From 15958906f3205b64138969d7c06194c781998237 Mon Sep 17 00:00:00 2001 From: Kai Pastor Date: Sun, 8 Sep 2024 21:04:08 +0200 Subject: [PATCH] [mbedtls] Update to 3.6.1 (#40687) --- ports/mbedtls/enable-pthread.patch | 134 ++++++++---------------- ports/mbedtls/portfile.cmake | 40 ++++--- ports/mbedtls/usage | 18 ++++ ports/mbedtls/vcpkg-cmake-wrapper.cmake | 50 ++++----- ports/mbedtls/vcpkg.json | 7 +- ports/oatpp-mbedtls/find-mbedtls.patch | 120 +-------------------- ports/oatpp-mbedtls/mbedtls-3.patch | 44 ++++++++ ports/oatpp-mbedtls/portfile.cmake | 24 +++-- ports/oatpp-mbedtls/vcpkg.json | 4 +- ports/openvpn3/dependencies.diff | 13 ++- ports/openvpn3/vcpkg.json | 1 + versions/baseline.json | 6 +- versions/m-/mbedtls.json | 5 + versions/o-/oatpp-mbedtls.json | 5 + versions/o-/openvpn3.json | 5 + 15 files changed, 203 insertions(+), 273 deletions(-) create mode 100644 ports/mbedtls/usage create mode 100644 ports/oatpp-mbedtls/mbedtls-3.patch diff --git a/ports/mbedtls/enable-pthread.patch b/ports/mbedtls/enable-pthread.patch index 6a5f814a79..590386d85c 100755 --- a/ports/mbedtls/enable-pthread.patch +++ b/ports/mbedtls/enable-pthread.patch @@ -1,102 +1,54 @@ diff --git a/CMakeLists.txt b/CMakeLists.txt -index 844491778..aa81d01f5 100644 +index 2eba16d..a46cb3d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -46,6 +46,7 @@ set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}) - - option(USE_PKCS11_HELPER_LIBRARY "Build Mbed TLS with the pkcs11-helper library." OFF) - option(ENABLE_ZLIB_SUPPORT "Build Mbed TLS with zlib library." OFF) -+option(ENABLE_PTHREAD "Build Mbed TLS with pthread" OFF) - - option(ENABLE_PROGRAMS "Build Mbed TLS programs." ON) - -@@ -264,6 +265,8 @@ if(LIB_INSTALL_DIR) - set(CMAKE_INSTALL_LIBDIR "${LIB_INSTALL_DIR}") - endif() - -+include_directories(${CMAKE_CURRENT_BINARY_DIR}/include/) -+ - if(ENABLE_ZLIB_SUPPORT) - find_package(ZLIB) - -@@ -272,6 +275,17 @@ if(ENABLE_ZLIB_SUPPORT) - endif(ZLIB_FOUND) - endif(ENABLE_ZLIB_SUPPORT) - -+if(ENABLE_PTHREAD) -+ if(WIN32) -+ find_package(pthreads_windows REQUIRED) -+ include_directories(${PThreads4W_INCLUDE_DIR}) -+ else() -+ set(CMAKE_THREAD_PREFER_PTHREAD ON) -+ find_package(Threads REQUIRED) -+ endif() -+ set(LINK_WITH_PTHREAD ON) +@@ -123,7 +123,17 @@ endif() + # We now potentially need to link all executables against PThreads, if available + set(CMAKE_THREAD_PREFER_PTHREAD TRUE) + set(THREADS_PREFER_PTHREAD_FLAG TRUE) +-find_package(Threads) ++if(NOT LINK_WITH_PTHREAD) ++ set(CMAKE_DISABLE_FIND_PACKAGE_Threads ON) ++elseif(WIN32 AND NOT MINGW) ++ find_package(PThreads4W REQUIRED) ++ set(CMAKE_THREAD_LIBS_INIT PThreads4W::PThreads4W) ++ add_definitions(-DLINK_WITH_PTHREAD) ++else() ++ find_package(Threads REQUIRED) ++ set(CMAKE_THREAD_LIBS_INIT Threads::Threads) ++ add_definitions(-DLINK_WITH_PTHREAD) +endif() -+ - add_subdirectory(include) - add_subdirectory(3rdparty) -diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt -index 11b417bd3..5ca44c341 100644 ---- a/include/CMakeLists.txt -+++ b/include/CMakeLists.txt -@@ -1,10 +1,14 @@ - option(INSTALL_MBEDTLS_HEADERS "Install Mbed TLS headers." ON) + # If this is the root project add longer list of available CMAKE_BUILD_TYPE values + if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR) +diff --git a/cmake/MbedTLSConfig.cmake.in b/cmake/MbedTLSConfig.cmake.in +index b65bbab..5919c37 100644 +--- a/cmake/MbedTLSConfig.cmake.in ++++ b/cmake/MbedTLSConfig.cmake.in +@@ -1,3 +1,11 @@ + @PACKAGE_INIT@ -+configure_file(mbedtls/config_threading.h.in mbedtls/config_threading.h) -+ - if(INSTALL_MBEDTLS_HEADERS) - - file(GLOB headers "mbedtls/*.h") - file(GLOB psa_headers "psa/*.h") -- -+ -+ set(headers ${headers} ${CMAKE_CURRENT_BINARY_DIR}/mbedtls/config_threading.h) -+ - install(FILES ${headers} - DESTINATION include/mbedtls - PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) -diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h -index 4842fd494..fbce34128 100644 ---- a/include/mbedtls/config.h -+++ b/include/mbedtls/config.h -@@ -12,6 +12,8 @@ - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ++if("@LINK_WITH_PTHREAD@") ++ include(CMakeFindDependencyMacro) ++ if(WIN32 AND NOT MINGW) ++ find_dependency(PThreads4W) ++ else() ++ find_dependency(Threads) ++ endif() ++endif() + include("${CMAKE_CURRENT_LIST_DIR}/MbedTLSTargets.cmake") +diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h +index 3592141..174cabc 100644 +--- a/include/mbedtls/mbedtls_config.h ++++ b/include/mbedtls/mbedtls_config.h +@@ -2091,6 +2091,10 @@ + * Uncomment this to enable pthread mutexes. */ - -+#include "mbedtls/config_threading.h" -+ - #ifndef MBEDTLS_CONFIG_H - #define MBEDTLS_CONFIG_H - -diff --git a/include/mbedtls/config_threading.h.in b/include/mbedtls/config_threading.h.in -new file mode 100644 -index 0000000..9d5d42e ---- /dev/null -+++ b/include/mbedtls/config_threading.h.in -@@ -0,0 +1,6 @@ -+#cmakedefine ENABLE_PTHREAD -+ -+#ifdef ENABLE_PTHREAD + //#define MBEDTLS_THREADING_PTHREAD ++#ifdef LINK_WITH_PTHREAD +#define MBEDTLS_THREADING_C +#define MBEDTLS_THREADING_PTHREAD +#endif -\ No newline at end of file -diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt -index 48e51a158..4e752f777 100644 ---- a/library/CMakeLists.txt -+++ b/library/CMakeLists.txt -@@ -149,7 +149,11 @@ if(ENABLE_ZLIB_SUPPORT) - endif(ENABLE_ZLIB_SUPPORT) - if(LINK_WITH_PTHREAD) -- set(libs ${libs} pthread) -+ if(WIN32) -+ set(libs ${libs} ${PThreads4W_LIBRARY}) -+ else() -+ set(libs ${libs} pthread) -+ endif() - endif() - - if(LINK_WITH_TRUSTED_STORAGE) + /** + * \def MBEDTLS_USE_PSA_CRYPTO diff --git a/ports/mbedtls/portfile.cmake b/ports/mbedtls/portfile.cmake index f1062db502..f7f2fb74ef 100644 --- a/ports/mbedtls/portfile.cmake +++ b/ports/mbedtls/portfile.cmake @@ -1,39 +1,49 @@ -set(VCPKG_LIBRARY_LINKAGE static) +if(VCPKG_TARGET_IS_WINDOWS) + vcpkg_check_linkage(ONLY_STATIC_LIBRARY) # https://github.com/Mbed-TLS/mbedtls/issues/470 +endif() vcpkg_from_github( OUT_SOURCE_PATH SOURCE_PATH - REPO ARMmbed/mbedtls + REPO Mbed-TLS/mbedtls REF "v${VERSION}" - SHA512 72a25a6b2a132545d32c7a6819bde569a315f2e83049467653af6347c918e4781462dceca21c64c76a4af7d19cedaf968f48b3f0309a6b0289466c087e49dd38 - HEAD_REF mbedtls-2.28 + SHA512 e7985a4e7e07328ae55fdad5212f71ac6af903f2b670c6d4bc2a8d6a4b9b7343697a2fd350a836b9425590c838615cd5b2fa851940bd137bb759fa35cd9f0ee8 + HEAD_REF development PATCHES enable-pthread.patch ) +file(WRITE "${SOURCE_PATH}/framework/CMakeLists.txt" "# empty placeholder") vcpkg_check_features( OUT_FEATURE_OPTIONS FEATURE_OPTIONS FEATURES - pthreads ENABLE_PTHREAD + pthreads LINK_WITH_PTHREAD ) +string(COMPARE EQUAL "${VCPKG_LIBRARY_LINKAGE}" "dynamic" USE_SHARED_MBEDTLS_LIBRARY) +string(COMPARE EQUAL "${VCPKG_LIBRARY_LINKAGE}" "static" USE_STATIC_MBEDTLS_LIBRARY) + vcpkg_cmake_configure( - SOURCE_PATH ${SOURCE_PATH} + SOURCE_PATH "${SOURCE_PATH}" OPTIONS ${FEATURE_OPTIONS} -DENABLE_TESTING=OFF -DENABLE_PROGRAMS=OFF -DMBEDTLS_FATAL_WARNINGS=FALSE + -DUSE_SHARED_MBEDTLS_LIBRARY=${USE_SHARED_MBEDTLS_LIBRARY} + -DUSE_STATIC_MBEDTLS_LIBRARY=${USE_STATIC_MBEDTLS_LIBRARY} + OPTIONS_DEBUG + -DINSTALL_MBEDTLS_HEADERS=OFF ) vcpkg_cmake_install() - -file(REMOVE_RECURSE ${CURRENT_PACKAGES_DIR}/debug/include) - -file(INSTALL ${SOURCE_PATH}/LICENSE DESTINATION ${CURRENT_PACKAGES_DIR}/share/${PORT} RENAME copyright) - -if (VCPKG_TARGET_IS_WINDOWS AND pthreads IN_LIST FEATURES) - file(INSTALL ${CMAKE_CURRENT_LIST_DIR}/vcpkg-cmake-wrapper.cmake DESTINATION ${CURRENT_PACKAGES_DIR}/share/${PORT}) -endif () - vcpkg_copy_pdbs() vcpkg_fixup_pkgconfig() +vcpkg_cmake_config_fixup(CONFIG_PATH "lib/cmake/MbedTLS") + +if(LINK_WITH_PTHREAD) + vcpkg_replace_string("${CURRENT_PACKAGES_DIR}/include/mbedtls/mbedtls_config.h" "#ifdef LINK_WITH_PTHREAD" "#if 1") + file(COPY "${CMAKE_CURRENT_LIST_DIR}/vcpkg-cmake-wrapper.cmake" DESTINATION "${CURRENT_PACKAGES_DIR}/share/${PORT}") +endif() + +file(COPY "${CMAKE_CURRENT_LIST_DIR}/usage" DESTINATION "${CURRENT_PACKAGES_DIR}/share/${PORT}") +vcpkg_install_copyright(FILE_LIST "${SOURCE_PATH}/LICENSE") diff --git a/ports/mbedtls/usage b/ports/mbedtls/usage new file mode 100644 index 0000000000..e6dd9f6a01 --- /dev/null +++ b/ports/mbedtls/usage @@ -0,0 +1,18 @@ +mbedtls provides CMake targets: + + find_package(MbedTLS CONFIG REQUIRED) + # everything + target_link_libraries(main PRIVATE MbedTLS::mbedtls) + # X.509 certificate manipulation + target_link_libraries(main PRIVATE MbedTLS::mbedx509) + # cryptographic primitives + target_link_libraries(main PRIVATE MbedTLS::mbedcrypto) + +mbedtls provides pkg-config modules: + + # everything + mbedtls + # X.509 certificate manipulation + mbedx509 + # cryptographic primitives + mbedcrypto diff --git a/ports/mbedtls/vcpkg-cmake-wrapper.cmake b/ports/mbedtls/vcpkg-cmake-wrapper.cmake index 40a0bccb4d..9d9be2fef4 100644 --- a/ports/mbedtls/vcpkg-cmake-wrapper.cmake +++ b/ports/mbedtls/vcpkg-cmake-wrapper.cmake @@ -1,29 +1,23 @@ -include(FindPackageHandleStandardArgs) - -find_path(MBEDTLS_INCLUDE_DIR mbedtls/ssl.h) - -find_library(MBEDTLS_CRYPTO_LIBRARY mbedcrypto) -find_package(pthreads_windows QUIET) -set(MBEDTLS_CRYPTO_LIBRARY ${MBEDTLS_CRYPTO_LIBRARY} ${PThreads4W_LIBRARY}) -find_library(MBEDTLS_X509_LIBRARY mbedx509) -find_library(MBEDTLS_TLS_LIBRARY mbedtls) -set(MBEDTLS_LIBRARIES ${MBEDTLS_CRYPTO_LIBRARY} ${MBEDTLS_X509_LIBRARY} ${MBEDTLS_TLS_LIBRARY}) - -if (MBEDTLS_INCLUDE_DIR AND EXISTS "${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h") - file( - STRINGS ${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h _MBEDTLS_VERLINE - REGEX "^#define[ \t]+MBEDTLS_VERSION_STRING[\t ].*" - ) - string(REGEX REPLACE ".*MBEDTLS_VERSION_STRING[\t ]+\"(.*)\"" "\\1" MBEDTLS_VERSION ${_MBEDTLS_VERLINE}) +_find_package(${ARGS}) +if(WIN32 AND NOT MINGW) + find_package(PThreads4W) + string(FIND "${MBEDTLS_CRYPTO_LIBRARY}" "${PThreads4W_LIBRARY}" pthreads_in_mbedtls) + if(pthreads_in_mbedtls EQUAL "-1") + list(APPEND MBEDTLS_CRYPTO_LIBRARY ${PThreads4W_LIBRARY}) + endif() + string(FIND "${MBEDTLS_LIBRARIES}" "${PThreads4W_LIBRARY}" pthreads_in_mbedtls) + if(pthreads_in_mbedtls EQUAL "-1") + list(APPEND MBEDTLS_LIBRARIES ${PThreads4W_LIBRARY}) + endif() +else() + set(THREADS_PREFER_PTHREAD_FLAG 1) + find_package(Threads) + string(FIND "${MBEDTLS_CRYPTO_LIBRARY}" "${CMAKE_THREAD_LIBS_INIT}" pthreads_in_mbedtls) + if(pthreads_in_mbedtls EQUAL "-1") + list(APPEND MBEDTLS_CRYPTO_LIBRARY ${CMAKE_THREAD_LIBS_INIT}) + endif() + string(FIND "${MBEDTLS_LIBRARIES}" "${CMAKE_THREAD_LIBS_INIT}" pthreads_in_mbedtls) + if(pthreads_in_mbedtls EQUAL "-1") + list(APPEND MBEDTLS_LIBRARIES ${CMAKE_THREAD_LIBS_INIT}) + endif() endif() - -find_package_handle_standard_args( - mbedTLS - REQUIRED_VARS - MBEDTLS_INCLUDE_DIR - MBEDTLS_CRYPTO_LIBRARY - MBEDTLS_X509_LIBRARY - MBEDTLS_TLS_LIBRARY - PThreads4W_FOUND - VERSION_VAR MBEDTLS_VERSION -) diff --git a/ports/mbedtls/vcpkg.json b/ports/mbedtls/vcpkg.json index 2e3def899d..c867de028c 100644 --- a/ports/mbedtls/vcpkg.json +++ b/ports/mbedtls/vcpkg.json @@ -1,10 +1,9 @@ { "name": "mbedtls", - "version": "2.28.8", + "version": "3.6.1", "description": "An open source, portable, easy to use, readable and flexible SSL library", - "homepage": "https://github.com/ARMmbed/mbedtls", - "license": "Apache-2.0", - "supports": "!uwp", + "homepage": "https://www.trustedfirmware.org/projects/mbed-tls/", + "license": "Apache-2.0 OR GPL-2.0-or-later", "dependencies": [ { "name": "vcpkg-cmake", diff --git a/ports/oatpp-mbedtls/find-mbedtls.patch b/ports/oatpp-mbedtls/find-mbedtls.patch index 533fd26d7d..6d673e1236 100644 --- a/ports/oatpp-mbedtls/find-mbedtls.patch +++ b/ports/oatpp-mbedtls/find-mbedtls.patch @@ -1,123 +1,5 @@ -diff --git a/CMakeLists.txt b/CMakeLists.txt -index 6b1e8c0f2..b0ef5518d 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -97,7 +97,7 @@ message("## ${OATPP_THIS_MODULE_NAME} module. Resolving dependencies...\n") - include(FindPkgConfig) - list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_LIST_DIR}/cmake/module") - --find_package(mbedtls 2.16.0 REQUIRED) -+find_package(mbedtls 2.16.3 REQUIRED) - - message("MBEDTLS_INCLUDE_DIR=${MBEDTLS_INCLUDE_DIR}") - message("MBEDTLS_TLS_LIBRARY=${MBEDTLS_TLS_LIBRARY}") -diff --git a/cmake/module/Findmbedtls.cmake b/cmake/module/Findmbedtls.cmake -index 8c76d0a73..5c223a615 100644 ---- a/cmake/module/Findmbedtls.cmake -+++ b/cmake/module/Findmbedtls.cmake -@@ -14,10 +14,10 @@ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - --FindmbedTLS -+Findmbedtls - ------------ - --Find the mbedTLS encryption library. -+Find the mbedtls encryption library. - - Optional Components - ^^^^^^^^^^^^^^^^^^^ -@@ -31,16 +31,16 @@ Imported Targets - This module defines the following imported targets: - - mbedtls::Crypto -- The mbedTLS crypto library, if found. -+ The mbedtls crypto library, if found. - - mbedtls::X509 -- The mbedTLS x509 library, if found. -+ The mbedtls x509 library, if found. - - mbedtls::SSL -- The mbedTLS ssl library, if found. Requires and includes mbedtls::Crypto automatically. -+ The mbedtls ssl library, if found. Requires and includes mbedtls::Crypto automatically. - - mbedtls::TLS -- The mbedTLS tls library, if found. Requires and includes mbedtls::SSL and mbedtls::Crypto automatically. -+ The mbedtls tls library, if found. Requires and includes mbedtls::SSL and mbedtls::Crypto automatically. - - Result Variables - ^^^^^^^^^^^^^^^^ -@@ -48,26 +48,26 @@ Result Variables - This module will set the following variables in your project: - - MBEDTLS_FOUND -- System has the mbedTLS library. If no components are requested it only requires the crypto library. -+ System has the mbedtls library. If no components are requested it only requires the crypto library. - MBEDTLS_INCLUDE_DIR -- The mbedTLS include directory. -+ The mbedtls include directory. - MBEDTLS_X509_LIBRARY -- The mbedTLS crypto library. -+ The mbedtls crypto library. - MBEDTLS_CRYPTO_LIBRARY -- The mbedTLS crypto library. -+ The mbedtls crypto library. - MBEDTLS_SSL_LIBRARY -- The mbedTLS SSL library. -+ The mbedtls SSL library. - MBEDTLS_TLS_LIBRARY -- The mbedTLS TLS library. -+ The mbedtls TLS library. - MBEDTLS_LIBRARIES -- All mbedTLS libraries. -+ All mbedtls libraries. - MBEDTLS_VERSION - This is set to $major.$minor.$revision (e.g. 2.6.8). - - Hints - ^^^^^ - --Set MBEDTLS_ROOT_DIR to the root directory of an mbedTLS installation. -+Set MBEDTLS_ROOT_DIR to the root directory of an mbedtls installation. - - ]=======================================================================] - -@@ -175,7 +175,7 @@ if(MBEDTLS_INCLUDE_DIR AND EXISTS "${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h") - endif() - - # Set Find Package Arguments --find_package_handle_standard_args(mbedTLS -+find_package_handle_standard_args(mbedtls - REQUIRED_VARS - MBEDTLS_X509_LIBRARY - MBEDTLS_TLS_LIBRARY -@@ -185,12 +185,12 @@ find_package_handle_standard_args(mbedTLS - MBEDTLS_VERSION - HANDLE_COMPONENTS - FAIL_MESSAGE -- "Could NOT find mbedTLS, try setting the path to mbedTLS using the MBEDTLS_ROOT_DIR environment variable" -+ "Could NOT find mbedtls, try setting the path to mbedtls using the MBEDTLS_ROOT_DIR environment variable" - ) - --# mbedTLS Found --if(MBEDTLS_FOUND) -- -+# mbedtls Found -+if(mbedtls_FOUND) -+ set(MBEDTLS_FOUND ${mbedtls_FOUND}) - # Set mbedtls::Crypto - if(NOT TARGET mbedtls::Crypto AND EXISTS "${MBEDTLS_CRYPTO_LIBRARY}") - -@@ -257,4 +257,4 @@ if(MBEDTLS_FOUND) - - endif() # mbedtls::TLS - --endif(MBEDTLS_FOUND) -+endif(mbedtls_FOUND) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt -index 6811f05ea..d80430c3e 100644 +index 7e81ed9..39b95a9 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -31,9 +31,9 @@ target_include_directories(${OATPP_THIS_MODULE_NAME} diff --git a/ports/oatpp-mbedtls/mbedtls-3.patch b/ports/oatpp-mbedtls/mbedtls-3.patch new file mode 100644 index 0000000000..089cf1e2b8 --- /dev/null +++ b/ports/oatpp-mbedtls/mbedtls-3.patch @@ -0,0 +1,44 @@ +diff --git a/cmake/module/Findmbedtls.cmake b/cmake/module/Findmbedtls.cmake +index 8c76d0a..f0ed1e2 100644 +--- a/cmake/module/Findmbedtls.cmake ++++ b/cmake/module/Findmbedtls.cmake +@@ -160,6 +160,9 @@ if(MBEDTLS_INCLUDE_DIR AND EXISTS "${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h") + + # Get Version From File + file(STRINGS "${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h" VERSIONH REGEX "#define MBEDTLS_VERSION_STRING[ ]+\".*\"") ++ if(VERSIONH STREQUAL "") ++ file(STRINGS "${MBEDTLS_INCLUDE_DIR}/mbedtls/build_info.h" VERSIONH REGEX "#define MBEDTLS_VERSION_STRING[ ]+\".*\"") ++ endif() + + # Match Version String + string(REGEX REPLACE ".*\".*([0-9]+)\\.([0-9]+)\\.([0-9]+)\"" "\\1;\\2;\\3" MBEDTLS_VERSION_LIST "${VERSIONH}") +diff --git a/src/oatpp-mbedtls/Config.cpp b/src/oatpp-mbedtls/Config.cpp +index 63fe9d4..8d3c9ce 100644 +--- a/src/oatpp-mbedtls/Config.cpp ++++ b/src/oatpp-mbedtls/Config.cpp +@@ -90,7 +90,11 @@ std::shared_ptr Config::createDefaultServerConfigShared(const char* serv + throw std::runtime_error("[oatpp::mbedtls::Config::createDefaultServerConfigShared()]: Error. Can't parse serverCertFile"); + } + ++#if MBEDTLS_VERSION_MAJOR < 3 + res = mbedtls_pk_parse_keyfile(&result->m_privateKey, privateKeyFile, pkPassword); ++#else ++ res = mbedtls_pk_parse_keyfile(&result->m_privateKey, privateKeyFile, pkPassword, mbedtls_ctr_drbg_random, &result->m_ctr_drbg); ++#endif + if(res != 0) { + OATPP_LOGD("[oatpp::mbedtls::Config::createDefaultServerConfigShared()]", "Error. Can't parse privateKeyFile path='%s', return value=%d", privateKeyFile, res); + throw std::runtime_error("[oatpp::mbedtls::Config::createDefaultServerConfigShared()]: Error. Can't parse privateKeyFile"); +diff --git a/src/oatpp-mbedtls/Config.hpp b/src/oatpp-mbedtls/Config.hpp +index d4d6072..47c1c2d 100644 +--- a/src/oatpp-mbedtls/Config.hpp ++++ b/src/oatpp-mbedtls/Config.hpp +@@ -28,7 +28,9 @@ + + #include "mbedtls/entropy.h" + #include "mbedtls/ctr_drbg.h" ++#if MBEDTLS_VERSION_MAJOR < 3 + #include "mbedtls/certs.h" ++#endif + #include "mbedtls/x509.h" + #include "mbedtls/ssl.h" + #include "mbedtls/net_sockets.h" diff --git a/ports/oatpp-mbedtls/portfile.cmake b/ports/oatpp-mbedtls/portfile.cmake index 581d190498..914f4cb64f 100644 --- a/ports/oatpp-mbedtls/portfile.cmake +++ b/ports/oatpp-mbedtls/portfile.cmake @@ -1,14 +1,16 @@ -set(OATPP_VERSION "1.3.0") - -vcpkg_check_linkage(ONLY_STATIC_LIBRARY) +if(VCPKG_TARGET_IS_WINDOWS) + vcpkg_check_linkage(ONLY_STATIC_LIBRARY) +endif() vcpkg_from_github( OUT_SOURCE_PATH SOURCE_PATH REPO oatpp/oatpp-mbedtls - REF ${OATPP_VERSION} + REF ${VERSION} SHA512 3eea805f2a02110daec25b7455543c59d8e72acd37d412fa98cb1c90f58e4edcd9cc62c16331efcca36a524834fa0f314f2f69a7a4d0d1108a758f811a68e021 HEAD_REF master - PATCHES find-mbedtls.patch + PATCHES + find-mbedtls.patch + mbedtls-3.patch ) vcpkg_cmake_configure( @@ -18,8 +20,16 @@ vcpkg_cmake_configure( ) vcpkg_cmake_install() -vcpkg_cmake_config_fixup(PACKAGE_NAME oatpp-mbedtls CONFIG_PATH lib/cmake/oatpp-mbedtls-${OATPP_VERSION}) +vcpkg_cmake_config_fixup(CONFIG_PATH "lib/cmake/oatpp-mbedtls-${VERSION}") vcpkg_copy_pdbs() +if(VCPKG_LIBRARY_LINKAGE STREQUAL "static") + file(READ "${CURRENT_PACKAGES_DIR}/share/oatpp-mbedtls/oatpp-mbedtlsConfig.cmake" cmake_config) + file(WRITE "${CURRENT_PACKAGES_DIR}/share/oatpp-mbedtls/oatpp-mbedtlsConfig.cmake" " +include(CMakeFindDependencyMacro) +find_dependency(oatpp CONFIG) +${cmake_config}") +endif() + file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/debug/include") -file(INSTALL "${SOURCE_PATH}/LICENSE" DESTINATION "${CURRENT_PACKAGES_DIR}/share/${PORT}" RENAME copyright) +vcpkg_install_copyright(FILE_LIST "${SOURCE_PATH}/LICENSE") diff --git a/ports/oatpp-mbedtls/vcpkg.json b/ports/oatpp-mbedtls/vcpkg.json index 035f841b88..058a99b3b7 100644 --- a/ports/oatpp-mbedtls/vcpkg.json +++ b/ports/oatpp-mbedtls/vcpkg.json @@ -1,8 +1,10 @@ { "name": "oatpp-mbedtls", "version": "1.3.0", + "port-version": 1, "description": "Oat++ Mbed TLS submodule providing secure server and client connection providers.", - "homepage": "https://github.com/oatpp/oatpp-mbedtls", + "homepage": "https://oatpp.io/docs/modules/oatpp-mbedtls/", + "license": "Apache-2.0", "dependencies": [ "mbedtls", "oatpp", diff --git a/ports/openvpn3/dependencies.diff b/ports/openvpn3/dependencies.diff index 6604544fa7..049b9b2c76 100644 --- a/ports/openvpn3/dependencies.diff +++ b/ports/openvpn3/dependencies.diff @@ -1,17 +1,20 @@ diff --git a/cmake/findcoredeps.cmake b/cmake/findcoredeps.cmake -index b7d00d4..b13eed1 100644 +index b7d00d4..e180dc1 100644 --- a/cmake/findcoredeps.cmake +++ b/cmake/findcoredeps.cmake -@@ -30,7 +30,7 @@ endif () +@@ -29,8 +29,10 @@ endif () + function(add_ssl_library target) if (${USE_MBEDTLS}) ++ # Works with mbedtls 2.x and 3.x ++ set(CMAKE_FIND_PACKAGE_PREFER_CONFIG OFF) find_package(mbedTLS REQUIRED) - set(SSL_LIBRARY mbedTLS::mbedTLS) + set(SSL_LIBRARY "${MBEDTLS_LIBRARIES}") target_compile_definitions(${target} PRIVATE -DUSE_MBEDTLS) else () find_package(OpenSSL REQUIRED) -@@ -38,7 +38,7 @@ function(add_ssl_library target) +@@ -38,7 +40,7 @@ function(add_ssl_library target) target_compile_definitions(${target} PRIVATE -DUSE_OPENSSL) endif () @@ -20,7 +23,7 @@ index b7d00d4..b13eed1 100644 endfunction() -@@ -93,10 +93,10 @@ function(add_core_dependencies target) +@@ -93,10 +95,10 @@ function(add_core_dependencies target) # a patched version. So we want to prefer its include # directories. find_package(asio REQUIRED) @@ -33,7 +36,7 @@ index b7d00d4..b13eed1 100644 add_ssl_library(${target}) -@@ -105,14 +105,16 @@ function(add_core_dependencies target) +@@ -105,14 +107,16 @@ function(add_core_dependencies target) find_library(iokit IOKit) find_library(coreServices CoreServices) find_library(systemConfiguration SystemConfiguration) diff --git a/ports/openvpn3/vcpkg.json b/ports/openvpn3/vcpkg.json index b778a273c5..87dcb62808 100644 --- a/ports/openvpn3/vcpkg.json +++ b/ports/openvpn3/vcpkg.json @@ -1,6 +1,7 @@ { "name": "openvpn3", "version": "3.10", + "port-version": 1, "description": "a C++ class library that implements the functionality of an OpenVPN client, and is protocol-compatible with the OpenVPN 2.x branch.", "homepage": "https://openvpn.net", "license": "AGPL-3.0-only", diff --git a/versions/baseline.json b/versions/baseline.json index e0c43ee06f..584b60f86c 100644 --- a/versions/baseline.json +++ b/versions/baseline.json @@ -5753,7 +5753,7 @@ "port-version": 2 }, "mbedtls": { - "baseline": "2.28.8", + "baseline": "3.6.1", "port-version": 0 }, "mchehab-zbar": { @@ -6402,7 +6402,7 @@ }, "oatpp-mbedtls": { "baseline": "1.3.0", - "port-version": 0 + "port-version": 1 }, "oatpp-mongo": { "baseline": "1.3.0", @@ -6702,7 +6702,7 @@ }, "openvpn3": { "baseline": "3.10", - "port-version": 0 + "port-version": 1 }, "openvr": { "baseline": "2.5.1", diff --git a/versions/m-/mbedtls.json b/versions/m-/mbedtls.json index 12a027f4aa..8247047bab 100644 --- a/versions/m-/mbedtls.json +++ b/versions/m-/mbedtls.json @@ -1,5 +1,10 @@ { "versions": [ + { + "git-tree": "0c5c07caa2aa3d35d64a07428dfc049a13ea6aad", + "version": "3.6.1", + "port-version": 0 + }, { "git-tree": "1e5355b5449b7ca3e1de902bd6c264e27e8eae6d", "version": "2.28.8", diff --git a/versions/o-/oatpp-mbedtls.json b/versions/o-/oatpp-mbedtls.json index 9a2bda18be..a44ac127f1 100644 --- a/versions/o-/oatpp-mbedtls.json +++ b/versions/o-/oatpp-mbedtls.json @@ -1,5 +1,10 @@ { "versions": [ + { + "git-tree": "6ca866a4d90106fc7608a2f0a67806263188b126", + "version": "1.3.0", + "port-version": 1 + }, { "git-tree": "f3ed8d7f9afd6d6e5010b136ac0a8b516532b41f", "version": "1.3.0", diff --git a/versions/o-/openvpn3.json b/versions/o-/openvpn3.json index 820d144c7b..7aad5f2bcb 100644 --- a/versions/o-/openvpn3.json +++ b/versions/o-/openvpn3.json @@ -1,5 +1,10 @@ { "versions": [ + { + "git-tree": "33c2d9bf4e949b0ddd3779a93c4339a3eab65e67", + "version": "3.10", + "port-version": 1 + }, { "git-tree": "f24948a1abcd067f9d1063088f83afa5e2b4270f", "version": "3.10",