rebuild (against pkgconf-2.1.1) for F40+

Disable bootstrap for rebuild.

 * build2.spec: disable bootstrap

bpkg-openssl-v3.2.0-stdin-warn.patch

@@ -0,0 +1,227 @@
+From 40bb034f57cf37c1cbdcef337733507c230c6004 Mon Sep 17 00:00:00 2001
+From: Karen Arutyunov <karen@codesynthesis.com>
+Date: Tue, 23 Apr 2024 12:25:33 +0300
+Subject: Suppress the 'reading certificate from stdin' openssl warning on
+ POSIX systems in bpkg-fetch
+
+---
+ bpkg/auth.cxx | 137 ++++++++++++++++++++++++++++++++++++++--------------------
+ 1 file changed, 89 insertions(+), 48 deletions(-)
+
+diff --git a/bpkg/auth.cxx b/bpkg/auth.cxx
+index 663054d..191da0a 100644
+--- a/bpkg/auth.cxx
++++ b/bpkg/auth.cxx
+@@ -23,15 +23,15 @@ using namespace butl;
+ 
+ namespace bpkg
+ {
+-  static const string openssl_version ("version");
+-  static const string openssl_pkeyutl ("pkeyutl");
+-  static const string openssl_rsautl  ("rsautl");
+-  static const string openssl_x509    ("x509");
+-
+-  const char* openssl_commands[5] = {openssl_version.c_str (),
+-                                     openssl_pkeyutl.c_str (),
+-                                     openssl_rsautl.c_str (),
+-                                     openssl_x509.c_str (),
++  static const string openssl_version_cmd ("version");
++  static const string openssl_pkeyutl_cmd ("pkeyutl");
++  static const string openssl_rsautl_cmd  ("rsautl");
++  static const string openssl_x509_cmd    ("x509");
++
++  const char* openssl_commands[5] = {openssl_version_cmd.c_str (),
++                                     openssl_pkeyutl_cmd.c_str (),
++                                     openssl_rsautl_cmd.c_str (),
++                                     openssl_x509_cmd.c_str (),
+                                      nullptr};
+ 
+   // Print process command line.
+@@ -43,9 +43,42 @@ namespace bpkg
+       print_process (args, n);
+   }
+ 
++  // Query the openssl information and return the openssl version. Cache the
++  // version on the first function call. Fail on the underlying process and IO
++  // error. Return the 0.0.0 version if unable to parse the openssl stdout.
++  //
++  static optional<semantic_version> openssl_ver;
++
++  static const semantic_version&
++  openssl_version (const common_options& co)
++  {
++    const path& openssl_path (co.openssl ()[openssl_version_cmd]);
++
++    if (!openssl_ver)
++    try
++    {
++      optional<openssl_info> oi (
++        openssl::info (print_command, 2, openssl_path));
++
++      openssl_ver = (oi && oi->name == "OpenSSL"
++                     ? move (oi->version)
++                     : semantic_version ());
++    }
++    catch (const process_error& e)
++    {
++      fail << "unable to execute " << openssl_path << ": " << e << endf;
++    }
++    catch (const io_error& e)
++    {
++      fail << "unable to read '" << openssl_path << "' output: " << e
++           << endf;
++    }
++
++    return *openssl_ver;
++  }
++
+   // Return true if the openssl version is greater or equal to 3.0.0 and so
+-  // pkeyutl needs to be used instead of rsautl. Cache the result on the first
+-  // function call.
++  // pkeyutl needs to be used instead of rsautl.
+   //
+   // Note that openssl 3.0.0 deprecates rsautl in favor of pkeyutl.
+   //
+@@ -54,37 +87,28 @@ namespace bpkg
+   // (see the 'pkeyutl -verifyrecover error "input data too long to be a
+   // hash"' issue report for details).
+   //
+-  static optional<bool> use_pkeyutl;
+-
+-  static bool
++  static inline bool
+   use_openssl_pkeyutl (const common_options& co)
+   {
+-    if (!use_pkeyutl)
+-    {
+-      const path& openssl_path (co.openssl ()[openssl_version]);
+-
+-      try
+-      {
+-        optional<openssl_info> oi (
+-          openssl::info (print_command, 2, openssl_path));
+-
+-        use_pkeyutl = oi                    &&
+-                      oi->name == "OpenSSL" &&
+-                      oi->version >= semantic_version {3, 0, 0};
+-      }
+-      catch (const process_error& e)
+-      {
+-        fail << "unable to execute " << openssl_path << ": " << e << endf;
+-      }
+-      catch (const io_error& e)
+-      {
+-        fail << "unable to read '" << openssl_path << "' output: " << e
+-             << endf;
+-      }
+-    }
++    return openssl_version (co) >= semantic_version {3, 0, 0};
++  }
+ 
+-    return *use_pkeyutl;
++  // Return true if some openssl commands (openssl x509 -fingerprint, etc) may
++  // issue the 'Reading certificate from stdin since no -in or -new option is
++  // given' warning. This is the case for the openssl version in the [3.2.0
++  // 3.3.0) range (see GH issue #353 for details).
++  //
++  // Note that there is no easy way to suppress this warning on Windows and
++  // thus we don't define this function there.
++  //
++#ifndef _WIN32
++  static inline bool
++  openssl_warn_stdin (const common_options& co)
++  {
++    const semantic_version& v (openssl_version (co));
++    return v >= semantic_version {3, 2, 0} && v < semantic_version {3, 3, 0};
+   }
++#endif
+ 
+   // Find the repository location prefix that ends with the version component.
+   // We consider all repositories under this location to be related.
+@@ -190,15 +214,25 @@ namespace bpkg
+         dr << ": " << *e;
+     };
+ 
+-    const path& openssl_path (co.openssl ()[openssl_x509]);
+-    const strings& openssl_opts (co.openssl_option ()[openssl_x509]);
++    const path& openssl_path (co.openssl ()[openssl_x509_cmd]);
++    const strings& openssl_opts (co.openssl_option ()[openssl_x509_cmd]);
+ 
+     try
+     {
+       openssl os (print_command,
+                   fdstream_mode::text, fdstream_mode::text, 2,
+-                  openssl_path, openssl_x509,
+-                  openssl_opts, "-sha256", "-noout", "-fingerprint");
++                  openssl_path, openssl_x509_cmd,
++                  openssl_opts,
++                  "-sha256",
++                  "-noout",
++                  "-fingerprint"
++#ifndef _WIN32
++                  ,
++                  (openssl_warn_stdin (co)
++                   ? cstrings ({"-in", "/dev/stdin"})
++                   : cstrings ())
++#endif
++      );
+ 
+       os.out << pem;
+       os.out.close ();
+@@ -288,8 +322,8 @@ namespace bpkg
+         dr << ": " << *e;
+     };
+ 
+-    const path& openssl_path (co.openssl ()[openssl_x509]);
+-    const strings& openssl_opts (co.openssl_option ()[openssl_x509]);
++    const path& openssl_path (co.openssl ()[openssl_x509_cmd]);
++    const strings& openssl_opts (co.openssl_option ()[openssl_x509_cmd]);
+ 
+     try
+     {
+@@ -315,7 +349,7 @@ namespace bpkg
+       openssl os (
+         print_command,
+         fdstream_mode::text, fdstream_mode::text, 2,
+-        openssl_path, openssl_x509,
++        openssl_path, openssl_x509_cmd,
+         openssl_opts, "-noout", "-subject", "-dates", "-email",
+ 
+         // Previously we have used "RFC2253,sep_multiline" format to display
+@@ -347,6 +381,13 @@ namespace bpkg
+         // sep_multiline - display field per line.
+         //
+         "-nameopt", "utf8,esc_ctrl,dump_nostr,dump_der,sname,sep_multiline"
++
++#ifndef _WIN32
++        ,
++        (openssl_warn_stdin (co)
++         ? cstrings ({"-in", "/dev/stdin"})
++         : cstrings ())
++#endif
+       );
+ 
+       // We unset failbit to provide the detailed error description (which
+@@ -877,7 +918,7 @@ namespace bpkg
+     };
+ 
+     bool ku (use_openssl_pkeyutl (co));
+-    const string& cmd (ku ? openssl_pkeyutl : openssl_rsautl);
++    const string& cmd (ku ? openssl_pkeyutl_cmd : openssl_rsautl_cmd);
+ 
+     const path& openssl_path (co.openssl ()[cmd]);
+     const strings& openssl_opts (co.openssl_option ()[cmd]);
+@@ -973,8 +1014,8 @@ namespace bpkg
+     };
+ 
+     const string& cmd (use_openssl_pkeyutl (co)
+-                       ? openssl_pkeyutl
+-                       : openssl_rsautl);
++                       ? openssl_pkeyutl_cmd
++                       : openssl_rsautl_cmd);
+ 
+     const path& openssl_path (co.openssl ()[cmd]);
+     const strings& openssl_opts (co.openssl_option ()[cmd]);
+-- 
+cgit v1.1
+

build2.spec

@@ -1,14 +1,14 @@
-%bcond_without bootstrap
-%bcond_without check
-%bcond_without bundle_libodb
-%bcond_with network_checks
-%bcond_with static
+%bcond bootstrap      0
+%bcond bundle_libodb  1
+%bcond check          1
+%bcond network_checks 0
+%bcond static         0
 
 %undefine _auto_set_build_flags
 
 Name:           build2
 Version:        0.16.0
-Release:        3%{?dist}
+Release:        5%{?dist}
 Summary:        Cross-platform build toolchain for developing and packaging C++ code
 
 License:        MIT
@@ -27,6 +27,9 @@ Source100:      https://pkg.cppget.org/1/beta/odb/libodb-%{libodb_bundle_version
 Source101:      https://pkg.cppget.org/1/beta/odb/libodb-sqlite-%{libodb_bundle_version}.tar.gz
 %endif
 
+# Upstream: https://git.build2.org/cgit/bpkg/commit/?id=40bb034f57cf37c1cbdcef337733507c230c6004
+Patch3000:      bpkg-openssl-v3.2.0-stdin-warn.patch
+
 BuildRequires:  gcc-c++
 BuildRequires:  libpkgconf-devel
 %if %{with bootstrap}
@@ -257,6 +260,9 @@ This package contains the %{name} RPM macros.
 %else
 %setup -q -c -n %{name}-toolchain-%{version} -a 1 -a 2 -a 3 -a 4 -a 100 -a 101
 %endif
+pushd bpkg-%{version}
+%patch -p 1 -P 3000
+popd
 mv libbutl-%{version} %{name}-%{version}
 
 %build
@@ -633,6 +639,13 @@ b test:
 %{_rpmmacrodir}/macros.%{name}
 
 %changelog
+* Mon Jun 17 2024 Jens Petersen <petersen@redhat.com> - 0.16.0-5
+- rebuild (against pkgconf-2.1.1) for F40+
+
+* Sat Apr 20 2024 Matthew Krupcale <mkrupcale@gmail.com> - 0.16.0-4
+- Rebuild for libpkgconf ABI changes
+- Apply patch to silence OpenSSL v3.2.0 warnings in bpkg
+
 * Tue Jan 23 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.16.0-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild