Details

Reviewers

khorben
jhb

Commits

rG267f8c1f4b09: crypto/openssl: make vendor imports easier/less error prone

Summary

This change adds a custom BSD makefile containing multiple high-level PHONY
targets, similar to targets provided by the ports framework.

The Makefile does the following:

Reruns Configure with a deterministic set of arguments to ensure that all appropriate features have been enabled/disabled in OpenSSL.
Preens the pkgconfig files to remove duplicate paths in their CFLAGS and includedir variables.
Rebuilds all ASM files to ensure that the content contained is fresh.
Rebuilds all manpages to ensure that the content contained in the manpages is fresh.

Some additional work needs to be done to make the manpage regeneration
"operation" reproducible (the date the manpages were generated is
embedded in the files).

All dynamic configuration previously captured in
include/openssl/configuration.h and include/crypto/bn_conf.h has been
moved to freebsd/include/dynamic_freebsd_configuration.h and
freebsd/include/crypto/bn_conf.h, respectively. This helps
ensure that future updates don't wipe out FreeBSD customizations to
these files, which tune behavior on a per-target architecture basis, e.g.,
ARM vs x86, 32-bit vs 64-bit, etc.

Test Plan

I used this to regenerate the 3.5.1 artifacts multiple times for follow-up differential revisions, but have used similar diffs when working on the 3.0.17 update as well.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 66336
Build 63219: arc lint + arc unit

Event Timeline

ngie created this revision.Aug 1 2025, 4:26 AM

Herald added a subscriber: imp. · View Herald TranscriptAug 1 2025, 4:26 AM

ngie requested review of this revision.Aug 1 2025, 4:26 AM

Harbormaster completed remote builds in B65874: Diff 159526.Aug 1 2025, 4:26 AM

Regenerate ASM files while here

Harbormaster completed remote builds in B65875: Diff 159527.Aug 1 2025, 4:29 AM

ngie edited the summary of this revision. (Show Details)Aug 1 2025, 4:29 AM

ngie edited the test plan for this revision. (Show Details)

ngie added a reviewer: khorben.

ngie added subscribers: emaste, philip.

ngie added subscribers: jhb, andrew, nwhitehorn.

Move all vendor import build machinery to crypto/openssl/BSDmakefile as it should be run from there

Update manpage copying scheme.

Remove openssl_configuration.h changes so this change can be easily isolated and backported.

Harbormaster completed remote builds in B65876: Diff 159528.Aug 1 2025, 5:24 AM

ngie edited the summary of this revision. (Show Details)Aug 1 2025, 5:24 AM

ngie edited the test plan for this revision. (Show Details)

Undefine all remaining preprocessor constants in second block before doing dynamic tests.

This ensures that the "slate is clean" before applying the preprocessor constants
dynamically.

Harbormaster completed remote builds in B65877: Diff 159529.Aug 1 2025, 5:28 AM

jhb added inline comments.Aug 1 2025, 1:13 PM

crypto/openssl/dynamic_freebsd_configuration.h
12 ↗	(On Diff #159529)	Please use something like `__SIZEOF_LONG__ == 4` instead of `!__LP64__` (if the limitation is that it needs 64-bit longs). The code below already uses `__SIZEOF_LONG__`.

Apply feedback from @jhb re: LP64, etc.
Update release/version information with information provided by configdata.pm.
Move configuration.h aside so the OpenSSL generated file doesn't accidentally get checked in instead of the patched file.

Harbormaster completed remote builds in B66030: Diff 159890.Wed, Aug 6, 7:25 PM

ngie marked an inline comment as done.Thu, Aug 7, 2:57 PM

Rebase with 3.0.16 changes.
Handle generating bn_conf.h
Add clean target.
Mirror targets provided by ports:
- configure
- patch
- all

The primary difference flow-wise is that patch and configure are swapped around.

I'm considering changing the patches to instead update the .pl scripts.

Harbormaster completed remote builds in B66074: Diff 159997.Thu, Aug 7, 8:34 PM

Refresh with latest changes used to regenerate Makefiles, etc

Harbormaster completed remote builds in B66332: Diff 160572.Mon, Aug 18, 11:28 PM

ngie mentioned this in D51989: krb5: Obtain KRB5 version number automatically from sources.Mon, Aug 18, 11:42 PM

ngie edited the summary of this revision. (Show Details)Mon, Aug 18, 11:50 PM

ngie edited the test plan for this revision. (Show Details)

ngie added a child revision: D52007: secure/lib/libcrypto/man/...: automate manpage generation process.

ngie added subscribers: bdrewery, sjg.Mon, Aug 18, 11:54 PM

ngie added inline comments.Mon, Aug 18, 11:57 PM

crypto/openssl/util/wrap.pl
12	I need to push a change back upstream to use relative paths instead of hardcoding the full path to one's source tree.
56	I need to push a change back upstream to use relative paths instead of hardcoding the full path to one's source tree.
63	I need to push a change back upstream to use relative paths instead of hardcoding the full path to one's source tree.

ngie marked 3 inline comments as not done.Mon, Aug 18, 11:57 PM

Readd options for algorithms previously disabled

This achieves parity with what's shipping on main.

Also, fix a typo in the newly added sed statement for cleaning out the
pkgconfig files.

Harbormaster completed remote builds in B66336: Diff 160579.Tue, Aug 19, 4:15 AM

ngie mentioned this in D52009: secure/lib/lib{crypto,ssl}: regenerate Makefiles.Tue, Aug 19, 4:16 AM

jhb accepted this revision.Tue, Aug 19, 2:44 PM

This revision is now accepted and ready to land.Tue, Aug 19, 2:44 PM

Remove a stray endif from the bn_conf.h customization so the code compiles.

Discovered when running make tinderbox on universe15a.

This revision now requires review to proceed.Wed, Aug 20, 1:10 AM

Harbormaster completed remote builds in B66365: Diff 160638.Wed, Aug 20, 1:10 AM

ngie added a commit: rG267f8c1f4b09: crypto/openssl: make vendor imports easier/less error prone.Thu, Aug 21, 5:13 PM

ngie edited the summary of this revision. (Show Details)

ngie edited the test plan for this revision. (Show Details)

ngie abandoned this revision.Fri, Aug 22, 12:14 AM

crypto/openssl: make vendor imports easier/less error prone
AbandonedPublic
Actions

Details

Diff Detail

Event Timeline

Revision Contents
Changeset List

Diff 160579

crypto/openssl/BSDmakefile

crypto/openssl/apps/CA.pl

crypto/openssl/apps/progs.h

crypto/openssl/apps/progs.c

crypto/openssl/configdata.pm

crypto/openssl/exporters/libcrypto.pc

crypto/openssl/exporters/libssl.pc

crypto/openssl/exporters/openssl.pc

crypto/openssl/freebsd/dump_version_from_configdata.pl

crypto/openssl/freebsd/include/crypto/bn_conf.h

crypto/openssl/freebsd/include/openssl/configuration.h

crypto/openssl/include/crypto/bn_conf.h

crypto/openssl/include/openssl/configuration.h

crypto/openssl/include/openssl/fipskey.h

crypto/openssl/include/openssl/opensslv.h

crypto/openssl/libcrypto.pc

crypto/openssl/libssl.pc

crypto/openssl/openssl.pc

crypto/openssl/tools/c_rehash

crypto/openssl/util/shlib_wrap.sh

crypto/openssl/util/wrap.pl

secure/lib/libcrypto/Makefile.inc

secure/lib/libcrypto/Makefile.version

crypto/openssl: make vendor imports easier/less error proneAbandonedPublicActions

Details

Diff Detail

Event Timeline

Revision ContentsChangeset List

Diff 160579

crypto/openssl/BSDmakefile

crypto/openssl/apps/CA.pl

crypto/openssl/apps/progs.h

crypto/openssl/apps/progs.c

crypto/openssl/configdata.pm

crypto/openssl/exporters/libcrypto.pc

crypto/openssl/exporters/libssl.pc

crypto/openssl/exporters/openssl.pc

crypto/openssl/freebsd/dump_version_from_configdata.pl

crypto/openssl/freebsd/include/crypto/bn_conf.h

crypto/openssl/freebsd/include/openssl/configuration.h

crypto/openssl/include/crypto/bn_conf.h

crypto/openssl/include/openssl/configuration.h

crypto/openssl/include/openssl/fipskey.h

crypto/openssl/include/openssl/opensslv.h

crypto/openssl/libcrypto.pc

crypto/openssl/libssl.pc

crypto/openssl/openssl.pc

crypto/openssl/tools/c_rehash

crypto/openssl/util/shlib_wrap.sh

crypto/openssl/util/wrap.pl

secure/lib/libcrypto/Makefile.inc

secure/lib/libcrypto/Makefile.version

crypto/openssl: make vendor imports easier/less error prone
AbandonedPublic
Actions

Revision Contents
Changeset List