Skip to content

Commit

Permalink
openssl: update to 3.4.0
Browse files Browse the repository at this point in the history 
https://github.com/openssl/openssl/blob/openssl-3.4.0/NEWS.md
  • Loading branch information
@benoit-pierre
benoit-pierre committed Dec 16, 2024
1 parent db23c1e commit 1ac8170
Show file tree
Hide file tree
Showing 4 changed files with 38 additions and 53 deletions.
40 changes: 23 additions & 17 deletions thirdparty/openssl/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
list(APPEND PATCH_FILES
openssl-1.1.0j-parallel_install_fix.patch
reduce_build_verbosity.patch
macos_rpath.patch
)
Expand Down Expand Up @@ -27,7 +26,23 @@ if(CHOST)
list(APPEND CFG_ENV_VAR CROSS_COMPILE=${CHOST}-)
endif()

set(CFG_OPTS shared)
if(MONOLIBTIC)
set(CFG_OPTS no-shared)
else()
set(CFG_OPTS shared)
endif()

list(APPEND CFG_OPTS
no-comp
no-default-thread-pool
no-hw
no-legacy
no-quic
no-thread-pool
no-ui-console
no-uplink
no-whirlpool

This comment has been minimized.

Sign in to view

Copy link
@Frenzie

Frenzie Dec 16, 2024

Member

I think this is redundant with no-legacy now (which is indeed a smarter choice).

This comment has been minimized.

Sign in to view

Copy link
@benoit-pierre

benoit-pierre Dec 16, 2024

Author Contributor

Using no-legacy does not enable no-whirlpool.

This comment has been minimized.

Sign in to view

Copy link
@Frenzie

Frenzie Dec 16, 2024

Member

I see, no-legacy is about the provider only but not about the algorithms. From the name I incorrectly assumed it covered all of these:

  • Moved all variations of the EVP ciphers CAST5, BF, IDEA, SEED, RC2,
    RC4, RC5, and DES to the legacy provider.
  • Moved the EVP digests MD2, MD4, MDC2, WHIRLPOOL and RIPEMD-160 to the legacy
    provider.

But presumably that does provide a (incomplete?) list of various others to disable.
)

if(ANDROID)
assert_var_defined(ENV{NDKABI})
Expand Down Expand Up @@ -79,12 +94,9 @@ list(APPEND CFG_CMD COMMAND
env ${CFG_ENV_VAR}
${CONFIGURE_CMD}
--prefix=${STAGING_DIR}
--libdir=lib
${CFG_OPTS}
)
if(ANDROID)
# Disable versioning of shared objects.
list(APPEND CFG_CMD COMMAND ${ISED} "s|^SHLIB_EXT=.*|SHLIB_EXT=${LIB_EXT}|" Makefile)
endif()

set(MAKE_CMD
make
Expand All @@ -102,20 +114,14 @@ list(APPEND BUILD_CMD COMMAND ${MAKE_CMD} build_libs)

list(APPEND INSTALL_CMD COMMAND ${MAKE_CMD} install_dev)

if(MONOLIBTIC)
list(APPEND INSTALL_CMD COMMAND sh -c "rm -v \"$1\"* \"$2\"*" --
${STAGING_DIR}/lib/libcrypto${LIB_EXT}
${STAGING_DIR}/lib/libssl${LIB_EXT}
)
else()
append_shared_lib_install_commands(INSTALL_CMD crypto VERSION 1.1)
append_shared_lib_install_commands(INSTALL_CMD ssl VERSION 1.1)
if(NOT MONOLIBTIC)
append_shared_lib_install_commands(INSTALL_CMD crypto VERSION 3)
append_shared_lib_install_commands(INSTALL_CMD ssl VERSION 3)
endif()

external_project(
DOWNLOAD URL 3f76825f195e52d4b10c70040681a275
https://github.com/openssl/openssl/releases/download/OpenSSL_1_1_1w/openssl-1.1.1w.tar.gz
https://www.openssl.org/source/old/1.1.1/openssl-1.1.1w.tar.gz
DOWNLOAD URL 34733f7be2d60ecd8bd9ddb796e182af
https://github.com/openssl/openssl/releases/download/openssl-3.4.0/openssl-3.4.0.tar.gz
PATCH_FILES ${PATCH_FILES}
CONFIGURE_COMMAND ${CFG_CMD}
BUILD_COMMAND ${BUILD_CMD}
Expand Down
26 changes: 13 additions & 13 deletions thirdparty/openssl/fix_libcrypto_pkg-config_entry.patch
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
--- a/Configurations/unix-Makefile.tmpl
+++ b/Configurations/unix-Makefile.tmpl
@@ -974,8 +974,8 @@
echo 'Name: OpenSSL-libcrypto'; \
echo 'Description: OpenSSL cryptography library'; \
echo 'Version: '$(VERSION); \
- echo 'Libs: -L$${libdir} -lcrypto'; \
- echo 'Libs.private: $(LIB_EX_LIBS)'; \
+ echo 'Libs: -L$${libdir} -lcrypto $(LIB_EX_LIBS)'; \
+ echo 'Libs.private:'; \
echo 'Cflags: -I$${includedir}' ) > libcrypto.pc

libssl.pc:
--- i/exporters/pkg-config/libcrypto.pc.in
+++ w/exporters/pkg-config/libcrypto.pc.in
@@ -17,8 +17,8 @@
Name: OpenSSL-libcrypto
Description: OpenSSL cryptography library
Version: {- $OpenSSL::safe::installdata::VERSION -}
-Libs: -L${libdir} -lcrypto
-Libs.private: {- join(' ', @OpenSSL::safe::installdata::LDLIBS) -}
+Libs: -L${libdir} -lcrypto {- join(' ', @OpenSSL::safe::installdata::LDLIBS) -}
+Libs.private:
Cflags:{- $OUT = ' -I${includedir}';
if (scalar @OpenSSL::safe::installdata::INCLUDEDIR_REL_PREFIX > 1) {
$OUT = '';
4 changes: 2 additions & 2 deletions thirdparty/openssl/macos_rpath.patch
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
--- i/Configurations/shared-info.pl
+++ w/Configurations/shared-info.pl
@@ -44,7 +44,7 @@ my %shared_info;
@@ -49,7 +49,7 @@
'darwin-shared' => {
module_ldflags => '-bundle',
shared_ldflag => '-dynamiclib -current_version $(SHLIB_VERSION_NUMBER) -compatibility_version $(SHLIB_VERSION_NUMBER)',
- shared_sonameflag => '-install_name $(INSTALLTOP)/$(LIBDIR)/',
- shared_sonameflag => '-install_name $(libdir)/',
+ shared_sonameflag => '-install_name @rpath/',
},
'cygwin-shared' => {
Expand Down
21 changes: 0 additions & 21 deletions thirdparty/openssl/openssl-1.1.0j-parallel_install_fix.patch
View file

This file was deleted.

0 comments on commit 1ac8170

Please sign in to comment.