build.zig: update for 3.8.2

Something that I completely do not understand happened here, and I also
can't figure out how it broke. The previous two versions have included
the installed copy of the architecture conf header with no problems.
However, the 3.8.2 build fails, complaining it can't find
openssl/opensslconf.h, and there's no obvious reason why, since the
includes appear to happen the same way in the source as before. I've
temporarily worked around this issue by making the build system
manually copy the platform header around inside the source tree, but
this really shouldn't be necessary. There must be something else in
the include machinery that changed, but this was a patch release with
very minor changes to the portability layer. There were no build
system changes I can see that would cause this. It's possible the
cause may be revealed by looking at the BSD source differences, but
this is truly baffling to me because it seems like it should be 100% a
build system issue. The source tree should not mysteriously be able to
break the compiler's include path!

Of course, it's also entirely possible that the previous versions don't
work at all the way I thought they did. But let's actually pretend I'm
perfect and that's not possible.

README.md

@@ -4,13 +4,13 @@ This is a somewhat hacky port of the LibreSSL build system to Zig. It builds Lib
 
 Notes:
 
-1. In order for this to work, `.\update.sh` must have first been run to bring in the LibreSSL OpenBSD sources. (Or, if you trust me, you may use the `zig-3.8.2` branch which has the upstream sources committed to the repository, for ease of use with the Zig package manager).
+1. In order for this to work, `.\update.sh` must have first been run to bring in the LibreSSL OpenBSD sources. (Or, if you trust me, you may use the `zig-3.8.1` branch which has the upstream sources committed to the repository, for ease of use with the Zig package manager).
 
 2. I don't know if this causes LibreSSL to be compiled in a way that Compromises Its Cryptographic Integrity. Hopefully it is not even possible to do such a thing in the first place. But I am not an expert, and I ain't looking to port the tests.
 
 3. This does not (currently) compile the assembly routines, only the C versions, which may cause reduced performance on some platforms.
 
-4. Only the "big 3" platforms are supported (namely: macOS, Linux, and Windows). Native and cross-compilation appears to work on modern versions of all three, but this has not been exhaustively tested.
+4. Only the "big 3" platforms are supported (namely: macOS, Linux, and Windows), and they may be poorly supported, at that. I can cross compile to them from my computer but I have not tried natively compiling on all platforms.
 
 5. Why LibreSSL? It has a CMake-based build system rather than the insane hand-rolled perl mess that OpenSSL does, so it was very straightforward to follow the build process for the purposes of porting it. In theory, its OpenSSL compatibility layer makes it possible to use with a variety of other programs that want to link OpenSSL.
 

build.zig

@@ -5,12 +5,11 @@ const LibreSslBuildOptions = struct {
     libcrypto_name: []const u8 = "crypto",
     libssl_name: []const u8 = "ssl",
     libtls_name: []const u8 = "tls",
-    target: std.Build.ResolvedTarget,
+    target: std.zig.CrossTarget,
     optimize: std.builtin.OptimizeMode,
 };
 
 const LibreSslLibs = struct {
-    target: std.Build.ResolvedTarget,
     libcrypto: *std.Build.Step.Compile,
     libssl: *std.Build.Step.Compile,
     libtls: *std.Build.Step.Compile,
@@ -39,19 +38,13 @@ const LibreSslLibs = struct {
         b.installArtifact(self.libtls);
     }
 
-    pub fn installHeader(self: LibreSslLibs, source: std.Build.LazyPath, dest: []const u8) void {
-        self.libcrypto.installHeader(source, dest);
-        self.libssl.installHeader(source, dest);
-        self.libtls.installHeader(source, dest);
-    }
-
     pub fn header_search(
         self: LibreSslLibs,
         b: *std.Build,
         base: []const u8,
         skiplist: []const SkipSpec,
     ) !void {
-        const dir = try b.build_root.handle.openDir(base, .{ .iterate = true });
+        const dir = try b.build_root.handle.openIterableDir(base, .{});
         var walker = try dir.walk(b.allocator);
         defer walker.deinit();
 
@@ -64,20 +57,29 @@ const LibreSslLibs = struct {
             }
 
             if (std.mem.endsWith(u8, child.basename, ".h")) {
-                const full = b.pathJoin(&.{ base, child.path });
-                const path = b.path(full);
-                self.installHeader(path, child.path);
+                const full = try std.mem.concat(b.allocator, u8, &.{ base, child.path });
+                defer b.allocator.free(full);
+
+                self.libcrypto.installHeader(full, child.path);
+                self.libssl.installHeader(full, child.path);
+                self.libtls.installHeader(full, child.path);
             }
         }
     }
 };
 
+// TODO: this doesn't get cached, so it runs on every single build, which kind of sucks.
+// Also it won't work on windows.
+pub fn patchLibresslCompat(b: *std.Build) !void {
+    var child = std.ChildProcess.init(&.{ "/bin/sh", "update.sh" }, b.allocator);
+    _ = try child.spawnAndWait();
+}
+
 pub fn libresslBuild(
     b: *std.Build,
     options: LibreSslBuildOptions,
 ) !LibreSslLibs {
     const libressl_libs: LibreSslLibs = .{
-        .target = options.target,
         .libcrypto = b.addStaticLibrary(.{
             .name = options.libcrypto_name,
             .target = options.target,
@@ -99,7 +101,7 @@ pub fn libresslBuild(
 
     libressl_libs.linkLibC();
 
-    const tinfo = libressl_libs.target.result;
+    const tinfo = libressl_libs.libcrypto.target_info.target;
 
     const common_cflags = [_][]const u8{
         "-fno-sanitize=undefined",
@@ -111,13 +113,13 @@ pub fn libresslBuild(
         else => &common_cflags,
     };
 
-    libressl_libs.libcrypto.addCSourceFiles(.{ .files = &libcrypto_sources, .flags = cflags });
-    libressl_libs.libcrypto.addCSourceFiles(.{ .files = &libcrypto_nonasm, .flags = cflags });
-    libressl_libs.libcrypto.addCSourceFiles(.{ .files = &libcrypto_nonasm_or_armv4, .flags = cflags });
+    libressl_libs.libcrypto.addCSourceFiles(&libcrypto_sources, cflags);
+    libressl_libs.libcrypto.addCSourceFiles(&libcrypto_nonasm, cflags);
+    libressl_libs.libcrypto.addCSourceFiles(&libcrypto_nonasm_or_armv4, cflags);
 
-    libressl_libs.libssl.addCSourceFiles(.{ .files = &libssl_sources, .flags = cflags });
+    libressl_libs.libssl.addCSourceFiles(&libssl_sources, cflags);
 
-    libressl_libs.libtls.addCSourceFiles(.{ .files = &libtls_sources, .flags = cflags });
+    libressl_libs.libtls.addCSourceFiles(&libtls_sources, cflags);
 
     libressl_libs.defineCMacro("LIBRESSL_INTERNAL", null);
     libressl_libs.defineCMacro("OPENSSL_NO_HW_PADLOCK", null);
@@ -128,8 +130,8 @@ pub fn libresslBuild(
 
     switch (tinfo.os.tag) {
         .macos => {
-            libressl_libs.libcrypto.addCSourceFiles(.{ .files = &libcrypto_unix_sources, .flags = cflags });
-            libressl_libs.libcrypto.addCSourceFiles(.{ .files = &libcrypto_macos_compat, .flags = cflags });
+            libressl_libs.libcrypto.addCSourceFiles(&libcrypto_unix_sources, cflags);
+            libressl_libs.libcrypto.addCSourceFiles(&libcrypto_macos_compat, cflags);
 
             libressl_libs.defineCMacro("HAVE_CLOCK_GETTIME", null);
             libressl_libs.defineCMacro("HAVE_ASPRINTF", null);
@@ -152,8 +154,8 @@ pub fn libresslBuild(
             libressl_libs.defineCMacro("HAVE_NETINET_IP_H", null);
         },
         .linux => {
-            libressl_libs.libcrypto.addCSourceFiles(.{ .files = &libcrypto_unix_sources, .flags = cflags });
-            libressl_libs.libcrypto.addCSourceFiles(.{ .files = &libcrypto_linux_compat, .flags = cflags });
+            libressl_libs.libcrypto.addCSourceFiles(&libcrypto_unix_sources, cflags);
+            libressl_libs.libcrypto.addCSourceFiles(&libcrypto_linux_compat, cflags);
 
             libressl_libs.defineCMacro("_DEFAULT_SOURCE", null);
             libressl_libs.defineCMacro("_BSD_SOURCE", null);
@@ -181,9 +183,9 @@ pub fn libresslBuild(
             libressl_libs.defineCMacro("HAVE_NETINET_IP_H", null);
 
             if (tinfo.abi.isGnu()) {
-                libressl_libs.libcrypto.addCSourceFiles(.{ .files = &libcrypto_linux_glibc_compat, .flags = cflags });
+                libressl_libs.libcrypto.addCSourceFiles(&libcrypto_linux_glibc_compat, cflags);
             } else if (tinfo.abi.isMusl()) {
-                libressl_libs.libcrypto.addCSourceFiles(.{ .files = &libcrypto_linux_musl_compat, .flags = cflags });
+                libressl_libs.libcrypto.addCSourceFiles(&libcrypto_linux_musl_compat, cflags);
 
                 libressl_libs.defineCMacro("HAVE_STRLCAT", null);
                 libressl_libs.defineCMacro("HAVE_STRLCPY", null);
@@ -193,9 +195,9 @@ pub fn libresslBuild(
             libressl_libs.linkSystemLibrary("pthread");
         },
         .windows => {
-            libressl_libs.libcrypto.addCSourceFiles(.{ .files = &libcrypto_windows_sources, .flags = cflags });
-            libressl_libs.libcrypto.addCSourceFiles(.{ .files = &libcrypto_windows_compat, .flags = cflags });
-            libressl_libs.libtls.addCSourceFiles(.{ .files = &libtls_windows_sources, .flags = cflags });
+            libressl_libs.libcrypto.addCSourceFiles(&libcrypto_windows_sources, cflags);
+            libressl_libs.libcrypto.addCSourceFiles(&libcrypto_windows_compat, cflags);
+            libressl_libs.libtls.addCSourceFiles(&libtls_windows_sources, cflags);
 
             if (tinfo.abi != .msvc) {
                 libressl_libs.defineCMacro("_GNU_SOURCE", null);
@@ -232,16 +234,25 @@ pub fn libresslBuild(
         else => @panic("unsupported target OS"),
     }
 
-    const conf_header = b.path(switch (tinfo.cpu.arch) {
+    const conf_header = switch (tinfo.cpu.arch) {
         .aarch64, .aarch64_be, .aarch64_32 => source_header_prefix ++ "arch/aarch64/opensslconf.h",
         .x86 => source_header_prefix ++ "arch/i386/opensslconf.h",
         .riscv64 => source_header_prefix ++ "arch/riscv64/opensslconf.h",
         .x86_64 => source_header_prefix ++ "arch/amd64/opensslconf.h",
 
         else => @panic("unsupported target CPU arch"),
-    });
+    };
 
-    libressl_libs.installHeader(conf_header, "openssl/opensslconf.h");
+    try b.build_root.handle.copyFile(
+        conf_header,
+        b.build_root.handle,
+        source_header_prefix ++ "openssl/opensslconf.h",
+        .{},
+    );
+
+    libressl_libs.libcrypto.installHeader(conf_header, "openssl/opensslconf.h");
+    libressl_libs.libssl.installHeader(conf_header, "openssl/opensslconf.h");
+    libressl_libs.libtls.installHeader(conf_header, "openssl/opensslconf.h");
 
     try libressl_libs.header_search(
         b,
@@ -254,15 +265,15 @@ pub fn libresslBuild(
     );
 
     for (libcrypto_include_paths) |path| {
-        libressl_libs.libcrypto.addIncludePath(b.path(path));
+        libressl_libs.libcrypto.addIncludePath(.{ .path = path });
     }
 
     for (libssl_include_paths) |path| {
-        libressl_libs.libssl.addIncludePath(b.path(path));
+        libressl_libs.libssl.addIncludePath(.{ .path = path });
     }
 
     for (libtls_include_paths) |path| {
-        libressl_libs.libtls.addIncludePath(b.path(path));
+        libressl_libs.libtls.addIncludePath(.{ .path = path });
     }
 
     switch (tinfo.cpu.arch) {
@@ -270,25 +281,21 @@ pub fn libresslBuild(
         .aarch64_be,
         .aarch64_32,
         => libressl_libs.libcrypto.addIncludePath(
-            b.path(libcrypto_src_prefix ++ "bn/arch/aarch64"),
+            .{ .path = libcrypto_src_prefix ++ "bn/arch/aarch64" },
         ),
         .x86 => libressl_libs.libcrypto.addIncludePath(
-            b.path(libcrypto_src_prefix ++ "bn/arch/i386"),
+            .{ .path = libcrypto_src_prefix ++ "bn/arch/i386" },
         ),
         .riscv64 => libressl_libs.libcrypto.addIncludePath(
-            b.path(libcrypto_src_prefix ++ "bn/arch/riscv64"),
+            .{ .path = libcrypto_src_prefix ++ "bn/arch/riscv64" },
         ),
         .x86_64 => libressl_libs.libcrypto.addIncludePath(
-            b.path(libcrypto_src_prefix ++ "bn/arch/amd64"),
+            .{ .path = libcrypto_src_prefix ++ "bn/arch/amd64" },
         ),
 
         else => @panic("unsupported target CPU arch"),
     }
 
-    const inctree = libressl_libs.libcrypto.getEmittedIncludeTree();
-    libressl_libs.libcrypto.step.dependOn(&libressl_libs.libcrypto.installed_headers_include_tree.?.step);
-    libressl_libs.libcrypto.addIncludePath(inctree);
-
     libressl_libs.libssl.linkLibrary(libressl_libs.libcrypto);
 
     // cmake builds libtls with libcrypto and libssl symbols jammed into it. However,
@@ -307,6 +314,7 @@ pub fn build(b: *std.Build) !void {
     const target = b.standardTargetOptions(.{});
     const optimize = b.standardOptimizeOption(.{});
 
+    // if (builtin.os.tag != .windows) try patchLibresslCompat(b);
     _ = try libresslBuild(b, .{ .target = target, .optimize = optimize });
 }
 
@@ -446,6 +454,48 @@ const libcrypto_windows_compat = [_][]const u8{
     libcrypto_src_prefix ++ "compat/timingsafe_memcmp.c",
 };
 
+// const libcrypto_compat_sources = [_][]const u8{
+//     libcrypto_src_prefix ++ "compat/bsd-asprintf.c",
+//     libcrypto_src_prefix ++ "compat/freezero.c",
+//     libcrypto_src_prefix ++ "compat/getpagesize.c",
+
+//     libcrypto_src_prefix ++ "compat/getprogname_windows.c",
+//     libcrypto_src_prefix ++ "compat/getprogname_linux.c",
+//     libcrypto_src_prefix ++ "compat/getprogname_unimpl.c",
+
+//     libcrypto_src_prefix ++ "compat/reallocarray.c",
+//     libcrypto_src_prefix ++ "compat/recallocarray.c",
+
+//     libcrypto_src_prefix ++ "compat/strcasecmp.c",
+//     libcrypto_src_prefix ++ "compat/strlcat.c",
+//     libcrypto_src_prefix ++ "compat/strlcpy.c",
+//     libcrypto_src_prefix ++ "compat/strndup.c",
+//     libcrypto_src_prefix ++ "compat/strnlen.c",
+//     libcrypto_src_prefix ++ "compat/strsep.c",
+//     libcrypto_src_prefix ++ "compat/strtonum.c",
+
+//     libcrypto_src_prefix ++ "compat/syslog_r.c",
+//     libcrypto_src_prefix ++ "compat/timegm.c",
+
+//     libcrypto_src_prefix ++ "compat/explicit_bzero_win.c",
+//     libcrypto_src_prefix ++ "compat/explicit_bzero.c",
+
+//     libcrypto_src_prefix ++ "compat/arc4random.c",
+//     libcrypto_src_prefix ++ "compat/arc4random_uniform.c",
+
+//     libcrypto_src_prefix ++ "compat/getentropy_win.c",
+//     libcrypto_src_prefix ++ "compat/getentropy_aix.c",
+//     libcrypto_src_prefix ++ "compat/getentropy_freebsd.c",
+//     libcrypto_src_prefix ++ "compat/getentropy_hpux.c",
+//     libcrypto_src_prefix ++ "compat/getentropy_linux.c",
+//     libcrypto_src_prefix ++ "compat/getentropy_netbsd.c",
+//     libcrypto_src_prefix ++ "compat/getentropy_osx.c",
+//     libcrypto_src_prefix ++ "compat/getentropy_solaris.c",
+
+//     libcrypto_src_prefix ++ "compat/timingsafe_bcmp.c",
+//     libcrypto_src_prefix ++ "compat/timingsafe_memcmp.c",
+// };
+
 const libcrypto_sources = [_][]const u8{
     libcrypto_src_prefix ++ "cpt_err.c",
     libcrypto_src_prefix ++ "cryptlib.c",