From f2b3dda12a731c2e0971cb7889728edaf23f6cb0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Mon, 29 Nov 2021 20:46:00 +0100 Subject: New upstream version 2.5.4 --- contrib/vcpkg-ports/openssl/portfile.cmake | 25 + contrib/vcpkg-ports/openssl/unix/CMakeLists.txt | 280 +++++++++ contrib/vcpkg-ports/openssl/unix/portfile.cmake | 49 ++ contrib/vcpkg-ports/openssl/unix/remove-deps.cmake | 7 + .../openssl/unix/vcpkg-cmake-wrapper.cmake | 18 + contrib/vcpkg-ports/openssl/usage | 4 + .../vcpkg-ports/openssl/uwp/EnableUWPSupport.patch | 170 +++++ contrib/vcpkg-ports/openssl/uwp/make-openssl.bat | 16 + contrib/vcpkg-ports/openssl/uwp/portfile.cmake | 156 +++++ contrib/vcpkg-ports/openssl/vcpkg.json | 7 + contrib/vcpkg-ports/openssl/windows/portfile.cmake | 174 ++++++ .../openssl/windows/vcpkg-cmake-wrapper.cmake | 10 + .../0001-nmake-openssl-1.1.1-support.patch | 88 +++ contrib/vcpkg-ports/pkcs11-helper/CONTROL | 4 + .../pkcs11-helper/pkcs11-helper-001-RFC7512.patch | 686 +++++++++++++++++++++ contrib/vcpkg-ports/pkcs11-helper/portfile.cmake | 35 ++ contrib/vcpkg-triplets/arm64-windows-ovpn.cmake | 7 + contrib/vcpkg-triplets/x64-windows-ovpn.cmake | 7 + contrib/vcpkg-triplets/x86-windows-ovpn.cmake | 7 + 19 files changed, 1750 insertions(+) create mode 100644 contrib/vcpkg-ports/openssl/portfile.cmake create mode 100644 contrib/vcpkg-ports/openssl/unix/CMakeLists.txt create mode 100644 contrib/vcpkg-ports/openssl/unix/portfile.cmake create mode 100644 contrib/vcpkg-ports/openssl/unix/remove-deps.cmake create mode 100644 contrib/vcpkg-ports/openssl/unix/vcpkg-cmake-wrapper.cmake create mode 100644 contrib/vcpkg-ports/openssl/usage create mode 100644 contrib/vcpkg-ports/openssl/uwp/EnableUWPSupport.patch create mode 100644 contrib/vcpkg-ports/openssl/uwp/make-openssl.bat create mode 100644 contrib/vcpkg-ports/openssl/uwp/portfile.cmake create mode 100644 contrib/vcpkg-ports/openssl/vcpkg.json create mode 100644 contrib/vcpkg-ports/openssl/windows/portfile.cmake create mode 100644 contrib/vcpkg-ports/openssl/windows/vcpkg-cmake-wrapper.cmake create mode 100644 contrib/vcpkg-ports/pkcs11-helper/0001-nmake-openssl-1.1.1-support.patch create mode 100644 contrib/vcpkg-ports/pkcs11-helper/CONTROL create mode 100644 contrib/vcpkg-ports/pkcs11-helper/pkcs11-helper-001-RFC7512.patch create mode 100644 contrib/vcpkg-ports/pkcs11-helper/portfile.cmake create mode 100644 contrib/vcpkg-triplets/arm64-windows-ovpn.cmake create mode 100644 contrib/vcpkg-triplets/x64-windows-ovpn.cmake create mode 100644 contrib/vcpkg-triplets/x86-windows-ovpn.cmake (limited to 'contrib') diff --git a/contrib/vcpkg-ports/openssl/portfile.cmake b/contrib/vcpkg-ports/openssl/portfile.cmake new file mode 100644 index 0000000..9b59a3c --- /dev/null +++ b/contrib/vcpkg-ports/openssl/portfile.cmake @@ -0,0 +1,25 @@ +if(EXISTS "${CURRENT_INSTALLED_DIR}/include/openssl/ssl.h") + message(FATAL_ERROR "Can't build openssl if libressl/boringssl is installed. Please remove libressl/boringssl, and try install openssl again if you need it.") +endif() + +set(OPENSSL_VERSION 1.1.1k) +vcpkg_download_distfile(ARCHIVE + URLS "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz" "https://www.openssl.org/source/old/1.1.1/openssl-${OPENSSL_VERSION}.tar.gz" + FILENAME "openssl-${OPENSSL_VERSION}.tar.gz" + SHA512 73cd042d4056585e5a9dd7ab68e7c7310a3a4c783eafa07ab0b560e7462b924e4376436a6d38a155c687f6942a881cfc0c1b9394afcde1d8c46bf396e7d51121 +) + +vcpkg_find_acquire_program(PERL) +get_filename_component(PERL_EXE_PATH ${PERL} DIRECTORY) +vcpkg_add_to_path("${PERL_EXE_PATH}") + +if(VCPKG_TARGET_IS_UWP) + include("${CMAKE_CURRENT_LIST_DIR}/uwp/portfile.cmake") +elseif(VCPKG_TARGET_IS_WINDOWS AND NOT VCPKG_TARGET_IS_MINGW) + include("${CMAKE_CURRENT_LIST_DIR}/windows/portfile.cmake") +else() + include("${CMAKE_CURRENT_LIST_DIR}/unix/portfile.cmake") +endif() + + +file(INSTALL "${CMAKE_CURRENT_LIST_DIR}/usage" DESTINATION "${CURRENT_PACKAGES_DIR}/share/${PORT}") diff --git a/contrib/vcpkg-ports/openssl/unix/CMakeLists.txt b/contrib/vcpkg-ports/openssl/unix/CMakeLists.txt new file mode 100644 index 0000000..fd84816 --- /dev/null +++ b/contrib/vcpkg-ports/openssl/unix/CMakeLists.txt @@ -0,0 +1,280 @@ +cmake_minimum_required(VERSION 3.9) +project(openssl C) + +if(NOT SOURCE_PATH) + message(FATAL_ERROR "Requires SOURCE_PATH") +endif() + +if(CMAKE_SYSTEM_NAME STREQUAL "Android" OR CMAKE_SYSTEM_NAME STREQUAL "Linux") + if(CMAKE_SYSTEM_PROCESSOR STREQUAL "x86_64") + set(PLATFORM linux-x86_64) + else() + set(PLATFORM linux-generic32) + endif() +elseif(CMAKE_SYSTEM_NAME STREQUAL "iOS") + if(VCPKG_TARGET_ARCHITECTURE MATCHES "arm64") + set(PLATFORM ios64-xcrun) + elseif(VCPKG_TARGET_ARCHITECTURE MATCHES "arm") + set(PLATFORM ios-xcrun) + elseif(VCPKG_TARGET_ARCHITECTURE MATCHES "x86" OR + VCPKG_TARGET_ARCHITECTURE MATCHES "x64") + set(PLATFORM iossimulator-xcrun) + else() + message(FATAL_ERROR "Unknown iOS target architecture: ${VCPKG_TARGET_ARCHITECTURE}") + endif() + # disable that makes linkage error (e.g. require stderr usage) + list(APPEND DISABLES no-stdio no-ui no-asm) +elseif(CMAKE_SYSTEM_NAME STREQUAL "Darwin") + if(VCPKG_TARGET_ARCHITECTURE MATCHES "arm64") + set(PLATFORM darwin64-arm64-cc) + else() + set(PLATFORM darwin64-x86_64-cc) + endif() +elseif(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD") + set(PLATFORM BSD-generic64) +elseif(CMAKE_SYSTEM_NAME STREQUAL "OpenBSD") + set(PLATFORM BSD-generic64) +elseif(MINGW) + if(CMAKE_SYSTEM_PROCESSOR STREQUAL "x86_64") + set(PLATFORM mingw64) + else() + set(PLATFORM mingw) + endif() +elseif(EMSCRIPTEN) + set(MAKE $ENV{EMSDK}/upstream/emscripten/emmake) + set(ENV{MAKE} $ENV{EMSDK}/upstream/emscripten/emmake) +else() + message(FATAL_ERROR "Unknown platform") +endif() + +get_filename_component(COMPILER_ROOT "${CMAKE_C_COMPILER}" DIRECTORY) + +message("CMAKE_C_COMPILER=${CMAKE_C_COMPILER}") +message("COMPILER_ROOT=${COMPILER_ROOT}") +message("CMAKE_SYSROOT=${CMAKE_SYSROOT}") +message("CMAKE_OSX_SYSROOT=${CMAKE_OSX_SYSROOT}") +message("CMAKE_OSX_DEPLOYMENT_TARGET=${CMAKE_OSX_DEPLOYMENT_TARGET}") +message("CMAKE_C_FLAGS=${CMAKE_C_FLAGS}") +message("CMAKE_C_FLAGS_RELEASE=${CMAKE_C_FLAGS_RELEASE}") +message("CMAKE_C_FLAGS_DEBUG=${CMAKE_C_FLAGS_DEBUG}") +message("CMAKE_INCLUDE_SYSTEM_FLAG_C=${CMAKE_INCLUDE_SYSTEM_FLAG_C}") +message("CMAKE_C_OSX_DEPLOYMENT_TARGET_FLAG=${CMAKE_C_OSX_DEPLOYMENT_TARGET_FLAG}") + +set(CFLAGS "${CMAKE_C_FLAGS}") +if(CMAKE_CXX_COMPILER_ID STREQUAL "Clang") + set(CFLAGS "-Wno-error=unused-command-line-argument ${CMAKE_C_FLAGS}") +endif() +if(CMAKE_C_COMPILER_TARGET AND CMAKE_C_COMPILE_OPTIONS_TARGET) + set(CFLAGS "${CFLAGS} ${CMAKE_C_COMPILE_OPTIONS_TARGET}${CMAKE_C_COMPILER_TARGET}") +endif() +if(CMAKE_C_COMPILER_EXTERNAL_TOOLCHAIN AND CMAKE_C_COMPILE_OPTIONS_EXTERNAL_TOOLCHAIN) + set(CFLAGS "${CFLAGS} ${CMAKE_C_COMPILE_OPTIONS_EXTERNAL_TOOLCHAIN}${CMAKE_C_COMPILER_EXTERNAL_TOOLCHAIN}") +endif() +if(CMAKE_SYSROOT AND CMAKE_C_COMPILE_OPTIONS_SYSROOT) + set(CFLAGS "${CFLAGS} ${CMAKE_C_COMPILE_OPTIONS_SYSROOT}${CMAKE_SYSROOT}") +elseif(CMAKE_OSX_SYSROOT AND CMAKE_C_COMPILE_OPTIONS_SYSROOT) + set(CFLAGS "${CFLAGS} ${CMAKE_C_COMPILE_OPTIONS_SYSROOT}${CMAKE_OSX_SYSROOT}") +endif() +if (CMAKE_OSX_DEPLOYMENT_TARGET AND CMAKE_C_OSX_DEPLOYMENT_TARGET_FLAG) + set(CFLAGS "${CFLAGS} ${CMAKE_C_OSX_DEPLOYMENT_TARGET_FLAG}${CMAKE_OSX_DEPLOYMENT_TARGET}") +endif() + +string(REGEX REPLACE "^ " "" CFLAGS "${CFLAGS}") + +if(CMAKE_HOST_WIN32) + file(TO_NATIVE_PATH ENV_PATH "${COMPILER_ROOT};$ENV{PATH}") +else() + file(TO_NATIVE_PATH ENV_PATH "${COMPILER_ROOT}:$ENV{PATH}") +endif() +set(ENV{ANDROID_DEV} "${CMAKE_SYSROOT}/usr") + +if(NOT IOS) + set(ENV{CC} "${CMAKE_C_COMPILER}") +endif() + +message("ENV{ANDROID_DEV}=$ENV{ANDROID_DEV}") + +get_filename_component(SOURCE_PATH_NAME "${SOURCE_PATH}" NAME) +set(BUILDDIR "${CMAKE_CURRENT_BINARY_DIR}/${SOURCE_PATH_NAME}") + +if(NOT EXISTS "${BUILDDIR}") + file(COPY ${SOURCE_PATH} DESTINATION ${CMAKE_CURRENT_BINARY_DIR}) +endif() + +get_filename_component(MSYS_BIN_DIR "${MAKE}" DIRECTORY) + +if(BUILD_SHARED_LIBS) + set(SHARED shared) + file(STRINGS "${BUILDDIR}/include/openssl/opensslv.h" SHLIB_VERSION + REGEX "^#[\t ]*define[\t ]+SHLIB_VERSION_NUMBER[\t ]+\".*\".*") + string(REGEX REPLACE "^.*SHLIB_VERSION_NUMBER[\t ]+\"([^\"]*)\".*$" "\\1" + SHLIB_VERSION "${SHLIB_VERSION}") + if(CMAKE_SYSTEM_NAME STREQUAL "Darwin" OR CMAKE_SYSTEM_NAME STREQUAL "iOS") + set(LIB_EXT dylib) + set(LIB_EXTS ${SHLIB_VERSION}.${LIB_EXT}) + elseif(MINGW) + string(REPLACE "." "_" SHLIB_VERSION "${SHLIB_VERSION}") + set(BIN_EXT dll) + set(LIB_EXT dll.a) + else() + set(LIB_EXT so) + set(LIB_EXTS ${LIB_EXT}.${SHLIB_VERSION}) + endif() + list(APPEND BIN_EXTS ${BIN_EXT}) + list(APPEND LIB_EXTS ${LIB_EXT}) +else() + set(SHARED no-shared) + set(LIB_EXTS a) +endif() +foreach(lib ssl crypto) + foreach(ext ${LIB_EXTS}) + list(APPEND INSTALL_LIBS "${BUILDDIR}/lib${lib}.${ext}") + list(APPEND INSTALL_PKG_CONFIGS "${BUILDDIR}/lib${lib}.pc") + endforeach() + foreach(ext ${BIN_EXTS}) + # This might be wrong for targets which don't follow this naming scheme, but I'm not aware of any + if(CMAKE_SYSTEM_PROCESSOR STREQUAL "x86_64") + list(APPEND INSTALL_BINS "${BUILDDIR}/lib${lib}-${SHLIB_VERSION}-x64.${ext}") + else() + list(APPEND INSTALL_BINS "${BUILDDIR}/lib${lib}-${SHLIB_VERSION}.${ext}") + endif() + endforeach() +endforeach() + +if(CMAKE_HOST_WIN32) + set(ENV_COMMAND set) + set(PATH_VAR ";%PATH%") +else() + set(ENV_COMMAND export) + set(PATH_VAR ":$ENV{PATH}") +endif() + +add_custom_command( + OUTPUT "${BUILDDIR}/Makefile" + COMMAND ${ENV_COMMAND} "PATH=${MSYS_BIN_DIR}${PATH_VAR}" + VERBATIM + WORKING_DIRECTORY "${BUILDDIR}" +) + +if(NOT IOS) + add_custom_command( + OUTPUT "${BUILDDIR}/Makefile" + COMMAND ${ENV_COMMAND} CC=${CMAKE_C_COMPILER} + COMMAND ${ENV_COMMAND} AR=${CMAKE_AR} + COMMAND ${ENV_COMMAND} LD=${CMAKE_LINKER} + COMMAND ${ENV_COMMAND} RANLIB=${CMAKE_RANLIB} + COMMAND ${ENV_COMMAND} MAKE=${MAKE} + COMMAND ${ENV_COMMAND} MAKEDEPPROG=${CMAKE_C_COMPILER} + VERBATIM + APPEND + ) + + if(EMSCRIPTEN) + list(APPEND DISABLES + threads + no-engine + no-dso + no-asm + no-shared + no-sse2 + no-srtp + ) + else() + list(APPEND DISABLES + enable-static-engine + no-zlib + no-ssl2 + no-idea + no-cast + no-seed + no-md2 + no-tests) + endif() +endif() + +if(EMSCRIPTEN) + add_custom_command( + OUTPUT "${BUILDDIR}/Makefile" + COMMAND "$ENV{EMSDK}/upstream/emscripten/emconfigure" ./config + ${SHARED} + ${DISABLES} + "--prefix=${CMAKE_INSTALL_PREFIX}" + "--openssldir=/etc/ssl" + "--cross-compile-prefix=\"/\"" + VERBATIM + APPEND + ) + + add_custom_target(build_libs ALL + COMMAND ${ENV_COMMAND} "PATH=${MSYS_BIN_DIR}${PATH_VAR}" + COMMAND "${CMAKE_COMMAND}" -E touch "${BUILDDIR}/krb5.h" + COMMAND "${MAKE}" make build_libs + VERBATIM + WORKING_DIRECTORY "${BUILDDIR}" + DEPENDS "${BUILDDIR}/Makefile" + BYPRODUCTS ${INSTALL_LIBS} + ) +else() + add_custom_command( + OUTPUT "${BUILDDIR}/Makefile" + COMMAND "${PERL}" Configure + ${SHARED} + ${DISABLES} + ${PLATFORM} + "--prefix=${CMAKE_INSTALL_PREFIX}" + "--openssldir=/etc/ssl" + ${CFLAGS} + VERBATIM + APPEND + ) + + add_custom_target(build_libs ALL + COMMAND ${ENV_COMMAND} "PATH=${MSYS_BIN_DIR}${PATH_VAR}" + COMMAND "${CMAKE_COMMAND}" -E touch "${BUILDDIR}/krb5.h" + COMMAND "${MAKE}" -j ${VCPKG_CONCURRENCY} build_libs + VERBATIM + WORKING_DIRECTORY "${BUILDDIR}" + DEPENDS "${BUILDDIR}/Makefile" + BYPRODUCTS ${INSTALL_LIBS} + ) +endif() + +add_custom_command( + OUTPUT "${BUILDDIR}/Makefile" + COMMAND "${CMAKE_COMMAND}" "-DDIR=${BUILDDIR}" -P "${CMAKE_CURRENT_LIST_DIR}/remove-deps.cmake" + VERBATIM + APPEND +) + +if((CMAKE_SYSTEM_NAME STREQUAL "Darwin" OR CMAKE_SYSTEM_NAME STREQUAL "iOS") AND BUILD_SHARED_LIBS) + if(DEFINED CMAKE_INSTALL_NAME_DIR) + set(ID_PREFIX "${CMAKE_INSTALL_NAME_DIR}") + else() + set(ID_PREFIX "@rpath") + endif() + + add_custom_command( + TARGET build_libs + COMMAND /usr/bin/install_name_tool -id "${ID_PREFIX}/libssl.${SHLIB_VERSION}.dylib" + "${BUILDDIR}/libssl.${SHLIB_VERSION}.dylib" + COMMAND /usr/bin/install_name_tool -id "${ID_PREFIX}/libcrypto.${SHLIB_VERSION}.dylib" + "${BUILDDIR}/libcrypto.1.1.dylib" + COMMAND /usr/bin/install_name_tool -change "${CMAKE_INSTALL_PREFIX}/lib/libcrypto.${SHLIB_VERSION}.dylib" + "${ID_PREFIX}/libcrypto.${SHLIB_VERSION}.dylib" + "${BUILDDIR}/libssl.${SHLIB_VERSION}.dylib" + VERBATIM + ) +endif() + +install( + FILES ${INSTALL_LIBS} + DESTINATION lib +) +install( + FILES ${INSTALL_BINS} + DESTINATION bin +) +install( + FILES ${INSTALL_PKG_CONFIGS} + DESTINATION lib/pkgconfig +) diff --git a/contrib/vcpkg-ports/openssl/unix/portfile.cmake b/contrib/vcpkg-ports/openssl/unix/portfile.cmake new file mode 100644 index 0000000..9122349 --- /dev/null +++ b/contrib/vcpkg-ports/openssl/unix/portfile.cmake @@ -0,0 +1,49 @@ +if (NOT VCPKG_TARGET_IS_MINGW) + vcpkg_fail_port_install(MESSAGE "${PORT} is only for openssl on Unix-like systems" ON_TARGET "UWP" "Windows") +endif() + +vcpkg_extract_source_archive_ex( + OUT_SOURCE_PATH MASTER_COPY_SOURCE_PATH + ARCHIVE "${ARCHIVE}" + REF ${OPENSSL_VERSION} +) + +if(CMAKE_HOST_WIN32) + vcpkg_acquire_msys(MSYS_ROOT PACKAGES make perl) + set(MAKE ${MSYS_ROOT}/usr/bin/make.exe) + set(PERL ${MSYS_ROOT}/usr/bin/perl.exe) +else() + find_program(MAKE make) + if(NOT MAKE) + message(FATAL_ERROR "Could not find make. Please install it through your package manager.") + endif() +endif() + +vcpkg_configure_cmake( + SOURCE_PATH ${CMAKE_CURRENT_LIST_DIR} + PREFER_NINJA + OPTIONS + -DSOURCE_PATH=${MASTER_COPY_SOURCE_PATH} + -DPERL=${PERL} + -DMAKE=${MAKE} + -DVCPKG_CONCURRENCY=${VCPKG_CONCURRENCY} + OPTIONS_RELEASE + -DINSTALL_HEADERS=ON +) + +vcpkg_install_cmake() +vcpkg_fixup_pkgconfig() + +file(GLOB HEADERS ${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-rel/*/include/openssl/*.h) +set(RESOLVED_HEADERS) +foreach(HEADER ${HEADERS}) + get_filename_component(X "${HEADER}" REALPATH) + list(APPEND RESOLVED_HEADERS "${X}") +endforeach() + +file(INSTALL ${RESOLVED_HEADERS} DESTINATION ${CURRENT_PACKAGES_DIR}/include/openssl) +file(INSTALL ${MASTER_COPY_SOURCE_PATH}/LICENSE DESTINATION ${CURRENT_PACKAGES_DIR}/share/${PORT} RENAME copyright) + +if(VCPKG_LIBRARY_LINKAGE STREQUAL "static") + file(COPY ${CMAKE_CURRENT_LIST_DIR}/vcpkg-cmake-wrapper.cmake DESTINATION ${CURRENT_PACKAGES_DIR}/share/openssl) +endif() diff --git a/contrib/vcpkg-ports/openssl/unix/remove-deps.cmake b/contrib/vcpkg-ports/openssl/unix/remove-deps.cmake new file mode 100644 index 0000000..53ad6ef --- /dev/null +++ b/contrib/vcpkg-ports/openssl/unix/remove-deps.cmake @@ -0,0 +1,7 @@ +file(GLOB_RECURSE MAKEFILES ${DIR}/*/Makefile) +foreach(MAKEFILE ${MAKEFILES}) + message("removing deps from ${MAKEFILE}") + file(READ "${MAKEFILE}" _contents) + string(REGEX REPLACE "\n# DO NOT DELETE THIS LINE.*" "" _contents "${_contents}") + file(WRITE "${MAKEFILE}" "${_contents}") +endforeach() diff --git a/contrib/vcpkg-ports/openssl/unix/vcpkg-cmake-wrapper.cmake b/contrib/vcpkg-ports/openssl/unix/vcpkg-cmake-wrapper.cmake new file mode 100644 index 0000000..f36b687 --- /dev/null +++ b/contrib/vcpkg-ports/openssl/unix/vcpkg-cmake-wrapper.cmake @@ -0,0 +1,18 @@ +_find_package(${ARGS}) +if(OPENSSL_FOUND) + find_library(OPENSSL_DL_LIBRARY NAMES dl) + if(OPENSSL_DL_LIBRARY) + list(APPEND OPENSSL_LIBRARIES "dl") + if(TARGET OpenSSL::Crypto) + set_property(TARGET OpenSSL::Crypto APPEND PROPERTY INTERFACE_LINK_LIBRARIES "dl") + endif() + endif() + find_package(Threads REQUIRED) + list(APPEND OPENSSL_LIBRARIES ${CMAKE_THREAD_LIBS_INIT}) + if(TARGET OpenSSL::Crypto) + set_property(TARGET OpenSSL::Crypto APPEND PROPERTY INTERFACE_LINK_LIBRARIES "Threads::Threads") + endif() + if(TARGET OpenSSL::SSL) + set_property(TARGET OpenSSL::SSL APPEND PROPERTY INTERFACE_LINK_LIBRARIES "Threads::Threads") + endif() +endif() diff --git a/contrib/vcpkg-ports/openssl/usage b/contrib/vcpkg-ports/openssl/usage new file mode 100644 index 0000000..cf83f33 --- /dev/null +++ b/contrib/vcpkg-ports/openssl/usage @@ -0,0 +1,4 @@ +The package openssl is compatible with built-in CMake targets: + + find_package(OpenSSL REQUIRED) + target_link_libraries(main PRIVATE OpenSSL::SSL OpenSSL::Crypto) diff --git a/contrib/vcpkg-ports/openssl/uwp/EnableUWPSupport.patch b/contrib/vcpkg-ports/openssl/uwp/EnableUWPSupport.patch new file mode 100644 index 0000000..fe78374 --- /dev/null +++ b/contrib/vcpkg-ports/openssl/uwp/EnableUWPSupport.patch @@ -0,0 +1,170 @@ +diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf +index 3c4299d264..99fcb1f713 100644 +--- a/Configurations/10-main.conf ++++ b/Configurations/10-main.conf +@@ -1287,7 +1287,7 @@ my %targets = ( + }, + "VC-WIN64I" => { + inherit_from => [ "VC-WIN64-common", asm("ia64_asm"), +- sub { $disabled{shared} ? () : "ia64_uplink" } ], ++ sub { $disabled{uplink} ? () : "ia64_uplink" } ], + AS => "ias", + ASFLAGS => "-d debug", + asoutflag => "-o ", +@@ -1299,7 +1299,7 @@ my %targets = ( + }, + "VC-WIN64A" => { + inherit_from => [ "VC-WIN64-common", asm("x86_64_asm"), +- sub { $disabled{shared} ? () : "x86_64_uplink" } ], ++ sub { $disabled{uplink} ? () : "x86_64_uplink" } ], + AS => sub { vc_win64a_info()->{AS} }, + ASFLAGS => sub { vc_win64a_info()->{ASFLAGS} }, + asoutflag => sub { vc_win64a_info()->{asoutflag} }, +@@ -1312,7 +1312,7 @@ my %targets = ( + }, + "VC-WIN32" => { + inherit_from => [ "VC-noCE-common", asm("x86_asm"), +- sub { $disabled{shared} ? () : "uplink_common" } ], ++ sub { $disabled{uplink} ? () : "uplink_common" } ], + AS => sub { vc_win32_info()->{AS} }, + ASFLAGS => sub { vc_win32_info()->{ASFLAGS} }, + asoutflag => sub { vc_win32_info()->{asoutflag} }, +@@ -1374,7 +1374,7 @@ my %targets = ( + #### MinGW + "mingw" => { + inherit_from => [ "BASE_unix", asm("x86_asm"), +- sub { $disabled{shared} ? () : "x86_uplink" } ], ++ sub { $disabled{uplink} ? () : "x86_uplink" } ], + CC => "gcc", + CFLAGS => picker(default => "-Wall", + debug => "-g -O0", +diff --git a/Configurations/50-win-onecore.conf b/Configurations/50-win-onecore.conf +index d478f42b0f..e0fb70daca 100644 +--- a/Configurations/50-win-onecore.conf ++++ b/Configurations/50-win-onecore.conf +@@ -1,3 +1,4 @@ ++## -*- mode: perl; -*- + # Windows OneCore targets. + # + # OneCore is new API stability "contract" that transcends Desktop, IoT and +@@ -10,6 +11,25 @@ + # TODO: extend error handling to use ETW based eventing + # (Or rework whole error messaging) + ++my $UWP_info = {}; ++sub UWP_info { ++ unless (%$UWP_info) { ++ my $SDKver = `pwsh.exe -Command \"& {\$(Get-Item \\\"hklm:\\SOFTWARE\\WOW6432Node\\Microsoft\\Microsoft SDKs\\Windows\\\").GetValue(\\\"CurrentVersion\\\")}\"`; ++ $SDKver =~ s|\R$||; ++ my @SDKver_split = split(/\./, $SDKver); ++ # SDK version older than 10.0.17763 don't support our ASM builds ++ if ($SDKver_split[0] < 10 ++ || ($SDKver_split[0] == 10 ++ && $SDKver_split[1] == 0 ++ && $SDKver_split[2] < 17763)) { ++ $UWP_info->{disable} = [ 'asm' ]; ++ } else { ++ $UWP_info->{disable} = [ ]; ++ } ++ } ++ return $UWP_info; ++} ++ + my %targets = ( + "VC-WIN32-ONECORE" => { + inherit_from => [ "VC-WIN32" ], +@@ -61,4 +81,57 @@ my %targets = ( + ex_libs => "onecore.lib", + multilib => "-arm64", + }, ++ ++ # Universal Windows Platform (UWP) App Support ++ ++ # TODO ++ # ++ # The 'disable' attribute should have 'uplink'. ++ # however, these are checked in some 'inherit_from', which is processed ++ # very early, before the 'disable' attributes are seen. ++ # This is a problem that needs to be resolved in Configure first. ++ # ++ # But if you want to build library with Windows 10 Version 1809 SDK or ++ # earlier, the 'disable' attribute should also have 'asm'. ++ ++ "VC-WIN32-UWP" => { ++ inherit_from => [ "VC-WIN32-ONECORE" ], ++ lflags => add("/APPCONTAINER"), ++ defines => add("WINAPI_FAMILY=WINAPI_FAMILY_APP", ++ "_WIN32_WINNT=0x0A00"), ++ dso_scheme => "", ++ disable => sub { [ 'ui-console', 'stdio', 'async', 'uplink', ++ @{ UWP_info()->{disable} } ] }, ++ ex_libs => "WindowsApp.lib", ++ }, ++ "VC-WIN64A-UWP" => { ++ inherit_from => [ "VC-WIN64A-ONECORE" ], ++ lflags => add("/APPCONTAINER"), ++ defines => add("WINAPI_FAMILY=WINAPI_FAMILY_APP", ++ "_WIN32_WINNT=0x0A00"), ++ dso_scheme => "", ++ disable => sub { [ 'ui-console', 'stdio', 'async', 'uplink', ++ @{ UWP_info()->{disable} } ] }, ++ ex_libs => "WindowsApp.lib", ++ }, ++ "VC-WIN32-ARM-UWP" => { ++ inherit_from => [ "VC-WIN32-ARM" ], ++ lflags => add("/APPCONTAINER"), ++ defines => add("WINAPI_FAMILY=WINAPI_FAMILY_APP", ++ "_WIN32_WINNT=0x0A00"), ++ dso_scheme => "", ++ disable => sub { [ 'ui-console', 'stdio', 'async', 'uplink', ++ @{ UWP_info()->{disable} } ] }, ++ ex_libs => "WindowsApp.lib", ++ }, ++ "VC-WIN64-ARM-UWP" => { ++ inherit_from => [ "VC-WIN64-ARM" ], ++ lflags => add("/APPCONTAINER"), ++ defines => add("WINAPI_FAMILY=WINAPI_FAMILY_APP", ++ "_WIN32_WINNT=0x0A00"), ++ dso_scheme => "", ++ disable => sub { [ 'ui-console', 'stdio', 'async', 'uplink', ++ @{ UWP_info()->{disable} } ] }, ++ ex_libs => "WindowsApp.lib", ++ }, + ); +diff --git a/Configure b/Configure +index 5a699836f3..de45f1e299 100755 +--- a/Configure ++++ b/Configure +@@ -407,6 +408,7 @@ my @disablables = ( + "ubsan", + "ui-console", + "unit-test", ++ "uplink", + "whirlpool", + "weak-ssl-ciphers", + "zlib", +@@ -491,8 +493,8 @@ my @disable_cascades = ( + + # Without position independent code, there can be no shared libraries or DSOs + "pic" => [ "shared" ], +- "shared" => [ "dynamic-engine" ], ++ "shared" => [ "dynamic-engine", "uplink" ], + "dso" => [ "dynamic-engine" ], + "engine" => [ "afalgeng", "devcryptoeng" ], + + # no-autoalginit is only useful when building non-shared +diff --git a/INSTALL b/INSTALL +index 2119cbae9e..ee54e8c215 100644 +--- a/INSTALL ++++ b/INSTALL +@@ -560,6 +560,10 @@ + likely to complement configuration command line with + suitable compiler-specific option. + ++ no-uplink ++ Don't build support for UPLINK interface. ++ ++ + no- + Don't build support for negotiating the specified SSL/TLS + protocol (one of ssl, ssl3, tls, tls1, tls1_1, tls1_2, diff --git a/contrib/vcpkg-ports/openssl/uwp/make-openssl.bat b/contrib/vcpkg-ports/openssl/uwp/make-openssl.bat new file mode 100644 index 0000000..6f6166a --- /dev/null +++ b/contrib/vcpkg-ports/openssl/uwp/make-openssl.bat @@ -0,0 +1,16 @@ +set build=%1 + +perl Configure no-asm no-hw no-dso VC-WINUNIVERSAL -FS -FIWindows.h + +for /D %%f in ("%WindowsSdkDir%References\%WindowsSDKLibVersion%Windows.Foundation.FoundationContract\*") do set LibPath=%LibPath%;%%f\ +for /D %%f in ("%WindowsSdkDir%References\%WindowsSDKLibVersion%Windows.Foundation.UniversalApiContract\*") do set LibPath=%LibPath%;%%f\ +for /D %%f in ("%WindowsSdkDir%References\Windows.Foundation.FoundationContract\*") do set LibPath=%LibPath%;%%f\ +for /D %%f in ("%WindowsSdkDir%References\Windows.Foundation.UniversalApiContract\*") do set LibPath=%LibPath%;%%f\ + +call ms\do_winuniversal.bat + +mkdir inc32\openssl + +jom -j %NUMBER_OF_PROCESSORS% -k -f ms\ntdll.mak +REM due to a race condition in the build, we need to have a second single-threaded pass. +nmake -f ms\ntdll.mak diff --git a/contrib/vcpkg-ports/openssl/uwp/portfile.cmake b/contrib/vcpkg-ports/openssl/uwp/portfile.cmake new file mode 100644 index 0000000..08a523c --- /dev/null +++ b/contrib/vcpkg-ports/openssl/uwp/portfile.cmake @@ -0,0 +1,156 @@ +vcpkg_fail_port_install(MESSAGE "${PORT} is only for Windows Universal Platform" ON_TARGET "Linux" "OSX") + +vcpkg_check_linkage(ONLY_DYNAMIC_LIBRARY) + +vcpkg_find_acquire_program(JOM) +get_filename_component(JOM_EXE_PATH ${JOM} DIRECTORY) +vcpkg_add_to_path("${PERL_EXE_PATH}") + +vcpkg_extract_source_archive_ex( + OUT_SOURCE_PATH SOURCE_PATH + ARCHIVE ${ARCHIVE} + PATCHES + uwp/EnableUWPSupport.patch +) + +vcpkg_find_acquire_program(NASM) +get_filename_component(NASM_EXE_PATH ${NASM} DIRECTORY) +vcpkg_add_to_path(PREPEND "${NASM_EXE_PATH}") + +set(CONFIGURE_COMMAND ${PERL} Configure + enable-static-engine + enable-capieng + no-unit-test + no-ssl2 + no-asm + no-uplink + no-tests + -utf-8 + shared +) + +if(VCPKG_TARGET_ARCHITECTURE STREQUAL "x86") + set(OPENSSL_ARCH VC-WIN32-UWP) +elseif(VCPKG_TARGET_ARCHITECTURE STREQUAL "x64") + set(OPENSSL_ARCH VC-WIN64A-UWP) +elseif(VCPKG_TARGET_ARCHITECTURE STREQUAL "arm") + set(OPENSSL_ARCH VC-WIN32-ARM-UWP) +elseif(VCPKG_TARGET_ARCHITECTURE STREQUAL "arm64") + set(OPENSSL_ARCH VC-WIN64-ARM-UWP) +else() + message(FATAL_ERROR "Unsupported target architecture: ${VCPKG_TARGET_ARCHITECTURE}") +endif() + +set(OPENSSL_MAKEFILE "makefile") + +file(REMOVE_RECURSE ${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-rel ${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-dbg) + + +if(NOT DEFINED VCPKG_BUILD_TYPE OR VCPKG_BUILD_TYPE STREQUAL "release") + + # Copy openssl sources. + message(STATUS "Copying openssl release source files...") + file(GLOB OPENSSL_SOURCE_FILES "${SOURCE_PATH}/*") + foreach(SOURCE_FILE ${OPENSSL_SOURCE_FILES}) + file(COPY ${SOURCE_FILE} DESTINATION "${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-rel") + endforeach() + message(STATUS "Copying openssl release source files... done") + set(SOURCE_PATH_RELEASE "${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-rel") + + set(OPENSSLDIR_RELEASE "${CURRENT_PACKAGES_DIR}") + + message(STATUS "Configure ${TARGET_TRIPLET}-rel") + vcpkg_execute_required_process( + COMMAND ${CONFIGURE_COMMAND} ${OPENSSL_ARCH} "--prefix=${OPENSSLDIR_RELEASE}" "--openssldir=${OPENSSLDIR_RELEASE}" -FS + WORKING_DIRECTORY "${SOURCE_PATH_RELEASE}" + LOGNAME configure-perl-${TARGET_TRIPLET}-${VCPKG_BUILD_TYPE}-rel + ) + message(STATUS "Configure ${TARGET_TRIPLET}-rel done") + + message(STATUS "Build ${TARGET_TRIPLET}-rel") + # Openssl's buildsystem has a race condition which will cause JOM to fail at some point. + # This is ok; we just do as much work as we can in parallel first, then follow up with a single-threaded build. + make_directory(${SOURCE_PATH_RELEASE}/inc32/openssl) + execute_process( + COMMAND "${JOM}" -k -j ${VCPKG_CONCURRENCY} -f "${OPENSSL_MAKEFILE}" build_libs + WORKING_DIRECTORY "${SOURCE_PATH_RELEASE}" + OUTPUT_FILE "${CURRENT_BUILDTREES_DIR}/build-${TARGET_TRIPLET}-rel-0-out.log" + ERROR_FILE "${CURRENT_BUILDTREES_DIR}/build-${TARGET_TRIPLET}-rel-0-err.log" + ) + vcpkg_execute_required_process( + COMMAND nmake -f "${OPENSSL_MAKEFILE}" install_dev + WORKING_DIRECTORY "${SOURCE_PATH_RELEASE}" + LOGNAME build-${TARGET_TRIPLET}-rel-1) + + message(STATUS "Build ${TARGET_TRIPLET}-rel done") +endif() + + +if(NOT DEFINED VCPKG_BUILD_TYPE OR VCPKG_BUILD_TYPE STREQUAL "debug") + # Copy openssl sources. + message(STATUS "Copying openssl debug source files...") + file(GLOB OPENSSL_SOURCE_FILES ${SOURCE_PATH}/*) + foreach(SOURCE_FILE ${OPENSSL_SOURCE_FILES}) + file(COPY "${SOURCE_FILE}" DESTINATION "${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-dbg") + endforeach() + message(STATUS "Copying openssl debug source files... done") + set(SOURCE_PATH_DEBUG "${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-dbg") + + set(OPENSSLDIR_DEBUG "${CURRENT_PACKAGES_DIR}/debug") + + message(STATUS "Configure ${TARGET_TRIPLET}-dbg") + vcpkg_execute_required_process( + COMMAND ${CONFIGURE_COMMAND} debug-${OPENSSL_ARCH} "--prefix=${OPENSSLDIR_DEBUG}" "--openssldir=${OPENSSLDIR_DEBUG}" -FS + WORKING_DIRECTORY "${SOURCE_PATH_DEBUG}" + LOGNAME configure-perl-${TARGET_TRIPLET}-${VCPKG_BUILD_TYPE}-dbg + ) + message(STATUS "Configure ${TARGET_TRIPLET}-dbg done") + + message(STATUS "Build ${TARGET_TRIPLET}-dbg") + make_directory("${SOURCE_PATH_DEBUG}/inc32/openssl") + execute_process( + COMMAND "${JOM}" -k -j ${VCPKG_CONCURRENCY} -f "${OPENSSL_MAKEFILE}" build_libs + WORKING_DIRECTORY "${SOURCE_PATH_DEBUG}" + OUTPUT_FILE "${CURRENT_BUILDTREES_DIR}/build-${TARGET_TRIPLET}-dbg-0-out.log" + ERROR_FILE "${CURRENT_BUILDTREES_DIR}/build-${TARGET_TRIPLET}-dbg-0-err.log" + ) + vcpkg_execute_required_process( + COMMAND nmake -f "${OPENSSL_MAKEFILE}" install_dev + WORKING_DIRECTORY "${SOURCE_PATH_DEBUG}" + LOGNAME build-${TARGET_TRIPLET}-dbg-1) + + message(STATUS "Build ${TARGET_TRIPLET}-dbg done") +endif() + +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/certs") +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/private") +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/lib/engines-1_1") +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/debug/certs") +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/debug/lib/engines-1_1") +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/debug/private") +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/debug/include") + +file(REMOVE + "${CURRENT_PACKAGES_DIR}/bin/openssl.exe" + "${CURRENT_PACKAGES_DIR}/debug/bin/openssl.exe" + "${CURRENT_PACKAGES_DIR}/debug/openssl.cnf" + "${CURRENT_PACKAGES_DIR}/openssl.cnf" + "${CURRENT_PACKAGES_DIR}/ct_log_list.cnf" + "${CURRENT_PACKAGES_DIR}/ct_log_list.cnf.dist" + "${CURRENT_PACKAGES_DIR}/openssl.cnf.dist" + "${CURRENT_PACKAGES_DIR}/debug/ct_log_list.cnf" + "${CURRENT_PACKAGES_DIR}/debug/ct_log_list.cnf.dist" + "${CURRENT_PACKAGES_DIR}/debug/openssl.cnf.dist" +) + +file(READ "${CURRENT_PACKAGES_DIR}/include/openssl/dtls1.h" _contents) +string(REPLACE "" "" _contents "${_contents}") +file(WRITE "${CURRENT_PACKAGES_DIR}/include/openssl/dtls1.h" "${_contents}") + +file(READ "${CURRENT_PACKAGES_DIR}/include/openssl/rand.h" _contents) +string(REPLACE "# include " "#ifndef _WINSOCKAPI_\n#define _WINSOCKAPI_\n#endif\n# include " _contents "${_contents}") +file(WRITE "${CURRENT_PACKAGES_DIR}/include/openssl/rand.h" "${_contents}") + +vcpkg_copy_pdbs() + +file(INSTALL "${SOURCE_PATH}/LICENSE" DESTINATION "${CURRENT_PACKAGES_DIR}/share/${PORT}" RENAME copyright) diff --git a/contrib/vcpkg-ports/openssl/vcpkg.json b/contrib/vcpkg-ports/openssl/vcpkg.json new file mode 100644 index 0000000..2d0eb13 --- /dev/null +++ b/contrib/vcpkg-ports/openssl/vcpkg.json @@ -0,0 +1,7 @@ +{ + "name": "openssl", + "version-string": "1.1.1k", + "port-version": 4, + "description": "OpenSSL is an open source project that provides a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.", + "homepage": "https://www.openssl.org" +} diff --git a/contrib/vcpkg-ports/openssl/windows/portfile.cmake b/contrib/vcpkg-ports/openssl/windows/portfile.cmake new file mode 100644 index 0000000..c873eb7 --- /dev/null +++ b/contrib/vcpkg-ports/openssl/windows/portfile.cmake @@ -0,0 +1,174 @@ +vcpkg_fail_port_install(MESSAGE "${PORT} is only for Windows Desktop" ON_TARGET "UWP" "Linux" "OSX") + +vcpkg_extract_source_archive_ex( + OUT_SOURCE_PATH SOURCE_PATH + ARCHIVE ${ARCHIVE} +) + +vcpkg_find_acquire_program(NASM) +get_filename_component(NASM_EXE_PATH "${NASM}" DIRECTORY) +vcpkg_add_to_path(PREPEND "${NASM_EXE_PATH}") + +vcpkg_find_acquire_program(JOM) + +set(OPENSSL_SHARED no-shared) +if(VCPKG_LIBRARY_LINKAGE STREQUAL dynamic) + set(OPENSSL_SHARED shared) +endif() + +set(CONFIGURE_OPTIONS + enable-static-engine + enable-capieng + no-ssl2 + no-tests + no-autoload-config + -utf-8 + ${OPENSSL_SHARED} +) + +if(DEFINED OPENSSL_USE_NOPINSHARED) + set(CONFIGURE_OPTIONS ${CONFIGURE_OPTIONS} no-pinshared) +endif() + +set(CONFIGURE_COMMAND "${PERL}" Configure ${CONFIGURE_OPTIONS}) + +if(VCPKG_TARGET_ARCHITECTURE STREQUAL "x86") + set(OPENSSL_ARCH VC-WIN32) +elseif(VCPKG_TARGET_ARCHITECTURE STREQUAL "x64") + set(OPENSSL_ARCH VC-WIN64A) +elseif(VCPKG_TARGET_ARCHITECTURE STREQUAL "arm") + set(OPENSSL_ARCH VC-WIN32-ARM) +elseif(VCPKG_TARGET_ARCHITECTURE STREQUAL "arm64") + set(OPENSSL_ARCH VC-WIN64-ARM) +else() + message(FATAL_ERROR "Unsupported target architecture: ${VCPKG_TARGET_ARCHITECTURE}") +endif() + +set(OPENSSL_MAKEFILE "makefile") + +file(REMOVE_RECURSE "${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-rel" + "${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-dbg") + +if(NOT DEFINED VCPKG_BUILD_TYPE OR VCPKG_BUILD_TYPE STREQUAL "release") + + # Copy openssl sources. + message(STATUS "Copying openssl release source files...") + file(GLOB OPENSSL_SOURCE_FILES ${SOURCE_PATH}/*) + foreach(SOURCE_FILE ${OPENSSL_SOURCE_FILES}) + file(COPY ${SOURCE_FILE} DESTINATION "${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-rel") + endforeach() + message(STATUS "Copying openssl release source files... done") + set(SOURCE_PATH_RELEASE "${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-rel") + + set(OPENSSLDIR_RELEASE ${CURRENT_PACKAGES_DIR}) + + message(STATUS "Configure ${TARGET_TRIPLET}-rel") + vcpkg_execute_required_process( + COMMAND ${CONFIGURE_COMMAND} ${OPENSSL_ARCH} "--prefix=${OPENSSLDIR_RELEASE}" "--openssldir=${OPENSSLDIR_RELEASE}" -FS + WORKING_DIRECTORY ${SOURCE_PATH_RELEASE} + LOGNAME configure-perl-${TARGET_TRIPLET}-rel + ) + message(STATUS "Configure ${TARGET_TRIPLET}-rel done") + + message(STATUS "Build ${TARGET_TRIPLET}-rel") + # Openssl's buildsystem has a race condition which will cause JOM to fail at some point. + # This is ok; we just do as much work as we can in parallel first, then follow up with a single-threaded build. + make_directory(${SOURCE_PATH_RELEASE}/inc32/openssl) + execute_process( + COMMAND ${JOM} -k -j $ENV{NUMBER_OF_PROCESSORS} -f ${OPENSSL_MAKEFILE} + WORKING_DIRECTORY ${SOURCE_PATH_RELEASE} + OUTPUT_FILE ${CURRENT_BUILDTREES_DIR}/build-${TARGET_TRIPLET}-rel-0-out.log + ERROR_FILE ${CURRENT_BUILDTREES_DIR}/build-${TARGET_TRIPLET}-rel-0-err.log + ) + vcpkg_execute_required_process( + COMMAND nmake -f ${OPENSSL_MAKEFILE} install_sw install_ssldirs + WORKING_DIRECTORY ${SOURCE_PATH_RELEASE} + LOGNAME build-${TARGET_TRIPLET}-rel-1) + + message(STATUS "Build ${TARGET_TRIPLET}-rel done") +endif() + + +if(NOT DEFINED VCPKG_BUILD_TYPE OR VCPKG_BUILD_TYPE STREQUAL "debug") + # Copy openssl sources. + message(STATUS "Copying openssl debug source files...") + file(GLOB OPENSSL_SOURCE_FILES ${SOURCE_PATH}/*) + foreach(SOURCE_FILE ${OPENSSL_SOURCE_FILES}) + file(COPY ${SOURCE_FILE} DESTINATION "${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-dbg") + endforeach() + message(STATUS "Copying openssl debug source files... done") + set(SOURCE_PATH_DEBUG "${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-dbg") + + set(OPENSSLDIR_DEBUG ${CURRENT_PACKAGES_DIR}/debug) + + message(STATUS "Configure ${TARGET_TRIPLET}-dbg") + vcpkg_execute_required_process( + COMMAND ${CONFIGURE_COMMAND} debug-${OPENSSL_ARCH} "--prefix=${OPENSSLDIR_DEBUG}" "--openssldir=${OPENSSLDIR_DEBUG}" -FS + WORKING_DIRECTORY ${SOURCE_PATH_DEBUG} + LOGNAME configure-perl-${TARGET_TRIPLET}-dbg + ) + message(STATUS "Configure ${TARGET_TRIPLET}-dbg done") + + message(STATUS "Build ${TARGET_TRIPLET}-dbg") + make_directory(${SOURCE_PATH_DEBUG}/inc32/openssl) + execute_process( + COMMAND "${JOM}" -k -j ${VCPKG_CONCURRENCY} -f "${OPENSSL_MAKEFILE}" + WORKING_DIRECTORY ${SOURCE_PATH_DEBUG} + OUTPUT_FILE ${CURRENT_BUILDTREES_DIR}/build-${TARGET_TRIPLET}-dbg-0-out.log + ERROR_FILE ${CURRENT_BUILDTREES_DIR}/build-${TARGET_TRIPLET}-dbg-0-err.log + ) + vcpkg_execute_required_process( + COMMAND nmake -f "${OPENSSL_MAKEFILE}" install_sw install_ssldirs + WORKING_DIRECTORY ${SOURCE_PATH_DEBUG} + LOGNAME build-${TARGET_TRIPLET}-dbg-1) + + message(STATUS "Build ${TARGET_TRIPLET}-dbg done") +endif() + +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/certs") +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/private") +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/lib/engines-1_1") +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/debug/certs") +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/debug/lib/engines-1_1") +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/debug/private") +file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/debug/include") + +file(REMOVE + "${CURRENT_PACKAGES_DIR}/ct_log_list.cnf" + "${CURRENT_PACKAGES_DIR}/ct_log_list.cnf.dist" + "${CURRENT_PACKAGES_DIR}/openssl.cnf.dist" + "${CURRENT_PACKAGES_DIR}/debug/bin/openssl.exe" + "${CURRENT_PACKAGES_DIR}/debug/ct_log_list.cnf" + "${CURRENT_PACKAGES_DIR}/debug/ct_log_list.cnf.dist" + "${CURRENT_PACKAGES_DIR}/debug/openssl.cnf" + "${CURRENT_PACKAGES_DIR}/debug/openssl.cnf.dist" +) + +file(MAKE_DIRECTORY "${CURRENT_PACKAGES_DIR}/tools/openssl/") +file(RENAME "${CURRENT_PACKAGES_DIR}/bin/openssl.exe" "${CURRENT_PACKAGES_DIR}/tools/openssl/openssl.exe") +file(RENAME "${CURRENT_PACKAGES_DIR}/openssl.cnf" "${CURRENT_PACKAGES_DIR}/tools/openssl/openssl.cnf") + +vcpkg_copy_tool_dependencies("${CURRENT_PACKAGES_DIR}/tools/openssl") + +if(VCPKG_LIBRARY_LINKAGE STREQUAL static) + # They should be empty, only the exes deleted above were in these directories + file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/debug/bin/") + file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/bin/") +endif() + +vcpkg_replace_string("${CURRENT_PACKAGES_DIR}/include/openssl/dtls1.h" + "" + "" +) + +vcpkg_replace_string("${CURRENT_PACKAGES_DIR}/include/openssl/rand.h" + "# include " + "#ifndef _WINSOCKAPI_\n#define _WINSOCKAPI_\n#endif\n# include " +) + +vcpkg_copy_pdbs() + +file(INSTALL "${SOURCE_PATH}/LICENSE" DESTINATION "${CURRENT_PACKAGES_DIR}/share/${PORT}" RENAME copyright) +if(VCPKG_LIBRARY_LINKAGE STREQUAL "static") + file(COPY "${CMAKE_CURRENT_LIST_DIR}/vcpkg-cmake-wrapper.cmake" DESTINATION "${CURRENT_PACKAGES_DIR}/share/openssl") +endif() diff --git a/contrib/vcpkg-ports/openssl/windows/vcpkg-cmake-wrapper.cmake b/contrib/vcpkg-ports/openssl/windows/vcpkg-cmake-wrapper.cmake new file mode 100644 index 0000000..1e3b837 --- /dev/null +++ b/contrib/vcpkg-ports/openssl/windows/vcpkg-cmake-wrapper.cmake @@ -0,0 +1,10 @@ +_find_package(${ARGS}) +if(OPENSSL_FOUND) + list(APPEND OPENSSL_LIBRARIES Crypt32.lib ws2_32.lib) + if(TARGET OpenSSL::Crypto) + set_property(TARGET OpenSSL::Crypto APPEND PROPERTY INTERFACE_LINK_LIBRARIES "Crypt32.lib;ws2_32.lib") + endif() + if(TARGET OpenSSL::SSL) + set_property(TARGET OpenSSL::SSL APPEND PROPERTY INTERFACE_LINK_LIBRARIES "Crypt32.lib;ws2_32.lib") + endif() +endif() diff --git a/contrib/vcpkg-ports/pkcs11-helper/0001-nmake-openssl-1.1.1-support.patch b/contrib/vcpkg-ports/pkcs11-helper/0001-nmake-openssl-1.1.1-support.patch new file mode 100644 index 0000000..d1942a9 --- /dev/null +++ b/contrib/vcpkg-ports/pkcs11-helper/0001-nmake-openssl-1.1.1-support.patch @@ -0,0 +1,88 @@ +From 324026ce179468fcea348e59259dbc5456438ead Mon Sep 17 00:00:00 2001 +From: Lev Stipakov +Date: Fri, 14 May 2021 14:35:53 +0300 +Subject: [PATCH] nmake: openssl 1.1.1 support + +Starting from version 1.1.1, OpenSSL includes routines +like RSA_meth_xxx and DSA_meth_xxx. pkcs11-helper includes +implementation of those routines. That code is compiled if +they're missing from OpenSSL. + +nmake build uses pre-generated config-w32-vc.h, which lacks +defines which indicate that OpenSSL includes above routines, +which causes pkcs11's own implementaion to be compiled. However, +pkcs11-helper implementation is not compatible with OpenSSL 1.1.1 - +for example, it takes size of opaque struct RSA_METHOD, which +has become internal in OpenSSL. + +This adds necessary defines to config header used by nmake build +so that pkcs11-helper code, which is not compatible with OpenSSL 1.1.1, +is not compiled. + +Also libeay is changed to libcrypto. + +Signed-off-by: Lev Stipakov +--- + config-w32-vc.h.in | 33 +++++++++++++++++++++++++++++++++ + lib/Makefile.w32-vc | 4 ++-- + 2 files changed, 35 insertions(+), 2 deletions(-) + +diff --git a/config-w32-vc.h b/config-w32-vc.h +index 6346f02..102b2e3 100644 +--- a/config-w32-vc.h ++++ b/config-w32-vc.h +@@ -185,3 +185,36 @@ + #if _MSC_VER >= 1400 + #define HAVE_CPP_VARARG_MACRO_ISO 1 + #endif ++ ++/* Define to 1 if you have the `RSA_meth_dup' function. */ ++#define HAVE_RSA_METH_DUP 1 ++ ++/* Define to 1 if you have the `RSA_meth_free' function. */ ++#define HAVE_RSA_METH_FREE 1 ++ ++/* Define to 1 if you have the `RSA_meth_set1_name' function. */ ++#define HAVE_RSA_METH_SET1_NAME 1 ++ ++/* Define to 1 if you have the `RSA_meth_set_flags' function. */ ++#define HAVE_RSA_METH_SET_FLAGS 1 ++ ++/* Define to 1 if you have the `RSA_meth_set_priv_dec' function. */ ++#define HAVE_RSA_METH_SET_PRIV_DEC 1 ++ ++/* Define to 1 if you have the `RSA_meth_set_priv_enc' function. */ ++#define HAVE_RSA_METH_SET_PRIV_ENC 1 ++ ++/* Define to 1 if you have the `DSA_meth_dup' function. */ ++#define HAVE_DSA_METH_DUP 1 ++ ++/* Define to 1 if you have the `DSA_meth_free' function. */ ++#define HAVE_DSA_METH_FREE 1 ++ ++/* Define to 1 if you have the `DSA_meth_set1_name' function. */ ++#define HAVE_DSA_METH_SET1_NAME 1 ++ ++/* Define to 1 if you have the `DSA_meth_set_sign' function. */ ++#define HAVE_DSA_METH_SET_SIGN 1 ++ ++/* Define to 1 if you have the `DSA_SIG_set0' function. */ ++#define HAVE_DSA_SIG_SET0 1 +diff --git a/lib/Makefile.w32-vc b/lib/Makefile.w32-vc +index 2edab39..b2ac746 100644 +--- a/lib/Makefile.w32-vc ++++ b/lib/Makefile.w32-vc +@@ -60,9 +60,9 @@ OPENSSL_HOME = ..\..\openssl-0.9.8a + !endif + + !ifdef OPENSSL +-OPENSSL_STATIC = libeay32.lib ++OPENSSL_STATIC = libcrypto.lib + #OPENSSL_STATIC = libeay32sd.lib +-OPENSSL_DYNAMIC = libeay32.lib ++OPENSSL_DYNAMIC = libcrypto.lib + #OPENSSL_DYNAMIC = libeay32d.lib + + OPENSSL_INC=$(OPENSSL_HOME)\include +-- +2.23.0.windows.1 diff --git a/contrib/vcpkg-ports/pkcs11-helper/CONTROL b/contrib/vcpkg-ports/pkcs11-helper/CONTROL new file mode 100644 index 0000000..0183180 --- /dev/null +++ b/contrib/vcpkg-ports/pkcs11-helper/CONTROL @@ -0,0 +1,4 @@ +Source: pkcs11-helper +Version: 1.27-1 +Homepage: https://github.com/OpenSC/pkcs11-helper +Description: pkcs11-helper is a library that simplifies the interaction with PKCS#11 providers for end-user applications. diff --git a/contrib/vcpkg-ports/pkcs11-helper/pkcs11-helper-001-RFC7512.patch b/contrib/vcpkg-ports/pkcs11-helper/pkcs11-helper-001-RFC7512.patch new file mode 100644 index 0000000..84fba08 --- /dev/null +++ b/contrib/vcpkg-ports/pkcs11-helper/pkcs11-helper-001-RFC7512.patch @@ -0,0 +1,686 @@ +commit 90590b02085edc3830bdfe0942a46c4e7bf3f1ab (HEAD -> master) +Author: David Woodhouse +Date: Thu Apr 30 14:58:24 2015 +0100 + + Serialize to RFC7512-compliant PKCS#11 URIs + + Signed-off-by: David Woodhouse + +commit 4d5280da8df591aab701dff4493d13a835a9b29c +Author: David Woodhouse +Date: Wed Dec 10 14:00:21 2014 +0000 + + Accept RFC7512-compliant PKCS#11 URIs as serialized token/certificate IDs + + The old format is still accepted for compatibility. + + Signed-off-by: David Woodhouse + +commit 14e09211c3d50eb06825090c9765e4382cf52f19 +Author: David Woodhouse +Date: Sun Dec 14 19:42:18 2014 +0000 + + Stop _pkcs11h_util_hexToBinary() checking for trailing NUL + + We are going to want to use this for parsing %XX hex escapes in RFC7512 + PKCS#11 URIs, where we cannot expect a trailing NUL. Since there's only + one existing caller at the moment, it's simple just to let the caller + have responsibility for that check. + + Signed-off-by: David Woodhouse +diff --git a/lib/pkcs11h-serialization.c b/lib/pkcs11h-serialization.c +index ad275f8..1d077e4 100644 +--- a/lib/pkcs11h-serialization.c ++++ b/lib/pkcs11h-serialization.c +@@ -61,29 +61,127 @@ + + #if defined(ENABLE_PKCS11H_TOKEN) || defined(ENABLE_PKCS11H_CERTIFICATE) + ++#define URI_SCHEME "pkcs11:" ++ ++#define token_field_ofs(field) ((unsigned long)&(((struct pkcs11h_token_id_s *)0)->field)) ++#define token_field_size(field) sizeof((((struct pkcs11h_token_id_s *)0)->field)) ++#define token_field(name, field) { name "=", sizeof(name), \ ++ token_field_ofs(field), token_field_size(field) } ++ ++static struct { ++ const char const *name; ++ size_t namelen; ++ unsigned long field_ofs; ++ size_t field_size; ++} __token_fields[] = { ++ token_field ("model", model), ++ token_field ("token", label), ++ token_field ("manufacturer", manufacturerID ), ++ token_field ("serial", serialNumber ), ++ { NULL }, ++}; ++ ++#define P11_URL_VERBATIM "abcdefghijklmnopqrstuvwxyz" \ ++ "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \ ++ "0123456789_-." ++ ++static ++int ++__token_attr_escape(char *uri, char *attr, size_t attrlen) ++{ ++ int len = 0, i; ++ ++ for (i = 0; i < attrlen; i++) { ++ if ((attr[i] != '\x0') && strchr(P11_URL_VERBATIM, attr[i])) { ++ if (uri) { ++ *(uri++) = attr[i]; ++ } ++ len++; ++ } else { ++ if (uri) { ++ sprintf(uri, "%%%02x", (unsigned char)attr[i]); ++ uri += 3; ++ } ++ len += 3; ++ } ++ } ++ return len; ++} ++ ++static ++CK_RV ++__generate_pkcs11_uri ( ++ OUT char * const sz, ++ IN OUT size_t *max, ++ IN const pkcs11h_certificate_id_t certificate_id, ++ IN const pkcs11h_token_id_t token_id ++) { ++ size_t _max; ++ char *p = sz; ++ int i; ++ ++ _PKCS11H_ASSERT (max!=NULL); ++ _PKCS11H_ASSERT (token_id!=NULL); ++ ++ _max = strlen(URI_SCHEME); ++ for (i = 0; __token_fields[i].name; i++) { ++ char *field = ((char *)token_id) + __token_fields[i].field_ofs; ++ ++ _max += __token_fields[i].namelen; ++ _max += __token_attr_escape (NULL, field, strlen(field)); ++ _max++; /* For a semicolon or trailing NUL */ ++ } ++ if (certificate_id) { ++ _max += strlen (";id="); ++ _max += __token_attr_escape (NULL, ++ (char *)certificate_id->attrCKA_ID, ++ certificate_id->attrCKA_ID_size); ++ } ++ ++ if (!sz) { ++ *max = _max; ++ return CKR_OK; ++ } ++ ++ if (sz && *max < _max) ++ return CKR_ATTRIBUTE_VALUE_INVALID; ++ ++ p += sprintf(p, URI_SCHEME); ++ for (i = 0; __token_fields[i].name; i++) { ++ char *field = ((char *)token_id) + __token_fields[i].field_ofs; ++ ++ p += sprintf (p, "%s", __token_fields[i].name); ++ p += __token_attr_escape (p, field, strlen(field)); ++ *(p++) = ';'; ++ } ++ if (certificate_id) { ++ p += sprintf (p, "id="); ++ p += __token_attr_escape (p, ++ (char *)certificate_id->attrCKA_ID, ++ certificate_id->attrCKA_ID_size); ++ } else { ++ /* Remove the unneeded trailing semicolon */ ++ p--; ++ } ++ *(p++) = 0; ++ ++ *max = _max; ++ ++ return CKR_OK; ++} ++ + CK_RV + pkcs11h_token_serializeTokenId ( + OUT char * const sz, + IN OUT size_t *max, + IN const pkcs11h_token_id_t token_id + ) { +- const char *sources[5]; + CK_RV rv = CKR_FUNCTION_FAILED; +- size_t n; +- int e; + + /*_PKCS11H_ASSERT (sz!=NULL); Not required*/ + _PKCS11H_ASSERT (max!=NULL); + _PKCS11H_ASSERT (token_id!=NULL); + +- { /* Must be after assert */ +- sources[0] = token_id->manufacturerID; +- sources[1] = token_id->model; +- sources[2] = token_id->serialNumber; +- sources[3] = token_id->label; +- sources[4] = NULL; +- } +- + _PKCS11H_DEBUG ( + PKCS11H_LOG_DEBUG2, + "PKCS#11: pkcs11h_token_serializeTokenId entry sz=%p, *max="P_Z", token_id=%p", +@@ -92,67 +190,161 @@ pkcs11h_token_serializeTokenId ( + (void *)token_id + ); + +- n = 0; +- for (e=0;sources[e] != NULL;e++) { +- size_t t; +- if ( +- (rv = _pkcs11h_util_escapeString ( +- NULL, +- sources[e], +- &t, +- __PKCS11H_SERIALIZE_INVALID_CHARS +- )) != CKR_OK +- ) { +- goto cleanup; ++ rv = __generate_pkcs11_uri(sz, max, NULL, token_id); ++ ++ _PKCS11H_DEBUG ( ++ PKCS11H_LOG_DEBUG2, ++ "PKCS#11: pkcs11h_token_serializeTokenId return rv=%lu-'%s', *max="P_Z", sz='%s'", ++ rv, ++ pkcs11h_getMessage (rv), ++ *max, ++ sz ++ ); ++ ++ return rv; ++} ++ ++static ++CK_RV ++__parse_token_uri_attr ( ++ const char *uri, ++ size_t urilen, ++ char *tokstr, ++ size_t toklen, ++ size_t *parsed_len ++) { ++ size_t orig_toklen = toklen; ++ CK_RV rv = CKR_OK; ++ ++ while (urilen && toklen > 1) { ++ if (*uri == '%') { ++ size_t size = 1; ++ ++ if (urilen < 3) { ++ rv = CKR_ATTRIBUTE_VALUE_INVALID; ++ goto done; ++ } ++ ++ rv = _pkcs11h_util_hexToBinary ((unsigned char *)tokstr, ++ uri + 1, &size); ++ if (rv != CKR_OK) { ++ goto done; ++ } ++ ++ uri += 2; ++ urilen -= 2; ++ } else { ++ *tokstr = *uri; + } +- n+=t; ++ tokstr++; ++ uri++; ++ toklen--; ++ urilen--; ++ tokstr[0] = 0; + } + +- if (sz != NULL) { +- if (*max < n) { +- rv = CKR_ATTRIBUTE_VALUE_INVALID; +- goto cleanup; ++ if (urilen) { ++ rv = CKR_ATTRIBUTE_VALUE_INVALID; ++ } else if (parsed_len) { ++ *parsed_len = orig_toklen - toklen; ++ } ++ ++ done: ++ return rv; ++} ++ ++static ++CK_RV ++__parse_pkcs11_uri ( ++ OUT pkcs11h_token_id_t token_id, ++ OUT pkcs11h_certificate_id_t certificate_id, ++ IN const char * const sz ++) { ++ const char *end, *p; ++ CK_RV rv = CKR_OK; ++ ++ _PKCS11H_ASSERT (token_id!=NULL); ++ _PKCS11H_ASSERT (sz!=NULL); ++ ++ if (strncmp (sz, URI_SCHEME, strlen (URI_SCHEME))) ++ return CKR_ATTRIBUTE_VALUE_INVALID; ++ ++ end = sz + strlen (URI_SCHEME) - 1; ++ while (rv == CKR_OK && end[0] && end[1]) { ++ int i; ++ ++ p = end + 1; ++ end = strchr (p, ';'); ++ if (!end) ++ end = p + strlen(p); ++ ++ for (i = 0; __token_fields[i].name; i++) { ++ /* Parse the token=, label=, manufacturer= and serial= fields */ ++ if (!strncmp(p, __token_fields[i].name, __token_fields[i].namelen)) { ++ char *field = ((char *)token_id) + __token_fields[i].field_ofs; ++ ++ p += __token_fields[i].namelen; ++ rv = __parse_token_uri_attr (p, end - p, field, ++ __token_fields[i].field_size, ++ NULL); ++ if (rv != CKR_OK) { ++ goto cleanup; ++ } ++ ++ goto matched; ++ } + } ++ if (certificate_id && !strncmp(p, "id=", 3)) { ++ p += 3; ++ ++ rv = _pkcs11h_mem_malloc ((void *)&certificate_id->attrCKA_ID, ++ end - p + 1); ++ if (rv != CKR_OK) { ++ goto cleanup; ++ } + +- n = 0; +- for (e=0;sources[e] != NULL;e++) { +- size_t t = *max-n; +- if ( +- (rv = _pkcs11h_util_escapeString ( +- sz+n, +- sources[e], +- &t, +- __PKCS11H_SERIALIZE_INVALID_CHARS +- )) != CKR_OK +- ) { ++ rv = __parse_token_uri_attr (p, end - p, ++ (char *)certificate_id->attrCKA_ID, ++ end - p + 1, ++ &certificate_id->attrCKA_ID_size); ++ if (rv != CKR_OK) { + goto cleanup; + } +- n+=t; +- sz[n-1] = '/'; ++ ++ goto matched; + } +- sz[n-1] = '\x0'; +- } + +- *max = n; +- rv = CKR_OK; ++ /* We don't parse object= because the match code doesn't support ++ matching by label. */ ++ ++ /* Failed to parse PKCS#11 URI element. */ ++ return CKR_ATTRIBUTE_VALUE_INVALID; + ++ matched: ++ ; ++ } + cleanup: ++ /* The matching code doesn't support support partial matches; it needs ++ * *all* of manufacturer, model, serial and label attributes to be ++ * defined. So reject partial URIs early instead of letting it do the ++ * wrong thing. We can maybe improve this later. */ ++ if (!token_id->model[0] || !token_id->label[0] || ++ !token_id->manufacturerID[0] || !token_id->serialNumber[0]) { ++ return CKR_ATTRIBUTE_VALUE_INVALID; ++ } + +- _PKCS11H_DEBUG ( +- PKCS11H_LOG_DEBUG2, +- "PKCS#11: pkcs11h_token_serializeTokenId return rv=%lu-'%s', *max="P_Z", sz='%s'", +- rv, +- pkcs11h_getMessage (rv), +- *max, +- sz +- ); ++ /* For a certificate ID we need CKA_ID */ ++ if (certificate_id && !certificate_id->attrCKA_ID_size) { ++ return CKR_ATTRIBUTE_VALUE_INVALID; ++ } + + return rv; + } + ++static + CK_RV +-pkcs11h_token_deserializeTokenId ( +- OUT pkcs11h_token_id_t *p_token_id, ++__pkcs11h_token_legacy_deserializeTokenId ( ++ OUT pkcs11h_token_id_t token_id, + IN const char * const sz + ) { + #define __PKCS11H_TARGETS_NUMBER 4 +@@ -161,24 +353,11 @@ pkcs11h_token_deserializeTokenId ( + size_t s; + } targets[__PKCS11H_TARGETS_NUMBER]; + +- pkcs11h_token_id_t token_id = NULL; + char *p1 = NULL; + char *_sz = NULL; + int e; + CK_RV rv = CKR_FUNCTION_FAILED; + +- _PKCS11H_ASSERT (p_token_id!=NULL); +- _PKCS11H_ASSERT (sz!=NULL); +- +- _PKCS11H_DEBUG ( +- PKCS11H_LOG_DEBUG2, +- "PKCS#11: pkcs11h_token_deserializeTokenId entry p_token_id=%p, sz='%s'", +- (void *)p_token_id, +- sz +- ); +- +- *p_token_id = NULL; +- + if ( + (rv = _pkcs11h_mem_strdup ( + (void *)&_sz, +@@ -190,10 +369,6 @@ pkcs11h_token_deserializeTokenId ( + + p1 = _sz; + +- if ((rv = _pkcs11h_token_newTokenId (&token_id)) != CKR_OK) { +- goto cleanup; +- } +- + targets[0].p = token_id->manufacturerID; + targets[0].s = sizeof (token_id->manufacturerID); + targets[1].p = token_id->model; +@@ -252,6 +427,51 @@ pkcs11h_token_deserializeTokenId ( + p1 = p2+1; + } + ++ rv = CKR_OK; ++ ++cleanup: ++ ++ if (_sz != NULL) { ++ _pkcs11h_mem_free ((void *)&_sz); ++ } ++ ++ return rv; ++#undef __PKCS11H_TARGETS_NUMBER ++} ++ ++CK_RV ++pkcs11h_token_deserializeTokenId ( ++ OUT pkcs11h_token_id_t *p_token_id, ++ IN const char * const sz ++) { ++ pkcs11h_token_id_t token_id = NULL; ++ CK_RV rv = CKR_FUNCTION_FAILED; ++ ++ _PKCS11H_ASSERT (p_token_id!=NULL); ++ _PKCS11H_ASSERT (sz!=NULL); ++ ++ _PKCS11H_DEBUG ( ++ PKCS11H_LOG_DEBUG2, ++ "PKCS#11: pkcs11h_token_deserializeTokenId entry p_token_id=%p, sz='%s'", ++ (void *)p_token_id, ++ sz ++ ); ++ ++ *p_token_id = NULL; ++ ++ if ((rv = _pkcs11h_token_newTokenId (&token_id)) != CKR_OK) { ++ goto cleanup; ++ } ++ ++ if (!strncmp (sz, URI_SCHEME, strlen (URI_SCHEME))) { ++ rv = __parse_pkcs11_uri(token_id, NULL, sz); ++ } else { ++ rv = __pkcs11h_token_legacy_deserializeTokenId(token_id, sz); ++ } ++ if (rv != CKR_OK) { ++ goto cleanup; ++ } ++ + strncpy ( + token_id->display, + token_id->label, +@@ -264,11 +484,6 @@ pkcs11h_token_deserializeTokenId ( + rv = CKR_OK; + + cleanup: +- +- if (_sz != NULL) { +- _pkcs11h_mem_free ((void *)&_sz); +- } +- + if (token_id != NULL) { + pkcs11h_token_freeTokenId (token_id); + } +@@ -281,7 +496,6 @@ cleanup: + ); + + return rv; +-#undef __PKCS11H_TARGETS_NUMBER + } + + #endif /* ENABLE_PKCS11H_TOKEN || ENABLE_PKCS11H_CERTIFICATE */ +@@ -295,9 +509,6 @@ pkcs11h_certificate_serializeCertificateId ( + IN const pkcs11h_certificate_id_t certificate_id + ) { + CK_RV rv = CKR_FUNCTION_FAILED; +- size_t saved_max = 0; +- size_t n = 0; +- size_t _max = 0; + + /*_PKCS11H_ASSERT (sz!=NULL); Not required */ + _PKCS11H_ASSERT (max!=NULL); +@@ -311,42 +522,7 @@ pkcs11h_certificate_serializeCertificateId ( + (void *)certificate_id + ); + +- if (sz != NULL) { +- saved_max = n = *max; +- } +- *max = 0; +- +- if ( +- (rv = pkcs11h_token_serializeTokenId ( +- sz, +- &n, +- certificate_id->token_id +- )) != CKR_OK +- ) { +- goto cleanup; +- } +- +- _max = n + certificate_id->attrCKA_ID_size*2 + 1; +- +- if (sz != NULL) { +- if (saved_max < _max) { +- rv = CKR_ATTRIBUTE_VALUE_INVALID; +- goto cleanup; +- } +- +- sz[n-1] = '/'; +- rv = _pkcs11h_util_binaryToHex ( +- sz+n, +- saved_max-n, +- certificate_id->attrCKA_ID, +- certificate_id->attrCKA_ID_size +- ); +- } +- +- *max = _max; +- rv = CKR_OK; +- +-cleanup: ++ rv = __generate_pkcs11_uri(sz, max, certificate_id, certificate_id->token_id); + + _PKCS11H_DEBUG ( + PKCS11H_LOG_DEBUG2, +@@ -360,27 +536,16 @@ cleanup: + return rv; + } + ++static + CK_RV +-pkcs11h_certificate_deserializeCertificateId ( +- OUT pkcs11h_certificate_id_t * const p_certificate_id, ++__pkcs11h_certificate_legacy_deserializeCertificateId ( ++ OUT pkcs11h_certificate_id_t certificate_id, + IN const char * const sz + ) { +- pkcs11h_certificate_id_t certificate_id = NULL; + CK_RV rv = CKR_FUNCTION_FAILED; + char *p = NULL; + char *_sz = NULL; +- +- _PKCS11H_ASSERT (p_certificate_id!=NULL); +- _PKCS11H_ASSERT (sz!=NULL); +- +- *p_certificate_id = NULL; +- +- _PKCS11H_DEBUG ( +- PKCS11H_LOG_DEBUG2, +- "PKCS#11: pkcs11h_certificate_deserializeCertificateId entry p_certificate_id=%p, sz='%s'", +- (void *)p_certificate_id, +- sz +- ); ++ size_t id_hex_len; + + if ( + (rv = _pkcs11h_mem_strdup ( +@@ -393,10 +558,6 @@ pkcs11h_certificate_deserializeCertificateId ( + + p = _sz; + +- if ((rv = _pkcs11h_certificate_newCertificateId (&certificate_id)) != CKR_OK) { +- goto cleanup; +- } +- + if ((p = strrchr (_sz, '/')) == NULL) { + rv = CKR_ATTRIBUTE_VALUE_INVALID; + goto cleanup; +@@ -414,7 +575,12 @@ pkcs11h_certificate_deserializeCertificateId ( + goto cleanup; + } + +- certificate_id->attrCKA_ID_size = strlen (p)/2; ++ id_hex_len = strlen (p); ++ if (id_hex_len & 1) { ++ rv = CKR_ATTRIBUTE_VALUE_INVALID; ++ goto cleanup; ++ } ++ certificate_id->attrCKA_ID_size = id_hex_len/2; + + if ( + (rv = _pkcs11h_mem_malloc ( +@@ -430,21 +596,64 @@ pkcs11h_certificate_deserializeCertificateId ( + goto cleanup; + } + ++ rv = CKR_OK; ++ ++cleanup: ++ ++ if (_sz != NULL) { ++ _pkcs11h_mem_free ((void *)&_sz); ++ } ++ ++ return rv; ++ ++} ++ ++CK_RV ++pkcs11h_certificate_deserializeCertificateId ( ++ OUT pkcs11h_certificate_id_t * const p_certificate_id, ++ IN const char * const sz ++) { ++ pkcs11h_certificate_id_t certificate_id = NULL; ++ CK_RV rv = CKR_FUNCTION_FAILED; ++ ++ _PKCS11H_ASSERT (p_certificate_id!=NULL); ++ _PKCS11H_ASSERT (sz!=NULL); ++ ++ *p_certificate_id = NULL; ++ ++ _PKCS11H_DEBUG ( ++ PKCS11H_LOG_DEBUG2, ++ "PKCS#11: pkcs11h_certificate_deserializeCertificateId entry p_certificate_id=%p, sz='%s'", ++ (void *)p_certificate_id, ++ sz ++ ); ++ ++ if ((rv = _pkcs11h_certificate_newCertificateId (&certificate_id)) != CKR_OK) { ++ goto cleanup; ++ } ++ if ((rv = _pkcs11h_token_newTokenId (&certificate_id->token_id)) != CKR_OK) { ++ goto cleanup; ++ } ++ ++ if (!strncmp(sz, URI_SCHEME, strlen (URI_SCHEME))) { ++ rv = __parse_pkcs11_uri (certificate_id->token_id, certificate_id, sz); ++ } else { ++ rv = __pkcs11h_certificate_legacy_deserializeCertificateId (certificate_id, sz); ++ } ++ if (rv != CKR_OK) { ++ goto cleanup; ++ } ++ + *p_certificate_id = certificate_id; + certificate_id = NULL; + rv = CKR_OK; + + cleanup: +- + if (certificate_id != NULL) { + pkcs11h_certificate_freeCertificateId (certificate_id); + certificate_id = NULL; + } + +- if (_sz != NULL) { +- _pkcs11h_mem_free ((void *)&_sz); +- } +- + _PKCS11H_DEBUG ( + PKCS11H_LOG_DEBUG2, + "PKCS#11: pkcs11h_certificate_deserializeCertificateId return rv=%lu-'%s'", +diff --git a/lib/pkcs11h-util.c b/lib/pkcs11h-util.c +index 0743fd1..f90e443 100644 +--- a/lib/pkcs11h-util.c ++++ b/lib/pkcs11h-util.c +@@ -110,12 +110,7 @@ _pkcs11h_util_hexToBinary ( + p++; + } + +- if (*p != '\x0') { +- return CKR_ATTRIBUTE_VALUE_INVALID; +- } +- else { +- return CKR_OK; +- } ++ return CKR_OK; + } + + CK_RV diff --git a/contrib/vcpkg-ports/pkcs11-helper/portfile.cmake b/contrib/vcpkg-ports/pkcs11-helper/portfile.cmake new file mode 100644 index 0000000..54a0009 --- /dev/null +++ b/contrib/vcpkg-ports/pkcs11-helper/portfile.cmake @@ -0,0 +1,35 @@ +set(VERSION 1.27) + +vcpkg_download_distfile(ARCHIVE + URLS "https://github.com/OpenSC/pkcs11-helper/releases/download/pkcs11-helper-${VERSION}/pkcs11-helper-${VERSION}.0.tar.bz2" + FILENAME "pkcs11-helper-${VERSION}.tar.bz2" + SHA512 5799342cb755dae8b7ba0880d652e9d4b4f1e52a74043015e1185e1e059326cb2689bb51957db98060ac2257dee34e2f047dcf3d52ad59fd49b91fedcfc5332b +) + +vcpkg_extract_source_archive_ex( + OUT_SOURCE_PATH SOURCE_PATH + ARCHIVE ${ARCHIVE} + REF ${VERSION} + PATCHES + 0001-nmake-openssl-1.1.1-support.patch + pkcs11-helper-001-RFC7512.patch +) + +vcpkg_build_nmake( + SOURCE_PATH ${SOURCE_PATH} + NO_DEBUG + PROJECT_SUBPATH lib + PROJECT_NAME Makefile.w32-vc + OPTIONS + OPENSSL=1 + OPENSSL_HOME=${CURRENT_PACKAGES_DIR}/../openssl_${TARGET_TRIPLET} +) + +file(INSTALL ${SOURCE_PATH}/include/pkcs11-helper-1.0 DESTINATION ${CURRENT_PACKAGES_DIR}/include/) +file(INSTALL ${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}/lib/pkcs11-helper.dll.lib DESTINATION ${CURRENT_PACKAGES_DIR}/lib) +file(INSTALL ${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}/lib/pkcs11-helper.dll.lib DESTINATION ${CURRENT_PACKAGES_DIR}/debug/lib) + +file(INSTALL ${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}/lib/libpkcs11-helper-1.dll DESTINATION ${CURRENT_PACKAGES_DIR}/bin) +file(INSTALL ${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}/lib/libpkcs11-helper-1.dll DESTINATION ${CURRENT_PACKAGES_DIR}/debug/bin) + +file(INSTALL ${SOURCE_PATH}/COPYING DESTINATION ${CURRENT_PACKAGES_DIR}/share/${PORT} RENAME copyright) diff --git a/contrib/vcpkg-triplets/arm64-windows-ovpn.cmake b/contrib/vcpkg-triplets/arm64-windows-ovpn.cmake new file mode 100644 index 0000000..dd3c6c0 --- /dev/null +++ b/contrib/vcpkg-triplets/arm64-windows-ovpn.cmake @@ -0,0 +1,7 @@ +set(VCPKG_TARGET_ARCHITECTURE arm64) +set(VCPKG_CRT_LINKAGE dynamic) +set(VCPKG_LIBRARY_LINKAGE dynamic) + +if(PORT STREQUAL "lz4") + set(VCPKG_LIBRARY_LINKAGE static) +endif() diff --git a/contrib/vcpkg-triplets/x64-windows-ovpn.cmake b/contrib/vcpkg-triplets/x64-windows-ovpn.cmake new file mode 100644 index 0000000..7036ed2 --- /dev/null +++ b/contrib/vcpkg-triplets/x64-windows-ovpn.cmake @@ -0,0 +1,7 @@ +set(VCPKG_TARGET_ARCHITECTURE x64) +set(VCPKG_CRT_LINKAGE dynamic) +set(VCPKG_LIBRARY_LINKAGE dynamic) + +if(PORT STREQUAL "lz4") + set(VCPKG_LIBRARY_LINKAGE static) +endif() diff --git a/contrib/vcpkg-triplets/x86-windows-ovpn.cmake b/contrib/vcpkg-triplets/x86-windows-ovpn.cmake new file mode 100644 index 0000000..7d3bf34 --- /dev/null +++ b/contrib/vcpkg-triplets/x86-windows-ovpn.cmake @@ -0,0 +1,7 @@ +set(VCPKG_TARGET_ARCHITECTURE x86) +set(VCPKG_CRT_LINKAGE dynamic) +set(VCPKG_LIBRARY_LINKAGE dynamic) + +if(PORT STREQUAL "lz4") + set(VCPKG_LIBRARY_LINKAGE static) +endif() -- cgit v1.2.3