Permit unbundling the library

[clausecker]

I am currently trying to write a FreeBSD port (i.e. distribution package) for the rosenpass project. In the process of doing that I noticed that it bundles a static copy of liboqs through your crate. This is unfortunate. We would strongly prefer if the project instead linked against liboqs.so so we can fix potential security issues in a single place.

Would it be possible for you to permit linking against a shared library instead of building and linking your own static copy of the code?

[thomwiggers]

This should be possible by letting oqs-sys' build.rs find liboqs and its header files. We should probably do a vendor style feature like the openssl-sys crate.

However, I do not have time to make the required changes to do this right now. I would review and potentially merge a PR, but it would also need to expand CI to cover these new build scenarios.

[clausecker]

Thank you. Unfortunately I do not have any Rust experience, so I'll not be able to assist you with this.

[tranzystorekk]

I took a quick glance at this out of curiosity, but liboqs doesn't seem to provide a pkg-config file, and cmake scripts alone aren't easily read from build.rs :/

[wucke13]

Now that @tranzystorek-io provided open-quantum-safe/liboqs#1435 which was merged (thank you!!!), I think the discussion should continue here. @thomwiggers are there any specific requirements for such a PR? So far I only got

• has to be checked by CI

[thomwiggers]

This should be fixed by #190 right?

[clausecker]

@thomwiggers This here is issue #190, so I'm not sure what you meant to link.

[thomwiggers]

My bad, #211