Laan Tungir
711a7cc15c
BREAKING CHANGE: Library now requires system-installed dependencies Major Changes: - Convert secp256k1 from bundled static lib to system dependency - Convert OpenSSL from bundled static lib to system dependency - Convert curl from bundled static lib to system dependency - Update build.sh with pkg-config detection and fallback logic - Remove all static library extraction/building logic - Update README.md with new dependency requirements and installation Build System: - Add detect_system_secp256k1() with pkg-config support - Add detect_system_openssl() with pkg-config support - Add detect_system_curl() with pkg-config support - Remove secp256k1 building/extraction from ar archive - Update CFLAGS and LIBS to use system library variables - Clear error messages for missing dependencies with install commands Documentation: - Add system dependency installation for Ubuntu/Debian/CentOS/macOS - Update all compile/link examples to include -lssl -lcrypto -lcurl -lsecp256k1 - Remove references to 'self-contained' and 'no external dependencies' - Update integration examples throughout README Benefits: - Smaller library size (only internal code bundled) - Automatic security updates via system package manager - Standard Linux library distribution pattern - Reduced build complexity - Better system integration with pkg-config Required Installation: Ubuntu/Debian: sudo apt install libssl-dev libcurl4-openssl-dev libsecp256k1-dev CentOS/RHEL: sudo yum install openssl-devel libcurl-devel libsecp256k1-devel macOS: brew install openssl curl secp256k1
73 lines
2.4 KiB
Python
Executable File
73 lines
2.4 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
"""Check that a libsecp256k1 shared library exports only expected symbols.
|
|
|
|
Usage examples:
|
|
- When building with Autotools:
|
|
./tools/symbol-check.py .libs/libsecp256k1.so
|
|
./tools/symbol-check.py .libs/libsecp256k1-<V>.dll
|
|
./tools/symbol-check.py .libs/libsecp256k1.dylib
|
|
|
|
- When building with CMake:
|
|
./tools/symbol-check.py build/lib/libsecp256k1.so
|
|
./tools/symbol-check.py build/bin/libsecp256k1-<V>.dll
|
|
./tools/symbol-check.py build/lib/libsecp256k1.dylib"""
|
|
|
|
import re
|
|
import sys
|
|
import subprocess
|
|
|
|
import lief
|
|
|
|
|
|
class UnexpectedExport(RuntimeError):
|
|
pass
|
|
|
|
|
|
def get_exported_exports(library) -> list[str]:
|
|
"""Adapter function to get exported symbols based on the library format."""
|
|
if library.format == lief.Binary.FORMATS.ELF:
|
|
return [symbol.name for symbol in library.exported_symbols]
|
|
elif library.format == lief.Binary.FORMATS.PE:
|
|
return [entry.name for entry in library.get_export().entries]
|
|
elif library.format == lief.Binary.FORMATS.MACHO:
|
|
return [symbol.name[1:] for symbol in library.exported_symbols]
|
|
raise NotImplementedError(f"Unsupported format: {library.format}")
|
|
|
|
|
|
def grep_expected_symbols() -> list[str]:
|
|
"""Guess the list of expected exported symbols from the source code."""
|
|
grep_output = subprocess.check_output(
|
|
["git", "grep", r"^\s*SECP256K1_API", "--", "include"],
|
|
universal_newlines=True,
|
|
encoding="utf-8"
|
|
)
|
|
lines = grep_output.split("\n")
|
|
pattern = re.compile(r'\bsecp256k1_\w+')
|
|
exported: list[str] = [pattern.findall(line)[-1] for line in lines if line.strip()]
|
|
return exported
|
|
|
|
|
|
def check_symbols(library, expected_exports) -> None:
|
|
"""Check that the library exports only the expected symbols."""
|
|
actual_exports = get_exported_exports(library)
|
|
unexpected_exports = set(actual_exports) - set(expected_exports)
|
|
if unexpected_exports != set():
|
|
raise UnexpectedExport(f"Unexpected exported symbols: {unexpected_exports}")
|
|
|
|
def main():
|
|
if len(sys.argv) != 2:
|
|
print(__doc__)
|
|
return 1
|
|
library = lief.parse(sys.argv[1])
|
|
expected_exports = grep_expected_symbols()
|
|
try:
|
|
check_symbols(library, expected_exports)
|
|
except UnexpectedExport as e:
|
|
print(f"{sys.argv[0]}: In {sys.argv[1]}: {e}")
|
|
return 1
|
|
return 0
|
|
|
|
|
|
if __name__ == "__main__":
|
|
sys.exit(main())
|