diff --git a/recipes/libs/openssl.yaml b/recipes/libs/openssl.yaml index e7bd28fe..d8b221e6 100644 --- a/recipes/libs/openssl.yaml +++ b/recipes/libs/openssl.yaml @@ -2,7 +2,7 @@ inherit: [cpackage, make, install, patch] metaEnvironment: PKG_LICENSE: "Apache-2.0" - PKG_VERSION: "3.5.4" + PKG_VERSION: "3.5.5" depends: - libs::zlib-dev @@ -10,7 +10,7 @@ depends: depends: - libs::zlib-tgt - - if: "${OPENSSL_zstd:-False}" + - if: "${OPENSSL_enable_zstd}" depends: - libs::zstd-dev - use: [] @@ -20,7 +20,7 @@ depends: checkoutSCM: scm: url url: https://www.openssl.org/source/openssl-${PKG_VERSION}.tar.gz - digestSHA256: 967311f84955316969bdb1d8d4b983718ef42338639c621ec4c34fddef355e99 + digestSHA256: b28c91532a8b65a1f983b4c28b7488174e4a01008e29ce8e69bd789f28bc2a89 stripComponents: 1 checkoutDeterministic: True @@ -38,16 +38,6 @@ Config: type: bool default: False help: Build with Kernel TLS support. - OPENSSL_enable_asan: - type: bool - default: False - help: Build with the Address sanitiser. - OPENSSL_enable_acvp_tests: - type: bool - default: False - help: <- - Build support for Automated Cryptographic Validation Protocol (ACVP) - tests. OPENSSL_no_apps: type: bool default: False @@ -84,12 +74,6 @@ Config: type: bool default: False help: Don't automatically load the default `openssl.cnf` file. - OPENSSL_enable_buildtest_cpp: - type: bool - default: False - help: <- - While testing, generate C++ buildtest files that simply check that the public - OpenSSL header files are usable standalone with C++. OPENSSL_no_capieng: type: bool default: False @@ -123,10 +107,6 @@ Config: type: bool default: False help: Don't build support for datagram based BIOs. - OPENSSL_no_docs: - type: bool - default: False - help: Don't build and install documentation, i.e. manual pages in various forms. OPENSSL_no_dso: type: bool default: False @@ -300,10 +280,6 @@ Config: type: bool default: False help: Don't build the statically linked engines. - OPENSSL_no_tests: - type: bool - default: False - help: Don't build test programs or run any tests. OPENSSL_enable_tfo: type: bool default: False @@ -318,10 +294,6 @@ Config: type: bool default: False help: Don't build with support for multi_threaded applications. - OPENSSL_threads: - type: bool - default: False - help: Build with support for multi_threaded applications. OPENSSL_no_thread_pool: type: bool default: False @@ -338,10 +310,6 @@ Config: type: bool default: False help: Don't build with the User Interface (UI) console method - OPENSSL_enable_unit_test: - type: bool - default: False - help: Enable additional unit test APIs. OPENSSL_no_uplink: type: bool default: False @@ -350,7 +318,7 @@ Config: type: bool default: False help: Build support for SSL/TLS ciphers that are considered "weak" - OPENSSL_zstd: + OPENSSL_enable_zstd: type: bool default: False help: Build with support for Zstd compression/decompression. @@ -519,10 +487,10 @@ buildTools: [target-toolchain] buildToolsWeak: [perl] buildVars: [CC, AR, RANLIB, ARCH, AUTOCONF_HOST, OPENSSL_no_afalgeng, OPENSSL_enable_ktls, OPENSSL_enable_asan, - OPENSSL_enable_acvp_tests, OPENSSL_no_apps, OPENSSL_no_async, + OPENSSL_no_apps, OPENSSL_no_async, OPENSSL_no_atexit, OPENSSL_no_autoalginit, OPENSSL_no_autoerrinit, OPENSSL_enable_brotli, OPENSSL_enable_brotli_dynamic, - OPENSSL_no_autoload_config, OPENSSL_enable_buildtest_cpp, + OPENSSL_no_autoload_config, OPENSSL_no_capieng, OPENSSL_no_cmp, OPENSSL_no_cms, OPENSSL_no_comp, OPENSSL_no_ct, OPENSSL_no_deprecated, OPENSSL_no_dgram, OPENSSL_no_docs, OPENSSL_no_dso, OPENSSL_enable_devcryptoeng, OPENSSL_no_dynamic_engine, @@ -537,10 +505,10 @@ buildVars: [CC, AR, RANLIB, ARCH, AUTOCONF_HOST, OPENSSL_no_rdrand, OPENSSL_no_rfc3779, OPENSSL_sctp, OPENSSL_no_slh_dsa, OPENSSL_no_sm2_precomp, OPENSSL_no_sock, OPENSSL_no_srp, OPENSSL_no_srtp, OPENSSL_no_sse2, OPENSSL_no_ssl_trace, OPENSSL_no_static_engine, - OPENSSL_no_tests, OPENSSL_enable_tfo, OPENSSL_no_quic, OPENSSL_no_threads, - OPENSSL_threads, OPENSSL_no_thread_pool, OPENSSL_enable_trace, - OPENSSL_no_ts, OPENSSL_no_ui_console, OPENSSL_enable_unit_test, - OPENSSL_no_uplink, OPENSSL_enable_weak_ssl_ciphers, OPENSSL_no_ssl, + OPENSSL_enable_tfo, OPENSSL_no_quic, OPENSSL_no_threads, + OPENSSL_no_thread_pool, OPENSSL_enable_trace, + OPENSSL_no_ts, OPENSSL_no_ui_console, + OPENSSL_no_uplink, OPENSSL_enable_weak_ssl_ciphers, OPENSSL_enable_zstd, OPENSSL_no_ssl, OPENSSL_no_ssl3, OPENSSL_no_tls, OPENSSL_no_tls1, OPENSSL_no_tls1_1, OPENSSL_no_tls1_2, OPENSSL_no_tls1_3, OPENSSL_no_dtls, OPENSSL_no_dtls1, OPENSSL_no_dtls1_2, OPENSSL_no_integrity_only_ciphers, OPENSSL_enable_md2, @@ -552,19 +520,33 @@ buildVars: [CC, AR, RANLIB, ARCH, AUTOCONF_HOST, OPENSSL_no_scrypt, OPENSSL_no_seed, OPENSSL_no_siphash, OPENSSL_no_siv, OPENSSL_no_sm2, OPENSSL_no_sm3, OPENSSL_no_sm4, OPENSSL_no_whirlpool] buildSetup: | - collect_options () { - local prefix="$1" - local result="" + declare -A SPECIAL_OPTIONS=( + ["enable_ec_nistp_64_gcc_128"]="enable-ec_nistp_64_gcc_128" + ["no_tls1_1"]="no-tls1_1" + ["no_tls1_2"]="no-tls1_2" + ["no_tls1_3"]="no-tls1_3" + ["no_dtls1_2"]="no-dtls1_2" + ) + + collect_options() + { + declare -a result=() - while IFS='=' read -r name value; do - if [[ "$name" == ${prefix}* && "${value}" == "1" ]]; - then - result+="${name#${prefix}} " - fi - done < <(env) + for name in $(compgen -e "OPENSSL_$1") ; do + if [[ "${!name}" == "1" ]]; then + name="${name#OPENSSL_}" + if [[ ${SPECIAL_OPTIONS[$name]+set} ]] ; then + name="${SPECIAL_OPTIONS[$name]}" + else + name="${name//_/-}" + fi + result+=( "$name" ) + fi + done - echo "${result%" "}" + IFS=" " echo "${result[*]}" } + buildScript: | mkdir -p install build pushd build @@ -622,8 +604,9 @@ buildScript: | --libdir=lib \ "${SHARED_STATIC[@]}" \ "threads" \ - $(collect_options "OPENSSL_no") \ - $(collect_options "OPENSSL_enable") \ + no-tests no-docs \ + $(collect_options "no") \ + $(collect_options "enable") \ "-I${BOB_DEP_PATHS[libs::zlib-dev]}/usr/include" \ "-Wl,-L${BOB_DEP_PATHS[libs::zlib-dev]}/usr/lib" \ "-Wl,-rpath-link=${BOB_DEP_PATHS[libs::zlib-dev]}/usr/lib" \