1 |
polynomial-c 14/09/26 06:05:53 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: openssl-1.0.2_beta3.ebuild openssl-1.0.0n.ebuild |
5 |
Removed: openssl-1.0.1h-r1.ebuild openssl-0.9.8y.ebuild |
6 |
openssl-0.9.8y-r1.ebuild openssl-1.0.1h-r2.ebuild |
7 |
openssl-1.0.1g.ebuild openssl-1.0.1h-r3.ebuild |
8 |
openssl-0.9.8z_p1-r1.ebuild |
9 |
openssl-1.0.1g-r1.ebuild |
10 |
Log: |
11 |
Version bump. Removed old |
12 |
|
13 |
(Portage version: 2.2.13/cvs/Linux x86_64, signed Manifest commit with key 0x981CA6FC) |
14 |
|
15 |
Revision Changes Path |
16 |
1.598 dev-libs/openssl/ChangeLog |
17 |
|
18 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/ChangeLog?rev=1.598&view=markup |
19 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/ChangeLog?rev=1.598&content-type=text/plain |
20 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/ChangeLog?r1=1.597&r2=1.598 |
21 |
|
22 |
Index: ChangeLog |
23 |
=================================================================== |
24 |
RCS file: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v |
25 |
retrieving revision 1.597 |
26 |
retrieving revision 1.598 |
27 |
diff -u -r1.597 -r1.598 |
28 |
--- ChangeLog 19 Sep 2014 10:34:21 -0000 1.597 |
29 |
+++ ChangeLog 26 Sep 2014 06:05:53 -0000 1.598 |
30 |
@@ -1,6 +1,18 @@ |
31 |
# ChangeLog for dev-libs/openssl |
32 |
# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 |
33 |
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.597 2014/09/19 10:34:21 ago Exp $ |
34 |
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.598 2014/09/26 06:05:53 polynomial-c Exp $ |
35 |
+ |
36 |
+*openssl-1.0.2_beta3 (26 Sep 2014) |
37 |
+*openssl-1.0.0n (26 Sep 2014) |
38 |
+ |
39 |
+ 26 Sep 2014; Lars Wendler <polynomial-c@g.o> -openssl-0.9.8y.ebuild, |
40 |
+ -openssl-0.9.8y-r1.ebuild, -openssl-0.9.8z_p1-r1.ebuild, |
41 |
+ +openssl-1.0.0n.ebuild, -openssl-1.0.1g.ebuild, -openssl-1.0.1g-r1.ebuild, |
42 |
+ -openssl-1.0.1h-r1.ebuild, -openssl-1.0.1h-r2.ebuild, |
43 |
+ -openssl-1.0.1h-r3.ebuild, +openssl-1.0.2_beta3.ebuild, |
44 |
+ -files/openssl-1.0.0d-fbsd-amd64.patch, -files/openssl-1.0.1e-ipv6.patch, |
45 |
+ -files/openssl-1.0.1f-perl-5.18.patch: |
46 |
+ Version bump. Removed old. |
47 |
|
48 |
19 Sep 2014; Agostino Sarubbo <ago@g.o> openssl-0.9.8z_p2.ebuild, |
49 |
openssl-1.0.1i.ebuild: |
50 |
|
51 |
|
52 |
|
53 |
1.1 dev-libs/openssl/openssl-1.0.2_beta3.ebuild |
54 |
|
55 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/openssl-1.0.2_beta3.ebuild?rev=1.1&view=markup |
56 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/openssl-1.0.2_beta3.ebuild?rev=1.1&content-type=text/plain |
57 |
|
58 |
Index: openssl-1.0.2_beta3.ebuild |
59 |
=================================================================== |
60 |
# Copyright 1999-2014 Gentoo Foundation |
61 |
# Distributed under the terms of the GNU General Public License v2 |
62 |
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2_beta3.ebuild,v 1.1 2014/09/26 06:05:53 polynomial-c Exp $ |
63 |
|
64 |
EAPI="4" |
65 |
|
66 |
inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal |
67 |
|
68 |
REV="1.7" |
69 |
MY_P=${P/_/-} |
70 |
DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" |
71 |
HOMEPAGE="http://www.openssl.org/" |
72 |
SRC_URI="mirror://openssl/source/${MY_P}.tar.gz |
73 |
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" |
74 |
|
75 |
LICENSE="openssl" |
76 |
SLOT="0" |
77 |
#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" |
78 |
IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib" |
79 |
|
80 |
# The blocks are temporary just to make sure people upgrade to a |
81 |
# version that lack runtime version checking. We'll drop them in |
82 |
# the future. |
83 |
RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) |
84 |
zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) |
85 |
kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) |
86 |
abi_x86_32? ( |
87 |
!<=app-emulation/emul-linux-x86-baselibs-20140508 |
88 |
!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] |
89 |
) |
90 |
!<net-misc/openssh-5.9_p1-r4 |
91 |
!<net-libs/neon-0.29.6-r1" |
92 |
DEPEND="${RDEPEND} |
93 |
sys-apps/diffutils |
94 |
>=dev-lang/perl-5 |
95 |
test? ( sys-devel/bc )" |
96 |
PDEPEND="app-misc/ca-certificates" |
97 |
|
98 |
S="${WORKDIR}/${MY_P}" |
99 |
|
100 |
MULTILIB_WRAPPED_HEADERS=( |
101 |
usr/include/openssl/opensslconf.h |
102 |
) |
103 |
|
104 |
src_prepare() { |
105 |
SSL_CNF_DIR="/etc/ssl" |
106 |
sed \ |
107 |
-e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ |
108 |
-e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ |
109 |
"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ |
110 |
> "${WORKDIR}"/c_rehash || die #416717 |
111 |
|
112 |
# Make sure we only ever touch Makefile.org and avoid patching a file |
113 |
# that gets blown away anyways by the Configure script in src_configure |
114 |
rm -f Makefile |
115 |
|
116 |
if ! use vanilla ; then |
117 |
epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 |
118 |
epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 |
119 |
epatch "${FILESDIR}"/${PN}-1.0.2-parallel-build.patch |
120 |
epatch "${FILESDIR}"/${PN}-1.0.2_beta2-ipv6.patch |
121 |
epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 |
122 |
|
123 |
epatch_user #332661 |
124 |
fi |
125 |
|
126 |
# disable fips in the build |
127 |
# make sure the man pages are suffixed #302165 |
128 |
# don't bother building man pages if they're disabled |
129 |
sed -i \ |
130 |
-e '/DIRS/s: fips : :g' \ |
131 |
-e '/^MANSUFFIX/s:=.*:=ssl:' \ |
132 |
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ |
133 |
-e $(has noman FEATURES \ |
134 |
&& echo '/^install:/s:install_docs::' \ |
135 |
|| echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ |
136 |
Makefile.org \ |
137 |
|| die |
138 |
# show the actual commands in the log |
139 |
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared |
140 |
|
141 |
# since we're forcing $(CC) as makedep anyway, just fix |
142 |
# the conditional as always-on |
143 |
# helps clang (#417795), and versioned gcc (#499818) |
144 |
sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die |
145 |
|
146 |
# quiet out unknown driver argument warnings since openssl |
147 |
# doesn't have well-split CFLAGS and we're making it even worse |
148 |
# and 'make depend' uses -Werror for added fun (#417795 again) |
149 |
[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments |
150 |
|
151 |
# allow openssl to be cross-compiled |
152 |
cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die |
153 |
chmod a+rx gentoo.config |
154 |
|
155 |
append-flags -fno-strict-aliasing |
156 |
append-flags $(test-flags-CC -Wa,--noexecstack) |
157 |
append-cppflags -DOPENSSL_NO_BUF_FREELISTS |
158 |
|
159 |
sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 |
160 |
# The config script does stupid stuff to prompt the user. Kill it. |
161 |
sed -i '/stty -icanon min 0 time 50; read waste/d' config || die |
162 |
./config --test-sanity || die "I AM NOT SANE" |
163 |
|
164 |
multilib_copy_sources |
165 |
} |
166 |
|
167 |
multilib_src_configure() { |
168 |
unset APPS #197996 |
169 |
unset SCRIPTS #312551 |
170 |
unset CROSS_COMPILE #311473 |
171 |
|
172 |
tc-export CC AR RANLIB RC |
173 |
|
174 |
# Clean out patent-or-otherwise-encumbered code |
175 |
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) |
176 |
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm |
177 |
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography |
178 |
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 |
179 |
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 |
180 |
|
181 |
use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } |
182 |
echoit() { echo "$@" ; "$@" ; } |
183 |
|
184 |
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") |
185 |
|
186 |
# See if our toolchain supports __uint128_t. If so, it's 64bit |
187 |
# friendly and can use the nicely optimized code paths. #460790 |
188 |
local ec_nistp_64_gcc_128 |
189 |
# Disable it for now though #469976 |
190 |
#if ! use bindist ; then |
191 |
# echo "__uint128_t i;" > "${T}"/128.c |
192 |
# if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then |
193 |
# ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" |
194 |
# fi |
195 |
#fi |
196 |
|
197 |
local sslout=$(./gentoo.config) |
198 |
einfo "Use configuration ${sslout:-(openssl knows best)}" |
199 |
local config="Configure" |
200 |
[[ -z ${sslout} ]] && config="config" |
201 |
|
202 |
echoit \ |
203 |
./${config} \ |
204 |
${sslout} \ |
205 |
$(use sse2 || echo "no-sse2") \ |
206 |
enable-camellia \ |
207 |
$(use_ssl !bindist ec) \ |
208 |
${ec_nistp_64_gcc_128} \ |
209 |
enable-idea \ |
210 |
enable-mdc2 \ |
211 |
$(use_ssl !bindist rc5) \ |
212 |
enable-tlsext \ |
213 |
$(use_ssl gmp gmp -lgmp) \ |
214 |
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ |
215 |
$(use_ssl rfc3779) \ |
216 |
$(use_ssl tls-heartbeat heartbeats) \ |
217 |
$(use_ssl zlib) \ |
218 |
--prefix="${EPREFIX}"/usr \ |
219 |
--openssldir="${EPREFIX}"${SSL_CNF_DIR} \ |
220 |
--libdir=$(get_libdir) \ |
221 |
shared threads \ |
222 |
|| die |
223 |
|
224 |
# Clean out hardcoded flags that openssl uses |
225 |
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ |
226 |
-e 's:^CFLAG=::' \ |
227 |
-e 's:-fomit-frame-pointer ::g' \ |
228 |
-e 's:-O[0-9] ::g' \ |
229 |
-e 's:-march=[-a-z0-9]* ::g' \ |
230 |
-e 's:-mcpu=[-a-z0-9]* ::g' \ |
231 |
-e 's:-m[a-z0-9]* ::g' \ |
232 |
) |
233 |
sed -i \ |
234 |
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ |
235 |
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ |
236 |
Makefile || die |
237 |
} |
238 |
|
239 |
multilib_src_compile() { |
240 |
# depend is needed to use $confopts; it also doesn't matter |
241 |
# that it's -j1 as the code itself serializes subdirs |
242 |
emake -j1 depend |
243 |
emake all |
244 |
# rehash is needed to prep the certs/ dir; do this |
245 |
# separately to avoid parallel build issues. |
246 |
emake rehash |
247 |
} |
248 |
|
249 |
multilib_src_test() { |
250 |
emake -j1 test |
251 |
} |
252 |
|
253 |
multilib_src_install() { |
254 |
emake INSTALL_PREFIX="${D}" install |
255 |
} |
256 |
|
257 |
multilib_src_install_all() { |
258 |
dobin "${WORKDIR}"/c_rehash #333117 |
259 |
dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el |
260 |
dohtml -r doc/* |
261 |
use rfc3779 && dodoc engines/ccgost/README.gost |
262 |
|
263 |
# This is crappy in that the static archives are still built even |
264 |
# when USE=static-libs. But this is due to a failing in the openssl |
265 |
# build system: the static archives are built as PIC all the time. |
266 |
# Only way around this would be to manually configure+compile openssl |
267 |
# twice; once with shared lib support enabled and once without. |
268 |
use static-libs || rm -f "${ED}"/usr/lib*/lib*.a |
269 |
|
270 |
# create the certs directory |
271 |
dodir ${SSL_CNF_DIR}/certs |
272 |
cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die |
273 |
rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} |
274 |
|
275 |
# Namespace openssl programs to prevent conflicts with other man pages |
276 |
cd "${ED}"/usr/share/man |
277 |
local m d s |
278 |
for m in $(find . -type f | xargs grep -L '#include') ; do |
279 |
d=${m%/*} ; d=${d#./} ; m=${m##*/} |
280 |
[[ ${m} == openssl.1* ]] && continue |
281 |
[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" |
282 |
mv ${d}/{,ssl-}${m} |
283 |
# fix up references to renamed man pages |
284 |
sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} |
285 |
ln -s ssl-${m} ${d}/openssl-${m} |
286 |
# locate any symlinks that point to this man page ... we assume |
287 |
# that any broken links are due to the above renaming |
288 |
for s in $(find -L ${d} -type l) ; do |
289 |
s=${s##*/} |
290 |
rm -f ${d}/${s} |
291 |
ln -s ssl-${m} ${d}/ssl-${s} |
292 |
ln -s ssl-${s} ${d}/openssl-${s} |
293 |
done |
294 |
done |
295 |
[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" |
296 |
|
297 |
dodir /etc/sandbox.d #254521 |
298 |
echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl |
299 |
|
300 |
diropts -m0700 |
301 |
keepdir ${SSL_CNF_DIR}/private |
302 |
} |
303 |
|
304 |
pkg_preinst() { |
305 |
has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
306 |
preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
307 |
} |
308 |
|
309 |
pkg_postinst() { |
310 |
ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" |
311 |
c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null |
312 |
eend $? |
313 |
|
314 |
has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
315 |
preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
316 |
} |
317 |
|
318 |
|
319 |
|
320 |
1.1 dev-libs/openssl/openssl-1.0.0n.ebuild |
321 |
|
322 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/openssl-1.0.0n.ebuild?rev=1.1&view=markup |
323 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/openssl-1.0.0n.ebuild?rev=1.1&content-type=text/plain |
324 |
|
325 |
Index: openssl-1.0.0n.ebuild |
326 |
=================================================================== |
327 |
# Copyright 1999-2014 Gentoo Foundation |
328 |
# Distributed under the terms of the GNU General Public License v2 |
329 |
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0n.ebuild,v 1.1 2014/09/26 06:05:53 polynomial-c Exp $ |
330 |
|
331 |
EAPI="4" |
332 |
|
333 |
inherit eutils flag-o-matic toolchain-funcs multilib |
334 |
|
335 |
REV="1.7" |
336 |
DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)" |
337 |
HOMEPAGE="http://www.openssl.org/" |
338 |
SRC_URI="mirror://openssl/source/${P}.tar.gz |
339 |
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" |
340 |
|
341 |
LICENSE="openssl" |
342 |
SLOT="0" |
343 |
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd" |
344 |
IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test zlib" |
345 |
|
346 |
# Have the sub-libs in RDEPEND with [static-libs] since, logically, |
347 |
# our libssl.a depends on libz.a/etc... at runtime. |
348 |
LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] ) |
349 |
zlib? ( sys-libs/zlib[static-libs(+)] ) |
350 |
kerberos? ( app-crypt/mit-krb5 )" |
351 |
RDEPEND="static-libs? ( ${LIB_DEPEND} ) |
352 |
!static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )" |
353 |
DEPEND="${RDEPEND} |
354 |
sys-apps/diffutils |
355 |
>=dev-lang/perl-5 |
356 |
test? ( sys-devel/bc )" |
357 |
PDEPEND="app-misc/ca-certificates" |
358 |
|
359 |
src_unpack() { |
360 |
unpack ${P}.tar.gz |
361 |
SSL_CNF_DIR="/etc/ssl" |
362 |
sed \ |
363 |
-e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \ |
364 |
"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ |
365 |
> "${WORKDIR}"/c_rehash || die #416717 |
366 |
} |
367 |
|
368 |
src_prepare() { |
369 |
# Make sure we only ever touch Makefile.org and avoid patching a file |
370 |
# that gets blown away anyways by the Configure script in src_configure |
371 |
rm -f Makefile |
372 |
|
373 |
epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 |
374 |
#epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089 |
375 |
epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 |
376 |
epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch |
377 |
epatch "${FILESDIR}"/${PN}-1.0.0e-parallel-build.patch |
378 |
epatch "${FILESDIR}"/${PN}-1.0.0e-x32.patch |
379 |
epatch_user #332661 |
380 |
|
381 |
# disable fips in the build |
382 |
# make sure the man pages are suffixed #302165 |
383 |
# don't bother building man pages if they're disabled |
384 |
sed -i \ |
385 |
-e '/DIRS/s: fips : :g' \ |
386 |
-e '/^MANSUFFIX/s:=.*:=ssl:' \ |
387 |
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ |
388 |
-e $(has noman FEATURES \ |
389 |
&& echo '/^install:/s:install_docs::' \ |
390 |
|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ |
391 |
Makefile.org \ |
392 |
|| die |
393 |
# show the actual commands in the log |
394 |
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared |
395 |
|
396 |
# allow openssl to be cross-compiled |
397 |
cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die |
398 |
chmod a+rx gentoo.config |
399 |
|
400 |
append-flags -fno-strict-aliasing |
401 |
append-flags $(test-flags-CC -Wa,--noexecstack) |
402 |
|
403 |
sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 |
404 |
./config --test-sanity || die "I AM NOT SANE" |
405 |
} |
406 |
|
407 |
src_configure() { |
408 |
unset APPS #197996 |
409 |
unset SCRIPTS #312551 |
410 |
unset CROSS_COMPILE #311473 |
411 |
|
412 |
tc-export CC AR RANLIB RC |
413 |
|
414 |
# Clean out patent-or-otherwise-encumbered code |
415 |
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) |
416 |
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm |
417 |
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography |
418 |
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 |
419 |
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 |
420 |
|
421 |
use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } |
422 |
echoit() { echo "$@" ; "$@" ; } |
423 |
|
424 |
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") |
425 |
|
426 |
local sslout=$(./gentoo.config) |
427 |
einfo "Use configuration ${sslout:-(openssl knows best)}" |
428 |
local config="Configure" |
429 |
[[ -z ${sslout} ]] && config="config" |
430 |
echoit \ |
431 |
./${config} \ |
432 |
${sslout} \ |
433 |
$(use sse2 || echo "no-sse2") \ |
434 |
enable-camellia \ |
435 |
$(use_ssl !bindist ec) \ |
436 |
enable-idea \ |
437 |
enable-mdc2 \ |
438 |
$(use_ssl !bindist rc5) \ |
439 |
enable-tlsext \ |
440 |
$(use_ssl gmp gmp -lgmp) \ |
441 |
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ |
442 |
$(use_ssl rfc3779) \ |
443 |
$(use_ssl zlib) \ |
444 |
--prefix=/usr \ |
445 |
--openssldir=${SSL_CNF_DIR} \ |
446 |
--libdir=$(get_libdir) \ |
447 |
shared threads \ |
448 |
|| die |
449 |
|
450 |
# Clean out hardcoded flags that openssl uses |
451 |
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ |
452 |
-e 's:^CFLAG=::' \ |
453 |
-e 's:-fomit-frame-pointer ::g' \ |
454 |
-e 's:-O[0-9] ::g' \ |
455 |
-e 's:-march=[-a-z0-9]* ::g' \ |
456 |
-e 's:-mcpu=[-a-z0-9]* ::g' \ |
457 |
-e 's:-m[a-z0-9]* ::g' \ |
458 |
) |
459 |
sed -i \ |
460 |
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ |
461 |
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ |
462 |
Makefile || die |
463 |
} |
464 |
|
465 |
src_compile() { |
466 |
# depend is needed to use $confopts; it also doesn't matter |
467 |
# that it's -j1 as the code itself serializes subdirs |
468 |
emake -j1 depend || die |
469 |
emake all || die |
470 |
# rehash is needed to prep the certs/ dir; do this |
471 |
# separately to avoid parallel build issues. |
472 |
emake rehash || die |
473 |
} |
474 |
|
475 |
src_test() { |
476 |
emake -j1 test || die |
477 |
} |
478 |
|
479 |
src_install() { |
480 |
emake INSTALL_PREFIX="${D}" install || die |
481 |
dobin "${WORKDIR}"/c_rehash || die #333117 |
482 |
dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el |
483 |
dohtml -r doc/* |
484 |
use rfc3779 && dodoc engines/ccgost/README.gost |
485 |
|
486 |
# This is crappy in that the static archives are still built even |
487 |
# when USE=static-libs. But this is due to a failing in the openssl |
488 |
# build system: the static archives are built as PIC all the time. |
489 |
# Only way around this would be to manually configure+compile openssl |
490 |
# twice; once with shared lib support enabled and once without. |
491 |
use static-libs || rm -f "${D}"/usr/lib*/lib*.a |
492 |
|
493 |
# create the certs directory |
494 |
dodir ${SSL_CNF_DIR}/certs |
495 |
cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die |
496 |
rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired} |
497 |
|
498 |
# Namespace openssl programs to prevent conflicts with other man pages |
499 |
cd "${D}"/usr/share/man |
500 |
local m d s |
501 |
for m in $(find . -type f | xargs grep -L '#include') ; do |
502 |
d=${m%/*} ; d=${d#./} ; m=${m##*/} |
503 |
[[ ${m} == openssl.1* ]] && continue |
504 |
[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" |
505 |
mv ${d}/{,ssl-}${m} |
506 |
# fix up references to renamed man pages |
507 |
sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} |
508 |
ln -s ssl-${m} ${d}/openssl-${m} |
509 |
# locate any symlinks that point to this man page ... we assume |
510 |
# that any broken links are due to the above renaming |
511 |
for s in $(find -L ${d} -type l) ; do |
512 |
s=${s##*/} |
513 |
rm -f ${d}/${s} |
514 |
ln -s ssl-${m} ${d}/ssl-${s} |
515 |
ln -s ssl-${s} ${d}/openssl-${s} |
516 |
done |
517 |
done |
518 |
[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" |
519 |
|
520 |
dodir /etc/sandbox.d #254521 |
521 |
echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl |
522 |
|
523 |
diropts -m0700 |
524 |
keepdir ${SSL_CNF_DIR}/private |
525 |
} |
526 |
|
527 |
pkg_preinst() { |
528 |
has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
529 |
preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
530 |
} |
531 |
|
532 |
pkg_postinst() { |
533 |
ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" |
534 |
c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null |
535 |
eend $? |
536 |
|
537 |
has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
538 |
preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
539 |
} |