From a44893e979dc6e961cb952f8f0c80d94bfc79646 Mon Sep 17 00:00:00 2001
From: Ronald Y <knyipab@gmail.com>
Date: Mon, 16 Sep 2024 08:45:56 +0800
Subject: [PATCH] moved from termux-packages: openssl-1.1

---
 .../Configurations-15-android.conf.patch      | 47 +++++++++++
 tur/openssl-1.1/apps-ocsp.c.patch             | 11 +++
 tur/openssl-1.1/build.sh                      | 77 +++++++++++++++++++
 tur/openssl-1.1/e_os.h.patch                  | 12 +++
 tur/openssl-1.1/openssl1.1-tool.subpackage.sh |  2 +
 5 files changed, 149 insertions(+)
 create mode 100644 tur/openssl-1.1/Configurations-15-android.conf.patch
 create mode 100644 tur/openssl-1.1/apps-ocsp.c.patch
 create mode 100644 tur/openssl-1.1/build.sh
 create mode 100644 tur/openssl-1.1/e_os.h.patch
 create mode 100644 tur/openssl-1.1/openssl1.1-tool.subpackage.sh

diff --git a/tur/openssl-1.1/Configurations-15-android.conf.patch b/tur/openssl-1.1/Configurations-15-android.conf.patch
new file mode 100644
index 000000000..cabdfa800
--- /dev/null
+++ b/tur/openssl-1.1/Configurations-15-android.conf.patch
@@ -0,0 +1,47 @@
+diff -u -r ../openssl-1.1.1-pre9/Configurations/15-android.conf ./Configurations/15-android.conf
+--- ../openssl-1.1.1-pre9/Configurations/15-android.conf	2018-08-21 12:14:11.000000000 +0000
++++ ./Configurations/15-android.conf	2018-08-22 09:48:30.506584421 +0000
+@@ -130,10 +130,10 @@
+         # systems are perfectly capable of executing binaries targeting
+         # Froyo. Keep in mind that in the nutshell Android builds are
+         # about JNI, i.e. shared libraries, not applications.
+-        cflags           => add(sub { android_ndk()->{cflags} }),
+-        cppflags         => add(sub { android_ndk()->{cppflags} }),
+-        cxxflags         => add(sub { android_ndk()->{cflags} }),
+-        bn_ops           => sub { android_ndk()->{bn_ops} },
++        #cflags           => add(sub { android_ndk()->{cflags} }),
++        #cppflags         => add(sub { android_ndk()->{cppflags} }),
++        #cxxflags         => add(sub { android_ndk()->{cflags} }),
++        #bn_ops           => sub { android_ndk()->{bn_ops} },
+         bin_cflags       => "-pie",
+         enable           => [ ],
+     },
+@@ -166,11 +166,11 @@
+         # Newer NDK versions reportedly require additional -latomic.
+         #
+         inherit_from     => [ "android", asm("armv4_asm") ],
+-        bn_ops           => add("RC4_CHAR"),
++        bn_ops           => "BN_LLONG RC4_CHAR",
+     },
+     "android-arm64" => {
+         inherit_from     => [ "android", asm("aarch64_asm") ],
+-        bn_ops           => add("RC4_CHAR"),
++        bn_ops           => "SIXTY_FOUR_BIT_LONG RC4_CHAR",
+         perlasm_scheme   => "linux64",
+     },
+ 
+@@ -197,12 +197,12 @@
+     "android-x86" => {
+         inherit_from     => [ "android", asm("x86_asm") ],
+         CFLAGS           => add(picker(release => "-fomit-frame-pointer")),
+-        bn_ops           => add("RC4_INT"),
++        bn_ops           => "BN_LLONG RC4_INT",
+         perlasm_scheme   => "android",
+     },
+     "android-x86_64" => {
+         inherit_from     => [ "android", asm("x86_64_asm") ],
+-        bn_ops           => add("RC4_INT"),
++        bn_ops           => "SIXTY_FOUR_BIT_LONG RC4_INT",
+         perlasm_scheme   => "elf",
+     },
+ 
diff --git a/tur/openssl-1.1/apps-ocsp.c.patch b/tur/openssl-1.1/apps-ocsp.c.patch
new file mode 100644
index 000000000..26046c324
--- /dev/null
+++ b/tur/openssl-1.1/apps-ocsp.c.patch
@@ -0,0 +1,11 @@
+diff -u -r ../openssl-1.1.1g/apps/ocsp.c ./apps/ocsp.c
+--- ../openssl-1.1.1g/apps/ocsp.c	2020-04-21 12:22:39.000000000 +0000
++++ ./apps/ocsp.c	2020-04-28 22:42:57.312189000 +0000
+@@ -48,6 +48,7 @@
+ #endif
+ 
+ #if !defined(NO_FORK) && !defined(OPENSSL_NO_SOCK) \
++     && !defined(__ANDROID__) \
+      && !defined(OPENSSL_NO_POSIX_IO)
+ # define OCSP_DAEMON
+ # include <sys/types.h>
diff --git a/tur/openssl-1.1/build.sh b/tur/openssl-1.1/build.sh
new file mode 100644
index 000000000..26a75fd2f
--- /dev/null
+++ b/tur/openssl-1.1/build.sh
@@ -0,0 +1,77 @@
+TERMUX_PKG_HOMEPAGE=https://www.openssl.org/
+TERMUX_PKG_DESCRIPTION="Library implementing the SSL and TLS protocols as well as general purpose cryptography functions"
+TERMUX_PKG_LICENSE="custom"
+TERMUX_PKG_LICENSE_FILE="LICENSE"
+TERMUX_PKG_MAINTAINER="@termux"
+_VERSION=1.1.1w
+TERMUX_PKG_VERSION=1:${_VERSION}
+TERMUX_PKG_SRCURL=https://www.openssl.org/source/openssl-${_VERSION/\~/-}.tar.gz
+TERMUX_PKG_SHA256=cf3098950cb4d853ad95c0841f1f9c6d3dc102dccfcacd521d93925208b76ac8
+TERMUX_PKG_AUTO_UPDATE=false
+TERMUX_PKG_DEPENDS="ca-certificates, zlib"
+TERMUX_PKG_CONFFILES="etc/tls/openssl.cnf"
+TERMUX_PKG_RM_AFTER_INSTALL="bin/c_rehash etc/"
+TERMUX_PKG_BUILD_IN_SRC=true
+TERMUX_PKG_CONFLICTS="libcurl (<< 7.61.0-1)"
+TERMUX_PKG_BREAKS="openssl (<< 1.1.1m)"
+TERMUX_PKG_REPLACES="openssl (<< 1.1.1m)"
+
+termux_step_pre_configure() {
+	test -d $TERMUX_PREFIX/include/openssl && mv $TERMUX_PREFIX/include/openssl{,.tmp} || :
+	LDFLAGS="-L$TERMUX_PREFIX/lib/openssl-1.1 -Wl,-rpath=$TERMUX_PREFIX/lib/openssl-1.1 $LDFLAGS"
+}
+
+termux_step_configure() {
+	# Certain packages are not safe to build on device because their
+	# build.sh script deletes specific files in $TERMUX_PREFIX.
+	if $TERMUX_ON_DEVICE_BUILD; then
+		termux_error_exit "Package '$TERMUX_PKG_NAME' is not safe for on-device builds."
+	fi
+
+	CFLAGS+=" -DNO_SYSLOG"
+
+	perl -p -i -e "s@TERMUX_CFLAGS@$CFLAGS@g" Configure
+	test $TERMUX_ARCH = "arm" && TERMUX_OPENSSL_PLATFORM="android-arm"
+	test $TERMUX_ARCH = "aarch64" && TERMUX_OPENSSL_PLATFORM="android-arm64"
+	test $TERMUX_ARCH = "i686" && TERMUX_OPENSSL_PLATFORM="android-x86"
+	test $TERMUX_ARCH = "x86_64" && TERMUX_OPENSSL_PLATFORM="android-x86_64"
+
+	install -m755 -d $TERMUX_PREFIX/lib/openssl-1.1
+
+	./Configure $TERMUX_OPENSSL_PLATFORM \
+		--prefix=$TERMUX_PREFIX \
+		--openssldir=$TERMUX_PREFIX/etc/tls \
+		--libdir=$TERMUX_PREFIX/lib/openssl-1.1 \
+		shared \
+		zlib-dynamic \
+		no-ssl \
+		no-hw \
+		no-srp \
+		no-tests
+}
+
+termux_step_make() {
+	make depend
+	make -j $TERMUX_PKG_MAKE_PROCESSES all
+}
+
+termux_step_make_install() {
+	# "install_sw" instead of "install" to not install man pages:
+	make -j 1 install_sw MANDIR=$TERMUX_PREFIX/share/man MANSUFFIX=.ssl
+
+	mkdir -p $TERMUX_PREFIX/etc/tls/
+
+	cp apps/openssl.cnf $TERMUX_PREFIX/etc/tls/openssl.cnf
+
+	install -m755 -d $TERMUX_PREFIX/include/openssl-1.1
+	mv $TERMUX_PREFIX/include/openssl $TERMUX_PREFIX/include/openssl-1.1/
+	mv $TERMUX_PREFIX/bin/openssl $TERMUX_PREFIX/bin/openssl-1.1
+}
+
+termux_step_post_make_install() {
+	test -d $TERMUX_PREFIX/include/openssl.tmp && mv $TERMUX_PREFIX/include/openssl{.tmp,} || :
+}
+
+termux_step_post_massage() {
+	rm -rf include/openssl
+}
diff --git a/tur/openssl-1.1/e_os.h.patch b/tur/openssl-1.1/e_os.h.patch
new file mode 100644
index 000000000..26ee3d7a1
--- /dev/null
+++ b/tur/openssl-1.1/e_os.h.patch
@@ -0,0 +1,12 @@
+diff -u -r ../openssl-1.1.1c/e_os.h ./e_os.h
+--- ../openssl-1.1.1c/e_os.h	2019-05-28 13:12:21.000000000 +0000
++++ ./e_os.h	2019-05-29 20:59:46.153243395 +0000
+@@ -38,7 +38,7 @@
+  * sockets will be tried in the order listed in case accessing the device
+  * files listed in DEVRANDOM did not return enough randomness.
+  */
+-#  define DEVRANDOM_EGD "/var/run/egd-pool", "/dev/egd-pool", "/etc/egd-pool", "/etc/entropy"
++#  define DEVRANDOM_EGD "@TERMUX_PREFIX@/var/run/egd-pool", "/dev/egd-pool", "@TERMUX_PREFIX@/etc/egd-pool", "@TERMUX_PREFIX@/etc/entropy"
+ # endif
+ 
+ # if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)
diff --git a/tur/openssl-1.1/openssl1.1-tool.subpackage.sh b/tur/openssl-1.1/openssl1.1-tool.subpackage.sh
new file mode 100644
index 000000000..af673bb66
--- /dev/null
+++ b/tur/openssl-1.1/openssl1.1-tool.subpackage.sh
@@ -0,0 +1,2 @@
+TERMUX_SUBPKG_INCLUDE="bin"
+TERMUX_SUBPKG_DESCRIPTION="The openssl command line cryptographic tool"