You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The mechanism requires that the visibility attribute is on the declaration inside the compilation unit of the definition. We do not do this in all places, so some methods that should be visible, like s2n_client_hello_parse_message are actually hidden.
Solution:
We need to include "api/relevant_file" for compilation units which define S2N_API functions.
Requirements / Acceptance Criteria:
All functions marked S2N_API should be consumable from libs2n.so.
We should add a test to validate that we are doing this. One way to do this is to build on the unit tests in s2n-tls-sys bindings that make sure that bound function is defined. This issue was originally detected when we tried to add bindings for some of the unstable apis #4009 by this CI job
Another way to do this would be to parse the api/* header files for all of the functions that should be visible, and then use the nm utility to confirm that the symbol is visible.
The text was updated successfully, but these errors were encountered:
Problem:
s2n
is compiled with the-fvisbility=hidden
flag to enforce public(api)/private boundaries when compiled as a shared object.s2n-tls/CMakeLists.txt
Lines 284 to 288 in f9a6ffa
And then we use the visibility attributes to explicitly annotate which of our functions we want to remain visible
s2n-tls/api/s2n.h
Lines 25 to 30 in f9a6ffa
The mechanism requires that the visibility attribute is on the declaration inside the compilation unit of the definition. We do not do this in all places, so some methods that should be visible, like
s2n_client_hello_parse_message
are actually hidden.Solution:
We need to
include "api/relevant_file"
for compilation units which defineS2N_API
functions.Requirements / Acceptance Criteria:
All functions marked
S2N_API
should be consumable fromlibs2n.so
.We should add a test to validate that we are doing this. One way to do this is to build on the unit tests in
s2n-tls-sys
bindings that make sure that bound function is defined. This issue was originally detected when we tried to add bindings for some of the unstable apis #4009 by this CI jobAnother way to do this would be to parse the
api/*
header files for all of the functions that should be visible, and then use thenm
utility to confirm that the symbol is visible.The text was updated successfully, but these errors were encountered: