[gentoo-commits] repo/gentoo:master commit in: dev-libs/openssl/ - gentoo-commits

From:	Lars Wendler <polynomial-c@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: dev-libs/openssl/
Date:	Tue, 11 Sep 2018 15:41:55
Message-Id:	`1536680502.6515b6442d3bb85807d8803a7609d2fe0e436734.polynomial-c@gentoo`

1

commit:     6515b6442d3bb85807d8803a7609d2fe0e436734

2

Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>

3

AuthorDate: Tue Sep 11 15:40:50 2018 +0000

4

Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>

5

CommitDate: Tue Sep 11 15:41:42 2018 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6515b644

7

8

dev-libs/openssl: Bump to version 1.1.1

9

10

Package-Manager: Portage-2.3.49, Repoman-2.3.10

11

12

 dev-libs/openssl/Manifest             |   1 +

13

 dev-libs/openssl/openssl-1.1.1.ebuild | 248 ++++++++++++++++++++++++++++++++++

14

 2 files changed, 249 insertions(+)

15

16

diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest

17

index ba5fdcfbf60..523a6779775 100644

18

--- a/dev-libs/openssl/Manifest

19

+++ b/dev-libs/openssl/Manifest

20

@@ -12,3 +12,4 @@ DIST openssl-1.1.0i_ectest.c 29908 BLAKE2B b398bafd5d5aea71daa9c3e2749dece9e5159

21

 DIST openssl-1.1.0i_hobble-openssl 1117 BLAKE2B c3a1477e63331e83cf1cbe58e9ef131ec500a311e22d3da55034800ca353c387b2e202575acf3badb00b236ff91d4bac1bb131a33930939646d26bec27be6e04 SHA512 fa9cc70afa11a7a292548b4bddbba8159824a364ce5c279b483768e6ae2aa4b5491d9bf2cc734819f30a11c8ee0d91bcb991c4a7ab357296aeb4c04feac74826

22

 DIST openssl-1.1.1-pre8.tar.gz 8334954 BLAKE2B 97cd018908925abd5a4eb660b3488b23efb582dd49dd87504e5522b2e9c5c6500417ef4893590a60ce35cfa316de51bfbf3e448e9cb2a5858ecd8ae72722922d SHA512 33b20f8589e0ba67500993635e1ba7f7f7ce2b6fa1eb8d4d7c44711ff047045dde57ad7e0605377c2b030fc954a3fb9b1f1d68feac2080991ef2b1b72a761041

23

 DIST openssl-1.1.1-pre9.tar.gz 8411103 BLAKE2B 93ac540afdf734c67aabbaf0682b43f044e8c05f80c0b1e7af926dd4179b215f68d569de24e45ae78a6915923ab5f77a8aa5690873e01c16478bf61d1f1c2a9b SHA512 cf23c11d7591cfa6dfd8b1086c2cdd33bd56f9eb44721cd60b228ef4d3c0c5de650dca53ae7becf7c8f0a9dd4bdae287f48116a3ac11d106b36919deb3214aa2

24

+DIST openssl-1.1.1.tar.gz 8337920 BLAKE2B 266fb97bad4e1e7c0694c67a065d6669560695c92ad8fa10824169288a3fdfb9798faf408274a1e0c4e10a83a12b57367611bf4037dd2ab7ee74d7edab580a7b SHA512 c0284a4fe84bdf765ca5bc5148da4441ffc36392cfecaf9d372af00cf93b6de5681cab1248b6f8246474532155dc205da5ad49549ad7c61c07c917145e7c9c71

25

26

diff --git a/dev-libs/openssl/openssl-1.1.1.ebuild b/dev-libs/openssl/openssl-1.1.1.ebuild

27

new file mode 100644

28

index 00000000000..4c92eedb393

29

--- /dev/null

30

+++ b/dev-libs/openssl/openssl-1.1.1.ebuild

31

@@ -0,0 +1,248 @@

32

+# Copyright 1999-2018 Gentoo Foundation

33

+# Distributed under the terms of the GNU General Public License v2

34

+

35

+EAPI="6"

36

+

37

+inherit flag-o-matic toolchain-funcs multilib multilib-minimal

38

+

39

+MY_P=${P/_/-}

40

+DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"

41

+HOMEPAGE="https://www.openssl.org/"

42

+SRC_URI="mirror://openssl/source/${MY_P}.tar.gz"

43

+

44

+LICENSE="openssl"

45

+SLOT="0/1.1" # .so version of libssl/libcrypto

46

+[[ "${PV}" = *_pre* ]] || \

47

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~x86-linux"

48

+IUSE="+asm bindist elibc_musl rfc3779 sctp cpu_flags_x86_sse2 sslv3 static-libs test tls-heartbeat vanilla zlib"

49

+RESTRICT="!bindist? ( bindist )"

50

+

51

+RDEPEND=">=app-misc/c_rehash-1.7-r1

52

+	zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )"

53

+DEPEND="${RDEPEND}

54

+	>=dev-lang/perl-5

55

+	sctp? ( >=net-misc/lksctp-tools-1.0.12 )

56

+	test? (

57

+		sys-apps/diffutils

58

+		sys-devel/bc

59

+	)"

60

+PDEPEND="app-misc/ca-certificates"

61

+

62

+S="${WORKDIR}/${MY_P}"

63

+

64

+MULTILIB_WRAPPED_HEADERS=(

65

+	usr/include/openssl/opensslconf.h

66

+)

67

+

68

+src_prepare() {

69

+	# keep this in sync with app-misc/c_rehash

70

+	SSL_CNF_DIR="/etc/ssl"

71

+

72

+	# Make sure we only ever touch Makefile.org and avoid patching a file

73

+	# that gets blown away anyways by the Configure script in src_configure

74

+	rm -f Makefile

75

+

76

+	if ! use vanilla ; then

77

+		if [[ $(declare -p PATCHES 2>/dev/null) == "declare -a"* ]] ; then

78

+			[[ ${#PATCHES[@]} -gt 0 ]] && eapply "${PATCHES[@]}"

79

+		fi

80

+	fi

81

+

82

+	eapply_user #332661

83

+

84

+	# make sure the man pages are suffixed #302165

85

+	# don't bother building man pages if they're disabled

86

+	# Make DOCDIR Gentoo compliant

87

+	sed -i \

88

+		-e '/^MANSUFFIX/s:=.*:=ssl:' \

89

+		-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \

90

+		-e $(has noman FEATURES \

91

+			&& echo '/^install:/s:install_docs::' \

92

+			|| echo '/^MANDIR=/s:=.*:='${EPREFIX%/}'/usr/share/man:') \

93

+		-e "/^DOCDIR/s@\$(BASENAME)@&-${PF}@" \

94

+		Configurations/unix-Makefile.tmpl \

95

+		|| die

96

+

97

+	# quiet out unknown driver argument warnings since openssl

98

+	# doesn't have well-split CFLAGS and we're making it even worse

99

+	# and 'make depend' uses -Werror for added fun (#417795 again)

100

+	[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments

101

+

102

+	# allow openssl to be cross-compiled

103

+	cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die

104

+	chmod a+rx gentoo.config || die

105

+

106

+	append-flags -fno-strict-aliasing

107

+	append-flags $(test-flags-CC -Wa,--noexecstack)

108

+	append-cppflags -DOPENSSL_NO_BUF_FREELISTS

109

+

110

+	# Prefixify Configure shebang (#141906)

111

+	sed \

112

+		-e "1s,/usr/bin/env,${EPREFIX%/}&," \

113

+		-i Configure || die

114

+	# Remove test target when FEATURES=test isn't set

115

+	if ! use test ; then

116

+		sed \

117

+			-e '/^$config{dirs}/s@ "test",@@' \

118

+			-i Configure || die

119

+	fi

120

+	# The config script does stupid stuff to prompt the user.  Kill it.

121

+	sed -i '/stty -icanon min 0 time 50; read waste/d' config || die

122

+	./config --test-sanity || die "I AM NOT SANE"

123

+

124

+	multilib_copy_sources

125

+}

126

+

127

+multilib_src_configure() {

128

+	unset APPS #197996

129

+	unset SCRIPTS #312551

130

+	unset CROSS_COMPILE #311473

131

+

132

+	tc-export CC AR RANLIB RC

133

+

134

+	# Clean out patent-or-otherwise-encumbered code

135

+	# Camellia: Royalty Free            https://en.wikipedia.org/wiki/Camellia_(cipher)

136

+	# IDEA:     Expired                 https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm

137

+	# EC:       ????????? ??/??/2015    https://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography

138

+	# MDC2:     Expired                 https://en.wikipedia.org/wiki/MDC-2

139

+	# RC5:      Expired                 https://en.wikipedia.org/wiki/RC5

140

+

141

+	use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }

142

+	echoit() { echo "$@" ; "$@" ; }

143

+

144

+	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")

145

+

146

+	# See if our toolchain supports __uint128_t.  If so, it's 64bit

147

+	# friendly and can use the nicely optimized code paths. #460790

148

+	local ec_nistp_64_gcc_128

149

+	# Disable it for now though #469976

150

+	#if ! use bindist ; then

151

+	#	echo "__uint128_t i;" > "${T}"/128.c

152

+	#	if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then

153

+	#		ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"

154

+	#	fi

155

+	#fi

156

+

157

+	local sslout=$(./gentoo.config)

158

+	einfo "Use configuration ${sslout:-(openssl knows best)}"

159

+	local config="Configure"

160

+	[[ -z ${sslout} ]] && config="config"

161

+

162

+	# 'srp' was restricted until early 2017 as well.

163

+	# "disable-deprecated" option breaks too many consumers.

164

+	# Don't set it without thorough revdeps testing.

165

+	echoit \

166

+	./${config} \

167

+		${sslout} \

168

+		$(use cpu_flags_x86_sse2 || echo "no-sse2") \

169

+		enable-camellia \

170

+		$(use_ssl !bindist ec) \

171

+		$(use_ssl !bindist srp) \

172

+		$(use elibc_musl && echo "no-async") \

173

+		${ec_nistp_64_gcc_128} \

174

+		enable-idea \

175

+		enable-mdc2 \

176

+		enable-rc5 \

177

+		$(use_ssl sslv3 ssl3) \

178

+		$(use_ssl sslv3 ssl3-method) \

179

+		$(use_ssl asm) \

180

+		$(use_ssl rfc3779) \

181

+		$(use_ssl sctp) \

182

+		$(use_ssl tls-heartbeat heartbeats) \

183

+		$(use_ssl zlib) \

184

+		--prefix="${EPREFIX%/}"/usr \

185

+		--openssldir="${EPREFIX%/}"${SSL_CNF_DIR} \

186

+		--libdir=$(get_libdir) \

187

+		shared threads \

188

+		|| die

189

+

190

+	# Clean out hardcoded flags that openssl uses

191

+	# Fix quoting for sed

192

+	local DEFAULT_CFLAGS=$(grep ^CFLAGS= Makefile | LC_ALL=C sed \

193

+		-e 's:^CFLAGS=::' \

194

+		-e 's:-fomit-frame-pointer ::g' \

195

+		-e 's:-O[0-9] ::g' \

196

+		-e 's:-march=[-a-z0-9]* ::g' \

197

+		-e 's:-mcpu=[-a-z0-9]* ::g' \

198

+		-e 's:-m[a-z0-9]* ::g' \

199

+		-e 's:\\:\\\\:g' \

200

+	)

201

+	sed -i \

202

+		-e "/^CFLAGS=/s|=.*|=${DEFAULT_CFLAGS} ${CFLAGS}|" \

203

+		-e "/^LDFLAGS=/s|=[[:space:]]*$|=${LDFLAGS}|" \

204

+		Makefile || die

205

+}

206

+

207

+multilib_src_compile() {

208

+	# depend is needed to use $confopts; it also doesn't matter

209

+	# that it's -j1 as the code itself serializes subdirs

210

+	emake -j1 depend

211

+	emake all

212

+}

213

+

214

+multilib_src_test() {

215

+	emake -j1 test

216

+}

217

+

218

+multilib_src_install() {

219

+	# We need to create $ED/usr on our own to avoid a race condition #665130

220

+	if [[ ! -d "${ED%/}/usr" ]]; then

221

+		# We can only create this directory once

222

+		mkdir "${ED%/}"/usr || die

223

+	fi

224

+

225

+	emake DESTDIR="${D%/}" install

226

+}

227

+

228

+multilib_src_install_all() {

229

+	# openssl installs perl version of c_rehash by default, but

230

+	# we provide a shell version via app-misc/c_rehash

231

+	rm "${ED%/}"/usr/bin/c_rehash || die

232

+

233

+	dodoc CHANGES* FAQ NEWS README doc/*.txt doc/${PN}-c-indent.el

234

+

235

+	# This is crappy in that the static archives are still built even

236

+	# when USE=static-libs.  But this is due to a failing in the openssl

237

+	# build system: the static archives are built as PIC all the time.

238

+	# Only way around this would be to manually configure+compile openssl

239

+	# twice; once with shared lib support enabled and once without.

240

+	use static-libs || rm -f "${ED%/}"/usr/lib*/lib*.a

241

+

242

+	# create the certs directory

243

+	keepdir ${SSL_CNF_DIR}/certs

244

+

245

+	# Namespace openssl programs to prevent conflicts with other man pages

246

+	cd "${ED%/}"/usr/share/man || die

247

+	local m d s

248

+	for m in $(find . -type f | xargs grep -L '#include') ; do

249

+		d=${m%/*} ; d=${d#./} ; m=${m##*/}

250

+		[[ ${m} == openssl.1* ]] && continue

251

+		[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"

252

+		mv ${d}/{,ssl-}${m}

253

+		# fix up references to renamed man pages

254

+		sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}

255

+		ln -s ssl-${m} ${d}/openssl-${m}

256

+		# locate any symlinks that point to this man page ... we assume

257

+		# that any broken links are due to the above renaming

258

+		for s in $(find -L ${d} -type l) ; do

259

+			s=${s##*/}

260

+			rm -f ${d}/${s}

261

+			# We don't want to "|| die" here

262

+			ln -s ssl-${m} ${d}/ssl-${s}

263

+			ln -s ssl-${s} ${d}/openssl-${s}

264

+		done

265

+	done

266

+	[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("

267

+

268

+	dodir /etc/sandbox.d #254521

269

+	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED%/}"/etc/sandbox.d/10openssl

270

+

271

+	diropts -m0700

272

+	keepdir ${SSL_CNF_DIR}/private

273

+}

274

+

275

+pkg_postinst() {

276

+	ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"

277

+	c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null

278

+	eend $?

279

+}

1	commit: 6515b6442d3bb85807d8803a7609d2fe0e436734
2	Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
3	AuthorDate: Tue Sep 11 15:40:50 2018 +0000
4	Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
5	CommitDate: Tue Sep 11 15:41:42 2018 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6515b644
7
8	dev-libs/openssl: Bump to version 1.1.1
9
10	Package-Manager: Portage-2.3.49, Repoman-2.3.10
11
12	dev-libs/openssl/Manifest \| 1 +
13	dev-libs/openssl/openssl-1.1.1.ebuild \| 248 ++++++++++++++++++++++++++++++++++
14	2 files changed, 249 insertions(+)
15
16	diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest
17	index ba5fdcfbf60..523a6779775 100644
18	--- a/dev-libs/openssl/Manifest
19	+++ b/dev-libs/openssl/Manifest
20	@@ -12,3 +12,4 @@ DIST openssl-1.1.0i_ectest.c 29908 BLAKE2B b398bafd5d5aea71daa9c3e2749dece9e5159
21	DIST openssl-1.1.0i_hobble-openssl 1117 BLAKE2B c3a1477e63331e83cf1cbe58e9ef131ec500a311e22d3da55034800ca353c387b2e202575acf3badb00b236ff91d4bac1bb131a33930939646d26bec27be6e04 SHA512 fa9cc70afa11a7a292548b4bddbba8159824a364ce5c279b483768e6ae2aa4b5491d9bf2cc734819f30a11c8ee0d91bcb991c4a7ab357296aeb4c04feac74826
22	DIST openssl-1.1.1-pre8.tar.gz 8334954 BLAKE2B 97cd018908925abd5a4eb660b3488b23efb582dd49dd87504e5522b2e9c5c6500417ef4893590a60ce35cfa316de51bfbf3e448e9cb2a5858ecd8ae72722922d SHA512 33b20f8589e0ba67500993635e1ba7f7f7ce2b6fa1eb8d4d7c44711ff047045dde57ad7e0605377c2b030fc954a3fb9b1f1d68feac2080991ef2b1b72a761041
23	DIST openssl-1.1.1-pre9.tar.gz 8411103 BLAKE2B 93ac540afdf734c67aabbaf0682b43f044e8c05f80c0b1e7af926dd4179b215f68d569de24e45ae78a6915923ab5f77a8aa5690873e01c16478bf61d1f1c2a9b SHA512 cf23c11d7591cfa6dfd8b1086c2cdd33bd56f9eb44721cd60b228ef4d3c0c5de650dca53ae7becf7c8f0a9dd4bdae287f48116a3ac11d106b36919deb3214aa2
24	+DIST openssl-1.1.1.tar.gz 8337920 BLAKE2B 266fb97bad4e1e7c0694c67a065d6669560695c92ad8fa10824169288a3fdfb9798faf408274a1e0c4e10a83a12b57367611bf4037dd2ab7ee74d7edab580a7b SHA512 c0284a4fe84bdf765ca5bc5148da4441ffc36392cfecaf9d372af00cf93b6de5681cab1248b6f8246474532155dc205da5ad49549ad7c61c07c917145e7c9c71
25
26	diff --git a/dev-libs/openssl/openssl-1.1.1.ebuild b/dev-libs/openssl/openssl-1.1.1.ebuild
27	new file mode 100644
28	index 00000000000..4c92eedb393
29	--- /dev/null
30	+++ b/dev-libs/openssl/openssl-1.1.1.ebuild
31	@@ -0,0 +1,248 @@
32	+# Copyright 1999-2018 Gentoo Foundation
33	+# Distributed under the terms of the GNU General Public License v2
34	+
35	+EAPI="6"
36	+
37	+inherit flag-o-matic toolchain-funcs multilib multilib-minimal
38	+
39	+MY_P=${P/_/-}
40	+DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
41	+HOMEPAGE="https://www.openssl.org/"
42	+SRC_URI="mirror://openssl/source/${MY_P}.tar.gz"
43	+
44	+LICENSE="openssl"
45	+SLOT="0/1.1" # .so version of libssl/libcrypto
46	+[[ "${PV}" = _pre ]] \|\| \
47	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~x86-linux"
48	+IUSE="+asm bindist elibc_musl rfc3779 sctp cpu_flags_x86_sse2 sslv3 static-libs test tls-heartbeat vanilla zlib"
49	+RESTRICT="!bindist? ( bindist )"
50	+
51	+RDEPEND=">=app-misc/c_rehash-1.7-r1
52	+ zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )"
53	+DEPEND="${RDEPEND}
54	+ >=dev-lang/perl-5
55	+ sctp? ( >=net-misc/lksctp-tools-1.0.12 )
56	+ test? (
57	+ sys-apps/diffutils
58	+ sys-devel/bc
59	+ )"
60	+PDEPEND="app-misc/ca-certificates"
61	+
62	+S="${WORKDIR}/${MY_P}"
63	+
64	+MULTILIB_WRAPPED_HEADERS=(
65	+ usr/include/openssl/opensslconf.h
66	+)
67	+
68	+src_prepare() {
69	+ # keep this in sync with app-misc/c_rehash
70	+ SSL_CNF_DIR="/etc/ssl"
71	+
72	+ # Make sure we only ever touch Makefile.org and avoid patching a file
73	+ # that gets blown away anyways by the Configure script in src_configure
74	+ rm -f Makefile
75	+
76	+ if ! use vanilla ; then
77	+ if [[ $(declare -p PATCHES 2>/dev/null) == "declare -a"* ]] ; then
78	+ [[ ${#PATCHES[@]} -gt 0 ]] && eapply "${PATCHES[@]}"
79	+ fi
80	+ fi
81	+
82	+ eapply_user #332661
83	+
84	+ # make sure the man pages are suffixed #302165
85	+ # don't bother building man pages if they're disabled
86	+ # Make DOCDIR Gentoo compliant
87	+ sed -i \
88	+ -e '/^MANSUFFIX/s:=.*:=ssl:' \
89	+ -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
90	+ -e $(has noman FEATURES \
91	+ && echo '/^install:/s:install_docs::' \
92	+ \|\| echo '/^MANDIR=/s:=.*:='${EPREFIX%/}'/usr/share/man:') \
93	+ -e "/^DOCDIR/s@\$(BASENAME)@&-${PF}@" \
94	+ Configurations/unix-Makefile.tmpl \
95	+ \|\| die
96	+
97	+ # quiet out unknown driver argument warnings since openssl
98	+ # doesn't have well-split CFLAGS and we're making it even worse
99	+ # and 'make depend' uses -Werror for added fun (#417795 again)
100	+ [[ ${CC} == clang ]] && append-flags -Qunused-arguments
101	+
102	+ # allow openssl to be cross-compiled
103	+ cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config \|\| die
104	+ chmod a+rx gentoo.config \|\| die
105	+
106	+ append-flags -fno-strict-aliasing
107	+ append-flags $(test-flags-CC -Wa,--noexecstack)
108	+ append-cppflags -DOPENSSL_NO_BUF_FREELISTS
109	+
110	+ # Prefixify Configure shebang (#141906)
111	+ sed \
112	+ -e "1s,/usr/bin/env,${EPREFIX%/}&," \
113	+ -i Configure \|\| die
114	+ # Remove test target when FEATURES=test isn't set
115	+ if ! use test ; then
116	+ sed \
117	+ -e '/^$config{dirs}/s@ "test",@@' \
118	+ -i Configure \|\| die
119	+ fi
120	+ # The config script does stupid stuff to prompt the user. Kill it.
121	+ sed -i '/stty -icanon min 0 time 50; read waste/d' config \|\| die
122	+ ./config --test-sanity \|\| die "I AM NOT SANE"
123	+
124	+ multilib_copy_sources
125	+}
126	+
127	+multilib_src_configure() {
128	+ unset APPS #197996
129	+ unset SCRIPTS #312551
130	+ unset CROSS_COMPILE #311473
131	+
132	+ tc-export CC AR RANLIB RC
133	+
134	+ # Clean out patent-or-otherwise-encumbered code
135	+ # Camellia: Royalty Free https://en.wikipedia.org/wiki/Camellia_(cipher)
136	+ # IDEA: Expired https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
137	+ # EC: ????????? ??/??/2015 https://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
138	+ # MDC2: Expired https://en.wikipedia.org/wiki/MDC-2
139	+ # RC5: Expired https://en.wikipedia.org/wiki/RC5
140	+
141	+ use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
142	+ echoit() { echo "$@" ; "$@" ; }
143	+
144	+ local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" \|\| echo "Heimdal")
145	+
146	+ # See if our toolchain supports __uint128_t. If so, it's 64bit
147	+ # friendly and can use the nicely optimized code paths. #460790
148	+ local ec_nistp_64_gcc_128
149	+ # Disable it for now though #469976
150	+ #if ! use bindist ; then
151	+ # echo "__uint128_t i;" > "${T}"/128.c
152	+ # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
153	+ # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
154	+ # fi
155	+ #fi
156	+
157	+ local sslout=$(./gentoo.config)
158	+ einfo "Use configuration ${sslout:-(openssl knows best)}"
159	+ local config="Configure"
160	+ [[ -z ${sslout} ]] && config="config"
161	+
162	+ # 'srp' was restricted until early 2017 as well.
163	+ # "disable-deprecated" option breaks too many consumers.
164	+ # Don't set it without thorough revdeps testing.
165	+ echoit \
166	+ ./${config} \
167	+ ${sslout} \
168	+ $(use cpu_flags_x86_sse2 \|\| echo "no-sse2") \
169	+ enable-camellia \
170	+ $(use_ssl !bindist ec) \
171	+ $(use_ssl !bindist srp) \
172	+ $(use elibc_musl && echo "no-async") \
173	+ ${ec_nistp_64_gcc_128} \
174	+ enable-idea \
175	+ enable-mdc2 \
176	+ enable-rc5 \
177	+ $(use_ssl sslv3 ssl3) \
178	+ $(use_ssl sslv3 ssl3-method) \
179	+ $(use_ssl asm) \
180	+ $(use_ssl rfc3779) \
181	+ $(use_ssl sctp) \
182	+ $(use_ssl tls-heartbeat heartbeats) \
183	+ $(use_ssl zlib) \
184	+ --prefix="${EPREFIX%/}"/usr \
185	+ --openssldir="${EPREFIX%/}"${SSL_CNF_DIR} \
186	+ --libdir=$(get_libdir) \
187	+ shared threads \
188	+ \|\| die
189	+
190	+ # Clean out hardcoded flags that openssl uses
191	+ # Fix quoting for sed
192	+ local DEFAULT_CFLAGS=$(grep ^CFLAGS= Makefile \| LC_ALL=C sed \
193	+ -e 's:^CFLAGS=::' \
194	+ -e 's:-fomit-frame-pointer ::g' \
195	+ -e 's:-O[0-9] ::g' \
196	+ -e 's:-march=[-a-z0-9]* ::g' \
197	+ -e 's:-mcpu=[-a-z0-9]* ::g' \
198	+ -e 's:-m[a-z0-9]* ::g' \
199	+ -e 's:\\:\\\\:g' \
200	+ )
201	+ sed -i \
202	+ -e "/^CFLAGS=/s\|=.*\|=${DEFAULT_CFLAGS} ${CFLAGS}\|" \
203	+ -e "/^LDFLAGS=/s\|=[[:space:]]*$\|=${LDFLAGS}\|" \
204	+ Makefile \|\| die
205	+}
206	+
207	+multilib_src_compile() {
208	+ # depend is needed to use $confopts; it also doesn't matter
209	+ # that it's -j1 as the code itself serializes subdirs
210	+ emake -j1 depend
211	+ emake all
212	+}
213	+
214	+multilib_src_test() {
215	+ emake -j1 test
216	+}
217	+
218	+multilib_src_install() {
219	+ # We need to create $ED/usr on our own to avoid a race condition #665130
220	+ if [[ ! -d "${ED%/}/usr" ]]; then
221	+ # We can only create this directory once
222	+ mkdir "${ED%/}"/usr \|\| die
223	+ fi
224	+
225	+ emake DESTDIR="${D%/}" install
226	+}
227	+
228	+multilib_src_install_all() {
229	+ # openssl installs perl version of c_rehash by default, but
230	+ # we provide a shell version via app-misc/c_rehash
231	+ rm "${ED%/}"/usr/bin/c_rehash \|\| die
232	+
233	+ dodoc CHANGES* FAQ NEWS README doc/*.txt doc/${PN}-c-indent.el
234	+
235	+ # This is crappy in that the static archives are still built even
236	+ # when USE=static-libs. But this is due to a failing in the openssl
237	+ # build system: the static archives are built as PIC all the time.
238	+ # Only way around this would be to manually configure+compile openssl
239	+ # twice; once with shared lib support enabled and once without.
240	+ use static-libs \|\| rm -f "${ED%/}"/usr/lib/lib.a
241	+
242	+ # create the certs directory
243	+ keepdir ${SSL_CNF_DIR}/certs
244	+
245	+ # Namespace openssl programs to prevent conflicts with other man pages
246	+ cd "${ED%/}"/usr/share/man \|\| die
247	+ local m d s
248	+ for m in $(find . -type f \| xargs grep -L '#include') ; do
249	+ d=${m%/} ; d=${d#./} ; m=${m##/}
250	+ [[ ${m} == openssl.1* ]] && continue
251	+ [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
252	+ mv ${d}/{,ssl-}${m}
253	+ # fix up references to renamed man pages
254	+ sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
255	+ ln -s ssl-${m} ${d}/openssl-${m}
256	+ # locate any symlinks that point to this man page ... we assume
257	+ # that any broken links are due to the above renaming
258	+ for s in $(find -L ${d} -type l) ; do
259	+ s=${s##*/}
260	+ rm -f ${d}/${s}
261	+ # We don't want to "\|\| die" here
262	+ ln -s ssl-${m} ${d}/ssl-${s}
263	+ ln -s ssl-${s} ${d}/openssl-${s}
264	+ done
265	+ done
266	+ [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
267	+
268	+ dodir /etc/sandbox.d #254521
269	+ echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED%/}"/etc/sandbox.d/10openssl
270	+
271	+ diropts -m0700
272	+ keepdir ${SSL_CNF_DIR}/private
273	+}
274	+
275	+pkg_postinst() {
276	+ ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
277	+ c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
278	+ eend $?
279	+}

Gentoo Archives: gentoo-commits