diff options
| author |   Lars Wendler <polynomial-c@gentoo.org> | 2015-03-19 20:47:26 +0000 |
|---|---|---|
| committer | Lars Wendler <polynomial-c@gentoo.org> | 2015-03-19 20:47:26 +0000 |
| commit | 86c46ce128f2f2809ae5d050a17a4bf05645562a (patch) | |
| tree | ac4519ad6d507fb8e6c99e7f323483f4cabb5be9 /dev-libs | |
| parent | Automated update. (diff) | |
| download | gentoo-2-86c46ce128f2f2809ae5d050a17a4bf05645562a.tar.gz gentoo-2-86c46ce128f2f2809ae5d050a17a4bf05645562a.tar.bz2 gentoo-2-86c46ce128f2f2809ae5d050a17a4bf05645562a.zip | |
Version bump. Removed old
(Portage version: 2.2.18/cvs/Linux x86_64, signed Manifest commit with key 0x981CA6FC)
Diffstat (limited to 'dev-libs')
19 files changed, 1542 insertions, 1506 deletions
diff --git a/dev-libs/openssl/ChangeLog b/dev-libs/openssl/ChangeLog index 6902a56a5ec9..b3a779cf6f18 100644 --- a/dev-libs/openssl/ChangeLog +++ b/dev-libs/openssl/ChangeLog @@ -1,6 +1,24 @@ # ChangeLog for dev-libs/openssl # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.637 2015/03/19 18:03:39 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.638 2015/03/19 20:47:26 polynomial-c Exp $ + +*openssl-1.0.2a (19 Mar 2015) +*openssl-1.0.1m (19 Mar 2015) +*openssl-1.0.0r (19 Mar 2015) +*openssl-0.9.8z_p6 (19 Mar 2015) + + 19 Mar 2015; Lars Wendler <polynomial-c@gentoo.org> + -openssl-0.9.8z_p1-r2.ebuild, -openssl-0.9.8z_p2.ebuild, + -openssl-0.9.8z_p3.ebuild, -openssl-0.9.8z_p4.ebuild, + -openssl-0.9.8z_p5.ebuild, +openssl-0.9.8z_p6.ebuild, -openssl-1.0.0q.ebuild, + +openssl-1.0.0r.ebuild, -openssl-1.0.1j.ebuild, -openssl-1.0.1k.ebuild, + -openssl-1.0.1l.ebuild, +openssl-1.0.1m.ebuild, -openssl-1.0.2-r1.ebuild, + -openssl-1.0.2-r2.ebuild, +openssl-1.0.2a.ebuild, + -files/openssl-1.0.0e-x32.patch, +files/openssl-1.0.0r-x32.patch, + +files/openssl-1.0.1m-ipv6.patch, +files/openssl-1.0.1m-parallel-build.patch, + +files/openssl-1.0.1m-s_client-verify.patch, +files/openssl-1.0.1m-x32.patch, + +files/openssl-1.0.2a-parallel-build.patch: + Version bump. Removed old. 19 Mar 2015; Mike Frysinger <vapier@gentoo.org> openssl-1.0.1l-r1.ebuild: Mark arm64/m68k stable. diff --git a/dev-libs/openssl/files/openssl-1.0.0e-x32.patch b/dev-libs/openssl/files/openssl-1.0.0e-x32.patch deleted file mode 100644 index d73a050ec928..000000000000 --- a/dev-libs/openssl/files/openssl-1.0.0e-x32.patch +++ /dev/null @@ -1,92 +0,0 @@ -http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=51bfed2e26fc13a66e8b5710aa2ce1d7a04af721 - -UpstreamStatus: Pending - -Received from H J Liu @ Intel -Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors. -Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/07/13 - -ported the patch to the 1.0.0e version -Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/01 -Index: openssl-1.0.0e/Configure -=================================================================== ---- openssl-1.0.0e.orig/Configure -+++ openssl-1.0.0e/Configure -@@ -393,6 +393,7 @@ my %table=( - "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", -+"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "linux-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", - #### SPARC Linux setups - # Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently -Index: openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c -=================================================================== ---- openssl-1.0.0e.orig/crypto/bn/asm/x86_64-gcc.c -+++ openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c -@@ -55,7 +55,7 @@ - * machine. - */ - --#ifdef _WIN64 -+#if defined _WIN64 || !defined __LP64__ - #define BN_ULONG unsigned long long - #else - #define BN_ULONG unsigned long -@@ -192,9 +192,9 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con - asm ( - " subq %2,%2 \n" - ".p2align 4 \n" -- "1: movq (%4,%2,8),%0 \n" -- " adcq (%5,%2,8),%0 \n" -- " movq %0,(%3,%2,8) \n" -+ "1: movq (%q4,%2,8),%0 \n" -+ " adcq (%q5,%2,8),%0 \n" -+ " movq %0,(%q3,%2,8) \n" - " leaq 1(%2),%2 \n" - " loop 1b \n" - " sbbq %0,%0 \n" -@@ -215,9 +215,9 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con - asm ( - " subq %2,%2 \n" - ".p2align 4 \n" -- "1: movq (%4,%2,8),%0 \n" -- " sbbq (%5,%2,8),%0 \n" -- " movq %0,(%3,%2,8) \n" -+ "1: movq (%q4,%2,8),%0 \n" -+ " sbbq (%q5,%2,8),%0 \n" -+ " movq %0,(%q3,%2,8) \n" - " leaq 1(%2),%2 \n" - " loop 1b \n" - " sbbq %0,%0 \n" -Index: openssl-1.0.0e/crypto/bn/bn.h -=================================================================== ---- openssl-1.0.0e.orig/crypto/bn/bn.h -+++ openssl-1.0.0e/crypto/bn/bn.h -@@ -172,6 +172,13 @@ extern "C" { - # endif - #endif - -+/* Address type. */ -+#ifdef _WIN64 -+#define BN_ADDR unsigned long long -+#else -+#define BN_ADDR unsigned long -+#endif -+ - /* assuming long is 64bit - this is the DEC Alpha - * unsigned long long is only 64 bits :-(, don't define - * BN_LLONG for the DEC Alpha */ -Index: openssl-1.0.0e/crypto/bn/bn_exp.c -=================================================================== ---- openssl-1.0.0e.orig/crypto/bn/bn_exp.c -+++ openssl-1.0.0e/crypto/bn/bn_exp.c -@@ -561,7 +561,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU - - /* Given a pointer value, compute the next address that is a cache line multiple. */ - #define MOD_EXP_CTIME_ALIGN(x_) \ -- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ULONG)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) -+ ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ADDR)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) - - /* This variant of BN_mod_exp_mont() uses fixed windows and the special - * precomputation memory layout to limit data-dependency to a minimum diff --git a/dev-libs/openssl/files/openssl-1.0.0r-x32.patch b/dev-libs/openssl/files/openssl-1.0.0r-x32.patch new file mode 100644 index 000000000000..2d715eb5af0e --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.0.0r-x32.patch @@ -0,0 +1,76 @@ +--- openssl-1.0.0r/Configure ++++ openssl-1.0.0r/Configure +@@ -353,6 +353,7 @@ my %table=( + "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", ++"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", + #### SPARC Linux setups + # Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently +--- openssl-1.0.0r/crypto/bn/asm/x86_64-gcc.c ++++ openssl-1.0.0r/crypto/bn/asm/x86_64-gcc.c +@@ -55,7 +55,7 @@ + * machine. + */ + +-# ifdef _WIN64 ++# if defined _WIN64 || !defined __LP64__ + # define BN_ULONG unsigned long long + # else + # define BN_ULONG unsigned long +@@ -211,9 +211,9 @@ BN_ULONG bn_add_words(BN_ULONG *rp, cons + + asm volatile (" subq %2,%2 \n" + ".p2align 4 \n" +- "1: movq (%4,%2,8),%0 \n" +- " adcq (%5,%2,8),%0 \n" +- " movq %0,(%3,%2,8) \n" ++ "1: movq (%q4,%2,8),%0 \n" ++ " adcq (%q5,%2,8),%0 \n" ++ " movq %0,(%q3,%2,8) \n" + " leaq 1(%2),%2 \n" + " loop 1b \n" + " sbbq %0,%0 \n":"=&a" (ret), "+c"(n), +@@ -235,9 +235,9 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, cons + + asm volatile (" subq %2,%2 \n" + ".p2align 4 \n" +- "1: movq (%4,%2,8),%0 \n" +- " sbbq (%5,%2,8),%0 \n" +- " movq %0,(%3,%2,8) \n" ++ "1: movq (%q4,%2,8),%0 \n" ++ " sbbq (%q5,%2,8),%0 \n" ++ " movq %0,(%q3,%2,8) \n" + " leaq 1(%2),%2 \n" + " loop 1b \n" + " sbbq %0,%0 \n":"=&a" (ret), "+c"(n), +--- openssl-1.0.0r/crypto/bn/bn_exp.c ++++ openssl-1.0.0r/crypto/bn/bn_exp.c +@@ -564,7 +564,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU + * multiple. + */ + #define MOD_EXP_CTIME_ALIGN(x_) \ +- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ULONG)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) ++ ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ADDR)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) + + /* + * This variant of BN_mod_exp_mont() uses fixed windows and the special +--- openssl-1.0.0r/crypto/bn/bn.h ++++ openssl-1.0.0r/crypto/bn/bn.h +@@ -174,6 +174,15 @@ extern "C" { + # endif + + /* ++ * Address type. ++ */ ++#ifdef _WIN64 ++#define BN_ADDR unsigned long long ++#else ++#define BN_ADDR unsigned long ++#endif ++ ++/* + * assuming long is 64bit - this is the DEC Alpha unsigned long long is only + * 64 bits :-(, don't define BN_LLONG for the DEC Alpha + */ diff --git a/dev-libs/openssl/files/openssl-1.0.1m-ipv6.patch b/dev-libs/openssl/files/openssl-1.0.1m-ipv6.patch new file mode 100644 index 000000000000..34a7e53c08ca --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.0.1m-ipv6.patch @@ -0,0 +1,618 @@ +http://rt.openssl.org/Ticket/Display.html?id=2051&user=guest&pass=guest + +Forward ported from openssl-1.0.1h-ipv6.patch + +Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> + +--- openssl-1.0.1m/apps/s_apps.h ++++ openssl-1.0.1m/apps/s_apps.h +@@ -153,7 +153,7 @@ typedef fd_mask fd_set; + + int do_server(int port, int type, int *ret, + int (*cb) (char *hostname, int s, unsigned char *context), +- unsigned char *context); ++ unsigned char *context, int use_ipv4, int use_ipv6); + #ifdef HEADER_X509_H + int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); + #endif +@@ -161,7 +161,8 @@ int MS_CALLBACK verify_callback(int ok, + int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file); + int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key); + #endif +-int init_client(int *sock, char *server, int port, int type); ++int init_client(int *sock, char *server, int port, int type, ++ int use_ipv4, int use_ipv6); + int should_retry(int i); + int extract_port(char *str, short *port_ptr); + int extract_host_port(char *str, char **host_ptr, unsigned char *ip, +--- openssl-1.0.1m/apps/s_client.c ++++ openssl-1.0.1m/apps/s_client.c +@@ -299,6 +299,10 @@ static void sc_usage(void) + { + BIO_printf(bio_err, "usage: s_client args\n"); + BIO_printf(bio_err, "\n"); ++ BIO_printf(bio_err," -4 - use IPv4 only\n"); ++#if OPENSSL_USE_IPV6 ++ BIO_printf(bio_err," -6 - use IPv6 only\n"); ++#endif + BIO_printf(bio_err, " -host host - use -connect instead\n"); + BIO_printf(bio_err, " -port port - use -connect instead\n"); + BIO_printf(bio_err, +@@ -629,6 +633,7 @@ int MAIN(int argc, char **argv) + int sbuf_len, sbuf_off; + fd_set readfds, writefds; + short port = PORT; ++ int use_ipv4, use_ipv6; + int full_log = 1; + char *host = SSL_HOST_NAME; + char *cert_file = NULL, *key_file = NULL; +@@ -673,7 +678,11 @@ int MAIN(int argc, char **argv) + #endif + char *sess_in = NULL; + char *sess_out = NULL; +- struct sockaddr peer; ++#if OPENSSL_USE_IPV6 ++ struct sockaddr_storage peer; ++#else ++ struct sockaddr_in peer; ++#endif + int peerlen = sizeof(peer); + int fallback_scsv = 0; + int enable_timeouts = 0; +@@ -689,6 +698,13 @@ int MAIN(int argc, char **argv) + + meth = SSLv23_client_method(); + ++ use_ipv4 = 1; ++#if OPENSSL_USE_IPV6 ++ use_ipv6 = 1; ++#else ++ use_ipv6 = 0; ++#endif ++ + apps_startup(); + c_Pause = 0; + c_quiet = 0; +@@ -985,6 +1001,16 @@ int MAIN(int argc, char **argv) + jpake_secret = *++argv; + } + #endif ++ else if (strcmp(*argv,"-4") == 0) { ++ use_ipv4 = 1; ++ use_ipv6 = 0; ++ } ++#if OPENSSL_USE_IPV6 ++ else if (strcmp(*argv,"-6") == 0) { ++ use_ipv4 = 0; ++ use_ipv6 = 1; ++ } ++#endif + #ifndef OPENSSL_NO_SRTP + else if (strcmp(*argv, "-use_srtp") == 0) { + if (--argc < 1) +@@ -1256,7 +1282,7 @@ int MAIN(int argc, char **argv) + + re_start: + +- if (init_client(&s, host, port, socket_type) == 0) { ++ if (init_client(&s, host, port, socket_type, use_ipv4, use_ipv6) == 0) { + BIO_printf(bio_err, "connect:errno=%d\n", get_last_socket_error()); + SHUTDOWN(s); + goto end; +@@ -1279,7 +1305,7 @@ int MAIN(int argc, char **argv) + if (SSL_version(con) == DTLS1_VERSION) { + + sbio = BIO_new_dgram(s, BIO_NOCLOSE); +- if (getsockname(s, &peer, (void *)&peerlen) < 0) { ++ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0) { + BIO_printf(bio_err, "getsockname:errno=%d\n", + get_last_socket_error()); + SHUTDOWN(s); +--- openssl-1.0.1m/apps/s_server.c ++++ openssl-1.0.1m/apps/s_server.c +@@ -609,6 +609,10 @@ static void sv_usage(void) + " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); + # endif + #endif ++ BIO_printf(bio_err," -4 - use IPv4 only\n"); ++#if OPENSSL_USE_IPV6 ++ BIO_printf(bio_err," -6 - use IPv6 only\n"); ++#endif + BIO_printf(bio_err, + " -keymatexport label - Export keying material using label\n"); + BIO_printf(bio_err, +@@ -1003,6 +1007,7 @@ int MAIN(int argc, char *argv[]) + int state = 0; + const SSL_METHOD *meth = NULL; + int socket_type = SOCK_STREAM; ++ int use_ipv4, use_ipv6; + ENGINE *e = NULL; + char *inrand = NULL; + int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; +@@ -1031,6 +1036,13 @@ int MAIN(int argc, char *argv[]) + #endif + meth = SSLv23_server_method(); + ++ use_ipv4 = 1; ++#if OPENSSL_USE_IPV6 ++ use_ipv6 = 1; ++#else ++ use_ipv6 = 0; ++#endif ++ + local_argc = argc; + local_argv = argv; + +@@ -1356,6 +1368,16 @@ int MAIN(int argc, char *argv[]) + jpake_secret = *(++argv); + } + #endif ++ else if (strcmp(*argv,"-4") == 0) { ++ use_ipv4 = 1; ++ use_ipv6 = 0; ++ } ++#if OPENSSL_USE_IPV6 ++ else if (strcmp(*argv,"-6") == 0) { ++ use_ipv4 = 0; ++ use_ipv6 = 1; ++ } ++#endif + #ifndef OPENSSL_NO_SRTP + else if (strcmp(*argv, "-use_srtp") == 0) { + if (--argc < 1) +@@ -1850,9 +1872,11 @@ int MAIN(int argc, char *argv[]) + BIO_printf(bio_s_out, "ACCEPT\n"); + (void)BIO_flush(bio_s_out); + if (www) +- do_server(port, socket_type, &accept_socket, www_body, context); ++ do_server(port, socket_type, &accept_socket, www_body, context, ++ use_ipv4, use_ipv6); + else +- do_server(port, socket_type, &accept_socket, sv_body, context); ++ do_server(port, socket_type, &accept_socket, sv_body, context, ++ use_ipv4, use_ipv6); + print_stats(bio_s_out, ctx); + ret = 0; + end: +--- openssl-1.0.1m/apps/s_socket.c ++++ openssl-1.0.1m/apps/s_socket.c +@@ -101,16 +101,16 @@ typedef unsigned int u_int; + # include "netdb.h" + # endif + +-static struct hostent *GetHostByName(char *name); ++static struct hostent *GetHostByName(char *name, int domain); + # if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) + static void ssl_sock_cleanup(void); + # endif + static int ssl_sock_init(void); +-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type); +-static int init_server(int *sock, int port, int type); +-static int init_server_long(int *sock, int port, char *ip, int type); ++static int init_client_ip(int *sock, unsigned char *ip, int port, int type, int domain); ++static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6); ++static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6); + static int do_accept(int acc_sock, int *sock, char **host); +-static int host_ip(char *str, unsigned char ip[4]); ++static int host_ip(char *str, unsigned char *ip, int domain); + + # ifdef OPENSSL_SYS_WIN16 + # define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ +@@ -231,38 +231,66 @@ static int ssl_sock_init(void) + return (1); + } + +-int init_client(int *sock, char *host, int port, int type) ++int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6) + { ++#if OPENSSL_USE_IPV6 ++ unsigned char ip[16]; ++#else + unsigned char ip[4]; ++#endif + +- memset(ip, '\0', sizeof ip); +- if (!host_ip(host, &(ip[0]))) +- return 0; +- return init_client_ip(sock, ip, port, type); +-} +- +-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type) +-{ +- unsigned long addr; ++ if (use_ipv4) ++ if (host_ip(host,ip,AF_INET)) ++ return(init_client_ip(sock,ip,port,type,AF_INET)); ++#if OPENSSL_USE_IPV6 ++ if (use_ipv6) ++ if (host_ip(host,ip,AF_INET6)) ++ return(init_client_ip(sock,ip,port,type,AF_INET6)); ++#endif ++ return 0; ++} ++ ++static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain) ++{ ++#if OPENSSL_USE_IPV6 ++ struct sockaddr_storage them; ++ struct sockaddr_in *them_in = (struct sockaddr_in *)&them; ++ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them; ++#else + struct sockaddr_in them; ++ struct sockaddr_in *them_in = &them; ++#endif ++ socklen_t addr_len; + int s, i; + + if (!ssl_sock_init()) + return (0); + + memset((char *)&them, 0, sizeof(them)); +- them.sin_family = AF_INET; +- them.sin_port = htons((unsigned short)port); +- addr = (unsigned long) +- ((unsigned long)ip[0] << 24L) | +- ((unsigned long)ip[1] << 16L) | +- ((unsigned long)ip[2] << 8L) | ((unsigned long)ip[3]); +- them.sin_addr.s_addr = htonl(addr); ++ if (domain == AF_INET) { ++ addr_len = (socklen_t)sizeof(struct sockaddr_in); ++ them_in->sin_family=AF_INET; ++ them_in->sin_port=htons((unsigned short)port); ++#ifndef BIT_FIELD_LIMITS ++ memcpy(&them_in->sin_addr.s_addr, ip, 4); ++#else ++ memcpy(&them_in->sin_addr, ip, 4); ++#endif ++ } else { ++#if OPENSSL_USE_IPV6 ++ addr_len = (socklen_t)sizeof(struct sockaddr_in6); ++ them_in6->sin6_family=AF_INET6; ++ them_in6->sin6_port=htons((unsigned short)port); ++ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr)); ++ } ++#else ++ return(0); ++#endif + + if (type == SOCK_STREAM) +- s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL); ++ s = socket(domain, SOCK_STREAM, SOCKET_PROTOCOL); + else /* ( type == SOCK_DGRAM) */ +- s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); ++ s = socket(domain, SOCK_DGRAM, IPPROTO_UDP); + + if (s == INVALID_SOCKET) { + perror("socket"); +@@ -280,7 +308,7 @@ static int init_client_ip(int *sock, uns + } + # endif + +- if (connect(s, (struct sockaddr *)&them, sizeof(them)) == -1) { ++ if (connect(s, (struct sockaddr *)&them, addr_len) == -1) { + closesocket(s); + perror("connect"); + return (0); +@@ -291,14 +319,14 @@ static int init_client_ip(int *sock, uns + + int do_server(int port, int type, int *ret, + int (*cb) (char *hostname, int s, unsigned char *context), +- unsigned char *context) ++ unsigned char *context, int use_ipv4, int use_ipv6) + { + int sock; + char *name = NULL; + int accept_socket = 0; + int i; + +- if (!init_server(&accept_socket, port, type)) ++ if (!init_server(&accept_socket, port, type, use_ipv4, use_ipv6)) + return (0); + + if (ret != NULL) { +@@ -325,32 +353,45 @@ int do_server(int port, int type, int *r + } + } + +-static int init_server_long(int *sock, int port, char *ip, int type) ++static int init_server_long(int *sock, int port, char *ip, int type, ++ int use_ipv4, int use_ipv6) + { + int ret = 0; ++ int domain; ++#if OPENSSL_USE_IPV6 ++ struct sockaddr_storage server; ++ struct sockaddr_in *server_in = (struct sockaddr_in *)&server; ++ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server; ++#else + struct sockaddr_in server; ++ struct sockaddr_in *server_in = &server; ++#endif ++ socklen_t addr_len; + int s = -1; + ++ if (!use_ipv4 && !use_ipv6) ++ goto err; ++#if OPENSSL_USE_IPV6 ++ /* ++ * we are fine here ++ */ ++#else ++ if (use_ipv6) ++ goto err; ++#endif + if (!ssl_sock_init()) + return (0); + +- memset((char *)&server, 0, sizeof(server)); +- server.sin_family = AF_INET; +- server.sin_port = htons((unsigned short)port); +- if (ip == NULL) +- server.sin_addr.s_addr = INADDR_ANY; +- else +-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ +-# ifndef BIT_FIELD_LIMITS +- memcpy(&server.sin_addr.s_addr, ip, 4); ++#if OPENSSL_USE_IPV6 ++ domain = use_ipv6 ? AF_INET6 : AF_INET; + # else +- memcpy(&server.sin_addr, ip, 4); ++ domain = AF_INET; + # endif + + if (type == SOCK_STREAM) +- s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL); ++ s = socket(domain, SOCK_STREAM, SOCKET_PROTOCOL); + else /* type == SOCK_DGRAM */ +- s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); ++ s = socket(domain, SOCK_DGRAM, IPPROTO_UDP); + + if (s == INVALID_SOCKET) + goto err; +@@ -360,7 +401,44 @@ static int init_server_long(int *sock, i + setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof j); + } + # endif +- if (bind(s, (struct sockaddr *)&server, sizeof(server)) == -1) { ++#if OPENSSL_USE_IPV6 ++ if ((use_ipv4 == 0) && (use_ipv6 == 1)) { ++ const int on = 1; ++ ++ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, ++ (const void *) &on, sizeof(int)); ++ } ++#endif ++ if (domain == AF_INET) { ++ addr_len = (socklen_t)sizeof(struct sockaddr_in); ++ memset(server_in, 0, sizeof(struct sockaddr_in)); ++ server_in->sin_family=AF_INET; ++ server_in->sin_port = htons((unsigned short)port); ++ if (ip == NULL) ++ server_in->sin_addr.s_addr = htonl(INADDR_ANY); ++ else ++/* ++ * Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) ++ */ ++#ifndef BIT_FIELD_LIMITS ++ memcpy(&server_in->sin_addr.s_addr, ip, 4); ++#else ++ memcpy(&server_in->sin_addr, ip, 4); ++#endif ++ } ++#if OPENSSL_USE_IPV6 ++ else { ++ addr_len = (socklen_t)sizeof(struct sockaddr_in6); ++ memset(server_in6, 0, sizeof(struct sockaddr_in6)); ++ server_in6->sin6_family = AF_INET6; ++ server_in6->sin6_port = htons((unsigned short)port); ++ if (ip == NULL) ++ server_in6->sin6_addr = in6addr_any; ++ else ++ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr)); ++ } ++#endif ++ if (bind(s, (struct sockaddr *)&server, addr_len) == -1) { + # ifndef OPENSSL_SYS_WINDOWS + perror("bind"); + # endif +@@ -378,16 +456,24 @@ static int init_server_long(int *sock, i + return (ret); + } + +-static int init_server(int *sock, int port, int type) ++static int init_server(int *sock, int port, int type, ++ int use_ipv4, int use_ipv6) + { +- return (init_server_long(sock, port, NULL, type)); ++ return (init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6)); + } + + static int do_accept(int acc_sock, int *sock, char **host) + { + int ret; + struct hostent *h1, *h2; ++#if OPENSSL_USE_IPV6 ++ struct sockaddr_storage from; ++ struct sockaddr_in *from_in = (struct sockaddr_in *)&from; ++ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from; ++#else + static struct sockaddr_in from; ++ struct sockaddr_in *from_in = &from; ++#endif + int len; + /* struct linger ling; */ + +@@ -437,14 +523,24 @@ static int do_accept(int acc_sock, int * + + if (host == NULL) + goto end; ++#if OPENSSL_USE_IPV6 ++ if (from.ss_family == AF_INET) ++#else ++ if (from.sin_family == AF_INET) ++#endif + # ifndef BIT_FIELD_LIMITS + /* I should use WSAAsyncGetHostByName() under windows */ +- h1 = gethostbyaddr((char *)&from.sin_addr.s_addr, +- sizeof(from.sin_addr.s_addr), AF_INET); ++ h1 = gethostbyaddr((char *)&from_in->sin_addr.s_addr, ++ sizeof(from_in->sin_addr.s_addr), AF_INET); + # else +- h1 = gethostbyaddr((char *)&from.sin_addr, ++ h1 = gethostbyaddr((char *)&from_in->sin_addr, + sizeof(struct in_addr), AF_INET); + # endif ++#if OPENSSL_USE_IPV6 ++ else ++ h1 = gethostbyaddr((char *)&from_in6->sin6_addr, ++ sizeof(struct in6_addr), AF_INET6); ++#endif + if (h1 == NULL) { + BIO_printf(bio_err, "bad gethostbyaddr\n"); + *host = NULL; +@@ -457,14 +553,23 @@ static int do_accept(int acc_sock, int * + } + BUF_strlcpy(*host, h1->h_name, strlen(h1->h_name) + 1); + +- h2 = GetHostByName(*host); ++#if OPENSSL_USE_IPV6 ++ h2 = GetHostByName(*host, from.ss_family); ++#else ++ h2 = GetHostByName(*host, from.sin_family); ++#endif ++ + if (h2 == NULL) { + BIO_printf(bio_err, "gethostbyname failure\n"); + closesocket(ret); + return (0); + } +- if (h2->h_addrtype != AF_INET) { +- BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n"); ++#if OPENSSL_USE_IPV6 ++ if (h2->h_addrtype != from.ss_family) { ++#else ++ if (h2->h_addrtype != from.sin_family) { ++#endif ++ BIO_printf(bio_err, "gethostbyname addr address is not correct\n"); + closesocket(ret); + return (0); + } +@@ -480,14 +585,14 @@ int extract_host_port(char *str, char ** + char *h, *p; + + h = str; +- p = strchr(str, ':'); ++ p = strrchr(str, ':'); + if (p == NULL) { + BIO_printf(bio_err, "no port defined\n"); + return (0); + } + *(p++) = '\0'; + +- if ((ip != NULL) && !host_ip(str, ip)) ++ if ((ip != NULL) && !host_ip(str, ip, AF_INET)) + goto err; + if (host_ptr != NULL) + *host_ptr = h; +@@ -499,44 +604,54 @@ int extract_host_port(char *str, char ** + return (0); + } + +-static int host_ip(char *str, unsigned char ip[4]) ++static int host_ip(char *str, unsigned char *ip, int domain) + { + unsigned int in[4]; ++ unsigned long l; + int i; + +- if (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) == +- 4) { ++ if ((domain == AF_INET) && ++ (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) == ++ 4)) { + for (i = 0; i < 4; i++) + if (in[i] > 255) { + BIO_printf(bio_err, "invalid IP address\n"); + goto err; + } +- ip[0] = in[0]; +- ip[1] = in[1]; +- ip[2] = in[2]; +- ip[3] = in[3]; +- } else { /* do a gethostbyname */ ++ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]); ++ memcpy(ip, &l, 4); ++ return 1; ++ } ++#if OPENSSL_USE_IPV6 ++ else if ((domain == AF_INET6) && ++ (inet_pton(AF_INET6, str, ip) == 1)) ++ return 1; ++#endif ++ else { /* do a gethostbyname */ + struct hostent *he; + + if (!ssl_sock_init()) + return (0); + +- he = GetHostByName(str); ++ he = GetHostByName(str, domain); + if (he == NULL) { + BIO_printf(bio_err, "gethostbyname failure\n"); + goto err; + } + /* cast to short because of win16 winsock definition */ +- if ((short)he->h_addrtype != AF_INET) { +- BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n"); ++ if ((short)he->h_addrtype != domain) { ++ BIO_printf(bio_err, "gethostbyname addr family is not correct\n"); + return (0); + } +- ip[0] = he->h_addr_list[0][0]; +- ip[1] = he->h_addr_list[0][1]; +- ip[2] = he->h_addr_list[0][2]; +- ip[3] = he->h_addr_list[0][3]; ++ if (domain == AF_INET) ++ memset(ip, 0, 4); ++#if OPENSSL_USE_IPV6 ++ else ++ memset(ip, 0, 16); ++#endif ++ memcpy(ip, he->h_addr_list[0], he->h_length); ++ return 1; + } +- return (1); + err: + return (0); + } +@@ -570,7 +685,7 @@ static struct ghbn_cache_st { + static unsigned long ghbn_hits = 0L; + static unsigned long ghbn_miss = 0L; + +-static struct hostent *GetHostByName(char *name) ++static struct hostent *GetHostByName(char *name, int domain) + { + struct hostent *ret; + int i, lowi = 0; +@@ -582,13 +697,19 @@ static struct hostent *GetHostByName(cha + lowi = i; + } + if (ghbn_cache[i].order > 0) { +- if (strncmp(name, ghbn_cache[i].name, 128) == 0) ++ if ((strncmp(name, ghbn_cache[i].name, 128) == 0) && ++ (ghbn_cache[i].ent.h_addrtype == domain)) + break; + } + } + if (i == GHBN_NUM) { /* no hit */ + ghbn_miss++; +- ret = gethostbyname(name); ++ if (domain == AF_INET) ++ ret = gethostbyname(name); ++#if OPENSSL_USE_IPV6 ++ else ++ ret=gethostbyname2(name, AF_INET6); ++#endif + if (ret == NULL) + return (NULL); + /* else add to cache */ diff --git a/dev-libs/openssl/files/openssl-1.0.1m-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.1m-parallel-build.patch new file mode 100644 index 000000000000..db92b79f6ae8 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.0.1m-parallel-build.patch @@ -0,0 +1,364 @@ +http://rt.openssl.org/Ticket/Display.html?id=2084 + +--- openssl-1.0.1m/crypto/Makefile ++++ openssl-1.0.1m/crypto/Makefile +@@ -85,11 +85,11 @@ + @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi + + subdirs: +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +- @target=files; $(RECURSIVE_MAKE) ++ +@target=files; $(RECURSIVE_MAKE) + + links: + @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) +@@ -100,7 +100,7 @@ + # lib: $(LIB): are splitted to avoid end-less loop + lib: $(LIB) + @touch lib +-$(LIB): $(LIBOBJ) ++$(LIB): $(LIBOBJ) | subdirs + $(AR) $(LIB) $(LIBOBJ) + [ -z "$(FIPSLIBDIR)" ] || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o + $(RANLIB) $(LIB) || echo Never mind. +@@ -111,7 +111,7 @@ + fi + + libs: +- @target=lib; $(RECURSIVE_MAKE) ++ +@target=lib; $(RECURSIVE_MAKE) + + install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... +@@ -120,7 +120,7 @@ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + lint: + @target=lint; $(RECURSIVE_MAKE) +--- openssl-1.0.1m/crypto/objects/Makefile ++++ openssl-1.0.1m/crypto/objects/Makefile +@@ -44,11 +44,11 @@ + # objects.pl both reads and writes obj_mac.num + obj_mac.h: objects.pl objects.txt obj_mac.num + $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h +- @sleep 1; touch obj_mac.h; sleep 1 + +-obj_xref.h: objxref.pl obj_xref.txt obj_mac.num ++# This doesn't really need obj_mac.h, but since that rule reads & writes ++# obj_mac.num, we can't run in parallel with it. ++obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h + $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h +- @sleep 1; touch obj_xref.h; sleep 1 + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +--- openssl-1.0.1m/engines/Makefile ++++ openssl-1.0.1m/engines/Makefile +@@ -72,7 +72,7 @@ + + all: lib subdirs + +-lib: $(LIBOBJ) ++lib: $(LIBOBJ) | subdirs + @if [ -n "$(SHARED_LIBS)" ]; then \ + set -e; \ + for l in $(LIBNAMES); do \ +@@ -89,7 +89,7 @@ + + subdirs: + echo $(EDIRS) +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +@@ -128,7 +128,7 @@ + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ + done; \ + fi +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + tags: + ctags $(SRC) +--- openssl-1.0.1m/Makefile.org ++++ openssl-1.0.1m/Makefile.org +@@ -273,17 +273,17 @@ + build_libs: build_crypto build_ssl build_engines + + build_crypto: +- @dir=crypto; target=all; $(BUILD_ONE_CMD) +-build_ssl: +- @dir=ssl; target=all; $(BUILD_ONE_CMD) +-build_engines: +- @dir=engines; target=all; $(BUILD_ONE_CMD) +-build_apps: +- @dir=apps; target=all; $(BUILD_ONE_CMD) +-build_tests: +- @dir=test; target=all; $(BUILD_ONE_CMD) +-build_tools: +- @dir=tools; target=all; $(BUILD_ONE_CMD) ++ +@dir=crypto; target=all; $(BUILD_ONE_CMD) ++build_ssl: build_crypto ++ +@dir=ssl; target=all; $(BUILD_ONE_CMD) ++build_engines: build_crypto ++ +@dir=engines; target=all; $(BUILD_ONE_CMD) ++build_apps: build_libs ++ +@dir=apps; target=all; $(BUILD_ONE_CMD) ++build_tests: build_libs ++ +@dir=test; target=all; $(BUILD_ONE_CMD) ++build_tools: build_libs ++ +@dir=tools; target=all; $(BUILD_ONE_CMD) + + all_testapps: build_libs build_testapps + build_testapps: +@@ -538,9 +538,9 @@ + dist_pem_h: + (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) + +-install: all install_docs install_sw ++install: install_docs install_sw + +-install_sw: ++install_dirs: + @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ + $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ + $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ +@@ -549,12 +549,19 @@ + $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ + $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ + $(INSTALL_PREFIX)$(OPENSSLDIR)/private ++ @$(PERL) $(TOP)/util/mkdir-p.pl \ ++ $(INSTALL_PREFIX)$(MANDIR)/man1 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man3 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man5 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man7 ++ ++install_sw: install_dirs + @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ + do \ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @set -e; target=install; $(RECURSIVE_BUILD_CMD) ++ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) + @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ + do \ + if [ -f "$$i" ]; then \ +@@ -634,12 +641,7 @@ + done; \ + done + +-install_docs: +- @$(PERL) $(TOP)/util/mkdir-p.pl \ +- $(INSTALL_PREFIX)$(MANDIR)/man1 \ +- $(INSTALL_PREFIX)$(MANDIR)/man3 \ +- $(INSTALL_PREFIX)$(MANDIR)/man5 \ +- $(INSTALL_PREFIX)$(MANDIR)/man7 ++install_docs: install_dirs + @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ + here="`pwd`"; \ + filecase=; \ +--- openssl-1.0.1m/Makefile.shared ++++ openssl-1.0.1m/Makefile.shared +@@ -105,6 +105,7 @@ + SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ + LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ + LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ ++ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ + LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ + $${SHAREDCMD} $${SHAREDFLAGS} \ + -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ +@@ -122,6 +123,7 @@ + done; \ + fi; \ + if [ -n "$$SHLIB_SOVER" ]; then \ ++ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ + ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ + ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ + fi; \ +--- openssl-1.0.1m/test/Makefile ++++ openssl-1.0.1m/test/Makefile +@@ -130,7 +130,7 @@ + tags: + ctags $(SRC) + +-tests: exe apps $(TESTS) ++tests: exe $(TESTS) + + apps: + @(cd ..; $(MAKE) DIRS=apps all) +@@ -388,118 +388,118 @@ + link_app.$${shlib_target} + + $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) +- @target=$(RSATEST); $(BUILD_CMD) ++ +@target=$(RSATEST); $(BUILD_CMD) + + $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) +- @target=$(BNTEST); $(BUILD_CMD) ++ +@target=$(BNTEST); $(BUILD_CMD) + + $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) +- @target=$(ECTEST); $(BUILD_CMD) ++ +@target=$(ECTEST); $(BUILD_CMD) + + $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) +- @target=$(EXPTEST); $(BUILD_CMD) ++ +@target=$(EXPTEST); $(BUILD_CMD) + + $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) +- @target=$(IDEATEST); $(BUILD_CMD) ++ +@target=$(IDEATEST); $(BUILD_CMD) + + $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) +- @target=$(MD2TEST); $(BUILD_CMD) ++ +@target=$(MD2TEST); $(BUILD_CMD) + + $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) +- @target=$(SHATEST); $(BUILD_CMD) ++ +@target=$(SHATEST); $(BUILD_CMD) + + $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) +- @target=$(SHA1TEST); $(BUILD_CMD) ++ +@target=$(SHA1TEST); $(BUILD_CMD) + + $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) +- @target=$(SHA256TEST); $(BUILD_CMD) ++ +@target=$(SHA256TEST); $(BUILD_CMD) + + $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) +- @target=$(SHA512TEST); $(BUILD_CMD) ++ +@target=$(SHA512TEST); $(BUILD_CMD) + + $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) +- @target=$(RMDTEST); $(BUILD_CMD) ++ +@target=$(RMDTEST); $(BUILD_CMD) + + $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) +- @target=$(MDC2TEST); $(BUILD_CMD) ++ +@target=$(MDC2TEST); $(BUILD_CMD) + + $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) +- @target=$(MD4TEST); $(BUILD_CMD) ++ +@target=$(MD4TEST); $(BUILD_CMD) + + $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) +- @target=$(MD5TEST); $(BUILD_CMD) ++ +@target=$(MD5TEST); $(BUILD_CMD) + + $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) +- @target=$(HMACTEST); $(BUILD_CMD) ++ +@target=$(HMACTEST); $(BUILD_CMD) + + $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) +- @target=$(WPTEST); $(BUILD_CMD) ++ +@target=$(WPTEST); $(BUILD_CMD) + + $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) +- @target=$(RC2TEST); $(BUILD_CMD) ++ +@target=$(RC2TEST); $(BUILD_CMD) + + $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) +- @target=$(BFTEST); $(BUILD_CMD) ++ +@target=$(BFTEST); $(BUILD_CMD) + + $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) +- @target=$(CASTTEST); $(BUILD_CMD) ++ +@target=$(CASTTEST); $(BUILD_CMD) + + $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) +- @target=$(RC4TEST); $(BUILD_CMD) ++ +@target=$(RC4TEST); $(BUILD_CMD) + + $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) +- @target=$(RC5TEST); $(BUILD_CMD) ++ +@target=$(RC5TEST); $(BUILD_CMD) + + $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) +- @target=$(DESTEST); $(BUILD_CMD) ++ +@target=$(DESTEST); $(BUILD_CMD) + + $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) +- @target=$(RANDTEST); $(BUILD_CMD) ++ +@target=$(RANDTEST); $(BUILD_CMD) + + $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) +- @target=$(DHTEST); $(BUILD_CMD) ++ +@target=$(DHTEST); $(BUILD_CMD) + + $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) +- @target=$(DSATEST); $(BUILD_CMD) ++ +@target=$(DSATEST); $(BUILD_CMD) + + $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) +- @target=$(METHTEST); $(BUILD_CMD) ++ +@target=$(METHTEST); $(BUILD_CMD) + + $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) +- @target=$(SSLTEST); $(FIPS_BUILD_CMD) ++ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) + + $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) +- @target=$(ENGINETEST); $(BUILD_CMD) ++ +@target=$(ENGINETEST); $(BUILD_CMD) + + $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) +- @target=$(EVPTEST); $(BUILD_CMD) ++ +@target=$(EVPTEST); $(BUILD_CMD) + + $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO) +- @target=$(EVPEXTRATEST); $(BUILD_CMD) ++ +@target=$(EVPEXTRATEST); $(BUILD_CMD) + + $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) +- @target=$(ECDSATEST); $(BUILD_CMD) ++ +@target=$(ECDSATEST); $(BUILD_CMD) + + $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) +- @target=$(ECDHTEST); $(BUILD_CMD) ++ +@target=$(ECDHTEST); $(BUILD_CMD) + + $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) +- @target=$(IGETEST); $(BUILD_CMD) ++ +@target=$(IGETEST); $(BUILD_CMD) + + $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) +- @target=$(JPAKETEST); $(BUILD_CMD) ++ +@target=$(JPAKETEST); $(BUILD_CMD) + + $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) +- @target=$(ASN1TEST); $(BUILD_CMD) ++ +@target=$(ASN1TEST); $(BUILD_CMD) + + $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) +- @target=$(SRPTEST); $(BUILD_CMD) ++ +@target=$(SRPTEST); $(BUILD_CMD) + + $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO) +- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) ++ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) + + $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o +- @target=$(CONSTTIMETEST) $(BUILD_CMD) ++ +@target=$(CONSTTIMETEST) $(BUILD_CMD) + + #$(AESTEST).o: $(AESTEST).c + # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c +@@ -512,7 +512,7 @@ + # fi + + dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) +- @target=dummytest; $(BUILD_CMD) ++ +@target=dummytest; $(BUILD_CMD) + + # DO NOT DELETE THIS LINE -- make depend depends on it. + diff --git a/dev-libs/openssl/files/openssl-1.0.1m-s_client-verify.patch b/dev-libs/openssl/files/openssl-1.0.1m-s_client-verify.patch new file mode 100644 index 000000000000..8aa29e488f52 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.0.1m-s_client-verify.patch @@ -0,0 +1,21 @@ +https://bugs.gentoo.org/472584 +http://rt.openssl.org/Ticket/Display.html?id=2387&user=guest&pass=guest + +fix verification handling in s_client. when loading paths, make sure +we properly fallback to setting the default paths. + +Forward-ported from openssl-1.0.1e-s_client-verify.patch + +Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> + +--- openssl-1.0.1m/apps/s_client.c ++++ openssl-1.0.1m/apps/s_client.c +@@ -1177,7 +1177,7 @@ int MAIN(int argc, char **argv) + if (!set_cert_key_stuff(ctx, cert, key)) + goto end; + +- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) || ++ if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) && + (!SSL_CTX_set_default_verify_paths(ctx))) { + /* + * BIO_printf(bio_err,"error setting default verify locations\n"); diff --git a/dev-libs/openssl/files/openssl-1.0.1m-x32.patch b/dev-libs/openssl/files/openssl-1.0.1m-x32.patch new file mode 100644 index 000000000000..48717a569a23 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.0.1m-x32.patch @@ -0,0 +1,66 @@ +--- openssl-1.0.1m/Configure ++++ openssl-1.0.1m/Configure +@@ -361,6 +361,7 @@ my %table=( + "linux-ia64-ecc","ecc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-ia64-icc","icc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-x86_64", "gcc:-m64 -DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", ++"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux64-s390x", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", + #### So called "highgprs" target for z/Architecture CPUs + # "Highgprs" is kernel feature first implemented in Linux 2.6.32, see +--- openssl-1.0.1m/crypto/bn/asm/x86_64-gcc.c ++++ openssl-1.0.1m/crypto/bn/asm/x86_64-gcc.c +@@ -55,7 +55,7 @@ + * machine. + */ + +-# ifdef _WIN64 ++# if defined _WIN64 || !defined __LP64__ + # define BN_ULONG unsigned long long + # else + # define BN_ULONG unsigned long +@@ -211,9 +211,9 @@ BN_ULONG bn_add_words(BN_ULONG *rp, cons + + asm volatile (" subq %2,%2 \n" + ".p2align 4 \n" +- "1: movq (%4,%2,8),%0 \n" +- " adcq (%5,%2,8),%0 \n" +- " movq %0,(%3,%2,8) \n" ++ "1: movq (%q4,%2,8),%0 \n" ++ " adcq (%q5,%2,8),%0 \n" ++ " movq %0,(%q3,%2,8) \n" + " leaq 1(%2),%2 \n" + " loop 1b \n" + " sbbq %0,%0 \n":"=&a" (ret), "+c"(n), +@@ -235,9 +235,9 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, cons + + asm volatile (" subq %2,%2 \n" + ".p2align 4 \n" +- "1: movq (%4,%2,8),%0 \n" +- " sbbq (%5,%2,8),%0 \n" +- " movq %0,(%3,%2,8) \n" ++ "1: movq (%q4,%2,8),%0 \n" ++ " sbbq (%q5,%2,8),%0 \n" ++ " movq %0,(%q3,%2,8) \n" + " leaq 1(%2),%2 \n" + " loop 1b \n" + " sbbq %0,%0 \n":"=&a" (ret), "+c"(n), +--- openssl-1.0.1m/crypto/bn/bn.h ++++ openssl-1.0.1m/crypto/bn/bn.h +@@ -174,6 +174,16 @@ extern "C" { + # endif + + /* ++ * Address type. ++ */ ++#ifdef _WIN64 ++#define BN_ADDR unsigned long long ++#else ++#define BN_ADDR unsigned long ++#endif ++ ++ ++/* + * assuming long is 64bit - this is the DEC Alpha unsigned long long is only + * 64 bits :-(, don't define BN_LLONG for the DEC Alpha + */ diff --git a/dev-libs/openssl/files/openssl-1.0.2a-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.2a-parallel-build.patch new file mode 100644 index 000000000000..280b8e0b5742 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.0.2a-parallel-build.patch @@ -0,0 +1,368 @@ +http://rt.openssl.org/Ticket/Display.html?id=2084&user=guest&pass=guest + +--- openssl-1.0.2a/crypto/Makefile ++++ openssl-1.0.2a/crypto/Makefile +@@ -85,11 +85,11 @@ + @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi + + subdirs: +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO +- @target=files; $(RECURSIVE_MAKE) ++ +@target=files; $(RECURSIVE_MAKE) + + links: + @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) +@@ -100,7 +100,7 @@ + # lib: $(LIB): are splitted to avoid end-less loop + lib: $(LIB) + @touch lib +-$(LIB): $(LIBOBJ) ++$(LIB): $(LIBOBJ) | subdirs + $(AR) $(LIB) $(LIBOBJ) + test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o + $(RANLIB) $(LIB) || echo Never mind. +@@ -111,7 +111,7 @@ + fi + + libs: +- @target=lib; $(RECURSIVE_MAKE) ++ +@target=lib; $(RECURSIVE_MAKE) + + install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... +@@ -120,7 +120,7 @@ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + lint: + @target=lint; $(RECURSIVE_MAKE) +--- openssl-1.0.2a/crypto/objects/Makefile ++++ openssl-1.0.2a/crypto/objects/Makefile +@@ -44,11 +44,11 @@ + # objects.pl both reads and writes obj_mac.num + obj_mac.h: objects.pl objects.txt obj_mac.num + $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h +- @sleep 1; touch obj_mac.h; sleep 1 + +-obj_xref.h: objxref.pl obj_xref.txt obj_mac.num ++# This doesn't really need obj_mac.h, but since that rule reads & writes ++# obj_mac.num, we can't run in parallel with it. ++obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h + $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h +- @sleep 1; touch obj_xref.h; sleep 1 + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +--- openssl-1.0.2a/engines/Makefile ++++ openssl-1.0.2a/engines/Makefile +@@ -72,7 +72,7 @@ + + all: lib subdirs + +-lib: $(LIBOBJ) ++lib: $(LIBOBJ) | subdirs + @if [ -n "$(SHARED_LIBS)" ]; then \ + set -e; \ + for l in $(LIBNAMES); do \ +@@ -89,7 +89,7 @@ + + subdirs: + echo $(EDIRS) +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +@@ -128,7 +128,7 @@ + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ + done; \ + fi +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + tags: + ctags $(SRC) +--- openssl-1.0.2a/Makefile.org ++++ openssl-1.0.2a/Makefile.org +@@ -274,17 +274,17 @@ + build_libs: build_crypto build_ssl build_engines + + build_crypto: +- @dir=crypto; target=all; $(BUILD_ONE_CMD) +-build_ssl: +- @dir=ssl; target=all; $(BUILD_ONE_CMD) +-build_engines: +- @dir=engines; target=all; $(BUILD_ONE_CMD) +-build_apps: +- @dir=apps; target=all; $(BUILD_ONE_CMD) +-build_tests: +- @dir=test; target=all; $(BUILD_ONE_CMD) +-build_tools: +- @dir=tools; target=all; $(BUILD_ONE_CMD) ++ +@dir=crypto; target=all; $(BUILD_ONE_CMD) ++build_ssl: build_crypto ++ +@dir=ssl; target=all; $(BUILD_ONE_CMD) ++build_engines: build_crypto ++ +@dir=engines; target=all; $(BUILD_ONE_CMD) ++build_apps: build_libs ++ +@dir=apps; target=all; $(BUILD_ONE_CMD) ++build_tests: build_libs ++ +@dir=test; target=all; $(BUILD_ONE_CMD) ++build_tools: build_libs ++ +@dir=tools; target=all; $(BUILD_ONE_CMD) + + all_testapps: build_libs build_testapps + build_testapps: +@@ -536,9 +536,9 @@ + dist_pem_h: + (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) + +-install: all install_docs install_sw ++install: install_docs install_sw + +-install_sw: ++install_dirs: + @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ + $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ + $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ +@@ -547,12 +547,19 @@ + $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ + $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ + $(INSTALL_PREFIX)$(OPENSSLDIR)/private ++ @$(PERL) $(TOP)/util/mkdir-p.pl \ ++ $(INSTALL_PREFIX)$(MANDIR)/man1 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man3 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man5 \ ++ $(INSTALL_PREFIX)$(MANDIR)/man7 ++ ++install_sw: install_dirs + @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ + do \ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @set -e; target=install; $(RECURSIVE_BUILD_CMD) ++ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) + @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ + do \ + if [ -f "$$i" ]; then \ +@@ -636,12 +643,7 @@ + done; \ + done + +-install_docs: +- @$(PERL) $(TOP)/util/mkdir-p.pl \ +- $(INSTALL_PREFIX)$(MANDIR)/man1 \ +- $(INSTALL_PREFIX)$(MANDIR)/man3 \ +- $(INSTALL_PREFIX)$(MANDIR)/man5 \ +- $(INSTALL_PREFIX)$(MANDIR)/man7 ++install_docs: install_dirs + @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ + here="`pwd`"; \ + filecase=; \ +--- openssl-1.0.2a/Makefile.shared ++++ openssl-1.0.2a/Makefile.shared +@@ -105,6 +105,7 @@ + SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ + LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ + LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ ++ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ + LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ + $${SHAREDCMD} $${SHAREDFLAGS} \ + -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ +@@ -122,6 +123,7 @@ + done; \ + fi; \ + if [ -n "$$SHLIB_SOVER" ]; then \ ++ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ + ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ + ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ + fi; \ +--- openssl-1.0.2a/test/Makefile ++++ openssl-1.0.2a/test/Makefile +@@ -133,7 +133,7 @@ + tags: + ctags $(SRC) + +-tests: exe apps $(TESTS) ++tests: exe $(TESTS) + + apps: + @(cd ..; $(MAKE) DIRS=apps all) +@@ -402,121 +402,121 @@ + link_app.$${shlib_target} + + $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) +- @target=$(RSATEST); $(BUILD_CMD) ++ +@target=$(RSATEST); $(BUILD_CMD) + + $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) +- @target=$(BNTEST); $(BUILD_CMD) ++ +@target=$(BNTEST); $(BUILD_CMD) + + $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) +- @target=$(ECTEST); $(BUILD_CMD) ++ +@target=$(ECTEST); $(BUILD_CMD) + + $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) +- @target=$(EXPTEST); $(BUILD_CMD) ++ +@target=$(EXPTEST); $(BUILD_CMD) + + $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) +- @target=$(IDEATEST); $(BUILD_CMD) ++ +@target=$(IDEATEST); $(BUILD_CMD) + + $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) +- @target=$(MD2TEST); $(BUILD_CMD) ++ +@target=$(MD2TEST); $(BUILD_CMD) + + $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) +- @target=$(SHATEST); $(BUILD_CMD) ++ +@target=$(SHATEST); $(BUILD_CMD) + + $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) +- @target=$(SHA1TEST); $(BUILD_CMD) ++ +@target=$(SHA1TEST); $(BUILD_CMD) + + $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) +- @target=$(SHA256TEST); $(BUILD_CMD) ++ +@target=$(SHA256TEST); $(BUILD_CMD) + + $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) +- @target=$(SHA512TEST); $(BUILD_CMD) ++ +@target=$(SHA512TEST); $(BUILD_CMD) + + $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) +- @target=$(RMDTEST); $(BUILD_CMD) ++ +@target=$(RMDTEST); $(BUILD_CMD) + + $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) +- @target=$(MDC2TEST); $(BUILD_CMD) ++ +@target=$(MDC2TEST); $(BUILD_CMD) + + $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) +- @target=$(MD4TEST); $(BUILD_CMD) ++ +@target=$(MD4TEST); $(BUILD_CMD) + + $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) +- @target=$(MD5TEST); $(BUILD_CMD) ++ +@target=$(MD5TEST); $(BUILD_CMD) + + $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) +- @target=$(HMACTEST); $(BUILD_CMD) ++ +@target=$(HMACTEST); $(BUILD_CMD) + + $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) +- @target=$(WPTEST); $(BUILD_CMD) ++ +@target=$(WPTEST); $(BUILD_CMD) + + $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) +- @target=$(RC2TEST); $(BUILD_CMD) ++ +@target=$(RC2TEST); $(BUILD_CMD) + + $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) +- @target=$(BFTEST); $(BUILD_CMD) ++ +@target=$(BFTEST); $(BUILD_CMD) + + $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) +- @target=$(CASTTEST); $(BUILD_CMD) ++ +@target=$(CASTTEST); $(BUILD_CMD) + + $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) +- @target=$(RC4TEST); $(BUILD_CMD) ++ +@target=$(RC4TEST); $(BUILD_CMD) + + $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) +- @target=$(RC5TEST); $(BUILD_CMD) ++ +@target=$(RC5TEST); $(BUILD_CMD) + + $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) +- @target=$(DESTEST); $(BUILD_CMD) ++ +@target=$(DESTEST); $(BUILD_CMD) + + $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) +- @target=$(RANDTEST); $(BUILD_CMD) ++ +@target=$(RANDTEST); $(BUILD_CMD) + + $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) +- @target=$(DHTEST); $(BUILD_CMD) ++ +@target=$(DHTEST); $(BUILD_CMD) + + $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) +- @target=$(DSATEST); $(BUILD_CMD) ++ +@target=$(DSATEST); $(BUILD_CMD) + + $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) +- @target=$(METHTEST); $(BUILD_CMD) ++ +@target=$(METHTEST); $(BUILD_CMD) + + $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) +- @target=$(SSLTEST); $(FIPS_BUILD_CMD) ++ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) + + $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) +- @target=$(ENGINETEST); $(BUILD_CMD) ++ +@target=$(ENGINETEST); $(BUILD_CMD) + + $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) +- @target=$(EVPTEST); $(BUILD_CMD) ++ +@target=$(EVPTEST); $(BUILD_CMD) + + $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO) +- @target=$(EVPEXTRATEST); $(BUILD_CMD) ++ +@target=$(EVPEXTRATEST); $(BUILD_CMD) + + $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) +- @target=$(ECDSATEST); $(BUILD_CMD) ++ +@target=$(ECDSATEST); $(BUILD_CMD) + + $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) +- @target=$(ECDHTEST); $(BUILD_CMD) ++ +@target=$(ECDHTEST); $(BUILD_CMD) + + $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) +- @target=$(IGETEST); $(BUILD_CMD) ++ +@target=$(IGETEST); $(BUILD_CMD) + + $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) +- @target=$(JPAKETEST); $(BUILD_CMD) ++ +@target=$(JPAKETEST); $(BUILD_CMD) + + $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) +- @target=$(ASN1TEST); $(BUILD_CMD) ++ +@target=$(ASN1TEST); $(BUILD_CMD) + + $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) +- @target=$(SRPTEST); $(BUILD_CMD) ++ +@target=$(SRPTEST); $(BUILD_CMD) + + $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO) +- @target=$(V3NAMETEST); $(BUILD_CMD) ++ +@target=$(V3NAMETEST); $(BUILD_CMD) + + $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO) +- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) ++ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) + + $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o +- @target=$(CONSTTIMETEST) $(BUILD_CMD) ++ +@target=$(CONSTTIMETEST) $(BUILD_CMD) + + #$(AESTEST).o: $(AESTEST).c + # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c +@@ -529,7 +529,7 @@ + # fi + + dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) +- @target=dummytest; $(BUILD_CMD) ++ +@target=dummytest; $(BUILD_CMD) + + # DO NOT DELETE THIS LINE -- make depend depends on it. + diff --git a/dev-libs/openssl/openssl-0.9.8z_p1-r2.ebuild b/dev-libs/openssl/openssl-0.9.8z_p1-r2.ebuild deleted file mode 100644 index fab58b70d984..000000000000 --- a/dev-libs/openssl/openssl-0.9.8z_p1-r2.ebuild +++ /dev/null @@ -1,149 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8z_p1-r2.ebuild,v 1.12 2015/01/28 19:35:28 mgorny Exp $ - -# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat - -EAPI="5" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -PLEVEL=$(echo "${PV##*_p}" | tr '[1-9]' '[a-i]') -MY_PV=${PV/_p*/${PLEVEL}} -MY_P=${PN}-${MY_PV} -S="${WORKDIR}/${MY_P}" -DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -SLOT="0.9.8" -KEYWORDS="alpha amd64 ~arm ~hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~sparc-fbsd ~x86-fbsd" -IUSE="bindist gmp kerberos cpu_flags_x86_sse2 test zlib" - -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !=dev-libs/openssl-0.9.8*:0" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" - -# Do not install any docs -DOCS=() - -src_prepare() { - epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch - epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438 - epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130 - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ - Makefile{,.org} \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - # update the enginedir path. - # punt broken config we don't care about as it fails sanity check. - sed -i \ - -e '/^"debug-ben-debug-64"/d' \ - -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ - Configure || die - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags -Wa,--noexecstack - - sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 - sed -i '/^"debug-bodo/d' Configure # 0.9.8za shipped broken - ./config --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - - tc-export CC AR RANLIB - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl zlib) \ - --prefix=/usr \ - --openssldir=/etc/ssl \ - shared threads \ - || die "Configure failed" - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - sed -i \ - -e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - # depend is needed to use $confopts - emake -j1 depend - emake -j1 build_libs -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - dolib.so lib{crypto,ssl}.so.0.9.8 -} diff --git a/dev-libs/openssl/openssl-0.9.8z_p2.ebuild b/dev-libs/openssl/openssl-0.9.8z_p2.ebuild deleted file mode 100644 index a724c9e39ba8..000000000000 --- a/dev-libs/openssl/openssl-0.9.8z_p2.ebuild +++ /dev/null @@ -1,159 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8z_p2.ebuild,v 1.9 2015/01/28 19:35:28 mgorny Exp $ - -# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat - -EAPI="5" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -PLEVEL=$(echo "${PV##*_p}" | tr '[1-9]' '[a-i]') -MY_PV=${PV/_p*/${PLEVEL}} -MY_P=${PN}-${MY_PV} -S="${WORKDIR}/${MY_P}" -DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -SLOT="0.9.8" -KEYWORDS="alpha amd64 arm ~hppa ia64 m68k ~mips ~ppc ~ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd" -IUSE="bindist gmp kerberos cpu_flags_x86_sse2 test zlib" - -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !=dev-libs/openssl-0.9.8*:0" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" - -# Do not install any docs -DOCS=() - -src_prepare() { - epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch - epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438 - epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130 - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ - Makefile{,.org} \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - # update the enginedir path. - # punt broken config we don't care about as it fails sanity check. - sed -i \ - -e '/^"debug-ben-debug-64"/d' \ - -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ - Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags -Wa,--noexecstack - - sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 - sed -i '/^"debug-bodo/d' Configure # 0.9.8za shipped broken - ./config --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - - tc-export CC AR RANLIB - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl zlib) \ - --prefix=/usr \ - --openssldir=/etc/ssl \ - shared threads \ - || die "Configure failed" - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - sed -i \ - -e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - # depend is needed to use $confopts - emake -j1 depend - emake -j1 build_libs -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - dolib.so lib{crypto,ssl}.so.0.9.8 -} diff --git a/dev-libs/openssl/openssl-0.9.8z_p3.ebuild b/dev-libs/openssl/openssl-0.9.8z_p3.ebuild deleted file mode 100644 index 9b916751d061..000000000000 --- a/dev-libs/openssl/openssl-0.9.8z_p3.ebuild +++ /dev/null @@ -1,159 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8z_p3.ebuild,v 1.6 2015/01/28 19:35:28 mgorny Exp $ - -# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat - -EAPI="5" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -PLEVEL=$(echo "${PV##*_p}" | tr '[1-9]' '[a-i]') -MY_PV=${PV/_p*/${PLEVEL}} -MY_P=${PN}-${MY_PV} -S="${WORKDIR}/${MY_P}" -DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -SLOT="0.9.8" -KEYWORDS="alpha amd64 arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd" -IUSE="bindist gmp kerberos cpu_flags_x86_sse2 test zlib" - -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !=dev-libs/openssl-0.9.8*:0" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" - -# Do not install any docs -DOCS=() - -src_prepare() { - epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch - epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438 - epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130 - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ - Makefile{,.org} \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - # update the enginedir path. - # punt broken config we don't care about as it fails sanity check. - sed -i \ - -e '/^"debug-ben-debug-64"/d' \ - -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ - Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags -Wa,--noexecstack - - sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 - sed -i '/^"debug-bodo/d' Configure # 0.9.8za shipped broken - ./config --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - - tc-export CC AR RANLIB - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl zlib) \ - --prefix=/usr \ - --openssldir=/etc/ssl \ - shared threads \ - || die "Configure failed" - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - sed -i \ - -e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - # depend is needed to use $confopts - emake -j1 depend - emake -j1 build_libs -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - dolib.so lib{crypto,ssl}.so.0.9.8 -} diff --git a/dev-libs/openssl/openssl-0.9.8z_p4.ebuild b/dev-libs/openssl/openssl-0.9.8z_p4.ebuild deleted file mode 100644 index 63c30a74215f..000000000000 --- a/dev-libs/openssl/openssl-0.9.8z_p4.ebuild +++ /dev/null @@ -1,159 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8z_p4.ebuild,v 1.6 2015/01/28 19:35:28 mgorny Exp $ - -# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat - -EAPI="5" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -PLEVEL=$(echo "${PV##*_p}" | tr '[1-9]' '[a-i]') -MY_PV=${PV/_p*/${PLEVEL}} -MY_P=${PN}-${MY_PV} -S="${WORKDIR}/${MY_P}" -DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -SLOT="0.9.8" -KEYWORDS="alpha amd64 arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd" -IUSE="bindist gmp kerberos cpu_flags_x86_sse2 test zlib" - -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !=dev-libs/openssl-0.9.8*:0" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" - -# Do not install any docs -DOCS=() - -src_prepare() { - epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch - epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438 - epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130 - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ - Makefile{,.org} \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - # update the enginedir path. - # punt broken config we don't care about as it fails sanity check. - sed -i \ - -e '/^"debug-ben-debug-64"/d' \ - -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ - Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags -Wa,--noexecstack - - sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 - sed -i '/^"debug-bodo/d' Configure # 0.9.8za shipped broken - ./config --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - - tc-export CC AR RANLIB - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl zlib) \ - --prefix=/usr \ - --openssldir=/etc/ssl \ - shared threads \ - || die "Configure failed" - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - sed -i \ - -e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - # depend is needed to use $confopts - emake -j1 depend - emake -j1 build_libs -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - dolib.so lib{crypto,ssl}.so.0.9.8 -} diff --git a/dev-libs/openssl/openssl-0.9.8z_p5.ebuild b/dev-libs/openssl/openssl-0.9.8z_p6.ebuild index 96eb90059807..a5a8c18909a6 100644 --- a/dev-libs/openssl/openssl-0.9.8z_p5.ebuild +++ b/dev-libs/openssl/openssl-0.9.8z_p6.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8z_p5.ebuild,v 1.2 2015/01/28 19:35:28 mgorny Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8z_p6.ebuild,v 1.1 2015/03/19 20:47:26 polynomial-c Exp $ # this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat diff --git a/dev-libs/openssl/openssl-1.0.0q.ebuild b/dev-libs/openssl/openssl-1.0.0r.ebuild index 6984be9cc4d9..c4898a92d579 100644 --- a/dev-libs/openssl/openssl-1.0.0q.ebuild +++ b/dev-libs/openssl/openssl-1.0.0r.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0q.ebuild,v 1.2 2015/01/28 19:35:28 mgorny Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0r.ebuild,v 1.1 2015/03/19 20:47:26 polynomial-c Exp $ EAPI="4" @@ -49,7 +49,7 @@ src_prepare() { epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch epatch "${FILESDIR}"/${PN}-1.0.0e-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.0e-x32.patch + epatch "${FILESDIR}"/${PN}-1.0.0r-x32.patch epatch_user #332661 # disable fips in the build diff --git a/dev-libs/openssl/openssl-1.0.1j.ebuild b/dev-libs/openssl/openssl-1.0.1j.ebuild deleted file mode 100644 index cd209b7741ab..000000000000 --- a/dev-libs/openssl/openssl-1.0.1j.ebuild +++ /dev/null @@ -1,258 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1j.ebuild,v 1.11 2015/01/28 19:35:28 mgorny Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -src_unpack() { - unpack ${P}.tar.gz - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 -} - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1h-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads \ - || die - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 -} diff --git a/dev-libs/openssl/openssl-1.0.1k.ebuild b/dev-libs/openssl/openssl-1.0.1k.ebuild deleted file mode 100644 index 82f31a1f7251..000000000000 --- a/dev-libs/openssl/openssl-1.0.1k.ebuild +++ /dev/null @@ -1,258 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1k.ebuild,v 1.11 2015/01/28 19:35:28 mgorny Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -src_unpack() { - unpack ${P}.tar.gz - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 -} - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1h-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads \ - || die - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 -} diff --git a/dev-libs/openssl/openssl-1.0.1l.ebuild b/dev-libs/openssl/openssl-1.0.1m.ebuild index 3187ad2862a0..c0ad3172db4b 100644 --- a/dev-libs/openssl/openssl-1.0.1l.ebuild +++ b/dev-libs/openssl/openssl-1.0.1m.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1l.ebuild,v 1.2 2015/01/28 19:35:28 mgorny Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1m.ebuild,v 1.1 2015/03/19 20:47:26 polynomial-c Exp $ EAPI="4" @@ -58,10 +58,10 @@ src_prepare() { epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1h-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 + epatch "${FILESDIR}"/${PN}-1.0.1m-parallel-build.patch + epatch "${FILESDIR}"/${PN}-1.0.1m-x32.patch + epatch "${FILESDIR}"/${PN}-1.0.1m-ipv6.patch + epatch "${FILESDIR}"/${PN}-1.0.1m-s_client-verify.patch #472584 epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 epatch_user #332661 fi diff --git a/dev-libs/openssl/openssl-1.0.2-r1.ebuild b/dev-libs/openssl/openssl-1.0.2-r1.ebuild deleted file mode 100644 index 23289f579dce..000000000000 --- a/dev-libs/openssl/openssl-1.0.2-r1.ebuild +++ /dev/null @@ -1,259 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2-r1.ebuild,v 1.2 2015/01/28 19:35:28 mgorny Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - sctp? ( net-misc/lksctp-tools ) - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.2-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2-s_client-verify.patch #472584 - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use sctp && echo "sctp") \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads \ - || die - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 -} diff --git a/dev-libs/openssl/openssl-1.0.2-r2.ebuild b/dev-libs/openssl/openssl-1.0.2a.ebuild index 9c5f02f11073..b25a51c636b9 100644 --- a/dev-libs/openssl/openssl-1.0.2-r2.ebuild +++ b/dev-libs/openssl/openssl-1.0.2a.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2-r2.ebuild,v 1.2 2015/03/04 16:41:25 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2a.ebuild,v 1.1 2015/03/19 20:47:26 polynomial-c Exp $ EAPI="4" @@ -55,12 +55,10 @@ src_prepare() { # that gets blown away anyways by the Configure script in src_configure rm -f Makefile - epatch "${FILESDIR}"/${P}-CVE-2015-0209.patch #541502 - epatch "${FILESDIR}"/${P}-CVE-2015-0288.patch #542038 if ! use vanilla ; then epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.2-parallel-build.patch + epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-build.patch epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch epatch "${FILESDIR}"/${PN}-1.0.2-s_client-verify.patch #472584 |