Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Thomas Deutschmann <whissi@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: dev-libs/openssl/, dev-libs/openssl/files/
Date: Sat, 30 Dec 2017 19:55:50
Message-Id: 1514663689.0ef22ca0826fad8472f23e3451f5eb3295a7538e.whissi@gentoo
1 commit: 0ef22ca0826fad8472f23e3451f5eb3295a7538e
2 Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3 AuthorDate: Sat Dec 30 19:54:49 2017 +0000
4 Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5 CommitDate: Sat Dec 30 19:54:49 2017 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ef22ca0
7
8 dev-libs/openssl: Security cleanup (bug #640172)
9
10 Package-Manager: Portage-2.3.19, Repoman-2.3.6
11
12 dev-libs/openssl/Manifest | 6 -
13 .../openssl/files/openssl-1.0.0a-ldflags.patch | 29 -
14 .../files/openssl-1.0.1p-default-source.patch | 30 -
15 dev-libs/openssl/files/openssl-1.0.2-ipv6.patch | 611 ---------------------
16 .../openssl-1.0.2a-parallel-install-dirs.patch | 64 ---
17 .../openssl-1.0.2a-parallel-obj-headers.patch | 37 --
18 .../files/openssl-1.0.2a-parallel-symlinking.patch | 63 ---
19 .../files/openssl-1.0.2i-parallel-build.patch | 326 -----------
20 dev-libs/openssl/openssl-1.0.2k.ebuild | 254 ---------
21 dev-libs/openssl/openssl-1.0.2l-r1.ebuild | 296 ----------
22 dev-libs/openssl/openssl-1.0.2l.ebuild | 254 ---------
23 dev-libs/openssl/openssl-1.0.2m.ebuild | 254 ---------
24 12 files changed, 2224 deletions(-)
25
26 diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest
27 index 583d9dd4660..1985ca1d3d7 100644
28 --- a/dev-libs/openssl/Manifest
29 +++ b/dev-libs/openssl/Manifest
30 @@ -1,11 +1,5 @@
31 DIST openssl-0.9.8zh.tar.gz 3818524 BLAKE2B 610bb4858900983cf4519fa8b63f1e03b3845e39e68884fd8bebd738cd5cd6c2c75513643af49bf9e2294adc446a6516480fe9b62de55d9b6379bf9e7c5cd364 SHA512 b97fa2468211f86c0719c68ad1781eff84f772c479ed5193d6da14bac086b4ca706e7d851209d9df3f0962943b5e5333ab0def00110fb2e517caa73c0c6674c6
32 DIST openssl-1.0.2-patches-1.0.tar.xz 11572 BLAKE2B bdb9d2b8388f1aadf3a9274133aa8f86b0029fae1ce86d005baa39a7347657f8d4d84395b54e8ccd67944356ee197dfb527f843b4f146e305533e2ad5450721d SHA512 15234ade359a0acf001cf10c7a7fc05f54603a44c67831529c2a6eda03342f9ba1cf40664ac782b5b73c50b23ec5649fb48ccff2aea8f0df2ef634959c47e3e9
33 -DIST openssl-1.0.2k.tar.gz 5309236 BLAKE2B 97069b9c7aaab2381ae5be989caff6907cd44ab1831d84685c3421ad985889a2bbc3a462decdff9c4c158ace96975de2b9e49e4f1b9f306990c3dc0f03767dad SHA512 0d314b42352f4b1df2c40ca1094abc7e9ad684c5c35ea997efdd58204c70f22a1abcb17291820f0fff3769620a4e06906034203d31eb1a4d540df3e0db294016
34 -DIST openssl-1.0.2l.tar.gz 5365054 BLAKE2B 0a459a93a0013269dea79bd6df96a434b9dad95b6d98b24a48bc1b1438415c0a8de01b67166ac13a73ae65fb64131568924c3e6f945d862b7e960f05332cf097 SHA512 047d964508ad6025c79caabd8965efd2416dc026a56183d0ef4de7a0a6769ce8e0b4608a3f8393d326f6d03b26a2b067e6e0c750f35b20be190e595e8290c0e3
35 -DIST openssl-1.0.2l_ec_curve.c 17254 BLAKE2B d40d8d6e770443f07abe70e2c4ddda6aec1cc8e37dc1f226a3fdd9ed5d228f09c6d372e8956b1948b55ee1d57d1429493e7288d0f54d9466a37fec805c85aacb SHA512 8e92fb100bcf4bd918c82b9a6cbd75a55abe1a2c08230a007e441c51577f974f8cc336e9ac8a672b32641480428ca8cead5380da1fe81bacb088145a1b754a15
36 -DIST openssl-1.0.2l_ectest.c 30735 BLAKE2B 95333a27f1cf0a4305a3cee7f6d46b9d4673582ca9acfcf5ba2a0d9d317ab6219cd0d2ff0ba3a55a317c8f5819342f05cc17ba80ec2c92b2b4cab9a3552382e1 SHA512 f2e4d34327b490bc8371f0845c69df3f9fc51ea16f0ea0de0411a0c1fa9d49bb2b6fafc363eb3b3cd919dc7c24e4a0d075c6ff878c01d70dae918f2540874c19
37 -DIST openssl-1.0.2l_hobble-openssl 1302 BLAKE2B 647caa6a0f4c53a2e77baa3b8e5961eaef3bb0ff38e7d5475eab8deef3439f7fe49028ec9ed0406f3453870b62cac67c496b3a048ee4c9ff4c6866d520235960 SHA512 3d757a4708e74a03dd5cb9b8114dfe442ed9520739a6eca693be4c4265771696f1449ea06d1c9bcfc6e94fc9b0dd0c10e153f1c3b0334831c0550b36cd63326e
38 -DIST openssl-1.0.2m.tar.gz 5373776 BLAKE2B f40cbea061f84087a079d541f7ba841894c86c00827865f0f508ee297df45e8825d7d74bbbe16bf1f81d46f9af503a6191c9e65df674c4a5ae28172b5b03986f SHA512 7619aa223ee50d0f5e270ac9090e95b2b1ba5dfc656c98f625a9a277dda472fb960a4e89a7ba300044cb401b2072b2ca6a6fcce8206d927bf373d1c981806a93
39 DIST openssl-1.0.2n.tar.gz 5375802 BLAKE2B 2e04f8c3d5e2296859b8474d7e100e270f53f18a26c6d37a4cf5e01cd14f44d24d334b4e705da05d77c33b5dc91cffea0feea9f7c83c77ba16c9b6d5f5085894 SHA512 144bf0d6aa27b4af01df0b7b734c39962649e1711554247d42e05e14d8945742b18745aefdba162e2dfc762b941fd7d3b2d5dc6a781ae4ba10a6f5a3cadb0687
40 DIST openssl-1.1.0-build.patch 3028 BLAKE2B f8cf981ed3717af234ce02fa50f27cdbcbf2b766968a5957fc6f0a4ea997549505fa77398444d7f3b9a75f66048447fe62542b9cb1d5f0268add87c44915a6fd SHA512 b19a912900970052f80c67f28975e793ae9e70ebfc62efae0544e09931079e98c4cd29ce1cc8d937ceca97aff9a12fdc1ff9ce6c2b47fea68c79e7065464a0f0
41 DIST openssl-1.1.0-ec-curves.patch 2967 BLAKE2B 1c639514445ea85cf731732aa7901b5a03ddb5f637b0483ab2ec6825433ad978723c5a07316db684bdaca4a12fc673b4e049a49c0cd4dbe5f25a5e2bd3b75cf5 SHA512 8fb9c6759ae2077ad3697ba77e85ab3970fd8b3f64b21eb260b4f6333b7ebf2f5a53c7eee311229edfbd96a2b904ec5e5e00dfa5b62cf1105fece13069077bd2
42
43 diff --git a/dev-libs/openssl/files/openssl-1.0.0a-ldflags.patch b/dev-libs/openssl/files/openssl-1.0.0a-ldflags.patch
44 deleted file mode 100644
45 index c99ef4abb85..00000000000
46 --- a/dev-libs/openssl/files/openssl-1.0.0a-ldflags.patch
47 +++ /dev/null
48 @@ -1,29 +0,0 @@
49 -http://bugs.gentoo.org/181438
50 -http://bugs.gentoo.org/327421
51 -https://rt.openssl.org/Ticket/Display.html?id=3331&user=guest&pass=guest
52 -
53 -make sure we respect LDFLAGS
54 -
55 -also make sure we don't add useless -rpath flags to the system libdir
56 -
57 ---- Makefile.org
58 -+++ Makefile.org
59 -@@ -189,6 +189,7 @@
60 - MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
61 - DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
62 - MAKEDEPPROG='$(MAKEDEPPROG)' \
63 -+ LDFLAGS='${LDFLAGS}' \
64 - SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
65 - KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
66 - ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
67 ---- Makefile.shared
68 -+++ Makefile.shared
69 -@@ -153,7 +153,7 @@
70 - NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
71 - SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
72 -
73 --DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
74 -+DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS)"
75 -
76 - #This is rather special. It's a special target with which one can link
77 - #applications without bothering with any features that have anything to
78
79 diff --git a/dev-libs/openssl/files/openssl-1.0.1p-default-source.patch b/dev-libs/openssl/files/openssl-1.0.1p-default-source.patch
80 deleted file mode 100644
81 index 73029985ae0..00000000000
82 --- a/dev-libs/openssl/files/openssl-1.0.1p-default-source.patch
83 +++ /dev/null
84 @@ -1,30 +0,0 @@
85 -https://bugs.gentoo.org/554338
86 -https://rt.openssl.org/Ticket/Display.html?id=3934&user=guest&pass=guest
87 -
88 -From 7c2e97f8bbae517496fdc11f475b4ae54b2534f5 Mon Sep 17 00:00:00 2001
89 -From: Mike Frysinger <vapier@g.o>
90 -Date: Fri, 10 Jul 2015 01:50:52 -0400
91 -Subject: [PATCH] test: use _DEFAULT_SOURCE with newer glibc versions
92 -
93 -The _BSD_SOURCE macro is replaced by the _DEFAULT_SOURCE macro. Using
94 -just the former with newer versions leads to a build time warning, so
95 -make sure to use the new macro too.
96 ----
97 - ssl/ssltest.c | 1 +
98 - 1 file changed, 1 insertion(+)
99 -
100 -diff --git a/ssl/ssltest.c b/ssl/ssltest.c
101 -index 26cf96c..b36f667 100644
102 ---- a/ssl/ssltest.c
103 -+++ b/ssl/ssltest.c
104 -@@ -141,6 +141,7 @@
105 - */
106 -
107 - /* Or gethostname won't be declared properly on Linux and GNU platforms. */
108 -+#define _DEFAULT_SOURCE 1
109 - #define _BSD_SOURCE 1
110 -
111 - #include <assert.h>
112 ---
113 -2.4.4
114 -
115
116 diff --git a/dev-libs/openssl/files/openssl-1.0.2-ipv6.patch b/dev-libs/openssl/files/openssl-1.0.2-ipv6.patch
117 deleted file mode 100644
118 index 27574ea616d..00000000000
119 --- a/dev-libs/openssl/files/openssl-1.0.2-ipv6.patch
120 +++ /dev/null
121 @@ -1,611 +0,0 @@
122 -http://rt.openssl.org/Ticket/Display.html?id=2051&user=guest&pass=guest
123 -
124 ---- openssl-1.0.2/apps/s_apps.h
125 -+++ openssl-1.0.2/apps/s_apps.h
126 -@@ -154,7 +154,7 @@
127 - int do_server(int port, int type, int *ret,
128 - int (*cb) (char *hostname, int s, int stype,
129 - unsigned char *context), unsigned char *context,
130 -- int naccept);
131 -+ int naccept, int use_ipv4, int use_ipv6);
132 - #ifdef HEADER_X509_H
133 - int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
134 - #endif
135 -@@ -167,7 +167,8 @@
136 - int ssl_print_curves(BIO *out, SSL *s, int noshared);
137 - #endif
138 - int ssl_print_tmp_key(BIO *out, SSL *s);
139 --int init_client(int *sock, char *server, int port, int type);
140 -+int init_client(int *sock, char *server, int port, int type,
141 -+ int use_ipv4, int use_ipv6);
142 - int should_retry(int i);
143 - int extract_port(char *str, short *port_ptr);
144 - int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
145 ---- openssl-1.0.2/apps/s_client.c
146 -+++ openssl-1.0.2/apps/s_client.c
147 -@@ -302,6 +302,10 @@
148 - {
149 - BIO_printf(bio_err, "usage: s_client args\n");
150 - BIO_printf(bio_err, "\n");
151 -+ BIO_printf(bio_err, " -4 - use IPv4 only\n");
152 -+#if OPENSSL_USE_IPV6
153 -+ BIO_printf(bio_err, " -6 - use IPv6 only\n");
154 -+#endif
155 - BIO_printf(bio_err, " -host host - use -connect instead\n");
156 - BIO_printf(bio_err, " -port port - use -connect instead\n");
157 - BIO_printf(bio_err,
158 -@@ -658,6 +662,7 @@
159 - int sbuf_len, sbuf_off;
160 - fd_set readfds, writefds;
161 - short port = PORT;
162 -+ int use_ipv4, use_ipv6;
163 - int full_log = 1;
164 - char *host = SSL_HOST_NAME;
165 - char *cert_file = NULL, *key_file = NULL, *chain_file = NULL;
166 -@@ -709,7 +714,11 @@
167 - #endif
168 - char *sess_in = NULL;
169 - char *sess_out = NULL;
170 -- struct sockaddr peer;
171 -+#if OPENSSL_USE_IPV6
172 -+ struct sockaddr_storage peer;
173 -+#else
174 -+ struct sockaddr_in peer;
175 -+#endif
176 - int peerlen = sizeof(peer);
177 - int fallback_scsv = 0;
178 - int enable_timeouts = 0;
179 -@@ -737,6 +746,12 @@
180 -
181 - meth = SSLv23_client_method();
182 -
183 -+ use_ipv4 = 1;
184 -+#if OPENSSL_USE_IPV6
185 -+ use_ipv6 = 1;
186 -+#else
187 -+ use_ipv6 = 0;
188 -+#endif
189 - apps_startup();
190 - c_Pause = 0;
191 - c_quiet = 0;
192 -@@ -1096,6 +1111,16 @@
193 - jpake_secret = *++argv;
194 - }
195 - #endif
196 -+ else if (strcmp(*argv,"-4") == 0) {
197 -+ use_ipv4 = 1;
198 -+ use_ipv6 = 0;
199 -+ }
200 -+#if OPENSSL_USE_IPV6
201 -+ else if (strcmp(*argv,"-6") == 0) {
202 -+ use_ipv4 = 0;
203 -+ use_ipv6 = 1;
204 -+ }
205 -+#endif
206 - #ifndef OPENSSL_NO_SRTP
207 - else if (strcmp(*argv, "-use_srtp") == 0) {
208 - if (--argc < 1)
209 -@@ -1421,7 +1446,7 @@
210 -
211 - re_start:
212 -
213 -- if (init_client(&s, host, port, socket_type) == 0) {
214 -+ if (init_client(&s, host, port, socket_type, use_ipv4, use_ipv6) == 0) {
215 - BIO_printf(bio_err, "connect:errno=%d\n", get_last_socket_error());
216 - SHUTDOWN(s);
217 - goto end;
218 -@@ -1444,7 +1469,7 @@
219 - if (socket_type == SOCK_DGRAM) {
220 -
221 - sbio = BIO_new_dgram(s, BIO_NOCLOSE);
222 -- if (getsockname(s, &peer, (void *)&peerlen) < 0) {
223 -+ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0) {
224 - BIO_printf(bio_err, "getsockname:errno=%d\n",
225 - get_last_socket_error());
226 - SHUTDOWN(s);
227 ---- openssl-1.0.2/apps/s_server.c
228 -+++ openssl-1.0.2/apps/s_server.c
229 -@@ -643,6 +643,10 @@
230 - BIO_printf(bio_err,
231 - " -alpn arg - set the advertised protocols for the ALPN extension (comma-separated list)\n");
232 - #endif
233 -+ BIO_printf(bio_err, " -4 - use IPv4 only\n");
234 -+#if OPENSSL_USE_IPV6
235 -+ BIO_printf(bio_err, " -6 - use IPv6 only\n");
236 -+#endif
237 - BIO_printf(bio_err,
238 - " -keymatexport label - Export keying material using label\n");
239 - BIO_printf(bio_err,
240 -@@ -1070,6 +1074,7 @@
241 - int state = 0;
242 - const SSL_METHOD *meth = NULL;
243 - int socket_type = SOCK_STREAM;
244 -+ int use_ipv4, use_ipv6;
245 - ENGINE *e = NULL;
246 - char *inrand = NULL;
247 - int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
248 -@@ -1111,6 +1116,12 @@
249 -
250 - meth = SSLv23_server_method();
251 -
252 -+ use_ipv4 = 1;
253 -+#if OPENSSL_USE_IPV6
254 -+ use_ipv6 = 1;
255 -+#else
256 -+ use_ipv6 = 0;
257 -+#endif
258 - local_argc = argc;
259 - local_argv = argv;
260 -
261 -@@ -1503,6 +1514,16 @@
262 - jpake_secret = *(++argv);
263 - }
264 - #endif
265 -+ else if (strcmp(*argv,"-4") == 0) {
266 -+ use_ipv4 = 1;
267 -+ use_ipv6 = 0;
268 -+ }
269 -+#if OPENSSL_USE_IPV6
270 -+ else if (strcmp(*argv,"-6") == 0) {
271 -+ use_ipv4 = 0;
272 -+ use_ipv6 = 1;
273 -+ }
274 -+#endif
275 - #ifndef OPENSSL_NO_SRTP
276 - else if (strcmp(*argv, "-use_srtp") == 0) {
277 - if (--argc < 1)
278 -@@ -2023,13 +2044,13 @@
279 - (void)BIO_flush(bio_s_out);
280 - if (rev)
281 - do_server(port, socket_type, &accept_socket, rev_body, context,
282 -- naccept);
283 -+ naccept, use_ipv4, use_ipv6);
284 - else if (www)
285 - do_server(port, socket_type, &accept_socket, www_body, context,
286 -- naccept);
287 -+ naccept, use_ipv4, use_ipv6);
288 - else
289 - do_server(port, socket_type, &accept_socket, sv_body, context,
290 -- naccept);
291 -+ naccept, use_ipv4, use_ipv6);
292 - print_stats(bio_s_out, ctx);
293 - ret = 0;
294 - end:
295 ---- openssl-1.0.2/apps/s_socket.c
296 -+++ openssl-1.0.2/apps/s_socket.c
297 -@@ -101,16 +101,16 @@
298 - # include "netdb.h"
299 - # endif
300 -
301 --static struct hostent *GetHostByName(char *name);
302 -+static struct hostent *GetHostByName(char *name, int domain);
303 - # if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
304 - static void ssl_sock_cleanup(void);
305 - # endif
306 - static int ssl_sock_init(void);
307 --static int init_client_ip(int *sock, unsigned char ip[4], int port, int type);
308 --static int init_server(int *sock, int port, int type);
309 --static int init_server_long(int *sock, int port, char *ip, int type);
310 -+static int init_client_ip(int *sock, unsigned char *ip, int port, int type, int domain);
311 -+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6);
312 -+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6);
313 - static int do_accept(int acc_sock, int *sock, char **host);
314 --static int host_ip(char *str, unsigned char ip[4]);
315 -+static int host_ip(char *str, unsigned char *ip, int domain);
316 -
317 - # ifdef OPENSSL_SYS_WIN16
318 - # define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
319 -@@ -231,38 +231,68 @@
320 - return (1);
321 - }
322 -
323 --int init_client(int *sock, char *host, int port, int type)
324 -+int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6)
325 - {
326 -+# if OPENSSL_USE_IPV6
327 -+ unsigned char ip[16];
328 -+# else
329 - unsigned char ip[4];
330 -+# endif
331 -
332 -- memset(ip, '\0', sizeof ip);
333 -- if (!host_ip(host, &(ip[0])))
334 -- return 0;
335 -- return init_client_ip(sock, ip, port, type);
336 --}
337 --
338 --static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
339 --{
340 -- unsigned long addr;
341 -+ if (use_ipv4)
342 -+ if (host_ip(host, ip, AF_INET))
343 -+ return(init_client_ip(sock, ip, port, type, AF_INET));
344 -+# if OPENSSL_USE_IPV6
345 -+ if (use_ipv6)
346 -+ if (host_ip(host, ip, AF_INET6))
347 -+ return(init_client_ip(sock, ip, port, type, AF_INET6));
348 -+# endif
349 -+ return 0;
350 -+}
351 -+
352 -+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain)
353 -+{
354 -+# if OPENSSL_USE_IPV6
355 -+ struct sockaddr_storage them;
356 -+ struct sockaddr_in *them_in = (struct sockaddr_in *)&them;
357 -+ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them;
358 -+# else
359 - struct sockaddr_in them;
360 -+ struct sockaddr_in *them_in = &them;
361 -+# endif
362 -+ socklen_t addr_len;
363 - int s, i;
364 -
365 - if (!ssl_sock_init())
366 - return (0);
367 -
368 - memset((char *)&them, 0, sizeof(them));
369 -- them.sin_family = AF_INET;
370 -- them.sin_port = htons((unsigned short)port);
371 -- addr = (unsigned long)
372 -- ((unsigned long)ip[0] << 24L) |
373 -- ((unsigned long)ip[1] << 16L) |
374 -- ((unsigned long)ip[2] << 8L) | ((unsigned long)ip[3]);
375 -- them.sin_addr.s_addr = htonl(addr);
376 -+ if (domain == AF_INET) {
377 -+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
378 -+ them_in->sin_family=AF_INET;
379 -+ them_in->sin_port=htons((unsigned short)port);
380 -+# ifndef BIT_FIELD_LIMITS
381 -+ memcpy(&them_in->sin_addr.s_addr, ip, 4);
382 -+# else
383 -+ memcpy(&them_in->sin_addr, ip, 4);
384 -+# endif
385 -+ }
386 -+ else
387 -+# if OPENSSL_USE_IPV6
388 -+ {
389 -+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
390 -+ them_in6->sin6_family=AF_INET6;
391 -+ them_in6->sin6_port=htons((unsigned short)port);
392 -+ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr));
393 -+ }
394 -+# else
395 -+ return(0);
396 -+# endif
397 -
398 - if (type == SOCK_STREAM)
399 -- s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
400 -+ s = socket(domain, SOCK_STREAM, SOCKET_PROTOCOL);
401 - else /* ( type == SOCK_DGRAM) */
402 -- s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
403 -+ s = socket(domain, SOCK_DGRAM, IPPROTO_UDP);
404 -
405 - if (s == INVALID_SOCKET) {
406 - perror("socket");
407 -@@ -280,7 +310,7 @@
408 - }
409 - # endif
410 -
411 -- if (connect(s, (struct sockaddr *)&them, sizeof(them)) == -1) {
412 -+ if (connect(s, (struct sockaddr *)&them, addr_len) == -1) {
413 - closesocket(s);
414 - perror("connect");
415 - return (0);
416 -@@ -292,14 +322,14 @@
417 - int do_server(int port, int type, int *ret,
418 - int (*cb) (char *hostname, int s, int stype,
419 - unsigned char *context), unsigned char *context,
420 -- int naccept)
421 -+ int naccept, int use_ipv4, int use_ipv6)
422 - {
423 - int sock;
424 - char *name = NULL;
425 - int accept_socket = 0;
426 - int i;
427 -
428 -- if (!init_server(&accept_socket, port, type))
429 -+ if (!init_server(&accept_socket, port, type, use_ipv4, use_ipv6))
430 - return (0);
431 -
432 - if (ret != NULL) {
433 -@@ -328,32 +358,41 @@
434 - }
435 - }
436 -
437 --static int init_server_long(int *sock, int port, char *ip, int type)
438 -+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6)
439 - {
440 - int ret = 0;
441 -+ int domain;
442 -+# if OPENSSL_USE_IPV6
443 -+ struct sockaddr_storage server;
444 -+ struct sockaddr_in *server_in = (struct sockaddr_in *)&server;
445 -+ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server;
446 -+# else
447 - struct sockaddr_in server;
448 -+ struct sockaddr_in *server_in = &server;
449 -+# endif
450 -+ socklen_t addr_len;
451 - int s = -1;
452 -
453 -+ if (!use_ipv4 && !use_ipv6)
454 -+ goto err;
455 -+# if OPENSSL_USE_IPV6
456 -+ /* we are fine here */
457 -+# else
458 -+ if (use_ipv6)
459 -+ goto err;
460 -+# endif
461 - if (!ssl_sock_init())
462 - return (0);
463 -
464 -- memset((char *)&server, 0, sizeof(server));
465 -- server.sin_family = AF_INET;
466 -- server.sin_port = htons((unsigned short)port);
467 -- if (ip == NULL)
468 -- server.sin_addr.s_addr = INADDR_ANY;
469 -- else
470 --/* Added for T3E, address-of fails on bit field (beckman@××××××××.gov) */
471 --# ifndef BIT_FIELD_LIMITS
472 -- memcpy(&server.sin_addr.s_addr, ip, 4);
473 -+#if OPENSSL_USE_IPV6
474 -+ domain = use_ipv6 ? AF_INET6 : AF_INET;
475 - # else
476 -- memcpy(&server.sin_addr, ip, 4);
477 -+ domain = AF_INET;
478 - # endif
479 --
480 - if (type == SOCK_STREAM)
481 -- s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
482 -- else /* type == SOCK_DGRAM */
483 -- s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
484 -+ s=socket(domain, SOCK_STREAM, SOCKET_PROTOCOL);
485 -+ else /* type == SOCK_DGRAM */
486 -+ s=socket(domain, SOCK_DGRAM, IPPROTO_UDP);
487 -
488 - if (s == INVALID_SOCKET)
489 - goto err;
490 -@@ -363,7 +402,42 @@
491 - setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof j);
492 - }
493 - # endif
494 -- if (bind(s, (struct sockaddr *)&server, sizeof(server)) == -1) {
495 -+# if OPENSSL_USE_IPV6
496 -+ if ((use_ipv4 == 0) && (use_ipv6 == 1)) {
497 -+ const int on = 1;
498 -+
499 -+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY,
500 -+ (const void *) &on, sizeof(int));
501 -+ }
502 -+# endif
503 -+ if (domain == AF_INET) {
504 -+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
505 -+ memset(server_in, 0, sizeof(struct sockaddr_in));
506 -+ server_in->sin_family=AF_INET;
507 -+ server_in->sin_port = htons((unsigned short)port);
508 -+ if (ip == NULL)
509 -+ server_in->sin_addr.s_addr = htonl(INADDR_ANY);
510 -+ else
511 -+/* Added for T3E, address-of fails on bit field (beckman@××××××××.gov) */
512 -+# ifndef BIT_FIELD_LIMITS
513 -+ memcpy(&server_in->sin_addr.s_addr, ip, 4);
514 -+# else
515 -+ memcpy(&server_in->sin_addr, ip, 4);
516 -+# endif
517 -+ }
518 -+# if OPENSSL_USE_IPV6
519 -+ else {
520 -+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
521 -+ memset(server_in6, 0, sizeof(struct sockaddr_in6));
522 -+ server_in6->sin6_family = AF_INET6;
523 -+ server_in6->sin6_port = htons((unsigned short)port);
524 -+ if (ip == NULL)
525 -+ server_in6->sin6_addr = in6addr_any;
526 -+ else
527 -+ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr));
528 -+ }
529 -+# endif
530 -+ if (bind(s, (struct sockaddr *)&server, addr_len) == -1) {
531 - # ifndef OPENSSL_SYS_WINDOWS
532 - perror("bind");
533 - # endif
534 -@@ -381,16 +455,23 @@
535 - return (ret);
536 - }
537 -
538 --static int init_server(int *sock, int port, int type)
539 -+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6)
540 - {
541 -- return (init_server_long(sock, port, NULL, type));
542 -+ return (init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6));
543 - }
544 -
545 - static int do_accept(int acc_sock, int *sock, char **host)
546 - {
547 - int ret;
548 - struct hostent *h1, *h2;
549 -- static struct sockaddr_in from;
550 -+#if OPENSSL_USE_IPV6
551 -+ struct sockaddr_storage from;
552 -+ struct sockaddr_in *from_in = (struct sockaddr_in *)&from;
553 -+ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from;
554 -+#else
555 -+ struct sockaddr_in from;
556 -+ struct sockaddr_in *from_in = &from;
557 -+#endif
558 - int len;
559 - /* struct linger ling; */
560 -
561 -@@ -440,14 +521,25 @@
562 -
563 - if (host == NULL)
564 - goto end;
565 -+# if OPENSSL_USE_IPV6
566 -+ if (from.ss_family == AF_INET)
567 -+# else
568 -+ if (from.sin_family == AF_INET)
569 -+# endif
570 - # ifndef BIT_FIELD_LIMITS
571 -- /* I should use WSAAsyncGetHostByName() under windows */
572 -- h1 = gethostbyaddr((char *)&from.sin_addr.s_addr,
573 -- sizeof(from.sin_addr.s_addr), AF_INET);
574 -+ /* I should use WSAAsyncGetHostByName() under windows */
575 -+ h1 = gethostbyaddr((char *)&from_in->sin_addr.s_addr,
576 -+ sizeof(from_in->sin_addr.s_addr), AF_INET);
577 - # else
578 -- h1 = gethostbyaddr((char *)&from.sin_addr,
579 -- sizeof(struct in_addr), AF_INET);
580 -+ h1 = gethostbyaddr((char *)&from_in->sin_addr,
581 -+ sizeof(struct in_addr), AF_INET);
582 -+# endif
583 -+# if OPENSSL_USE_IPV6
584 -+ else
585 -+ h1 = gethostbyaddr((char *)&from_in6->sin6_addr,
586 -+ sizeof(struct in6_addr), AF_INET6);
587 - # endif
588 -+
589 - if (h1 == NULL) {
590 - BIO_printf(bio_err, "bad gethostbyaddr\n");
591 - *host = NULL;
592 -@@ -460,14 +552,22 @@
593 - }
594 - BUF_strlcpy(*host, h1->h_name, strlen(h1->h_name) + 1);
595 -
596 -- h2 = GetHostByName(*host);
597 -+# if OPENSSL_USE_IPV6
598 -+ h2=GetHostByName(*host, from.ss_family);
599 -+# else
600 -+ h2=GetHostByName(*host, from.sin_family);
601 -+# endif
602 - if (h2 == NULL) {
603 - BIO_printf(bio_err, "gethostbyname failure\n");
604 - closesocket(ret);
605 - return (0);
606 - }
607 -- if (h2->h_addrtype != AF_INET) {
608 -- BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
609 -+# if OPENSSL_USE_IPV6
610 -+ if (h2->h_addrtype != from.ss_family) {
611 -+# else
612 -+ if (h2->h_addrtype != from.sin_family) {
613 -+# endif
614 -+ BIO_printf(bio_err, "gethostbyname addr is not correct\n");
615 - closesocket(ret);
616 - return (0);
617 - }
618 -@@ -483,14 +583,14 @@
619 - char *h, *p;
620 -
621 - h = str;
622 -- p = strchr(str, ':');
623 -+ p = strrchr(str, ':');
624 - if (p == NULL) {
625 - BIO_printf(bio_err, "no port defined\n");
626 - return (0);
627 - }
628 - *(p++) = '\0';
629 -
630 -- if ((ip != NULL) && !host_ip(str, ip))
631 -+ if ((ip != NULL) && !host_ip(str, ip, AF_INET))
632 - goto err;
633 - if (host_ptr != NULL)
634 - *host_ptr = h;
635 -@@ -502,44 +602,51 @@
636 - return (0);
637 - }
638 -
639 --static int host_ip(char *str, unsigned char ip[4])
640 -+static int host_ip(char *str, unsigned char *ip, int domain)
641 - {
642 - unsigned int in[4];
643 -+ unsigned long l;
644 - int i;
645 -
646 -- if (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) ==
647 -- 4) {
648 -+ if ((domain == AF_INET) && (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) == 4)) {
649 - for (i = 0; i < 4; i++)
650 - if (in[i] > 255) {
651 - BIO_printf(bio_err, "invalid IP address\n");
652 - goto err;
653 - }
654 -- ip[0] = in[0];
655 -- ip[1] = in[1];
656 -- ip[2] = in[2];
657 -- ip[3] = in[3];
658 -- } else { /* do a gethostbyname */
659 -+ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]);
660 -+ memcpy(ip, &l, 4);
661 -+ return 1;
662 -+ }
663 -+# if OPENSSL_USE_IPV6
664 -+ else if ((domain == AF_INET6) && (inet_pton(AF_INET6, str, ip) == 1))
665 -+ return 1;
666 -+# endif
667 -+ else { /* do a gethostbyname */
668 - struct hostent *he;
669 -
670 - if (!ssl_sock_init())
671 - return (0);
672 -
673 -- he = GetHostByName(str);
674 -+ he = GetHostByName(str, domain);
675 - if (he == NULL) {
676 - BIO_printf(bio_err, "gethostbyname failure\n");
677 - goto err;
678 - }
679 - /* cast to short because of win16 winsock definition */
680 -- if ((short)he->h_addrtype != AF_INET) {
681 -- BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
682 -+ if ((short)he->h_addrtype != domain) {
683 -+ BIO_printf(bio_err, "gethostbyname addr is not correct\n");
684 - return (0);
685 - }
686 -- ip[0] = he->h_addr_list[0][0];
687 -- ip[1] = he->h_addr_list[0][1];
688 -- ip[2] = he->h_addr_list[0][2];
689 -- ip[3] = he->h_addr_list[0][3];
690 -+ if (domain == AF_INET)
691 -+ memset(ip, 0, 4);
692 -+# if OPENSSL_USE_IPV6
693 -+ else
694 -+ memset(ip, 0, 16);
695 -+# endif
696 -+ memcpy(ip, he->h_addr_list[0], he->h_length);
697 -+ return 1;
698 - }
699 -- return (1);
700 - err:
701 - return (0);
702 - }
703 -@@ -573,7 +680,7 @@
704 - static unsigned long ghbn_hits = 0L;
705 - static unsigned long ghbn_miss = 0L;
706 -
707 --static struct hostent *GetHostByName(char *name)
708 -+static struct hostent *GetHostByName(char *name, int domain)
709 - {
710 - struct hostent *ret;
711 - int i, lowi = 0;
712 -@@ -585,13 +692,18 @@
713 - lowi = i;
714 - }
715 - if (ghbn_cache[i].order > 0) {
716 -- if (strncmp(name, ghbn_cache[i].name, 128) == 0)
717 -+ if ((strncmp(name, ghbn_cache[i].name, 128) == 0) && (ghbn_cache[i].ent.h_addrtype == domain))
718 - break;
719 - }
720 - }
721 - if (i == GHBN_NUM) { /* no hit */
722 - ghbn_miss++;
723 -- ret = gethostbyname(name);
724 -+ if (domain == AF_INET)
725 -+ ret = gethostbyname(name);
726 -+# if OPENSSL_USE_IPV6
727 -+ else
728 -+ ret = gethostbyname2(name, AF_INET6);
729 -+# endif
730 - if (ret == NULL)
731 - return (NULL);
732 - /* else add to cache */
733
734 diff --git a/dev-libs/openssl/files/openssl-1.0.2a-parallel-install-dirs.patch b/dev-libs/openssl/files/openssl-1.0.2a-parallel-install-dirs.patch
735 deleted file mode 100644
736 index 0198818c5fa..00000000000
737 --- a/dev-libs/openssl/files/openssl-1.0.2a-parallel-install-dirs.patch
738 +++ /dev/null
739 @@ -1,64 +0,0 @@
740 -https://rt.openssl.org/Ticket/Display.html?id=3736&user=guest&pass=guest
741 -
742 -From aba899f2eca21e11e5e9797bf8258e7265dea9f5 Mon Sep 17 00:00:00 2001
743 -From: Mike Frysinger <vapier@g.o>
744 -Date: Sun, 8 Mar 2015 01:32:01 -0500
745 -Subject: [PATCH] fix parallel install with dir creation
746 -
747 -The mkdir-p.pl does not handle parallel creation of directories.
748 -This comes up when the install_sw and install_docs rules run and
749 -both call mkdir-p.pl on sibling directory trees.
750 -
751 -Instead, lets create a single install_dirs rule that makes all of
752 -the dirs we need, and have these two install steps depend on that.
753 ----
754 - Makefile.org | 17 +++++++++--------
755 - 1 file changed, 9 insertions(+), 8 deletions(-)
756 -
757 -diff --git a/Makefile.org b/Makefile.org
758 -index a6d9471..78e6143 100644
759 ---- a/Makefile.org
760 -+++ b/Makefile.org
761 -@@ -536,9 +536,9 @@
762 - dist_pem_h:
763 - (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
764 -
765 --install: all install_docs install_sw
766 -+install: install_docs install_sw
767 -
768 --install_sw:
769 -+install_dirs:
770 - @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
771 - $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
772 - $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
773 -@@ -547,6 +547,13 @@
774 - $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
775 - $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
776 - $(INSTALL_PREFIX)$(OPENSSLDIR)/private
777 -+ @$(PERL) $(TOP)/util/mkdir-p.pl \
778 -+ $(INSTALL_PREFIX)$(MANDIR)/man1 \
779 -+ $(INSTALL_PREFIX)$(MANDIR)/man3 \
780 -+ $(INSTALL_PREFIX)$(MANDIR)/man5 \
781 -+ $(INSTALL_PREFIX)$(MANDIR)/man7
782 -+
783 -+install_sw: install_dirs
784 - @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
785 - do \
786 - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
787 -@@ -636,12 +643,7 @@
788 - done; \
789 - done
790 -
791 --install_docs:
792 -- @$(PERL) $(TOP)/util/mkdir-p.pl \
793 -- $(INSTALL_PREFIX)$(MANDIR)/man1 \
794 -- $(INSTALL_PREFIX)$(MANDIR)/man3 \
795 -- $(INSTALL_PREFIX)$(MANDIR)/man5 \
796 -- $(INSTALL_PREFIX)$(MANDIR)/man7
797 -+install_docs: install_dirs
798 - @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
799 - here="`pwd`"; \
800 - filecase=; \
801 ---
802 -2.3.4
803 -
804
805 diff --git a/dev-libs/openssl/files/openssl-1.0.2a-parallel-obj-headers.patch b/dev-libs/openssl/files/openssl-1.0.2a-parallel-obj-headers.patch
806 deleted file mode 100644
807 index a7d6f4effea..00000000000
808 --- a/dev-libs/openssl/files/openssl-1.0.2a-parallel-obj-headers.patch
809 +++ /dev/null
810 @@ -1,37 +0,0 @@
811 -https://rt.openssl.org/Ticket/Display.html?id=3737&user=guest&pass=guest
812 -
813 -From ce279d4361e07e9af9ceca8a6e326e661758ad53 Mon Sep 17 00:00:00 2001
814 -From: Mike Frysinger <vapier@g.o>
815 -Date: Sun, 8 Mar 2015 01:34:48 -0500
816 -Subject: [PATCH] fix parallel generation of obj headers
817 -
818 -The current code has dummy sleep/touch commands to try and work
819 -around the parallel issue, but that is obviously racy. Instead
820 -lets force one of the files to depend on the other so we know
821 -they'll never run in parallel.
822 ----
823 - crypto/objects/Makefile | 6 +++---
824 - 1 file changed, 3 insertions(+), 3 deletions(-)
825 -
826 -diff --git a/crypto/objects/Makefile b/crypto/objects/Makefile
827 -index ad2db1e..7d32504 100644
828 ---- a/crypto/objects/Makefile
829 -+++ b/crypto/objects/Makefile
830 -@@ -44,11 +44,11 @@
831 - # objects.pl both reads and writes obj_mac.num
832 - obj_mac.h: objects.pl objects.txt obj_mac.num
833 - $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
834 -- @sleep 1; touch obj_mac.h; sleep 1
835 -
836 --obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
837 -+# This doesn't really need obj_mac.h, but since that rule reads & writes
838 -+# obj_mac.num, we can't run in parallel with it.
839 -+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h
840 - $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
841 -- @sleep 1; touch obj_xref.h; sleep 1
842 -
843 - files:
844 - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
845 ---
846 -2.3.4
847 -
848
849 diff --git a/dev-libs/openssl/files/openssl-1.0.2a-parallel-symlinking.patch b/dev-libs/openssl/files/openssl-1.0.2a-parallel-symlinking.patch
850 deleted file mode 100644
851 index f2be696b106..00000000000
852 --- a/dev-libs/openssl/files/openssl-1.0.2a-parallel-symlinking.patch
853 +++ /dev/null
854 @@ -1,63 +0,0 @@
855 -https://rt.openssl.org/Ticket/Display.html?id=3780&user=guest&pass=guest
856 -
857 -From cc81af135bda47eaa6956a0329cbbc55bf993ac1 Mon Sep 17 00:00:00 2001
858 -From: Mike Frysinger <vapier@g.o>
859 -Date: Fri, 3 Apr 2015 01:16:23 -0400
860 -Subject: [PATCH] fix race when symlink shareds libs
861 -
862 -When the crypto/ssl targets attempt to build their shared libs, they run:
863 - cd ..; make libcrypto.so.1.0.0
864 -The top level Makefile in turn runs the build-shared target for that lib.
865 -
866 -The build-shared target depends on both do_$(SHLIB_TARGET) & link-shared.
867 -When building in parallel, make is allowed to run both of these. They
868 -both run Makefile.shared for their respective targets:
869 -do_$(SHLIB_TARGET) ->
870 - link_a.linux-shared ->
871 - link_a.gnu ->
872 - ...; $(LINK_SO_A) ->
873 - $(LINK_SO) ->
874 - $(SYMLINK_SO)
875 -link-shared ->
876 - symlink.linux-shared ->
877 - symlink.gnu ->
878 - ...; $(SYMLINK_SO)
879 -
880 -The shell code for SYMLINK_SO attempts to do a [ -e lib ] check, but fails
881 -basic TOCTOU semantics. Depending on the load, that means two processes
882 -will run the sequence:
883 - rm -f libcrypto.so
884 - ln -s libcrypto.so.1.0.0 libcrypto.so
885 -
886 -Which obviously fails:
887 - ln: failed to create symbolic link 'libcrypto.so': File exists
888 -
889 -Since we know do_$(SHLIB_TARGET) will create the symlink for us, don't
890 -bother depending on link-shared at all in the top level Makefile when
891 -building things.
892 -
893 -Reported-by: Martin von Gagern <Martin.vGagern@×××.net>
894 -URL: https://bugs.gentoo.org/545028
895 ----
896 - Makefile.org | 5 ++++-
897 - 1 file changed, 4 insertions(+), 1 deletion(-)
898 -
899 -diff --git a/Makefile.org b/Makefile.org
900 -index 890bfe4..576c60e 100644
901 ---- a/Makefile.org
902 -+++ b/Makefile.org
903 -@@ -350,7 +350,10 @@ link-shared:
904 - libs="$$libs -l$$i"; \
905 - done
906 -
907 --build-shared: do_$(SHLIB_TARGET) link-shared
908 -+# The link target in Makefile.shared will create the symlink for us, so no need
909 -+# to call link-shared directly. Doing so will cause races with two processes
910 -+# trying to symlink the lib.
911 -+build-shared: do_$(SHLIB_TARGET)
912 -
913 - do_$(SHLIB_TARGET):
914 - @ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
915 ---
916 -2.3.4
917 -
918
919 diff --git a/dev-libs/openssl/files/openssl-1.0.2i-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.2i-parallel-build.patch
920 deleted file mode 100644
921 index 387a077da27..00000000000
922 --- a/dev-libs/openssl/files/openssl-1.0.2i-parallel-build.patch
923 +++ /dev/null
924 @@ -1,326 +0,0 @@
925 ---- openssl-1.0.2i/crypto/Makefile
926 -+++ openssl-1.0.2i/crypto/Makefile
927 -@@ -85,11 +85,11 @@
928 - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
929 -
930 - subdirs:
931 -- @target=all; $(RECURSIVE_MAKE)
932 -+ +@target=all; $(RECURSIVE_MAKE)
933 -
934 - files:
935 - $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO
936 -- @target=files; $(RECURSIVE_MAKE)
937 -+ +@target=files; $(RECURSIVE_MAKE)
938 -
939 - links:
940 - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
941 -@@ -100,7 +100,7 @@
942 - # lib: $(LIB): are splitted to avoid end-less loop
943 - lib: $(LIB)
944 - @touch lib
945 --$(LIB): $(LIBOBJ)
946 -+$(LIB): $(LIBOBJ) | subdirs
947 - $(AR) $(LIB) $(LIBOBJ)
948 - test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
949 - $(RANLIB) $(LIB) || echo Never mind.
950 -@@ -111,7 +111,7 @@
951 - fi
952 -
953 - libs:
954 -- @target=lib; $(RECURSIVE_MAKE)
955 -+ +@target=lib; $(RECURSIVE_MAKE)
956 -
957 - install:
958 - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
959 -@@ -120,7 +120,7 @@
960 - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
961 - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
962 - done;
963 -- @target=install; $(RECURSIVE_MAKE)
964 -+ +@target=install; $(RECURSIVE_MAKE)
965 -
966 - lint:
967 - @target=lint; $(RECURSIVE_MAKE)
968 ---- openssl-1.0.2i/engines/Makefile
969 -+++ openssl-1.0.2i/engines/Makefile
970 -@@ -72,7 +72,7 @@
971 -
972 - all: lib subdirs
973 -
974 --lib: $(LIBOBJ)
975 -+lib: $(LIBOBJ) | subdirs
976 - @if [ -n "$(SHARED_LIBS)" ]; then \
977 - set -e; \
978 - for l in $(LIBNAMES); do \
979 -@@ -89,7 +89,7 @@
980 -
981 - subdirs:
982 - echo $(EDIRS)
983 -- @target=all; $(RECURSIVE_MAKE)
984 -+ +@target=all; $(RECURSIVE_MAKE)
985 -
986 - files:
987 - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
988 -@@ -128,7 +128,7 @@
989 - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
990 - done; \
991 - fi
992 -- @target=install; $(RECURSIVE_MAKE)
993 -+ +@target=install; $(RECURSIVE_MAKE)
994 -
995 - tags:
996 - ctags $(SRC)
997 ---- openssl-1.0.2i/Makefile.org
998 -+++ openssl-1.0.2i/Makefile.org
999 -@@ -281,17 +281,17 @@
1000 - build_libssl: build_ssl libssl.pc
1001 -
1002 - build_crypto:
1003 -- @dir=crypto; target=all; $(BUILD_ONE_CMD)
1004 -+ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
1005 - build_ssl: build_crypto
1006 -- @dir=ssl; target=all; $(BUILD_ONE_CMD)
1007 -+ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
1008 - build_engines: build_crypto
1009 -- @dir=engines; target=all; $(BUILD_ONE_CMD)
1010 -+ +@dir=engines; target=all; $(BUILD_ONE_CMD)
1011 - build_apps: build_libs
1012 -- @dir=apps; target=all; $(BUILD_ONE_CMD)
1013 -+ +@dir=apps; target=all; $(BUILD_ONE_CMD)
1014 - build_tests: build_libs
1015 -- @dir=test; target=all; $(BUILD_ONE_CMD)
1016 -+ +@dir=test; target=all; $(BUILD_ONE_CMD)
1017 - build_tools: build_libs
1018 -- @dir=tools; target=all; $(BUILD_ONE_CMD)
1019 -+ +@dir=tools; target=all; $(BUILD_ONE_CMD)
1020 -
1021 - all_testapps: build_libs build_testapps
1022 - build_testapps:
1023 -@@ -547,7 +547,7 @@
1024 - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
1025 - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
1026 - done;
1027 -- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
1028 -+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD)
1029 - @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
1030 - do \
1031 - if [ -f "$$i" ]; then \
1032 ---- openssl-1.0.2i/Makefile.shared
1033 -+++ openssl-1.0.2i/Makefile.shared
1034 -@@ -105,6 +105,7 @@
1035 - SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
1036 - LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
1037 - LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
1038 -+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
1039 - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
1040 - $${SHAREDCMD} $${SHAREDFLAGS} \
1041 - -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
1042 -@@ -122,6 +123,7 @@
1043 - done; \
1044 - fi; \
1045 - if [ -n "$$SHLIB_SOVER" ]; then \
1046 -+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
1047 - ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
1048 - ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
1049 - fi; \
1050 ---- openssl-1.0.2i/test/Makefile
1051 -+++ openssl-1.0.2i/test/Makefile
1052 -@@ -144,7 +144,7 @@
1053 - tags:
1054 - ctags $(SRC)
1055 -
1056 --tests: exe apps $(TESTS)
1057 -+tests: exe $(TESTS)
1058 -
1059 - apps:
1060 - @(cd ..; $(MAKE) DIRS=apps all)
1061 -@@ -435,136 +435,136 @@
1062 - link_app.$${shlib_target}
1063 -
1064 - $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
1065 -- @target=$(RSATEST); $(BUILD_CMD)
1066 -+ +@target=$(RSATEST); $(BUILD_CMD)
1067 -
1068 - $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
1069 -- @target=$(BNTEST); $(BUILD_CMD)
1070 -+ +@target=$(BNTEST); $(BUILD_CMD)
1071 -
1072 - $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
1073 -- @target=$(ECTEST); $(BUILD_CMD)
1074 -+ +@target=$(ECTEST); $(BUILD_CMD)
1075 -
1076 - $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
1077 -- @target=$(EXPTEST); $(BUILD_CMD)
1078 -+ +@target=$(EXPTEST); $(BUILD_CMD)
1079 -
1080 - $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
1081 -- @target=$(IDEATEST); $(BUILD_CMD)
1082 -+ +@target=$(IDEATEST); $(BUILD_CMD)
1083 -
1084 - $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
1085 -- @target=$(MD2TEST); $(BUILD_CMD)
1086 -+ +@target=$(MD2TEST); $(BUILD_CMD)
1087 -
1088 - $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
1089 -- @target=$(SHATEST); $(BUILD_CMD)
1090 -+ +@target=$(SHATEST); $(BUILD_CMD)
1091 -
1092 - $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
1093 -- @target=$(SHA1TEST); $(BUILD_CMD)
1094 -+ +@target=$(SHA1TEST); $(BUILD_CMD)
1095 -
1096 - $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
1097 -- @target=$(SHA256TEST); $(BUILD_CMD)
1098 -+ +@target=$(SHA256TEST); $(BUILD_CMD)
1099 -
1100 - $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
1101 -- @target=$(SHA512TEST); $(BUILD_CMD)
1102 -+ +@target=$(SHA512TEST); $(BUILD_CMD)
1103 -
1104 - $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
1105 -- @target=$(RMDTEST); $(BUILD_CMD)
1106 -+ +@target=$(RMDTEST); $(BUILD_CMD)
1107 -
1108 - $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
1109 -- @target=$(MDC2TEST); $(BUILD_CMD)
1110 -+ +@target=$(MDC2TEST); $(BUILD_CMD)
1111 -
1112 - $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
1113 -- @target=$(MD4TEST); $(BUILD_CMD)
1114 -+ +@target=$(MD4TEST); $(BUILD_CMD)
1115 -
1116 - $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
1117 -- @target=$(MD5TEST); $(BUILD_CMD)
1118 -+ +@target=$(MD5TEST); $(BUILD_CMD)
1119 -
1120 - $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
1121 -- @target=$(HMACTEST); $(BUILD_CMD)
1122 -+ +@target=$(HMACTEST); $(BUILD_CMD)
1123 -
1124 - $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
1125 -- @target=$(WPTEST); $(BUILD_CMD)
1126 -+ +@target=$(WPTEST); $(BUILD_CMD)
1127 -
1128 - $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
1129 -- @target=$(RC2TEST); $(BUILD_CMD)
1130 -+ +@target=$(RC2TEST); $(BUILD_CMD)
1131 -
1132 - $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
1133 -- @target=$(BFTEST); $(BUILD_CMD)
1134 -+ +@target=$(BFTEST); $(BUILD_CMD)
1135 -
1136 - $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
1137 -- @target=$(CASTTEST); $(BUILD_CMD)
1138 -+ +@target=$(CASTTEST); $(BUILD_CMD)
1139 -
1140 - $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
1141 -- @target=$(RC4TEST); $(BUILD_CMD)
1142 -+ +@target=$(RC4TEST); $(BUILD_CMD)
1143 -
1144 - $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
1145 -- @target=$(RC5TEST); $(BUILD_CMD)
1146 -+ +@target=$(RC5TEST); $(BUILD_CMD)
1147 -
1148 - $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
1149 -- @target=$(DESTEST); $(BUILD_CMD)
1150 -+ +@target=$(DESTEST); $(BUILD_CMD)
1151 -
1152 - $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
1153 -- @target=$(RANDTEST); $(BUILD_CMD)
1154 -+ +@target=$(RANDTEST); $(BUILD_CMD)
1155 -
1156 - $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
1157 -- @target=$(DHTEST); $(BUILD_CMD)
1158 -+ +@target=$(DHTEST); $(BUILD_CMD)
1159 -
1160 - $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
1161 -- @target=$(DSATEST); $(BUILD_CMD)
1162 -+ +@target=$(DSATEST); $(BUILD_CMD)
1163 -
1164 - $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
1165 -- @target=$(METHTEST); $(BUILD_CMD)
1166 -+ +@target=$(METHTEST); $(BUILD_CMD)
1167 -
1168 - $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
1169 -- @target=$(SSLTEST); $(FIPS_BUILD_CMD)
1170 -+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD)
1171 -
1172 - $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
1173 -- @target=$(ENGINETEST); $(BUILD_CMD)
1174 -+ +@target=$(ENGINETEST); $(BUILD_CMD)
1175 -
1176 - $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
1177 -- @target=$(EVPTEST); $(BUILD_CMD)
1178 -+ +@target=$(EVPTEST); $(BUILD_CMD)
1179 -
1180 - $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO)
1181 -- @target=$(EVPEXTRATEST); $(BUILD_CMD)
1182 -+ +@target=$(EVPEXTRATEST); $(BUILD_CMD)
1183 -
1184 - $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
1185 -- @target=$(ECDSATEST); $(BUILD_CMD)
1186 -+ +@target=$(ECDSATEST); $(BUILD_CMD)
1187 -
1188 - $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
1189 -- @target=$(ECDHTEST); $(BUILD_CMD)
1190 -+ +@target=$(ECDHTEST); $(BUILD_CMD)
1191 -
1192 - $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
1193 -- @target=$(IGETEST); $(BUILD_CMD)
1194 -+ +@target=$(IGETEST); $(BUILD_CMD)
1195 -
1196 - $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
1197 -- @target=$(JPAKETEST); $(BUILD_CMD)
1198 -+ +@target=$(JPAKETEST); $(BUILD_CMD)
1199 -
1200 - $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
1201 -- @target=$(ASN1TEST); $(BUILD_CMD)
1202 -+ +@target=$(ASN1TEST); $(BUILD_CMD)
1203 -
1204 - $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
1205 -- @target=$(SRPTEST); $(BUILD_CMD)
1206 -+ +@target=$(SRPTEST); $(BUILD_CMD)
1207 -
1208 - $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO)
1209 -- @target=$(V3NAMETEST); $(BUILD_CMD)
1210 -+ +@target=$(V3NAMETEST); $(BUILD_CMD)
1211 -
1212 - $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
1213 -- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
1214 -+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
1215 -
1216 - $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
1217 -- @target=$(CONSTTIMETEST) $(BUILD_CMD)
1218 -+ +@target=$(CONSTTIMETEST) $(BUILD_CMD)
1219 -
1220 - $(VERIFYEXTRATEST)$(EXE_EXT): $(VERIFYEXTRATEST).o
1221 -- @target=$(VERIFYEXTRATEST) $(BUILD_CMD)
1222 -+ +@target=$(VERIFYEXTRATEST) $(BUILD_CMD)
1223 -
1224 - $(CLIENTHELLOTEST)$(EXE_EXT): $(CLIENTHELLOTEST).o
1225 -- @target=$(CLIENTHELLOTEST) $(BUILD_CMD)
1226 -+ +@target=$(CLIENTHELLOTEST) $(BUILD_CMD)
1227 -
1228 - $(BADDTLSTEST)$(EXE_EXT): $(BADDTLSTEST).o
1229 -- @target=$(BADDTLSTEST) $(BUILD_CMD)
1230 -+ +@target=$(BADDTLSTEST) $(BUILD_CMD)
1231 -
1232 - $(SSLV2CONFTEST)$(EXE_EXT): $(SSLV2CONFTEST).o
1233 -- @target=$(SSLV2CONFTEST) $(BUILD_CMD)
1234 -+ +@target=$(SSLV2CONFTEST) $(BUILD_CMD)
1235 -
1236 - $(DTLSTEST)$(EXE_EXT): $(DTLSTEST).o ssltestlib.o $(DLIBSSL) $(DLIBCRYPTO)
1237 -- @target=$(DTLSTEST); exobj=ssltestlib.o; $(BUILD_CMD)
1238 -+ +@target=$(DTLSTEST); exobj=ssltestlib.o; $(BUILD_CMD)
1239 -
1240 - #$(AESTEST).o: $(AESTEST).c
1241 - # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
1242 -@@ -577,7 +577,7 @@
1243 - # fi
1244 -
1245 - dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
1246 -- @target=dummytest; $(BUILD_CMD)
1247 -+ +@target=dummytest; $(BUILD_CMD)
1248 -
1249 - # DO NOT DELETE THIS LINE -- make depend depends on it.
1250 -
1251
1252 diff --git a/dev-libs/openssl/openssl-1.0.2k.ebuild b/dev-libs/openssl/openssl-1.0.2k.ebuild
1253 deleted file mode 100644
1254 index 9ba2eeef6ad..00000000000
1255 --- a/dev-libs/openssl/openssl-1.0.2k.ebuild
1256 +++ /dev/null
1257 @@ -1,254 +0,0 @@
1258 -# Copyright 1999-2017 Gentoo Foundation
1259 -# Distributed under the terms of the GNU General Public License v2
1260 -
1261 -EAPI="5"
1262 -
1263 -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal
1264 -
1265 -MY_P=${P/_/-}
1266 -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
1267 -HOMEPAGE="http://www.openssl.org/"
1268 -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz"
1269 -
1270 -LICENSE="openssl"
1271 -SLOT="0"
1272 -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
1273 -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 sslv2 +sslv3 static-libs test +tls-heartbeat vanilla zlib"
1274 -RESTRICT="!bindist? ( bindist )"
1275 -
1276 -RDEPEND=">=app-misc/c_rehash-1.7-r1
1277 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
1278 - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
1279 - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )"
1280 -DEPEND="${RDEPEND}
1281 - >=dev-lang/perl-5
1282 - sctp? ( >=net-misc/lksctp-tools-1.0.12 )
1283 - test? (
1284 - sys-apps/diffutils
1285 - sys-devel/bc
1286 - )"
1287 -PDEPEND="app-misc/ca-certificates"
1288 -
1289 -S="${WORKDIR}/${MY_P}"
1290 -
1291 -MULTILIB_WRAPPED_HEADERS=(
1292 - usr/include/openssl/opensslconf.h
1293 -)
1294 -
1295 -src_prepare() {
1296 - # keep this in sync with app-misc/c_rehash
1297 - SSL_CNF_DIR="/etc/ssl"
1298 -
1299 - # Make sure we only ever touch Makefile.org and avoid patching a file
1300 - # that gets blown away anyways by the Configure script in src_configure
1301 - rm -f Makefile
1302 -
1303 - if ! use vanilla ; then
1304 - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
1305 - epatch "${FILESDIR}"/${PN}-1.0.2i-parallel-build.patch
1306 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch
1307 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch
1308 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028
1309 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch
1310 - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618
1311 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338
1312 -
1313 - epatch_user #332661
1314 - fi
1315 -
1316 - # disable fips in the build
1317 - # make sure the man pages are suffixed #302165
1318 - # don't bother building man pages if they're disabled
1319 - sed -i \
1320 - -e '/DIRS/s: fips : :g' \
1321 - -e '/^MANSUFFIX/s:=.*:=ssl:' \
1322 - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
1323 - -e $(has noman FEATURES \
1324 - && echo '/^install:/s:install_docs::' \
1325 - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
1326 - Makefile.org \
1327 - || die
1328 - # show the actual commands in the log
1329 - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
1330 -
1331 - # since we're forcing $(CC) as makedep anyway, just fix
1332 - # the conditional as always-on
1333 - # helps clang (#417795), and versioned gcc (#499818)
1334 - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die
1335 -
1336 - # quiet out unknown driver argument warnings since openssl
1337 - # doesn't have well-split CFLAGS and we're making it even worse
1338 - # and 'make depend' uses -Werror for added fun (#417795 again)
1339 - [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments
1340 -
1341 - # allow openssl to be cross-compiled
1342 - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die
1343 - chmod a+rx gentoo.config
1344 -
1345 - append-flags -fno-strict-aliasing
1346 - append-flags $(test-flags-CC -Wa,--noexecstack)
1347 - append-cppflags -DOPENSSL_NO_BUF_FREELISTS
1348 -
1349 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
1350 - # The config script does stupid stuff to prompt the user. Kill it.
1351 - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
1352 - ./config --test-sanity || die "I AM NOT SANE"
1353 -
1354 - multilib_copy_sources
1355 -}
1356 -
1357 -multilib_src_configure() {
1358 - unset APPS #197996
1359 - unset SCRIPTS #312551
1360 - unset CROSS_COMPILE #311473
1361 -
1362 - tc-export CC AR RANLIB RC
1363 -
1364 - # Clean out patent-or-otherwise-encumbered code
1365 - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
1366 - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
1367 - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
1368 - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
1369 - # RC5: Expired http://en.wikipedia.org/wiki/RC5
1370 -
1371 - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
1372 - echoit() { echo "$@" ; "$@" ; }
1373 -
1374 - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
1375 -
1376 - # See if our toolchain supports __uint128_t. If so, it's 64bit
1377 - # friendly and can use the nicely optimized code paths. #460790
1378 - local ec_nistp_64_gcc_128
1379 - # Disable it for now though #469976
1380 - #if ! use bindist ; then
1381 - # echo "__uint128_t i;" > "${T}"/128.c
1382 - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
1383 - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
1384 - # fi
1385 - #fi
1386 -
1387 - # https://github.com/openssl/openssl/issues/2286
1388 - if use ia64 ; then
1389 - replace-flags -g3 -g2
1390 - replace-flags -ggdb3 -ggdb2
1391 - fi
1392 -
1393 - local sslout=$(./gentoo.config)
1394 - einfo "Use configuration ${sslout:-(openssl knows best)}"
1395 - local config="Configure"
1396 - [[ -z ${sslout} ]] && config="config"
1397 -
1398 - echoit \
1399 - ./${config} \
1400 - ${sslout} \
1401 - $(use cpu_flags_x86_sse2 || echo "no-sse2") \
1402 - enable-camellia \
1403 - $(use_ssl !bindist ec) \
1404 - ${ec_nistp_64_gcc_128} \
1405 - enable-idea \
1406 - enable-mdc2 \
1407 - enable-rc5 \
1408 - enable-tlsext \
1409 - $(use_ssl asm) \
1410 - $(use_ssl gmp gmp -lgmp) \
1411 - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
1412 - $(use_ssl rfc3779) \
1413 - $(use_ssl sctp) \
1414 - $(use_ssl sslv2 ssl2) \
1415 - $(use_ssl sslv3 ssl3) \
1416 - $(use_ssl tls-heartbeat heartbeats) \
1417 - $(use_ssl zlib) \
1418 - --prefix="${EPREFIX}"/usr \
1419 - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \
1420 - --libdir=$(get_libdir) \
1421 - shared threads \
1422 - || die
1423 -
1424 - # Clean out hardcoded flags that openssl uses
1425 - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
1426 - -e 's:^CFLAG=::' \
1427 - -e 's:-fomit-frame-pointer ::g' \
1428 - -e 's:-O[0-9] ::g' \
1429 - -e 's:-march=[-a-z0-9]* ::g' \
1430 - -e 's:-mcpu=[-a-z0-9]* ::g' \
1431 - -e 's:-m[a-z0-9]* ::g' \
1432 - )
1433 - sed -i \
1434 - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
1435 - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
1436 - Makefile || die
1437 -}
1438 -
1439 -multilib_src_compile() {
1440 - # depend is needed to use $confopts; it also doesn't matter
1441 - # that it's -j1 as the code itself serializes subdirs
1442 - emake -j1 depend
1443 - emake all
1444 - # rehash is needed to prep the certs/ dir; do this
1445 - # separately to avoid parallel build issues.
1446 - emake rehash
1447 -}
1448 -
1449 -multilib_src_test() {
1450 - emake -j1 test
1451 -}
1452 -
1453 -multilib_src_install() {
1454 - emake INSTALL_PREFIX="${D}" install
1455 -}
1456 -
1457 -multilib_src_install_all() {
1458 - # openssl installs perl version of c_rehash by default, but
1459 - # we provide a shell version via app-misc/c_rehash
1460 - rm "${ED}"/usr/bin/c_rehash || die
1461 -
1462 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
1463 - dohtml -r doc/*
1464 - use rfc3779 && dodoc engines/ccgost/README.gost
1465 -
1466 - # This is crappy in that the static archives are still built even
1467 - # when USE=static-libs. But this is due to a failing in the openssl
1468 - # build system: the static archives are built as PIC all the time.
1469 - # Only way around this would be to manually configure+compile openssl
1470 - # twice; once with shared lib support enabled and once without.
1471 - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
1472 -
1473 - # create the certs directory
1474 - dodir ${SSL_CNF_DIR}/certs
1475 - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
1476 - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
1477 -
1478 - # Namespace openssl programs to prevent conflicts with other man pages
1479 - cd "${ED}"/usr/share/man
1480 - local m d s
1481 - for m in $(find . -type f | xargs grep -L '#include') ; do
1482 - d=${m%/*} ; d=${d#./} ; m=${m##*/}
1483 - [[ ${m} == openssl.1* ]] && continue
1484 - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
1485 - mv ${d}/{,ssl-}${m}
1486 - # fix up references to renamed man pages
1487 - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
1488 - ln -s ssl-${m} ${d}/openssl-${m}
1489 - # locate any symlinks that point to this man page ... we assume
1490 - # that any broken links are due to the above renaming
1491 - for s in $(find -L ${d} -type l) ; do
1492 - s=${s##*/}
1493 - rm -f ${d}/${s}
1494 - ln -s ssl-${m} ${d}/ssl-${s}
1495 - ln -s ssl-${s} ${d}/openssl-${s}
1496 - done
1497 - done
1498 - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
1499 -
1500 - dodir /etc/sandbox.d #254521
1501 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
1502 -
1503 - diropts -m0700
1504 - keepdir ${SSL_CNF_DIR}/private
1505 -}
1506 -
1507 -pkg_postinst() {
1508 - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
1509 - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
1510 - eend $?
1511 -}
1512
1513 diff --git a/dev-libs/openssl/openssl-1.0.2l-r1.ebuild b/dev-libs/openssl/openssl-1.0.2l-r1.ebuild
1514 deleted file mode 100644
1515 index 4c78a177bf6..00000000000
1516 --- a/dev-libs/openssl/openssl-1.0.2l-r1.ebuild
1517 +++ /dev/null
1518 @@ -1,296 +0,0 @@
1519 -# Copyright 1999-2017 Gentoo Foundation
1520 -# Distributed under the terms of the GNU General Public License v2
1521 -
1522 -EAPI="5"
1523 -
1524 -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal
1525 -
1526 -MY_P=${P/_/-}
1527 -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
1528 -HOMEPAGE="http://www.openssl.org/"
1529 -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz"
1530 -
1531 -LICENSE="openssl"
1532 -SLOT="0"
1533 -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
1534 -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 sslv2 +sslv3 static-libs test +tls-heartbeat vanilla zlib"
1535 -RESTRICT="!bindist? ( bindist )"
1536 -
1537 -RDEPEND=">=app-misc/c_rehash-1.7-r1
1538 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
1539 - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
1540 - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )"
1541 -DEPEND="${RDEPEND}
1542 - >=dev-lang/perl-5
1543 - sctp? ( >=net-misc/lksctp-tools-1.0.12 )
1544 - test? (
1545 - sys-apps/diffutils
1546 - sys-devel/bc
1547 - )"
1548 -PDEPEND="app-misc/ca-certificates"
1549 -
1550 -# This does not copy the entire Fedora patchset, but JUST the parts that
1551 -# are needed to make it safe to use EC with RESTRICT=bindist.
1552 -# See openssl.spec for the matching numbering of SourceNNN, PatchNNN
1553 -SOURCE1=hobble-openssl
1554 -SOURCE12=ec_curve.c
1555 -SOURCE13=ectest.c
1556 -#PATCH1=openssl-1.1.0-build.patch # Fixes EVP testcase for EC
1557 -#PATCH37=openssl-1.1.0-ec-curves.patch
1558 -FEDORA_GIT_BASE='https://src.fedoraproject.org/cgit/rpms/openssl.git/plain/'
1559 -FEDORA_GIT_BRANCH='f25'
1560 -FEDORA_SRC_URI=()
1561 -FEDORA_SOURCE=( $SOURCE1 $SOURCE12 $SOURCE13 )
1562 -FEDORA_PATCH=( $PATCH1 $PATCH37 )
1563 -for i in "${FEDORA_SOURCE[@]}" ; do
1564 - FEDORA_SRC_URI+=( "${FEDORA_GIT_BASE}/${i}?h=${FEDORA_GIT_BRANCH} -> ${P}_${i}" )
1565 -done
1566 -for i in "${FEDORA_PATCH[@]}" ; do # Already have a version prefix
1567 - FEDORA_SRC_URI+=( "${FEDORA_GIT_BASE}/${i}?h=${FEDORA_GIT_BRANCH} -> ${i}" )
1568 -done
1569 -SRC_URI+=" bindist? ( ${FEDORA_SRC_URI[@]} )"
1570 -
1571 -S="${WORKDIR}/${MY_P}"
1572 -
1573 -MULTILIB_WRAPPED_HEADERS=(
1574 - usr/include/openssl/opensslconf.h
1575 -)
1576 -
1577 -src_prepare() {
1578 - if use bindist; then
1579 - # This just removes the prefix, and puts it into WORKDIR like the RPM.
1580 - for i in "${FEDORA_SOURCE[@]}" ; do
1581 - cp -f "${DISTDIR}"/"${P}_${i}" "${WORKDIR}"/"${i}" || die
1582 - done
1583 - # .spec %prep
1584 - bash "${WORKDIR}"/"${SOURCE1}" || die
1585 - cp -f "${WORKDIR}"/"${SOURCE12}" "${S}"/crypto/ec/ || die
1586 - cp -f "${WORKDIR}"/"${SOURCE13}" "${S}"/crypto/ec/ || die # Moves to test/ in OpenSSL-1.1
1587 - for i in "${FEDORA_PATCH[@]}" ; do
1588 - epatch "${DISTDIR}"/"${i}"
1589 - done
1590 - # Also see the configure parts below:
1591 - # enable-ec \
1592 - # $(use_ssl !bindist ec2m) \
1593 - # $(use_ssl !bindist srp) \
1594 -
1595 - fi
1596 - # keep this in sync with app-misc/c_rehash
1597 - SSL_CNF_DIR="/etc/ssl"
1598 -
1599 - # Make sure we only ever touch Makefile.org and avoid patching a file
1600 - # that gets blown away anyways by the Configure script in src_configure
1601 - rm -f Makefile
1602 -
1603 - if ! use vanilla ; then
1604 - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
1605 - epatch "${FILESDIR}"/${PN}-1.0.2i-parallel-build.patch
1606 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch
1607 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch
1608 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028
1609 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch
1610 - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618
1611 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338
1612 -
1613 - epatch_user #332661
1614 - fi
1615 -
1616 - # disable fips in the build
1617 - # make sure the man pages are suffixed #302165
1618 - # don't bother building man pages if they're disabled
1619 - sed -i \
1620 - -e '/DIRS/s: fips : :g' \
1621 - -e '/^MANSUFFIX/s:=.*:=ssl:' \
1622 - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
1623 - -e $(has noman FEATURES \
1624 - && echo '/^install:/s:install_docs::' \
1625 - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
1626 - Makefile.org \
1627 - || die
1628 - # show the actual commands in the log
1629 - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
1630 -
1631 - # since we're forcing $(CC) as makedep anyway, just fix
1632 - # the conditional as always-on
1633 - # helps clang (#417795), and versioned gcc (#499818)
1634 - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die
1635 -
1636 - # quiet out unknown driver argument warnings since openssl
1637 - # doesn't have well-split CFLAGS and we're making it even worse
1638 - # and 'make depend' uses -Werror for added fun (#417795 again)
1639 - [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments
1640 -
1641 - # allow openssl to be cross-compiled
1642 - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die
1643 - chmod a+rx gentoo.config
1644 -
1645 - append-flags -fno-strict-aliasing
1646 - append-flags $(test-flags-CC -Wa,--noexecstack)
1647 - append-cppflags -DOPENSSL_NO_BUF_FREELISTS
1648 -
1649 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
1650 - # The config script does stupid stuff to prompt the user. Kill it.
1651 - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
1652 - ./config --test-sanity || die "I AM NOT SANE"
1653 -
1654 - multilib_copy_sources
1655 -}
1656 -
1657 -multilib_src_configure() {
1658 - unset APPS #197996
1659 - unset SCRIPTS #312551
1660 - unset CROSS_COMPILE #311473
1661 -
1662 - tc-export CC AR RANLIB RC
1663 -
1664 - # Clean out patent-or-otherwise-encumbered code
1665 - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
1666 - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
1667 - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
1668 - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
1669 - # RC5: Expired http://en.wikipedia.org/wiki/RC5
1670 -
1671 - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
1672 - echoit() { echo "$@" ; "$@" ; }
1673 -
1674 - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
1675 -
1676 - # See if our toolchain supports __uint128_t. If so, it's 64bit
1677 - # friendly and can use the nicely optimized code paths. #460790
1678 - local ec_nistp_64_gcc_128
1679 - # Disable it for now though #469976
1680 - #if ! use bindist ; then
1681 - # echo "__uint128_t i;" > "${T}"/128.c
1682 - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
1683 - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
1684 - # fi
1685 - #fi
1686 -
1687 - # https://github.com/openssl/openssl/issues/2286
1688 - if use ia64 ; then
1689 - replace-flags -g3 -g2
1690 - replace-flags -ggdb3 -ggdb2
1691 - fi
1692 -
1693 - local sslout=$(./gentoo.config)
1694 - einfo "Use configuration ${sslout:-(openssl knows best)}"
1695 - local config="Configure"
1696 - [[ -z ${sslout} ]] && config="config"
1697 -
1698 - # Fedora hobbled-EC needs 'no-ec2m', 'no-srp'
1699 - echoit \
1700 - ./${config} \
1701 - ${sslout} \
1702 - $(use cpu_flags_x86_sse2 || echo "no-sse2") \
1703 - enable-camellia \
1704 - enable-ec \
1705 - $(use_ssl !bindist ec2m) \
1706 - $(use_ssl !bindist srp) \
1707 - ${ec_nistp_64_gcc_128} \
1708 - enable-idea \
1709 - enable-mdc2 \
1710 - enable-rc5 \
1711 - enable-tlsext \
1712 - $(use_ssl asm) \
1713 - $(use_ssl gmp gmp -lgmp) \
1714 - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
1715 - $(use_ssl rfc3779) \
1716 - $(use_ssl sctp) \
1717 - $(use_ssl sslv2 ssl2) \
1718 - $(use_ssl sslv3 ssl3) \
1719 - $(use_ssl tls-heartbeat heartbeats) \
1720 - $(use_ssl zlib) \
1721 - --prefix="${EPREFIX}"/usr \
1722 - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \
1723 - --libdir=$(get_libdir) \
1724 - shared threads \
1725 - || die
1726 -
1727 - # Clean out hardcoded flags that openssl uses
1728 - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
1729 - -e 's:^CFLAG=::' \
1730 - -e 's:-fomit-frame-pointer ::g' \
1731 - -e 's:-O[0-9] ::g' \
1732 - -e 's:-march=[-a-z0-9]* ::g' \
1733 - -e 's:-mcpu=[-a-z0-9]* ::g' \
1734 - -e 's:-m[a-z0-9]* ::g' \
1735 - )
1736 - sed -i \
1737 - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
1738 - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
1739 - Makefile || die
1740 -}
1741 -
1742 -multilib_src_compile() {
1743 - # depend is needed to use $confopts; it also doesn't matter
1744 - # that it's -j1 as the code itself serializes subdirs
1745 - emake -j1 depend
1746 - emake all
1747 - # rehash is needed to prep the certs/ dir; do this
1748 - # separately to avoid parallel build issues.
1749 - emake rehash
1750 -}
1751 -
1752 -multilib_src_test() {
1753 - emake -j1 test
1754 -}
1755 -
1756 -multilib_src_install() {
1757 - emake INSTALL_PREFIX="${D}" install
1758 -}
1759 -
1760 -multilib_src_install_all() {
1761 - # openssl installs perl version of c_rehash by default, but
1762 - # we provide a shell version via app-misc/c_rehash
1763 - rm "${ED}"/usr/bin/c_rehash || die
1764 -
1765 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
1766 - dohtml -r doc/*
1767 - use rfc3779 && dodoc engines/ccgost/README.gost
1768 -
1769 - # This is crappy in that the static archives are still built even
1770 - # when USE=static-libs. But this is due to a failing in the openssl
1771 - # build system: the static archives are built as PIC all the time.
1772 - # Only way around this would be to manually configure+compile openssl
1773 - # twice; once with shared lib support enabled and once without.
1774 - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
1775 -
1776 - # create the certs directory
1777 - dodir ${SSL_CNF_DIR}/certs
1778 - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
1779 - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
1780 -
1781 - # Namespace openssl programs to prevent conflicts with other man pages
1782 - cd "${ED}"/usr/share/man
1783 - local m d s
1784 - for m in $(find . -type f | xargs grep -L '#include') ; do
1785 - d=${m%/*} ; d=${d#./} ; m=${m##*/}
1786 - [[ ${m} == openssl.1* ]] && continue
1787 - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
1788 - mv ${d}/{,ssl-}${m}
1789 - # fix up references to renamed man pages
1790 - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
1791 - ln -s ssl-${m} ${d}/openssl-${m}
1792 - # locate any symlinks that point to this man page ... we assume
1793 - # that any broken links are due to the above renaming
1794 - for s in $(find -L ${d} -type l) ; do
1795 - s=${s##*/}
1796 - rm -f ${d}/${s}
1797 - ln -s ssl-${m} ${d}/ssl-${s}
1798 - ln -s ssl-${s} ${d}/openssl-${s}
1799 - done
1800 - done
1801 - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
1802 -
1803 - dodir /etc/sandbox.d #254521
1804 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
1805 -
1806 - diropts -m0700
1807 - keepdir ${SSL_CNF_DIR}/private
1808 -}
1809 -
1810 -pkg_postinst() {
1811 - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
1812 - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
1813 - eend $?
1814 -}
1815
1816 diff --git a/dev-libs/openssl/openssl-1.0.2l.ebuild b/dev-libs/openssl/openssl-1.0.2l.ebuild
1817 deleted file mode 100644
1818 index 32431370450..00000000000
1819 --- a/dev-libs/openssl/openssl-1.0.2l.ebuild
1820 +++ /dev/null
1821 @@ -1,254 +0,0 @@
1822 -# Copyright 1999-2017 Gentoo Foundation
1823 -# Distributed under the terms of the GNU General Public License v2
1824 -
1825 -EAPI="5"
1826 -
1827 -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal
1828 -
1829 -MY_P=${P/_/-}
1830 -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
1831 -HOMEPAGE="http://www.openssl.org/"
1832 -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz"
1833 -
1834 -LICENSE="openssl"
1835 -SLOT="0"
1836 -KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
1837 -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 sslv2 +sslv3 static-libs test +tls-heartbeat vanilla zlib"
1838 -RESTRICT="!bindist? ( bindist )"
1839 -
1840 -RDEPEND=">=app-misc/c_rehash-1.7-r1
1841 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
1842 - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
1843 - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )"
1844 -DEPEND="${RDEPEND}
1845 - >=dev-lang/perl-5
1846 - sctp? ( >=net-misc/lksctp-tools-1.0.12 )
1847 - test? (
1848 - sys-apps/diffutils
1849 - sys-devel/bc
1850 - )"
1851 -PDEPEND="app-misc/ca-certificates"
1852 -
1853 -S="${WORKDIR}/${MY_P}"
1854 -
1855 -MULTILIB_WRAPPED_HEADERS=(
1856 - usr/include/openssl/opensslconf.h
1857 -)
1858 -
1859 -src_prepare() {
1860 - # keep this in sync with app-misc/c_rehash
1861 - SSL_CNF_DIR="/etc/ssl"
1862 -
1863 - # Make sure we only ever touch Makefile.org and avoid patching a file
1864 - # that gets blown away anyways by the Configure script in src_configure
1865 - rm -f Makefile
1866 -
1867 - if ! use vanilla ; then
1868 - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
1869 - epatch "${FILESDIR}"/${PN}-1.0.2i-parallel-build.patch
1870 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch
1871 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch
1872 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028
1873 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch
1874 - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618
1875 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338
1876 -
1877 - epatch_user #332661
1878 - fi
1879 -
1880 - # disable fips in the build
1881 - # make sure the man pages are suffixed #302165
1882 - # don't bother building man pages if they're disabled
1883 - sed -i \
1884 - -e '/DIRS/s: fips : :g' \
1885 - -e '/^MANSUFFIX/s:=.*:=ssl:' \
1886 - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
1887 - -e $(has noman FEATURES \
1888 - && echo '/^install:/s:install_docs::' \
1889 - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
1890 - Makefile.org \
1891 - || die
1892 - # show the actual commands in the log
1893 - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
1894 -
1895 - # since we're forcing $(CC) as makedep anyway, just fix
1896 - # the conditional as always-on
1897 - # helps clang (#417795), and versioned gcc (#499818)
1898 - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die
1899 -
1900 - # quiet out unknown driver argument warnings since openssl
1901 - # doesn't have well-split CFLAGS and we're making it even worse
1902 - # and 'make depend' uses -Werror for added fun (#417795 again)
1903 - [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments
1904 -
1905 - # allow openssl to be cross-compiled
1906 - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die
1907 - chmod a+rx gentoo.config
1908 -
1909 - append-flags -fno-strict-aliasing
1910 - append-flags $(test-flags-CC -Wa,--noexecstack)
1911 - append-cppflags -DOPENSSL_NO_BUF_FREELISTS
1912 -
1913 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
1914 - # The config script does stupid stuff to prompt the user. Kill it.
1915 - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
1916 - ./config --test-sanity || die "I AM NOT SANE"
1917 -
1918 - multilib_copy_sources
1919 -}
1920 -
1921 -multilib_src_configure() {
1922 - unset APPS #197996
1923 - unset SCRIPTS #312551
1924 - unset CROSS_COMPILE #311473
1925 -
1926 - tc-export CC AR RANLIB RC
1927 -
1928 - # Clean out patent-or-otherwise-encumbered code
1929 - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
1930 - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
1931 - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
1932 - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
1933 - # RC5: Expired http://en.wikipedia.org/wiki/RC5
1934 -
1935 - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
1936 - echoit() { echo "$@" ; "$@" ; }
1937 -
1938 - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
1939 -
1940 - # See if our toolchain supports __uint128_t. If so, it's 64bit
1941 - # friendly and can use the nicely optimized code paths. #460790
1942 - local ec_nistp_64_gcc_128
1943 - # Disable it for now though #469976
1944 - #if ! use bindist ; then
1945 - # echo "__uint128_t i;" > "${T}"/128.c
1946 - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
1947 - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
1948 - # fi
1949 - #fi
1950 -
1951 - # https://github.com/openssl/openssl/issues/2286
1952 - if use ia64 ; then
1953 - replace-flags -g3 -g2
1954 - replace-flags -ggdb3 -ggdb2
1955 - fi
1956 -
1957 - local sslout=$(./gentoo.config)
1958 - einfo "Use configuration ${sslout:-(openssl knows best)}"
1959 - local config="Configure"
1960 - [[ -z ${sslout} ]] && config="config"
1961 -
1962 - echoit \
1963 - ./${config} \
1964 - ${sslout} \
1965 - $(use cpu_flags_x86_sse2 || echo "no-sse2") \
1966 - enable-camellia \
1967 - $(use_ssl !bindist ec) \
1968 - ${ec_nistp_64_gcc_128} \
1969 - enable-idea \
1970 - enable-mdc2 \
1971 - enable-rc5 \
1972 - enable-tlsext \
1973 - $(use_ssl asm) \
1974 - $(use_ssl gmp gmp -lgmp) \
1975 - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
1976 - $(use_ssl rfc3779) \
1977 - $(use_ssl sctp) \
1978 - $(use_ssl sslv2 ssl2) \
1979 - $(use_ssl sslv3 ssl3) \
1980 - $(use_ssl tls-heartbeat heartbeats) \
1981 - $(use_ssl zlib) \
1982 - --prefix="${EPREFIX}"/usr \
1983 - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \
1984 - --libdir=$(get_libdir) \
1985 - shared threads \
1986 - || die
1987 -
1988 - # Clean out hardcoded flags that openssl uses
1989 - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
1990 - -e 's:^CFLAG=::' \
1991 - -e 's:-fomit-frame-pointer ::g' \
1992 - -e 's:-O[0-9] ::g' \
1993 - -e 's:-march=[-a-z0-9]* ::g' \
1994 - -e 's:-mcpu=[-a-z0-9]* ::g' \
1995 - -e 's:-m[a-z0-9]* ::g' \
1996 - )
1997 - sed -i \
1998 - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
1999 - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
2000 - Makefile || die
2001 -}
2002 -
2003 -multilib_src_compile() {
2004 - # depend is needed to use $confopts; it also doesn't matter
2005 - # that it's -j1 as the code itself serializes subdirs
2006 - emake -j1 depend
2007 - emake all
2008 - # rehash is needed to prep the certs/ dir; do this
2009 - # separately to avoid parallel build issues.
2010 - emake rehash
2011 -}
2012 -
2013 -multilib_src_test() {
2014 - emake -j1 test
2015 -}
2016 -
2017 -multilib_src_install() {
2018 - emake INSTALL_PREFIX="${D}" install
2019 -}
2020 -
2021 -multilib_src_install_all() {
2022 - # openssl installs perl version of c_rehash by default, but
2023 - # we provide a shell version via app-misc/c_rehash
2024 - rm "${ED}"/usr/bin/c_rehash || die
2025 -
2026 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
2027 - dohtml -r doc/*
2028 - use rfc3779 && dodoc engines/ccgost/README.gost
2029 -
2030 - # This is crappy in that the static archives are still built even
2031 - # when USE=static-libs. But this is due to a failing in the openssl
2032 - # build system: the static archives are built as PIC all the time.
2033 - # Only way around this would be to manually configure+compile openssl
2034 - # twice; once with shared lib support enabled and once without.
2035 - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
2036 -
2037 - # create the certs directory
2038 - dodir ${SSL_CNF_DIR}/certs
2039 - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
2040 - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
2041 -
2042 - # Namespace openssl programs to prevent conflicts with other man pages
2043 - cd "${ED}"/usr/share/man
2044 - local m d s
2045 - for m in $(find . -type f | xargs grep -L '#include') ; do
2046 - d=${m%/*} ; d=${d#./} ; m=${m##*/}
2047 - [[ ${m} == openssl.1* ]] && continue
2048 - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
2049 - mv ${d}/{,ssl-}${m}
2050 - # fix up references to renamed man pages
2051 - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
2052 - ln -s ssl-${m} ${d}/openssl-${m}
2053 - # locate any symlinks that point to this man page ... we assume
2054 - # that any broken links are due to the above renaming
2055 - for s in $(find -L ${d} -type l) ; do
2056 - s=${s##*/}
2057 - rm -f ${d}/${s}
2058 - ln -s ssl-${m} ${d}/ssl-${s}
2059 - ln -s ssl-${s} ${d}/openssl-${s}
2060 - done
2061 - done
2062 - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
2063 -
2064 - dodir /etc/sandbox.d #254521
2065 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
2066 -
2067 - diropts -m0700
2068 - keepdir ${SSL_CNF_DIR}/private
2069 -}
2070 -
2071 -pkg_postinst() {
2072 - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
2073 - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
2074 - eend $?
2075 -}
2076
2077 diff --git a/dev-libs/openssl/openssl-1.0.2m.ebuild b/dev-libs/openssl/openssl-1.0.2m.ebuild
2078 deleted file mode 100644
2079 index c356e4ff2bd..00000000000
2080 --- a/dev-libs/openssl/openssl-1.0.2m.ebuild
2081 +++ /dev/null
2082 @@ -1,254 +0,0 @@
2083 -# Copyright 1999-2017 Gentoo Foundation
2084 -# Distributed under the terms of the GNU General Public License v2
2085 -
2086 -EAPI="5"
2087 -
2088 -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal
2089 -
2090 -MY_P=${P/_/-}
2091 -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
2092 -HOMEPAGE="https://www.openssl.org/"
2093 -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz"
2094 -
2095 -LICENSE="openssl"
2096 -SLOT="0"
2097 -KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
2098 -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 sslv2 +sslv3 static-libs test +tls-heartbeat vanilla zlib"
2099 -RESTRICT="!bindist? ( bindist )"
2100 -
2101 -RDEPEND=">=app-misc/c_rehash-1.7-r1
2102 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
2103 - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
2104 - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )"
2105 -DEPEND="${RDEPEND}
2106 - >=dev-lang/perl-5
2107 - sctp? ( >=net-misc/lksctp-tools-1.0.12 )
2108 - test? (
2109 - sys-apps/diffutils
2110 - sys-devel/bc
2111 - )"
2112 -PDEPEND="app-misc/ca-certificates"
2113 -
2114 -S="${WORKDIR}/${MY_P}"
2115 -
2116 -MULTILIB_WRAPPED_HEADERS=(
2117 - usr/include/openssl/opensslconf.h
2118 -)
2119 -
2120 -src_prepare() {
2121 - # keep this in sync with app-misc/c_rehash
2122 - SSL_CNF_DIR="/etc/ssl"
2123 -
2124 - # Make sure we only ever touch Makefile.org and avoid patching a file
2125 - # that gets blown away anyways by the Configure script in src_configure
2126 - rm -f Makefile
2127 -
2128 - if ! use vanilla ; then
2129 - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
2130 - epatch "${FILESDIR}"/${PN}-1.0.2i-parallel-build.patch
2131 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch
2132 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch
2133 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028
2134 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch
2135 - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618
2136 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338
2137 -
2138 - epatch_user #332661
2139 - fi
2140 -
2141 - # disable fips in the build
2142 - # make sure the man pages are suffixed #302165
2143 - # don't bother building man pages if they're disabled
2144 - sed -i \
2145 - -e '/DIRS/s: fips : :g' \
2146 - -e '/^MANSUFFIX/s:=.*:=ssl:' \
2147 - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
2148 - -e $(has noman FEATURES \
2149 - && echo '/^install:/s:install_docs::' \
2150 - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
2151 - Makefile.org \
2152 - || die
2153 - # show the actual commands in the log
2154 - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
2155 -
2156 - # since we're forcing $(CC) as makedep anyway, just fix
2157 - # the conditional as always-on
2158 - # helps clang (#417795), and versioned gcc (#499818)
2159 - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die
2160 -
2161 - # quiet out unknown driver argument warnings since openssl
2162 - # doesn't have well-split CFLAGS and we're making it even worse
2163 - # and 'make depend' uses -Werror for added fun (#417795 again)
2164 - [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments
2165 -
2166 - # allow openssl to be cross-compiled
2167 - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die
2168 - chmod a+rx gentoo.config
2169 -
2170 - append-flags -fno-strict-aliasing
2171 - append-flags $(test-flags-CC -Wa,--noexecstack)
2172 - append-cppflags -DOPENSSL_NO_BUF_FREELISTS
2173 -
2174 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
2175 - # The config script does stupid stuff to prompt the user. Kill it.
2176 - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
2177 - ./config --test-sanity || die "I AM NOT SANE"
2178 -
2179 - multilib_copy_sources
2180 -}
2181 -
2182 -multilib_src_configure() {
2183 - unset APPS #197996
2184 - unset SCRIPTS #312551
2185 - unset CROSS_COMPILE #311473
2186 -
2187 - tc-export CC AR RANLIB RC
2188 -
2189 - # Clean out patent-or-otherwise-encumbered code
2190 - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
2191 - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
2192 - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
2193 - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
2194 - # RC5: Expired http://en.wikipedia.org/wiki/RC5
2195 -
2196 - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
2197 - echoit() { echo "$@" ; "$@" ; }
2198 -
2199 - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
2200 -
2201 - # See if our toolchain supports __uint128_t. If so, it's 64bit
2202 - # friendly and can use the nicely optimized code paths. #460790
2203 - local ec_nistp_64_gcc_128
2204 - # Disable it for now though #469976
2205 - #if ! use bindist ; then
2206 - # echo "__uint128_t i;" > "${T}"/128.c
2207 - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
2208 - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
2209 - # fi
2210 - #fi
2211 -
2212 - # https://github.com/openssl/openssl/issues/2286
2213 - if use ia64 ; then
2214 - replace-flags -g3 -g2
2215 - replace-flags -ggdb3 -ggdb2
2216 - fi
2217 -
2218 - local sslout=$(./gentoo.config)
2219 - einfo "Use configuration ${sslout:-(openssl knows best)}"
2220 - local config="Configure"
2221 - [[ -z ${sslout} ]] && config="config"
2222 -
2223 - echoit \
2224 - ./${config} \
2225 - ${sslout} \
2226 - $(use cpu_flags_x86_sse2 || echo "no-sse2") \
2227 - enable-camellia \
2228 - $(use_ssl !bindist ec) \
2229 - ${ec_nistp_64_gcc_128} \
2230 - enable-idea \
2231 - enable-mdc2 \
2232 - enable-rc5 \
2233 - enable-tlsext \
2234 - $(use_ssl asm) \
2235 - $(use_ssl gmp gmp -lgmp) \
2236 - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
2237 - $(use_ssl rfc3779) \
2238 - $(use_ssl sctp) \
2239 - $(use_ssl sslv2 ssl2) \
2240 - $(use_ssl sslv3 ssl3) \
2241 - $(use_ssl tls-heartbeat heartbeats) \
2242 - $(use_ssl zlib) \
2243 - --prefix="${EPREFIX}"/usr \
2244 - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \
2245 - --libdir=$(get_libdir) \
2246 - shared threads \
2247 - || die
2248 -
2249 - # Clean out hardcoded flags that openssl uses
2250 - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
2251 - -e 's:^CFLAG=::' \
2252 - -e 's:-fomit-frame-pointer ::g' \
2253 - -e 's:-O[0-9] ::g' \
2254 - -e 's:-march=[-a-z0-9]* ::g' \
2255 - -e 's:-mcpu=[-a-z0-9]* ::g' \
2256 - -e 's:-m[a-z0-9]* ::g' \
2257 - )
2258 - sed -i \
2259 - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
2260 - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
2261 - Makefile || die
2262 -}
2263 -
2264 -multilib_src_compile() {
2265 - # depend is needed to use $confopts; it also doesn't matter
2266 - # that it's -j1 as the code itself serializes subdirs
2267 - emake -j1 depend
2268 - emake all
2269 - # rehash is needed to prep the certs/ dir; do this
2270 - # separately to avoid parallel build issues.
2271 - emake rehash
2272 -}
2273 -
2274 -multilib_src_test() {
2275 - emake -j1 test
2276 -}
2277 -
2278 -multilib_src_install() {
2279 - emake INSTALL_PREFIX="${D}" install
2280 -}
2281 -
2282 -multilib_src_install_all() {
2283 - # openssl installs perl version of c_rehash by default, but
2284 - # we provide a shell version via app-misc/c_rehash
2285 - rm "${ED}"/usr/bin/c_rehash || die
2286 -
2287 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
2288 - dohtml -r doc/*
2289 - use rfc3779 && dodoc engines/ccgost/README.gost
2290 -
2291 - # This is crappy in that the static archives are still built even
2292 - # when USE=static-libs. But this is due to a failing in the openssl
2293 - # build system: the static archives are built as PIC all the time.
2294 - # Only way around this would be to manually configure+compile openssl
2295 - # twice; once with shared lib support enabled and once without.
2296 - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
2297 -
2298 - # create the certs directory
2299 - dodir ${SSL_CNF_DIR}/certs
2300 - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
2301 - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
2302 -
2303 - # Namespace openssl programs to prevent conflicts with other man pages
2304 - cd "${ED}"/usr/share/man
2305 - local m d s
2306 - for m in $(find . -type f | xargs grep -L '#include') ; do
2307 - d=${m%/*} ; d=${d#./} ; m=${m##*/}
2308 - [[ ${m} == openssl.1* ]] && continue
2309 - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
2310 - mv ${d}/{,ssl-}${m}
2311 - # fix up references to renamed man pages
2312 - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
2313 - ln -s ssl-${m} ${d}/openssl-${m}
2314 - # locate any symlinks that point to this man page ... we assume
2315 - # that any broken links are due to the above renaming
2316 - for s in $(find -L ${d} -type l) ; do
2317 - s=${s##*/}
2318 - rm -f ${d}/${s}
2319 - ln -s ssl-${m} ${d}/ssl-${s}
2320 - ln -s ssl-${s} ${d}/openssl-${s}
2321 - done
2322 - done
2323 - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
2324 -
2325 - dodir /etc/sandbox.d #254521
2326 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
2327 -
2328 - diropts -m0700
2329 - keepdir ${SSL_CNF_DIR}/private
2330 -}
2331 -
2332 -pkg_postinst() {
2333 - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
2334 - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
2335 - eend $?
2336 -}
Report Message
Find on MARC Find on Google Groups