From ebd9d5737326f2127d6652f4eb6ffbb7875685e1 Mon Sep 17 00:00:00 2001 From: Nirbheek Chauhan Date: Thu, 9 Sep 2021 14:50:52 +0530 Subject: openssl: Bump to 3.4.0 Co-authored-by: L. E. Segovia Part-of: --- recipes/openssl.recipe | 32 ++++---- ...tificate.crt-from-PREFIX-etc-ssl-on-macOS.patch | 43 +++++----- ...ypto-win-Don-t-use-disallowed-APIs-on-UWP.patch | 51 ------------ ...efile.tmpl-Generate-and-install-pkgconfig.patch | 95 --------------------- ...re-Build-with-APPCONTAINER-for-UWP-compat.patch | 57 ------------- ...2-windows-makefile.tmpl-Fix-ONECORE-build.patch | 34 -------- ...efile.tmpl-Generate-and-install-pkgconfig.patch | 96 ++++++++++++++++++++++ ...003-util-Disable-quicserver-with-no-tests.patch | 25 ++++++ .../0004-Fix-build-with-NASM-on-Windows.patch | 79 ++++++++++++++++++ 9 files changed, 239 insertions(+), 273 deletions(-) delete mode 100644 recipes/openssl/0001-crypto-win-Don-t-use-disallowed-APIs-on-UWP.patch delete mode 100644 recipes/openssl/0001-windows-makefile.tmpl-Generate-and-install-pkgconfig.patch delete mode 100644 recipes/openssl/0002-win-onecore-Build-with-APPCONTAINER-for-UWP-compat.patch delete mode 100644 recipes/openssl/0002-windows-makefile.tmpl-Fix-ONECORE-build.patch create mode 100644 recipes/openssl/0002-windows-makefile.tmpl-Generate-and-install-pkgconfig.patch create mode 100644 recipes/openssl/0003-util-Disable-quicserver-with-no-tests.patch create mode 100644 recipes/openssl/0004-Fix-build-with-NASM-on-Windows.patch (limited to 'recipes') diff --git a/recipes/openssl.recipe b/recipes/openssl.recipe index d7182184..7c98c4be 100644 --- a/recipes/openssl.recipe +++ b/recipes/openssl.recipe @@ -8,14 +8,12 @@ class Recipe(recipe.Recipe): # Note: openssl helpfully moves tarballs somewhere else (old/x.y.z/) # whenever a new release comes out, so make sure to mirror to fdo when # bumping the release! - version = '1.1.1s' - licenses = [{License.OPENSSL: ['LICENSE']}] + version = '3.4.0' + licenses = [License.Apachev2] stype = SourceType.TARBALL - url = 'https://github.com/openssl/openssl/releases/download/OpenSSL_{0}/openssl-{1}.tar.gz'.format(version.replace('.','_'), version) - tarball_checksum = 'c5ac01e760ee6ff0dab61d6b2bbd30146724d063eb322180c6f18a6f74e4b6aa' + url = 'https://github.com/openssl/openssl/releases/download/openssl-%(version)s/openssl-%(version)s.tar.gz' + tarball_checksum = 'e15dda82fe2fe8139dc2ac21a36d4ca01d5313c75f99f46c4e8a27709b7294bf' deps = ['ca-certificates', 'zlib'] - # Parallel make fails randomly due to undefined macros, probably races - allow_parallel_build = False # Configure script is perl, not shell config_sh_needs_shell = False # Can build for MSVC and UWP @@ -25,15 +23,12 @@ class Recipe(recipe.Recipe): # Portable prefix with SSL certs 'openssl/0001-Load-ca-certificate.crt-from-PREFIX-etc-ssl-on-macOS.patch', # MSVC and UWP support - 'openssl/0001-windows-makefile.tmpl-Generate-and-install-pkgconfig.patch', - 'openssl/0002-windows-makefile.tmpl-Fix-ONECORE-build.patch', - 'openssl/0003-windows-makefile.tmpl-Do-not-prefix-import-libraries.patch', - # https://github.com/openssl/openssl/pull/12400 - 'openssl/0001-crypto-win-Don-t-use-disallowed-APIs-on-UWP.patch', - 'openssl/0002-win-onecore-Build-with-APPCONTAINER-for-UWP-compat.patch', + 'openssl/0002-windows-makefile.tmpl-Generate-and-install-pkgconfig.patch', + # quicserver is a test utility that is not qualified as such + 'openssl/0003-util-Disable-quicserver-with-no-tests.patch', + #'openssl/0003-windows-makefile.tmpl-Do-not-prefix-import-libraries.patch', ] - files_bins = ['openssl'] files_libs = ['libcrypto', 'libssl'] files_devel = ['include/openssl', '%(libdir)s/pkgconfig/openssl.pc', '%(libdir)s/pkgconfig/libssl.pc', '%(libdir)s/pkgconfig/libcrypto.pc'] @@ -120,6 +115,8 @@ class Recipe(recipe.Recipe): ldflags = self.get_env('LDFLAGS') if self.using_msvc(): + # https://github.com/openssl/openssl/issues/25774 + self.patches += ['openssl/0004-Fix-build-with-NASM-on-Windows.patch'] # Gets converted to C:/MinGW/msys/1.0/utf-8 by MSYS somehow, so # just remove it. We only need this for gstreamer sources anyway. cflags = cflags.replace('/utf-8', '') @@ -183,6 +180,7 @@ class Recipe(recipe.Recipe): self.library_type = LibraryType.STATIC if self.config.target_platform == Platform.ANDROID: self.prepend_env('PATH', self.get_env('ANDROID_NDK_TOOLCHAIN_BIN'), sep=os.pathsep) + self.set_env('ANDROID_NDK_ROOT', self.get_env('ANDROID_NDK_HOME')) @modify_environment @@ -197,7 +195,7 @@ class Recipe(recipe.Recipe): ''.format(perl, found, m)) # OpenSSL guesses the libdir incorrectly on x86_64 config_sh = 'perl ./Configure --prefix=' + self.config.prefix + \ - ' --libdir=lib' + self.config.lib_suffix + ' no-makedepend no-unit-test ' + ' --libdir=lib' + self.config.lib_suffix + ' no-makedepend no-unit-test no-tests no-fuzz-afl no-fuzz-libfuzzer no-h3demo' if self.config.target_platform == Platform.IOS: # Note: disable 'no-devcryptoeng' when we finally target the # *real* ios configuration targets @@ -225,6 +223,12 @@ class Recipe(recipe.Recipe): if self.config.platform == Platform.WINDOWS: config_sh += ' no-tests ' + # https://github.com/openssl/openssl/issues/25785 + if self.using_msvc() and self.config.variants.uwp: + config_sh += ' no-apps ' + else: + self.files_bins = ['openssl'] + await shell.async_call(config_sh + self.openssl_platform, self.build_dir, logfile=self.logfile, env=self.env) diff --git a/recipes/openssl/0001-Load-ca-certificate.crt-from-PREFIX-etc-ssl-on-macOS.patch b/recipes/openssl/0001-Load-ca-certificate.crt-from-PREFIX-etc-ssl-on-macOS.patch index 16756227..e37dd612 100644 --- a/recipes/openssl/0001-Load-ca-certificate.crt-from-PREFIX-etc-ssl-on-macOS.patch +++ b/recipes/openssl/0001-Load-ca-certificate.crt-from-PREFIX-etc-ssl-on-macOS.patch @@ -1,18 +1,18 @@ -From 4f2c094d92bb5d16029333699dabad894e252e9b Mon Sep 17 00:00:00 2001 +From b25c9973038e8d29a06e071fc7a0e0cd3337ebf2 Mon Sep 17 00:00:00 2001 From: Nirbheek Chauhan Date: Thu, 23 Sep 2021 16:16:08 +0530 -Subject: [PATCH] Load ca-certificate.crt from PREFIX/etc/ssl on macOS and +Subject: [PATCH 1/2] Load ca-certificate.crt from PREFIX/etc/ssl on macOS and Windows PREFIX is automatically detected based on the location of the crypto library. --- - crypto/dllmain.c | 31 +++++++++++++++++++++++++++ - crypto/x509/by_file.c | 50 ++++++++++++++++++++++++++++++++++++++++++- - 2 files changed, 80 insertions(+), 1 deletion(-) + crypto/dllmain.c | 31 ++++++++++++++++++++++++ + crypto/x509/by_file.c | 56 +++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 87 insertions(+) diff --git a/crypto/dllmain.c b/crypto/dllmain.c -index e821789..67568e3 100644 +index 96198a9397..68b5c78374 100644 --- a/crypto/dllmain.c +++ b/crypto/dllmain.c @@ -20,6 +20,36 @@ @@ -61,7 +61,7 @@ index e821789..67568e3 100644 case DLL_THREAD_ATTACH: break; diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c -index 237b362..5f67759 100644 +index cd5b75d3a9..f91c0d3398 100644 --- a/crypto/x509/by_file.c +++ b/crypto/x509/by_file.c @@ -17,6 +17,56 @@ @@ -120,8 +120,8 @@ index 237b362..5f67759 100644 + static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); - static X509_LOOKUP_METHOD x509_file_lookup = { -@@ -46,11 +89,15 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, + static int by_file_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, +@@ -54,10 +104,15 @@ static int by_file_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp, switch (cmd) { case X509_L_FILE_LOAD: if (argl == X509_FILETYPE_DEFAULT) { @@ -129,23 +129,22 @@ index 237b362..5f67759 100644 file = ossl_safe_getenv(X509_get_default_cert_file_env()); + portable_file = _get_portable_X509_cert_file(); if (file) - ok = (X509_load_cert_crl_file(ctx, file, - X509_FILETYPE_PEM) != 0); -- + ok = (X509_load_cert_crl_file_ex(ctx, file, X509_FILETYPE_PEM, + libctx, propq) != 0); + else if (portable_file) -+ ok = (X509_load_cert_crl_file(ctx, portable_file, -+ X509_FILETYPE_PEM) != 0); ++ ok = (X509_load_cert_crl_file_ex(ctx, portable_file, X509_FILETYPE_PEM, ++ libctx, propq) != 0); else - ok = (X509_load_cert_crl_file - (ctx, X509_get_default_cert_file(), -@@ -59,6 +106,7 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, - if (!ok) { - X509err(X509_F_BY_FILE_CTRL, X509_R_LOADING_DEFAULTS); - } + ok = (X509_load_cert_crl_file_ex( + ctx, X509_get_default_cert_file(), +@@ -65,6 +120,7 @@ static int by_file_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp, + + if (!ok) + ERR_raise(ERR_LIB_X509, X509_R_LOADING_DEFAULTS); + free (portable_file); } else { if (argl == X509_FILETYPE_PEM) - ok = (X509_load_cert_crl_file(ctx, argp, + ok = (X509_load_cert_crl_file_ex(ctx, argp, X509_FILETYPE_PEM, -- -2.31.1 +2.46.0 diff --git a/recipes/openssl/0001-crypto-win-Don-t-use-disallowed-APIs-on-UWP.patch b/recipes/openssl/0001-crypto-win-Don-t-use-disallowed-APIs-on-UWP.patch deleted file mode 100644 index 5653c38c..00000000 --- a/recipes/openssl/0001-crypto-win-Don-t-use-disallowed-APIs-on-UWP.patch +++ /dev/null @@ -1,51 +0,0 @@ -From f198066024d3371be78819b18e737caf63a26aa0 Mon Sep 17 00:00:00 2001 -From: Nirbheek Chauhan -Date: Wed, 8 Jul 2020 23:10:34 +0530 -Subject: [PATCH 1/2] crypto/win: Don't use disallowed APIs on UWP - -CreateFiber and ConvertThreadToFiber are not allowed in Windows Store -(Universal Windows Platform) apps since they have been replaced by -their Ex variants which have a new dwFlags parameter. - -This flag allows the fiber to do floating-point arithmetic in the -fiber on x86, which would silently cause corruption otherwise since -the floating-point state is not switched by default. - -Switch to these "new" APIs which were added in Vista. - -See: https://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createfiberex#parameters ---- - crypto/async/arch/async_win.c | 2 +- - crypto/async/arch/async_win.h | 3 ++- - 2 files changed, 3 insertions(+), 2 deletions(-) - -diff --git a/crypto/async/arch/async_win.c b/crypto/async/arch/async_win.c -index 1f360d8..30aa018 100644 ---- a/crypto/async/arch/async_win.c -+++ b/crypto/async/arch/async_win.c -@@ -34,7 +34,7 @@ void async_local_cleanup(void) - - int async_fibre_init_dispatcher(async_fibre *fibre) - { -- fibre->fibre = ConvertThreadToFiber(NULL); -+ fibre->fibre = ConvertThreadToFiberEx(NULL, FIBER_FLAG_FLOAT_SWITCH); - if (fibre->fibre == NULL) { - fibre->converted = 0; - fibre->fibre = GetCurrentFiber(); -diff --git a/crypto/async/arch/async_win.h b/crypto/async/arch/async_win.h -index 61cfdd7..9f09caa 100644 ---- a/crypto/async/arch/async_win.h -+++ b/crypto/async/arch/async_win.h -@@ -27,7 +27,8 @@ typedef struct async_fibre_st { - # define async_fibre_swapcontext(o,n,r) \ - (SwitchToFiber((n)->fibre), 1) - # define async_fibre_makecontext(c) \ -- ((c)->fibre = CreateFiber(0, async_start_func_win, 0)) -+ ((c)->fibre = CreateFiberEx(0, 0, FIBER_FLAG_FLOAT_SWITCH, \ -+ async_start_func_win, 0)) - # define async_fibre_free(f) (DeleteFiber((f)->fibre)) - - int async_fibre_init_dispatcher(async_fibre *fibre); --- -2.26.2 - diff --git a/recipes/openssl/0001-windows-makefile.tmpl-Generate-and-install-pkgconfig.patch b/recipes/openssl/0001-windows-makefile.tmpl-Generate-and-install-pkgconfig.patch deleted file mode 100644 index 723dd2d1..00000000 --- a/recipes/openssl/0001-windows-makefile.tmpl-Generate-and-install-pkgconfig.patch +++ /dev/null @@ -1,95 +0,0 @@ -From 96881a7b26d569b08dc5847204856ebb5fc532f9 Mon Sep 17 00:00:00 2001 -From: Nirbheek Chauhan -Date: Tue, 9 Jun 2020 15:14:32 +0530 -Subject: [PATCH] windows-makefile.tmpl: Generate and install pkgconfig files - -Copied from unix-makefile.tmpl ---- - Configurations/windows-makefile.tmpl | 50 +++++++++++++++++++++++++++- - 1 file changed, 49 insertions(+), 1 deletion(-) - -diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl -index 8ef70b8..bc1e199 100644 ---- a/Configurations/windows-makefile.tmpl -+++ b/Configurations/windows-makefile.tmpl -@@ -314,7 +314,7 @@ PROCESSOR= {- $config{processor} -} - {- dependmagic('build_programs'); -}: build_programs_nodep - - build_generated: $(GENERATED_MANDATORY) --build_libs_nodep: $(LIBS) {- join(" ",map { shlib_import($_) } @{$unified_info{libraries}}) -} -+build_libs_nodep: libcrypto.pc libssl.pc openssl.pc $(LIBS) {- join(" ",map { shlib_import($_) } @{$unified_info{libraries}}) -} - build_engines_nodep: $(ENGINES) - build_programs_nodep: $(PROGRAMS) $(SCRIPTS) - -@@ -371,6 +371,7 @@ clean: libclean - -del /Q /S /F engines\*.lib engines\*.exp - -del /Q /S /F apps\*.lib apps\*.rc apps\*.res apps\*.exp - -del /Q /S /F test\*.exp -+ -del /Q /S /F openssl.pc libcrypto.pc libssl.pc - -rmdir /Q /S test\test-runs - - distclean: clean -@@ -426,6 +427,14 @@ install_dev: install_runtime_libs - @"$(PERL)" "$(SRCDIR)\util\copy.pl" $(INSTALL_LIBS) "$(libdir)" - @if "$(SHLIBS)"=="" \ - "$(PERL)" "$(SRCDIR)\util\copy.pl" ossl_static.pdb "$(libdir)" -+ @ : {- output_on() if $disabled{shared}; "" -} -+ @$(PERL) $(SRCDIR)\util\mkdir-p.pl "$(DESTDIR)$(libdir)\pkgconfig" -+ @$(ECHO) "install libcrypto.pc -> $(DESTDIR)$(libdir)\pkgconfig\libcrypto.pc" -+ @"$(PERL)" "$(SRCDIR)\util\copy.pl" libcrypto.pc "$(DESTDIR)$(libdir)\pkgconfig" -+ @$(ECHO) "install libssl.pc -> $(DESTDIR)$(libdir)\pkgconfig\libssl.pc" -+ @"$(PERL)" "$(SRCDIR)\util\copy.pl" libssl.pc "$(DESTDIR)$(libdir)\pkgconfig" -+ @$(ECHO) "install openssl.pc -> $(DESTDIR)$(libdir)\pkgconfig\openssl.pc" -+ @"$(PERL)" "$(SRCDIR)\util\copy.pl" openssl.pc "$(DESTDIR)$(libdir)\pkgconfig" - - uninstall_dev: - -@@ -472,6 +481,45 @@ install_html_docs: - uninstall_html_docs: - - # Building targets ################################################### -+# -+libcrypto.pc libssl.pc openssl.pc: configdata.pm -+libcrypto.pc: -+ @$(ECHO) "prefix=$(INSTALLTOP)" > libcrypto.pc -+ @$(ECHO) "exec_prefix=$${prefix}" >> libcrypto.pc -+ @$(ECHO) "libdir=$${exec_prefix}/$(LIBDIR)" >> libcrypto.pc -+ @$(ECHO) "includedir=$${prefix}/include" >> libcrypto.pc -+ @$(ECHO) "enginesdir=$${libdir}/engines-{- $sover_dirname -}" >> libcrypto.pc -+ @$(ECHO) "" >> libcrypto.pc -+ @$(ECHO) "Name: OpenSSL-libcrypto" >> libcrypto.pc -+ @$(ECHO) "Description: OpenSSL cryptography library" >> libcrypto.pc -+ @$(ECHO) "Version: $(VERSION)" >> libcrypto.pc -+ @$(ECHO) "Libs: -L$${libdir} -lcrypto" >> libcrypto.pc -+ @$(ECHO) "Libs.private: $(LIB_EX_LIBS)" >> libcrypto.pc -+ @$(ECHO) "Cflags: -I$${includedir}" >> libcrypto.pc -+ -+libssl.pc: -+ @$(ECHO) "prefix=$(INSTALLTOP)" > libssl.pc -+ @$(ECHO) "exec_prefix=$${prefix}" >> libssl.pc -+ @$(ECHO) "libdir=$${exec_prefix}/$(LIBDIR)" >> libssl.pc -+ @$(ECHO) "includedir=$${prefix}/include" >> libssl.pc -+ @$(ECHO) "" >> libssl.pc -+ @$(ECHO) "Name: OpenSSL-libssl" >> libssl.pc -+ @$(ECHO) "Description: Secure Sockets Layer and cryptography libraries" >> libssl.pc -+ @$(ECHO) "Version: $(VERSION)" >> libssl.pc -+ @$(ECHO) "Requires.private: libcrypto" >> libssl.pc -+ @$(ECHO) "Libs: -L$${libdir} -lssl" >> libssl.pc -+ @$(ECHO) "Cflags: -I$${includedir}" >> libssl.pc -+ -+openssl.pc: -+ @$(ECHO) "prefix=$(INSTALLTOP)" > openssl.pc -+ @$(ECHO) "exec_prefix=$${prefix}" >> openssl.pc -+ @$(ECHO) "libdir=$${exec_prefix}/$(LIBDIR)" >> openssl.pc -+ @$(ECHO) "includedir=$${prefix}/include" >> openssl.pc -+ @$(ECHO) "" >> openssl.pc -+ @$(ECHO) "Name: OpenSSL" >> openssl.pc -+ @$(ECHO) "Description: Secure Sockets Layer and cryptography libraries and tools" >> openssl.pc -+ @$(ECHO) "Version: $(VERSION)" >> openssl.pc -+ @$(ECHO) "Requires: libssl libcrypto" >> openssl.pc - - configdata.pm: "$(SRCDIR)\Configure" {- join(" ", map { '"'.$_.'"' } @{$config{build_file_templates}}, @{$config{build_infos}}, @{$config{conf_files}}) -} - @$(ECHO) "Detected changed: $?" --- -2.27.0.windows.1 - diff --git a/recipes/openssl/0002-win-onecore-Build-with-APPCONTAINER-for-UWP-compat.patch b/recipes/openssl/0002-win-onecore-Build-with-APPCONTAINER-for-UWP-compat.patch deleted file mode 100644 index 481a9631..00000000 --- a/recipes/openssl/0002-win-onecore-Build-with-APPCONTAINER-for-UWP-compat.patch +++ /dev/null @@ -1,57 +0,0 @@ -From c17b1751f3758890a8a5837466e4ddc1e6f2f3f0 Mon Sep 17 00:00:00 2001 -From: Nirbheek Chauhan -Date: Wed, 8 Jul 2020 23:23:04 +0530 -Subject: [PATCH 2/2] win-onecore: Build with /APPCONTAINER for UWP compat - -When targeting the win-onecore configuration, we must link with -/APPCONTAINER which is a requirement for submitting apps to the -Windows Store. - -Without this, the Windows App Certificate Kit will reject the app: -https://docs.microsoft.com/en-us/cpp/build/reference/appcontainer-windows-store-app ---- - Configurations/50-win-onecore.conf | 9 +++++---- - 1 file changed, 5 insertions(+), 4 deletions(-) - -diff --git a/Configurations/50-win-onecore.conf b/Configurations/50-win-onecore.conf -index c595279..fb2d961 100644 ---- a/Configurations/50-win-onecore.conf -+++ b/Configurations/50-win-onecore.conf -@@ -16,13 +16,14 @@ my %targets = ( - # /NODEFAULTLIB:kernel32.lib is needed, because MSVCRT.LIB has - # hidden reference to kernel32.lib, but we don't actually want - # it in "onecore" build. -- lflags => add("/NODEFAULTLIB:kernel32.lib"), -+ # /APPCONTAINER is needed for Universal Windows Platform compat -+ lflags => add("/NODEFAULTLIB:kernel32.lib /APPCONTAINER"), - defines => add("OPENSSL_SYS_WIN_CORE"), - ex_libs => "onecore.lib", - }, - "VC-WIN64A-ONECORE" => { - inherit_from => [ "VC-WIN64A" ], -- lflags => add("/NODEFAULTLIB:kernel32.lib"), -+ lflags => add("/NODEFAULTLIB:kernel32.lib /APPCONTAINER"), - defines => add("OPENSSL_SYS_WIN_CORE"), - ex_libs => "onecore.lib", - }, -@@ -48,7 +49,7 @@ my %targets = ( - defines => add("_ARM_WINAPI_PARTITION_DESKTOP_SDK_AVAILABLE", - "OPENSSL_SYS_WIN_CORE"), - bn_ops => "BN_LLONG RC4_CHAR EXPORT_VAR_AS_FN", -- lflags => add("/NODEFAULTLIB:kernel32.lib"), -+ lflags => add("/NODEFAULTLIB:kernel32.lib /APPCONTAINER"), - ex_libs => "onecore.lib", - multilib => "-arm", - }, -@@ -57,7 +58,7 @@ my %targets = ( - defines => add("_ARM_WINAPI_PARTITION_DESKTOP_SDK_AVAILABLE", - "OPENSSL_SYS_WIN_CORE"), - bn_ops => "SIXTY_FOUR_BIT RC4_CHAR EXPORT_VAR_AS_FN", -- lflags => add("/NODEFAULTLIB:kernel32.lib"), -+ lflags => add("/NODEFAULTLIB:kernel32.lib /APPCONTAINER"), - ex_libs => "onecore.lib", - multilib => "-arm64", - }, --- -2.26.2 - diff --git a/recipes/openssl/0002-windows-makefile.tmpl-Fix-ONECORE-build.patch b/recipes/openssl/0002-windows-makefile.tmpl-Fix-ONECORE-build.patch deleted file mode 100644 index 8a254fc5..00000000 --- a/recipes/openssl/0002-windows-makefile.tmpl-Fix-ONECORE-build.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 5c5959292e59650051418a7db487ac07ef701700 Mon Sep 17 00:00:00 2001 -From: Nirbheek Chauhan -Date: Tue, 9 Jun 2020 18:21:10 +0530 -Subject: [PATCH 2/3] windows-makefile.tmpl: Fix ONECORE build - -setargv.obj is not buildable: - -``` - link /nologo /debug /subsystem:console /opt:ref /NODEFAULTLIB:kernel32.lib /nologo /debug /out:apps\openssl.exe @C:/Users/nirbheek/AppData/Local/Temp\nm76E2.tmp -LINK : fatal error LNK1181: cannot open input file 'setargv.obj' -NMAKE : fatal error U1077: '"c:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.25.28610\bin\HostX64\x64\link.EXE"' : return code '0x49d' -Stop. -NMAKE : fatal error U1077: '"c:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.25.28610\bin\HostX64\x64\nmake.exe"' : return code '0x2' -Stop. -``` ---- - Configurations/windows-makefile.tmpl | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl -index ca05fa4..e573f58 100644 ---- a/Configurations/windows-makefile.tmpl -+++ b/Configurations/windows-makefile.tmpl -@@ -752,7 +752,6 @@ $bin$exeext: $deps - IF EXIST $bin$exeext.manifest DEL /F /Q $bin$exeext.manifest - \$(LD) \$(LDFLAGS) \$(BIN_LDFLAGS) \$(LDOUTFLAG)$bin$exeext @<< - $objs --setargv.obj - $linklibs\$(BIN_EX_LIBS) - << - IF EXIST $bin$exeext.manifest \\ --- -2.27.0.windows.1 - diff --git a/recipes/openssl/0002-windows-makefile.tmpl-Generate-and-install-pkgconfig.patch b/recipes/openssl/0002-windows-makefile.tmpl-Generate-and-install-pkgconfig.patch new file mode 100644 index 00000000..be460764 --- /dev/null +++ b/recipes/openssl/0002-windows-makefile.tmpl-Generate-and-install-pkgconfig.patch @@ -0,0 +1,96 @@ +From 94d7dc4d928b6dbd7e4a34021d0fff8ddfc73f65 Mon Sep 17 00:00:00 2001 +From: Nirbheek Chauhan +Date: Tue, 9 Jun 2020 15:14:32 +0530 +Subject: [PATCH 2/2] windows-makefile.tmpl: Generate and install pkgconfig + files + +Copied from unix-makefile.tmpl +--- + Configurations/windows-makefile.tmpl | 50 +++++++++++++++++++++++++++- + 1 file changed, 49 insertions(+), 1 deletion(-) + +diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl +index 894834cfb7..51ad2e9b5b 100644 +--- a/Configurations/windows-makefile.tmpl ++++ b/Configurations/windows-makefile.tmpl +@@ -424,7 +424,7 @@ build_html_docs: $(HTMLDOCS1) $(HTMLDOCS3) $(HTMLDOCS5) $(HTMLDOCS7) + @ + build_generated: $(GENERATED_MANDATORY) + @ +-build_libs_nodep: $(LIBS) {- join(" ",map { platform->sharedlib_import($_) // () } @{$unified_info{libraries}}) -} ++build_libs_nodep: libcrypto.pc libssl.pc openssl.pc $(LIBS) {- join(" ",map { platform->sharedlib_import($_) // () } @{$unified_info{libraries}}) -} + @ + build_modules_nodep: $(MODULES) + @ +@@ -484,6 +484,7 @@ clean: libclean + -del /Q /S /F engines\*.lib engines\*.exp + -del /Q /S /F apps\*.lib apps\*.rc apps\*.res apps\*.exp + -del /Q /S /F test\*.exp ++ -del /Q /S /F openssl.pc libcrypto.pc libssl.pc + -rd /Q /S test\test-runs + + distclean: clean +@@ -566,6 +567,14 @@ install_dev: install_runtime_libs + @"$(PERL)" "$(SRCDIR)\util\copy.pl" $(INSTALL_LIBS) "$(libdir)" + @if "$(SHLIBS)"=="" \ + "$(PERL)" "$(SRCDIR)\util\copy.pl" ossl_static.pdb "$(libdir)" ++ @ : {- output_on() if $disabled{shared}; "" -} ++ @$(PERL) $(SRCDIR)\util\mkdir-p.pl "$(DESTDIR)$(libdir)\pkgconfig" ++ @$(ECHO) "install libcrypto.pc -> $(DESTDIR)$(libdir)\pkgconfig\libcrypto.pc" ++ @"$(PERL)" "$(SRCDIR)\util\copy.pl" libcrypto.pc "$(DESTDIR)$(libdir)\pkgconfig" ++ @$(ECHO) "install libssl.pc -> $(DESTDIR)$(libdir)\pkgconfig\libssl.pc" ++ @"$(PERL)" "$(SRCDIR)\util\copy.pl" libssl.pc "$(DESTDIR)$(libdir)\pkgconfig" ++ @$(ECHO) "install openssl.pc -> $(DESTDIR)$(libdir)\pkgconfig\openssl.pc" ++ @"$(PERL)" "$(SRCDIR)\util\copy.pl" openssl.pc "$(DESTDIR)$(libdir)\pkgconfig" + @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(CMAKECONFIGDIR)" + @"$(PERL)" "$(SRCDIR)\util\copy.pl" $(INSTALL_EXPORTERS_CMAKE) "$(CMAKECONFIGDIR)" + +@@ -660,6 +669,45 @@ $(BLDDIR)\apps\openssl.cnf: makefile + @if NOT "$(SRCDIR)"=="$(BLDDIR)" copy "$(SRCDIR)\apps\$(@F)" "$(BLDDIR)\apps" + + # Building targets ################################################### ++# ++libcrypto.pc libssl.pc openssl.pc: configdata.pm ++libcrypto.pc: ++ @$(ECHO) "prefix=$(INSTALLTOP)" > libcrypto.pc ++ @$(ECHO) "exec_prefix=$${prefix}" >> libcrypto.pc ++ @$(ECHO) "libdir=$${exec_prefix}/$(LIBDIR)" >> libcrypto.pc ++ @$(ECHO) "includedir=$${prefix}/include" >> libcrypto.pc ++ @$(ECHO) "enginesdir=$${libdir}/engines-{- $sover_dirname -}" >> libcrypto.pc ++ @$(ECHO) "" >> libcrypto.pc ++ @$(ECHO) "Name: OpenSSL-libcrypto" >> libcrypto.pc ++ @$(ECHO) "Description: OpenSSL cryptography library" >> libcrypto.pc ++ @$(ECHO) "Version: $(VERSION)" >> libcrypto.pc ++ @$(ECHO) "Libs: -L$${libdir} -lcrypto" >> libcrypto.pc ++ @$(ECHO) "Libs.private: $(LIB_EX_LIBS)" >> libcrypto.pc ++ @$(ECHO) "Cflags: -I$${includedir}" >> libcrypto.pc ++ ++libssl.pc: ++ @$(ECHO) "prefix=$(INSTALLTOP)" > libssl.pc ++ @$(ECHO) "exec_prefix=$${prefix}" >> libssl.pc ++ @$(ECHO) "libdir=$${exec_prefix}/$(LIBDIR)" >> libssl.pc ++ @$(ECHO) "includedir=$${prefix}/include" >> libssl.pc ++ @$(ECHO) "" >> libssl.pc ++ @$(ECHO) "Name: OpenSSL-libssl" >> libssl.pc ++ @$(ECHO) "Description: Secure Sockets Layer and cryptography libraries" >> libssl.pc ++ @$(ECHO) "Version: $(VERSION)" >> libssl.pc ++ @$(ECHO) "Requires.private: libcrypto" >> libssl.pc ++ @$(ECHO) "Libs: -L$${libdir} -lssl" >> libssl.pc ++ @$(ECHO) "Cflags: -I$${includedir}" >> libssl.pc ++ ++openssl.pc: ++ @$(ECHO) "prefix=$(INSTALLTOP)" > openssl.pc ++ @$(ECHO) "exec_prefix=$${prefix}" >> openssl.pc ++ @$(ECHO) "libdir=$${exec_prefix}/$(LIBDIR)" >> openssl.pc ++ @$(ECHO) "includedir=$${prefix}/include" >> openssl.pc ++ @$(ECHO) "" >> openssl.pc ++ @$(ECHO) "Name: OpenSSL" >> openssl.pc ++ @$(ECHO) "Description: Secure Sockets Layer and cryptography libraries and tools" >> openssl.pc ++ @$(ECHO) "Version: $(VERSION)" >> openssl.pc ++ @$(ECHO) "Requires: libssl libcrypto" >> openssl.pc + + makefile: configdata.pm {- join(" ", map { '"'.$_.'"' } @{$config{build_file_templates}}) -} + @$(ECHO) "Detected changed: $?" +-- +2.46.0 + diff --git a/recipes/openssl/0003-util-Disable-quicserver-with-no-tests.patch b/recipes/openssl/0003-util-Disable-quicserver-with-no-tests.patch new file mode 100644 index 00000000..0d917b8c --- /dev/null +++ b/recipes/openssl/0003-util-Disable-quicserver-with-no-tests.patch @@ -0,0 +1,25 @@ +From e6164509e6facfce5d7fad37d9454d1d0be6b127 Mon Sep 17 00:00:00 2001 +From: "L. E. Segovia" +Date: Tue, 22 Oct 2024 22:02:14 +0000 +Subject: [PATCH 3/3] util: Disable quicserver with no-tests + +--- + util/build.info | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/util/build.info b/util/build.info +index e4aab44..22d41bf 100644 +--- a/util/build.info ++++ b/util/build.info +@@ -6,7 +6,7 @@ SCRIPTS{noinst}=wrap.pl + SOURCE[wrap.pl]=wrap.pl.in + DEPEND[wrap.pl]=../configdata.pm + +-IF[{- !$disabled{quic} && !$disabled{stdio} && !$disabled{apps} -}] ++IF[{- !$disabled{quic} && !$disabled{stdio} && !$disabled{apps} && !$disabled{tests} -}] + PROGRAMS{noinst}=quicserver + SOURCE[quicserver]=quicserver.c + INCLUDE[quicserver]=../include ../apps/include +-- +2.46.0 + diff --git a/recipes/openssl/0004-Fix-build-with-NASM-on-Windows.patch b/recipes/openssl/0004-Fix-build-with-NASM-on-Windows.patch new file mode 100644 index 00000000..923535e6 --- /dev/null +++ b/recipes/openssl/0004-Fix-build-with-NASM-on-Windows.patch @@ -0,0 +1,79 @@ +From 4215bbcc7ab4d7c36735ef6fb336d204a2b4a221 Mon Sep 17 00:00:00 2001 +From: "L. E. Segovia" +Date: Tue, 22 Oct 2024 23:34:03 -0300 +Subject: [PATCH 4/4] Fix build with NASM on Windows + +Windows does not allow section alignment higher than 64 bytes. + +This commit partially reverts https://github.com/openssl/openssl/commit/25391acc140e215774242bf3b0a51d59754a23f4 . +--- + crypto/ec/asm/ecp_nistz256-x86_64.pl | 4 ++-- + crypto/sha/asm/keccak1600-x86_64.pl | 2 +- + crypto/sha/asm/sha1-mb-x86_64.pl | 2 +- + crypto/sha/asm/sha256-mb-x86_64.pl | 2 +- + 4 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/crypto/ec/asm/ecp_nistz256-x86_64.pl b/crypto/ec/asm/ecp_nistz256-x86_64.pl +index 4da9a14..e485eaa 100644 +--- a/crypto/ec/asm/ecp_nistz256-x86_64.pl ++++ b/crypto/ec/asm/ecp_nistz256-x86_64.pl +@@ -85,7 +85,7 @@ $code.=<<___; + .extern OPENSSL_ia32cap_P + + # The polynomial +-.section .rodata align=4096 ++.section .rodata align=64 + .align 64 + .Lpoly: + .quad 0xffffffffffffffff, 0x00000000ffffffff, 0x0000000000000000, 0xffffffff00000001 +@@ -4725,7 +4725,7 @@ close TABLE; + die "insane number of elements" if ($#arr != 64*16*37-1); + + print <<___; +-.section .rodata align=4096 ++.section .rodata align=64 + .globl ecp_nistz256_precomputed + .type ecp_nistz256_precomputed,\@object + .align 4096 +diff --git a/crypto/sha/asm/keccak1600-x86_64.pl b/crypto/sha/asm/keccak1600-x86_64.pl +index 3dbf177..09f75b4 100644 +--- a/crypto/sha/asm/keccak1600-x86_64.pl ++++ b/crypto/sha/asm/keccak1600-x86_64.pl +@@ -567,7 +567,7 @@ SHA3_squeeze: + ___ + } + $code.=<<___; +-.section .rodata align=256 ++.section .rodata align=64 + .align 256 + .quad 0,0,0,0,0,0,0,0 + .type iotas,\@object +diff --git a/crypto/sha/asm/sha1-mb-x86_64.pl b/crypto/sha/asm/sha1-mb-x86_64.pl +index d9d1630..593711c 100644 +--- a/crypto/sha/asm/sha1-mb-x86_64.pl ++++ b/crypto/sha/asm/sha1-mb-x86_64.pl +@@ -1374,7 +1374,7 @@ $code.=<<___; + ___ + } }}} + $code.=<<___; +-.section .rodata align=256 ++.section .rodata align=64 + .align 256 + .long 0x5a827999,0x5a827999,0x5a827999,0x5a827999 # K_00_19 + .long 0x5a827999,0x5a827999,0x5a827999,0x5a827999 # K_00_19 +diff --git a/crypto/sha/asm/sha256-mb-x86_64.pl b/crypto/sha/asm/sha256-mb-x86_64.pl +index 9398b79..60128fd 100644 +--- a/crypto/sha/asm/sha256-mb-x86_64.pl ++++ b/crypto/sha/asm/sha256-mb-x86_64.pl +@@ -1340,7 +1340,7 @@ $code.=<<___; + ___ + } }}} + $code.=<<___; +-.section .rodata align=256 ++.section .rodata align=64 + .align 256 + K256: + ___ +-- +2.44.0.windows.1 + -- cgit v1.2.3