Am 14.12.24 um 00:36 schrieb Lucas Gabriel Vuotto:
> On Sat, Dec 14, 2024 at 12:08:08AM +0100, Christoph Liebender wrote:
>> Hello there everyone.
>>
>> This is my first try at contributing to the OpenBSD ports tree:
>>
>> https://liebender.dev/patches/openbsd-ports/wstunnel-port.tar.gz
>>
>> wstunnel is useful in case you want to connect to your OpenBSD box, given
>> that
>> you are behind some firewall that restricts traffic to certain ports - for
>> example, you can configure wstunnel to listen on :443 and connect to your
>> box
>> via that port, to then route all your traffic to the wireguard interface of
>> your server. There are other usecases though, but this is my primary one.
>>
>> Now, there are two patches included, even though wstunnel compiles on
>> OpenBSD
>> amd64 just fine. I had to apply these because the original Cargo.toml
>> references a github repository as a crate: fastwebsockets. In this case, the
>> developer of wstunnel made changes to the original crate which they did not
>> (yet?) upstream, and their fork does not include any tags for the Cargo.toml
>> to reference. This is why I am patching Cargo.toml to reference the original
>> crate and then apply the changes of the wstunnel developer on top. I edited
>> crates.inc manually in this case to add fastwebsockets-0.8.0. Is there a
>> better
>> way? `make modcargo-gen-crates` apparently only reads the unpatched,
>> original
>> Cargo.toml.
>>
>> Anyway, I'm glad to receive any feedback or comments. Thanks.
>>
>> - Christoph
> 
> New ports should be as attachments.

Okay, that's what I'll do next time, but the porting guidelines at 
https://www.openbsd.org/faq/ports/guide.html#Overview say:

"Submit the port. Create a gzipped tarball of the port directory. You 
can then either place it on a public HTTP server, sending its URL to 
ports@openbsd.org, or send the port MIME encoded to the same address."

> Regarding Cargo.toml, I don't know any Rust nor its ecosystem, but it
> seems to be possible to specify a Git hash, according to
> https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html

Yes it is, the question then is whether or not MODCARGO_CRATES can 
reference a github repository given its hash. To me, it seems like it is 
just a list of "crate + version" that is looked up on crates.io, isn't it?

> Also, this depends on rustls-0.23.19, which already uses aws-lc-rs as
> the cryptography backend. I believe that will give issues on IBT-enabled
> hardware.

The Cargo.toml of wstunnel has some conditionals on tokio-rustls that 
specify the ring backend to be used instead:

[target.'cfg(all(any(target_os = "linux", target_os = "macos"), 
any(target_arch = "x86_64", target_arch = "aarch64")))'.dependencies]
tokio-rustls = { version = "0.26.1", features = [] }
rcgen = { version = "0.13.1", default-features = false, features = 
["aws_lc_rs"] }

[target.'cfg(not(all(any(target_os = "linux", target_os = "macos"), 
any(target_arch = "x86_64", target_arch = "aarch64"))))'.dependencies]
tokio-rustls = { version = "0.26.1", default-features = false, features 
= ["logging", "tls12", "ring"] }
rcgen = { version = "0.13.1", default-features = false, features = 
["ring"] }