git: 8f6099e035f3 - main - security/mbedtls: Update to 2.28.7

From: Daniel Engberg <diizzy_at_FreeBSD.org>
Date: Sat, 03 Feb 2024 04:21:52 UTC 
The branch main has been updated by diizzy:

URL: https://cgit.FreeBSD.org/ports/commit/?id=8f6099e035f385631915063e8ed5e34d581b5d2a

commit 8f6099e035f385631915063e8ed5e34d581b5d2a
Author:     Daniel Engberg <diizzy@FreeBSD.org>
AuthorDate: 2024-02-03 04:09:25 +0000
Commit:     Daniel Engberg <diizzy@FreeBSD.org>
CommitDate: 2024-02-03 04:21:48 +0000

    security/mbedtls: Update to 2.28.7
    
    - Switch to CMake, this is more inline with other distros and
      simplifies port
    - Modernize port to follow Porters Handbook more closely
    - Drop configuration patch and use upstream's supplied tool instead
    
    Changelog:
    https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.7
    
    PR:             276661
    Reviewed by:    tijl (maintainer)
---
 security/mbedtls/Makefile                          | 37 ++++++++++++----------
 security/mbedtls/distinfo                          |  6 ++--
 .../mbedtls/files/patch-include_mbedtls_config.h   | 29 -----------------
 security/mbedtls/pkg-plist                         | 17 +++-------
 4 files changed, 27 insertions(+), 62 deletions(-)

diff --git a/security/mbedtls/Makefile b/security/mbedtls/Makefile
index dd4c87fc05e1..925bfa3da98d 100644
--- a/security/mbedtls/Makefile
+++ b/security/mbedtls/Makefile
@@ -1,6 +1,6 @@
 PORTNAME=	mbedtls
-PORTVERSION=	2.28.6
 DISTVERSIONPREFIX=${PORTNAME}-
+DISTVERSION=	2.28.7
 CATEGORIES=	security devel
 
 MAINTAINER=	tijl@FreeBSD.org
@@ -11,30 +11,33 @@ LICENSE=	APACHE20 GPLv2+
 LICENSE_COMB=	dual
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
-USES=		gmake python:test shebangfix
+USES=		cmake:testing python:build,test shebangfix
 SHEBANG_FILES=	scripts/*.py tests/scripts/*.py
+USE_LDCONFIG=	yes
 
 USE_GITHUB=	yes
 GH_ACCOUNT=	Mbed-TLS
 
-ALL_TARGET=	no_test
-TEST_TARGET=	test
-MAKE_ENV=	PYTHON=${PYTHON_CMD} SHARED=1
-USE_LDCONFIG=	yes
+PORTSCOUT=	limit:^${DISTVERSION:R:S/./\./g}\.
+PLIST_SUB=	DISTVERSION=${DISTVERSION}
+
+CMAKE_TESTING_ON=	ENABLE_TESTING
 
-PORTSCOUT=	limit:^${PORTVERSION:R:S/./\./g}\.
+CMAKE_OFF=	ENABLE_TESTING
+CMAKE_ON=	CMAKE_BUILD_RPATH_USE_ORIGIN \
+		ENABLE_PROGRAMS \
+		ENABLE_ZLIB_SUPPORT \
+		LINK_WITH_PTHREAD \
+		USE_SHARED_MBEDTLS_LIBRARY
 
-post-patch:
-	@${RM} ${WRKSRC}/include/mbedtls/*.orig
-	@${REINPLACE_CMD} \
-		-e 's/PREFIX/NAMEPREFIX/' \
-		-e 's/$$(DESTDIR)/&$$(PREFIX)/' \
-		${WRKSRC}/Makefile
-	@${REINPLACE_CMD} 's/-fpic//' ${WRKSRC}/library/Makefile
+pre-configure:
+	@${WRKSRC}/scripts/config.py -f ${WRKSRC}/include/mbedtls/config.h set MBEDTLS_SSL_DTLS_SRTP
+	@${WRKSRC}/scripts/config.py -f ${WRKSRC}/include/mbedtls/config.h set MBEDTLS_THREADING_C
+	@${WRKSRC}/scripts/config.py -f ${WRKSRC}/include/mbedtls/config.h set MBEDTLS_THREADING_PTHREAD
 
 post-install:
-	${FIND} ${STAGEDIR}${PREFIX}/bin -type f -not -name \*.sh \
-		-exec ${STRIP_CMD} {} +
-	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/*.so
+	@cd ${STAGEDIR}${PREFIX}/bin && for f in *; do \
+		${MV} "$$f" "mbedtls_$$f"; \
+	done
 
 .include <bsd.port.mk>
diff --git a/security/mbedtls/distinfo b/security/mbedtls/distinfo
index 5e03bfd1cd4a..b52fa7e7ad9b 100644
--- a/security/mbedtls/distinfo
+++ b/security/mbedtls/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1699528221
-SHA256 (Mbed-TLS-mbedtls-mbedtls-2.28.6_GH0.tar.gz) = 18cac49f4efef7269d233972bb09c57ace40d992229fa49804e7b10cf0debe43
-SIZE (Mbed-TLS-mbedtls-mbedtls-2.28.6_GH0.tar.gz) = 3988909
+TIMESTAMP = 1706348469
+SHA256 (Mbed-TLS-mbedtls-mbedtls-2.28.7_GH0.tar.gz) = 4390bc4ab1ea9a1ddf3725f540d0f80838c656d1d7987a1cee8b4da43e4571de
+SIZE (Mbed-TLS-mbedtls-mbedtls-2.28.7_GH0.tar.gz) = 3990571
diff --git a/security/mbedtls/files/patch-include_mbedtls_config.h b/security/mbedtls/files/patch-include_mbedtls_config.h
deleted file mode 100644
index fa23d72d7946..000000000000
--- a/security/mbedtls/files/patch-include_mbedtls_config.h
+++ /dev/null
@@ -1,29 +0,0 @@
---- include/mbedtls/config.h.orig	2021-12-15 13:47:54 UTC
-+++ include/mbedtls/config.h
-@@ -1946,7 +1946,7 @@
-  *
-  * Uncomment this to enable support for use_srtp extension.
-  */
--//#define MBEDTLS_SSL_DTLS_SRTP
-+#define MBEDTLS_SSL_DTLS_SRTP
- 
- /**
-  * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
-@@ -2129,7 +2129,7 @@
-  *
-  * Uncomment this to enable pthread mutexes.
-  */
--//#define MBEDTLS_THREADING_PTHREAD
-+#define MBEDTLS_THREADING_PTHREAD
- 
- /**
-  * \def MBEDTLS_USE_PSA_CRYPTO
-@@ -3452,7 +3452,7 @@
-  *
-  * Enable this layer to allow use of mutexes within mbed TLS
-  */
--//#define MBEDTLS_THREADING_C
-+#define MBEDTLS_THREADING_C
- 
- /**
-  * \def MBEDTLS_TIMING_C
diff --git a/security/mbedtls/pkg-plist b/security/mbedtls/pkg-plist
index f98edaf834e3..2a3e902aae56 100644
--- a/security/mbedtls/pkg-plist
+++ b/security/mbedtls/pkg-plist
@@ -8,26 +8,14 @@ bin/mbedtls_crypto_examples
 bin/mbedtls_dh_client
 bin/mbedtls_dh_genprime
 bin/mbedtls_dh_server
-bin/mbedtls_dlopen
-bin/mbedtls_dlopen_demo.sh
 bin/mbedtls_dtls_client
 bin/mbedtls_dtls_server
 bin/mbedtls_ecdh_curve25519
 bin/mbedtls_ecdsa
-bin/mbedtls_fuzz_client
-bin/mbedtls_fuzz_dtlsclient
-bin/mbedtls_fuzz_dtlsserver
-bin/mbedtls_fuzz_privkey
-bin/mbedtls_fuzz_pubkey
-bin/mbedtls_fuzz_server
-bin/mbedtls_fuzz_x509crl
-bin/mbedtls_fuzz_x509crt
-bin/mbedtls_fuzz_x509csr
 bin/mbedtls_gen_entropy
 bin/mbedtls_gen_key
 bin/mbedtls_gen_random_ctr_drbg
 bin/mbedtls_gen_random_havege
-bin/mbedtls_generate_cpp_dummy_build.sh
 bin/mbedtls_generic_sum
 bin/mbedtls_hello
 bin/mbedtls_key_app
@@ -43,6 +31,7 @@ bin/mbedtls_pk_encrypt
 bin/mbedtls_pk_sign
 bin/mbedtls_pk_verify
 bin/mbedtls_psa_constant_names
+bin/mbedtls_ssl_pthread_server
 bin/mbedtls_query_compile_time_config
 bin/mbedtls_req_app
 bin/mbedtls_rsa_decrypt
@@ -62,7 +51,6 @@ bin/mbedtls_ssl_server
 bin/mbedtls_ssl_server2
 bin/mbedtls_strerror
 bin/mbedtls_udp_proxy
-bin/mbedtls_udp_proxy_wrapper.sh
 bin/mbedtls_zeroize
 include/mbedtls/aes.h
 include/mbedtls/aesni.h
@@ -162,10 +150,13 @@ include/psa/crypto_types.h
 include/psa/crypto_values.h
 lib/libmbedcrypto.a
 lib/libmbedcrypto.so
+lib/libmbedcrypto.so.%%DISTVERSION%%
 lib/libmbedcrypto.so.7
 lib/libmbedtls.a
 lib/libmbedtls.so
 lib/libmbedtls.so.14
+lib/libmbedtls.so.%%DISTVERSION%%
 lib/libmbedx509.a
 lib/libmbedx509.so
 lib/libmbedx509.so.1
+lib/libmbedx509.so.%%DISTVERSION%%