added extra/mbedtls

2024-09-19 22:08:32 +00:00 · 2024-06-22 03:44:41 +00:00 · 2024-06-22 03:44:41 +00:00 · da894f23a2
parent 86c153d829
commit da894f23a2
3 changed files with 147 additions and 0 deletions
--- a/extra/mbedtls/.SRCINFO
+++ b/extra/mbedtls/.SRCINFO
@ -0,0 +1,27 @@
+pkgbase = mbedtls
+	pkgdesc = An open source, portable, easy to use, readable and flexible TLS library
+	pkgver = 3.6.0
+	pkgrel = 1
+	url = https://tls.mbed.org
+	arch = x86_64
+	license = Apache-2.0
+	checkdepends = python
+	makedepends = cmake
+	makedepends = git
+	makedepends = ninja
+	makedepends = python
+	depends = glibc
+	depends = sh
+	provides = libmbedcrypto.so
+	provides = libmbedtls.so
+	provides = libmbedx509.so
+	provides = polarssl
+	conflicts = polarssl
+	replaces = polarssl
+	options = staticlibs
+	source = git+https://github.com/Mbed-TLS/mbedtls.git#tag=67dc8f869a2ef39b1f19f6a6d3a34965bc50097e
+	source = git+https://github.com/Mbed-TLS/mbedtls-framework.git
+	b2sums = e1baa97607fff9e83b633f2b7ea346783c61ff380a5a65accdc8100534b6b41c2dc479e465c528252d0b01ebc19c043aa3841264a87a0c8fb87a87d6b545c469
+	b2sums = SKIP
+
+pkgname = mbedtls
--- a/extra/mbedtls/PKGBUILD
+++ b/extra/mbedtls/PKGBUILD
@ -0,0 +1,93 @@
+# Maintainer: Maxime Gauduin <alucryd@archlinux.org>
+# Contributor: Kyle Keen <keenerd@gmail.com>
+# Contributor: Mihai Militaru <mihai militaru at xmpp dot ro>
+# Contributor: carstene1ns <arch carsten-teibes.de>
+
+# ALARM: Kevin Mihelich <kevin@archlinuxarm.org>
+#  - disable setting MBEDTLS_HAVE_SSE2
+#  - patch to fix FTBFS with gcc 14: https://github.com/Mbed-TLS/mbedtls/issues/9003
+
+pkgname=mbedtls
+pkgver=3.6.0
+pkgrel=1
+pkgdesc='An open source, portable, easy to use, readable and flexible TLS library'
+arch=(x86_64)
+url=https://tls.mbed.org
+license=(Apache-2.0)
+depends=(
+  glibc
+  sh
+)
+checkdepends=(python)
+makedepends=(
+  cmake
+  git
+  ninja
+  python
+)
+provides=(
+  libmbedcrypto.so
+  libmbedtls.so
+  libmbedx509.so
+  polarssl
+)
+replaces=(polarssl)
+conflicts=(polarssl)
+options=(staticlibs)
+_tag=67dc8f869a2ef39b1f19f6a6d3a34965bc50097e
+source=(
+  git+https://github.com/Mbed-TLS/mbedtls.git#tag=${_tag}
+  git+https://github.com/Mbed-TLS/mbedtls-framework.git
+  gcc14.patch
+)
+b2sums=('e1baa97607fff9e83b633f2b7ea346783c61ff380a5a65accdc8100534b6b41c2dc479e465c528252d0b01ebc19c043aa3841264a87a0c8fb87a87d6b545c469'
+        'SKIP'
+        'b1f1ac09a40350c508d6019a4f937b73ff5322528285a71ce341eddacc09ac06392c4d91d754786250c724174947d3f2e9fca8f242275212f9adb4d9ecd65bed')
+
+prepare() {
+  cd mbedtls
+  git submodule init framework
+  git config submodule.framework.url "${srcdir}"/mbedtls-framework
+  git -c protocol.file.allow=always submodule update framework
+  #scripts/config.py set MBEDTLS_HAVE_SSE2
+  scripts/config.py set MBEDTLS_THREADING_C
+  scripts/config.py set MBEDTLS_THREADING_PTHREAD
+  patch -p1 -i ../gcc14.patch
+}
+
+pkgver() {
+  cd mbedtls
+  git describe --tags | sed 's/^v//; s/^mbedtls-//'
+}
+
+build() {
+  export CFLAGS+=' -ffat-lto-objects'
+  cmake -S mbedtls -B build -G Ninja \
+    -DCMAKE_BUILD_TYPE=None \
+    -DCMAKE_INSTALL_PREFIX=/usr \
+    -DCMAKE_SKIP_RPATH=ON \
+    -DUSE_SHARED_MBEDTLS_LIBRARY=ON \
+    -DUSE_STATIC_MBEDTLS_LIBRARY=ON \
+    -Wno-dev
+  cmake --build build
+}
+
+check() {
+  LD_LIBRARY_PATH="${srcdir}"/build/library ctest --test-dir build
+}
+
+package() {
+  DESTDIR="${pkgdir}" cmake --install build
+
+  # rename generic utils
+  local _prog _baseprog
+  for _prog in "${pkgdir}"/usr/bin/*; do
+  _baseprog=$(basename "$_prog")
+    mv -v "$_prog" "${_prog//$_baseprog/mbedtls_$_baseprog}"
+  done
+
+  # fixup static lib permissions
+  chmod 644 "$pkgdir"/usr/lib/*.a
+}
+
+# vim: ts=2 sw=2 et:
--- a/extra/mbedtls/gcc14.patch
+++ b/extra/mbedtls/gcc14.patch
@ -0,0 +1,27 @@
+diff --git a/library/common.h b/library/common.h
+index 3936ffdfe..d8c407319 100644
+--- a/library/common.h
+++ b/library/common.h
+@@ -192,21 +192,21 @@ static inline void mbedtls_xor(unsigned char *r,
+ #if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS)
+ #if defined(MBEDTLS_HAVE_NEON_INTRINSICS) && \
+     (!(defined(MBEDTLS_COMPILER_IS_GCC) && MBEDTLS_GCC_VERSION < 70300))
+     /* Old GCC versions generate a warning here, so disable the NEON path for these compilers */
+     for (; (i + 16) <= n; i += 16) {
+         uint8x16_t v1 = vld1q_u8(a + i);
+         uint8x16_t v2 = vld1q_u8(b + i);
+         uint8x16_t x = veorq_u8(v1, v2);
+         vst1q_u8(r + i, x);
+     }
+-#if defined(__IAR_SYSTEMS_ICC__)
+#if defined(__IAR_SYSTEMS_ICC__) || defined(MBEDTLS_COMPILER_IS_GCC)
+     /* This if statement helps some compilers (e.g., IAR) optimise out the byte-by-byte tail case
+      * where n is a constant multiple of 16.
+      * For other compilers (e.g. recent gcc and clang) it makes no difference if n is a compile-time
+      * constant, and is a very small perf regression if n is not a compile-time constant. */
+     if (n % 16 == 0) {
+         return;
+     }
+ #endif
+ #elif defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_ARM64)
+     /* This codepath probably only makes sense on architectures with 64-bit registers */