[gentoo-commits] repo/gentoo:master commit in: dev-libs/openssl/files/, dev-libs/openssl/ - gentoo-commits

From:	Lars Wendler <polynomial-c@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: dev-libs/openssl/files/, dev-libs/openssl/
Date:	Fri, 26 Aug 2016 15:52:27
Message-Id:	`1472226736.18fd87c2468bf11b7b21a3691cb8b3735672f452.polynomial-c@gentoo`

1

commit:     18fd87c2468bf11b7b21a3691cb8b3735672f452

2

Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>

3

AuthorDate: Fri Aug 26 15:51:57 2016 +0000

4

Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>

5

CommitDate: Fri Aug 26 15:52:16 2016 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=18fd87c2

7

8

dev-libs/openssl: Bump to version 1.1.0

9

10

Package-Manager: portage-2.3.0

11

Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>

12

13

 dev-libs/openssl/Manifest                          |   1 +

14

 dev-libs/openssl/files/openssl-1.1.0-threads.patch |  20 ++

15

 .../openssl/files/openssl-1.1.0_pre4-ldflags.patch |  11 +

16

 dev-libs/openssl/openssl-1.1.0.ebuild              | 243 +++++++++++++++++++++

17

 4 files changed, 275 insertions(+)

18

19

diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest

20

index 7ca6bf7..732c6d3 100644

21

--- a/dev-libs/openssl/Manifest

22

+++ b/dev-libs/openssl/Manifest

23

@@ -1,3 +1,4 @@

24

 DIST openssl-0.9.8zh.tar.gz 3818524 SHA256 f1d9f3ed1b85a82ecf80d0e2d389e1fda3fca9a4dba0bf07adbf231e1a5e2fd6 SHA512 b97fa2468211f86c0719c68ad1781eff84f772c479ed5193d6da14bac086b4ca706e7d851209d9df3f0962943b5e5333ab0def00110fb2e517caa73c0c6674c6 WHIRLPOOL 8ed3362e6aed89cd6ae02438bc3fb58ff3a91afb8a2d401d1d66c1ee4fd96f4befb50558131dd03a60fc15b588172fc1ede5d56bb1f68e184453bfe3b34f9abf

25

 DIST openssl-1.0.2g.tar.gz 5266102 SHA256 b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33 SHA512 4d96b6c8a232203483d6e8bee81da01ba10977bfbac92f25304a36dec9ea584b7ef917bc45e097cc7dbe681d71a4570d649c22244c178393ae91fab48323f735 WHIRLPOOL aedbd82af0a550e8329a84312fae492f3bb3cb04af763fc9ef532099b2b2e61a55e4a7cfb06085f045740e2b692bbdb3ecb8bf5ca82f46325c3caf22d2317ffb

26

 DIST openssl-1.0.2h.tar.gz 5274412 SHA256 1d4007e53aad94a5b2002fe045ee7bb0b3d98f1a47f8b2bc851dcd1c74332919 SHA512 780601f6f3f32f42b6d7bbc4c593db39a3575f9db80294a10a68b2b0bb79448d9bd529ca700b9977354cbdfc65887c76af0aa7b90d3ee421f74ab53e6f15c303 WHIRLPOOL 41b6cf0c08b547f1432dc8167a4c7835da0b6907f8932969e0a352fab8bdbb4d8f612a5bf431e415d93ff1c8238652b2ee3ce0bd935cc2f59e8ea4f40fe6b5d6

27

+DIST openssl-1.1.0.tar.gz 5146831 SHA256 f5c69ff9ac1472c80b868efc1c1c0d8dcfc746d29ebe563de2365dd56dbd8c82 SHA512 6a99d391be7708fdc4eb097d27cea4ce79dc83cc7f52d353af1e222773e586405c0848557d7404716b92b23b775abed45e73c66fe9128f4bd7c09864e79317b0 WHIRLPOOL 9d38954c65073a8d02caa6aa00b1efc197391b38b341662f0d9967ce883f52eed8c3be84ebd6ecc89c494f725218bfd2bef395891a20b40c8dcdf6b31fba2131

28

29

diff --git a/dev-libs/openssl/files/openssl-1.1.0-threads.patch b/dev-libs/openssl/files/openssl-1.1.0-threads.patch

30

new file mode 100644

31

index 00000000..d4326f6

32

--- /dev/null

33

+++ b/dev-libs/openssl/files/openssl-1.1.0-threads.patch

34

@@ -0,0 +1,20 @@

35

+--- openssl-1.1.0/Configurations/10-main.conf

36

++++ openssl-1.1.0/Configurations/10-main.conf

37

+@@ -612,7 +612,7 @@

38

+                                            debug   => "-O0 -g",

39

+                                            release => "-O3"),

40

+                                     threads("-pthread")),

41

+-        ex_libs          => add("-ldl"),

42

++        ex_libs          => add("-ldl",threads("-lpthread")),

43

+         bn_ops           => "BN_LLONG RC4_CHAR",

44

+         thread_scheme    => "pthreads",

45

+         dso_scheme       => "dlfcn",

46

+@@ -721,7 +721,7 @@

47

+         inherit_from     => [ "linux-generic32", asm("x86_elf_asm") ],

48

+         cflags           => add(picker(default => "-DL_ENDIAN",

49

+                                        release => "-fomit-frame-pointer")),

50

+-        ex_libs          => add(picker(debug => "-lefence")),

51

++        ex_libs          => add(picker(debug => "-lefence"),threads("-lpthread")),

52

+         bn_ops           => "BN_LLONG",

53

+     },

54

+     "linux-aout" => {

55

56

diff --git a/dev-libs/openssl/files/openssl-1.1.0_pre4-ldflags.patch b/dev-libs/openssl/files/openssl-1.1.0_pre4-ldflags.patch

57

new file mode 100644

58

index 00000000..f0d7e18

59

--- /dev/null

60

+++ b/dev-libs/openssl/files/openssl-1.1.0_pre4-ldflags.patch

61

@@ -0,0 +1,11 @@

62

+--- openssl-1.1.0-pre4/Makefile.shared

63

++++ openssl-1.1.0-pre4/Makefile.shared

64

+@@ -175,7 +175,7 @@

65

+ 	ALLSYMSFLAGS='-Wl,--whole-archive'; \

66

+ 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \

67

+ 	$(DO_GNU_SO_COMMON)

68

+-DO_GNU_APP=LDFLAGS="$(CFLAGS) $(LDFLAGS) -Wl,-rpath,$(LIBRPATH)"

69

++DO_GNU_APP=LDFLAGS="$(LDFLAGS) -Wl,-rpath,$(LIBRPATH)"

70

+

71

+ #This is rather special.  It's a special target with which one can link

72

+ #applications without bothering with any features that have anything to

73

74

diff --git a/dev-libs/openssl/openssl-1.1.0.ebuild b/dev-libs/openssl/openssl-1.1.0.ebuild

75

new file mode 100644

76

index 00000000..05e1641

77

--- /dev/null

78

+++ b/dev-libs/openssl/openssl-1.1.0.ebuild

79

@@ -0,0 +1,243 @@

80

+# Copyright 1999-2016 Gentoo Foundation

81

+# Distributed under the terms of the GNU General Public License v2

82

+# $Id$

83

+

84

+EAPI=5

85

+

86

+inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal

87

+

88

+MY_P=${P/_/-}

89

+DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"

90

+HOMEPAGE="http://www.openssl.org/"

91

+SRC_URI="mirror://openssl/source/${MY_P}.tar.gz"

92

+

93

+LICENSE="openssl"

94

+SLOT="0/1.1" # .so version of libssl/libcrypto

95

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"

96

+IUSE="+asm bindist rfc3779 sctp cpu_flags_x86_sse2 static-libs test tls-heartbeat vanilla zlib"

97

+RESTRICT="!bindist? ( bindist )"

98

+

99

+RDEPEND=">=app-misc/c_rehash-1.7-r1

100

+	zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )"

101

+DEPEND="${RDEPEND}

102

+	>=dev-lang/perl-5

103

+	sctp? ( >=net-misc/lksctp-tools-1.0.12 )

104

+	test? (

105

+		sys-apps/diffutils

106

+		sys-devel/bc

107

+	)"

108

+PDEPEND="app-misc/ca-certificates"

109

+

110

+S="${WORKDIR}/${MY_P}"

111

+

112

+MULTILIB_WRAPPED_HEADERS=(

113

+	usr/include/openssl/opensslconf.h

114

+)

115

+

116

+PATCHES=(

117

+	"${FILESDIR}"/${PN}-1.1.0_pre4-ldflags.patch #327421

118

+	"${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618

119

+	"${FILESDIR}"/${PN}-1.1.0-threads.patch

120

+)

121

+

122

+src_prepare() {

123

+	# keep this in sync with app-misc/c_rehash

124

+	SSL_CNF_DIR="/etc/ssl"

125

+

126

+	# Make sure we only ever touch Makefile.org and avoid patching a file

127

+	# that gets blown away anyways by the Configure script in src_configure

128

+	rm -f Makefile

129

+

130

+	if ! use vanilla ; then

131

+		epatch "${PATCHES[@]}"

132

+		epatch_user #332661

133

+	fi

134

+

135

+	# make sure the man pages are suffixed #302165

136

+	# don't bother building man pages if they're disabled

137

+	# Make DOCDIR Gentoo compliant

138

+	sed -i \

139

+		-e '/^MANSUFFIX/s:=.*:=ssl:' \

140

+		-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \

141

+		-e $(has noman FEATURES \

142

+			&& echo '/^install:/s:install_docs::' \

143

+			|| echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \

144

+		-e "/^DOCDIR/s@\$(BASENAME)@&-${PF}@" \

145

+		Configurations/unix-Makefile.tmpl \

146

+		|| die

147

+

148

+	# show the actual commands in the log

149

+	sed -i '/^SET_X/s@=.*@=set -x@' Makefile.shared

150

+

151

+	# quiet out unknown driver argument warnings since openssl

152

+	# doesn't have well-split CFLAGS and we're making it even worse

153

+	# and 'make depend' uses -Werror for added fun (#417795 again)

154

+	[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments

155

+

156

+	# allow openssl to be cross-compiled

157

+	cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die

158

+	chmod a+rx gentoo.config

159

+

160

+	append-flags -fno-strict-aliasing

161

+	append-flags $(test-flags-CC -Wa,--noexecstack)

162

+	append-cppflags -DOPENSSL_NO_BUF_FREELISTS

163

+

164

+	# Prefixify Configure shebang (#141906)

165

+	sed \

166

+		-e "1s,/usr/bin/env,${EPREFIX}&," \

167

+		-i Configure || die

168

+	# Remove test target when FEATURES=test isn't set

169

+	if ! use test ; then

170

+		sed \

171

+			-e '/^$config{dirs}/s@ "test",@@' \

172

+			-i Configure || die

173

+	fi

174

+	# The config script does stupid stuff to prompt the user.  Kill it.

175

+	sed -i '/stty -icanon min 0 time 50; read waste/d' config || die

176

+	./config --test-sanity || die "I AM NOT SANE"

177

+

178

+	multilib_copy_sources

179

+}

180

+

181

+multilib_src_configure() {

182

+	unset APPS #197996

183

+	unset SCRIPTS #312551

184

+	unset CROSS_COMPILE #311473

185

+

186

+	tc-export CC AR RANLIB RC

187

+

188

+	# Clean out patent-or-otherwise-encumbered code

189

+	# Camellia: Royalty Free            http://en.wikipedia.org/wiki/Camellia_(cipher)

190

+	# IDEA:     Expired                 http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm

191

+	# EC:       ????????? ??/??/2015    http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography

192

+	# MDC2:     Expired                 http://en.wikipedia.org/wiki/MDC-2

193

+	# RC5:      Expired                 http://en.wikipedia.org/wiki/RC5

194

+

195

+	use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }

196

+	echoit() { echo "$@" ; "$@" ; }

197

+

198

+	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")

199

+

200

+	# See if our toolchain supports __uint128_t.  If so, it's 64bit

201

+	# friendly and can use the nicely optimized code paths. #460790

202

+	local ec_nistp_64_gcc_128

203

+	# Disable it for now though #469976

204

+	#if ! use bindist ; then

205

+	#	echo "__uint128_t i;" > "${T}"/128.c

206

+	#	if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then

207

+	#		ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"

208

+	#	fi

209

+	#fi

210

+

211

+	local sslout=$(./gentoo.config)

212

+	einfo "Use configuration ${sslout:-(openssl knows best)}"

213

+	local config="Configure"

214

+	[[ -z ${sslout} ]] && config="config"

215

+

216

+	echoit \

217

+	./${config} \

218

+		${sslout} \

219

+		--api=1.1.0 \

220

+		$(use cpu_flags_x86_sse2 || echo "no-sse2") \

221

+		enable-camellia \

222

+		disable-deprecated \

223

+		$(use_ssl !bindist ec) \

224

+		${ec_nistp_64_gcc_128} \

225

+		enable-idea \

226

+		enable-mdc2 \

227

+		enable-rc5 \

228

+		$(use_ssl asm) \

229

+		$(use_ssl rfc3779) \

230

+		$(use_ssl sctp) \

231

+		$(use_ssl tls-heartbeat heartbeats) \

232

+		$(use_ssl zlib) \

233

+		--prefix="${EPREFIX}"/usr \

234

+		--openssldir="${EPREFIX}"${SSL_CNF_DIR} \

235

+		--libdir=$(get_libdir) \

236

+		shared threads \

237

+		|| die

238

+

239

+	# Clean out hardcoded flags that openssl uses

240

+	# Fix quoting for sed

241

+	local DEFAULT_CFLAGS=$(grep ^CFLAGS= Makefile | LC_ALL=C sed \

242

+		-e 's:^CFLAGS=::' \

243

+		-e 's:-fomit-frame-pointer ::g' \

244

+		-e 's:-O[0-9] ::g' \

245

+		-e 's:-march=[-a-z0-9]* ::g' \

246

+		-e 's:-mcpu=[-a-z0-9]* ::g' \

247

+		-e 's:-m[a-z0-9]* ::g' \

248

+		-e 's:\\:\\\\:g' \

249

+	)

250

+	sed -i \

251

+		-e "/^CFLAGS=/s|=.*|=${DEFAULT_CFLAGS} ${CFLAGS}|" \

252

+		-e "/^LDFLAGS=/s|=[[:space:]]*$|=${LDFLAGS}|" \

253

+		Makefile || die

254

+}

255

+

256

+multilib_src_compile() {

257

+	# depend is needed to use $confopts; it also doesn't matter

258

+	# that it's -j1 as the code itself serializes subdirs

259

+	emake -j1 depend

260

+	emake all

261

+}

262

+

263

+multilib_src_test() {

264

+	emake -j1 test

265

+}

266

+

267

+multilib_src_install() {

268

+	emake DESTDIR="${D}" install

269

+}

270

+

271

+multilib_src_install_all() {

272

+	# openssl installs perl version of c_rehash by default, but

273

+	# we provide a shell version via app-misc/c_rehash

274

+	rm "${ED}"/usr/bin/c_rehash || die

275

+

276

+	dodoc CHANGES* FAQ NEWS README doc/*.txt doc/${PN}-c-indent.el

277

+	dohtml -r doc/*

278

+

279

+	# This is crappy in that the static archives are still built even

280

+	# when USE=static-libs.  But this is due to a failing in the openssl

281

+	# build system: the static archives are built as PIC all the time.

282

+	# Only way around this would be to manually configure+compile openssl

283

+	# twice; once with shared lib support enabled and once without.

284

+	use static-libs || rm -f "${ED}"/usr/lib*/lib*.a

285

+

286

+	# create the certs directory

287

+	keepdir ${SSL_CNF_DIR}/certs

288

+

289

+	# Namespace openssl programs to prevent conflicts with other man pages

290

+	cd "${ED}"/usr/share/man

291

+	local m d s

292

+	for m in $(find . -type f | xargs grep -L '#include') ; do

293

+		d=${m%/*} ; d=${d#./} ; m=${m##*/}

294

+		[[ ${m} == openssl.1* ]] && continue

295

+		[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"

296

+		mv ${d}/{,ssl-}${m}

297

+		# fix up references to renamed man pages

298

+		sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}

299

+		ln -s ssl-${m} ${d}/openssl-${m}

300

+		# locate any symlinks that point to this man page ... we assume

301

+		# that any broken links are due to the above renaming

302

+		for s in $(find -L ${d} -type l) ; do

303

+			s=${s##*/}

304

+			rm -f ${d}/${s}

305

+			ln -s ssl-${m} ${d}/ssl-${s}

306

+			ln -s ssl-${s} ${d}/openssl-${s}

307

+		done

308

+	done

309

+	[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("

310

+

311

+	dodir /etc/sandbox.d #254521

312

+	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl

313

+

314

+	diropts -m0700

315

+	keepdir ${SSL_CNF_DIR}/private

316

+}

317

+

318

+pkg_postinst() {

319

+	ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"

320

+	c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null

321

+	eend $?

322

+}

1	commit: 18fd87c2468bf11b7b21a3691cb8b3735672f452
2	Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
3	AuthorDate: Fri Aug 26 15:51:57 2016 +0000
4	Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
5	CommitDate: Fri Aug 26 15:52:16 2016 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=18fd87c2
7
8	dev-libs/openssl: Bump to version 1.1.0
9
10	Package-Manager: portage-2.3.0
11	Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>
12
13	dev-libs/openssl/Manifest \| 1 +
14	dev-libs/openssl/files/openssl-1.1.0-threads.patch \| 20 ++
15	.../openssl/files/openssl-1.1.0_pre4-ldflags.patch \| 11 +
16	dev-libs/openssl/openssl-1.1.0.ebuild \| 243 +++++++++++++++++++++
17	4 files changed, 275 insertions(+)
18
19	diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest
20	index 7ca6bf7..732c6d3 100644
21	--- a/dev-libs/openssl/Manifest
22	+++ b/dev-libs/openssl/Manifest
23	@@ -1,3 +1,4 @@
24	DIST openssl-0.9.8zh.tar.gz 3818524 SHA256 f1d9f3ed1b85a82ecf80d0e2d389e1fda3fca9a4dba0bf07adbf231e1a5e2fd6 SHA512 b97fa2468211f86c0719c68ad1781eff84f772c479ed5193d6da14bac086b4ca706e7d851209d9df3f0962943b5e5333ab0def00110fb2e517caa73c0c6674c6 WHIRLPOOL 8ed3362e6aed89cd6ae02438bc3fb58ff3a91afb8a2d401d1d66c1ee4fd96f4befb50558131dd03a60fc15b588172fc1ede5d56bb1f68e184453bfe3b34f9abf
25	DIST openssl-1.0.2g.tar.gz 5266102 SHA256 b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33 SHA512 4d96b6c8a232203483d6e8bee81da01ba10977bfbac92f25304a36dec9ea584b7ef917bc45e097cc7dbe681d71a4570d649c22244c178393ae91fab48323f735 WHIRLPOOL aedbd82af0a550e8329a84312fae492f3bb3cb04af763fc9ef532099b2b2e61a55e4a7cfb06085f045740e2b692bbdb3ecb8bf5ca82f46325c3caf22d2317ffb
26	DIST openssl-1.0.2h.tar.gz 5274412 SHA256 1d4007e53aad94a5b2002fe045ee7bb0b3d98f1a47f8b2bc851dcd1c74332919 SHA512 780601f6f3f32f42b6d7bbc4c593db39a3575f9db80294a10a68b2b0bb79448d9bd529ca700b9977354cbdfc65887c76af0aa7b90d3ee421f74ab53e6f15c303 WHIRLPOOL 41b6cf0c08b547f1432dc8167a4c7835da0b6907f8932969e0a352fab8bdbb4d8f612a5bf431e415d93ff1c8238652b2ee3ce0bd935cc2f59e8ea4f40fe6b5d6
27	+DIST openssl-1.1.0.tar.gz 5146831 SHA256 f5c69ff9ac1472c80b868efc1c1c0d8dcfc746d29ebe563de2365dd56dbd8c82 SHA512 6a99d391be7708fdc4eb097d27cea4ce79dc83cc7f52d353af1e222773e586405c0848557d7404716b92b23b775abed45e73c66fe9128f4bd7c09864e79317b0 WHIRLPOOL 9d38954c65073a8d02caa6aa00b1efc197391b38b341662f0d9967ce883f52eed8c3be84ebd6ecc89c494f725218bfd2bef395891a20b40c8dcdf6b31fba2131
28
29	diff --git a/dev-libs/openssl/files/openssl-1.1.0-threads.patch b/dev-libs/openssl/files/openssl-1.1.0-threads.patch
30	new file mode 100644
31	index 00000000..d4326f6
32	--- /dev/null
33	+++ b/dev-libs/openssl/files/openssl-1.1.0-threads.patch
34	@@ -0,0 +1,20 @@
35	+--- openssl-1.1.0/Configurations/10-main.conf
36	++++ openssl-1.1.0/Configurations/10-main.conf
37	+@@ -612,7 +612,7 @@
38	+ debug => "-O0 -g",
39	+ release => "-O3"),
40	+ threads("-pthread")),
41	+- ex_libs => add("-ldl"),
42	++ ex_libs => add("-ldl",threads("-lpthread")),
43	+ bn_ops => "BN_LLONG RC4_CHAR",
44	+ thread_scheme => "pthreads",
45	+ dso_scheme => "dlfcn",
46	+@@ -721,7 +721,7 @@
47	+ inherit_from => [ "linux-generic32", asm("x86_elf_asm") ],
48	+ cflags => add(picker(default => "-DL_ENDIAN",
49	+ release => "-fomit-frame-pointer")),
50	+- ex_libs => add(picker(debug => "-lefence")),
51	++ ex_libs => add(picker(debug => "-lefence"),threads("-lpthread")),
52	+ bn_ops => "BN_LLONG",
53	+ },
54	+ "linux-aout" => {
55
56	diff --git a/dev-libs/openssl/files/openssl-1.1.0_pre4-ldflags.patch b/dev-libs/openssl/files/openssl-1.1.0_pre4-ldflags.patch
57	new file mode 100644
58	index 00000000..f0d7e18
59	--- /dev/null
60	+++ b/dev-libs/openssl/files/openssl-1.1.0_pre4-ldflags.patch
61	@@ -0,0 +1,11 @@
62	+--- openssl-1.1.0-pre4/Makefile.shared
63	++++ openssl-1.1.0-pre4/Makefile.shared
64	+@@ -175,7 +175,7 @@
65	+ ALLSYMSFLAGS='-Wl,--whole-archive'; \
66	+ NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
67	+ $(DO_GNU_SO_COMMON)
68	+-DO_GNU_APP=LDFLAGS="$(CFLAGS) $(LDFLAGS) -Wl,-rpath,$(LIBRPATH)"
69	++DO_GNU_APP=LDFLAGS="$(LDFLAGS) -Wl,-rpath,$(LIBRPATH)"
70	+
71	+ #This is rather special. It's a special target with which one can link
72	+ #applications without bothering with any features that have anything to
73
74	diff --git a/dev-libs/openssl/openssl-1.1.0.ebuild b/dev-libs/openssl/openssl-1.1.0.ebuild
75	new file mode 100644
76	index 00000000..05e1641
77	--- /dev/null
78	+++ b/dev-libs/openssl/openssl-1.1.0.ebuild
79	@@ -0,0 +1,243 @@
80	+# Copyright 1999-2016 Gentoo Foundation
81	+# Distributed under the terms of the GNU General Public License v2
82	+# $Id$
83	+
84	+EAPI=5
85	+
86	+inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal
87	+
88	+MY_P=${P/_/-}
89	+DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
90	+HOMEPAGE="http://www.openssl.org/"
91	+SRC_URI="mirror://openssl/source/${MY_P}.tar.gz"
92	+
93	+LICENSE="openssl"
94	+SLOT="0/1.1" # .so version of libssl/libcrypto
95	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
96	+IUSE="+asm bindist rfc3779 sctp cpu_flags_x86_sse2 static-libs test tls-heartbeat vanilla zlib"
97	+RESTRICT="!bindist? ( bindist )"
98	+
99	+RDEPEND=">=app-misc/c_rehash-1.7-r1
100	+ zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )"
101	+DEPEND="${RDEPEND}
102	+ >=dev-lang/perl-5
103	+ sctp? ( >=net-misc/lksctp-tools-1.0.12 )
104	+ test? (
105	+ sys-apps/diffutils
106	+ sys-devel/bc
107	+ )"
108	+PDEPEND="app-misc/ca-certificates"
109	+
110	+S="${WORKDIR}/${MY_P}"
111	+
112	+MULTILIB_WRAPPED_HEADERS=(
113	+ usr/include/openssl/opensslconf.h
114	+)
115	+
116	+PATCHES=(
117	+ "${FILESDIR}"/${PN}-1.1.0_pre4-ldflags.patch #327421
118	+ "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618
119	+ "${FILESDIR}"/${PN}-1.1.0-threads.patch
120	+)
121	+
122	+src_prepare() {
123	+ # keep this in sync with app-misc/c_rehash
124	+ SSL_CNF_DIR="/etc/ssl"
125	+
126	+ # Make sure we only ever touch Makefile.org and avoid patching a file
127	+ # that gets blown away anyways by the Configure script in src_configure
128	+ rm -f Makefile
129	+
130	+ if ! use vanilla ; then
131	+ epatch "${PATCHES[@]}"
132	+ epatch_user #332661
133	+ fi
134	+
135	+ # make sure the man pages are suffixed #302165
136	+ # don't bother building man pages if they're disabled
137	+ # Make DOCDIR Gentoo compliant
138	+ sed -i \
139	+ -e '/^MANSUFFIX/s:=.*:=ssl:' \
140	+ -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
141	+ -e $(has noman FEATURES \
142	+ && echo '/^install:/s:install_docs::' \
143	+ \|\| echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
144	+ -e "/^DOCDIR/s@\$(BASENAME)@&-${PF}@" \
145	+ Configurations/unix-Makefile.tmpl \
146	+ \|\| die
147	+
148	+ # show the actual commands in the log
149	+ sed -i '/^SET_X/s@=.*@=set -x@' Makefile.shared
150	+
151	+ # quiet out unknown driver argument warnings since openssl
152	+ # doesn't have well-split CFLAGS and we're making it even worse
153	+ # and 'make depend' uses -Werror for added fun (#417795 again)
154	+ [[ ${CC} == clang ]] && append-flags -Qunused-arguments
155	+
156	+ # allow openssl to be cross-compiled
157	+ cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config \|\| die
158	+ chmod a+rx gentoo.config
159	+
160	+ append-flags -fno-strict-aliasing
161	+ append-flags $(test-flags-CC -Wa,--noexecstack)
162	+ append-cppflags -DOPENSSL_NO_BUF_FREELISTS
163	+
164	+ # Prefixify Configure shebang (#141906)
165	+ sed \
166	+ -e "1s,/usr/bin/env,${EPREFIX}&," \
167	+ -i Configure \|\| die
168	+ # Remove test target when FEATURES=test isn't set
169	+ if ! use test ; then
170	+ sed \
171	+ -e '/^$config{dirs}/s@ "test",@@' \
172	+ -i Configure \|\| die
173	+ fi
174	+ # The config script does stupid stuff to prompt the user. Kill it.
175	+ sed -i '/stty -icanon min 0 time 50; read waste/d' config \|\| die
176	+ ./config --test-sanity \|\| die "I AM NOT SANE"
177	+
178	+ multilib_copy_sources
179	+}
180	+
181	+multilib_src_configure() {
182	+ unset APPS #197996
183	+ unset SCRIPTS #312551
184	+ unset CROSS_COMPILE #311473
185	+
186	+ tc-export CC AR RANLIB RC
187	+
188	+ # Clean out patent-or-otherwise-encumbered code
189	+ # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
190	+ # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
191	+ # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
192	+ # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
193	+ # RC5: Expired http://en.wikipedia.org/wiki/RC5
194	+
195	+ use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
196	+ echoit() { echo "$@" ; "$@" ; }
197	+
198	+ local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" \|\| echo "Heimdal")
199	+
200	+ # See if our toolchain supports __uint128_t. If so, it's 64bit
201	+ # friendly and can use the nicely optimized code paths. #460790
202	+ local ec_nistp_64_gcc_128
203	+ # Disable it for now though #469976
204	+ #if ! use bindist ; then
205	+ # echo "__uint128_t i;" > "${T}"/128.c
206	+ # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
207	+ # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
208	+ # fi
209	+ #fi
210	+
211	+ local sslout=$(./gentoo.config)
212	+ einfo "Use configuration ${sslout:-(openssl knows best)}"
213	+ local config="Configure"
214	+ [[ -z ${sslout} ]] && config="config"
215	+
216	+ echoit \
217	+ ./${config} \
218	+ ${sslout} \
219	+ --api=1.1.0 \
220	+ $(use cpu_flags_x86_sse2 \|\| echo "no-sse2") \
221	+ enable-camellia \
222	+ disable-deprecated \
223	+ $(use_ssl !bindist ec) \
224	+ ${ec_nistp_64_gcc_128} \
225	+ enable-idea \
226	+ enable-mdc2 \
227	+ enable-rc5 \
228	+ $(use_ssl asm) \
229	+ $(use_ssl rfc3779) \
230	+ $(use_ssl sctp) \
231	+ $(use_ssl tls-heartbeat heartbeats) \
232	+ $(use_ssl zlib) \
233	+ --prefix="${EPREFIX}"/usr \
234	+ --openssldir="${EPREFIX}"${SSL_CNF_DIR} \
235	+ --libdir=$(get_libdir) \
236	+ shared threads \
237	+ \|\| die
238	+
239	+ # Clean out hardcoded flags that openssl uses
240	+ # Fix quoting for sed
241	+ local DEFAULT_CFLAGS=$(grep ^CFLAGS= Makefile \| LC_ALL=C sed \
242	+ -e 's:^CFLAGS=::' \
243	+ -e 's:-fomit-frame-pointer ::g' \
244	+ -e 's:-O[0-9] ::g' \
245	+ -e 's:-march=[-a-z0-9]* ::g' \
246	+ -e 's:-mcpu=[-a-z0-9]* ::g' \
247	+ -e 's:-m[a-z0-9]* ::g' \
248	+ -e 's:\\:\\\\:g' \
249	+ )
250	+ sed -i \
251	+ -e "/^CFLAGS=/s\|=.*\|=${DEFAULT_CFLAGS} ${CFLAGS}\|" \
252	+ -e "/^LDFLAGS=/s\|=[[:space:]]*$\|=${LDFLAGS}\|" \
253	+ Makefile \|\| die
254	+}
255	+
256	+multilib_src_compile() {
257	+ # depend is needed to use $confopts; it also doesn't matter
258	+ # that it's -j1 as the code itself serializes subdirs
259	+ emake -j1 depend
260	+ emake all
261	+}
262	+
263	+multilib_src_test() {
264	+ emake -j1 test
265	+}
266	+
267	+multilib_src_install() {
268	+ emake DESTDIR="${D}" install
269	+}
270	+
271	+multilib_src_install_all() {
272	+ # openssl installs perl version of c_rehash by default, but
273	+ # we provide a shell version via app-misc/c_rehash
274	+ rm "${ED}"/usr/bin/c_rehash \|\| die
275	+
276	+ dodoc CHANGES* FAQ NEWS README doc/*.txt doc/${PN}-c-indent.el
277	+ dohtml -r doc/*
278	+
279	+ # This is crappy in that the static archives are still built even
280	+ # when USE=static-libs. But this is due to a failing in the openssl
281	+ # build system: the static archives are built as PIC all the time.
282	+ # Only way around this would be to manually configure+compile openssl
283	+ # twice; once with shared lib support enabled and once without.
284	+ use static-libs \|\| rm -f "${ED}"/usr/lib/lib.a
285	+
286	+ # create the certs directory
287	+ keepdir ${SSL_CNF_DIR}/certs
288	+
289	+ # Namespace openssl programs to prevent conflicts with other man pages
290	+ cd "${ED}"/usr/share/man
291	+ local m d s
292	+ for m in $(find . -type f \| xargs grep -L '#include') ; do
293	+ d=${m%/} ; d=${d#./} ; m=${m##/}
294	+ [[ ${m} == openssl.1* ]] && continue
295	+ [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
296	+ mv ${d}/{,ssl-}${m}
297	+ # fix up references to renamed man pages
298	+ sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
299	+ ln -s ssl-${m} ${d}/openssl-${m}
300	+ # locate any symlinks that point to this man page ... we assume
301	+ # that any broken links are due to the above renaming
302	+ for s in $(find -L ${d} -type l) ; do
303	+ s=${s##*/}
304	+ rm -f ${d}/${s}
305	+ ln -s ssl-${m} ${d}/ssl-${s}
306	+ ln -s ssl-${s} ${d}/openssl-${s}
307	+ done
308	+ done
309	+ [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
310	+
311	+ dodir /etc/sandbox.d #254521
312	+ echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
313	+
314	+ diropts -m0700
315	+ keepdir ${SSL_CNF_DIR}/private
316	+}
317	+
318	+pkg_postinst() {
319	+ ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
320	+ c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
321	+ eend $?
322	+}

Gentoo Archives: gentoo-commits