Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package boringssl for openSUSE:Factory checked in at 2026-05-30 22:59:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/boringssl (Old) and /work/SRC/openSUSE:Factory/.boringssl.new.1937 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "boringssl" Sat May 30 22:59:36 2026 rev:15 rq:1356025 version:0.20210430 Changes: -------- --- /work/SRC/openSUSE:Factory/boringssl/boringssl.changes 2024-10-28 15:23:57.480553538 +0100 +++ /work/SRC/openSUSE:Factory/.boringssl.new.1937/boringssl.changes 2026-05-30 23:02:03.837955540 +0200 @@ -1,0 +2,377 @@ +Sat May 30 08:04:19 UTC 2026 - Martin Pluskal <[email protected]> + +- Drop 0001-Compile-for-RISC-V.patch: it was an orphaned source + (shipped but unreferenced, tripping the factory-auto check that + caused the previous decline) and is obsolete anyway -- the + pinned boringssl snapshot already carries the RISC-V detection + in include/openssl/base.h +- Spec cleanup: drop obsolete Group tags and use macros for paths + +------------------------------------------------------------------- +Mon Mar 31 21:34:00 UTC 2025 - Jeff Kowalczyk <[email protected]> + +- Update to version 0.20210430 tag fips-20210429. This pinned + version of boringssl is expected by go1.22 and go1.23 when + building with GOEXPERIMENT=boringcrypto. + Refs boo#1236000 + * Remove non-deterministic bits from ECDSA ACVP test. + * Reference the newer ChaCha20-Poly1305 RFC. + * Use passive entropy collection everywhere. + * Rename X509V*_VERSION constants. + * Const-correct ASN1_OBJECT_create. + * Clarify OBJ_get0_data and OBJ_get_length. + * avcp: SHA-1 for ECDSA _verification_ is still supported by NIST. + * A couple of Aarch64 FIPS delocate fixes. + * Use a placeholder for unknown errors in ERR_*_error_string. + * Include assembly optimizations in Bazel builds on Linux-aarch64. + * Remove some BoringSSL-only X509_CINF functions. + * Document and test X509_ATTRIBUTE creation functions. + * Revert handshaker fd numbers and make StartProcess more flexible. + * Remove support for malformed X509_ATTRIBUTEs. + * Make X509_ATTRIBUTE opaque. + * acvptool: Fix typo hard-coding the HTTP method. + * Document a few more x509.h functions. + * Make X509_PUBKEY opaque. + * Always encode booleans as DER. + * Fix issuerUID and subjectUID parsing in the key usage checker. + * Add experimental handshake hints API. + * Make our Python scripts Python-3-compatible. + * Export ssl_client_hello_init for fuzzers. + * acvp: support GMAC as an algorithm. + * Record a fuzzing corpus for the ClientHelloInner decoder. + * Use a consistent plural for 'corpus'. + * Add util/bot/libFuzzer to .gitignore. + * acvp: support KAS-ECC-SSC staticUnified mode. + * Check for invalid ALPN inputs in SSL_(CTX_)set_alpn_protos. + * Don't duplicate ServerHello construction code. + * Rearrange key share and early data logic. + * Only skip early data with HRR when offered. + * Add ECH server config API to ssl_ctx_api fuzzer + * Fix ppc64le build. + * Simplify the Lucky13 mitigation. + * Add ECH server (draft-ietf-tls-esni-09). + * runner: Remove unused field + * runner: Construct finishedHash earlier. + * Simplify tls_cbc.c slightly. + * Remove remnants of CBC SHA2 cipher suites. + * runner: Test different V2ClientHello challenge lengths. + * runner: Ensure helloBytes is always the same as hello.marshal(). + * runner: Fix ECH confirmation calculation with PSKs in tests. + * runner: Fix HPKE parameter order. + * runner: UpdateForHelloRetryRequest cannot fail. + * runner: Don't use the buffer in TLS 1.3. + * runner: Don't maintain two copies of the same transcript hash. + * runner: Remove remnants of SSL 3.0. + * runner: Fix writeClientHash and writeRecord ordering. + * runner: Remove CheckTLS13DowngradeRandom. + * runner: Remove remnants of the separate HelloRetryRequest message. + * runner: Store a cipherSuite in ClientSessionState. + * runner: Move writeHash to the finishedHash struct. + * Fix the spelling of HPKE AEAD constants. + * Don't reset server callback expectations on new handshake. + * Fix MockQuicTransport::Flush error handling. + * Fold ripemd/internal.h into ripemd.c. + * Move load/store helpers to crypto/internal.h. + * Make words in crypto/fipsmodule/modes actually words. + * Handle EINTR more in handshaker.cc. + * Add a few missing SSL_R_BIO_NOT_SET cases. + * Fix some unreachable code in the QUIC handshaker driver. + * Rearrange SSLKeyShare::Serialize. + * Fix ssl/internal.h sectioning. + * Remove some now unnecessary test exclusions from split handshakes. + * Remove tls13-split-handshakes flag. + * Define HANDSHAKER_SUPPORTED in once place. + * Tidy up handshaker tester. + * modulewrapper: add option to print build information. + * FIPS counters for AES-CTR. + * Enforce that pre_shared_key must come with psk_key_exchange_modes. + * Zero out FIPS counters. + * Remove is_resume field on TestState. + * Remove OPENSSL_DANGEROUS_RELEASE_PTHREAD_KEY build flag. + * Add some warnings on how to use OPENSSL_memory_* functions. + * Use an unsized helper for truncated SHA-512 variants. + * Fix mismatch between header and implementation of bn_sqr_comba8. + * Remove GCC 4.8.99 check. + * Bump minimum CMake version. + * Automatically enable C11 atomics when available. + * Make generate_build_files.py python3 compatible. + * Remove X509_REQ_set_extension_nids and document related functions. + * Document a few more functions in x509.h. + * Do not access value.ptr with V_ASN1_BOOLEAN. + * Add X509_PUBKEY_get0_public_key. + * Test empty EVP_CIPHER inputs and fix exact memcpy overlap. + * Revert "Implement rsa_pkcs1_sha256_legacy." + * Fix unnecessarily direction-specific tests in cipher_tests.txt + * Refactor HPKE API to include explicit length parameters. + * Generalize make_errors.go to allow EVP covering multiple directories. + * Add a Windows no-op impl of BORINGSSL_self_test + * Only pass -handshaker-path in split handshakes tests. + * Add RNG support for FreeBSD. + * Move fips.c into a subdirectory. + * Implement rsa_pkcs1_sha256_legacy. + * Better document nullable X.509 getters. + * runner: Remove redundant -enable-all-curves shim flag. + * Initialize nonce in PerAEADTest.ABI. + * Document ASN1_TYPE and related functions. + * fips: add counters. + * Align with OpenSSL on constness of static ASN1_OBJECTs. + * Add -rr-record flag to runner.go. + * Register NAME_CONSTRAINTS with bssl::UniquePtr. + * Register POLICY_MAPPING with bssl::UniquePtr. + * Stub out some more of PKCS7. + * Remove TODO to reverse the output of PKCS12_parse. + * Make the X509_VAL structure opaque. + * Support creating unencrypted PKCS#12 files. + * Move PKCS#12 samples to embed_test_data. + * Remove some remnants of TLS 1.3 downgrade carveouts. + * Remove X509_REQ_to_X509. + * Fix OPENSSL_EC_* constants and add EC_GROUP_get_asn1_flag + * RAND_set_rand_method returns int. + * Check the inner and outer CRL signature algorithms match. + * Remove block_mask from EVP_CIPHER_CTX. + * Document a couple more functions in x509.h. + * Define X509V*_VERSION constants. + * Handle the default X.509 version explicitly. + * Compile for RISC-V. + * Add ECDSA nonce-testing functions. + * Rearrange ECDSA implementation. + * Split the FIPS mode PRNG lock in two. + * Remove legacy vs_toolchain.py environment variable. + * runner: Rename 'masterSecret' on session objects to plain 'secret'. + * Test ECDSA signing is non-deterministic. + * acvp: split ACVP modulewrapper for reuse by Trusty + * No-op CL to trigger some builds. + * Use CIPD Go packages. + * Update CMake on the bots and switch to CIPD where available. + * Future-proof vs_toolchain.py for VS2019. + * Revert "Revert "Disable check that X.509 extensions implies v3."" + * Update Clang and Go on the bots. + * Check for OBJ_nid2obj failures in X509_ATTRIBUTE_create. + * Don't overflow the output length in EVP_CipherUpdate calls. + * Remove X509_issuer_and_serial_hash. + * Fix Bazel build breakage. + * Specify VS toolchain by command-line argument. + * Update Android Bazel build support in BUILD.toplevel. + * Honor SSL_TLSEXT_ERR_ALERT_FATAL in the ALPN callback. + * acvp: detect header element in JSON. + * Align the ARM capability functions. + * Skip runtime NEON checks if __ARM_NEON is defined. + * acvp: don't include CMAC-AES in regcap dump. + * acvp: fix CMAC verify + * Include bn/internal.h for non-bcm.c builds. + * Add various function calls to test_fips. + * Add missing include to self_check.c. + * Revert "Disable check that X.509 extensions implies v3." + * Fix TLS13SessionID-TLS13 test. + * Use ID instead of Id in Go. + * acvp: move CMAC verification into the module wrapper. + * Benchmark BORINGSSL_self_test in FIPS mode. + * Support MOVLPS and MOVHPS in delocate. + * Add FFDH FIPS self-test. + * acvp: update to newer FFDH test. + * Add basic BLAKE2b-256 support. + * acvp: check that the payloadLen of cipher tests is correct. + * acvp: update test expectations in light of 8dcdcb39a7 + * Support cross-compiling AArch64 FIPS to Android. + * acvp: drop 3DES fields from output when unused. + * acvp: don't advertise SHA-1 RSA signature generation. + * Fix comments that refer to old draft of HPKE. + * Define TLSEXT_TYPE_quic_transport_parameters to the old code point for now. + * Make BN_clear_free a wrapper around BN_free. + * delocate: support Aarch64 + * Add DH_compute_key_padded. + * Fix client 0-RTT handling with ALPS. + * acvp: add XTS support. + * doc: fix SSL_set0_rbio + * Add support for the new QUIC TLS extension codepoint + * delocate: preprocess perlasm output on Aarch64 + * Replace MockQUICTransport tags with record types. + * Run extension tests at all protocols. + * Make QUIC tests work with early data. + * Make QUIC work with -async tests. + * Fix ALPS state machine in QUIC servers. + * runner: Allow tokbind without RI/EMS in TLS 1.3. + * Test that ALPS can be deferred to the ALPN callback. + * Send ECH acceptance signal from backend server. + * delocate: handle Aarch64 assembly in parser. + * Add ASM optimizations for Windows on Arm + * Use gai_strerrorA on Windows. + * Optimize suffix building in FileTest::ReadNext(). + * A handful more compatibility functions. + * Update HPKE to draft-irtf-cfrg-hpke-07. + * acvp: drop subprocess_test.go + * Add some OpenSSL-compatibility aliases + * delocate: eliminate expression from vpaes assembly. + * delocate: support alternative comment indicators + * Update third_party/googletest. + * acvp: add tests + * Fix chacha20_poly1305_x86_64.pl comments. + * Fix awkward wording in comment. + * Update ECH GREASE to draft-ietf-tls-esni-09 + * Gerrit ignores <sup>; use Unicode superscript instead. + * acvp: better document the subprocess protocol. + * Add .text.unlikely.* pattern to fips_shared.lds. + * acvp: fix silly errors. + * acvp: load config later. + * Allow some non-minimal lengths in BER. + * Export tool_sources to GN. + * Use more efficient std::string::find overload. + * Revert "Add support for the new QUIC TLS extension codepoint" + * Move DH parameter generation out of the FIPS module. + * Add support for the new QUIC TLS extension codepoint + * Use stdlib.h instead of cstdlib in span.h. + * Check for trailing data in X509Test.GeneralName. + * Fix ChaCha20-Poly1305 x86-64 asm on Windows + * Include bn.h from bn/internal.h + * acvp: add support for finite-field Diffie–Hellman. + * Move DH code into the FIPS module. + * Remove unused Netware codepaths in x86 perlasm. + * Finish switching to NASM. + * Switch to passive entropy collection for Android FIPS. + * Skip ASN.1 template tests in Windows shared library builds. + * Add TLS_KDF to documented break tests. + * acvp: add support for KAS + * Align armv8.pl references to OPENSSL_armcap_P. + * Reject bad ASN.1 templates with implicitly-tagged CHOICEs. + * Implement GREASE for ECH (draft-ietf-tls-esni-08). + * acvp: add TLS KDF support + * acvp: tweak config + * acvp: fix subprocess_test.go + * Const-correct GENERAL_NAME_cmp. + * Fix EDIPartyName parsing and GENERAL_NAME_cmp. + * PWCT failures should clear the generated key. + * Get closer to Ed25519 boundary conditions. + * draft-ietf-tls-certificate-compression is now RFC 8879. + * Update FIPS.md to include latest FIPS certificate. + * Only accept little-endian ARM and MIPS variants in base.h. + * aesv8-armx.pl: avoid 32-bit lane assignment in CTR mode + * Improve sk_dup. + * Poly1305: Use |size_t|; assert |poly1305_state| is large enough. + * util/fipstools/acvp/acvptool: buffer signal channel to avoid losing signal + * Add digest.h to self_check.c + * Document ASN1_STRING. + * acvp: add SHA-512/256 support. + * Add FIPS self test for the TLS KDF. + * Rename the master_key field in SSL_SESSION to secret. + * Always check the TLS 1.3 downgrade signal. + * Fix NETSCAPE_SPKI_get_pubkey documentation. + * Const-correct and document more X509 functions. + * Add APIs for checking ASN.1 INTEGERs. + * Remove some unnecessary pointer casts. + * Document the basic ASN1_STRING functions. + * Document some defaults for the EVP RSA interface. + * Rearrange ASN1_STRING_copy slightly. + * Remove the legacy MSTRING M_ASN1 macros. + * Switch M_ASN1_TIME macros within the library. + * Unwind M_ASN1_* macros for primitive types. + * Reformat and convert comments in asn1.h. + * aarch64: Fix name of gnu property note section + * Re-reformat x509.h. + * Document X509V3_add1_i2d and friends. + * Remove ASN1_STRING_FLAG_NDEF. + * Unexport internal crypto/asn1 functions. + * Unwind some old ASN.1 ifdefs. + * Unwind ASN1_PRIMITIVE_FUNCS. + * Remove some unused types from asn1t.h. + * Unwind ASN1_TFLG_NDEF. + * Unwind ASN1_ITYPE_COMPAT. + * Unwind ASN1_AFLG_BROKEN. + * Const-correct various X509 string parameters. + * Document the next few functions in x509.h + * Remove sk_new_null call. + * acvp: move inner MCT loops into subprocess. + * Fix x509_rsa_ctx_to_pss when saltlen is md_size. + * Document the X509V3_get_d2i family of functions. + * runner: explicitly signal error from handshaker. + * runner: add -skip + * Add functions for manipulating X.509 TBS structures. + * Remove ASN1_STRING_length_set prototype. + * Update Go on the bots. + * Rework vs_toolchain.py and vs_env.py. + * Add ECDSA verify KAT to FIPS self-tests. + * Add AES-GCM AEADs with internal nonce generation. + * Define a constant for the standard GCM nonce length. + * Add test for X25519-containing certificate. + * Add SSL_early_data_reason_string. + * Add raw redeem API. + * aarch64: Remove some flavour conditionals ++++ 80 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/boringssl/boringssl.changes ++++ and /work/SRC/openSUSE:Factory/.boringssl.new.1937/boringssl.changes Old: ---- 0001-Compile-for-RISC-V.patch boringssl-0.20200921.tar.xz soname-sover.patch New: ---- 0006-gcc-disable-werror.patch 0007-fix-go-vendor-embed_test_data.patch 0008-fix-go-vendor-err_data_generate.patch 0009-soname-sover.patch boringssl-0.20210430.tar.xz vendor.tar.gz ----------(Old B)---------- Old: - Drop 0001-Compile-for-RISC-V.patch: it was an orphaned source (shipped but unreferenced, tripping the factory-auto check that Old: * Rebase 0008-fix-go-vendor-err_data_generate.patch * Rebase 0009-soname-sover.patch (was soname-sover.patch) * rpmlint fix version-control-internal-file error ----------(Old E)---------- ----------(New B)---------- New: * Rebase 0005-fix-alignment-for-arm.patch * Rebase 0006-gcc-disable-werror.patch * Rebase 0007-fix-go-vendor-embed_test_data.patch New: * Rebase 0006-gcc-disable-werror.patch * Rebase 0007-fix-go-vendor-embed_test_data.patch * Rebase 0008-fix-go-vendor-err_data_generate.patch New: * Rebase 0007-fix-go-vendor-embed_test_data.patch * Rebase 0008-fix-go-vendor-err_data_generate.patch * Rebase 0009-soname-sover.patch (was soname-sover.patch) New: * Rebase 0008-fix-go-vendor-err_data_generate.patch * Rebase 0009-soname-sover.patch (was soname-sover.patch) * rpmlint fix version-control-internal-file error ----------(New E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ boringssl.spec ++++++ --- /var/tmp/diff_new_pack.1DfdVp/_old 2026-05-30 23:02:04.873998130 +0200 +++ /var/tmp/diff_new_pack.1DfdVp/_new 2026-05-30 23:02:04.873998130 +0200 @@ -1,7 +1,7 @@ # # spec file for package boringssl # -# Copyright (c) 2024 SUSE LLC +# Copyright (c) 2026 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,25 +18,28 @@ %define sover 1 %define libname libboringssl%{sover} -%define src_install_dir /usr/src/%{name} +%define src_install_dir %{_prefix}/src/%{name} Name: boringssl -Version: 0.20200921 +Version: 0.20210430 Release: 0 Summary: An SSL/TLS protocol implementation License: OpenSSL -Group: Development/Sources URL: https://boringssl.googlesource.com/boringssl/ Source: %{name}-%{version}.tar.xz -Patch0: 0002-crypto-Fix-aead_test-build-on-aarch64.patch -Patch1: 0003-enable-s390x-builds.patch -Patch2: 0004-fix-alignment-for-ppc64le.patch -Patch3: 0005-fix-alignment-for-arm.patch -Patch4: 0001-Compile-for-RISC-V.patch -Patch5: soname-sover.patch +Source1: vendor.tar.gz +Patch2: 0002-crypto-Fix-aead_test-build-on-aarch64.patch +Patch3: 0003-enable-s390x-builds.patch +Patch4: 0004-fix-alignment-for-ppc64le.patch +Patch5: 0005-fix-alignment-for-arm.patch +Patch6: 0006-gcc-disable-werror.patch +Patch7: 0007-fix-go-vendor-embed_test_data.patch +Patch8: 0008-fix-go-vendor-err_data_generate.patch +Patch9: 0009-soname-sover.patch BuildRequires: cmake >= 3.0 BuildRequires: fdupes BuildRequires: gcc-c++ -ExclusiveArch: %{ix86} x86_64 aarch64 s390x ppc64le %arm riscv64 +BuildRequires: golang(API) >= 1.13 +ExclusiveArch: %{ix86} x86_64 aarch64 s390x ppc64le %{arm} riscv64 %description BoringSSL is an implementation of the Secure Sockets Layer (SSL) and @@ -44,7 +47,6 @@ %package -n %{libname} Summary: An SSL/TLS protocol implementation -Group: System/Libraries Recommends: ca-certificates-mozilla %description -n %{libname} @@ -53,7 +55,6 @@ %package devel Summary: Development files for BoringSSL -Group: Development/Libraries/C and C++ Requires: %{libname} = %{version} %description devel @@ -63,27 +64,33 @@ %package source Summary: Source code of BoringSSL -Group: Development/Sources BuildArch: noarch %description source Source files for BoringSSL implementation %prep -%autosetup -p1 +%autosetup -a 1 -p 1 %build +# Supress CMake default to include RPATH in binary on platforms which support it. +# Failure to supress rpath fails rpmlint: +# libboringssl1: E: binary-or-shlib-defines-rpath (Badness: 10000) /usr/lib64/libboringssl_ssl.so.1 +# (RUNPATH: /home/abuild/rpmbuild/BUILD/boringssl-0.20210430-build/boringssl-0.20210430/build/crypto) +# The binary or shared library defines `RPATH' (or `RUNPATH') that points to a non-system library path. %cmake \ %ifarch riscv64 -DOPENSSL_NO_ASM=1 \ %endif + -DCMAKE_SKIP_RPATH=1 \ -DCMAKE_SHARED_LINKER_FLAGS="%{?build_ldflags} -Wl,--as-needed -Wl,-z,now" %cmake_build %install # Install libraries -install -D -m0755 build/libboringssl_crypto.so.%{sover} %{buildroot}%{_libdir}/libboringssl_crypto.so.%{sover} -install -D -m0755 build/libboringssl_ssl.so.%{sover} %{buildroot}%{_libdir}/libboringssl_ssl.so.%{sover} +# Upstream sources build .so in crypto/ and ssl/ subdirs. TBD if package layout needs to preserve that. +install -D -m0755 build/crypto/libboringssl_crypto.so.%{sover} %{buildroot}%{_libdir}/libboringssl_crypto.so.%{sover} +install -D -m0755 build/ssl/libboringssl_ssl.so.%{sover} %{buildroot}%{_libdir}/libboringssl_ssl.so.%{sover} # Create links from *.so to *.so.SOVER ln -sf libboringssl_crypto.so.%{sover} %{buildroot}%{_libdir}/libboringssl_crypto.so ln -sf libboringssl_ssl.so.%{sover} %{buildroot}%{_libdir}/libboringssl_ssl.so @@ -95,28 +102,86 @@ %fdupes %{buildroot}%{src_install_dir} # Fix arch-independent-package-contains-binary-or-object find %{buildroot}%{src_install_dir} -type f \( -name "*.a" -o -name "*.lib" -o -name "*.o" \) -exec rm -f "{}" + + +# Fix version-control-internal-file error. +# boringssl-source.noarch: E: version-control-internal-file +# /usr/src/boringssl/vendor/golang.org/x/sys/unix/.gitignore +find %{buildroot}%{src_install_dir} -type f -name ".gitignore" -delete + +# Fix script-without-shebang error. +# boringssl-source.noarch: E: script-without-shebang +# /usr/src/boringssl/third_party/googletest/test/gtest_test_utils.py +# /usr/src/boringssl/third_party/googletest/test/gtest_xml_test_utils.py +# /usr/src/boringssl/fuzz/minimise_corpora.sh +# /usr/src/boringssl/util/fipstools/break-tests-android.sh +# /usr/src/boringssl/util/fipstools/break-tests.sh +# /usr/src/boringssl/crypto/fipsmodule/ec/asm/p256_beeu-x86_64-asm.pl +# As built, permissions for these are: +# -rwxr-xr-x third_party/googletest/test/gtest_test_utils.py +# -rwxr-xr-x third_party/googletest/test/gtest_xml_test_utils.py +# -rw-r--r-- fuzz/minimise_corpora.sh +# -rw-r--r-- util/fipstools/break-tests-android.sh +# -rw-r--r-- util/fipstools/break-tests.sh +# -rw-r--r-- crypto/fipsmodule/ec/asm/p256_beeu-x86_64-asm.pl +# Unsetting executable bits on .py files has the intended effect to pass the linter +chmod a-x %{buildroot}%{_prefix}/src/boringssl/third_party/googletest/test/gtest_test_utils.py +chmod a-x %{buildroot}%{_prefix}/src/boringssl/third_party/googletest/test/gtest_xml_test_utils.py +# The .sh files already do not have executable bits set but script-without-shebang linter still fails +# Insert a bash shebang line for script-without-shebang linter +sed -i -e '1i#!/bin/bash' %{buildroot}%{_prefix}/src/boringssl/fuzz/minimise_corpora.sh +sed -i -e '1i#!/bin/bash' %{buildroot}%{_prefix}/src/boringssl/util/fipstools/break-tests-android.sh +sed -i -e '1i#!/bin/bash' %{buildroot}%{_prefix}/src/boringssl/util/fipstools/break-tests.sh +# Insert a perl shebang line for script-without-shebang linter +sed -i -e '1i#!%{_bindir}/perl' %{buildroot}%{_prefix}/src/boringssl/crypto/fipsmodule/ec/asm/p256_beeu-x86_64-asm.pl + # Fix non-executable-script warning. -find %{buildroot}%{src_install_dir} -type f -name "*.sh" -exec chmod +x "{}" + +find %{buildroot}%{src_install_dir} -type f -name "*.sh" -print -exec chmod +x "{}" + +find %{buildroot}%{src_install_dir} -type f -name "*.pl" -print -exec chmod +x "{}" + +# Fix these individually, since we don't want all *.py to all be executable +chmod +x %{buildroot}%{_prefix}/src/boringssl/third_party/googletest/test/googletest-json-outfiles-test.py +chmod +x %{buildroot}%{_prefix}/src/boringssl/third_party/googletest/test/googletest-json-output-unittest.py +chmod +x %{buildroot}%{_prefix}/src/boringssl/third_party/googletest/test/googletest-param-test-invalid-name1-test.py +chmod +x %{buildroot}%{_prefix}/src/boringssl/third_party/googletest/test/googletest-param-test-invalid-name2-test.py +chmod +x %{buildroot}%{_prefix}/src/boringssl/third_party/googletest/test/gtest_list_output_unittest.py +chmod +x %{buildroot}%{_prefix}/src/boringssl/util/bot/update_clang.py +# Fix one bash script to be executable +chmod +x %{buildroot}%{_prefix}/src/boringssl/vendor/golang.org/x/sys/windows/mkerrors.bash + # Fix env-script-interpreter error. -find %{buildroot}%{src_install_dir} -type f -name "*.pl" -exec sed -i 's|#!.*/usr/bin/env perl|#!/usr/bin/perl|' "{}" + -find %{buildroot}%{src_install_dir} -type f -name "*.py" -exec sed -i 's|#!.*/usr/bin/python$|#!/usr/bin/python3|' "{}" + -find %{buildroot}%{src_install_dir} -type f -name "*.py" -exec sed -i 's|#!.*/usr/bin/env python.*|#!/usr/bin/python3|' "{}" + -find %{buildroot}%{src_install_dir} -type f -name "*.sh" -exec sed -i 's|#!.*/usr/bin/env bash|#!/bin/bash|' "{}" + +find %{buildroot}%{src_install_dir} -type f -name "*.pl" -exec sed -i 's|#!.*%{_bindir}/env perl|#!%{_bindir}/perl|' "{}" + +# crypto/asn1/charmap.pl /usr/local/bin/perl disallowed perl location +find %{buildroot}%{src_install_dir} -type f -name "*.pl" -exec sed -i 's|#!.*%{_prefix}/local/bin/perl|#!%{_bindir}/perl|' "{}" + + +find %{buildroot}%{src_install_dir} -type f -name "*.py" -exec sed -i 's|#!.*%{_bindir}/python$|#!%{_bindir}/python3|' "{}" + +find %{buildroot}%{src_install_dir} -type f -name "*.py" -exec sed -i 's|#!.*%{_bindir}/env python.*|#!%{_bindir}/python3|' "{}" + +find %{buildroot}%{src_install_dir} -type f -name "*.sh" -exec sed -i 's|#!.*%{_bindir}/env bash|#!/bin/bash|' "{}" + # To avoid conflicts with openssl development files, change all includes from # openssl to boringssl. # BoringSSL headers provided by this pachage are installed in # /usr/include/boringssl for the same reason. -find src/include/openssl -type f -exec sed -i 's/openssl/boringssl/' "{}" + +find %{buildroot}%{_prefix}/src/boringssl/include/openssl -type f -exec sed -i 's/openssl/boringssl/' "{}" + + +find %{buildroot}%{_prefix}/src/boringssl/include/openssl -type f -execdir install -D -m0644 "{}" "%{buildroot}%{_includedir}/boringssl/{}" \; -find src/include/openssl -type f -execdir install -D -m0644 "{}" "%{buildroot}%{_includedir}/boringssl/{}" \; +# Remove Go build utilities which cause debuginfo error: +# dwz: ./usr/src/boringssl/crypto/err/err_data_generate.debug: Found compressed .debug_abbrev section, not attempting dwz compression +# dwz: ./usr/src/boringssl/embed_test_data.debug: Found compressed .debug_abbrev section, not attempting dwz compression +rm %{buildroot}%{_prefix}/src/boringssl/crypto/err/err_data_generate +rm %{buildroot}%{_prefix}/src/boringssl/embed_test_data + +# Relocate doc and license to align with packaging standards +mkdir -p %{buildroot}%{_docdir}/%{name} +cp -a %{buildroot}%{_prefix}/src/boringssl/README.md %{buildroot}%{_docdir}/%{name} +cp -a %{buildroot}%{_prefix}/src/boringssl/LICENSE %{buildroot}%{_docdir}/%{name} %post -n %{libname} -p /sbin/ldconfig %postun -n %{libname} -p /sbin/ldconfig %files -n %{libname} -%doc src/README.md -%license LICENSE +%doc %{_docdir}/%{name}/README.md +%license %{_docdir}/%{name}/LICENSE +%exclude %{_docdir}/%{name} %{_libdir}/libboringssl_crypto.so.%{sover} %{_libdir}/libboringssl_ssl.so.%{sover} @@ -127,4 +192,6 @@ %files source %{src_install_dir} +%exclude %{_prefix}/src/boringssl/README.md +%exclude %{_prefix}/src/boringssl/LICENSE ++++++ 0002-crypto-Fix-aead_test-build-on-aarch64.patch ++++++ --- /var/tmp/diff_new_pack.1DfdVp/_old 2026-05-30 23:02:04.970002077 +0200 +++ /var/tmp/diff_new_pack.1DfdVp/_new 2026-05-30 23:02:05.014003885 +0200 @@ -30,13 +30,13 @@ src/crypto/cipher_extra/aead_test.cc | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) -Index: boringssl-20200122/src/crypto/cipher_extra/aead_test.cc +Index: a/crypto/cipher_extra/aead_test.cc =================================================================== ---- boringssl-20200122.orig/src/crypto/cipher_extra/aead_test.cc -+++ boringssl-20200122/src/crypto/cipher_extra/aead_test.cc -@@ -29,6 +29,12 @@ - #include "../test/test_util.h" - #include "../test/wycheproof_util.h" +--- a/crypto/cipher_extra/aead_test.cc ++++ b/crypto/cipher_extra/aead_test.cc +@@ -73,6 +73,12 @@ constexpr size_t MinimumTagLength(uint32_t flags) { + return ((flags >> 8) & 0xf) == 0 ? 1 : ((flags >> 8) & 0xf); + } +#if defined(OPENSSL_AARCH64) +#define ALIGN_BYTES 16 @@ -44,7 +44,7 @@ +#define ALIGN_BYTES 64 +#endif + - struct KnownAEAD { const char name[40]; + const EVP_AEAD *(*func)(void); ++++++ 0003-enable-s390x-builds.patch ++++++ --- /var/tmp/diff_new_pack.1DfdVp/_old 2026-05-30 23:02:05.150009477 +0200 +++ /var/tmp/diff_new_pack.1DfdVp/_new 2026-05-30 23:02:05.178010628 +0200 @@ -13,11 +13,11 @@ src/include/openssl/base.h | 3 +++ 4 files changed, 14 insertions(+), 2 deletions(-) -Index: boringssl-20200122/CMakeLists.txt +Index: a/CMakeLists.txt =================================================================== ---- boringssl-20200122.orig/CMakeLists.txt -+++ boringssl-20200122/CMakeLists.txt -@@ -93,6 +93,8 @@ elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUA +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -494,6 +494,8 @@ elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "mips") set(ARCH "generic") elseif(${CMAKE_SYSTEM_PROCESSOR} STREQUAL "ppc64le") set(ARCH "ppc64le") @@ -26,11 +26,11 @@ else() message(FATAL_ERROR "Unknown processor:" ${CMAKE_SYSTEM_PROCESSOR}) endif() -Index: boringssl-20200122/src/crypto/cipher_extra/aead_test.cc +Index: a/crypto/cipher_extra/aead_test.cc =================================================================== ---- boringssl-20200122.orig/src/crypto/cipher_extra/aead_test.cc -+++ boringssl-20200122/src/crypto/cipher_extra/aead_test.cc -@@ -31,6 +31,8 @@ +--- a/crypto/cipher_extra/aead_test.cc ++++ b/crypto/cipher_extra/aead_test.cc +@@ -75,6 +75,8 @@ constexpr size_t MinimumTagLength(uint32_t flags) { #if defined(OPENSSL_AARCH64) #define ALIGN_BYTES 16 @@ -39,10 +39,10 @@ #else #define ALIGN_BYTES 64 #endif -Index: boringssl-20200122/src/crypto/poly1305/poly1305_test.cc +Index: a/src/crypto/poly1305/poly1305_test.cc =================================================================== ---- boringssl-20200122.orig/src/crypto/poly1305/poly1305_test.cc -+++ boringssl-20200122/src/crypto/poly1305/poly1305_test.cc +--- a/crypto/poly1305/poly1305_test.cc ++++ b/crypto/poly1305/poly1305_test.cc @@ -25,6 +25,11 @@ #include "../test/file_test.h" #include "../test/test_util.h" @@ -55,10 +55,10 @@ static void TestSIMD(unsigned excess, const std::vector<uint8_t> &key, const std::vector<uint8_t> &in, -Index: boringssl-20200122/src/include/openssl/base.h +Index: a/include/openssl/base.h =================================================================== ---- boringssl-20200122.orig/src/include/openssl/base.h -+++ boringssl-20200122/src/include/openssl/base.h +--- a/include/openssl/base.h ++++ b/include/openssl/base.h @@ -99,6 +99,9 @@ extern "C" { #elif (defined(__PPC64__) || defined(__powerpc64__)) && defined(_LITTLE_ENDIAN) #define OPENSSL_64_BIT @@ -66,7 +66,7 @@ +#elif defined(__S390X__) || defined(__s390x__) +#define OPENSSL_64_BIT +#define OPENSSL_S390X - #elif defined(__mips__) && !defined(__LP64__) + #elif defined(__MIPSEL__) && !defined(__LP64__) #define OPENSSL_32_BIT #define OPENSSL_MIPS ++++++ 0004-fix-alignment-for-ppc64le.patch ++++++ --- /var/tmp/diff_new_pack.1DfdVp/_old 2026-05-30 23:02:05.410020165 +0200 +++ /var/tmp/diff_new_pack.1DfdVp/_new 2026-05-30 23:02:05.434021152 +0200 @@ -8,19 +8,16 @@ 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/cipher_extra/aead_test.cc b/crypto/cipher_extra/aead_test.cc -index 4c079e843321..2c7e116a4aad 100644 ---- a/src/crypto/cipher_extra/aead_test.cc -+++ b/src/crypto/cipher_extra/aead_test.cc -@@ -29,7 +29,7 @@ - #include "../test/test_util.h" - #include "../test/wycheproof_util.h" +index c1e61cd..0192b45 100644 +--- a/crypto/cipher_extra/aead_test.cc ++++ b/crypto/cipher_extra/aead_test.cc +@@ -73,7 +73,7 @@ constexpr size_t MinimumTagLength(uint32_t flags) { + return ((flags >> 8) & 0xf) == 0 ? 1 : ((flags >> 8) & 0xf); + } -#if defined(OPENSSL_AARCH64) +#if defined(OPENSSL_AARCH64) || defined(OPENSSL_PPC64LE) #define ALIGN_BYTES 16 #elif defined(OPENSSL_S390X) #define ALIGN_BYTES 8 --- -2.24.0 - ++++++ 0005-fix-alignment-for-arm.patch ++++++ --- /var/tmp/diff_new_pack.1DfdVp/_old 2026-05-30 23:02:05.594027730 +0200 +++ /var/tmp/diff_new_pack.1DfdVp/_new 2026-05-30 23:02:05.626029046 +0200 @@ -1,8 +1,9 @@ -diff -purN boringssl-20190916.orig/crypto/cipher_extra/aead_test.cc boringssl-20190916/crypto/cipher_extra/aead_test.cc ---- boringssl-20190916.orig/src/crypto/cipher_extra/aead_test.cc 2020-03-10 20:57:53.383996634 +0100 -+++ boringssl-20190916/src/crypto/cipher_extra/aead_test.cc 2020-03-10 20:59:03.108731229 +0100 -@@ -31,7 +31,7 @@ - +diff --git a/crypto/cipher_extra/aead_test.cc b/crypto/cipher_extra/aead_test.cc +index 0192b45..6e2fef6 100644 +--- a/crypto/cipher_extra/aead_test.cc ++++ b/crypto/cipher_extra/aead_test.cc +@@ -75,7 +75,7 @@ constexpr size_t MinimumTagLength(uint32_t flags) { + #if defined(OPENSSL_AARCH64) || defined(OPENSSL_PPC64LE) #define ALIGN_BYTES 16 -#elif defined(OPENSSL_S390X) @@ -10,13 +11,14 @@ #define ALIGN_BYTES 8 #else #define ALIGN_BYTES 64 -diff -purN boringssl-20190916.orig/crypto/poly1305/poly1305_test.cc boringssl-20190916/crypto/poly1305/poly1305_test.cc ---- boringssl-20190916.orig/src/crypto/poly1305/poly1305_test.cc 2020-03-10 20:57:53.363996424 +0100 -+++ boringssl-20190916/src/crypto/poly1305/poly1305_test.cc 2020-03-10 21:08:32.606731399 +0100 +diff --git a/crypto/poly1305/poly1305_test.cc b/crypto/poly1305/poly1305_test.cc +index 932df95..a826b12 100644 +--- a/crypto/poly1305/poly1305_test.cc ++++ b/crypto/poly1305/poly1305_test.cc @@ -25,7 +25,7 @@ #include "../test/file_test.h" #include "../test/test_util.h" - + -#if defined(OPENSSL_S390X) +#if defined(OPENSSL_S390X) || defined(OPENSSL_ARM) #define ALIGN_BYTES 8 ++++++ 0006-gcc-disable-werror.patch ++++++ commit 225886dff82c04b5f689e7fb57d75c9ec18b45d1 Author: Jeff Kowalczyk <[email protected]> Date: Mon Mar 31 12:26:24 2025 -0700 0006-gcc-disable-werror.patch diff --git a/CMakeLists.txt b/CMakeLists.txt index 4d6f30e..76a3723 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -117,7 +117,7 @@ endif() if(CMAKE_COMPILER_IS_GNUCXX OR CLANG) # Note clang-cl is odd and sets both CLANG and MSVC. We base our configuration # primarily on our normal Clang one. - set(C_CXX_FLAGS "-Werror -Wformat=2 -Wsign-compare -Wmissing-field-initializers -Wwrite-strings -Wvla") + set(C_CXX_FLAGS "-Wformat=2 -Wsign-compare -Wmissing-field-initializers -Wwrite-strings -Wvla") if(MSVC) # clang-cl sets different default warnings than clang. It also treats -Wall # as -Weverything, to match MSVC. Instead -W3 is the alias for -Wall. ++++++ 0007-fix-go-vendor-embed_test_data.patch ++++++ commit 84b3970a1a7fa419f305a833effbedb3e53690b7 Author: Jeff Kowalczyk <[email protected]> Date: Mon Mar 31 08:40:57 2025 -0700 0007-fix-go-vendor-embed_test_data.patch diff --git a/CMakeLists.txt b/CMakeLists.txt index 76a3723..fb2c801 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -585,7 +585,8 @@ file(WRITE "${CMAKE_CURRENT_BINARY_DIR}/embed_test_data_args.txt" add_custom_command( OUTPUT crypto_test_data.cc - COMMAND ${GO_EXECUTABLE} run util/embed_test_data.go -file-list + COMMAND ${GO_EXECUTABLE} build -mod=vendor util/embed_test_data.go + COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/embed_test_data -file-list "${CMAKE_CURRENT_BINARY_DIR}/embed_test_data_args.txt" > "${CMAKE_CURRENT_BINARY_DIR}/crypto_test_data.cc" DEPENDS util/embed_test_data.go ${CRYPTO_TEST_DATA} ++++++ 0008-fix-go-vendor-err_data_generate.patch ++++++ commit 05f4d459a1c3495918585d5bc3531f55b12baca7 Author: Jeff Kowalczyk <[email protected]> Date: Mon Mar 31 14:25:59 2025 -0700 0008-fix-go-vendor-err_data_generate.patch diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt index c06cbb7..0a5a2b7 100644 --- a/crypto/CMakeLists.txt +++ b/crypto/CMakeLists.txt @@ -167,7 +167,8 @@ perlasm(test/trampoline-x86_64.${ASM_EXT} test/asm/trampoline-x86_64.pl) add_custom_command( OUTPUT err_data.c - COMMAND ${GO_EXECUTABLE} run err_data_generate.go > ${CMAKE_CURRENT_BINARY_DIR}/err_data.c + COMMAND ${GO_EXECUTABLE} build -mod=vendor err_data_generate.go + COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/err/err_data_generate > ${CMAKE_CURRENT_BINARY_DIR}/err_data.c DEPENDS err/err_data_generate.go err/asn1.errordata ++++++ 0009-soname-sover.patch ++++++ commit ffa90ddfe8ed4436f0893f28d29a7b66d6f1f6b0 Author: Jeff Kowalczyk <[email protected]> Date: Fri Feb 28 14:57:46 2025 -0800 0009-soname-sover.patch diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt index 0a5a2b7..99a1306 100644 --- a/crypto/CMakeLists.txt +++ b/crypto/CMakeLists.txt @@ -198,7 +198,7 @@ add_custom_command( ) add_library( - crypto + boringssl_crypto asn1/a_bitstr.c asn1/a_bool.c @@ -443,7 +443,7 @@ if(FIPS_SHARED) # Rewrite libcrypto.so to inject the correct module hash value. This assumes # UNIX-style library naming, but we only support FIPS mode on Linux anyway. add_custom_command( - TARGET crypto POST_BUILD + TARGET boringssl_crypto POST_BUILD COMMAND ${GO_EXECUTABLE} run ${CMAKE_CURRENT_SOURCE_DIR}/../util/fipstools/inject_hash/inject_hash.go -o libcrypto.so -in-object libcrypto.so ${EXTRA_INJECT_HASH_ARGS} @@ -455,22 +455,22 @@ if(FIPS_SHARED) ) endif() -add_dependencies(crypto global_target) +add_dependencies(boringssl_crypto global_target) if(FIPS_DELOCATE OR FIPS_SHARED) - add_dependencies(crypto bcm_o_target) + add_dependencies(boringssl_crypto bcm_o_target) endif() -SET_TARGET_PROPERTIES(crypto PROPERTIES LINKER_LANGUAGE C) +SET_TARGET_PROPERTIES(boringssl_crypto PROPERTIES LINKER_LANGUAGE C) if(NOT WIN32 AND NOT ANDROID) - target_link_libraries(crypto pthread) + target_link_libraries(boringssl_crypto pthread) endif() # Every target depends on crypto, so we add libcxx as a dependency here to # simplify injecting it everywhere. if(USE_CUSTOM_LIBCXX) - target_link_libraries(crypto libcxx) + target_link_libraries(boringssl_crypto libcxx) endif() # urandom_test is a separate binary because it needs to be able to observe the @@ -482,11 +482,13 @@ add_executable( fipsmodule/rand/urandom_test.cc ) -target_link_libraries(urandom_test test_support_lib boringssl_gtest crypto) +target_link_libraries(urandom_test test_support_lib boringssl_gtest boringssl_crypto) add_dependencies(urandom_test global_target) add_dependencies(all_tests urandom_test) +set_target_properties(boringssl_crypto PROPERTIES SOVERSION 1) + add_executable( crypto_test @@ -560,7 +562,7 @@ add_executable( add_dependencies(crypto_test global_target) -target_link_libraries(crypto_test test_support_lib boringssl_gtest crypto) +target_link_libraries(crypto_test test_support_lib boringssl_gtest boringssl_crypto) if(WIN32) target_link_libraries(crypto_test ws2_32) endif() diff --git a/decrepit/CMakeLists.txt b/decrepit/CMakeLists.txt index ef95a6b..d1ef907 100644 --- a/decrepit/CMakeLists.txt +++ b/decrepit/CMakeLists.txt @@ -24,7 +24,7 @@ add_library( add_dependencies(decrepit global_target) -target_link_libraries(decrepit crypto ssl) +target_link_libraries(decrepit boringssl_crypto boringssl_ssl) add_executable( decrepit_test @@ -41,7 +41,7 @@ add_executable( add_dependencies(decrepit_test global_target) target_link_libraries(decrepit_test test_support_lib boringssl_gtest decrepit - crypto) + boringssl_crypto) if(WIN32) target_link_libraries(decrepit_test ws2_32) endif() diff --git a/fuzz/CMakeLists.txt b/fuzz/CMakeLists.txt index 62652cb..7aabbc4 100644 --- a/fuzz/CMakeLists.txt +++ b/fuzz/CMakeLists.txt @@ -5,7 +5,7 @@ set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wno-missing-prototypes") macro(fuzzer name) add_executable(${name} ${name}.cc) add_dependencies(${name} global_target) - target_link_libraries(${name} crypto ${ARGN}) + target_link_libraries(${name} boringssl_crypto ${ARGN}) if(LIBFUZZER_FROM_DEPS) set_target_properties(${name} PROPERTIES LINK_FLAGS "-fsanitize=fuzzer-no-link") target_link_libraries(${name} Fuzzer) diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt index 38c686b..fa086c0 100644 --- a/ssl/CMakeLists.txt +++ b/ssl/CMakeLists.txt @@ -1,7 +1,7 @@ include_directories(../include) add_library( - ssl + boringssl_ssl bio_ssl.cc d1_both.cc @@ -42,9 +42,11 @@ add_library( tls13_server.cc ) -add_dependencies(ssl global_target) +add_dependencies(boringssl_ssl global_target) -target_link_libraries(ssl crypto) +target_link_libraries(boringssl_ssl boringssl_crypto) + +set_target_properties(boringssl_ssl PROPERTIES SOVERSION 1) add_executable( ssl_test @@ -58,7 +60,7 @@ add_executable( add_dependencies(ssl_test global_target) -target_link_libraries(ssl_test test_support_lib boringssl_gtest ssl crypto) +target_link_libraries(ssl_test test_support_lib boringssl_gtest boringssl_ssl boringssl_crypto) if(WIN32) target_link_libraries(ssl_test ws2_32) endif() diff --git a/ssl/test/CMakeLists.txt b/ssl/test/CMakeLists.txt index bb9bd81..c9e353d 100644 --- a/ssl/test/CMakeLists.txt +++ b/ssl/test/CMakeLists.txt @@ -15,7 +15,7 @@ add_executable( add_dependencies(bssl_shim global_target) -target_link_libraries(bssl_shim test_support_lib ssl crypto) +target_link_libraries(bssl_shim test_support_lib boringssl_ssl boringssl_crypto) if(UNIX AND NOT APPLE AND NOT ANDROID) add_executable( @@ -33,7 +33,7 @@ if(UNIX AND NOT APPLE AND NOT ANDROID) add_dependencies(handshaker global_target) - target_link_libraries(handshaker test_support_lib ssl crypto) + target_link_libraries(handshaker test_support_lib boringssl_ssl boringssl_crypto) else() # Declare a dummy target for run_tests to depend on. add_custom_target(handshaker) diff --git a/tool/CMakeLists.txt b/tool/CMakeLists.txt index e9e387b..ae82517 100644 --- a/tool/CMakeLists.txt +++ b/tool/CMakeLists.txt @@ -28,12 +28,12 @@ if(WIN32) endif() if(APPLE OR WIN32 OR ANDROID) - target_link_libraries(bssl ssl crypto) + target_link_libraries(bssl boringssl_ssl boringssl_crypto) else() find_library(FOUND_LIBRT rt) if(FOUND_LIBRT) - target_link_libraries(bssl ssl crypto -lrt) + target_link_libraries(bssl boringssl_ssl boringssl_crypto -lrt) else() - target_link_libraries(bssl ssl crypto) + target_link_libraries(bssl boringssl_ssl boringssl_crypto) endif() endif() diff --git a/util/fipstools/acvp/modulewrapper/CMakeLists.txt b/util/fipstools/acvp/modulewrapper/CMakeLists.txt index 267f82c..af6950b 100644 --- a/util/fipstools/acvp/modulewrapper/CMakeLists.txt +++ b/util/fipstools/acvp/modulewrapper/CMakeLists.txt @@ -10,5 +10,5 @@ if(FIPS) add_dependencies(modulewrapper global_target) - target_link_libraries(modulewrapper crypto) + target_link_libraries(modulewrapper boringssl_crypto) endif() diff --git a/util/fipstools/cavp/CMakeLists.txt b/util/fipstools/cavp/CMakeLists.txt index a50c9ab..b3142e4 100644 --- a/util/fipstools/cavp/CMakeLists.txt +++ b/util/fipstools/cavp/CMakeLists.txt @@ -37,6 +37,6 @@ if(FIPS) add_dependencies(test_fips global_target) - target_link_libraries(cavp test_support_lib crypto) - target_link_libraries(test_fips test_support_lib crypto) + target_link_libraries(cavp test_support_lib boringssl_crypto) + target_link_libraries(test_fips test_support_lib boringssl_crypto) endif() ++++++ _service ++++++ --- /var/tmp/diff_new_pack.1DfdVp/_old 2026-05-30 23:02:06.254054862 +0200 +++ /var/tmp/diff_new_pack.1DfdVp/_new 2026-05-30 23:02:06.274055684 +0200 @@ -1,16 +1,16 @@ <services> - <service mode="disabled" name="tar_scm"> + <service mode="manual" name="tar_scm"> <param name="url">https://boringssl.googlesource.com/boringssl</param> <param name="scm">git</param> <param name="changesgenerate">enable</param> <param name="filename">boringssl</param> <param name="versionformat">0.%cd</param> - <param name="revision">1ce6682c7f6cfe0426ed54a37c10775bea9d3502</param> + <param name="revision">2c45d4e03e35a2dd73834252e11e8a7282eb9185</param> </service> - <service mode="disabled" name="recompress"> + <service mode="manual" name="recompress"> <param name="file">*.tar</param> <param name="compression">xz</param> </service> - <service mode="disabled" name="set_version"/> + <service mode="manual" name="set_version"/> </services> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.1DfdVp/_old 2026-05-30 23:02:06.486064400 +0200 +++ /var/tmp/diff_new_pack.1DfdVp/_new 2026-05-30 23:02:06.522065880 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://boringssl.googlesource.com/boringssl</param> - <param name="changesrevision">1ce6682c7f6cfe0426ed54a37c10775bea9d3502</param></service></servicedata> + <param name="changesrevision">853ca1ea1168dff08011e5d42d94609cc0ca2e27</param></service></servicedata> (No newline at EOF) ++++++ boringssl-0.20200921.tar.xz -> boringssl-0.20210430.tar.xz ++++++ /work/SRC/openSUSE:Factory/boringssl/boringssl-0.20200921.tar.xz /work/SRC/openSUSE:Factory/.boringssl.new.1937/boringssl-0.20210430.tar.xz differ: char 15, line 1
