diff --git a/recipes/wip/dev/lang/php84/recipe.toml b/recipes/wip/dev/lang/php84/recipe.toml index 3b76747a7..b15b88685 100644 --- a/recipes/wip/dev/lang/php84/recipe.toml +++ b/recipes/wip/dev/lang/php84/recipe.toml @@ -1,4 +1,4 @@ -#TODO fix openssl +#TODO promote [source] tar = "https://www.php.net/distributions/php-8.4.12.tar.xz" patches = [ @@ -27,6 +27,7 @@ dependencies = [ "ncurses", "nghttp2", "openssl1", + "openssl3", # put this after openssl1 "pcre", "sqlite3", "xz", @@ -58,7 +59,7 @@ COOKBOOK_CONFIGURE_FLAGS+=( --with-avif --with-ffi --with-libedit -# --with-openssl # need 1.1.1 + --with-openssl --with-sodium --with-zip ) diff --git a/recipes/wip/dev/lang/python312/recipe.toml b/recipes/wip/dev/lang/python312/recipe.toml index c9c8cef85..09bbee22e 100644 --- a/recipes/wip/dev/lang/python312/recipe.toml +++ b/recipes/wip/dev/lang/python312/recipe.toml @@ -1,4 +1,4 @@ -#TODO works without pip, probably it requires openssl +#TODO works without pip [source] tar = "https://www.python.org/ftp/python/3.12.0/Python-3.12.0.tar.xz" patches = [ @@ -11,7 +11,7 @@ dependencies = [ "bzip2", "libffi", "libuuid", -# "openssl1", requires 1.1.1 + "openssl3", "ncurses", "ncursesw", "readline", diff --git a/recipes/wip/libs/tls/openssl3/recipe.toml b/recipes/wip/libs/tls/openssl3/recipe.toml new file mode 100644 index 000000000..6ce485eee --- /dev/null +++ b/recipes/wip/libs/tls/openssl3/recipe.toml @@ -0,0 +1,29 @@ +[source] +tar = "https://github.com/openssl/openssl/releases/download/openssl-3.5.3/openssl-3.5.3.tar.gz" +patches = [ "redox.patch" ] + +[build] +template = "custom" +dependencies = [ + "zlib", + "zstd" +] +script = """ +DYNAMIC_INIT +ARCH="${TARGET%%-*}" +export ARFLAGS=cr +COOKBOOK_CONFIGURE="${COOKBOOK_SOURCE}/Configure" +COOKBOOK_CONFIGURE_FLAGS=( + no-tests + no-unit-test + shared + zlib + enable-zstd + "redox-${ARCH}" + --prefix="/usr" +) +"${COOKBOOK_CONFIGURE}" "${COOKBOOK_CONFIGURE_FLAGS[@]}" +"${COOKBOOK_MAKE}" -j1 # bug in make/ar +"${COOKBOOK_MAKE}" install_sw install_ssldirs DESTDIR="${COOKBOOK_STAGE}" +rm -rfv "${COOKBOOK_STAGE}/"{share,ssl} +""" diff --git a/recipes/wip/libs/tls/openssl3/redox.patch b/recipes/wip/libs/tls/openssl3/redox.patch new file mode 100644 index 000000000..e2038c926 --- /dev/null +++ b/recipes/wip/libs/tls/openssl3/redox.patch @@ -0,0 +1,56 @@ +diff -ruwN source/apps/lib/apps.c source-new/apps/lib/apps.c +--- source/apps/lib/apps.c 2025-09-16 19:05:33.000000000 +0700 ++++ source-new/apps/lib/apps.c 2025-09-20 12:29:36.439917319 +0700 +@@ -2839,7 +2839,7 @@ + return ret; + } + +-#elif defined(_SC_CLK_TCK) /* by means of unistd.h */ ++#elif defined(_SC_CLK_TCK) && !defined(__redox__) /* by means of unistd.h */ + # include + + double app_tminterval(int stop, int usertime) +diff -ruwN source/Configurations/10-main.conf source-new/Configurations/10-main.conf +--- source/Configurations/10-main.conf 2025-09-16 19:05:33.000000000 +0700 ++++ source-new/Configurations/10-main.conf 2025-09-20 13:13:14.569456910 +0700 +@@ -208,6 +208,40 @@ + shared_extension => ".so", + }, + ++### Redox configurations ++ "redox-common" => { ++ inherit_from => [ "BASE_unix" ], ++ cc => "gcc", ++ thread_scheme => "pthreads", ++ dso_scheme => "dlfcn", ++ shared_target => "linux-shared", ++ shared_cflag => "-fPIC", ++ shared_ldflag => sub { $disabled{pinshared} ? () : "-Wl,-znodelete" }, ++ shared_extension => ".so.\$(SHLIB_VERSION_NUMBER)", ++ }, ++ "redox-generic64" => { ++ inherit_from => [ "redox-common" ], ++ bn_ops => "SIXTY_FOUR_BIT_LONG RC4_CHAR", ++ }, ++ "redox-aarch64" => { ++ inherit_from => [ "redox-generic64" ], ++ perlasm_scheme => "linux64", ++ }, ++ "redox-i686" => { ++ inherit_from => [ "redox-common" ], ++ bn_ops => "BN_LLONG", ++ perlasm_scheme => "elf", ++ }, ++ "redox-riscv64gc" => { ++ inherit_from => [ "redox-generic64" ], ++ perlasm_scheme => "linux64", ++ }, ++ "redox-x86_64" => { ++ inherit_from => [ "redox-generic64" ], ++ perlasm_scheme => "elf", ++ }, ++ ++ + #### Solaris configurations + "solaris-common" => { + inherit_from => [ "BASE_unix" ], diff --git a/recipes/wip/ssh/openssh/recipe.toml b/recipes/wip/ssh/openssh/recipe.toml index 44343a58c..08683a8bd 100644 --- a/recipes/wip/ssh/openssh/recipe.toml +++ b/recipes/wip/ssh/openssh/recipe.toml @@ -1,7 +1,5 @@ #TODO lack of resolv.h, expect dns not working #TODO lack of utmpx.h, expect no way to track login in sshd -#TODO lack of an equivalent to shadow.h, expect sshd password not working -#TODO lack of openssl support, use only ssh-keygen from redox [source] tar = "https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz" patches = [ @@ -10,14 +8,13 @@ patches = [ [build] template = "custom" dependencies = [ + "openssl3", "zlib", ] script = """ DYNAMIC_INIT COOKBOOK_CONFIGURE_FLAGS+=( --disable-strip -# requires openssl 1.1.1, result in libcrypto error otherwise - --without-openssl --sysconfdir=/etc/ssh ) cookbook_configure @@ -35,8 +32,4 @@ CONFIG_FILE="${COOKBOOK_STAGE}"/etc/ssh/sshd_config # ipv6 is not working yet sed -i "s/#AddressFamily any/AddressFamily inet/g" "${CONFIG_FILE}" -# hardcoded to 0.0.0.0 in patches -sed -i "s/#ListenAddress 0.0.0.0/ListenAddress 0.0.0.0/g" "${CONFIG_FILE}" -# will never work -sed -i "s/#PasswordAuthentication yes/PasswordAuthentication no/g" "${CONFIG_FILE}" """ diff --git a/recipes/wip/ssh/openssh/redox.patch b/recipes/wip/ssh/openssh/redox.patch index 980b9ab37..a061b1735 100644 --- a/recipes/wip/ssh/openssh/redox.patch +++ b/recipes/wip/ssh/openssh/redox.patch @@ -459,19 +459,6 @@ diff -ruwN source/regress/netcat.c source-new/regress/netcat.c #define SOCKS_PORT "1080" #define HTTP_PROXY_PORT "3128" -diff -ruwN source/servconf.c source-new/servconf.c ---- source/servconf.c 2024-07-01 11:36:28.000000000 +0700 -+++ source-new/servconf.c 2025-09-07 01:38:08.219942429 +0700 -@@ -857,7 +857,8 @@ - hints.ai_socktype = SOCK_STREAM; - hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; - snprintf(strport, sizeof strport, "%d", port); -- if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) -+ // redox don't accept addr == NULL yet -+ if ((gaierr = getaddrinfo("0.0.0.0", strport, &hints, &aitop)) != 0) - fatal("bad addr or host: %s (%s)", - addr ? addr : "", - ssh_gai_strerror(gaierr)); diff -ruwN source/session.c source-new/session.c --- source/session.c 2024-07-01 11:36:28.000000000 +0700 +++ source-new/session.c 2025-09-07 01:22:43.637928015 +0700