CFT: lang/mono 5.10.2
Hi all, It's time to get us on a modern stable mono version. I've had nothing but issues with mono 5.2 and it seems I'm not alone. I have a port update ready for testing here: https://reviews.freebsd.org/D15780 Initially I intended to bring us to the very latest release, mono 5.12, but that seems to have compatibility issues. I run some ports that just don't work with it, so per suggestion I am tracking the "really stable" release which is what Mono ships with MS Visual Studio on Linux. Please let me know if you have any feedback. I'm hoping to get this committed before the 2018Q3 tree gets cut. -- Mark Felder ports-secteam & portmgr member f...@freebsd.org ___ freebsd-mono@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-mono To unsubscribe, send any mail to "freebsd-mono-unsubscr...@freebsd.org"
Re: mono build error
On Sun, Jun 17, 2018, at 08:15, Dries Michiels wrote: > > > python2.7 ./genmdesc.py TARGET_AMD64 . cpu-amd64.h amd64_desc ./cpu-amd64.md > > gmake[4]: python2.7: Command not found > I don't recall seeing python2.7 hardcoded in the build anywhere, but it's possible I overlooked it. Let me see what I can find. -- Mark Felder ports-secteam & portmgr member f...@freebsd.org ___ freebsd-mono@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-mono To unsubscribe, send any mail to "freebsd-mono-unsubscr...@freebsd.org"
Re: mono build error
On Sun, Jun 17, 2018, at 14:38, Mark Felder wrote: > > > On Sun, Jun 17, 2018, at 08:15, Dries Michiels wrote: > > > > > > python2.7 ./genmdesc.py TARGET_AMD64 . cpu-amd64.h amd64_desc ./cpu-amd64.md > > > > gmake[4]: python2.7: Command not found > > > > I don't recall seeing python2.7 hardcoded in the build anywhere, but > it's possible I overlooked it. Let me see what I can find. > Sure enough it's there. I'll fix the build. mono/tests/test_lldb.py:#!/usr/local/bin/python2.7 mono/mini/Makefile.am:GENMDESC_PRG=python2.7 $(srcdir)/genmdesc.py $(target_define) $(srcdir) mono/mini/genmdesc.py:#!/usr/local/bin/python2.7 mono/mini/Makefile.am.in:GENMDESC_PRG=python2.7 $(srcdir)/genmdesc.py $(target_define) $(srcdir) scripts/mono-heapviz:#!/usr/local/bin/python2.7 -- Mark Felder ports-secteam & portmgr member f...@freebsd.org ___ freebsd-mono@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-mono To unsubscribe, send any mail to "freebsd-mono-unsubscr...@freebsd.org"
Announcing lang/mono 5.10.1.47
Hello all, Mono 5.10.1.47 is now in the ports tree. This release is considered to be "very stable" as it is the version heavily tested and deployed with Visual Studio. This release fixes appears to be more stable than our previous version and fixes many outstanding issues, although it appears it may still have kqueue bugs due to upstream targeting MacOS kqueue behavior. As a result we may have to apply more patches locally in our tree. Please follow the relevant PRs and report your findings if kqueue support is something you depend upon. The changelog for the 5.10 series can be found here: http://www.mono-project.com/docs/about-mono/releases/5.10.0/ I am hoping to have Mono 5.12 available in the near future and to get FreeBSD packages of newer Mono versions more frequently. Regards, -- Mark Felder ports-secteam & portmgr member f...@freebsd.org signature.asc Description: Message signed with OpenPGP
Re: lang/mono TLS 1.2
On Fri, Feb 2, 2018, at 08:22, Egil Hasting wrote: > Hello, > > Who are in charge of the lang/mono package? i would like to submit a patch > which build in btls as default (if there isnt any good reason to avoid it). > > rgs > Egil Hasting There is a mono@ team. I'm not up to speed on their work with the mono port, but I will CC them on this email. -- Mark Felder ports-secteam & portmgr member f...@freebsd.org ___ freebsd-mono@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-mono To unsubscribe, send any mail to "freebsd-mono-unsubscr...@freebsd.org"
security/ca_root_nss: Add a ca-merge utility to permit including private CAs
Hello, I am writing you all about my review https://reviews.freebsd.org/D16352. It's very messy at this point, so it's easier to re-compose myself here and provide the complete plan. Problem: FreeBSD has no way to include private CAs in the trust store in a persistent, reliable manner. Additionally we cannot blacklist CAs easily either. Solution: Write a tool to do it. RHEL/CentOS already have this tool called update-ca-trust(8) https://www.unix.com/man-page/centos/8/update-ca-trust/ I have attempted to write a tool to be included with security/ca_root_nss which is currently called "ca-merge". Phase one of this tool should cover the ability to include private CAs easily. A future revision should include blacklisting capabilities, but that is going to be more complex to accomplish. This tool is written in posix sh using only utilities in base. The following is the proposed change in our ports/packages: The ca-root-nss.crt is no longer trusted root; we now generate %%PREFIX%%/etc/ssl/cert.pem. All roads point to this file now. @postexec of security/ca_root_nss will generate this file from the contents of ca-root-nss.crt and do the required work if Java or Mono are installed so they get the same trusted CAs. Currently Java ships their own trust store which creates a very undesirable inconsistency. Additionally we would include @postexec in Mono and Java packages to run ca-merge so the instant they are installed they immediately have their trust stores updated and ready for use. These are the proposed steps: 1) Get ca_root_nss with ca-merge committed in the tree 2) lang/mono needs only the @postexec added in pkg-plist so it's ready at install time 3) Java ports will need updates to not install their cacerts keystore file, but instead symlink to %%PREFIX%%/etc/ssl/cacerts 4) A somewhat large commit to the tree will be needed to update every port that is compiled with special flags to make the software look at %%PREFIX%%/etc/ssl/certs.pem instead of ca-root-nss.crt Known problems: I am concerned about Java. The process of building the cacerts keystore is very annoying. You have to manually import every certificate file with the keytool command and it is slow. The ca-merge command takes a little while to churn through all the certs to build the keystore before comparing with the one on-disk to decide if it needs to be updated. This will slow down pkg build runs and pkg installs. The end result is that we should have working out of the box trust store that is consistent across all software *and* permits you to include private CAs. Please provide feedback. I don't want to bikeshed about it too much, though. Let's get something in that works. We can always improve it later. signature.asc Description: Message signed with OpenPGP
Re: Mono Build on PowerPC
On Tue, Oct 2, 2018, at 11:35, Curtis Hamilton wrote: > I've been successful in building mono in ports on 32-bit PowerPC. > > However, the build is missing the debug .pdb files listed in pkg-plist. > This is true for port versions 5.02 or 5.10. > > Has anyone else experienced this? If so, how did you fix this? > > So poudriere is giving you an error about files missing from STAGEDIR, right? We should be able to fix this by marking them as only existing in certain arches. I haven't had to do this before, but I'm pretty sure I've seen it in a couple other ports. If you can paste your error here I can propose a pkg-plist change for you to apply. -- Mark Felder ports-secteam & portmgr member f...@freebsd.org ___ freebsd-mono@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-mono To unsubscribe, send any mail to "freebsd-mono-unsubscr...@freebsd.org"
Re: Mono on PowerPC64
On Sun, Oct 7, 2018, at 16:51, Curtis Hamilton wrote: > I'm working to get the current Mono release to build on PowerPC64 (64-bit). > > I wanted to check if anyone has experience with building Mono on non-X86 > platforms. I'm sure that no one has build Mono on FreeBSD/PowerPC > because there is an error in "mono/utils/mono-sigcontext.h" that > prevents Mono from building, 32-bit. The code in question is: > Justin Hibbits did this work in the past, IIRC, but he hasn't worked on PPC/PPC64 mono in several years. -- Mark Felder ports-secteam & portmgr member f...@freebsd.org ___ freebsd-mono@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-mono To unsubscribe, send any mail to "freebsd-mono-unsubscr...@freebsd.org"
Re: Adding DEFAULT_VERSIONS support to mono.mk, mono 5.18 and 5.20
Hey all, what do we think about this proposed change? On Fri, Apr 12, 2019, at 17:18, Phillip R. Jaenke wrote: > I'm hoping that I can enlist the assistance of the mono@ folks with > this, since this is outside of the realm of the Mono folks. ;) > > So allow me to start off with the good news: > I have ported Mono 5.18 to FreeBSD already, and it's more or less ready > to go in. Better still, non-upstreamed patches have been slashed from 12 > in mono 5.10 to 4, with 3 of those already accepted and integrated > upstream (they are not in 5.18.0.240 though.) Full validation testing > was performed successfully on i386 and amd64 for 11.2 and 12.0 as well. > Mono 5.20 was released yesterday and contains a number of fixes for > building and running on FreeBSD (hurrah!) I expect to be able to have > that done tomorrow evening or Sunday. > > Now the problem: in order to use this, mono needs to speak > DEFAULT_VERSIONS. I've been trying for quite some time to get this > working without breaking NuGet but frankly, I'm stumped, and I just > can't get it to work in Uses/mono.mk. So I was hoping I could enlist > your help to get DEFAULT_VERSIONS for mono and make some changes to > support them. It is especially important to get newer versions of Mono > in since 5.10 doesn't have TLS1.2 support without btls. > > The proposed changes would be to add the DEFAULT_VERSIONS support, and > then adjust ports as follows: > DEFAULT_VERSIONS+=mono=5.10 > lang/mono -> RENAME to lang/mono5.10 > lang/mono5.18 -> New port (ready) > lang/mono5.20 -> New port (ready within a day or two) > > Thanks! > > -Phillip R. Jaenke | p...@rootwyrm.com > -- Mark Felder ports-secteam & portmgr member f...@freebsd.org ___ freebsd-mono@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-mono To unsubscribe, send any mail to "freebsd-mono-unsubscr...@freebsd.org"