openssl: update to 3.0.7

msys2 · Jan 14, 2023 · 2f97826 · larskanis · Jan 16, 2023 · MehdiChinoune
1 parent 4f73e5b
commit 2f97826
Show file tree

Hide file tree

Showing 4 changed files with 70 additions and 138 deletions.
diff --git a/mingw-w64-openssl/001-support-aarch64.patch b/mingw-w64-openssl/001-support-aarch64.patch
@@ -0,0 +1,21 @@
+--- a/Configurations/10-main.conf
++++ b/Configurations/10-main.conf
+@@ -1603,6 +1603,18 @@
+         multilib         => "64",
+     },
+
++    "mingwarm64" => {
++        inherit_from     => [ "mingw-common" ],
++        cflags           => "",
++        sys_id           => "MINGWARM64",
++        bn_ops           => add("SIXTY_FOUR_BIT"),
++        asm_arch         => 'aarch64',
++        uplink_arch      => undef,
++        perlasm_scheme   => "coff",
++        shared_rcflag    => "",
++        multilib         => "",
++    },
++
+ #### UEFI
+     "UEFI" => {
+         inherit_from     => [ "BASE_unix" ],
diff --git a/...64-openssl/openssl-1.1.1-relocation.patch → mingw-w64-openssl/002-relocation.patch b/...64-openssl/openssl-1.1.1-relocation.patch → mingw-w64-openssl/002-relocation.patch
@@ -1,29 +1,25 @@
-diff --git a/crypto/build.info b/crypto/build.info
-index 2c619c62e8..5bde7d02e3 100644
 --- a/crypto/build.info
 +++ b/crypto/build.info
-@@ -1,7 +1,7 @@
- LIBS=../libcrypto
- SOURCE[../libcrypto]=\
-         cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
--        ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \
-+        ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c pathtools.c ctype.c \
-         threads_pthread.c threads_win.c threads_none.c getenv.c \
-         o_init.c o_fips.c mem_sec.c init.c {- $target{cpuid_asm_src} -} \
-         {- $target{uplink_aux_src} -}
-diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c
-index e2e91d297b..a5ab9d3402 100644
+@@ -101,7 +101,7 @@
+         mem.c mem_sec.c \
+         cversion.c info.c cpt_err.c ebcdic.c uid.c o_time.c o_dir.c \
+         o_fopen.c getenv.c o_init.c init.c trace.c provider.c provider_child.c \
+-        punycode.c passphrase.c
++        punycode.c passphrase.c pathtools.c
+ SOURCE[../providers/libfips.a]=$UTIL_COMMON
+
+ SOURCE[../libcrypto]=$UPLINKSRC
 --- a/crypto/engine/eng_list.c
 +++ b/crypto/engine/eng_list.c
-@@ -9,6 +9,7 @@
-  */
+@@ -12,6 +12,7 @@
+ #define OPENSSL_SUPPRESS_DEPRECATED
 
  #include "eng_local.h"
 +#include "pathtools.h"
 
  /*
   * The linked-list of pointers to engine types. engine_list_head incorporates
-@@ -36,6 +37,21 @@ static ENGINE *engine_dyn_list_tail = NULL;
+@@ -39,6 +40,21 @@ static ENGINE *engine_dyn_list_tail = NULL;
   * cleanup.
   */
 
@@ -45,7 +41,7 @@ index e2e91d297b..a5ab9d3402 100644
  static void engine_list_cleanup(void)
  {
      ENGINE *iterator = engine_list_head;
-@@ -404,8 +420,13 @@ ENGINE *ENGINE_by_id(const char *id)
+@@ -413,8 +429,13 @@ ENGINE *ENGINE_by_id(const char *id)
       * Prevent infinite recursion if we're looking for the dynamic engine.
       */
      if (strcmp(id, "dynamic")) {
@@ -61,8 +57,6 @@ index e2e91d297b..a5ab9d3402 100644
          iterator = ENGINE_by_id("dynamic");
          if (!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) ||
              !ENGINE_ctrl_cmd_string(iterator, "DIR_LOAD", "2", 0) ||
-diff --git a/crypto/x509/x509_def.c b/crypto/x509/x509_def.c
-index bfa8d7d852..023bb623e4 100644
 --- a/crypto/x509/x509_def.c
 +++ b/crypto/x509/x509_def.c
 @@ -9,27 +9,59 @@

diff --git a/mingw-w64-openssl/PKGBUILD b/mingw-w64-openssl/PKGBUILD
@@ -3,32 +3,29 @@
 _realname=openssl
 pkgbase=mingw-w64-${_realname}
 pkgname=("${MINGW_PACKAGE_PREFIX}-${_realname}")
-_ver=1.1.1s
-# use a pacman compatible version scheme
-pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
+pkgver=3.0.7
 pkgrel=1
+pkgdesc="The Open Source toolkit for Secure Sockets Layer and Transport Layer Security (mingw-w64)"
 arch=('any')
 mingw_arch=('mingw32' 'mingw64' 'ucrt64' 'clang64' 'clang32' 'clangarm64')
-pkgdesc="The Open Source toolkit for Secure Sockets Layer and Transport Layer Security (mingw-w64)"
-depends=("${MINGW_PACKAGE_PREFIX}-ca-certificates"
-         "${MINGW_PACKAGE_PREFIX}-gcc-libs"
-         "${MINGW_PACKAGE_PREFIX}-zlib")
-makedepends=("${MINGW_PACKAGE_PREFIX}-autotools"
-             "${MINGW_PACKAGE_PREFIX}-cc")
-options=('strip' '!buildflags' 'staticlibs')
-license=('custom:BSD')
-url="https://www.openssl.org"
-source=(https://www.openssl.org/source/${_realname}-${_ver}.tar.gz{,.asc}
+url='https://www.openssl.org/'
+license=("spdx:Apache-2.0")
+optdepends=("${MINGW_PACKAGE_PREFIX}-ca-certificates")
+makedepends=("${MINGW_PACKAGE_PREFIX}-cc"
+             "${MINGW_PACKAGE_PREFIX}-autotools")
+options=('!buildflags')
+source=("https://www.openssl.org/source/openssl-${pkgver}.tar.gz"{,.asc}
+        '001-support-aarch64.patch'
+        '002-relocation.patch'
         'pathtools.c'
-        'pathtools.h'
-        'openssl-1.1.1-relocation.patch'
-        'openssl-1.1.1-mingw-arm.patch')
-sha256sums=('c5ac01e760ee6ff0dab61d6b2bbd30146724d063eb322180c6f18a6f74e4b6aa'
+        'pathtools.h')
+sha256sums=('83049d042a260e696f62406ac5c08bf706fd84383f945cf21bd61e9ed95c396e'
             'SKIP'
+            'd612e8005d2a311595004059244cfe2ff2c5d30ea80cca2a092963057f421b4c'
+            '5bb4c03af10f5faed8680d6089a6347659b31719057d41bc07a8e7e300437dd5'
             '703cd0cb74e714f9e66d26de11c109dd76fab07e723af8dde56a35ea65102e5f'
-            '4f9d325265ef6f4e90ad637dea41afa6995388c921fe961ad5dc895aca10318b'
-            'cc8941f93678a53bcef89c9feda5bd16588f69290891b1ea59a654743dc04ea1'
-            'd41fad88631e7b8d2a56662f2166ea97ecbc6369f2ad3eac415182bc9ac9f308')
+            '4f9d325265ef6f4e90ad637dea41afa6995388c921fe961ad5dc895aca10318b')
+
 # https://www.openssl.org/community/otc.html
 validpgpkeys=(
   '8657ABB260F056B1E5190839D9C4D26D0E604491' # Matt Caswell <matt@openssl.org>
@@ -48,31 +45,27 @@ apply_patch_with_msg() {
 # =========================================== #
 
 prepare() {
+  cd ${srcdir}/${_realname}-${pkgver}
+
+  apply_patch_with_msg \
+     001-support-aarch64.patch \
+     002-relocation.patch
+
   test ! -d "${startdir}/../mingw-w64-pathtools" || {
     cmp "${startdir}/../mingw-w64-pathtools/pathtools.c" "${srcdir}/pathtools.c" &&
     cmp "${startdir}/../mingw-w64-pathtools/pathtools.h" "${srcdir}/pathtools.h"
   } || exit 1
 
-  cd ${srcdir}/${_realname}-${_ver}
   cp -fHv "${srcdir}"/pathtools.c crypto/
   cp -fHv "${srcdir}"/pathtools.h ./
-
-  apply_patch_with_msg \
-     openssl-1.1.1-relocation.patch \
-     openssl-1.1.1-mingw-arm.patch
 }
 
 build() {
-  rm -rf ${srcdir}/build-${MSYSTEM}
-
-  # No support for out-of-source builds
-  mkdir -p ${srcdir}/build-${MSYSTEM}
-#  cp -a ${srcdir}/${_realname}-${_ver}/* ${srcdir}/build-${MSYSTEM}
+  mkdir -p "${srcdir}/build-${MSYSTEM}" && cd "${srcdir}/build-${MSYSTEM}"
 
   # Use mingw cflags instead of hardcoded ones
   sed -i -e '/^"mingw"/ s/-fomit-frame-pointer -O3 -Wall/-O2 -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions --param=ssp-buffer-size=4/' \
-     ${srcdir}/${_realname}-${_ver}/Configure
-#     ${srcdir}/build-${MSYSTEM}/Configure
+    ${srcdir}/${_realname}-${pkgver}/Configurations/10-main.conf
 
   case "${CARCH}" in
     i?86)
@@ -81,22 +74,16 @@ build() {
     x86_64)
       _mingw=mingw64
       ;;
-    armv7)
-      _mingw="mingwarm32 no-asm"
-      ;;
     aarch64)
       _mingw="mingwarm64 no-asm"
       ;;
   esac
 
-  export CC=${MINGW_PREFIX}/bin/cc.exe
-  export CXX=${MINGW_PREFIX}/bin/c++.exe
-
-  cd "${srcdir}/build-${MSYSTEM}"
-  export MSYS2_ARG_CONV_EXCL="--prefix="
-  ${srcdir}/${_realname}-${_ver}/Configure \
-    --prefix=${MINGW_PREFIX} \
-    --openssldir=ssl \
+  MSYS2_ARG_CONV_EXCL="--prefix=" \
+  ../"${_realname}-${pkgver}"/Configure \
+    --prefix="${MINGW_PREFIX}" \
+    --libdir=lib \
+    --openssldir=etc/ssl \
     ${_mingw} \
     shared \
     zlib-dynamic \
@@ -106,34 +93,21 @@ build() {
     enable-mdc2 \
     enable-rc5  \
     enable-rfc3779 \
-    -D__MINGW_USE_VC2005_COMPAT \
     -DOPENSSLBIN=\"\\\"${MINGW_PREFIX}/bin\\\"\"
 
-  make ZLIB_INCLUDE=-I"${MINGW_PREFIX}"/include depend all
+  make
 }
 
 check() {
   cd "${srcdir}/build-${MSYSTEM}"
+
   make VERBOSE=1 test
 }
 
 package() {
   cd "${srcdir}/build-${MSYSTEM}"
-  mkdir -p "${pkgdir}${MINGW_PREFIX}"/bin
-  mkdir -p "${pkgdir}${MINGW_PREFIX}"/include/openssl
-  mkdir -p "${pkgdir}${MINGW_PREFIX}"/lib/engines-1_1
-  mkdir -p "${pkgdir}${MINGW_PREFIX}"/lib/pkgconfig
-  mkdir -p "${pkgdir}${MINGW_PREFIX}"/share/licenses/${_realname}
-
-  make -j1 DESTDIR="${pkgdir}" MANDIR="${MINGW_PREFIX}/share/man" MANSUFFIX=ssl install
-  install -D -m644 "${srcdir}/${_realname}-${_ver}/LICENSE" \
-         "${pkgdir}${MINGW_PREFIX}"/share/licenses/${_realname}/LICENSE
-
-  chmod -R 777 "${pkgdir}${MINGW_PREFIX}"/bin
-  chmod -R 777 "${pkgdir}${MINGW_PREFIX}"/lib
-  chmod -R 777 "${pkgdir}${MINGW_PREFIX}"/lib/engines-1_1
-
-  install -m644 "${srcdir}/${_realname}-${_ver}/ms/applink.c" "${pkgdir}${MINGW_PREFIX}"/include/openssl/
-  rm -rf "${pkgdir}${MINGW_PREFIX}"/bin/c_rehash
-  rm -rf "${pkgdir}${MINGW_PREFIX}"/{ssl/misc,ssl/man}
+
+  make install DESTDIR="${pkgdir}"
+
+  install -Dm644 "${srcdir}/${_realname}-${pkgver}/LICENSE.txt" "${pkgdir}${MINGW_PREFIX}/share/licenses/${_realname}/LICENSE"
 }
diff --git a/mingw-w64-openssl/openssl-1.1.1-mingw-arm.patch b/mingw-w64-openssl/openssl-1.1.1-mingw-arm.patch