Stop building System.Security.Cryptography.Native.OpenSsl on macOS #117465
Conversation
github-actions
bot
added
the
needs-area-label
vcsjones
added
area-Infrastructure-libraries
and removed
needs-area-label
|
Tagging subscribers to this area: @dotnet/area-infrastructure-libraries |
|
/cc @dotnet/area-system-security. This is a bit cross cutting in terms of area ownership but felt more "infrastructure-y", but something everyone should be aware of nonetheless. |
|
Blocked on #117472. |
|
Closing, because I am blocked, and the fix for blocking is blocked. Will re-open when / if it is feasible. |
There was a problem hiding this comment.
Pull Request Overview
This PR stops building System.Security.Cryptography.Native.OpenSsl on macOS, following the previous removal of OpenSSL support on macOS in #116481. The changes align macOS with other Apple platforms by excluding OpenSSL-related builds and using the Apple-specific cryptography implementation instead.
Key changes:
- Excludes macOS from building OpenSSL cryptography native libraries
- Updates build scripts to skip OpenSSL-related configuration on macOS
- Consolidates Apple platform handling in CMake configurations
Reviewed Changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| src/native/libs/build-native.sh | Adds macOS to platforms that skip OpenSSL native library builds |
| src/native/libs/System.Security.Cryptography.Native/CMakeLists.txt | Removes macOS-specific OpenSSL configuration and build verification |
| src/native/libs/CMakeLists.txt | Consolidates Apple platform handling to exclude OpenSSL and use Apple cryptography |
| src/native/corehost/hostpolicy/hostpolicy_context.cpp | Excludes macOS from OpenSSL DLL import resolution |
| src/native/corehost/build.sh | Skips OpenSSL-related CMake configuration on macOS |
| src/native/corehost/apphost/static/CMakeLists.txt | Excludes Apple platforms from OpenSSL static library linking |
| src/coreclr/nativeaot/BuildIntegration/Microsoft.NETCore.Native.Unix.targets | Updates condition to exclude all Apple platforms from OpenSSL |
| eng/native/build-commons.sh | Adds macOS to platforms that skip OpenSSL-related setup |
| docs/workflow/requirements/macos-requirements.md | Removes OpenSSL from macOS build requirements |
|
The Quic-on-MacOS using OpenSSL has been worked around, so this is feasible again. I am suspicious how easy this change was. Are there parts of packaging and installer building that will need to be updated elsewhere? |
I think (so, this repository) |
I saw those, but I don't see them doing anything conditional. Like, libSystem.Security.Cryptography.Native.Apple.dylib is just "there" but clearly we don't build it for Linux or Windows. So I am not sure what an exclusion would look like there, if we had to do anything. |
Yeah that list is basically a template which gets processed by https://github.com/dotnet/arcade/blob/4b2bc3e0e6de4355c126b544732481df97900c89/src/Microsoft.DotNet.SharedFramework.Sdk/targets/sharedfx.targets#L269-L272. Nothing to do here. |
In #116481 we stopped supporting OpenSSL on macOS. This pull request stops building System.Security.Cryptography.Native.OpenSSL on macOS entirely, similarly to what we are doing for other Apple platforms today.