Commit 8ba9da38 authored by Milan P. Stanić's avatar Milan P. Stanić Committed by Leonardo Arena

community/crystal upgrade to 0.27.0, remove libressl

upgrade to 0.27.0 version
build with openssl instead of libressl
remove paxmark build dependence
fix test specs according to advice from upstream
parent fa82fcd9
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
pkgname=crystal
pkgver=0.26.1
pkgver=0.27.0
pkgrel=0
_bootver=0.25.0
_bootver=0.26.0
_llvmver=5
pkgdesc="The Crystal Programming Language"
url="https://crystal-lang.org/"
arch="x86_64 aarch64"
license="Apache-2.0"
depends="gc-dev libatomic_ops libevent-dev gcc gmp-dev pcre-dev"
checkdepends="libressl-dev libxml2-dev paxmark readline-dev tzdata yaml-dev zlib-dev"
makedepends="llvm$_llvmver-dev ${BUILD_STATIC:+"llvm$_llvmver-static"}"
checkdepends="openssl-dev libxml2-dev readline-dev tzdata yaml-dev zlib-dev"
makedepends="llvm5-dev llvm5-static"
subpackages="$pkgname-doc
$pkgname-bash-completion:bashcomp:noarch
$pkgname-zsh-completion:zshcomp:noarch
......@@ -19,11 +19,10 @@ subpackages="$pkgname-doc
source="$pkgname-$pkgver.tar.gz::https://github.com/crystal-lang/$pkgname/archive/$pkgver.tar.gz
https://dev.alpinelinux.org/archive/crystal/crystal-$_bootver-x86_64-alpine-linux-musl.tar.gz
https://dev.alpinelinux.org/archive/crystal/crystal-$_bootver-aarch64-alpine-linux-musl.tar.gz
paxmark.patch
disable-specs-using-GB2312-encoding.patch
fix-spec-time-location.patch
libressl.patch
tests-libressl.patch
fix-spec-http-server.patch
fix-spec-socket-tcp_server.cr.patch
fix-spec-socket-tcp_socket.cr.patch
"
builddir="$srcdir/$pkgname-$pkgver"
......@@ -120,11 +119,10 @@ zshcomp() {
"$subpkgdir"/usr/share/zsh/site-functions/_$pkgname
}
sha512sums="5e020b0f262f9bedaaae60010f669d7987a77d3416bf0dd057e29eb11adbe8fceb1c4f55a822e623d32e302a01ccc99218d2c3fe474d4ce0dde4312c196ccfa6 crystal-0.26.1.tar.gz
b443520d994355f849e18d5432dc136f6e403eb77a432a53e3d38e5a050a7547632bbe7a99a3a4c193f91fdf2240a1629acd516291d16c3bbfa14a9ec47435b2 crystal-0.25.0-x86_64-alpine-linux-musl.tar.gz
43b058e94f990e853f2ade5bf234aaea4547176172beff8ed372c5158ec8bb59c3925e0bb3bf7c2e4024193bcd48652faebba3ce08c5f0e25425ca073a66adb0 crystal-0.25.0-aarch64-alpine-linux-musl.tar.gz
dec4ed7abfd215eec825bed97b1e40bf3aa8bd959a4ec7153ea1bc51d409d892ebec19ddb0372e3a543e74c7018aca0c1f3cf956fa1d95efb946c8c3417c8749 paxmark.patch
sha512sums="02b0e1d43d699d1dd91f4b979c8ab8909264e5f1fcc344f6110bebb808c0ee764a943368cce9d33a258adb9631ed4f445e1f771d5a9e50fcd337fc8b319616cf crystal-0.27.0.tar.gz
c3f2a27189214af8b7882e3356053beddd21b7ec9f6d3b9e083c0b1a15125f4986141798f26086fe27221ec4be88faf920d60fac44d291a5f8510a404498dd7a crystal-0.26.0-x86_64-alpine-linux-musl.tar.gz
2aafaaae0f8a1563b3cb27b351c0de49b6e9f5928e15c2af6f2a57d040369da92afa64ab120265d54dc40604c6a84c0d62188fbc2fbb2582534278fad8afddcb crystal-0.26.0-aarch64-alpine-linux-musl.tar.gz
269976fbc990dde075769e651c9fac6e7e0b39681e55cbd067c6d2a790c58a096bdc9981f62ae69b5217623025ba768daa63bc5316bd8ddd18192d88839aedcb disable-specs-using-GB2312-encoding.patch
518f06dd191e43e4052c0f8c4963d31dfc7ed3b414d1bb2e7a82265af13853f85380b5507ef3c5a5a25f6091d7173d5322f379e354666eec4165264dd502e70b fix-spec-time-location.patch
31fd94f07edb83eb6ff43dd20f99a52e3c28dc0bf67f7e0b5c473c40d455febfbd0cdf9fe1fe599dbf080fd4c05a2a2d9ad8745f9effc8dfb565e19fa0e49509 libressl.patch
35764190eb4df353057c771935c6b6588cddb3a164e624e3a07371c78e49f4dc938fd1296fdb048c08c482b5066b56f6d0b5eab5f48fdba80b01d2cf6e0ad24e tests-libressl.patch"
1c58cfd03b89d55ab38d0073161a4fbe9b5dd71c6ccb01a5b2085c6f737a999b75c44b0485f372403c97fc77bcdcc50808adede901ab0e20705f70221b3f97ee fix-spec-http-server.patch
c628c02e7b827b80dd530e4885205dc08ebfc1b037cda441b1f15000a3756efd5b965d6a86e993c4c557a1f9bf70002a9f37ffad1676704b8995564c83b58af5 fix-spec-socket-tcp_server.cr.patch
058a9ae98c89953ad4154b4fed04318378da8b3a0f69df17c7eb3c2f004f347400d3a77ac9836d99089059e5bd964bd24cb04176bf8ab542509706a362f21f6d fix-spec-socket-tcp_socket.cr.patch"
--- a/spec/std/http/server/server_spec.cr
+++ b/spec/std/http/server/server_spec.cr
@@ -491,7 +491,7 @@
end
{% end %}
- it "handles exception during SSL handshake (#6577)" do
+ pending "handles exception during SSL handshake (#6577)" do
server = SilentErrorHTTPServer.new do |context|
context.response.print "ok"
context.response.close
@@ -524,7 +524,7 @@
end
describe "#close" do
- it "closes gracefully" do
+ pending "closes gracefully" do
server = Server.new do |context|
context.response.flush
context.response.puts "foo"
--- a/spec/std/socket/tcp_server_spec.cr
+++ b/spec/std/socket/tcp_server_spec.cr
@@ -32,7 +32,7 @@
server.local_address.port.should be > 0
end
- it "raises when port is negative" do
+ pending "raises when port is negative" do
expect_raises(Socket::Error, linux? ? "getaddrinfo: Servname not supported for ai_socktype" : "No address found for #{address}:-12 over TCP") do
TCPServer.new(address, -12)
end
--- a/spec/std/socket/tcp_socket_spec.cr
+++ b/spec/std/socket/tcp_socket_spec.cr
@@ -32,7 +32,7 @@
end
end
- it "raises when port is negative" do
+ pending "raises when port is negative" do
expect_raises(Socket::Error, linux? ? "getaddrinfo: Servname not supported for ai_socktype" : "No address found for #{address}:-12 over TCP") do
TCPSocket.new(address, -12)
end
This test fail on builders; probably the timezone is set to UTC there.
--- a/spec/std/time/location_spec.cr
+++ b/spec/std/time/location_spec.cr
@@ -162,9 +162,6 @@
end
it ".load_local" do
- with_env("TZ", nil) do
- Location.load_local.name.should eq "Local"
- end
with_zoneinfo do
with_env("TZ", "Europe/Berlin") do
Location.load_local.name.should eq "Europe/Berlin"
Hack OpenSSL bindings to recognize LibreSSL
This patch is based on https://github.com/crystal-lang/crystal/pull/5676.
diff --git a/src/openssl/lib_crypto.cr b/src/openssl/lib_crypto.cr
--- a/src/openssl/lib_crypto.cr
+++ b/src/openssl/lib_crypto.cr
@@ -2,10 +2,22 @@
lib LibCrypto
- OPENSSL_110 = {{ `command -v pkg-config > /dev/null && pkg-config --atleast-version=1.1.0 libcrypto || printf %s false`.stringify != "false" }}
- OPENSSL_102 = {{ `command -v pkg-config > /dev/null && pkg-config --atleast-version=1.0.2 libcrypto || printf %s false`.stringify != "false" }}
+ # An extra zero is appended to the output of LIBRESSL_VERSION to make it 0 when LibreSSL does not exist on the system.
+ # Any comparisons to it should be affixed with an extra zero as well e.g. `(LIBRESSL_VERSION_NUMBER >= 0x2050500F0)`.
+ LIBRESSL_VERSION = {{ system("echo \"#include <openssl/opensslv.h>\nLIBRESSL_VERSION_NUMBER\" | " +
+ (env("CC") || "cc") + " " + `pkg-config --cflags --silence-errors libssl || true`.chomp.stringify + " -E -").chomp.split('\n').last.split('L').first.id + "0" }}
+ OPENSSL_VERSION = {{ system("echo \"#include <openssl/opensslv.h>\nOPENSSL_VERSION_NUMBER\" | " +
+ (env("CC") || "cc") + " " + `pkg-config --cflags --silence-errors libssl || true`.chomp.stringify + " -E -").chomp.split('\n').last.split('L').first.id }}
end
{% end %}
-@[Link(ldflags: "`command -v pkg-config > /dev/null && pkg-config --libs --silence-errors libcrypto || printf %s '-lcrypto'`")]
+{% begin %}
+ lib LibCrypto
+ OPENSSL_110 = {{ (LibCrypto::LIBRESSL_VERSION == 0) && (LibCrypto::OPENSSL_VERSION >= 0x10101000) }}
+ OPENSSL_102 = {{ (LibCrypto::LIBRESSL_VERSION == 0) && (LibCrypto::OPENSSL_VERSION >= 0x10002000) }}
+ LIBRESSL_250 = {{ LibCrypto::LIBRESSL_VERSION >= 0x205000000 }}
+ end
+{% end %}
+
+@[Link(ldflags: "`command -v pkg-config > /dev/null && pkg-config --libs --silence-errors libcrypto || printf %s ' -lcrypto'`")]
lib LibCrypto
alias Char = LibC::Char
alias Int = LibC::Int
diff --git a/src/openssl/lib_ssl.cr b/src/openssl/lib_ssl.cr
--- a/src/openssl/lib_ssl.cr
+++ b/src/openssl/lib_ssl.cr
@@ -2,8 +2,9 @@
{% begin %}
lib LibSSL
- OPENSSL_110 = {{ `command -v pkg-config > /dev/null && pkg-config --atleast-version=1.1.0 libssl || printf %s false`.stringify != "false" }}
- OPENSSL_102 = {{ `command -v pkg-config > /dev/null && pkg-config --atleast-version=1.0.2 libssl || printf %s false`.stringify != "false" }}
+ OPENSSL_110 = {{ LibCrypto::OPENSSL_110 }}
+ OPENSSL_102 = {{ LibCrypto::OPENSSL_102 }}
+ LIBRESSL_250 = {{ LibCrypto::LIBRESSL_250 }}
end
{% end %}
@@ -198,13 +199,17 @@
fun sslv23_method = SSLv23_method : SSLMethod
{% end %}
- {% if OPENSSL_102 %}
+ {% if OPENSSL_102 || LIBRESSL_250 %}
alias ALPNCallback = (SSL, Char**, Char*, Char*, Int, Void*) -> Int
- alias X509VerifyParam = LibCrypto::X509VerifyParam
- fun ssl_get0_param = SSL_get0_param(handle : SSL) : X509VerifyParam
fun ssl_get0_alpn_selected = SSL_get0_alpn_selected(handle : SSL, data : Char**, len : LibC::UInt*) : Void
fun ssl_ctx_set_alpn_select_cb = SSL_CTX_set_alpn_select_cb(ctx : SSLContext, cb : ALPNCallback, arg : Void*) : Void
+ {% end %}
+
+ {% if OPENSSL_102 %}
+ alias X509VerifyParam = LibCrypto::X509VerifyParam
+
+ fun ssl_get0_param = SSL_get0_param(handle : SSL) : X509VerifyParam
fun ssl_ctx_get0_param = SSL_CTX_get0_param(ctx : SSLContext) : X509VerifyParam
fun ssl_ctx_set1_param = SSL_CTX_set1_param(ctx : SSLContext, param : X509VerifyParam) : Int
{% end %}
diff --git a/src/openssl/ssl/context.cr b/src/openssl/ssl/context.cr
--- a/src/openssl/ssl/context.cr
+++ b/src/openssl/ssl/context.cr
@@ -304,7 +304,7 @@ abstract class OpenSSL::SSL::Context
LibSSL.ssl_ctx_set_verify(@handle, mode, nil)
end
- {% if LibSSL::OPENSSL_102 %}
+ {% if LibSSL::OPENSSL_102 || LibSSL::LIBRESSL_250 %}
@alpn_protocol : Pointer(Void)?
@@ -337,6 +337,10 @@ abstract class OpenSSL::SSL::Context
LibSSL.ssl_ctx_set_alpn_select_cb(@handle, alpn_cb, alpn_protocol)
end
+ {% end %}
+
+ {% if LibSSL::OPENSSL_102 %}
+
# Set this context verify param to the default one of the given name.
#
# Depending on the OpenSSL version, the available defaults are
diff --git a/src/openssl/ssl/socket.cr b/src/openssl/ssl/socket.cr
--- a/src/openssl/ssl/socket.cr
+++ b/src/openssl/ssl/socket.cr
@@ -119,7 +119,7 @@ abstract class OpenSSL::SSL::Socket < IO
@bio.io.flush
end
- {% if LibSSL::OPENSSL_102 %}
+ {% if LibSSL::OPENSSL_102 || LibSSL::LIBRESSL_250 %}
# Returns the negotiated ALPN protocol (eg: `"h2"`) of `nil` if no protocol was
# negotiated.
def alpn_protocol
Make tests run on Grsecurity system. This patch is downstream only.
--- a/Makefile
+++ b/Makefile
@@ -104,14 +104,17 @@
$(O)/all_spec: $(DEPS) $(SOURCES) $(SPEC_SOURCES)
@mkdir -p $(O)
$(BUILD_PATH) ./bin/crystal build $(FLAGS) -o $@ spec/all_spec.cr
+ paxmark m $(O)/all_spec
$(O)/std_spec: $(DEPS) $(SOURCES) $(SPEC_SOURCES)
@mkdir -p $(O)
$(BUILD_PATH) ./bin/crystal build $(FLAGS) -o $@ spec/std_spec.cr
+ paxmark m $(O)/std_spec
$(O)/compiler_spec: $(DEPS) $(SOURCES) $(SPEC_SOURCES)
@mkdir -p $(O)
$(BUILD_PATH) ./bin/crystal build $(FLAGS) -o $@ spec/compiler_spec.cr
+ paxmark m $(O)/compiler_spec
$(O)/crystal: $(DEPS) $(SOURCES)
@mkdir -p $(O)
Hacks needed to make tests pass on LibreSSL.
--- a/spec/std/openssl/ssl/context_spec.cr
+++ b/spec/std/openssl/ssl/context_spec.cr
@@ -194,13 +194,13 @@
expect_raises(ArgumentError, "missing private key") do
OpenSSL::SSL::Context::Client.from_hash({} of String => String)
end
- expect_raises(OpenSSL::Error, "SSL_CTX_use_PrivateKey_file: error:02001002:system library:fopen:No such file or directory") do
+ expect_raises(OpenSSL::Error, "SSL_CTX_use_PrivateKey_file: error:02FFF002:system library:func(4095):No such file or directory") do
OpenSSL::SSL::Context::Client.from_hash({"key" => "foo"})
end
expect_raises(ArgumentError, "missing certificate") do
OpenSSL::SSL::Context::Client.from_hash({"key" => private_key})
end
- expect_raises(OpenSSL::Error, "SSL_CTX_use_certificate_chain_file: error:02001002:system library:fopen:No such file or directory") do
+ expect_raises(OpenSSL::Error, "SSL_CTX_use_certificate_chain_file: error:02FFF002:system library:func(4095):No such file or directory") do
OpenSSL::SSL::Context::Client.from_hash({"key" => private_key, "cert" => "foo"})
end
expect_raises(ArgumentError, "Invalid SSL context: missing CA certificate") do
@@ -212,7 +212,7 @@
expect_raises(ArgumentError, "Invalid SSL context: missing CA certificate") do
OpenSSL::SSL::Context::Client.from_hash({"key" => private_key, "cert" => certificate, "verify_mode" => "peer"})
end
- expect_raises(OpenSSL::Error, "SSL_CTX_load_verify_locations: error:02001002:system library:fopen:No such file or directory") do
+ expect_raises(OpenSSL::Error, "SSL_CTX_load_verify_locations: error:02FFF002:system library:func(4095):No such file or directory") do
OpenSSL::SSL::Context::Client.from_hash({"key" => private_key, "cert" => certificate, "ca" => "foo"})
end
end
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment