On Fri, Jun 26, 2026 at 05:47:45AM +0000, Lucas Raab wrote: > Hello, > > Here's a proposed diff to build sqlcipher against OpenSSL 3.5 for > MAC_EVP API support. I was working through an update for > net/flare-messenger and a recent change there brings in a vendored > BoringSSL version. The vendored copy of sqlcipher in libsqlite3-sys > wants to compile against OpenSSL supporting MAC_EVP which conflicts with > BoringSSL when linking. > > Following FreeBSD's approach, libsqlite3-sys/presage/rusqlite can use an > external version of sqlcipher which allows the flare update to build and > link as expected. For the benefit of the others, here's what lraab and I discussed in the hackroom. For this to work, you need to remove MODCARGO_CRATES_KEEP=libsqlite3-sys from flare-messenger. Thankfully bket figured out a fix for this ugly workaround a while back. This makes the wip update build and package, and if it works, that is the proper fix for the flare-messenger update. At worst we need to port the sqlcipher patch to flare-messenger. We should not switch sqlcipher to openssl/3 because this is dangerous for kmymoney. We can just keep the patch for HMAC. So ok tb for the below diff if it's good enough for the desired goal. Only a minor bump since both features simply add symbols. diff --git a/databases/sqlcipher/Makefile b/databases/sqlcipher/Makefile index dab6e29e7c..417a196fa0 100644 --- a/databases/sqlcipher/Makefile +++ b/databases/sqlcipher/Makefile @@ -3,8 +3,9 @@ GH_ACCOUNT= sqlcipher GH_PROJECT= sqlcipher GH_TAGNAME= v4.16.0 +REVISION = 0 -SHARED_LIBS += sqlcipher 3.3 +SHARED_LIBS += sqlcipher 3.4 CATEGORIES= databases @@ -38,7 +39,9 @@ CFLAGS+= -DOMIT_MEMLOCK \ -DSQLITE_EXTRA_INIT=sqlcipher_extra_init \ -DSQLITE_EXTRA_SHUTDOWN=sqlcipher_extra_shutdown \ - -DSQLITE_HAS_CODEC + -DSQLITE_HAS_CODEC \ + -DSQLITE_ENABLE_COLUMN_METADATA \ + -DSQLITE_ENABLE_UNLOCK_NOTIFY \ LDFLAGS+= -lcrypto
No comments:
Post a Comment