Dec 6, 2025
edited by coderabbitai bot
Loading

There is currently failure in vcpkg build so this PR is an attempt to try to fix it.

Summary by CodeRabbit

  • Chores
    • Enhanced Windows build setup for the OpenSSL backend: the build now augments the process PATH with the matching OpenSSL/vcpkg runtime bin directory when available, enabling ECC-related tests to run on Windows without other logic changes.

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link

coderabbitai bot commented Dec 6, 2025
edited
Loading

Walkthrough

Adds a Windows-only conditional in the OpenSSL CMake branch that derives the OpenSSL include path, optionally strips semicolon-delimited entries, computes a vcpkg triplet root, and appends a matching vcpkg bin directory to the process PATH for ECC tests.

Changes

Cohort / File(s) Summary
Windows OpenSSL PATH Configuration
cmake/modules/CompilerOptions.cmake		 Added a WIN32-specific block inside the WITH_OPENSSL branch to extract the OpenSSL include directory (handling semicolon-delimited entries), compute a vcpkg triplet root, check for a corresponding bin directory, and augment the process PATH to enable ECC tests.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

  • Verify Windows path parsing and semicolon-stripping behave correctly for varied inputs.
  • Confirm vcpkg triplet root resolution matches common vcpkg layouts.
  • Ensure PATH modification is scoped and doesn't interfere with other build steps or CI environments.

Poem

🐰 I hopped through CMake on a Windows trail,
found OpenSSL roots behind a veiled trail,
nudged a vcpkg bin into PATH’s light,
ECC tests hum, everything’s right —
a tiny hop, a build delight.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and specifically describes the main change: fixing an ECC OpenSSL CMake configuration issue on Windows, which directly aligns with the changeset's Windows-specific OpenSSL backend enhancement.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f815d20 and 29c4b03.

📒 Files selected for processing (1)
  • cmake/modules/CompilerOptions.cmake (1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
  • cmake/modules/CompilerOptions.cmake
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (8)
  • GitHub Check: Windows (x64, openssl)
  • GitHub Check: Windows (x64, botan)
  • GitHub Check: Windows (x86, openssl)
  • GitHub Check: Linux with OpenSSL 3.0
  • GitHub Check: Linux with OpenSSL 1.1.1
  • GitHub Check: macOS (botan)
  • GitHub Check: macOS (openssl)
  • GitHub Check: Linux with Botan

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@bukka bukka marked this pull request as ready for review December 6, 2025 21:27
@bukka bukka requested a review from a team as a code owner December 6, 2025 21:27
@bukka bukka force-pushed the ci-vcpgk-build branch 2 times, most recently from 8c73f6b to 0fb1fad Compare December 6, 2025 21:30
@bukka bukka marked this pull request as draft December 6, 2025 21:32
@bukka bukka force-pushed the ci-vcpgk-build branch 5 times, most recently from 89b5add to f815d20 Compare December 6, 2025 22:27
@bukka bukka mentioned this pull request Dec 6, 2025
Open
@bukka bukka marked this pull request as ready for review December 6, 2025 22:44
coderabbitai[bot]
coderabbitai bot reviewed Dec 6, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
cmake/modules/CompilerOptions.cmake (1)

300-304: Consider more idiomatic CMake list handling.

The current approach works but could be simplified using native CMake list operations instead of string matching for semicolons.

Consider this alternative:

-        set(_ossl_inc "${OPENSSL_INCLUDE_DIR}")
-        if(_ossl_inc)
-            if(_ossl_inc MATCHES ";")
-                list(GET OPENSSL_INCLUDE_DIR 0 _ossl_inc)
-            endif()
+        if(OPENSSL_INCLUDE_DIR)
+            list(LENGTH OPENSSL_INCLUDE_DIR _ossl_inc_len)
+            if(_ossl_inc_len GREATER 1)
+                list(GET OPENSSL_INCLUDE_DIR 0 _ossl_inc)
+            else()
+                set(_ossl_inc "${OPENSSL_INCLUDE_DIR}")
+            endif()

This uses list(LENGTH) which is more explicit about checking for multiple elements in a CMake list.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 70c7d0f and f815d20.

📒 Files selected for processing (1)
  • cmake/modules/CompilerOptions.cmake (1 hunks)
🧰 Additional context used
🧠 Learnings (2)
📓 Common learnings 
Learnt from: bukka
Repo: softhsm/SoftHSMv2 PR: 815
File: src/lib/SoftHSM.cpp:6543-6546
Timestamp: 2025-09-11T16:54:00.370Z
Learning: SoftHSM PR #815 (pkcs11.h 3.1.0 update, CK_RSA_AES_KEY_WRAP_PARAMS fix): Maintainer bukka prefers to keep scope minimal (header sync and param rename only); broader OAEP parameter enforcement or backend plumbing is out of scope for this PR and should be handled in a follow-up issue.
📚 Learning: 2025-08-18T17:54:37.645Z 
Learnt from: antoinelochet
Repo: softhsm/SoftHSMv2 PR: 809
File: m4/acx_openssl_mldsa.m4:10-35
Timestamp: 2025-08-18T17:54:37.645Z
Learning: For OpenSSL feature detection in autoconf macros, prefer functional tests (like EVP_PKEY_CTX_new_from_name) over version number checks, as the functional approach directly tests the actual capability and is more reliable across different OpenSSL builds where features may be backported or disabled.

Applied to files:

  • cmake/modules/CompilerOptions.cmake
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: Windows (x64, botan)
🔇 Additional comments (1)
cmake/modules/CompilerOptions.cmake (1)

299-312: The vcpkg directory structure assumption is correct and the fix is sound.

vcpkg documentation confirms that OpenSSL runtime DLLs are placed in <vcpkg-root>/installed/<triplet>/bin for dynamic Windows triplets (x64-windows, x86-windows, etc.). The code correctly extracts the parent directory of OPENSSL_INCLUDE_DIR and appends /bin, which aligns with vcpkg's layout where include files are in <triplet>/include and libraries/DLLs are in <triplet>/bin.

The fix is safe for non-vcpkg Windows builds because the if(EXISTS "${_vcpkg_bin}") check prevents PATH modification if the expected directory structure doesn't exist, which would be the case for custom or system OpenSSL installations.

@bukka
Fix ECC OpenSSL check on Windows
29c4b03 
It was incorrectly using wrong include dir for the check so this should
fix it.
@bukka bukka changed the title Fix vcpkg build Fix ECC OpenSSL check on Windows Dec 6, 2025
@bukka bukka changed the title Fix ECC OpenSSL check on Windows Fix ECC OpenSSL cmake check on Windows Dec 6, 2025
@bukka
Copy link
Contributor Author

bukka commented Dec 6, 2025

@jschlyter Somehow managed to get Windows (and everything else) green. Windows Botan is a bit slow but not sure how could this be impacted by this change that is just for OpenSSL. So it should be hopefully safe.

@bukka bukka mentioned this pull request Dec 6, 2025
Open
@jschlyter jschlyter merged commit 4475560 into softhsm:develop Dec 7, 2025
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@jschlyter jschlyter jschlyter approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bukka @jschlyter