Download raw body.
pkg-config lacking -L and -I dirs with openssl >= 3.3
• Kirill Miazine [2024-12-07 21:03]:
> CC Exim maintainer, who could probably comment on whether libressl would
> need some fixes.
>
> • Theo Buehler [2024-12-07 05:03]:
>>> I'm running one of the automated build nodes for the Exim MTA, which
>>> does builds of stock Exim on OpenBSD. LibreSSL requires some patching,
>>
>> Thanks for the report. Could you elaborate on the actual problem you run
>> into? Is this something we need to fix on the libressl side?
>
> Based on the patches the Exim port applies, I don't think there's
> anything which needs to be done on the LibreSSL side: they look minor.
to help catching LibreSSL issues, I added two additional OpenBSD build
systems, both with LibreSSL. the difference is DANE, which is breaking
the builds currently. the build without DANE goes well, even with Libre.
had a chat with Exim dev, he said he would look into adding some of
OpenBSD patches upstream.
> At one time one of the patches was applied upstream, but it broke some
> other system, and was reverted. I don't remember the details, though.
>
> Given that Exim is mostly being developed by one guy, only OpenSSL is
> officially supported. So I try to at least make sure that Exim builds
> fine with OpenSSL.
>
> Thanks for the pkg-config fixes.
>
>>> so I'm using OpenSSL there, with pkg-config to get CFLAGS and LDFLAGS.
>>> I had noticed that for OpenSSL 3.3 pkg-config (eopenssl33) does not
>>> provide -I or -L.
>>
>> OpenSSL fiddled with their pkgconfig generation between 3.2 and 3.3.
>> It used to be generated from their Makefile, now it is generated from
>> some .in files, which means we need to hook in there. I saw that when
>> I updated the port, but then forgot to deal with it.
>>
>> The below is a bit hackier than I would like it to be, but it generates
>> .pc files that differ only in the expected version number changes and
>> an immaterial trailing whitespace change.
>>
>> I need to ponder this some more (we still have way more hardcoded
>> eopenssl${V} than I wold like us to have), but I'll land some version
>> of this soon.
>>
>> sthen, any concerns if we backport something along these lines to -
>> stable?
>>
>> Index: Makefile
>> ===================================================================
>> RCS file: /cvs/ports/security/openssl/3.3/Makefile,v
>> diff -u -p -r1.7 Makefile
>> --- Makefile 3 Sep 2024 15:30:21 -0000 1.7
>> +++ Makefile 7 Dec 2024 03:41:25 -0000
>> @@ -8,6 +8,7 @@ V= 3.3.2
>> PKGNAME= openssl-${V}
>> PKGSPEC= openssl->=3.3v0,<3.4v0
>> EPOCH= 0
>> +REVISION= 0
>> SHLIBVER= 27.0
>> SHARED_LIBS= crypto ${SHLIBVER} \
>> Index: patches/patch-exporters_pkg-config_libcrypto_pc_in
>> ===================================================================
>> RCS file: patches/patch-exporters_pkg-config_libcrypto_pc_in
>> diff -N patches/patch-exporters_pkg-config_libcrypto_pc_in
>> --- /dev/null 1 Jan 1970 00:00:00 -0000
>> +++ patches/patch-exporters_pkg-config_libcrypto_pc_in 7 Dec 2024
>> 03:38:01 -0000
>> @@ -0,0 +1,12 @@
>> +Index: exporters/pkg-config/libcrypto.pc.in
>> +--- exporters/pkg-config/libcrypto.pc.in.orig
>> ++++ exporters/pkg-config/libcrypto.pc.in
>> +@@ -9,7 +9,7 @@ libdir={- if (defined $OpenSSL::safe::installdata::LIB
>> + $OpenSSL::safe::installdata::libdir[0];
>> + } -}
>> + includedir={- $OUT = '';
>> +- $OUT .= '${prefix}/' . $_ . ' '
>> ++ $OUT .= '${prefix}/' . $_ . '/' . 'eopenssl33' . ' '
>> + foreach
>> (@OpenSSL::safe::installdata::INCLUDEDIR_REL_PREFIX); -}
>> + enginesdir=${libdir}/{-
>> $OpenSSL::safe::installdata::ENGINESDIR_REL_LIBDIR[0] -}
>> + modulesdir=${libdir}/{-
>> $OpenSSL::safe::installdata::MODULESDIR_REL_LIBDIR[0] -}
>> Index: patches/patch-exporters_pkg-config_libssl_pc_in
>> ===================================================================
>> RCS file: patches/patch-exporters_pkg-config_libssl_pc_in
>> diff -N patches/patch-exporters_pkg-config_libssl_pc_in
>> --- /dev/null 1 Jan 1970 00:00:00 -0000
>> +++ patches/patch-exporters_pkg-config_libssl_pc_in 7 Dec 2024
>> 03:39:25 -0000
>> @@ -0,0 +1,19 @@
>> +Index: exporters/pkg-config/libssl.pc.in
>> +--- exporters/pkg-config/libssl.pc.in.orig
>> ++++ exporters/pkg-config/libssl.pc.in
>> +@@ -9,13 +9,13 @@ libdir={- if (defined $OpenSSL::safe::installdata::LIB
>> + $OpenSSL::safe::installdata::libdir[0];
>> + } -}
>> + includedir={- $OUT = '';
>> +- $OUT .= '${prefix}/' . $_ . ' '
>> ++ $OUT .= '${prefix}/' . $_ . '/' . 'eopenssl33' . ' '
>> + foreach
>> (@OpenSSL::safe::installdata::INCLUDEDIR_REL_PREFIX); -}
>> +
>> + Name: OpenSSL-libssl
>> + Description: Secure Sockets Layer and cryptography libraries
>> + Version: {- $OpenSSL::safe::installdata::VERSION -}
>> +-Requires.private: libcrypto
>> ++Requires.private: libecrypto33
>> + Libs: -L${libdir} -lssl
>> + Cflags:{- $OUT = ' -I${includedir}';
>> + if (scalar
>> @OpenSSL::safe::installdata::INCLUDEDIR_REL_PREFIX > 1) {
>> Index: patches/patch-exporters_pkg-config_openssl_pc_in
>> ===================================================================
>> RCS file: patches/patch-exporters_pkg-config_openssl_pc_in
>> diff -N patches/patch-exporters_pkg-config_openssl_pc_in
>> --- /dev/null 1 Jan 1970 00:00:00 -0000
>> +++ patches/patch-exporters_pkg-config_openssl_pc_in 7 Dec 2024
>> 03:38:18 -0000
>> @@ -0,0 +1,16 @@
>> +Index: exporters/pkg-config/openssl.pc.in
>> +--- exporters/pkg-config/openssl.pc.in.orig
>> ++++ exporters/pkg-config/openssl.pc.in
>> +@@ -9,10 +9,10 @@ libdir={- if (defined $OpenSSL::safe::installdata::LIB
>> + $OpenSSL::safe::installdata::libdir[0];
>> + } -}
>> + includedir={- $OUT = '';
>> +- $OUT .= '${prefix}/' . $_ . ' '
>> ++ $OUT .= '${prefix}/' . $_ . '/' . 'eopenssl33' . ' '
>> + foreach
>> (@OpenSSL::safe::installdata::INCLUDEDIR_REL_PREFIX); -}
>> +
>> + Name: OpenSSL
>> + Description: Secure Sockets Layer and cryptography libraries and tools
>> + Version: {- $OpenSSL::safe::installdata::VERSION -}
>> +-Requires: libssl libcrypto
>> ++Requires: libessl33 libecrypto33
>>
>
pkg-config lacking -L and -I dirs with openssl >= 3.3