1 |
commit: d93bba52f83fea4e6393988686e10fb2da64a64b |
2 |
Author: Mike Frysinger <vapier <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Sep 2 05:04:23 2015 +0000 |
4 |
Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Sep 2 05:04:23 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d93bba52 |
7 |
|
8 |
dev-libs/openssl: delete old |
9 |
|
10 |
dev-libs/openssl/Manifest | 8 - |
11 |
dev-libs/openssl/files/gentoo.config-1.0.0 | 159 ----- |
12 |
.../files/openssl-0.9.8ze-CVE-2015-0286.patch | 326 ----------- |
13 |
.../files/openssl-1.0.0e-parallel-build.patch | 315 ---------- |
14 |
dev-libs/openssl/files/openssl-1.0.0r-x32.patch | 76 --- |
15 |
.../files/openssl-1.0.1-parallel-build.patch | 354 ------------ |
16 |
dev-libs/openssl/files/openssl-1.0.1-x32.patch | 79 --- |
17 |
.../files/openssl-1.0.1e-s_client-verify.patch | 18 - |
18 |
dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch | 642 --------------------- |
19 |
.../files/openssl-1.0.1l-CVE-2015-0286.patch | 356 ------------ |
20 |
.../files/openssl-1.0.1m-parallel-build.patch | 364 ------------ |
21 |
.../files/openssl-1.0.1m-s_client-verify.patch | 21 - |
22 |
.../files/openssl-1.0.2-CVE-2015-0209.patch | 49 -- |
23 |
.../files/openssl-1.0.2-CVE-2015-0288.patch | 31 - |
24 |
.../files/openssl-1.0.2-CVE-2015-0291.patch | 459 --------------- |
25 |
.../files/openssl-1.0.2-parallel-build.patch | 354 ------------ |
26 |
dev-libs/openssl/openssl-0.9.8z_p5-r1.ebuild | 161 ------ |
27 |
dev-libs/openssl/openssl-0.9.8z_p6.ebuild | 160 ----- |
28 |
dev-libs/openssl/openssl-1.0.0r.ebuild | 214 ------- |
29 |
dev-libs/openssl/openssl-1.0.1l-r1.ebuild | 260 --------- |
30 |
dev-libs/openssl/openssl-1.0.1m.ebuild | 259 --------- |
31 |
dev-libs/openssl/openssl-1.0.1n.ebuild | 258 --------- |
32 |
dev-libs/openssl/openssl-1.0.1o.ebuild | 258 --------- |
33 |
dev-libs/openssl/openssl-1.0.2-r3.ebuild | 263 --------- |
34 |
24 files changed, 5444 deletions(-) |
35 |
|
36 |
diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest |
37 |
index 458ddc5..d78f82a 100644 |
38 |
--- a/dev-libs/openssl/Manifest |
39 |
+++ b/dev-libs/openssl/Manifest |
40 |
@@ -1,13 +1,5 @@ |
41 |
-DIST openssl-0.9.8ze.tar.gz 3734873 SHA256 ee3da602826e975b47e4d7af8a27be8258c160876194898c58881eab814b55b8 SHA512 6ab08065ab2cdf6699e462e2a082e6d4c21f027383e12d4dd1d0dce2a4073ae52230494215b3fe24b8a8d73f5f5dd3a1fe53c66acd8db6e162e4bf3636e229c3 WHIRLPOOL 8a5de0aed7b48007b3b8092726c9c8eb6771c49d388baaff4d7ba3591be0b1856cb17842db5bc608994b38f5d87a8b07a441c874523e577b786a4612bba7789f |
42 |
-DIST openssl-0.9.8zf.tar.gz 3822386 SHA256 d5245a29128984192acc5b1fc01e37429b7a01c53cadcb2645e546718b300edb SHA512 8a68f024c31b7de25e19732ad556a27d69cface8e7a546ca4221873053a270e5e36336626f7fe857bbbec5427204bddbb5fc9dea8d7a187a8db6719d970431ab WHIRLPOOL 842e5bc71a12bf363fe797e95faf988ae949aa15f8faee935ee8861e4093e9d4e0b766b24dda8d415f29d2ee2821050cfc3ce095d265d59574e7fe0af4024c66 |
43 |
DIST openssl-0.9.8zg.tar.gz 3826891 SHA256 06500060639930e471050474f537fcd28ec934af92ee282d78b52460fbe8f580 SHA512 c757454de321d168ac6d89fe2859966a9f07a8b28305bf697af9018db13fc457e0883346b3d35977461ab058442375563554ecb2a8756a687ff9fc2fdd9103c9 WHIRLPOOL 55ecf50a264a2ddd9b5755b5d90b9b736d2f27e0ba2fd529ccff3b68bbd726d1f60460182a0d215ae6712dbc4d3ef2df11339fb2d8424e049f54c3e904fcfab0 |
44 |
-DIST openssl-1.0.0r.tar.gz 4095201 SHA256 6538b33a1b95681c86ac8c5cc54d22835f0f0a5bf42ee6df4138c672d7e75f17 SHA512 a65292a7b43f7d0637952476356a95908b5843ca17f717158dd4d2171113192f04c92f4f9133bb4750172f06367dae64733aa239b90c52d4d9323f467012428f WHIRLPOOL 71c7d726a3a5d70735d4b34c3e00c15fa2ef8640801f8a265e4e92cf01db4a517630084dd7632850f3df6f4dbd848a3a7ec908a71db996a45c29f1ac53ac7877 |
45 |
-DIST openssl-1.0.1l.tar.gz 4429979 SHA256 b2cf4d48fe5d49f240c61c9e624193a6f232b5ed0baf010681e725963c40d1d4 SHA512 27fe42f33815a3aafff75f2b9a5604c328fe5945c5cecaca74e5d2c2a1e066d64ddcc1fdb14b54fc7523cc730ab8a57d7d56b2879c289e86673f91fee0cca65e WHIRLPOOL 79f5698585c68ba647fcdfc4b342a43d06d69230658ca1bc265dd10d8da939c3e27b9a4125bd2adfbf50002b1dddef18be086dfc23a5050e69fb77350131909f |
46 |
-DIST openssl-1.0.1m.tar.gz 4533406 SHA256 095f0b7b09116c0c5526422088058dc7e6e000aa14d22acca6a4e2babcdfef74 SHA512 f37b60cb4449674d5c06a4056acc3d11f1c9773da6111148fa3fbf8d14362ba1ff5eb5e0c0e06c2b5c84543b2b974584617e393ca83de2230cbbe69b52975afc WHIRLPOOL c33cc05debc31d5044be4de58267e1a07281f28f9d68f4288d3da1c3cdfcff6939a47abe1f50b377272d0dbd9475ae5fec84919b0c53d37e0bd3d94c44f68c91 |
47 |
-DIST openssl-1.0.1n.tar.gz 4545564 SHA256 3581a405ccbe0fd1f6f17ea41773f77cdd51db55c01e1b4d8549e519882c6caf SHA512 439e37879e379b77ae0e912222771ac54c0dcc4ad187b8e2eb6771df6cf71d56c4369931f4e16b8922b9d4a22e8f0aa9802c6828b8406fba7481426eade628aa WHIRLPOOL 8c08fc98863c444db3c1fee6970d1866123b7a525f4fe303016c0cf040351f7cb71f49a00ac1f1948ae9b7edaf9a4e5664814415447c8a88d4c49fe9014411d5 |
48 |
-DIST openssl-1.0.1o.tar.gz 4546659 SHA256 16e678c6a05f2502811e075f2c4059ac01c878d091c9c585afc49ebc541f7b13 SHA512 dc05fc6f47239330ad0c36f27049f02752bb168b7b1234b12760e42a920d41dd47d1e652dfee897b4c99729308fbb59cab80b93c8614acf498215a8b80607fbf WHIRLPOOL af7505625730ea6e59517289fcc6044b24e0826b2538463f36e876ae96ca7d591627ca09386e6a69e8234df88fec11fb9e2a098c2f6996592a0f74cecbf4af30 |
49 |
DIST openssl-1.0.1p.tar.gz 4560208 SHA256 bd5ee6803165c0fb60bbecbacacf244f1f90d2aa0d71353af610c29121e9b2f1 SHA512 64e475c53a85b78de7c5aa71a22d4bb3a456142842373ebf8f22e9857cb0352b646e591b21af866933baecdbdb5ac4a22aeb64914440c53a0f30cd25914029e5 WHIRLPOOL 2a81f3b9274e3fef37a2a88e3084d8283159b3a61db08e7805879905c87a74faa85bc6e570d18525741bd5c27c34fe09eeb58b2bfe500545d0f304716e14f819 |
50 |
-DIST openssl-1.0.2.tar.gz 5265809 SHA256 8c48baf3babe0d505d16cfc0cf272589c66d3624264098213db0fb00034728e9 SHA512 dea46225a5445edc4986b02b99fbc90153819374b9a9bfdd892b60cd18ac7fefaf21a7e9d2bb05d0e3bfa4d2704e0ee24b06cc8e7081a542d7598cc9e73c67c5 WHIRLPOOL fe628a38125390deb75728b31427c308efbf65637a569fd1f139f6313fea533514ef05bf3d01bbdc793f77eb259400c95c53074a294d32d73576939d16f22e25 |
51 |
DIST openssl-1.0.2a.tar.gz 5262089 SHA256 15b6393c20030aab02c8e2fe0243cb1d1d18062f6c095d67bca91871dc7f324a SHA512 02d228578824add52b73433d64697706e6503c2334933fe8dd6b477f59c430977012c3c34da207096229a425e1dcb6f3ae806043894b5ac98c27bbcddb794dd4 WHIRLPOOL a590c71794f5d29b80afa28b18621b7535e96b714b3690d793c1422a90b09a89cbcb912841d400c5982a8197bb02c13051190e96ba0e4d530509b48b43067cd7 |
52 |
DIST openssl-1.0.2b.tar.gz 5281009 SHA256 d5d488cc9f0a07974195a7427094ea3cab9800a4e90178b989aa621fbc238e3f SHA512 563eb662113668bb9ccf17a6e36697ad6392321ac1a32aa2cada9d8f4047651c2fa4da61f508ee3e1834fea343dbba189e09c1d6cabe5d1de5e3e6d022c31f4f WHIRLPOOL d828dc76842d25f02f211031b3ab9a2a8fd44975e9aaf87d0fd5fca9935a27b61c3e4f896a2186194f1a7b4d668fc48cafc5be9f7c670017ba342ce40113935f |
53 |
DIST openssl-1.0.2c.tar.gz 5280670 SHA256 0038ba37f35a6367c58f17a7a7f687953ef8ce4f9684bbdec63e62515ed36a83 SHA512 2a68e8b017d0d3e34e4f9d33b77abd960b3d04e418f106e852684a2ff247dc8ea390b7d6a42d130fd84d821a15e84e77b68b3677433433ef5c10d156333b9dae WHIRLPOOL c59878c3bd5e8904913b97d71a15ef1eaafcfb4eb58c691ba4fb38bf81752308d0ef4a902e53aec4c6e7585677f2404d29cdea0832d14206fabf28d744af2622 |
54 |
|
55 |
diff --git a/dev-libs/openssl/files/gentoo.config-1.0.0 b/dev-libs/openssl/files/gentoo.config-1.0.0 |
56 |
deleted file mode 100644 |
57 |
index 475bda3..0000000 |
58 |
--- a/dev-libs/openssl/files/gentoo.config-1.0.0 |
59 |
+++ /dev/null |
60 |
@@ -1,159 +0,0 @@ |
61 |
-#!/usr/bin/env bash |
62 |
-# Copyright 1999-2011 Gentoo Foundation |
63 |
-# Distributed under the terms of the GNU General Public License v2 |
64 |
-# $Id$ |
65 |
-# |
66 |
-# Openssl doesn't play along nicely with cross-compiling |
67 |
-# like autotools based projects, so let's teach it new tricks. |
68 |
-# |
69 |
-# Review the bundled 'config' script to see why kind of targets |
70 |
-# we can pass to the 'Configure' script. |
71 |
- |
72 |
- |
73 |
-# Testing routines |
74 |
-if [[ $1 == "test" ]] ; then |
75 |
- for c in \ |
76 |
- "arm-gentoo-linux-uclibc |linux-generic32 -DL_ENDIAN" \ |
77 |
- "armv5b-linux-gnu |linux-armv4 -DB_ENDIAN" \ |
78 |
- "x86_64-pc-linux-gnu |linux-x86_64" \ |
79 |
- "alphaev56-unknown-linux-gnu |linux-alpha+bwx-gcc" \ |
80 |
- "i686-pc-linux-gnu |linux-elf" \ |
81 |
- "whatever-gentoo-freebsdX.Y |BSD-generic32" \ |
82 |
- "i686-gentoo-freebsdX.Y |BSD-x86-elf" \ |
83 |
- "sparc64-alpha-freebsdX.Y |BSD-sparc64" \ |
84 |
- "ia64-gentoo-freebsd5.99234 |BSD-ia64" \ |
85 |
- "x86_64-gentoo-freebsdX.Y |BSD-x86_64" \ |
86 |
- "hppa64-aldsF-linux-gnu5.3 |linux-generic32 -DB_ENDIAN" \ |
87 |
- "powerpc-gentOO-linux-uclibc |linux-ppc" \ |
88 |
- "powerpc64-unk-linux-gnu |linux-ppc64" \ |
89 |
- "x86_64-apple-darwinX |darwin64-x86_64-cc" \ |
90 |
- "powerpc64-apple-darwinX |darwin64-ppc-cc" \ |
91 |
- "i686-apple-darwinX |darwin-i386-cc" \ |
92 |
- "i386-apple-darwinX |darwin-i386-cc" \ |
93 |
- "powerpc-apple-darwinX |darwin-ppc-cc" \ |
94 |
- "i586-pc-winnt |winnt-parity" \ |
95 |
- "s390-ibm-linux-gnu |linux-generic32 -DB_ENDIAN" \ |
96 |
- "s390x-linux-gnu |linux-s390x" \ |
97 |
- ;do |
98 |
- CHOST=${c/|*} |
99 |
- ret_want=${c/*|} |
100 |
- ret_got=$(CHOST=${CHOST} "$0") |
101 |
- |
102 |
- if [[ ${ret_want} == "${ret_got}" ]] ; then |
103 |
- echo "PASS: ${CHOST}" |
104 |
- else |
105 |
- echo "FAIL: ${CHOST}" |
106 |
- echo -e "\twanted: ${ret_want}" |
107 |
- echo -e "\twe got: ${ret_got}" |
108 |
- fi |
109 |
- done |
110 |
- exit 0 |
111 |
-fi |
112 |
-[[ -z ${CHOST} && -n $1 ]] && CHOST=$1 |
113 |
- |
114 |
- |
115 |
-# Detect the operating system |
116 |
-case ${CHOST} in |
117 |
- *-aix*) system="aix";; |
118 |
- *-darwin*) system="darwin";; |
119 |
- *-freebsd*) system="BSD";; |
120 |
- *-hpux*) system="hpux";; |
121 |
- *-linux*) system="linux";; |
122 |
- *-solaris*) system="solaris";; |
123 |
- *-winnt*) system="winnt";; |
124 |
- x86_64-*-mingw*) system="mingw64";; |
125 |
- *mingw*) system="mingw";; |
126 |
- *) exit 0;; |
127 |
-esac |
128 |
- |
129 |
- |
130 |
-# Compiler munging |
131 |
-compiler="gcc" |
132 |
-if [[ ${CC} == "ccc" ]] ; then |
133 |
- compiler=${CC} |
134 |
-fi |
135 |
- |
136 |
- |
137 |
-# Detect target arch |
138 |
-machine="" |
139 |
-chost_machine=${CHOST%%-*} |
140 |
-case ${system} in |
141 |
-linux) |
142 |
- case ${chost_machine}:${ABI} in |
143 |
- alphaev56*) machine=alpha+bwx-${compiler};; |
144 |
- alphaev[678]*)machine=alpha+bwx-${compiler};; |
145 |
- alpha*) machine=alpha-${compiler};; |
146 |
- armv[4-9]*b*) machine="armv4 -DB_ENDIAN";; |
147 |
- armv[4-9]*) machine="armv4 -DL_ENDIAN";; |
148 |
- arm*b*) machine="generic32 -DB_ENDIAN";; |
149 |
- arm*) machine="generic32 -DL_ENDIAN";; |
150 |
- avr*) machine="generic32 -DL_ENDIAN";; |
151 |
- bfin*) machine="generic32 -DL_ENDIAN";; |
152 |
- # hppa64*) machine=parisc64;; |
153 |
- hppa*) machine="generic32 -DB_ENDIAN";; |
154 |
- i[0-9]86*|\ |
155 |
- x86_64*:x86) machine=elf;; |
156 |
- ia64*) machine=ia64;; |
157 |
- m68*) machine="generic32 -DB_ENDIAN";; |
158 |
- mips*el*) machine="generic32 -DL_ENDIAN";; |
159 |
- mips*) machine="generic32 -DB_ENDIAN";; |
160 |
- powerpc64*) machine=ppc64;; |
161 |
- powerpc*) machine=ppc;; |
162 |
- # sh64*) machine=elf;; |
163 |
- sh*b*) machine="generic32 -DB_ENDIAN";; |
164 |
- sh*) machine="generic32 -DL_ENDIAN";; |
165 |
- sparc*v7*) machine="generic32 -DB_ENDIAN";; |
166 |
- sparc64*) machine=sparcv9;; |
167 |
- sparc*) machine=sparcv8;; |
168 |
- s390x*) machine=s390x;; |
169 |
- s390*) machine="generic32 -DB_ENDIAN";; |
170 |
- x86_64*:x32) machine=x32;; |
171 |
- x86_64*) machine=x86_64;; |
172 |
- esac |
173 |
- ;; |
174 |
-BSD) |
175 |
- case ${chost_machine} in |
176 |
- alpha*) machine=generic64;; |
177 |
- i[6-9]86*) machine=x86-elf;; |
178 |
- ia64*) machine=ia64;; |
179 |
- sparc64*) machine=sparc64;; |
180 |
- x86_64*) machine=x86_64;; |
181 |
- *) machine=generic32;; |
182 |
- esac |
183 |
- ;; |
184 |
-aix) |
185 |
- machine=${compiler} |
186 |
- ;; |
187 |
-darwin) |
188 |
- case ${chost_machine} in |
189 |
- powerpc64) machine=ppc-cc; system=${system}64;; |
190 |
- powerpc) machine=ppc-cc;; |
191 |
- i?86*) machine=i386-cc;; |
192 |
- x86_64) machine=x86_64-cc; system=${system}64;; |
193 |
- esac |
194 |
- ;; |
195 |
-hpux) |
196 |
- case ${chost_machine} in |
197 |
- ia64) machine=ia64-${compiler} ;; |
198 |
- esac |
199 |
- ;; |
200 |
-solaris) |
201 |
- case ${chost_machine} in |
202 |
- i386) machine=x86-${compiler} ;; |
203 |
- x86_64*) machine=x86_64-${compiler}; system=${system}64;; |
204 |
- sparcv9*) machine=sparcv9-${compiler}; system=${system}64;; |
205 |
- sparc*) machine=sparcv8-${compiler};; |
206 |
- esac |
207 |
- ;; |
208 |
-winnt) |
209 |
- machine=parity |
210 |
- ;; |
211 |
-mingw*) |
212 |
- # special case ... no xxx-yyy style name |
213 |
- echo ${system} |
214 |
- ;; |
215 |
-esac |
216 |
- |
217 |
- |
218 |
-# If we have something, show it |
219 |
-[[ -n ${machine} ]] && echo ${system}-${machine} |
220 |
|
221 |
diff --git a/dev-libs/openssl/files/openssl-0.9.8ze-CVE-2015-0286.patch b/dev-libs/openssl/files/openssl-0.9.8ze-CVE-2015-0286.patch |
222 |
deleted file mode 100644 |
223 |
index facb77d..0000000 |
224 |
--- a/dev-libs/openssl/files/openssl-0.9.8ze-CVE-2015-0286.patch |
225 |
+++ /dev/null |
226 |
@@ -1,326 +0,0 @@ |
227 |
---- openssl-0.9.8ze/crypto/asn1/a_type.c |
228 |
-+++ openssl-0.9.8ze/crypto/asn1/a_type.c |
229 |
-@@ -121,6 +121,9 @@ |
230 |
- case V_ASN1_OBJECT: |
231 |
- result = OBJ_cmp(a->value.object, b->value.object); |
232 |
- break; |
233 |
-+ case V_ASN1_BOOLEAN: |
234 |
-+ result = a->value.boolean - b->value.boolean; |
235 |
-+ break; |
236 |
- case V_ASN1_NULL: |
237 |
- result = 0; /* They do not have content. */ |
238 |
- break; |
239 |
---- openssl-0.9.8ze/crypto/asn1/tasn_dec.c |
240 |
-+++ openssl-0.9.8ze/crypto/asn1/tasn_dec.c |
241 |
-@@ -128,11 +128,17 @@ |
242 |
- { |
243 |
- ASN1_TLC c; |
244 |
- ASN1_VALUE *ptmpval = NULL; |
245 |
-- if (!pval) |
246 |
-- pval = &ptmpval; |
247 |
- c.valid = 0; |
248 |
-- if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) |
249 |
-- return *pval; |
250 |
-+ if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE) |
251 |
-+ ptmpval = *pval; |
252 |
-+ if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) { |
253 |
-+ if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) { |
254 |
-+ if (*pval) |
255 |
-+ ASN1_item_free(*pval, it); |
256 |
-+ *pval = ptmpval; |
257 |
-+ } |
258 |
-+ return ptmpval; |
259 |
-+ } |
260 |
- return NULL; |
261 |
- } |
262 |
- |
263 |
-@@ -309,9 +315,16 @@ |
264 |
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) |
265 |
- goto auxerr; |
266 |
- |
267 |
-- /* Allocate structure */ |
268 |
-- if (!*pval && !ASN1_item_ex_new(pval, it)) |
269 |
-- { |
270 |
-+ if (*pval) { |
271 |
-+ /* Free up and zero CHOICE value if initialised */ |
272 |
-+ i = asn1_get_choice_selector(pval, it); |
273 |
-+ if ((i >= 0) && (i < it->tcount)) { |
274 |
-+ tt = it->templates + i; |
275 |
-+ pchptr = asn1_get_field_ptr(pval, tt); |
276 |
-+ ASN1_template_free(pchptr, tt); |
277 |
-+ asn1_set_choice_selector(pval, -1, it); |
278 |
-+ } |
279 |
-+ } else if (!ASN1_item_ex_new(pval, it)) { |
280 |
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, |
281 |
- ERR_R_NESTED_ASN1_ERROR); |
282 |
- goto err; |
283 |
-@@ -405,6 +418,17 @@ |
284 |
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) |
285 |
- goto auxerr; |
286 |
- |
287 |
-+ /* Free up and zero any ADB found */ |
288 |
-+ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { |
289 |
-+ if (tt->flags & ASN1_TFLG_ADB_MASK) { |
290 |
-+ const ASN1_TEMPLATE *seqtt; |
291 |
-+ ASN1_VALUE **pseqval; |
292 |
-+ seqtt = asn1_do_adb(pval, tt, 1); |
293 |
-+ pseqval = asn1_get_field_ptr(pval, seqtt); |
294 |
-+ ASN1_template_free(pseqval, seqtt); |
295 |
-+ } |
296 |
-+ } |
297 |
-+ |
298 |
- /* Get each field entry */ |
299 |
- for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) |
300 |
- { |
301 |
---- openssl-0.9.8ze/crypto/pkcs7/pk7_doit.c |
302 |
-+++ openssl-0.9.8ze/crypto/pkcs7/pk7_doit.c |
303 |
-@@ -151,6 +151,25 @@ |
304 |
- EVP_PKEY *pkey; |
305 |
- ASN1_OCTET_STRING *os=NULL; |
306 |
- |
307 |
-+ if (p7 == NULL) { |
308 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER); |
309 |
-+ return NULL; |
310 |
-+ } |
311 |
-+ /* |
312 |
-+ * The content field in the PKCS7 ContentInfo is optional, but that really |
313 |
-+ * only applies to inner content (precisely, detached signatures). |
314 |
-+ * |
315 |
-+ * When reading content, missing outer content is therefore treated as an |
316 |
-+ * error. |
317 |
-+ * |
318 |
-+ * When creating content, PKCS7_content_new() must be called before |
319 |
-+ * calling this method, so a NULL p7->d is always an error. |
320 |
-+ */ |
321 |
-+ if (p7->d.ptr == NULL) { |
322 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT); |
323 |
-+ return NULL; |
324 |
-+ } |
325 |
-+ |
326 |
- i=OBJ_obj2nid(p7->type); |
327 |
- p7->state=PKCS7_S_HEADER; |
328 |
- |
329 |
-@@ -344,6 +363,16 @@ |
330 |
- STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL; |
331 |
- PKCS7_RECIP_INFO *ri=NULL; |
332 |
- |
333 |
-+ if (p7 == NULL) { |
334 |
-+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER); |
335 |
-+ return NULL; |
336 |
-+ } |
337 |
-+ |
338 |
-+ if (p7->d.ptr == NULL) { |
339 |
-+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT); |
340 |
-+ return NULL; |
341 |
-+ } |
342 |
-+ |
343 |
- i=OBJ_obj2nid(p7->type); |
344 |
- p7->state=PKCS7_S_HEADER; |
345 |
- |
346 |
-@@ -637,6 +666,16 @@ |
347 |
- STACK_OF(PKCS7_SIGNER_INFO) *si_sk=NULL; |
348 |
- ASN1_OCTET_STRING *os=NULL; |
349 |
- |
350 |
-+ if (p7 == NULL) { |
351 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER); |
352 |
-+ return 0; |
353 |
-+ } |
354 |
-+ |
355 |
-+ if (p7->d.ptr == NULL) { |
356 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT); |
357 |
-+ return 0; |
358 |
-+ } |
359 |
-+ |
360 |
- EVP_MD_CTX_init(&ctx_tmp); |
361 |
- i=OBJ_obj2nid(p7->type); |
362 |
- p7->state=PKCS7_S_HEADER; |
363 |
-@@ -668,6 +707,7 @@ |
364 |
- /* If detached data then the content is excluded */ |
365 |
- if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) { |
366 |
- M_ASN1_OCTET_STRING_free(os); |
367 |
-+ os = NULL; |
368 |
- p7->d.sign->contents->d.data = NULL; |
369 |
- } |
370 |
- break; |
371 |
-@@ -678,6 +718,7 @@ |
372 |
- if(PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) |
373 |
- { |
374 |
- M_ASN1_OCTET_STRING_free(os); |
375 |
-+ os = NULL; |
376 |
- p7->d.digest->contents->d.data = NULL; |
377 |
- } |
378 |
- break; |
379 |
-@@ -815,6 +856,11 @@ |
380 |
- |
381 |
- if (!PKCS7_is_detached(p7)) |
382 |
- { |
383 |
-+ /* |
384 |
-+ * NOTE(emilia): I think we only reach os == NULL here because detached |
385 |
-+ */ |
386 |
-+ if (os == NULL) |
387 |
-+ goto err; |
388 |
- btmp=BIO_find_type(bio,BIO_TYPE_MEM); |
389 |
- if (btmp == NULL) |
390 |
- { |
391 |
-@@ -849,6 +895,16 @@ |
392 |
- STACK_OF(X509) *cert; |
393 |
- X509 *x509; |
394 |
- |
395 |
-+ if (p7 == NULL) { |
396 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER); |
397 |
-+ return 0; |
398 |
-+ } |
399 |
-+ |
400 |
-+ if (p7->d.ptr == NULL) { |
401 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT); |
402 |
-+ return 0; |
403 |
-+ } |
404 |
-+ |
405 |
- if (PKCS7_type_is_signed(p7)) |
406 |
- { |
407 |
- cert=p7->d.sign->cert; |
408 |
---- openssl-0.9.8ze/crypto/pkcs7/pk7_lib.c |
409 |
-+++ openssl-0.9.8ze/crypto/pkcs7/pk7_lib.c |
410 |
-@@ -70,6 +70,7 @@ |
411 |
- |
412 |
- switch (cmd) |
413 |
- { |
414 |
-+ /* NOTE(emilia): does not support detached digested data. */ |
415 |
- case PKCS7_OP_SET_DETACHED_SIGNATURE: |
416 |
- if (nid == NID_pkcs7_signed) |
417 |
- { |
418 |
-@@ -473,6 +474,8 @@ |
419 |
- |
420 |
- STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) |
421 |
- { |
422 |
-+ if (p7 == NULL || p7->d.ptr == NULL) |
423 |
-+ return NULL; |
424 |
- if (PKCS7_type_is_signed(p7)) |
425 |
- { |
426 |
- return(p7->d.sign->signer_info); |
427 |
---- openssl-0.9.8ze/doc/crypto/d2i_X509.pod |
428 |
-+++ openssl-0.9.8ze/doc/crypto/d2i_X509.pod |
429 |
-@@ -199,6 +199,12 @@ |
430 |
- persist if they are not present in the new one. As a result the use |
431 |
- of this "reuse" behaviour is strongly discouraged. |
432 |
- |
433 |
-+Current versions of OpenSSL will not modify B<*px> if an error occurs. |
434 |
-+If parsing succeeds then B<*px> is freed (if it is not NULL) and then |
435 |
-+set to the value of the newly decoded structure. As a result B<*px> |
436 |
-+B<must not> be allocated on the stack or an attempt will be made to |
437 |
-+free an invalid pointer. |
438 |
-+ |
439 |
- i2d_X509() will not return an error in many versions of OpenSSL, |
440 |
- if mandatory fields are not initialized due to a programming error |
441 |
- then the encoded structure may contain invalid data or omit the |
442 |
-@@ -210,7 +216,9 @@ |
443 |
- |
444 |
- d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure |
445 |
- or B<NULL> if an error occurs. The error code that can be obtained by |
446 |
--L<ERR_get_error(3)|ERR_get_error(3)>. |
447 |
-+L<ERR_get_error(3)|ERR_get_error(3)>. If the "reuse" capability has been used |
448 |
-+with a valid X509 structure being passed in via B<px> then the object is not |
449 |
-+modified in the event of error. |
450 |
- |
451 |
- i2d_X509() returns the number of bytes successfully encoded or a negative |
452 |
- value if an error occurs. The error code can be obtained by |
453 |
---- openssl-0.9.8ze/ssl/s2_lib.c |
454 |
-+++ openssl-0.9.8ze/ssl/s2_lib.c |
455 |
-@@ -410,7 +410,7 @@ |
456 |
- |
457 |
- OPENSSL_assert(s->session->master_key_length >= 0 |
458 |
- && s->session->master_key_length |
459 |
-- < (int)sizeof(s->session->master_key)); |
460 |
-+ <= (int)sizeof(s->session->master_key)); |
461 |
- EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); |
462 |
- EVP_DigestUpdate(&ctx,&c,1); |
463 |
- c++; |
464 |
---- openssl-0.9.8ze/ssl/s2_srvr.c |
465 |
-+++ openssl-0.9.8ze/ssl/s2_srvr.c |
466 |
-@@ -446,10 +446,6 @@ |
467 |
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY); |
468 |
- return(-1); |
469 |
- } |
470 |
-- i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc, |
471 |
-- &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]), |
472 |
-- (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); |
473 |
-- |
474 |
- is_export=SSL_C_IS_EXPORT(s->session->cipher); |
475 |
- |
476 |
- if (!ssl_cipher_get_evp(s->session,&c,&md,NULL)) |
477 |
-@@ -467,21 +463,59 @@ |
478 |
- else |
479 |
- ek=5; |
480 |
- |
481 |
-+ /* |
482 |
-+ * The format of the CLIENT-MASTER-KEY message is |
483 |
-+ * 1 byte message type |
484 |
-+ * 3 bytes cipher |
485 |
-+ * 2-byte clear key length (stored in s->s2->tmp.clear) |
486 |
-+ * 2-byte encrypted key length (stored in s->s2->tmp.enc) |
487 |
-+ * 2-byte key args length (IV etc) |
488 |
-+ * clear key |
489 |
-+ * encrypted key |
490 |
-+ * key args |
491 |
-+ * |
492 |
-+ * If the cipher is an export cipher, then the encrypted key bytes |
493 |
-+ * are a fixed portion of the total key (5 or 8 bytes). The size of |
494 |
-+ * this portion is in |ek|. If the cipher is not an export cipher, |
495 |
-+ * then the entire key material is encrypted (i.e., clear key length |
496 |
-+ * must be zero). |
497 |
-+ */ |
498 |
-+ if ((!is_export && s->s2->tmp.clear != 0) || |
499 |
-+ (is_export && s->s2->tmp.clear + ek != EVP_CIPHER_key_length(c))) { |
500 |
-+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); |
501 |
-+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH); |
502 |
-+ return -1; |
503 |
-+ } |
504 |
-+ /* |
505 |
-+ * The encrypted blob must decrypt to the encrypted portion of the key. |
506 |
-+ * Decryption can't be expanding, so if we don't have enough encrypted |
507 |
-+ * bytes to fit the key in the buffer, stop now. |
508 |
-+ */ |
509 |
-+ if ((is_export && s->s2->tmp.enc < ek) || |
510 |
-+ (!is_export && s->s2->tmp.enc < EVP_CIPHER_key_length(c))) { |
511 |
-+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); |
512 |
-+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT); |
513 |
-+ return -1; |
514 |
-+ } |
515 |
-+ |
516 |
-+ i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc, |
517 |
-+ &(p[s->s2->tmp.clear]), |
518 |
-+ &(p[s->s2->tmp.clear]), |
519 |
-+ (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : |
520 |
-+ RSA_PKCS1_PADDING); |
521 |
-+ |
522 |
- /* bad decrypt */ |
523 |
- #if 1 |
524 |
- /* If a bad decrypt, continue with protocol but with a |
525 |
- * random master secret (Bleichenbacher attack) */ |
526 |
-- if ((i < 0) || |
527 |
-- ((!is_export && (i != EVP_CIPHER_key_length(c))) |
528 |
-- || (is_export && ((i != ek) || (s->s2->tmp.clear+(unsigned int)i != |
529 |
-- (unsigned int)EVP_CIPHER_key_length(c)))))) |
530 |
-- { |
531 |
-+ if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c)) |
532 |
-+ || (is_export && i != ek))) { |
533 |
- ERR_clear_error(); |
534 |
- if (is_export) |
535 |
- i=ek; |
536 |
- else |
537 |
- i=EVP_CIPHER_key_length(c); |
538 |
-- if (RAND_pseudo_bytes(p,i) <= 0) |
539 |
-+ if (RAND_pseudo_bytes(&p[s->s2->tmp.clear], i) <= 0) |
540 |
- return 0; |
541 |
- } |
542 |
- #else |
543 |
-@@ -505,7 +539,8 @@ |
544 |
- } |
545 |
- #endif |
546 |
- |
547 |
-- if (is_export) i+=s->s2->tmp.clear; |
548 |
-+ if (is_export) |
549 |
-+ i = EVP_CIPHER_key_length(c); |
550 |
- |
551 |
- if (i > SSL_MAX_MASTER_KEY_LENGTH) |
552 |
- { |
553 |
|
554 |
diff --git a/dev-libs/openssl/files/openssl-1.0.0e-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.0e-parallel-build.patch |
555 |
deleted file mode 100644 |
556 |
index e1a030f..0000000 |
557 |
--- a/dev-libs/openssl/files/openssl-1.0.0e-parallel-build.patch |
558 |
+++ /dev/null |
559 |
@@ -1,315 +0,0 @@ |
560 |
-http://rt.openssl.org/Ticket/Display.html?id=2084 |
561 |
- |
562 |
---- a/Makefile.org |
563 |
-+++ b/Makefile.org |
564 |
-@@ -247,17 +247,17 @@ |
565 |
- build_libs: build_crypto build_ssl build_engines |
566 |
- |
567 |
- build_crypto: |
568 |
-- @dir=crypto; target=all; $(BUILD_ONE_CMD) |
569 |
-+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) |
570 |
--build_ssl: |
571 |
-+build_ssl: build_crypto |
572 |
-- @dir=ssl; target=all; $(BUILD_ONE_CMD) |
573 |
-+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) |
574 |
--build_engines: |
575 |
-+build_engines: build_crypto |
576 |
-- @dir=engines; target=all; $(BUILD_ONE_CMD) |
577 |
-+ +@dir=engines; target=all; $(BUILD_ONE_CMD) |
578 |
--build_apps: |
579 |
-+build_apps: build_libs |
580 |
-- @dir=apps; target=all; $(BUILD_ONE_CMD) |
581 |
-+ +@dir=apps; target=all; $(BUILD_ONE_CMD) |
582 |
--build_tests: |
583 |
-+build_tests: build_libs |
584 |
-- @dir=test; target=all; $(BUILD_ONE_CMD) |
585 |
-+ +@dir=test; target=all; $(BUILD_ONE_CMD) |
586 |
--build_tools: |
587 |
-+build_tools: build_libs |
588 |
-- @dir=tools; target=all; $(BUILD_ONE_CMD) |
589 |
-+ +@dir=tools; target=all; $(BUILD_ONE_CMD) |
590 |
- |
591 |
- all_testapps: build_libs build_testapps |
592 |
- build_testapps: |
593 |
-@@ -497,9 +497,9 @@ |
594 |
- dist_pem_h: |
595 |
- (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) |
596 |
- |
597 |
--install: all install_docs install_sw |
598 |
-+install: install_docs install_sw |
599 |
- |
600 |
--install_sw: |
601 |
-+install_dirs: |
602 |
- @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ |
603 |
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ |
604 |
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ |
605 |
-@@ -508,6 +508,13 @@ |
606 |
- $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ |
607 |
- $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ |
608 |
- $(INSTALL_PREFIX)$(OPENSSLDIR)/private |
609 |
-+ @$(PERL) $(TOP)/util/mkdir-p.pl \ |
610 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man1 \ |
611 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man3 \ |
612 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man5 \ |
613 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man7 |
614 |
-+ |
615 |
-+install_sw: install_dirs |
616 |
- @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ |
617 |
- do \ |
618 |
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ |
619 |
-@@ -511,7 +511,7 @@ |
620 |
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ |
621 |
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ |
622 |
- done; |
623 |
-- @set -e; target=install; $(RECURSIVE_BUILD_CMD) |
624 |
-+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) |
625 |
- @set -e; for i in $(LIBS) ;\ |
626 |
- do \ |
627 |
- if [ -f "$$i" ]; then \ |
628 |
-@@ -593,12 +600,7 @@ |
629 |
- done; \ |
630 |
- done |
631 |
- |
632 |
--install_docs: |
633 |
-- @$(PERL) $(TOP)/util/mkdir-p.pl \ |
634 |
-- $(INSTALL_PREFIX)$(MANDIR)/man1 \ |
635 |
-- $(INSTALL_PREFIX)$(MANDIR)/man3 \ |
636 |
-- $(INSTALL_PREFIX)$(MANDIR)/man5 \ |
637 |
-- $(INSTALL_PREFIX)$(MANDIR)/man7 |
638 |
-+install_docs: install_dirs |
639 |
- @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ |
640 |
- here="`pwd`"; \ |
641 |
- filecase=; \ |
642 |
---- a/crypto/Makefile |
643 |
-+++ b/crypto/Makefile |
644 |
-@@ -85,11 +85,11 @@ |
645 |
- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi |
646 |
- |
647 |
- subdirs: |
648 |
-- @target=all; $(RECURSIVE_MAKE) |
649 |
-+ +@target=all; $(RECURSIVE_MAKE) |
650 |
- |
651 |
- files: |
652 |
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
653 |
-- @target=files; $(RECURSIVE_MAKE) |
654 |
-+ +@target=files; $(RECURSIVE_MAKE) |
655 |
- |
656 |
- links: |
657 |
- @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) |
658 |
-@@ -100,7 +100,7 @@ |
659 |
- # lib: $(LIB): are splitted to avoid end-less loop |
660 |
- lib: $(LIB) |
661 |
- @touch lib |
662 |
--$(LIB): $(LIBOBJ) |
663 |
-+$(LIB): $(LIBOBJ) | subdirs |
664 |
- $(AR) $(LIB) $(LIBOBJ) |
665 |
- $(RANLIB) $(LIB) || echo Never mind. |
666 |
- |
667 |
-@@ -110,7 +110,7 @@ |
668 |
- fi |
669 |
- |
670 |
- libs: |
671 |
-- @target=lib; $(RECURSIVE_MAKE) |
672 |
-+ +@target=lib; $(RECURSIVE_MAKE) |
673 |
- |
674 |
- install: |
675 |
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... |
676 |
-@@ -119,7 +119,7 @@ |
677 |
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ |
678 |
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ |
679 |
- done; |
680 |
-- @target=install; $(RECURSIVE_MAKE) |
681 |
-+ +@target=install; $(RECURSIVE_MAKE) |
682 |
- |
683 |
- lint: |
684 |
- @target=lint; $(RECURSIVE_MAKE) |
685 |
---- a/engines/Makefile |
686 |
-+++ b/engines/Makefile |
687 |
-@@ -72,7 +72,7 @@ |
688 |
- |
689 |
- all: lib subdirs |
690 |
- |
691 |
--lib: $(LIBOBJ) |
692 |
-+lib: $(LIBOBJ) | subdirs |
693 |
- @if [ -n "$(SHARED_LIBS)" ]; then \ |
694 |
- set -e; \ |
695 |
- for l in $(LIBNAMES); do \ |
696 |
-@@ -89,7 +89,7 @@ |
697 |
- |
698 |
- subdirs: |
699 |
- echo $(EDIRS) |
700 |
-- @target=all; $(RECURSIVE_MAKE) |
701 |
-+ +@target=all; $(RECURSIVE_MAKE) |
702 |
- |
703 |
- files: |
704 |
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
705 |
-@@ -128,7 +128,7 @@ |
706 |
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ |
707 |
- done; \ |
708 |
- fi |
709 |
-- @target=install; $(RECURSIVE_MAKE) |
710 |
-+ +@target=install; $(RECURSIVE_MAKE) |
711 |
- |
712 |
- tags: |
713 |
- ctags $(SRC) |
714 |
---- a/test/Makefile |
715 |
-+++ b/test/Makefile |
716 |
-@@ -123,7 +123,7 @@ |
717 |
- tags: |
718 |
- ctags $(SRC) |
719 |
- |
720 |
--tests: exe apps $(TESTS) |
721 |
-+tests: exe $(TESTS) |
722 |
- |
723 |
- apps: |
724 |
- @(cd ..; $(MAKE) DIRS=apps all) |
725 |
-@@ -345,106 +345,106 @@ |
726 |
- link_app.$${shlib_target} |
727 |
- |
728 |
- $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) |
729 |
-- @target=$(RSATEST); $(BUILD_CMD) |
730 |
-+ +@target=$(RSATEST); $(BUILD_CMD) |
731 |
- |
732 |
- $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) |
733 |
-- @target=$(BNTEST); $(BUILD_CMD) |
734 |
-+ +@target=$(BNTEST); $(BUILD_CMD) |
735 |
- |
736 |
- $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) |
737 |
-- @target=$(ECTEST); $(BUILD_CMD) |
738 |
-+ +@target=$(ECTEST); $(BUILD_CMD) |
739 |
- |
740 |
- $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) |
741 |
-- @target=$(EXPTEST); $(BUILD_CMD) |
742 |
-+ +@target=$(EXPTEST); $(BUILD_CMD) |
743 |
- |
744 |
- $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) |
745 |
-- @target=$(IDEATEST); $(BUILD_CMD) |
746 |
-+ +@target=$(IDEATEST); $(BUILD_CMD) |
747 |
- |
748 |
- $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) |
749 |
-- @target=$(MD2TEST); $(BUILD_CMD) |
750 |
-+ +@target=$(MD2TEST); $(BUILD_CMD) |
751 |
- |
752 |
- $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) |
753 |
-- @target=$(SHATEST); $(BUILD_CMD) |
754 |
-+ +@target=$(SHATEST); $(BUILD_CMD) |
755 |
- |
756 |
- $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) |
757 |
-- @target=$(SHA1TEST); $(BUILD_CMD) |
758 |
-+ +@target=$(SHA1TEST); $(BUILD_CMD) |
759 |
- |
760 |
- $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) |
761 |
-- @target=$(SHA256TEST); $(BUILD_CMD) |
762 |
-+ +@target=$(SHA256TEST); $(BUILD_CMD) |
763 |
- |
764 |
- $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) |
765 |
-- @target=$(SHA512TEST); $(BUILD_CMD) |
766 |
-+ +@target=$(SHA512TEST); $(BUILD_CMD) |
767 |
- |
768 |
- $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) |
769 |
-- @target=$(RMDTEST); $(BUILD_CMD) |
770 |
-+ +@target=$(RMDTEST); $(BUILD_CMD) |
771 |
- |
772 |
- $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) |
773 |
-- @target=$(MDC2TEST); $(BUILD_CMD) |
774 |
-+ +@target=$(MDC2TEST); $(BUILD_CMD) |
775 |
- |
776 |
- $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) |
777 |
-- @target=$(MD4TEST); $(BUILD_CMD) |
778 |
-+ +@target=$(MD4TEST); $(BUILD_CMD) |
779 |
- |
780 |
- $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) |
781 |
-- @target=$(MD5TEST); $(BUILD_CMD) |
782 |
-+ +@target=$(MD5TEST); $(BUILD_CMD) |
783 |
- |
784 |
- $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) |
785 |
-- @target=$(HMACTEST); $(BUILD_CMD) |
786 |
-+ +@target=$(HMACTEST); $(BUILD_CMD) |
787 |
- |
788 |
- $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) |
789 |
-- @target=$(WPTEST); $(BUILD_CMD) |
790 |
-+ +@target=$(WPTEST); $(BUILD_CMD) |
791 |
- |
792 |
- $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) |
793 |
-- @target=$(RC2TEST); $(BUILD_CMD) |
794 |
-+ +@target=$(RC2TEST); $(BUILD_CMD) |
795 |
- |
796 |
- $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) |
797 |
-- @target=$(BFTEST); $(BUILD_CMD) |
798 |
-+ +@target=$(BFTEST); $(BUILD_CMD) |
799 |
- |
800 |
- $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) |
801 |
-- @target=$(CASTTEST); $(BUILD_CMD) |
802 |
-+ +@target=$(CASTTEST); $(BUILD_CMD) |
803 |
- |
804 |
- $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) |
805 |
-- @target=$(RC4TEST); $(BUILD_CMD) |
806 |
-+ +@target=$(RC4TEST); $(BUILD_CMD) |
807 |
- |
808 |
- $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) |
809 |
-- @target=$(RC5TEST); $(BUILD_CMD) |
810 |
-+ +@target=$(RC5TEST); $(BUILD_CMD) |
811 |
- |
812 |
- $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) |
813 |
-- @target=$(DESTEST); $(BUILD_CMD) |
814 |
-+ +@target=$(DESTEST); $(BUILD_CMD) |
815 |
- |
816 |
- $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) |
817 |
-- @target=$(RANDTEST); $(BUILD_CMD) |
818 |
-+ +@target=$(RANDTEST); $(BUILD_CMD) |
819 |
- |
820 |
- $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) |
821 |
-- @target=$(DHTEST); $(BUILD_CMD) |
822 |
-+ +@target=$(DHTEST); $(BUILD_CMD) |
823 |
- |
824 |
- $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) |
825 |
-- @target=$(DSATEST); $(BUILD_CMD) |
826 |
-+ +@target=$(DSATEST); $(BUILD_CMD) |
827 |
- |
828 |
- $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) |
829 |
-- @target=$(METHTEST); $(BUILD_CMD) |
830 |
-+ +@target=$(METHTEST); $(BUILD_CMD) |
831 |
- |
832 |
- $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) |
833 |
-- @target=$(SSLTEST); $(BUILD_CMD) |
834 |
-+ +@target=$(SSLTEST); $(BUILD_CMD) |
835 |
- |
836 |
- $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) |
837 |
-- @target=$(ENGINETEST); $(BUILD_CMD) |
838 |
-+ +@target=$(ENGINETEST); $(BUILD_CMD) |
839 |
- |
840 |
- $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) |
841 |
-- @target=$(EVPTEST); $(BUILD_CMD) |
842 |
-+ +@target=$(EVPTEST); $(BUILD_CMD) |
843 |
- |
844 |
- $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) |
845 |
-- @target=$(ECDSATEST); $(BUILD_CMD) |
846 |
-+ +@target=$(ECDSATEST); $(BUILD_CMD) |
847 |
- |
848 |
- $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) |
849 |
-- @target=$(ECDHTEST); $(BUILD_CMD) |
850 |
-+ +@target=$(ECDHTEST); $(BUILD_CMD) |
851 |
- |
852 |
- $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) |
853 |
-- @target=$(IGETEST); $(BUILD_CMD) |
854 |
-+ +@target=$(IGETEST); $(BUILD_CMD) |
855 |
- |
856 |
- $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) |
857 |
-- @target=$(JPAKETEST); $(BUILD_CMD) |
858 |
-+ +@target=$(JPAKETEST); $(BUILD_CMD) |
859 |
- |
860 |
- $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) |
861 |
-- @target=$(ASN1TEST); $(BUILD_CMD) |
862 |
-+ +@target=$(ASN1TEST); $(BUILD_CMD) |
863 |
- |
864 |
- #$(AESTEST).o: $(AESTEST).c |
865 |
- # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c |
866 |
-@@ -457,7 +457,7 @@ |
867 |
- # fi |
868 |
- |
869 |
- dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) |
870 |
-- @target=dummytest; $(BUILD_CMD) |
871 |
-+ +@target=dummytest; $(BUILD_CMD) |
872 |
- |
873 |
- # DO NOT DELETE THIS LINE -- make depend depends on it. |
874 |
- |
875 |
|
876 |
diff --git a/dev-libs/openssl/files/openssl-1.0.0r-x32.patch b/dev-libs/openssl/files/openssl-1.0.0r-x32.patch |
877 |
deleted file mode 100644 |
878 |
index 2d715eb..0000000 |
879 |
--- a/dev-libs/openssl/files/openssl-1.0.0r-x32.patch |
880 |
+++ /dev/null |
881 |
@@ -1,76 +0,0 @@ |
882 |
---- openssl-1.0.0r/Configure |
883 |
-+++ openssl-1.0.0r/Configure |
884 |
-@@ -353,6 +353,7 @@ my %table=( |
885 |
- "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
886 |
- "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
887 |
- "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", |
888 |
-+"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
889 |
- "linux-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", |
890 |
- #### SPARC Linux setups |
891 |
- # Ray Miller <ray.miller@××××××××××××××××××××××××××××.uk> has patiently |
892 |
---- openssl-1.0.0r/crypto/bn/asm/x86_64-gcc.c |
893 |
-+++ openssl-1.0.0r/crypto/bn/asm/x86_64-gcc.c |
894 |
-@@ -55,7 +55,7 @@ |
895 |
- * machine. |
896 |
- */ |
897 |
- |
898 |
--# ifdef _WIN64 |
899 |
-+# if defined _WIN64 || !defined __LP64__ |
900 |
- # define BN_ULONG unsigned long long |
901 |
- # else |
902 |
- # define BN_ULONG unsigned long |
903 |
-@@ -211,9 +211,9 @@ BN_ULONG bn_add_words(BN_ULONG *rp, cons |
904 |
- |
905 |
- asm volatile (" subq %2,%2 \n" |
906 |
- ".p2align 4 \n" |
907 |
-- "1: movq (%4,%2,8),%0 \n" |
908 |
-- " adcq (%5,%2,8),%0 \n" |
909 |
-- " movq %0,(%3,%2,8) \n" |
910 |
-+ "1: movq (%q4,%2,8),%0 \n" |
911 |
-+ " adcq (%q5,%2,8),%0 \n" |
912 |
-+ " movq %0,(%q3,%2,8) \n" |
913 |
- " leaq 1(%2),%2 \n" |
914 |
- " loop 1b \n" |
915 |
- " sbbq %0,%0 \n":"=&a" (ret), "+c"(n), |
916 |
-@@ -235,9 +235,9 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, cons |
917 |
- |
918 |
- asm volatile (" subq %2,%2 \n" |
919 |
- ".p2align 4 \n" |
920 |
-- "1: movq (%4,%2,8),%0 \n" |
921 |
-- " sbbq (%5,%2,8),%0 \n" |
922 |
-- " movq %0,(%3,%2,8) \n" |
923 |
-+ "1: movq (%q4,%2,8),%0 \n" |
924 |
-+ " sbbq (%q5,%2,8),%0 \n" |
925 |
-+ " movq %0,(%q3,%2,8) \n" |
926 |
- " leaq 1(%2),%2 \n" |
927 |
- " loop 1b \n" |
928 |
- " sbbq %0,%0 \n":"=&a" (ret), "+c"(n), |
929 |
---- openssl-1.0.0r/crypto/bn/bn_exp.c |
930 |
-+++ openssl-1.0.0r/crypto/bn/bn_exp.c |
931 |
-@@ -564,7 +564,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU |
932 |
- * multiple. |
933 |
- */ |
934 |
- #define MOD_EXP_CTIME_ALIGN(x_) \ |
935 |
-- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ULONG)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) |
936 |
-+ ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ADDR)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) |
937 |
- |
938 |
- /* |
939 |
- * This variant of BN_mod_exp_mont() uses fixed windows and the special |
940 |
---- openssl-1.0.0r/crypto/bn/bn.h |
941 |
-+++ openssl-1.0.0r/crypto/bn/bn.h |
942 |
-@@ -174,6 +174,15 @@ extern "C" { |
943 |
- # endif |
944 |
- |
945 |
- /* |
946 |
-+ * Address type. |
947 |
-+ */ |
948 |
-+#ifdef _WIN64 |
949 |
-+#define BN_ADDR unsigned long long |
950 |
-+#else |
951 |
-+#define BN_ADDR unsigned long |
952 |
-+#endif |
953 |
-+ |
954 |
-+/* |
955 |
- * assuming long is 64bit - this is the DEC Alpha unsigned long long is only |
956 |
- * 64 bits :-(, don't define BN_LLONG for the DEC Alpha |
957 |
- */ |
958 |
|
959 |
diff --git a/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch |
960 |
deleted file mode 100644 |
961 |
index 19f859a..0000000 |
962 |
--- a/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch |
963 |
+++ /dev/null |
964 |
@@ -1,354 +0,0 @@ |
965 |
-http://rt.openssl.org/Ticket/Display.html?id=2084 |
966 |
- |
967 |
---- a/Makefile.org |
968 |
-+++ b/Makefile.org |
969 |
-@@ -247,17 +247,17 @@ |
970 |
- build_libs: build_crypto build_ssl build_engines |
971 |
- |
972 |
- build_crypto: |
973 |
-- @dir=crypto; target=all; $(BUILD_ONE_CMD) |
974 |
-+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) |
975 |
--build_ssl: |
976 |
-+build_ssl: build_crypto |
977 |
-- @dir=ssl; target=all; $(BUILD_ONE_CMD) |
978 |
-+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) |
979 |
--build_engines: |
980 |
-+build_engines: build_crypto |
981 |
-- @dir=engines; target=all; $(BUILD_ONE_CMD) |
982 |
-+ +@dir=engines; target=all; $(BUILD_ONE_CMD) |
983 |
--build_apps: |
984 |
-+build_apps: build_libs |
985 |
-- @dir=apps; target=all; $(BUILD_ONE_CMD) |
986 |
-+ +@dir=apps; target=all; $(BUILD_ONE_CMD) |
987 |
--build_tests: |
988 |
-+build_tests: build_libs |
989 |
-- @dir=test; target=all; $(BUILD_ONE_CMD) |
990 |
-+ +@dir=test; target=all; $(BUILD_ONE_CMD) |
991 |
--build_tools: |
992 |
-+build_tools: build_libs |
993 |
-- @dir=tools; target=all; $(BUILD_ONE_CMD) |
994 |
-+ +@dir=tools; target=all; $(BUILD_ONE_CMD) |
995 |
- |
996 |
- all_testapps: build_libs build_testapps |
997 |
- build_testapps: |
998 |
-@@ -497,9 +497,9 @@ |
999 |
- dist_pem_h: |
1000 |
- (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) |
1001 |
- |
1002 |
--install: all install_docs install_sw |
1003 |
-+install: install_docs install_sw |
1004 |
- |
1005 |
--install_sw: |
1006 |
-+install_dirs: |
1007 |
- @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ |
1008 |
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ |
1009 |
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ |
1010 |
-@@ -508,6 +508,13 @@ |
1011 |
- $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ |
1012 |
- $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ |
1013 |
- $(INSTALL_PREFIX)$(OPENSSLDIR)/private |
1014 |
-+ @$(PERL) $(TOP)/util/mkdir-p.pl \ |
1015 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man1 \ |
1016 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man3 \ |
1017 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man5 \ |
1018 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man7 |
1019 |
-+ |
1020 |
-+install_sw: install_dirs |
1021 |
- @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ |
1022 |
- do \ |
1023 |
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ |
1024 |
-@@ -511,7 +511,7 @@ |
1025 |
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ |
1026 |
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ |
1027 |
- done; |
1028 |
-- @set -e; target=install; $(RECURSIVE_BUILD_CMD) |
1029 |
-+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) |
1030 |
- @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ |
1031 |
- do \ |
1032 |
- if [ -f "$$i" ]; then \ |
1033 |
-@@ -593,12 +600,7 @@ |
1034 |
- done; \ |
1035 |
- done |
1036 |
- |
1037 |
--install_docs: |
1038 |
-- @$(PERL) $(TOP)/util/mkdir-p.pl \ |
1039 |
-- $(INSTALL_PREFIX)$(MANDIR)/man1 \ |
1040 |
-- $(INSTALL_PREFIX)$(MANDIR)/man3 \ |
1041 |
-- $(INSTALL_PREFIX)$(MANDIR)/man5 \ |
1042 |
-- $(INSTALL_PREFIX)$(MANDIR)/man7 |
1043 |
-+install_docs: install_dirs |
1044 |
- @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ |
1045 |
- here="`pwd`"; \ |
1046 |
- filecase=; \ |
1047 |
---- a/Makefile.shared |
1048 |
-+++ b/Makefile.shared |
1049 |
-@@ -105,6 +105,7 @@ LINK_SO= \ |
1050 |
- SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ |
1051 |
- LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ |
1052 |
- LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ |
1053 |
-+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ |
1054 |
- LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ |
1055 |
- $${SHAREDCMD} $${SHAREDFLAGS} \ |
1056 |
- -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ |
1057 |
-@@ -122,6 +124,7 @@ SYMLINK_SO= \ |
1058 |
- done; \ |
1059 |
- fi; \ |
1060 |
- if [ -n "$$SHLIB_SOVER" ]; then \ |
1061 |
-+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ |
1062 |
- ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ |
1063 |
- ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ |
1064 |
- fi; \ |
1065 |
---- a/crypto/Makefile |
1066 |
-+++ b/crypto/Makefile |
1067 |
-@@ -85,11 +85,11 @@ |
1068 |
- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi |
1069 |
- |
1070 |
- subdirs: |
1071 |
-- @target=all; $(RECURSIVE_MAKE) |
1072 |
-+ +@target=all; $(RECURSIVE_MAKE) |
1073 |
- |
1074 |
- files: |
1075 |
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
1076 |
-- @target=files; $(RECURSIVE_MAKE) |
1077 |
-+ +@target=files; $(RECURSIVE_MAKE) |
1078 |
- |
1079 |
- links: |
1080 |
- @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) |
1081 |
-@@ -100,7 +100,7 @@ |
1082 |
- # lib: $(LIB): are splitted to avoid end-less loop |
1083 |
- lib: $(LIB) |
1084 |
- @touch lib |
1085 |
--$(LIB): $(LIBOBJ) |
1086 |
-+$(LIB): $(LIBOBJ) | subdirs |
1087 |
- $(AR) $(LIB) $(LIBOBJ) |
1088 |
- $(RANLIB) $(LIB) || echo Never mind. |
1089 |
- |
1090 |
-@@ -110,7 +110,7 @@ |
1091 |
- fi |
1092 |
- |
1093 |
- libs: |
1094 |
-- @target=lib; $(RECURSIVE_MAKE) |
1095 |
-+ +@target=lib; $(RECURSIVE_MAKE) |
1096 |
- |
1097 |
- install: |
1098 |
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... |
1099 |
-@@ -119,7 +119,7 @@ |
1100 |
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ |
1101 |
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ |
1102 |
- done; |
1103 |
-- @target=install; $(RECURSIVE_MAKE) |
1104 |
-+ +@target=install; $(RECURSIVE_MAKE) |
1105 |
- |
1106 |
- lint: |
1107 |
- @target=lint; $(RECURSIVE_MAKE) |
1108 |
---- a/engines/Makefile |
1109 |
-+++ b/engines/Makefile |
1110 |
-@@ -72,7 +72,7 @@ |
1111 |
- |
1112 |
- all: lib subdirs |
1113 |
- |
1114 |
--lib: $(LIBOBJ) |
1115 |
-+lib: $(LIBOBJ) | subdirs |
1116 |
- @if [ -n "$(SHARED_LIBS)" ]; then \ |
1117 |
- set -e; \ |
1118 |
- for l in $(LIBNAMES); do \ |
1119 |
-@@ -89,7 +89,7 @@ |
1120 |
- |
1121 |
- subdirs: |
1122 |
- echo $(EDIRS) |
1123 |
-- @target=all; $(RECURSIVE_MAKE) |
1124 |
-+ +@target=all; $(RECURSIVE_MAKE) |
1125 |
- |
1126 |
- files: |
1127 |
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
1128 |
-@@ -128,7 +128,7 @@ |
1129 |
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ |
1130 |
- done; \ |
1131 |
- fi |
1132 |
-- @target=install; $(RECURSIVE_MAKE) |
1133 |
-+ +@target=install; $(RECURSIVE_MAKE) |
1134 |
- |
1135 |
- tags: |
1136 |
- ctags $(SRC) |
1137 |
---- a/test/Makefile |
1138 |
-+++ b/test/Makefile |
1139 |
-@@ -123,7 +123,7 @@ |
1140 |
- tags: |
1141 |
- ctags $(SRC) |
1142 |
- |
1143 |
--tests: exe apps $(TESTS) |
1144 |
-+tests: exe $(TESTS) |
1145 |
- |
1146 |
- apps: |
1147 |
- @(cd ..; $(MAKE) DIRS=apps all) |
1148 |
-@@ -365,109 +365,109 @@ |
1149 |
- link_app.$${shlib_target} |
1150 |
- |
1151 |
- $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) |
1152 |
-- @target=$(RSATEST); $(BUILD_CMD) |
1153 |
-+ +@target=$(RSATEST); $(BUILD_CMD) |
1154 |
- |
1155 |
- $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) |
1156 |
-- @target=$(BNTEST); $(BUILD_CMD) |
1157 |
-+ +@target=$(BNTEST); $(BUILD_CMD) |
1158 |
- |
1159 |
- $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) |
1160 |
-- @target=$(ECTEST); $(BUILD_CMD) |
1161 |
-+ +@target=$(ECTEST); $(BUILD_CMD) |
1162 |
- |
1163 |
- $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) |
1164 |
-- @target=$(EXPTEST); $(BUILD_CMD) |
1165 |
-+ +@target=$(EXPTEST); $(BUILD_CMD) |
1166 |
- |
1167 |
- $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) |
1168 |
-- @target=$(IDEATEST); $(BUILD_CMD) |
1169 |
-+ +@target=$(IDEATEST); $(BUILD_CMD) |
1170 |
- |
1171 |
- $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) |
1172 |
-- @target=$(MD2TEST); $(BUILD_CMD) |
1173 |
-+ +@target=$(MD2TEST); $(BUILD_CMD) |
1174 |
- |
1175 |
- $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) |
1176 |
-- @target=$(SHATEST); $(BUILD_CMD) |
1177 |
-+ +@target=$(SHATEST); $(BUILD_CMD) |
1178 |
- |
1179 |
- $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) |
1180 |
-- @target=$(SHA1TEST); $(BUILD_CMD) |
1181 |
-+ +@target=$(SHA1TEST); $(BUILD_CMD) |
1182 |
- |
1183 |
- $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) |
1184 |
-- @target=$(SHA256TEST); $(BUILD_CMD) |
1185 |
-+ +@target=$(SHA256TEST); $(BUILD_CMD) |
1186 |
- |
1187 |
- $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) |
1188 |
-- @target=$(SHA512TEST); $(BUILD_CMD) |
1189 |
-+ +@target=$(SHA512TEST); $(BUILD_CMD) |
1190 |
- |
1191 |
- $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) |
1192 |
-- @target=$(RMDTEST); $(BUILD_CMD) |
1193 |
-+ +@target=$(RMDTEST); $(BUILD_CMD) |
1194 |
- |
1195 |
- $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) |
1196 |
-- @target=$(MDC2TEST); $(BUILD_CMD) |
1197 |
-+ +@target=$(MDC2TEST); $(BUILD_CMD) |
1198 |
- |
1199 |
- $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) |
1200 |
-- @target=$(MD4TEST); $(BUILD_CMD) |
1201 |
-+ +@target=$(MD4TEST); $(BUILD_CMD) |
1202 |
- |
1203 |
- $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) |
1204 |
-- @target=$(MD5TEST); $(BUILD_CMD) |
1205 |
-+ +@target=$(MD5TEST); $(BUILD_CMD) |
1206 |
- |
1207 |
- $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) |
1208 |
-- @target=$(HMACTEST); $(BUILD_CMD) |
1209 |
-+ +@target=$(HMACTEST); $(BUILD_CMD) |
1210 |
- |
1211 |
- $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) |
1212 |
-- @target=$(WPTEST); $(BUILD_CMD) |
1213 |
-+ +@target=$(WPTEST); $(BUILD_CMD) |
1214 |
- |
1215 |
- $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) |
1216 |
-- @target=$(RC2TEST); $(BUILD_CMD) |
1217 |
-+ +@target=$(RC2TEST); $(BUILD_CMD) |
1218 |
- |
1219 |
- $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) |
1220 |
-- @target=$(BFTEST); $(BUILD_CMD) |
1221 |
-+ +@target=$(BFTEST); $(BUILD_CMD) |
1222 |
- |
1223 |
- $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) |
1224 |
-- @target=$(CASTTEST); $(BUILD_CMD) |
1225 |
-+ +@target=$(CASTTEST); $(BUILD_CMD) |
1226 |
- |
1227 |
- $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) |
1228 |
-- @target=$(RC4TEST); $(BUILD_CMD) |
1229 |
-+ +@target=$(RC4TEST); $(BUILD_CMD) |
1230 |
- |
1231 |
- $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) |
1232 |
-- @target=$(RC5TEST); $(BUILD_CMD) |
1233 |
-+ +@target=$(RC5TEST); $(BUILD_CMD) |
1234 |
- |
1235 |
- $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) |
1236 |
-- @target=$(DESTEST); $(BUILD_CMD) |
1237 |
-+ +@target=$(DESTEST); $(BUILD_CMD) |
1238 |
- |
1239 |
- $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) |
1240 |
-- @target=$(RANDTEST); $(BUILD_CMD) |
1241 |
-+ +@target=$(RANDTEST); $(BUILD_CMD) |
1242 |
- |
1243 |
- $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) |
1244 |
-- @target=$(DHTEST); $(BUILD_CMD) |
1245 |
-+ +@target=$(DHTEST); $(BUILD_CMD) |
1246 |
- |
1247 |
- $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) |
1248 |
-- @target=$(DSATEST); $(BUILD_CMD) |
1249 |
-+ +@target=$(DSATEST); $(BUILD_CMD) |
1250 |
- |
1251 |
- $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) |
1252 |
-- @target=$(METHTEST); $(BUILD_CMD) |
1253 |
-+ +@target=$(METHTEST); $(BUILD_CMD) |
1254 |
- |
1255 |
- $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) |
1256 |
-- @target=$(SSLTEST); $(FIPS_BUILD_CMD) |
1257 |
-+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) |
1258 |
- |
1259 |
- $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) |
1260 |
-- @target=$(ENGINETEST); $(BUILD_CMD) |
1261 |
-+ +@target=$(ENGINETEST); $(BUILD_CMD) |
1262 |
- |
1263 |
- $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) |
1264 |
-- @target=$(EVPTEST); $(BUILD_CMD) |
1265 |
-+ +@target=$(EVPTEST); $(BUILD_CMD) |
1266 |
- |
1267 |
- $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) |
1268 |
-- @target=$(ECDSATEST); $(BUILD_CMD) |
1269 |
-+ +@target=$(ECDSATEST); $(BUILD_CMD) |
1270 |
- |
1271 |
- $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) |
1272 |
-- @target=$(ECDHTEST); $(BUILD_CMD) |
1273 |
-+ +@target=$(ECDHTEST); $(BUILD_CMD) |
1274 |
- |
1275 |
- $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) |
1276 |
-- @target=$(IGETEST); $(BUILD_CMD) |
1277 |
-+ +@target=$(IGETEST); $(BUILD_CMD) |
1278 |
- |
1279 |
- $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) |
1280 |
-- @target=$(JPAKETEST); $(BUILD_CMD) |
1281 |
-+ +@target=$(JPAKETEST); $(BUILD_CMD) |
1282 |
- |
1283 |
- $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) |
1284 |
-- @target=$(ASN1TEST); $(BUILD_CMD) |
1285 |
-+ +@target=$(ASN1TEST); $(BUILD_CMD) |
1286 |
- |
1287 |
- $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) |
1288 |
-- @target=$(SRPTEST); $(BUILD_CMD) |
1289 |
-+ +@target=$(SRPTEST); $(BUILD_CMD) |
1290 |
- |
1291 |
- #$(AESTEST).o: $(AESTEST).c |
1292 |
- # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c |
1293 |
-@@ -480,7 +480,7 @@ |
1294 |
- # fi |
1295 |
- |
1296 |
- dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) |
1297 |
-- @target=dummytest; $(BUILD_CMD) |
1298 |
-+ +@target=dummytest; $(BUILD_CMD) |
1299 |
- |
1300 |
- # DO NOT DELETE THIS LINE -- make depend depends on it. |
1301 |
- |
1302 |
---- a/crypto/objects/Makefile |
1303 |
-+++ b/crypto/objects/Makefile |
1304 |
-@@ -44,11 +44,11 @@ obj_dat.h: obj_dat.pl obj_mac.h |
1305 |
- # objects.pl both reads and writes obj_mac.num |
1306 |
- obj_mac.h: objects.pl objects.txt obj_mac.num |
1307 |
- $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h |
1308 |
-- @sleep 1; touch obj_mac.h; sleep 1 |
1309 |
- |
1310 |
--obj_xref.h: objxref.pl obj_xref.txt obj_mac.num |
1311 |
-+# This doesn't really need obj_mac.h, but since that rule reads & writes |
1312 |
-+# obj_mac.num, we can't run in parallel with it. |
1313 |
-+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h |
1314 |
- $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h |
1315 |
-- @sleep 1; touch obj_xref.h; sleep 1 |
1316 |
- |
1317 |
- files: |
1318 |
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
1319 |
|
1320 |
diff --git a/dev-libs/openssl/files/openssl-1.0.1-x32.patch b/dev-libs/openssl/files/openssl-1.0.1-x32.patch |
1321 |
deleted file mode 100644 |
1322 |
index 5106cb6..0000000 |
1323 |
--- a/dev-libs/openssl/files/openssl-1.0.1-x32.patch |
1324 |
+++ /dev/null |
1325 |
@@ -1,79 +0,0 @@ |
1326 |
-http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=51bfed2e26fc13a66e8b5710aa2ce1d7a04af721 |
1327 |
- |
1328 |
-UpstreamStatus: Pending |
1329 |
- |
1330 |
-Received from H J Liu @ Intel |
1331 |
-Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors. |
1332 |
-Signed-Off-By: Nitin A Kamble <nitin.a.kamble@×××××.com> 2011/07/13 |
1333 |
- |
1334 |
-ported the patch to the 1.0.0e version |
1335 |
-Signed-Off-By: Nitin A Kamble <nitin.a.kamble@×××××.com> 2011/12/01 |
1336 |
-Index: openssl-1.0.0e/Configure |
1337 |
-=================================================================== |
1338 |
---- openssl-1.0.0e.orig/Configure |
1339 |
-+++ openssl-1.0.0e/Configure |
1340 |
-@@ -393,6 +393,7 @@ my %table=( |
1341 |
- "debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
1342 |
- "debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
1343 |
- "debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", |
1344 |
-+"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
1345 |
- "dist", "cc:-O::(unknown)::::::", |
1346 |
- |
1347 |
- # Basic configs that should work on any (32 and less bit) box |
1348 |
-Index: openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c |
1349 |
-=================================================================== |
1350 |
---- openssl-1.0.0e.orig/crypto/bn/asm/x86_64-gcc.c |
1351 |
-+++ openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c |
1352 |
-@@ -55,7 +55,7 @@ |
1353 |
- * machine. |
1354 |
- */ |
1355 |
- |
1356 |
--#ifdef _WIN64 |
1357 |
-+#if defined _WIN64 || !defined __LP64__ |
1358 |
- #define BN_ULONG unsigned long long |
1359 |
- #else |
1360 |
- #define BN_ULONG unsigned long |
1361 |
-@@ -192,9 +192,9 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con |
1362 |
- asm ( |
1363 |
- " subq %2,%2 \n" |
1364 |
- ".p2align 4 \n" |
1365 |
-- "1: movq (%4,%2,8),%0 \n" |
1366 |
-- " adcq (%5,%2,8),%0 \n" |
1367 |
-- " movq %0,(%3,%2,8) \n" |
1368 |
-+ "1: movq (%q4,%2,8),%0 \n" |
1369 |
-+ " adcq (%q5,%2,8),%0 \n" |
1370 |
-+ " movq %0,(%q3,%2,8) \n" |
1371 |
- " leaq 1(%2),%2 \n" |
1372 |
- " loop 1b \n" |
1373 |
- " sbbq %0,%0 \n" |
1374 |
-@@ -215,9 +215,9 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con |
1375 |
- asm ( |
1376 |
- " subq %2,%2 \n" |
1377 |
- ".p2align 4 \n" |
1378 |
-- "1: movq (%4,%2,8),%0 \n" |
1379 |
-- " sbbq (%5,%2,8),%0 \n" |
1380 |
-- " movq %0,(%3,%2,8) \n" |
1381 |
-+ "1: movq (%q4,%2,8),%0 \n" |
1382 |
-+ " sbbq (%q5,%2,8),%0 \n" |
1383 |
-+ " movq %0,(%q3,%2,8) \n" |
1384 |
- " leaq 1(%2),%2 \n" |
1385 |
- " loop 1b \n" |
1386 |
- " sbbq %0,%0 \n" |
1387 |
-Index: openssl-1.0.0e/crypto/bn/bn.h |
1388 |
-=================================================================== |
1389 |
---- openssl-1.0.0e.orig/crypto/bn/bn.h |
1390 |
-+++ openssl-1.0.0e/crypto/bn/bn.h |
1391 |
-@@ -172,6 +172,13 @@ extern "C" { |
1392 |
- # endif |
1393 |
- #endif |
1394 |
- |
1395 |
-+/* Address type. */ |
1396 |
-+#ifdef _WIN64 |
1397 |
-+#define BN_ADDR unsigned long long |
1398 |
-+#else |
1399 |
-+#define BN_ADDR unsigned long |
1400 |
-+#endif |
1401 |
-+ |
1402 |
- /* assuming long is 64bit - this is the DEC Alpha |
1403 |
- * unsigned long long is only 64 bits :-(, don't define |
1404 |
- * BN_LLONG for the DEC Alpha */ |
1405 |
|
1406 |
diff --git a/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch b/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch |
1407 |
deleted file mode 100644 |
1408 |
index 03e4f59..0000000 |
1409 |
--- a/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch |
1410 |
+++ /dev/null |
1411 |
@@ -1,18 +0,0 @@ |
1412 |
-https://bugs.gentoo.org/472584 |
1413 |
-http://rt.openssl.org/Ticket/Display.html?id=2387&user=guest&pass=guest |
1414 |
- |
1415 |
-fix verification handling in s_client. when loading paths, make sure |
1416 |
-we properly fallback to setting the default paths. |
1417 |
- |
1418 |
---- a/apps/s_client.c |
1419 |
-+++ b/apps/s_client.c |
1420 |
-@@ -899,7 +899,7 @@ |
1421 |
- if (!set_cert_key_stuff(ctx,cert,key)) |
1422 |
- goto end; |
1423 |
- |
1424 |
-- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || |
1425 |
-+ if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) && |
1426 |
- (!SSL_CTX_set_default_verify_paths(ctx))) |
1427 |
- { |
1428 |
- /* BIO_printf(bio_err,"error setting default verify locations\n"); */ |
1429 |
- |
1430 |
|
1431 |
diff --git a/dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch b/dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch |
1432 |
deleted file mode 100644 |
1433 |
index 10c1ba2..0000000 |
1434 |
--- a/dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch |
1435 |
+++ /dev/null |
1436 |
@@ -1,642 +0,0 @@ |
1437 |
-http://rt.openssl.org/Ticket/Display.html?id=2051&user=guest&pass=guest |
1438 |
- |
1439 |
-Forward ported from openssl-1.0.1e-ipv6.patch |
1440 |
- |
1441 |
-Signed-off-by: Lars Wendler <polynomial-c@g.o> |
1442 |
- |
1443 |
---- openssl-1.0.1h/apps/s_apps.h |
1444 |
-+++ openssl-1.0.1h/apps/s_apps.h |
1445 |
-@@ -148,7 +148,7 @@ |
1446 |
- #define PORT_STR "4433" |
1447 |
- #define PROTOCOL "tcp" |
1448 |
- |
1449 |
--int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context); |
1450 |
-+int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6); |
1451 |
- #ifdef HEADER_X509_H |
1452 |
- int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); |
1453 |
- #endif |
1454 |
-@@ -156,7 +156,7 @@ |
1455 |
- int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file); |
1456 |
- int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key); |
1457 |
- #endif |
1458 |
--int init_client(int *sock, char *server, int port, int type); |
1459 |
-+int init_client(int *sock, char *server, int port, int type, int use_ipv4, int use_ipv6); |
1460 |
- int should_retry(int i); |
1461 |
- int extract_port(char *str, short *port_ptr); |
1462 |
- int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p); |
1463 |
---- openssl-1.0.1h/apps/s_client.c |
1464 |
-+++ openssl-1.0.1h/apps/s_client.c |
1465 |
-@@ -285,6 +285,10 @@ |
1466 |
- { |
1467 |
- BIO_printf(bio_err,"usage: s_client args\n"); |
1468 |
- BIO_printf(bio_err,"\n"); |
1469 |
-+ BIO_printf(bio_err," -4 - use IPv4 only\n"); |
1470 |
-+#if OPENSSL_USE_IPV6 |
1471 |
-+ BIO_printf(bio_err," -6 - use IPv6 only\n"); |
1472 |
-+#endif |
1473 |
- BIO_printf(bio_err," -host host - use -connect instead\n"); |
1474 |
- BIO_printf(bio_err," -port port - use -connect instead\n"); |
1475 |
- BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); |
1476 |
-@@ -568,6 +572,7 @@ |
1477 |
- int sbuf_len,sbuf_off; |
1478 |
- fd_set readfds,writefds; |
1479 |
- short port=PORT; |
1480 |
-+ int use_ipv4, use_ipv6; |
1481 |
- int full_log=1; |
1482 |
- char *host=SSL_HOST_NAME; |
1483 |
- char *cert_file=NULL,*key_file=NULL; |
1484 |
-@@ -613,7 +618,11 @@ |
1485 |
- #endif |
1486 |
- char *sess_in = NULL; |
1487 |
- char *sess_out = NULL; |
1488 |
-- struct sockaddr peer; |
1489 |
-+#if OPENSSL_USE_IPV6 |
1490 |
-+ struct sockaddr_storage peer; |
1491 |
-+#else |
1492 |
-+ struct sockaddr_in peer; |
1493 |
-+#endif |
1494 |
- int peerlen = sizeof(peer); |
1495 |
- int enable_timeouts = 0 ; |
1496 |
- long socket_mtu = 0; |
1497 |
-@@ -628,6 +637,12 @@ |
1498 |
- |
1499 |
- meth=SSLv23_client_method(); |
1500 |
- |
1501 |
-+ use_ipv4 = 1; |
1502 |
-+#if OPENSSL_USE_IPV6 |
1503 |
-+ use_ipv6 = 1; |
1504 |
-+#else |
1505 |
-+ use_ipv6 = 0; |
1506 |
-+#endif |
1507 |
- apps_startup(); |
1508 |
- c_Pause=0; |
1509 |
- c_quiet=0; |
1510 |
-@@ -949,6 +964,18 @@ |
1511 |
- jpake_secret = *++argv; |
1512 |
- } |
1513 |
- #endif |
1514 |
-+ else if (strcmp(*argv,"-4") == 0) |
1515 |
-+ { |
1516 |
-+ use_ipv4 = 1; |
1517 |
-+ use_ipv6 = 0; |
1518 |
-+ } |
1519 |
-+#if OPENSSL_USE_IPV6 |
1520 |
-+ else if (strcmp(*argv,"-6") == 0) |
1521 |
-+ { |
1522 |
-+ use_ipv4 = 0; |
1523 |
-+ use_ipv6 = 1; |
1524 |
-+ } |
1525 |
-+#endif |
1526 |
- #ifndef OPENSSL_NO_SRTP |
1527 |
- else if (strcmp(*argv,"-use_srtp") == 0) |
1528 |
- { |
1529 |
-@@ -1260,7 +1287,7 @@ |
1530 |
- |
1531 |
- re_start: |
1532 |
- |
1533 |
-- if (init_client(&s,host,port,socket_type) == 0) |
1534 |
-+ if (init_client(&s,host,port,socket_type,use_ipv4,use_ipv6) == 0) |
1535 |
- { |
1536 |
- BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error()); |
1537 |
- SHUTDOWN(s); |
1538 |
-@@ -1286,7 +1313,7 @@ |
1539 |
- { |
1540 |
- |
1541 |
- sbio=BIO_new_dgram(s,BIO_NOCLOSE); |
1542 |
-- if (getsockname(s, &peer, (void *)&peerlen) < 0) |
1543 |
-+ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0) |
1544 |
- { |
1545 |
- BIO_printf(bio_err, "getsockname:errno=%d\n", |
1546 |
- get_last_socket_error()); |
1547 |
---- openssl-1.0.1h/apps/s_server.c |
1548 |
-+++ openssl-1.0.1h/apps/s_server.c |
1549 |
-@@ -560,6 +560,10 @@ |
1550 |
- BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); |
1551 |
- # endif |
1552 |
- #endif |
1553 |
-+ BIO_printf(bio_err," -4 - use IPv4 only\n"); |
1554 |
-+#if OPENSSL_USE_IPV6 |
1555 |
-+ BIO_printf(bio_err," -6 - use IPv6 only\n"); |
1556 |
-+#endif |
1557 |
- BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); |
1558 |
- BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); |
1559 |
- } |
1560 |
-@@ -947,6 +951,7 @@ |
1561 |
- int state=0; |
1562 |
- const SSL_METHOD *meth=NULL; |
1563 |
- int socket_type=SOCK_STREAM; |
1564 |
-+ int use_ipv4, use_ipv6; |
1565 |
- ENGINE *e=NULL; |
1566 |
- char *inrand=NULL; |
1567 |
- int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; |
1568 |
-@@ -975,6 +980,12 @@ |
1569 |
- #endif |
1570 |
- meth=SSLv23_server_method(); |
1571 |
- |
1572 |
-+ use_ipv4 = 1; |
1573 |
-+#if OPENSSL_USE_IPV6 |
1574 |
-+ use_ipv6 = 1; |
1575 |
-+#else |
1576 |
-+ use_ipv6 = 0; |
1577 |
-+#endif |
1578 |
- local_argc=argc; |
1579 |
- local_argv=argv; |
1580 |
- |
1581 |
-@@ -1323,6 +1334,18 @@ |
1582 |
- jpake_secret = *(++argv); |
1583 |
- } |
1584 |
- #endif |
1585 |
-+ else if (strcmp(*argv,"-4") == 0) |
1586 |
-+ { |
1587 |
-+ use_ipv4 = 1; |
1588 |
-+ use_ipv6 = 0; |
1589 |
-+ } |
1590 |
-+#if OPENSSL_USE_IPV6 |
1591 |
-+ else if (strcmp(*argv,"-6") == 0) |
1592 |
-+ { |
1593 |
-+ use_ipv4 = 0; |
1594 |
-+ use_ipv6 = 1; |
1595 |
-+ } |
1596 |
-+#endif |
1597 |
- #ifndef OPENSSL_NO_SRTP |
1598 |
- else if (strcmp(*argv,"-use_srtp") == 0) |
1599 |
- { |
1600 |
-@@ -1881,9 +1904,9 @@ |
1601 |
- BIO_printf(bio_s_out,"ACCEPT\n"); |
1602 |
- (void)BIO_flush(bio_s_out); |
1603 |
- if (www) |
1604 |
-- do_server(port,socket_type,&accept_socket,www_body, context); |
1605 |
-+ do_server(port,socket_type,&accept_socket,www_body, context, use_ipv4, use_ipv6); |
1606 |
- else |
1607 |
-- do_server(port,socket_type,&accept_socket,sv_body, context); |
1608 |
-+ do_server(port,socket_type,&accept_socket,sv_body, context, use_ipv4, use_ipv6); |
1609 |
- print_stats(bio_s_out,ctx); |
1610 |
- ret=0; |
1611 |
- end: |
1612 |
---- openssl-1.0.1h/apps/s_socket.c |
1613 |
-+++ openssl-1.0.1h/apps/s_socket.c |
1614 |
-@@ -97,16 +97,16 @@ |
1615 |
- #include "netdb.h" |
1616 |
- #endif |
1617 |
- |
1618 |
--static struct hostent *GetHostByName(char *name); |
1619 |
-+static struct hostent *GetHostByName(char *name, int domain); |
1620 |
- #if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) |
1621 |
- static void ssl_sock_cleanup(void); |
1622 |
- #endif |
1623 |
- static int ssl_sock_init(void); |
1624 |
--static int init_client_ip(int *sock,unsigned char ip[4], int port, int type); |
1625 |
--static int init_server(int *sock, int port, int type); |
1626 |
--static int init_server_long(int *sock, int port,char *ip, int type); |
1627 |
-+static int init_client_ip(int *sock,unsigned char *ip, int port, int type, int domain); |
1628 |
-+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6); |
1629 |
-+static int init_server_long(int *sock, int port,char *ip, int type, int use_ipv4, int use_ipv6); |
1630 |
- static int do_accept(int acc_sock, int *sock, char **host); |
1631 |
--static int host_ip(char *str, unsigned char ip[4]); |
1632 |
-+static int host_ip(char *str, unsigned char *ip, int domain); |
1633 |
- |
1634 |
- #ifdef OPENSSL_SYS_WIN16 |
1635 |
- #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ |
1636 |
-@@ -234,38 +234,68 @@ |
1637 |
- return(1); |
1638 |
- } |
1639 |
- |
1640 |
--int init_client(int *sock, char *host, int port, int type) |
1641 |
-+int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6) |
1642 |
- { |
1643 |
-+#if OPENSSL_USE_IPV6 |
1644 |
-+ unsigned char ip[16]; |
1645 |
-+#else |
1646 |
- unsigned char ip[4]; |
1647 |
-+#endif |
1648 |
- |
1649 |
-- memset(ip, '\0', sizeof ip); |
1650 |
-- if (!host_ip(host,&(ip[0]))) |
1651 |
-- return 0; |
1652 |
-- return init_client_ip(sock,ip,port,type); |
1653 |
-- } |
1654 |
-- |
1655 |
--static int init_client_ip(int *sock, unsigned char ip[4], int port, int type) |
1656 |
-- { |
1657 |
-- unsigned long addr; |
1658 |
-+ if (use_ipv4) |
1659 |
-+ if (host_ip(host,ip,AF_INET)) |
1660 |
-+ return(init_client_ip(sock,ip,port,type,AF_INET)); |
1661 |
-+#if OPENSSL_USE_IPV6 |
1662 |
-+ if (use_ipv6) |
1663 |
-+ if (host_ip(host,ip,AF_INET6)) |
1664 |
-+ return(init_client_ip(sock,ip,port,type,AF_INET6)); |
1665 |
-+#endif |
1666 |
-+ return 0; |
1667 |
-+ } |
1668 |
-+ |
1669 |
-+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain) |
1670 |
-+ { |
1671 |
-+#if OPENSSL_USE_IPV6 |
1672 |
-+ struct sockaddr_storage them; |
1673 |
-+ struct sockaddr_in *them_in = (struct sockaddr_in *)&them; |
1674 |
-+ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them; |
1675 |
-+#else |
1676 |
- struct sockaddr_in them; |
1677 |
-+ struct sockaddr_in *them_in = &them; |
1678 |
-+#endif |
1679 |
-+ socklen_t addr_len; |
1680 |
- int s,i; |
1681 |
- |
1682 |
- if (!ssl_sock_init()) return(0); |
1683 |
- |
1684 |
- memset((char *)&them,0,sizeof(them)); |
1685 |
-- them.sin_family=AF_INET; |
1686 |
-- them.sin_port=htons((unsigned short)port); |
1687 |
-- addr=(unsigned long) |
1688 |
-- ((unsigned long)ip[0]<<24L)| |
1689 |
-- ((unsigned long)ip[1]<<16L)| |
1690 |
-- ((unsigned long)ip[2]<< 8L)| |
1691 |
-- ((unsigned long)ip[3]); |
1692 |
-- them.sin_addr.s_addr=htonl(addr); |
1693 |
-+ if (domain == AF_INET) |
1694 |
-+ { |
1695 |
-+ addr_len = (socklen_t)sizeof(struct sockaddr_in); |
1696 |
-+ them_in->sin_family=AF_INET; |
1697 |
-+ them_in->sin_port=htons((unsigned short)port); |
1698 |
-+#ifndef BIT_FIELD_LIMITS |
1699 |
-+ memcpy(&them_in->sin_addr.s_addr, ip, 4); |
1700 |
-+#else |
1701 |
-+ memcpy(&them_in->sin_addr, ip, 4); |
1702 |
-+#endif |
1703 |
-+ } |
1704 |
-+ else |
1705 |
-+#if OPENSSL_USE_IPV6 |
1706 |
-+ { |
1707 |
-+ addr_len = (socklen_t)sizeof(struct sockaddr_in6); |
1708 |
-+ them_in6->sin6_family=AF_INET6; |
1709 |
-+ them_in6->sin6_port=htons((unsigned short)port); |
1710 |
-+ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr)); |
1711 |
-+ } |
1712 |
-+#else |
1713 |
-+ return(0); |
1714 |
-+#endif |
1715 |
- |
1716 |
- if (type == SOCK_STREAM) |
1717 |
-- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); |
1718 |
-+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL); |
1719 |
- else /* ( type == SOCK_DGRAM) */ |
1720 |
-- s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP); |
1721 |
-+ s=socket(domain,SOCK_DGRAM,IPPROTO_UDP); |
1722 |
- |
1723 |
- if (s == INVALID_SOCKET) { perror("socket"); return(0); } |
1724 |
- |
1725 |
-@@ -277,29 +307,27 @@ |
1726 |
- if (i < 0) { closesocket(s); perror("keepalive"); return(0); } |
1727 |
- } |
1728 |
- #endif |
1729 |
-- |
1730 |
-- if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1) |
1731 |
-+ if (connect(s,(struct sockaddr *)&them,addr_len) == -1) |
1732 |
- { closesocket(s); perror("connect"); return(0); } |
1733 |
- *sock=s; |
1734 |
- return(1); |
1735 |
- } |
1736 |
- |
1737 |
--int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context) |
1738 |
-+int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6) |
1739 |
- { |
1740 |
- int sock; |
1741 |
- char *name = NULL; |
1742 |
- int accept_socket = 0; |
1743 |
- int i; |
1744 |
- |
1745 |
-- if (!init_server(&accept_socket,port,type)) return(0); |
1746 |
-- |
1747 |
-+ if (!init_server(&accept_socket,port,type, use_ipv4, use_ipv6)) return(0); |
1748 |
- if (ret != NULL) |
1749 |
- { |
1750 |
- *ret=accept_socket; |
1751 |
- /* return(1);*/ |
1752 |
- } |
1753 |
-- for (;;) |
1754 |
-- { |
1755 |
-+ for (;;) |
1756 |
-+ { |
1757 |
- if (type==SOCK_STREAM) |
1758 |
- { |
1759 |
- if (do_accept(accept_socket,&sock,&name) == 0) |
1760 |
-@@ -322,41 +350,88 @@ |
1761 |
- } |
1762 |
- } |
1763 |
- |
1764 |
--static int init_server_long(int *sock, int port, char *ip, int type) |
1765 |
-+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6) |
1766 |
- { |
1767 |
- int ret=0; |
1768 |
-+ int domain; |
1769 |
-+#if OPENSSL_USE_IPV6 |
1770 |
-+ struct sockaddr_storage server; |
1771 |
-+ struct sockaddr_in *server_in = (struct sockaddr_in *)&server; |
1772 |
-+ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server; |
1773 |
-+#else |
1774 |
- struct sockaddr_in server; |
1775 |
-+ struct sockaddr_in *server_in = &server; |
1776 |
-+#endif |
1777 |
-+ socklen_t addr_len; |
1778 |
- int s= -1; |
1779 |
- |
1780 |
-+ if (!use_ipv4 && !use_ipv6) |
1781 |
-+ goto err; |
1782 |
-+#if OPENSSL_USE_IPV6 |
1783 |
-+ /* we are fine here */ |
1784 |
-+#else |
1785 |
-+ if (use_ipv6) |
1786 |
-+ goto err; |
1787 |
-+#endif |
1788 |
- if (!ssl_sock_init()) return(0); |
1789 |
- |
1790 |
-- memset((char *)&server,0,sizeof(server)); |
1791 |
-- server.sin_family=AF_INET; |
1792 |
-- server.sin_port=htons((unsigned short)port); |
1793 |
-- if (ip == NULL) |
1794 |
-- server.sin_addr.s_addr=INADDR_ANY; |
1795 |
-- else |
1796 |
--/* Added for T3E, address-of fails on bit field (beckman@××××××××.gov) */ |
1797 |
--#ifndef BIT_FIELD_LIMITS |
1798 |
-- memcpy(&server.sin_addr.s_addr,ip,4); |
1799 |
-+#if OPENSSL_USE_IPV6 |
1800 |
-+ domain = use_ipv6 ? AF_INET6 : AF_INET; |
1801 |
- #else |
1802 |
-- memcpy(&server.sin_addr,ip,4); |
1803 |
-+ domain = AF_INET; |
1804 |
- #endif |
1805 |
-- |
1806 |
-- if (type == SOCK_STREAM) |
1807 |
-- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); |
1808 |
-- else /* type == SOCK_DGRAM */ |
1809 |
-- s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP); |
1810 |
-+ if (type == SOCK_STREAM) |
1811 |
-+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL); |
1812 |
-+ else /* type == SOCK_DGRAM */ |
1813 |
-+ s=socket(domain, SOCK_DGRAM,IPPROTO_UDP); |
1814 |
- |
1815 |
- if (s == INVALID_SOCKET) goto err; |
1816 |
- #if defined SOL_SOCKET && defined SO_REUSEADDR |
1817 |
-+ { |
1818 |
-+ int j = 1; |
1819 |
-+ setsockopt(s, SOL_SOCKET, SO_REUSEADDR, |
1820 |
-+ (void *) &j, sizeof j); |
1821 |
-+ } |
1822 |
-+#endif |
1823 |
-+#if OPENSSL_USE_IPV6 |
1824 |
-+ if ((use_ipv4 == 0) && (use_ipv6 == 1)) |
1825 |
-+ { |
1826 |
-+ const int on = 1; |
1827 |
-+ |
1828 |
-+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, |
1829 |
-+ (const void *) &on, sizeof(int)); |
1830 |
-+ } |
1831 |
-+#endif |
1832 |
-+ if (domain == AF_INET) |
1833 |
-+ { |
1834 |
-+ addr_len = (socklen_t)sizeof(struct sockaddr_in); |
1835 |
-+ memset(server_in, 0, sizeof(struct sockaddr_in)); |
1836 |
-+ server_in->sin_family=AF_INET; |
1837 |
-+ server_in->sin_port = htons((unsigned short)port); |
1838 |
-+ if (ip == NULL) |
1839 |
-+ server_in->sin_addr.s_addr = htonl(INADDR_ANY); |
1840 |
-+ else |
1841 |
-+/* Added for T3E, address-of fails on bit field (beckman@××××××××.gov) */ |
1842 |
-+#ifndef BIT_FIELD_LIMITS |
1843 |
-+ memcpy(&server_in->sin_addr.s_addr, ip, 4); |
1844 |
-+#else |
1845 |
-+ memcpy(&server_in->sin_addr, ip, 4); |
1846 |
-+#endif |
1847 |
-+ } |
1848 |
-+#if OPENSSL_USE_IPV6 |
1849 |
-+ else |
1850 |
- { |
1851 |
-- int j = 1; |
1852 |
-- setsockopt(s, SOL_SOCKET, SO_REUSEADDR, |
1853 |
-- (void *) &j, sizeof j); |
1854 |
-+ addr_len = (socklen_t)sizeof(struct sockaddr_in6); |
1855 |
-+ memset(server_in6, 0, sizeof(struct sockaddr_in6)); |
1856 |
-+ server_in6->sin6_family = AF_INET6; |
1857 |
-+ server_in6->sin6_port = htons((unsigned short)port); |
1858 |
-+ if (ip == NULL) |
1859 |
-+ server_in6->sin6_addr = in6addr_any; |
1860 |
-+ else |
1861 |
-+ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr)); |
1862 |
- } |
1863 |
- #endif |
1864 |
-- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1) |
1865 |
-+ if (bind(s, (struct sockaddr *)&server, addr_len) == -1) |
1866 |
- { |
1867 |
- #ifndef OPENSSL_SYS_WINDOWS |
1868 |
- perror("bind"); |
1869 |
-@@ -375,16 +450,23 @@ |
1870 |
- return(ret); |
1871 |
- } |
1872 |
- |
1873 |
--static int init_server(int *sock, int port, int type) |
1874 |
-+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6) |
1875 |
- { |
1876 |
-- return(init_server_long(sock, port, NULL, type)); |
1877 |
-+ return(init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6)); |
1878 |
- } |
1879 |
- |
1880 |
- static int do_accept(int acc_sock, int *sock, char **host) |
1881 |
- { |
1882 |
- int ret; |
1883 |
- struct hostent *h1,*h2; |
1884 |
-- static struct sockaddr_in from; |
1885 |
-+#if OPENSSL_USE_IPV6 |
1886 |
-+ struct sockaddr_storage from; |
1887 |
-+ struct sockaddr_in *from_in = (struct sockaddr_in *)&from; |
1888 |
-+ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from; |
1889 |
-+#else |
1890 |
-+ struct sockaddr_in from; |
1891 |
-+ struct sockaddr_in *from_in = &from; |
1892 |
-+#endif |
1893 |
- int len; |
1894 |
- /* struct linger ling; */ |
1895 |
- |
1896 |
-@@ -431,13 +513,23 @@ |
1897 |
- */ |
1898 |
- |
1899 |
- if (host == NULL) goto end; |
1900 |
-+#if OPENSSL_USE_IPV6 |
1901 |
-+ if (from.ss_family == AF_INET) |
1902 |
-+#else |
1903 |
-+ if (from.sin_family == AF_INET) |
1904 |
-+#endif |
1905 |
- #ifndef BIT_FIELD_LIMITS |
1906 |
-- /* I should use WSAAsyncGetHostByName() under windows */ |
1907 |
-- h1=gethostbyaddr((char *)&from.sin_addr.s_addr, |
1908 |
-- sizeof(from.sin_addr.s_addr),AF_INET); |
1909 |
-+ /* I should use WSAAsyncGetHostByName() under windows */ |
1910 |
-+ h1=gethostbyaddr((char *)&from_in->sin_addr.s_addr, |
1911 |
-+ sizeof(from_in->sin_addr.s_addr), AF_INET); |
1912 |
- #else |
1913 |
-- h1=gethostbyaddr((char *)&from.sin_addr, |
1914 |
-- sizeof(struct in_addr),AF_INET); |
1915 |
-+ h1=gethostbyaddr((char *)&from_in->sin_addr, |
1916 |
-+ sizeof(struct in_addr), AF_INET); |
1917 |
-+#endif |
1918 |
-+#if OPENSSL_USE_IPV6 |
1919 |
-+ else |
1920 |
-+ h1=gethostbyaddr((char *)&from_in6->sin6_addr, |
1921 |
-+ sizeof(struct in6_addr), AF_INET6); |
1922 |
- #endif |
1923 |
- if (h1 == NULL) |
1924 |
- { |
1925 |
-@@ -455,16 +547,25 @@ |
1926 |
- } |
1927 |
- BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1); |
1928 |
- |
1929 |
-- h2=GetHostByName(*host); |
1930 |
-+#if OPENSSL_USE_IPV6 |
1931 |
-+ h2=GetHostByName(*host, from.ss_family); |
1932 |
-+#else |
1933 |
-+ h2=GetHostByName(*host, from.sin_family); |
1934 |
-+#endif |
1935 |
-+ |
1936 |
- if (h2 == NULL) |
1937 |
- { |
1938 |
- BIO_printf(bio_err,"gethostbyname failure\n"); |
1939 |
- closesocket(ret); |
1940 |
- return(0); |
1941 |
- } |
1942 |
-- if (h2->h_addrtype != AF_INET) |
1943 |
-+#if OPENSSL_USE_IPV6 |
1944 |
-+ if (h2->h_addrtype != from.ss_family) |
1945 |
-+#else |
1946 |
-+ if (h2->h_addrtype != from.sin_family) |
1947 |
-+#endif |
1948 |
- { |
1949 |
-- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); |
1950 |
-+ BIO_printf(bio_err,"gethostbyname addr address is not correct\n"); |
1951 |
- closesocket(ret); |
1952 |
- return(0); |
1953 |
- } |
1954 |
-@@ -480,7 +581,7 @@ |
1955 |
- char *h,*p; |
1956 |
- |
1957 |
- h=str; |
1958 |
-- p=strchr(str,':'); |
1959 |
-+ p=strrchr(str,':'); |
1960 |
- if (p == NULL) |
1961 |
- { |
1962 |
- BIO_printf(bio_err,"no port defined\n"); |
1963 |
-@@ -488,7 +589,7 @@ |
1964 |
- } |
1965 |
- *(p++)='\0'; |
1966 |
- |
1967 |
-- if ((ip != NULL) && !host_ip(str,ip)) |
1968 |
-+ if ((ip != NULL) && !host_ip(str,ip,AF_INET)) |
1969 |
- goto err; |
1970 |
- if (host_ptr != NULL) *host_ptr=h; |
1971 |
- |
1972 |
-@@ -499,48 +600,58 @@ |
1973 |
- return(0); |
1974 |
- } |
1975 |
- |
1976 |
--static int host_ip(char *str, unsigned char ip[4]) |
1977 |
-+static int host_ip(char *str, unsigned char *ip, int domain) |
1978 |
- { |
1979 |
-- unsigned int in[4]; |
1980 |
-+ unsigned int in[4]; |
1981 |
-+ unsigned long l; |
1982 |
- int i; |
1983 |
- |
1984 |
-- if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4) |
1985 |
-+ if ((domain == AF_INET) && |
1986 |
-+ (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)) |
1987 |
- { |
1988 |
-+ |
1989 |
- for (i=0; i<4; i++) |
1990 |
- if (in[i] > 255) |
1991 |
- { |
1992 |
- BIO_printf(bio_err,"invalid IP address\n"); |
1993 |
- goto err; |
1994 |
- } |
1995 |
-- ip[0]=in[0]; |
1996 |
-- ip[1]=in[1]; |
1997 |
-- ip[2]=in[2]; |
1998 |
-- ip[3]=in[3]; |
1999 |
-- } |
2000 |
-+ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]); |
2001 |
-+ memcpy(ip, &l, 4); |
2002 |
-+ return 1; |
2003 |
-+ } |
2004 |
-+#if OPENSSL_USE_IPV6 |
2005 |
-+ else if ((domain == AF_INET6) && |
2006 |
-+ (inet_pton(AF_INET6, str, ip) == 1)) |
2007 |
-+ return 1; |
2008 |
-+#endif |
2009 |
- else |
2010 |
- { /* do a gethostbyname */ |
2011 |
- struct hostent *he; |
2012 |
- |
2013 |
- if (!ssl_sock_init()) return(0); |
2014 |
- |
2015 |
-- he=GetHostByName(str); |
2016 |
-+ he=GetHostByName(str,domain); |
2017 |
- if (he == NULL) |
2018 |
- { |
2019 |
- BIO_printf(bio_err,"gethostbyname failure\n"); |
2020 |
- goto err; |
2021 |
- } |
2022 |
- /* cast to short because of win16 winsock definition */ |
2023 |
-- if ((short)he->h_addrtype != AF_INET) |
2024 |
-+ if ((short)he->h_addrtype != domain) |
2025 |
- { |
2026 |
-- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); |
2027 |
-+ BIO_printf(bio_err,"gethostbyname addr family is not correct\n"); |
2028 |
- return(0); |
2029 |
- } |
2030 |
-- ip[0]=he->h_addr_list[0][0]; |
2031 |
-- ip[1]=he->h_addr_list[0][1]; |
2032 |
-- ip[2]=he->h_addr_list[0][2]; |
2033 |
-- ip[3]=he->h_addr_list[0][3]; |
2034 |
-+ if (domain == AF_INET) |
2035 |
-+ memset(ip, 0, 4); |
2036 |
-+#if OPENSSL_USE_IPV6 |
2037 |
-+ else |
2038 |
-+ memset(ip, 0, 16); |
2039 |
-+#endif |
2040 |
-+ memcpy(ip, he->h_addr_list[0], he->h_length); |
2041 |
-+ return 1; |
2042 |
- } |
2043 |
-- return(1); |
2044 |
- err: |
2045 |
- return(0); |
2046 |
- } |
2047 |
-@@ -577,7 +688,7 @@ |
2048 |
- static unsigned long ghbn_hits=0L; |
2049 |
- static unsigned long ghbn_miss=0L; |
2050 |
- |
2051 |
--static struct hostent *GetHostByName(char *name) |
2052 |
-+static struct hostent *GetHostByName(char *name, int domain) |
2053 |
- { |
2054 |
- struct hostent *ret; |
2055 |
- int i,lowi=0; |
2056 |
-@@ -592,14 +703,20 @@ |
2057 |
- } |
2058 |
- if (ghbn_cache[i].order > 0) |
2059 |
- { |
2060 |
-- if (strncmp(name,ghbn_cache[i].name,128) == 0) |
2061 |
-+ if ((strncmp(name,ghbn_cache[i].name,128) == 0) && |
2062 |
-+ (ghbn_cache[i].ent.h_addrtype == domain)) |
2063 |
- break; |
2064 |
- } |
2065 |
- } |
2066 |
- if (i == GHBN_NUM) /* no hit*/ |
2067 |
- { |
2068 |
- ghbn_miss++; |
2069 |
-- ret=gethostbyname(name); |
2070 |
-+ if (domain == AF_INET) |
2071 |
-+ ret=gethostbyname(name); |
2072 |
-+#if OPENSSL_USE_IPV6 |
2073 |
-+ else |
2074 |
-+ ret=gethostbyname2(name, AF_INET6); |
2075 |
-+#endif |
2076 |
- if (ret == NULL) return(NULL); |
2077 |
- /* else add to cache */ |
2078 |
- if(strlen(name) < sizeof ghbn_cache[0].name) |
2079 |
|
2080 |
diff --git a/dev-libs/openssl/files/openssl-1.0.1l-CVE-2015-0286.patch b/dev-libs/openssl/files/openssl-1.0.1l-CVE-2015-0286.patch |
2081 |
deleted file mode 100644 |
2082 |
index 811f573..0000000 |
2083 |
--- a/dev-libs/openssl/files/openssl-1.0.1l-CVE-2015-0286.patch |
2084 |
+++ /dev/null |
2085 |
@@ -1,356 +0,0 @@ |
2086 |
---- openssl-1.0.1l/crypto/asn1/a_type.c |
2087 |
-+++ openssl-1.0.1l/crypto/asn1/a_type.c |
2088 |
-@@ -124,6 +124,9 @@ |
2089 |
- case V_ASN1_OBJECT: |
2090 |
- result = OBJ_cmp(a->value.object, b->value.object); |
2091 |
- break; |
2092 |
-+ case V_ASN1_BOOLEAN: |
2093 |
-+ result = a->value.boolean - b->value.boolean; |
2094 |
-+ break; |
2095 |
- case V_ASN1_NULL: |
2096 |
- result = 0; /* They do not have content. */ |
2097 |
- break; |
2098 |
---- openssl-1.0.1l/crypto/asn1/tasn_dec.c |
2099 |
-+++ openssl-1.0.1l/crypto/asn1/tasn_dec.c |
2100 |
-@@ -130,11 +130,17 @@ |
2101 |
- { |
2102 |
- ASN1_TLC c; |
2103 |
- ASN1_VALUE *ptmpval = NULL; |
2104 |
-- if (!pval) |
2105 |
-- pval = &ptmpval; |
2106 |
- asn1_tlc_clear_nc(&c); |
2107 |
-- if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) |
2108 |
-- return *pval; |
2109 |
-+ if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE) |
2110 |
-+ ptmpval = *pval; |
2111 |
-+ if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) { |
2112 |
-+ if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) { |
2113 |
-+ if (*pval) |
2114 |
-+ ASN1_item_free(*pval, it); |
2115 |
-+ *pval = ptmpval; |
2116 |
-+ } |
2117 |
-+ return ptmpval; |
2118 |
-+ } |
2119 |
- return NULL; |
2120 |
- } |
2121 |
- |
2122 |
-@@ -311,9 +317,16 @@ |
2123 |
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) |
2124 |
- goto auxerr; |
2125 |
- |
2126 |
-- /* Allocate structure */ |
2127 |
-- if (!*pval && !ASN1_item_ex_new(pval, it)) |
2128 |
-- { |
2129 |
-+ if (*pval) { |
2130 |
-+ /* Free up and zero CHOICE value if initialised */ |
2131 |
-+ i = asn1_get_choice_selector(pval, it); |
2132 |
-+ if ((i >= 0) && (i < it->tcount)) { |
2133 |
-+ tt = it->templates + i; |
2134 |
-+ pchptr = asn1_get_field_ptr(pval, tt); |
2135 |
-+ ASN1_template_free(pchptr, tt); |
2136 |
-+ asn1_set_choice_selector(pval, -1, it); |
2137 |
-+ } |
2138 |
-+ } else if (!ASN1_item_ex_new(pval, it)) { |
2139 |
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, |
2140 |
- ERR_R_NESTED_ASN1_ERROR); |
2141 |
- goto err; |
2142 |
-@@ -407,6 +420,17 @@ |
2143 |
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) |
2144 |
- goto auxerr; |
2145 |
- |
2146 |
-+ /* Free up and zero any ADB found */ |
2147 |
-+ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { |
2148 |
-+ if (tt->flags & ASN1_TFLG_ADB_MASK) { |
2149 |
-+ const ASN1_TEMPLATE *seqtt; |
2150 |
-+ ASN1_VALUE **pseqval; |
2151 |
-+ seqtt = asn1_do_adb(pval, tt, 1); |
2152 |
-+ pseqval = asn1_get_field_ptr(pval, seqtt); |
2153 |
-+ ASN1_template_free(pseqval, seqtt); |
2154 |
-+ } |
2155 |
-+ } |
2156 |
-+ |
2157 |
- /* Get each field entry */ |
2158 |
- for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) |
2159 |
- { |
2160 |
---- openssl-1.0.1l/crypto/pkcs7/pk7_doit.c |
2161 |
-+++ openssl-1.0.1l/crypto/pkcs7/pk7_doit.c |
2162 |
-@@ -272,6 +272,25 @@ |
2163 |
- PKCS7_RECIP_INFO *ri=NULL; |
2164 |
- ASN1_OCTET_STRING *os=NULL; |
2165 |
- |
2166 |
-+ if (p7 == NULL) { |
2167 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER); |
2168 |
-+ return NULL; |
2169 |
-+ } |
2170 |
-+ /* |
2171 |
-+ * The content field in the PKCS7 ContentInfo is optional, but that really |
2172 |
-+ * only applies to inner content (precisely, detached signatures). |
2173 |
-+ * |
2174 |
-+ * When reading content, missing outer content is therefore treated as an |
2175 |
-+ * error. |
2176 |
-+ * |
2177 |
-+ * When creating content, PKCS7_content_new() must be called before |
2178 |
-+ * calling this method, so a NULL p7->d is always an error. |
2179 |
-+ */ |
2180 |
-+ if (p7->d.ptr == NULL) { |
2181 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT); |
2182 |
-+ return NULL; |
2183 |
-+ } |
2184 |
-+ |
2185 |
- i=OBJ_obj2nid(p7->type); |
2186 |
- p7->state=PKCS7_S_HEADER; |
2187 |
- |
2188 |
-@@ -433,6 +452,16 @@ |
2189 |
- unsigned char *ek = NULL, *tkey = NULL; |
2190 |
- int eklen = 0, tkeylen = 0; |
2191 |
- |
2192 |
-+ if (p7 == NULL) { |
2193 |
-+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER); |
2194 |
-+ return NULL; |
2195 |
-+ } |
2196 |
-+ |
2197 |
-+ if (p7->d.ptr == NULL) { |
2198 |
-+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT); |
2199 |
-+ return NULL; |
2200 |
-+ } |
2201 |
-+ |
2202 |
- i=OBJ_obj2nid(p7->type); |
2203 |
- p7->state=PKCS7_S_HEADER; |
2204 |
- |
2205 |
-@@ -752,6 +781,16 @@ |
2206 |
- STACK_OF(PKCS7_SIGNER_INFO) *si_sk=NULL; |
2207 |
- ASN1_OCTET_STRING *os=NULL; |
2208 |
- |
2209 |
-+ if (p7 == NULL) { |
2210 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER); |
2211 |
-+ return 0; |
2212 |
-+ } |
2213 |
-+ |
2214 |
-+ if (p7->d.ptr == NULL) { |
2215 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT); |
2216 |
-+ return 0; |
2217 |
-+ } |
2218 |
-+ |
2219 |
- EVP_MD_CTX_init(&ctx_tmp); |
2220 |
- i=OBJ_obj2nid(p7->type); |
2221 |
- p7->state=PKCS7_S_HEADER; |
2222 |
-@@ -796,6 +835,7 @@ |
2223 |
- /* If detached data then the content is excluded */ |
2224 |
- if(PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) { |
2225 |
- M_ASN1_OCTET_STRING_free(os); |
2226 |
-+ os = NULL; |
2227 |
- p7->d.sign->contents->d.data = NULL; |
2228 |
- } |
2229 |
- break; |
2230 |
-@@ -806,6 +846,7 @@ |
2231 |
- if(PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) |
2232 |
- { |
2233 |
- M_ASN1_OCTET_STRING_free(os); |
2234 |
-+ os = NULL; |
2235 |
- p7->d.digest->contents->d.data = NULL; |
2236 |
- } |
2237 |
- break; |
2238 |
-@@ -878,24 +919,31 @@ |
2239 |
- M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len); |
2240 |
- } |
2241 |
- |
2242 |
-- if (!PKCS7_is_detached(p7) && !(os->flags & ASN1_STRING_FLAG_NDEF)) |
2243 |
-- { |
2244 |
-+ if (!PKCS7_is_detached(p7)) { |
2245 |
-+ /* |
2246 |
-+ * NOTE(emilia): I think we only reach os == NULL here because detached |
2247 |
-+ * digested data support is broken. |
2248 |
-+ */ |
2249 |
-+ if (os == NULL) |
2250 |
-+ goto err; |
2251 |
-+ if (!(os->flags & ASN1_STRING_FLAG_NDEF)) { |
2252 |
- char *cont; |
2253 |
- long contlen; |
2254 |
-- btmp=BIO_find_type(bio,BIO_TYPE_MEM); |
2255 |
-- if (btmp == NULL) |
2256 |
-- { |
2257 |
-- PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MEM_BIO); |
2258 |
-- goto err; |
2259 |
-- } |
2260 |
-+ btmp = BIO_find_type(bio, BIO_TYPE_MEM); |
2261 |
-+ if (btmp == NULL) { |
2262 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO); |
2263 |
-+ goto err; |
2264 |
-+ } |
2265 |
- contlen = BIO_get_mem_data(btmp, &cont); |
2266 |
-- /* Mark the BIO read only then we can use its copy of the data |
2267 |
-+ /* |
2268 |
-+ * Mark the BIO read only then we can use its copy of the data |
2269 |
- * instead of making an extra copy. |
2270 |
- */ |
2271 |
- BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); |
2272 |
- BIO_set_mem_eof_return(btmp, 0); |
2273 |
- ASN1_STRING_set0(os, (unsigned char *)cont, contlen); |
2274 |
-- } |
2275 |
-+ } |
2276 |
-+ } |
2277 |
- ret=1; |
2278 |
- err: |
2279 |
- EVP_MD_CTX_cleanup(&ctx_tmp); |
2280 |
-@@ -971,6 +1019,16 @@ |
2281 |
- STACK_OF(X509) *cert; |
2282 |
- X509 *x509; |
2283 |
- |
2284 |
-+ if (p7 == NULL) { |
2285 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER); |
2286 |
-+ return 0; |
2287 |
-+ } |
2288 |
-+ |
2289 |
-+ if (p7->d.ptr == NULL) { |
2290 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT); |
2291 |
-+ return 0; |
2292 |
-+ } |
2293 |
-+ |
2294 |
- if (PKCS7_type_is_signed(p7)) |
2295 |
- { |
2296 |
- cert=p7->d.sign->cert; |
2297 |
---- openssl-1.0.1l/crypto/pkcs7/pk7_lib.c |
2298 |
-+++ openssl-1.0.1l/crypto/pkcs7/pk7_lib.c |
2299 |
-@@ -71,6 +71,7 @@ |
2300 |
- |
2301 |
- switch (cmd) |
2302 |
- { |
2303 |
-+ /* NOTE(emilia): does not support detached digested data. */ |
2304 |
- case PKCS7_OP_SET_DETACHED_SIGNATURE: |
2305 |
- if (nid == NID_pkcs7_signed) |
2306 |
- { |
2307 |
-@@ -459,6 +460,8 @@ |
2308 |
- |
2309 |
- STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) |
2310 |
- { |
2311 |
-+ if (p7 == NULL || p7->d.ptr == NULL) |
2312 |
-+ return NULL; |
2313 |
- if (PKCS7_type_is_signed(p7)) |
2314 |
- { |
2315 |
- return(p7->d.sign->signer_info); |
2316 |
---- openssl-1.0.1l/doc/crypto/d2i_X509.pod |
2317 |
-+++ openssl-1.0.1l/doc/crypto/d2i_X509.pod |
2318 |
-@@ -199,6 +199,12 @@ |
2319 |
- persist if they are not present in the new one. As a result the use |
2320 |
- of this "reuse" behaviour is strongly discouraged. |
2321 |
- |
2322 |
-+Current versions of OpenSSL will not modify B<*px> if an error occurs. |
2323 |
-+If parsing succeeds then B<*px> is freed (if it is not NULL) and then |
2324 |
-+set to the value of the newly decoded structure. As a result B<*px> |
2325 |
-+B<must not> be allocated on the stack or an attempt will be made to |
2326 |
-+free an invalid pointer. |
2327 |
-+ |
2328 |
- i2d_X509() will not return an error in many versions of OpenSSL, |
2329 |
- if mandatory fields are not initialized due to a programming error |
2330 |
- then the encoded structure may contain invalid data or omit the |
2331 |
-@@ -210,7 +216,9 @@ |
2332 |
- |
2333 |
- d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure |
2334 |
- or B<NULL> if an error occurs. The error code that can be obtained by |
2335 |
--L<ERR_get_error(3)|ERR_get_error(3)>. |
2336 |
-+L<ERR_get_error(3)|ERR_get_error(3)>. If the "reuse" capability has been used |
2337 |
-+with a valid X509 structure being passed in via B<px> then the object is not |
2338 |
-+modified in the event of error. |
2339 |
- |
2340 |
- i2d_X509() returns the number of bytes successfully encoded or a negative |
2341 |
- value if an error occurs. The error code can be obtained by |
2342 |
---- openssl-1.0.1l/ssl/s2_lib.c |
2343 |
-+++ openssl-1.0.1l/ssl/s2_lib.c |
2344 |
-@@ -488,7 +488,7 @@ |
2345 |
- |
2346 |
- OPENSSL_assert(s->session->master_key_length >= 0 |
2347 |
- && s->session->master_key_length |
2348 |
-- < (int)sizeof(s->session->master_key)); |
2349 |
-+ <= (int)sizeof(s->session->master_key)); |
2350 |
- EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); |
2351 |
- EVP_DigestUpdate(&ctx,&c,1); |
2352 |
- c++; |
2353 |
---- openssl-1.0.1l/ssl/s2_srvr.c |
2354 |
-+++ openssl-1.0.1l/ssl/s2_srvr.c |
2355 |
-@@ -454,10 +454,6 @@ |
2356 |
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY); |
2357 |
- return(-1); |
2358 |
- } |
2359 |
-- i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc, |
2360 |
-- &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]), |
2361 |
-- (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING); |
2362 |
-- |
2363 |
- is_export=SSL_C_IS_EXPORT(s->session->cipher); |
2364 |
- |
2365 |
- if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL)) |
2366 |
-@@ -475,21 +471,59 @@ |
2367 |
- else |
2368 |
- ek=5; |
2369 |
- |
2370 |
-+ /* |
2371 |
-+ * The format of the CLIENT-MASTER-KEY message is |
2372 |
-+ * 1 byte message type |
2373 |
-+ * 3 bytes cipher |
2374 |
-+ * 2-byte clear key length (stored in s->s2->tmp.clear) |
2375 |
-+ * 2-byte encrypted key length (stored in s->s2->tmp.enc) |
2376 |
-+ * 2-byte key args length (IV etc) |
2377 |
-+ * clear key |
2378 |
-+ * encrypted key |
2379 |
-+ * key args |
2380 |
-+ * |
2381 |
-+ * If the cipher is an export cipher, then the encrypted key bytes |
2382 |
-+ * are a fixed portion of the total key (5 or 8 bytes). The size of |
2383 |
-+ * this portion is in |ek|. If the cipher is not an export cipher, |
2384 |
-+ * then the entire key material is encrypted (i.e., clear key length |
2385 |
-+ * must be zero). |
2386 |
-+ */ |
2387 |
-+ if ((!is_export && s->s2->tmp.clear != 0) || |
2388 |
-+ (is_export && s->s2->tmp.clear + ek != EVP_CIPHER_key_length(c))) { |
2389 |
-+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); |
2390 |
-+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH); |
2391 |
-+ return -1; |
2392 |
-+ } |
2393 |
-+ /* |
2394 |
-+ * The encrypted blob must decrypt to the encrypted portion of the key. |
2395 |
-+ * Decryption can't be expanding, so if we don't have enough encrypted |
2396 |
-+ * bytes to fit the key in the buffer, stop now. |
2397 |
-+ */ |
2398 |
-+ if ((is_export && s->s2->tmp.enc < ek) || |
2399 |
-+ (!is_export && s->s2->tmp.enc < EVP_CIPHER_key_length(c))) { |
2400 |
-+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); |
2401 |
-+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT); |
2402 |
-+ return -1; |
2403 |
-+ } |
2404 |
-+ |
2405 |
-+ i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc, |
2406 |
-+ &(p[s->s2->tmp.clear]), |
2407 |
-+ &(p[s->s2->tmp.clear]), |
2408 |
-+ (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : |
2409 |
-+ RSA_PKCS1_PADDING); |
2410 |
-+ |
2411 |
- /* bad decrypt */ |
2412 |
- #if 1 |
2413 |
- /* If a bad decrypt, continue with protocol but with a |
2414 |
- * random master secret (Bleichenbacher attack) */ |
2415 |
-- if ((i < 0) || |
2416 |
-- ((!is_export && (i != EVP_CIPHER_key_length(c))) |
2417 |
-- || (is_export && ((i != ek) || (s->s2->tmp.clear+(unsigned int)i != |
2418 |
-- (unsigned int)EVP_CIPHER_key_length(c)))))) |
2419 |
-- { |
2420 |
-+ if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c)) |
2421 |
-+ || (is_export && i != ek))) { |
2422 |
- ERR_clear_error(); |
2423 |
- if (is_export) |
2424 |
- i=ek; |
2425 |
- else |
2426 |
- i=EVP_CIPHER_key_length(c); |
2427 |
-- if (RAND_pseudo_bytes(p,i) <= 0) |
2428 |
-+ if (RAND_pseudo_bytes(&p[s->s2->tmp.clear], i) <= 0) |
2429 |
- return 0; |
2430 |
- } |
2431 |
- #else |
2432 |
-@@ -513,7 +547,8 @@ |
2433 |
- } |
2434 |
- #endif |
2435 |
- |
2436 |
-- if (is_export) i+=s->s2->tmp.clear; |
2437 |
-+ if (is_export) |
2438 |
-+ i = EVP_CIPHER_key_length(c); |
2439 |
- |
2440 |
- if (i > SSL_MAX_MASTER_KEY_LENGTH) |
2441 |
- { |
2442 |
|
2443 |
diff --git a/dev-libs/openssl/files/openssl-1.0.1m-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.1m-parallel-build.patch |
2444 |
deleted file mode 100644 |
2445 |
index db92b79..0000000 |
2446 |
--- a/dev-libs/openssl/files/openssl-1.0.1m-parallel-build.patch |
2447 |
+++ /dev/null |
2448 |
@@ -1,364 +0,0 @@ |
2449 |
-http://rt.openssl.org/Ticket/Display.html?id=2084 |
2450 |
- |
2451 |
---- openssl-1.0.1m/crypto/Makefile |
2452 |
-+++ openssl-1.0.1m/crypto/Makefile |
2453 |
-@@ -85,11 +85,11 @@ |
2454 |
- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi |
2455 |
- |
2456 |
- subdirs: |
2457 |
-- @target=all; $(RECURSIVE_MAKE) |
2458 |
-+ +@target=all; $(RECURSIVE_MAKE) |
2459 |
- |
2460 |
- files: |
2461 |
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
2462 |
-- @target=files; $(RECURSIVE_MAKE) |
2463 |
-+ +@target=files; $(RECURSIVE_MAKE) |
2464 |
- |
2465 |
- links: |
2466 |
- @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) |
2467 |
-@@ -100,7 +100,7 @@ |
2468 |
- # lib: $(LIB): are splitted to avoid end-less loop |
2469 |
- lib: $(LIB) |
2470 |
- @touch lib |
2471 |
--$(LIB): $(LIBOBJ) |
2472 |
-+$(LIB): $(LIBOBJ) | subdirs |
2473 |
- $(AR) $(LIB) $(LIBOBJ) |
2474 |
- [ -z "$(FIPSLIBDIR)" ] || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o |
2475 |
- $(RANLIB) $(LIB) || echo Never mind. |
2476 |
-@@ -111,7 +111,7 @@ |
2477 |
- fi |
2478 |
- |
2479 |
- libs: |
2480 |
-- @target=lib; $(RECURSIVE_MAKE) |
2481 |
-+ +@target=lib; $(RECURSIVE_MAKE) |
2482 |
- |
2483 |
- install: |
2484 |
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... |
2485 |
-@@ -120,7 +120,7 @@ |
2486 |
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ |
2487 |
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ |
2488 |
- done; |
2489 |
-- @target=install; $(RECURSIVE_MAKE) |
2490 |
-+ +@target=install; $(RECURSIVE_MAKE) |
2491 |
- |
2492 |
- lint: |
2493 |
- @target=lint; $(RECURSIVE_MAKE) |
2494 |
---- openssl-1.0.1m/crypto/objects/Makefile |
2495 |
-+++ openssl-1.0.1m/crypto/objects/Makefile |
2496 |
-@@ -44,11 +44,11 @@ |
2497 |
- # objects.pl both reads and writes obj_mac.num |
2498 |
- obj_mac.h: objects.pl objects.txt obj_mac.num |
2499 |
- $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h |
2500 |
-- @sleep 1; touch obj_mac.h; sleep 1 |
2501 |
- |
2502 |
--obj_xref.h: objxref.pl obj_xref.txt obj_mac.num |
2503 |
-+# This doesn't really need obj_mac.h, but since that rule reads & writes |
2504 |
-+# obj_mac.num, we can't run in parallel with it. |
2505 |
-+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h |
2506 |
- $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h |
2507 |
-- @sleep 1; touch obj_xref.h; sleep 1 |
2508 |
- |
2509 |
- files: |
2510 |
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
2511 |
---- openssl-1.0.1m/engines/Makefile |
2512 |
-+++ openssl-1.0.1m/engines/Makefile |
2513 |
-@@ -72,7 +72,7 @@ |
2514 |
- |
2515 |
- all: lib subdirs |
2516 |
- |
2517 |
--lib: $(LIBOBJ) |
2518 |
-+lib: $(LIBOBJ) | subdirs |
2519 |
- @if [ -n "$(SHARED_LIBS)" ]; then \ |
2520 |
- set -e; \ |
2521 |
- for l in $(LIBNAMES); do \ |
2522 |
-@@ -89,7 +89,7 @@ |
2523 |
- |
2524 |
- subdirs: |
2525 |
- echo $(EDIRS) |
2526 |
-- @target=all; $(RECURSIVE_MAKE) |
2527 |
-+ +@target=all; $(RECURSIVE_MAKE) |
2528 |
- |
2529 |
- files: |
2530 |
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
2531 |
-@@ -128,7 +128,7 @@ |
2532 |
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ |
2533 |
- done; \ |
2534 |
- fi |
2535 |
-- @target=install; $(RECURSIVE_MAKE) |
2536 |
-+ +@target=install; $(RECURSIVE_MAKE) |
2537 |
- |
2538 |
- tags: |
2539 |
- ctags $(SRC) |
2540 |
---- openssl-1.0.1m/Makefile.org |
2541 |
-+++ openssl-1.0.1m/Makefile.org |
2542 |
-@@ -273,17 +273,17 @@ |
2543 |
- build_libs: build_crypto build_ssl build_engines |
2544 |
- |
2545 |
- build_crypto: |
2546 |
-- @dir=crypto; target=all; $(BUILD_ONE_CMD) |
2547 |
--build_ssl: |
2548 |
-- @dir=ssl; target=all; $(BUILD_ONE_CMD) |
2549 |
--build_engines: |
2550 |
-- @dir=engines; target=all; $(BUILD_ONE_CMD) |
2551 |
--build_apps: |
2552 |
-- @dir=apps; target=all; $(BUILD_ONE_CMD) |
2553 |
--build_tests: |
2554 |
-- @dir=test; target=all; $(BUILD_ONE_CMD) |
2555 |
--build_tools: |
2556 |
-- @dir=tools; target=all; $(BUILD_ONE_CMD) |
2557 |
-+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) |
2558 |
-+build_ssl: build_crypto |
2559 |
-+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) |
2560 |
-+build_engines: build_crypto |
2561 |
-+ +@dir=engines; target=all; $(BUILD_ONE_CMD) |
2562 |
-+build_apps: build_libs |
2563 |
-+ +@dir=apps; target=all; $(BUILD_ONE_CMD) |
2564 |
-+build_tests: build_libs |
2565 |
-+ +@dir=test; target=all; $(BUILD_ONE_CMD) |
2566 |
-+build_tools: build_libs |
2567 |
-+ +@dir=tools; target=all; $(BUILD_ONE_CMD) |
2568 |
- |
2569 |
- all_testapps: build_libs build_testapps |
2570 |
- build_testapps: |
2571 |
-@@ -538,9 +538,9 @@ |
2572 |
- dist_pem_h: |
2573 |
- (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) |
2574 |
- |
2575 |
--install: all install_docs install_sw |
2576 |
-+install: install_docs install_sw |
2577 |
- |
2578 |
--install_sw: |
2579 |
-+install_dirs: |
2580 |
- @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ |
2581 |
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ |
2582 |
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ |
2583 |
-@@ -549,12 +549,19 @@ |
2584 |
- $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ |
2585 |
- $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ |
2586 |
- $(INSTALL_PREFIX)$(OPENSSLDIR)/private |
2587 |
-+ @$(PERL) $(TOP)/util/mkdir-p.pl \ |
2588 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man1 \ |
2589 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man3 \ |
2590 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man5 \ |
2591 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man7 |
2592 |
-+ |
2593 |
-+install_sw: install_dirs |
2594 |
- @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ |
2595 |
- do \ |
2596 |
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ |
2597 |
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ |
2598 |
- done; |
2599 |
-- @set -e; target=install; $(RECURSIVE_BUILD_CMD) |
2600 |
-+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) |
2601 |
- @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ |
2602 |
- do \ |
2603 |
- if [ -f "$$i" ]; then \ |
2604 |
-@@ -634,12 +641,7 @@ |
2605 |
- done; \ |
2606 |
- done |
2607 |
- |
2608 |
--install_docs: |
2609 |
-- @$(PERL) $(TOP)/util/mkdir-p.pl \ |
2610 |
-- $(INSTALL_PREFIX)$(MANDIR)/man1 \ |
2611 |
-- $(INSTALL_PREFIX)$(MANDIR)/man3 \ |
2612 |
-- $(INSTALL_PREFIX)$(MANDIR)/man5 \ |
2613 |
-- $(INSTALL_PREFIX)$(MANDIR)/man7 |
2614 |
-+install_docs: install_dirs |
2615 |
- @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ |
2616 |
- here="`pwd`"; \ |
2617 |
- filecase=; \ |
2618 |
---- openssl-1.0.1m/Makefile.shared |
2619 |
-+++ openssl-1.0.1m/Makefile.shared |
2620 |
-@@ -105,6 +105,7 @@ |
2621 |
- SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ |
2622 |
- LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ |
2623 |
- LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ |
2624 |
-+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ |
2625 |
- LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ |
2626 |
- $${SHAREDCMD} $${SHAREDFLAGS} \ |
2627 |
- -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ |
2628 |
-@@ -122,6 +123,7 @@ |
2629 |
- done; \ |
2630 |
- fi; \ |
2631 |
- if [ -n "$$SHLIB_SOVER" ]; then \ |
2632 |
-+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ |
2633 |
- ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ |
2634 |
- ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ |
2635 |
- fi; \ |
2636 |
---- openssl-1.0.1m/test/Makefile |
2637 |
-+++ openssl-1.0.1m/test/Makefile |
2638 |
-@@ -130,7 +130,7 @@ |
2639 |
- tags: |
2640 |
- ctags $(SRC) |
2641 |
- |
2642 |
--tests: exe apps $(TESTS) |
2643 |
-+tests: exe $(TESTS) |
2644 |
- |
2645 |
- apps: |
2646 |
- @(cd ..; $(MAKE) DIRS=apps all) |
2647 |
-@@ -388,118 +388,118 @@ |
2648 |
- link_app.$${shlib_target} |
2649 |
- |
2650 |
- $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) |
2651 |
-- @target=$(RSATEST); $(BUILD_CMD) |
2652 |
-+ +@target=$(RSATEST); $(BUILD_CMD) |
2653 |
- |
2654 |
- $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) |
2655 |
-- @target=$(BNTEST); $(BUILD_CMD) |
2656 |
-+ +@target=$(BNTEST); $(BUILD_CMD) |
2657 |
- |
2658 |
- $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) |
2659 |
-- @target=$(ECTEST); $(BUILD_CMD) |
2660 |
-+ +@target=$(ECTEST); $(BUILD_CMD) |
2661 |
- |
2662 |
- $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) |
2663 |
-- @target=$(EXPTEST); $(BUILD_CMD) |
2664 |
-+ +@target=$(EXPTEST); $(BUILD_CMD) |
2665 |
- |
2666 |
- $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) |
2667 |
-- @target=$(IDEATEST); $(BUILD_CMD) |
2668 |
-+ +@target=$(IDEATEST); $(BUILD_CMD) |
2669 |
- |
2670 |
- $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) |
2671 |
-- @target=$(MD2TEST); $(BUILD_CMD) |
2672 |
-+ +@target=$(MD2TEST); $(BUILD_CMD) |
2673 |
- |
2674 |
- $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) |
2675 |
-- @target=$(SHATEST); $(BUILD_CMD) |
2676 |
-+ +@target=$(SHATEST); $(BUILD_CMD) |
2677 |
- |
2678 |
- $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) |
2679 |
-- @target=$(SHA1TEST); $(BUILD_CMD) |
2680 |
-+ +@target=$(SHA1TEST); $(BUILD_CMD) |
2681 |
- |
2682 |
- $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) |
2683 |
-- @target=$(SHA256TEST); $(BUILD_CMD) |
2684 |
-+ +@target=$(SHA256TEST); $(BUILD_CMD) |
2685 |
- |
2686 |
- $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) |
2687 |
-- @target=$(SHA512TEST); $(BUILD_CMD) |
2688 |
-+ +@target=$(SHA512TEST); $(BUILD_CMD) |
2689 |
- |
2690 |
- $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) |
2691 |
-- @target=$(RMDTEST); $(BUILD_CMD) |
2692 |
-+ +@target=$(RMDTEST); $(BUILD_CMD) |
2693 |
- |
2694 |
- $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) |
2695 |
-- @target=$(MDC2TEST); $(BUILD_CMD) |
2696 |
-+ +@target=$(MDC2TEST); $(BUILD_CMD) |
2697 |
- |
2698 |
- $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) |
2699 |
-- @target=$(MD4TEST); $(BUILD_CMD) |
2700 |
-+ +@target=$(MD4TEST); $(BUILD_CMD) |
2701 |
- |
2702 |
- $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) |
2703 |
-- @target=$(MD5TEST); $(BUILD_CMD) |
2704 |
-+ +@target=$(MD5TEST); $(BUILD_CMD) |
2705 |
- |
2706 |
- $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) |
2707 |
-- @target=$(HMACTEST); $(BUILD_CMD) |
2708 |
-+ +@target=$(HMACTEST); $(BUILD_CMD) |
2709 |
- |
2710 |
- $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) |
2711 |
-- @target=$(WPTEST); $(BUILD_CMD) |
2712 |
-+ +@target=$(WPTEST); $(BUILD_CMD) |
2713 |
- |
2714 |
- $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) |
2715 |
-- @target=$(RC2TEST); $(BUILD_CMD) |
2716 |
-+ +@target=$(RC2TEST); $(BUILD_CMD) |
2717 |
- |
2718 |
- $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) |
2719 |
-- @target=$(BFTEST); $(BUILD_CMD) |
2720 |
-+ +@target=$(BFTEST); $(BUILD_CMD) |
2721 |
- |
2722 |
- $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) |
2723 |
-- @target=$(CASTTEST); $(BUILD_CMD) |
2724 |
-+ +@target=$(CASTTEST); $(BUILD_CMD) |
2725 |
- |
2726 |
- $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) |
2727 |
-- @target=$(RC4TEST); $(BUILD_CMD) |
2728 |
-+ +@target=$(RC4TEST); $(BUILD_CMD) |
2729 |
- |
2730 |
- $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) |
2731 |
-- @target=$(RC5TEST); $(BUILD_CMD) |
2732 |
-+ +@target=$(RC5TEST); $(BUILD_CMD) |
2733 |
- |
2734 |
- $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) |
2735 |
-- @target=$(DESTEST); $(BUILD_CMD) |
2736 |
-+ +@target=$(DESTEST); $(BUILD_CMD) |
2737 |
- |
2738 |
- $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) |
2739 |
-- @target=$(RANDTEST); $(BUILD_CMD) |
2740 |
-+ +@target=$(RANDTEST); $(BUILD_CMD) |
2741 |
- |
2742 |
- $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) |
2743 |
-- @target=$(DHTEST); $(BUILD_CMD) |
2744 |
-+ +@target=$(DHTEST); $(BUILD_CMD) |
2745 |
- |
2746 |
- $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) |
2747 |
-- @target=$(DSATEST); $(BUILD_CMD) |
2748 |
-+ +@target=$(DSATEST); $(BUILD_CMD) |
2749 |
- |
2750 |
- $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) |
2751 |
-- @target=$(METHTEST); $(BUILD_CMD) |
2752 |
-+ +@target=$(METHTEST); $(BUILD_CMD) |
2753 |
- |
2754 |
- $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) |
2755 |
-- @target=$(SSLTEST); $(FIPS_BUILD_CMD) |
2756 |
-+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) |
2757 |
- |
2758 |
- $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) |
2759 |
-- @target=$(ENGINETEST); $(BUILD_CMD) |
2760 |
-+ +@target=$(ENGINETEST); $(BUILD_CMD) |
2761 |
- |
2762 |
- $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) |
2763 |
-- @target=$(EVPTEST); $(BUILD_CMD) |
2764 |
-+ +@target=$(EVPTEST); $(BUILD_CMD) |
2765 |
- |
2766 |
- $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO) |
2767 |
-- @target=$(EVPEXTRATEST); $(BUILD_CMD) |
2768 |
-+ +@target=$(EVPEXTRATEST); $(BUILD_CMD) |
2769 |
- |
2770 |
- $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) |
2771 |
-- @target=$(ECDSATEST); $(BUILD_CMD) |
2772 |
-+ +@target=$(ECDSATEST); $(BUILD_CMD) |
2773 |
- |
2774 |
- $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) |
2775 |
-- @target=$(ECDHTEST); $(BUILD_CMD) |
2776 |
-+ +@target=$(ECDHTEST); $(BUILD_CMD) |
2777 |
- |
2778 |
- $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) |
2779 |
-- @target=$(IGETEST); $(BUILD_CMD) |
2780 |
-+ +@target=$(IGETEST); $(BUILD_CMD) |
2781 |
- |
2782 |
- $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) |
2783 |
-- @target=$(JPAKETEST); $(BUILD_CMD) |
2784 |
-+ +@target=$(JPAKETEST); $(BUILD_CMD) |
2785 |
- |
2786 |
- $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) |
2787 |
-- @target=$(ASN1TEST); $(BUILD_CMD) |
2788 |
-+ +@target=$(ASN1TEST); $(BUILD_CMD) |
2789 |
- |
2790 |
- $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) |
2791 |
-- @target=$(SRPTEST); $(BUILD_CMD) |
2792 |
-+ +@target=$(SRPTEST); $(BUILD_CMD) |
2793 |
- |
2794 |
- $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO) |
2795 |
-- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) |
2796 |
-+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) |
2797 |
- |
2798 |
- $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o |
2799 |
-- @target=$(CONSTTIMETEST) $(BUILD_CMD) |
2800 |
-+ +@target=$(CONSTTIMETEST) $(BUILD_CMD) |
2801 |
- |
2802 |
- #$(AESTEST).o: $(AESTEST).c |
2803 |
- # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c |
2804 |
-@@ -512,7 +512,7 @@ |
2805 |
- # fi |
2806 |
- |
2807 |
- dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) |
2808 |
-- @target=dummytest; $(BUILD_CMD) |
2809 |
-+ +@target=dummytest; $(BUILD_CMD) |
2810 |
- |
2811 |
- # DO NOT DELETE THIS LINE -- make depend depends on it. |
2812 |
- |
2813 |
|
2814 |
diff --git a/dev-libs/openssl/files/openssl-1.0.1m-s_client-verify.patch b/dev-libs/openssl/files/openssl-1.0.1m-s_client-verify.patch |
2815 |
deleted file mode 100644 |
2816 |
index 8aa29e4..0000000 |
2817 |
--- a/dev-libs/openssl/files/openssl-1.0.1m-s_client-verify.patch |
2818 |
+++ /dev/null |
2819 |
@@ -1,21 +0,0 @@ |
2820 |
-https://bugs.gentoo.org/472584 |
2821 |
-http://rt.openssl.org/Ticket/Display.html?id=2387&user=guest&pass=guest |
2822 |
- |
2823 |
-fix verification handling in s_client. when loading paths, make sure |
2824 |
-we properly fallback to setting the default paths. |
2825 |
- |
2826 |
-Forward-ported from openssl-1.0.1e-s_client-verify.patch |
2827 |
- |
2828 |
-Signed-off-by: Lars Wendler <polynomial-c@g.o> |
2829 |
- |
2830 |
---- openssl-1.0.1m/apps/s_client.c |
2831 |
-+++ openssl-1.0.1m/apps/s_client.c |
2832 |
-@@ -1177,7 +1177,7 @@ int MAIN(int argc, char **argv) |
2833 |
- if (!set_cert_key_stuff(ctx, cert, key)) |
2834 |
- goto end; |
2835 |
- |
2836 |
-- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) || |
2837 |
-+ if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) && |
2838 |
- (!SSL_CTX_set_default_verify_paths(ctx))) { |
2839 |
- /* |
2840 |
- * BIO_printf(bio_err,"error setting default verify locations\n"); |
2841 |
|
2842 |
diff --git a/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0209.patch b/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0209.patch |
2843 |
deleted file mode 100644 |
2844 |
index 6d396b4..0000000 |
2845 |
--- a/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0209.patch |
2846 |
+++ /dev/null |
2847 |
@@ -1,49 +0,0 @@ |
2848 |
-https://bugs.gentoo.org/541502 |
2849 |
- |
2850 |
-From 1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a Mon Sep 17 00:00:00 2001 |
2851 |
-From: Matt Caswell <matt@×××××××.org> |
2852 |
-Date: Mon, 9 Feb 2015 11:38:41 +0000 |
2853 |
-Subject: [PATCH] Fix a failure to NULL a pointer freed on error. |
2854 |
-MIME-Version: 1.0 |
2855 |
-Content-Type: text/plain; charset=UTF-8 |
2856 |
-Content-Transfer-Encoding: 8bit |
2857 |
- |
2858 |
-Inspired by BoringSSL commit 517073cd4b by Eric Roman <eroman@××××××××.org> |
2859 |
- |
2860 |
-CVE-2015-0209 |
2861 |
- |
2862 |
-Reviewed-by: Emilia Käsper <emilia@×××××××.org> |
2863 |
---- |
2864 |
- crypto/ec/ec_asn1.c | 6 +++--- |
2865 |
- 1 file changed, 3 insertions(+), 3 deletions(-) |
2866 |
- |
2867 |
-diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c |
2868 |
-index 30b7df4..d3e8316 100644 |
2869 |
---- a/crypto/ec/ec_asn1.c |
2870 |
-+++ b/crypto/ec/ec_asn1.c |
2871 |
-@@ -1014,8 +1014,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) |
2872 |
- ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE); |
2873 |
- goto err; |
2874 |
- } |
2875 |
-- if (a) |
2876 |
-- *a = ret; |
2877 |
- } else |
2878 |
- ret = *a; |
2879 |
- |
2880 |
-@@ -1067,10 +1065,12 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) |
2881 |
- } |
2882 |
- } |
2883 |
- |
2884 |
-+ if (a) |
2885 |
-+ *a = ret; |
2886 |
- ok = 1; |
2887 |
- err: |
2888 |
- if (!ok) { |
2889 |
-- if (ret) |
2890 |
-+ if (ret && (a == NULL || *a != ret)) |
2891 |
- EC_KEY_free(ret); |
2892 |
- ret = NULL; |
2893 |
- } |
2894 |
--- |
2895 |
-2.3.1 |
2896 |
- |
2897 |
|
2898 |
diff --git a/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch b/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch |
2899 |
deleted file mode 100644 |
2900 |
index a6a10b0..0000000 |
2901 |
--- a/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch |
2902 |
+++ /dev/null |
2903 |
@@ -1,31 +0,0 @@ |
2904 |
-https://bugs.gentoo.org/542038 |
2905 |
- |
2906 |
-From 28a00bcd8e318da18031b2ac8778c64147cd54f9 Mon Sep 17 00:00:00 2001 |
2907 |
-From: "Dr. Stephen Henson" <steve@×××××××.org> |
2908 |
-Date: Wed, 18 Feb 2015 00:34:59 +0000 |
2909 |
-Subject: [PATCH] Check public key is not NULL. |
2910 |
- |
2911 |
-CVE-2015-0288 |
2912 |
-PR#3708 |
2913 |
- |
2914 |
-Reviewed-by: Matt Caswell <matt@×××××××.org> |
2915 |
---- |
2916 |
- crypto/x509/x509_req.c | 2 ++ |
2917 |
- 1 file changed, 2 insertions(+) |
2918 |
- |
2919 |
-diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c |
2920 |
-index bc6e566..01795f4 100644 |
2921 |
---- a/crypto/x509/x509_req.c |
2922 |
-+++ b/crypto/x509/x509_req.c |
2923 |
-@@ -92,6 +92,8 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) |
2924 |
- goto err; |
2925 |
- |
2926 |
- pktmp = X509_get_pubkey(x); |
2927 |
-+ if (pktmp == NULL) |
2928 |
-+ goto err; |
2929 |
- i = X509_REQ_set_pubkey(ret, pktmp); |
2930 |
- EVP_PKEY_free(pktmp); |
2931 |
- if (!i) |
2932 |
--- |
2933 |
-2.3.1 |
2934 |
- |
2935 |
|
2936 |
diff --git a/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0291.patch b/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0291.patch |
2937 |
deleted file mode 100644 |
2938 |
index 852d06e..0000000 |
2939 |
--- a/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0291.patch |
2940 |
+++ /dev/null |
2941 |
@@ -1,459 +0,0 @@ |
2942 |
---- openssl-1.0.2/crypto/asn1/a_type.c |
2943 |
-+++ openssl-1.0.2/crypto/asn1/a_type.c |
2944 |
-@@ -119,6 +119,9 @@ |
2945 |
- case V_ASN1_OBJECT: |
2946 |
- result = OBJ_cmp(a->value.object, b->value.object); |
2947 |
- break; |
2948 |
-+ case V_ASN1_BOOLEAN: |
2949 |
-+ result = a->value.boolean - b->value.boolean; |
2950 |
-+ break; |
2951 |
- case V_ASN1_NULL: |
2952 |
- result = 0; /* They do not have content. */ |
2953 |
- break; |
2954 |
---- openssl-1.0.2/crypto/asn1/tasn_dec.c |
2955 |
-+++ openssl-1.0.2/crypto/asn1/tasn_dec.c |
2956 |
-@@ -140,11 +140,17 @@ |
2957 |
- { |
2958 |
- ASN1_TLC c; |
2959 |
- ASN1_VALUE *ptmpval = NULL; |
2960 |
-- if (!pval) |
2961 |
-- pval = &ptmpval; |
2962 |
- asn1_tlc_clear_nc(&c); |
2963 |
-- if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) |
2964 |
-- return *pval; |
2965 |
-+ if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE) |
2966 |
-+ ptmpval = *pval; |
2967 |
-+ if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) { |
2968 |
-+ if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) { |
2969 |
-+ if (*pval) |
2970 |
-+ ASN1_item_free(*pval, it); |
2971 |
-+ *pval = ptmpval; |
2972 |
-+ } |
2973 |
-+ return ptmpval; |
2974 |
-+ } |
2975 |
- return NULL; |
2976 |
- } |
2977 |
- |
2978 |
-@@ -304,9 +310,16 @@ |
2979 |
- case ASN1_ITYPE_CHOICE: |
2980 |
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) |
2981 |
- goto auxerr; |
2982 |
-- |
2983 |
-- /* Allocate structure */ |
2984 |
-- if (!*pval && !ASN1_item_ex_new(pval, it)) { |
2985 |
-+ if (*pval) { |
2986 |
-+ /* Free up and zero CHOICE value if initialised */ |
2987 |
-+ i = asn1_get_choice_selector(pval, it); |
2988 |
-+ if ((i >= 0) && (i < it->tcount)) { |
2989 |
-+ tt = it->templates + i; |
2990 |
-+ pchptr = asn1_get_field_ptr(pval, tt); |
2991 |
-+ ASN1_template_free(pchptr, tt); |
2992 |
-+ asn1_set_choice_selector(pval, -1, it); |
2993 |
-+ } |
2994 |
-+ } else if (!ASN1_item_ex_new(pval, it)) { |
2995 |
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); |
2996 |
- goto err; |
2997 |
- } |
2998 |
-@@ -386,6 +399,17 @@ |
2999 |
- if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) |
3000 |
- goto auxerr; |
3001 |
- |
3002 |
-+ /* Free up and zero any ADB found */ |
3003 |
-+ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { |
3004 |
-+ if (tt->flags & ASN1_TFLG_ADB_MASK) { |
3005 |
-+ const ASN1_TEMPLATE *seqtt; |
3006 |
-+ ASN1_VALUE **pseqval; |
3007 |
-+ seqtt = asn1_do_adb(pval, tt, 1); |
3008 |
-+ pseqval = asn1_get_field_ptr(pval, seqtt); |
3009 |
-+ ASN1_template_free(pseqval, seqtt); |
3010 |
-+ } |
3011 |
-+ } |
3012 |
-+ |
3013 |
- /* Get each field entry */ |
3014 |
- for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { |
3015 |
- const ASN1_TEMPLATE *seqtt; |
3016 |
---- openssl-1.0.2/crypto/pkcs7/pk7_doit.c |
3017 |
-+++ openssl-1.0.2/crypto/pkcs7/pk7_doit.c |
3018 |
-@@ -261,6 +261,25 @@ |
3019 |
- PKCS7_RECIP_INFO *ri = NULL; |
3020 |
- ASN1_OCTET_STRING *os = NULL; |
3021 |
- |
3022 |
-+ if (p7 == NULL) { |
3023 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER); |
3024 |
-+ return NULL; |
3025 |
-+ } |
3026 |
-+ /* |
3027 |
-+ * The content field in the PKCS7 ContentInfo is optional, but that really |
3028 |
-+ * only applies to inner content (precisely, detached signatures). |
3029 |
-+ * |
3030 |
-+ * When reading content, missing outer content is therefore treated as an |
3031 |
-+ * error. |
3032 |
-+ * |
3033 |
-+ * When creating content, PKCS7_content_new() must be called before |
3034 |
-+ * calling this method, so a NULL p7->d is always an error. |
3035 |
-+ */ |
3036 |
-+ if (p7->d.ptr == NULL) { |
3037 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT); |
3038 |
-+ return NULL; |
3039 |
-+ } |
3040 |
-+ |
3041 |
- i = OBJ_obj2nid(p7->type); |
3042 |
- p7->state = PKCS7_S_HEADER; |
3043 |
- |
3044 |
-@@ -411,6 +430,16 @@ |
3045 |
- unsigned char *ek = NULL, *tkey = NULL; |
3046 |
- int eklen = 0, tkeylen = 0; |
3047 |
- |
3048 |
-+ if (p7 == NULL) { |
3049 |
-+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER); |
3050 |
-+ return NULL; |
3051 |
-+ } |
3052 |
-+ |
3053 |
-+ if (p7->d.ptr == NULL) { |
3054 |
-+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT); |
3055 |
-+ return NULL; |
3056 |
-+ } |
3057 |
-+ |
3058 |
- i = OBJ_obj2nid(p7->type); |
3059 |
- p7->state = PKCS7_S_HEADER; |
3060 |
- |
3061 |
-@@ -707,6 +736,16 @@ |
3062 |
- STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL; |
3063 |
- ASN1_OCTET_STRING *os = NULL; |
3064 |
- |
3065 |
-+ if (p7 == NULL) { |
3066 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER); |
3067 |
-+ return 0; |
3068 |
-+ } |
3069 |
-+ |
3070 |
-+ if (p7->d.ptr == NULL) { |
3071 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT); |
3072 |
-+ return 0; |
3073 |
-+ } |
3074 |
-+ |
3075 |
- EVP_MD_CTX_init(&ctx_tmp); |
3076 |
- i = OBJ_obj2nid(p7->type); |
3077 |
- p7->state = PKCS7_S_HEADER; |
3078 |
-@@ -746,6 +785,7 @@ |
3079 |
- /* If detached data then the content is excluded */ |
3080 |
- if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) { |
3081 |
- M_ASN1_OCTET_STRING_free(os); |
3082 |
-+ os = NULL; |
3083 |
- p7->d.sign->contents->d.data = NULL; |
3084 |
- } |
3085 |
- break; |
3086 |
-@@ -755,6 +795,7 @@ |
3087 |
- /* If detached data then the content is excluded */ |
3088 |
- if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) { |
3089 |
- M_ASN1_OCTET_STRING_free(os); |
3090 |
-+ os = NULL; |
3091 |
- p7->d.digest->contents->d.data = NULL; |
3092 |
- } |
3093 |
- break; |
3094 |
-@@ -820,22 +861,30 @@ |
3095 |
- M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len); |
3096 |
- } |
3097 |
- |
3098 |
-- if (!PKCS7_is_detached(p7) && !(os->flags & ASN1_STRING_FLAG_NDEF)) { |
3099 |
-- char *cont; |
3100 |
-- long contlen; |
3101 |
-- btmp = BIO_find_type(bio, BIO_TYPE_MEM); |
3102 |
-- if (btmp == NULL) { |
3103 |
-- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO); |
3104 |
-- goto err; |
3105 |
-- } |
3106 |
-- contlen = BIO_get_mem_data(btmp, &cont); |
3107 |
-+ if (!PKCS7_is_detached(p7)) { |
3108 |
- /* |
3109 |
-- * Mark the BIO read only then we can use its copy of the data |
3110 |
-- * instead of making an extra copy. |
3111 |
-+ * NOTE(emilia): I think we only reach os == NULL here because detached |
3112 |
-+ * digested data support is broken. |
3113 |
- */ |
3114 |
-- BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); |
3115 |
-- BIO_set_mem_eof_return(btmp, 0); |
3116 |
-- ASN1_STRING_set0(os, (unsigned char *)cont, contlen); |
3117 |
-+ if (os == NULL) |
3118 |
-+ goto err; |
3119 |
-+ if (!(os->flags & ASN1_STRING_FLAG_NDEF)) { |
3120 |
-+ char *cont; |
3121 |
-+ long contlen; |
3122 |
-+ btmp = BIO_find_type(bio, BIO_TYPE_MEM); |
3123 |
-+ if (btmp == NULL) { |
3124 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO); |
3125 |
-+ goto err; |
3126 |
-+ } |
3127 |
-+ contlen = BIO_get_mem_data(btmp, &cont); |
3128 |
-+ /* |
3129 |
-+ * Mark the BIO read only then we can use its copy of the data |
3130 |
-+ * instead of making an extra copy. |
3131 |
-+ */ |
3132 |
-+ BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); |
3133 |
-+ BIO_set_mem_eof_return(btmp, 0); |
3134 |
-+ ASN1_STRING_set0(os, (unsigned char *)cont, contlen); |
3135 |
-+ } |
3136 |
- } |
3137 |
- ret = 1; |
3138 |
- err: |
3139 |
-@@ -910,6 +959,16 @@ |
3140 |
- STACK_OF(X509) *cert; |
3141 |
- X509 *x509; |
3142 |
- |
3143 |
-+ if (p7 == NULL) { |
3144 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER); |
3145 |
-+ return 0; |
3146 |
-+ } |
3147 |
-+ |
3148 |
-+ if (p7->d.ptr == NULL) { |
3149 |
-+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT); |
3150 |
-+ return 0; |
3151 |
-+ } |
3152 |
-+ |
3153 |
- if (PKCS7_type_is_signed(p7)) { |
3154 |
- cert = p7->d.sign->cert; |
3155 |
- } else if (PKCS7_type_is_signedAndEnveloped(p7)) { |
3156 |
---- openssl-1.0.2/crypto/pkcs7/pk7_lib.c |
3157 |
-+++ openssl-1.0.2/crypto/pkcs7/pk7_lib.c |
3158 |
-@@ -70,6 +70,7 @@ |
3159 |
- nid = OBJ_obj2nid(p7->type); |
3160 |
- |
3161 |
- switch (cmd) { |
3162 |
-+ /* NOTE(emilia): does not support detached digested data. */ |
3163 |
- case PKCS7_OP_SET_DETACHED_SIGNATURE: |
3164 |
- if (nid == NID_pkcs7_signed) { |
3165 |
- ret = p7->detached = (int)larg; |
3166 |
-@@ -444,6 +445,8 @@ |
3167 |
- |
3168 |
- STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) |
3169 |
- { |
3170 |
-+ if (p7 == NULL || p7->d.ptr == NULL) |
3171 |
-+ return NULL; |
3172 |
- if (PKCS7_type_is_signed(p7)) { |
3173 |
- return (p7->d.sign->signer_info); |
3174 |
- } else if (PKCS7_type_is_signedAndEnveloped(p7)) { |
3175 |
---- openssl-1.0.2/crypto/rsa/rsa_ameth.c |
3176 |
-+++ openssl-1.0.2/crypto/rsa/rsa_ameth.c |
3177 |
-@@ -698,9 +698,10 @@ |
3178 |
- RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_SIGNATURE_TYPE); |
3179 |
- return -1; |
3180 |
- } |
3181 |
-- if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey)) |
3182 |
-+ if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey) > 0) { |
3183 |
- /* Carry on */ |
3184 |
- return 2; |
3185 |
-+ } |
3186 |
- return -1; |
3187 |
- } |
3188 |
- |
3189 |
---- openssl-1.0.2/doc/crypto/d2i_X509.pod |
3190 |
-+++ openssl-1.0.2/doc/crypto/d2i_X509.pod |
3191 |
-@@ -207,6 +207,12 @@ |
3192 |
- persist if they are not present in the new one. As a result the use |
3193 |
- of this "reuse" behaviour is strongly discouraged. |
3194 |
- |
3195 |
-+Current versions of OpenSSL will not modify B<*px> if an error occurs. |
3196 |
-+If parsing succeeds then B<*px> is freed (if it is not NULL) and then |
3197 |
-+set to the value of the newly decoded structure. As a result B<*px> |
3198 |
-+B<must not> be allocated on the stack or an attempt will be made to |
3199 |
-+free an invalid pointer. |
3200 |
-+ |
3201 |
- i2d_X509() will not return an error in many versions of OpenSSL, |
3202 |
- if mandatory fields are not initialized due to a programming error |
3203 |
- then the encoded structure may contain invalid data or omit the |
3204 |
-@@ -233,7 +239,9 @@ |
3205 |
- |
3206 |
- d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure |
3207 |
- or B<NULL> if an error occurs. The error code that can be obtained by |
3208 |
--L<ERR_get_error(3)|ERR_get_error(3)>. |
3209 |
-+L<ERR_get_error(3)|ERR_get_error(3)>. If the "reuse" capability has been used |
3210 |
-+with a valid X509 structure being passed in via B<px> then the object is not |
3211 |
-+modified in the event of error. |
3212 |
- |
3213 |
- i2d_X509() returns the number of bytes successfully encoded or a negative |
3214 |
- value if an error occurs. The error code can be obtained by |
3215 |
---- openssl-1.0.2/ssl/d1_lib.c |
3216 |
-+++ openssl-1.0.2/ssl/d1_lib.c |
3217 |
-@@ -543,6 +543,9 @@ |
3218 |
- { |
3219 |
- int ret; |
3220 |
- |
3221 |
-+ /* Ensure there is no state left over from a previous invocation */ |
3222 |
-+ SSL_clear(s); |
3223 |
-+ |
3224 |
- SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE); |
3225 |
- s->d1->listen = 1; |
3226 |
- |
3227 |
---- openssl-1.0.2/ssl/s2_lib.c |
3228 |
-+++ openssl-1.0.2/ssl/s2_lib.c |
3229 |
-@@ -493,7 +493,7 @@ |
3230 |
- |
3231 |
- OPENSSL_assert(s->session->master_key_length >= 0 |
3232 |
- && s->session->master_key_length |
3233 |
-- < (int)sizeof(s->session->master_key)); |
3234 |
-+ <= (int)sizeof(s->session->master_key)); |
3235 |
- EVP_DigestUpdate(&ctx, s->session->master_key, |
3236 |
- s->session->master_key_length); |
3237 |
- EVP_DigestUpdate(&ctx, &c, 1); |
3238 |
---- openssl-1.0.2/ssl/s2_srvr.c |
3239 |
-+++ openssl-1.0.2/ssl/s2_srvr.c |
3240 |
-@@ -454,11 +454,6 @@ |
3241 |
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_PRIVATEKEY); |
3242 |
- return (-1); |
3243 |
- } |
3244 |
-- i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc, |
3245 |
-- &(p[s->s2->tmp.clear]), |
3246 |
-- &(p[s->s2->tmp.clear]), |
3247 |
-- (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : |
3248 |
-- RSA_PKCS1_PADDING); |
3249 |
- |
3250 |
- is_export = SSL_C_IS_EXPORT(s->session->cipher); |
3251 |
- |
3252 |
-@@ -475,23 +470,61 @@ |
3253 |
- } else |
3254 |
- ek = 5; |
3255 |
- |
3256 |
-+ /* |
3257 |
-+ * The format of the CLIENT-MASTER-KEY message is |
3258 |
-+ * 1 byte message type |
3259 |
-+ * 3 bytes cipher |
3260 |
-+ * 2-byte clear key length (stored in s->s2->tmp.clear) |
3261 |
-+ * 2-byte encrypted key length (stored in s->s2->tmp.enc) |
3262 |
-+ * 2-byte key args length (IV etc) |
3263 |
-+ * clear key |
3264 |
-+ * encrypted key |
3265 |
-+ * key args |
3266 |
-+ * |
3267 |
-+ * If the cipher is an export cipher, then the encrypted key bytes |
3268 |
-+ * are a fixed portion of the total key (5 or 8 bytes). The size of |
3269 |
-+ * this portion is in |ek|. If the cipher is not an export cipher, |
3270 |
-+ * then the entire key material is encrypted (i.e., clear key length |
3271 |
-+ * must be zero). |
3272 |
-+ */ |
3273 |
-+ if ((!is_export && s->s2->tmp.clear != 0) || |
3274 |
-+ (is_export && s->s2->tmp.clear + ek != EVP_CIPHER_key_length(c))) { |
3275 |
-+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); |
3276 |
-+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH); |
3277 |
-+ return -1; |
3278 |
-+ } |
3279 |
-+ /* |
3280 |
-+ * The encrypted blob must decrypt to the encrypted portion of the key. |
3281 |
-+ * Decryption can't be expanding, so if we don't have enough encrypted |
3282 |
-+ * bytes to fit the key in the buffer, stop now. |
3283 |
-+ */ |
3284 |
-+ if ((is_export && s->s2->tmp.enc < ek) || |
3285 |
-+ (!is_export && s->s2->tmp.enc < EVP_CIPHER_key_length(c))) { |
3286 |
-+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); |
3287 |
-+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT); |
3288 |
-+ return -1; |
3289 |
-+ } |
3290 |
-+ |
3291 |
-+ i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc, |
3292 |
-+ &(p[s->s2->tmp.clear]), |
3293 |
-+ &(p[s->s2->tmp.clear]), |
3294 |
-+ (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : |
3295 |
-+ RSA_PKCS1_PADDING); |
3296 |
-+ |
3297 |
- /* bad decrypt */ |
3298 |
- # if 1 |
3299 |
- /* |
3300 |
- * If a bad decrypt, continue with protocol but with a random master |
3301 |
- * secret (Bleichenbacher attack) |
3302 |
- */ |
3303 |
-- if ((i < 0) || ((!is_export && (i != EVP_CIPHER_key_length(c))) |
3304 |
-- || (is_export && ((i != ek) |
3305 |
-- || (s->s2->tmp.clear + |
3306 |
-- (unsigned int)i != (unsigned int) |
3307 |
-- EVP_CIPHER_key_length(c)))))) { |
3308 |
-+ if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c)) |
3309 |
-+ || (is_export && i != ek))) { |
3310 |
- ERR_clear_error(); |
3311 |
- if (is_export) |
3312 |
- i = ek; |
3313 |
- else |
3314 |
- i = EVP_CIPHER_key_length(c); |
3315 |
-- if (RAND_pseudo_bytes(p, i) <= 0) |
3316 |
-+ if (RAND_pseudo_bytes(&p[s->s2->tmp.clear], i) <= 0) |
3317 |
- return 0; |
3318 |
- } |
3319 |
- # else |
3320 |
-@@ -513,7 +546,7 @@ |
3321 |
- # endif |
3322 |
- |
3323 |
- if (is_export) |
3324 |
-- i += s->s2->tmp.clear; |
3325 |
-+ i = EVP_CIPHER_key_length(c); |
3326 |
- |
3327 |
- if (i > SSL_MAX_MASTER_KEY_LENGTH) { |
3328 |
- ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); |
3329 |
---- openssl-1.0.2/ssl/s3_pkt.c |
3330 |
-+++ openssl-1.0.2/ssl/s3_pkt.c |
3331 |
-@@ -780,7 +780,7 @@ |
3332 |
- |
3333 |
- i = ssl3_write_pending(s, type, &buf[tot], nw); |
3334 |
- if (i <= 0) { |
3335 |
-- if (i < 0) { |
3336 |
-+ if (i < 0 && (!s->wbio || !BIO_should_retry(s->wbio))) { |
3337 |
- OPENSSL_free(wb->buf); |
3338 |
- wb->buf = NULL; |
3339 |
- } |
3340 |
---- openssl-1.0.2/ssl/s3_srvr.c |
3341 |
-+++ openssl-1.0.2/ssl/s3_srvr.c |
3342 |
-@@ -2251,10 +2251,17 @@ |
3343 |
- if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) { |
3344 |
- int idx = -1; |
3345 |
- EVP_PKEY *skey = NULL; |
3346 |
-- if (n) |
3347 |
-+ if (n) { |
3348 |
- n2s(p, i); |
3349 |
-- else |
3350 |
-+ } else { |
3351 |
-+ if (alg_k & SSL_kDHE) { |
3352 |
-+ al = SSL_AD_HANDSHAKE_FAILURE; |
3353 |
-+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, |
3354 |
-+ SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG); |
3355 |
-+ goto f_err; |
3356 |
-+ } |
3357 |
- i = 0; |
3358 |
-+ } |
3359 |
- if (n && n != i + 2) { |
3360 |
- if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG)) { |
3361 |
- SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, |
3362 |
---- openssl-1.0.2/ssl/t1_lib.c |
3363 |
-+++ openssl-1.0.2/ssl/t1_lib.c |
3364 |
-@@ -2965,6 +2965,7 @@ |
3365 |
- if (s->cert->shared_sigalgs) { |
3366 |
- OPENSSL_free(s->cert->shared_sigalgs); |
3367 |
- s->cert->shared_sigalgs = NULL; |
3368 |
-+ s->cert->shared_sigalgslen = 0; |
3369 |
- } |
3370 |
- /* Clear certificate digests and validity flags */ |
3371 |
- for (i = 0; i < SSL_PKEY_NUM; i++) { |
3372 |
-@@ -3618,6 +3619,7 @@ |
3373 |
- if (c->shared_sigalgs) { |
3374 |
- OPENSSL_free(c->shared_sigalgs); |
3375 |
- c->shared_sigalgs = NULL; |
3376 |
-+ c->shared_sigalgslen = 0; |
3377 |
- } |
3378 |
- /* If client use client signature algorithms if not NULL */ |
3379 |
- if (!s->server && c->client_sigalgs && !is_suiteb) { |
3380 |
-@@ -3640,12 +3642,14 @@ |
3381 |
- preflen = c->peer_sigalgslen; |
3382 |
- } |
3383 |
- nmatch = tls12_do_shared_sigalgs(NULL, pref, preflen, allow, allowlen); |
3384 |
-- if (!nmatch) |
3385 |
-- return 1; |
3386 |
-- salgs = OPENSSL_malloc(nmatch * sizeof(TLS_SIGALGS)); |
3387 |
-- if (!salgs) |
3388 |
-- return 0; |
3389 |
-- nmatch = tls12_do_shared_sigalgs(salgs, pref, preflen, allow, allowlen); |
3390 |
-+ if (nmatch) { |
3391 |
-+ salgs = OPENSSL_malloc(nmatch * sizeof(TLS_SIGALGS)); |
3392 |
-+ if (!salgs) |
3393 |
-+ return 0; |
3394 |
-+ nmatch = tls12_do_shared_sigalgs(salgs, pref, preflen, allow, allowlen); |
3395 |
-+ } else { |
3396 |
-+ salgs = NULL; |
3397 |
-+ } |
3398 |
- c->shared_sigalgs = salgs; |
3399 |
- c->shared_sigalgslen = nmatch; |
3400 |
- return 1; |
3401 |
|
3402 |
diff --git a/dev-libs/openssl/files/openssl-1.0.2-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.2-parallel-build.patch |
3403 |
deleted file mode 100644 |
3404 |
index 31d3f1d..0000000 |
3405 |
--- a/dev-libs/openssl/files/openssl-1.0.2-parallel-build.patch |
3406 |
+++ /dev/null |
3407 |
@@ -1,354 +0,0 @@ |
3408 |
-http://rt.openssl.org/Ticket/Display.html?id=2084&user=guest&pass=guest |
3409 |
- |
3410 |
---- a/Makefile.org |
3411 |
-+++ b/Makefile.org |
3412 |
-@@ -247,17 +247,17 @@ |
3413 |
- build_libs: build_crypto build_ssl build_engines |
3414 |
- |
3415 |
- build_crypto: |
3416 |
-- @dir=crypto; target=all; $(BUILD_ONE_CMD) |
3417 |
-+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) |
3418 |
--build_ssl: |
3419 |
-+build_ssl: build_crypto |
3420 |
-- @dir=ssl; target=all; $(BUILD_ONE_CMD) |
3421 |
-+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) |
3422 |
--build_engines: |
3423 |
-+build_engines: build_crypto |
3424 |
-- @dir=engines; target=all; $(BUILD_ONE_CMD) |
3425 |
-+ +@dir=engines; target=all; $(BUILD_ONE_CMD) |
3426 |
--build_apps: |
3427 |
-+build_apps: build_libs |
3428 |
-- @dir=apps; target=all; $(BUILD_ONE_CMD) |
3429 |
-+ +@dir=apps; target=all; $(BUILD_ONE_CMD) |
3430 |
--build_tests: |
3431 |
-+build_tests: build_libs |
3432 |
-- @dir=test; target=all; $(BUILD_ONE_CMD) |
3433 |
-+ +@dir=test; target=all; $(BUILD_ONE_CMD) |
3434 |
--build_tools: |
3435 |
-+build_tools: build_libs |
3436 |
-- @dir=tools; target=all; $(BUILD_ONE_CMD) |
3437 |
-+ +@dir=tools; target=all; $(BUILD_ONE_CMD) |
3438 |
- |
3439 |
- all_testapps: build_libs build_testapps |
3440 |
- build_testapps: |
3441 |
-@@ -497,9 +497,9 @@ |
3442 |
- dist_pem_h: |
3443 |
- (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) |
3444 |
- |
3445 |
--install: all install_docs install_sw |
3446 |
-+install: install_docs install_sw |
3447 |
- |
3448 |
--install_sw: |
3449 |
-+install_dirs: |
3450 |
- @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ |
3451 |
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ |
3452 |
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ |
3453 |
-@@ -508,6 +508,13 @@ |
3454 |
- $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ |
3455 |
- $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ |
3456 |
- $(INSTALL_PREFIX)$(OPENSSLDIR)/private |
3457 |
-+ @$(PERL) $(TOP)/util/mkdir-p.pl \ |
3458 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man1 \ |
3459 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man3 \ |
3460 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man5 \ |
3461 |
-+ $(INSTALL_PREFIX)$(MANDIR)/man7 |
3462 |
-+ |
3463 |
-+install_sw: install_dirs |
3464 |
- @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ |
3465 |
- do \ |
3466 |
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ |
3467 |
-@@ -511,7 +511,7 @@ |
3468 |
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ |
3469 |
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ |
3470 |
- done; |
3471 |
-- @set -e; target=install; $(RECURSIVE_BUILD_CMD) |
3472 |
-+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) |
3473 |
- @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ |
3474 |
- do \ |
3475 |
- if [ -f "$$i" ]; then \ |
3476 |
-@@ -593,12 +600,7 @@ |
3477 |
- done; \ |
3478 |
- done |
3479 |
- |
3480 |
--install_docs: |
3481 |
-- @$(PERL) $(TOP)/util/mkdir-p.pl \ |
3482 |
-- $(INSTALL_PREFIX)$(MANDIR)/man1 \ |
3483 |
-- $(INSTALL_PREFIX)$(MANDIR)/man3 \ |
3484 |
-- $(INSTALL_PREFIX)$(MANDIR)/man5 \ |
3485 |
-- $(INSTALL_PREFIX)$(MANDIR)/man7 |
3486 |
-+install_docs: install_dirs |
3487 |
- @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ |
3488 |
- here="`pwd`"; \ |
3489 |
- filecase=; \ |
3490 |
---- a/Makefile.shared |
3491 |
-+++ b/Makefile.shared |
3492 |
-@@ -105,6 +105,7 @@ LINK_SO= \ |
3493 |
- SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ |
3494 |
- LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ |
3495 |
- LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ |
3496 |
-+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ |
3497 |
- LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ |
3498 |
- $${SHAREDCMD} $${SHAREDFLAGS} \ |
3499 |
- -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ |
3500 |
-@@ -122,6 +124,7 @@ SYMLINK_SO= \ |
3501 |
- done; \ |
3502 |
- fi; \ |
3503 |
- if [ -n "$$SHLIB_SOVER" ]; then \ |
3504 |
-+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ |
3505 |
- ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ |
3506 |
- ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ |
3507 |
- fi; \ |
3508 |
---- a/crypto/Makefile |
3509 |
-+++ b/crypto/Makefile |
3510 |
-@@ -85,11 +85,11 @@ |
3511 |
- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi |
3512 |
- |
3513 |
- subdirs: |
3514 |
-- @target=all; $(RECURSIVE_MAKE) |
3515 |
-+ +@target=all; $(RECURSIVE_MAKE) |
3516 |
- |
3517 |
- files: |
3518 |
- $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO |
3519 |
-- @target=files; $(RECURSIVE_MAKE) |
3520 |
-+ +@target=files; $(RECURSIVE_MAKE) |
3521 |
- |
3522 |
- links: |
3523 |
- @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) |
3524 |
-@@ -100,7 +100,7 @@ |
3525 |
- # lib: $(LIB): are splitted to avoid end-less loop |
3526 |
- lib: $(LIB) |
3527 |
- @touch lib |
3528 |
--$(LIB): $(LIBOBJ) |
3529 |
-+$(LIB): $(LIBOBJ) | subdirs |
3530 |
- $(AR) $(LIB) $(LIBOBJ) |
3531 |
- $(RANLIB) $(LIB) || echo Never mind. |
3532 |
- |
3533 |
-@@ -110,7 +110,7 @@ |
3534 |
- fi |
3535 |
- |
3536 |
- libs: |
3537 |
-- @target=lib; $(RECURSIVE_MAKE) |
3538 |
-+ +@target=lib; $(RECURSIVE_MAKE) |
3539 |
- |
3540 |
- install: |
3541 |
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... |
3542 |
-@@ -119,7 +119,7 @@ |
3543 |
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ |
3544 |
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ |
3545 |
- done; |
3546 |
-- @target=install; $(RECURSIVE_MAKE) |
3547 |
-+ +@target=install; $(RECURSIVE_MAKE) |
3548 |
- |
3549 |
- lint: |
3550 |
- @target=lint; $(RECURSIVE_MAKE) |
3551 |
---- a/engines/Makefile |
3552 |
-+++ b/engines/Makefile |
3553 |
-@@ -72,7 +72,7 @@ |
3554 |
- |
3555 |
- all: lib subdirs |
3556 |
- |
3557 |
--lib: $(LIBOBJ) |
3558 |
-+lib: $(LIBOBJ) | subdirs |
3559 |
- @if [ -n "$(SHARED_LIBS)" ]; then \ |
3560 |
- set -e; \ |
3561 |
- for l in $(LIBNAMES); do \ |
3562 |
-@@ -89,7 +89,7 @@ |
3563 |
- |
3564 |
- subdirs: |
3565 |
- echo $(EDIRS) |
3566 |
-- @target=all; $(RECURSIVE_MAKE) |
3567 |
-+ +@target=all; $(RECURSIVE_MAKE) |
3568 |
- |
3569 |
- files: |
3570 |
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
3571 |
-@@ -128,7 +128,7 @@ |
3572 |
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ |
3573 |
- done; \ |
3574 |
- fi |
3575 |
-- @target=install; $(RECURSIVE_MAKE) |
3576 |
-+ +@target=install; $(RECURSIVE_MAKE) |
3577 |
- |
3578 |
- tags: |
3579 |
- ctags $(SRC) |
3580 |
---- a/test/Makefile |
3581 |
-+++ b/test/Makefile |
3582 |
-@@ -123,7 +123,7 @@ |
3583 |
- tags: |
3584 |
- ctags $(SRC) |
3585 |
- |
3586 |
--tests: exe apps $(TESTS) |
3587 |
-+tests: exe $(TESTS) |
3588 |
- |
3589 |
- apps: |
3590 |
- @(cd ..; $(MAKE) DIRS=apps all) |
3591 |
-@@ -365,109 +365,109 @@ |
3592 |
- link_app.$${shlib_target} |
3593 |
- |
3594 |
- $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) |
3595 |
-- @target=$(RSATEST); $(BUILD_CMD) |
3596 |
-+ +@target=$(RSATEST); $(BUILD_CMD) |
3597 |
- |
3598 |
- $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) |
3599 |
-- @target=$(BNTEST); $(BUILD_CMD) |
3600 |
-+ +@target=$(BNTEST); $(BUILD_CMD) |
3601 |
- |
3602 |
- $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) |
3603 |
-- @target=$(ECTEST); $(BUILD_CMD) |
3604 |
-+ +@target=$(ECTEST); $(BUILD_CMD) |
3605 |
- |
3606 |
- $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) |
3607 |
-- @target=$(EXPTEST); $(BUILD_CMD) |
3608 |
-+ +@target=$(EXPTEST); $(BUILD_CMD) |
3609 |
- |
3610 |
- $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) |
3611 |
-- @target=$(IDEATEST); $(BUILD_CMD) |
3612 |
-+ +@target=$(IDEATEST); $(BUILD_CMD) |
3613 |
- |
3614 |
- $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) |
3615 |
-- @target=$(MD2TEST); $(BUILD_CMD) |
3616 |
-+ +@target=$(MD2TEST); $(BUILD_CMD) |
3617 |
- |
3618 |
- $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) |
3619 |
-- @target=$(SHATEST); $(BUILD_CMD) |
3620 |
-+ +@target=$(SHATEST); $(BUILD_CMD) |
3621 |
- |
3622 |
- $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) |
3623 |
-- @target=$(SHA1TEST); $(BUILD_CMD) |
3624 |
-+ +@target=$(SHA1TEST); $(BUILD_CMD) |
3625 |
- |
3626 |
- $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) |
3627 |
-- @target=$(SHA256TEST); $(BUILD_CMD) |
3628 |
-+ +@target=$(SHA256TEST); $(BUILD_CMD) |
3629 |
- |
3630 |
- $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) |
3631 |
-- @target=$(SHA512TEST); $(BUILD_CMD) |
3632 |
-+ +@target=$(SHA512TEST); $(BUILD_CMD) |
3633 |
- |
3634 |
- $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) |
3635 |
-- @target=$(RMDTEST); $(BUILD_CMD) |
3636 |
-+ +@target=$(RMDTEST); $(BUILD_CMD) |
3637 |
- |
3638 |
- $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) |
3639 |
-- @target=$(MDC2TEST); $(BUILD_CMD) |
3640 |
-+ +@target=$(MDC2TEST); $(BUILD_CMD) |
3641 |
- |
3642 |
- $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) |
3643 |
-- @target=$(MD4TEST); $(BUILD_CMD) |
3644 |
-+ +@target=$(MD4TEST); $(BUILD_CMD) |
3645 |
- |
3646 |
- $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) |
3647 |
-- @target=$(MD5TEST); $(BUILD_CMD) |
3648 |
-+ +@target=$(MD5TEST); $(BUILD_CMD) |
3649 |
- |
3650 |
- $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) |
3651 |
-- @target=$(HMACTEST); $(BUILD_CMD) |
3652 |
-+ +@target=$(HMACTEST); $(BUILD_CMD) |
3653 |
- |
3654 |
- $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) |
3655 |
-- @target=$(WPTEST); $(BUILD_CMD) |
3656 |
-+ +@target=$(WPTEST); $(BUILD_CMD) |
3657 |
- |
3658 |
- $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) |
3659 |
-- @target=$(RC2TEST); $(BUILD_CMD) |
3660 |
-+ +@target=$(RC2TEST); $(BUILD_CMD) |
3661 |
- |
3662 |
- $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) |
3663 |
-- @target=$(BFTEST); $(BUILD_CMD) |
3664 |
-+ +@target=$(BFTEST); $(BUILD_CMD) |
3665 |
- |
3666 |
- $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) |
3667 |
-- @target=$(CASTTEST); $(BUILD_CMD) |
3668 |
-+ +@target=$(CASTTEST); $(BUILD_CMD) |
3669 |
- |
3670 |
- $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) |
3671 |
-- @target=$(RC4TEST); $(BUILD_CMD) |
3672 |
-+ +@target=$(RC4TEST); $(BUILD_CMD) |
3673 |
- |
3674 |
- $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) |
3675 |
-- @target=$(RC5TEST); $(BUILD_CMD) |
3676 |
-+ +@target=$(RC5TEST); $(BUILD_CMD) |
3677 |
- |
3678 |
- $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) |
3679 |
-- @target=$(DESTEST); $(BUILD_CMD) |
3680 |
-+ +@target=$(DESTEST); $(BUILD_CMD) |
3681 |
- |
3682 |
- $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) |
3683 |
-- @target=$(RANDTEST); $(BUILD_CMD) |
3684 |
-+ +@target=$(RANDTEST); $(BUILD_CMD) |
3685 |
- |
3686 |
- $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) |
3687 |
-- @target=$(DHTEST); $(BUILD_CMD) |
3688 |
-+ +@target=$(DHTEST); $(BUILD_CMD) |
3689 |
- |
3690 |
- $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) |
3691 |
-- @target=$(DSATEST); $(BUILD_CMD) |
3692 |
-+ +@target=$(DSATEST); $(BUILD_CMD) |
3693 |
- |
3694 |
- $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) |
3695 |
-- @target=$(METHTEST); $(BUILD_CMD) |
3696 |
-+ +@target=$(METHTEST); $(BUILD_CMD) |
3697 |
- |
3698 |
- $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) |
3699 |
-- @target=$(SSLTEST); $(FIPS_BUILD_CMD) |
3700 |
-+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) |
3701 |
- |
3702 |
- $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) |
3703 |
-- @target=$(ENGINETEST); $(BUILD_CMD) |
3704 |
-+ +@target=$(ENGINETEST); $(BUILD_CMD) |
3705 |
- |
3706 |
- $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) |
3707 |
-- @target=$(EVPTEST); $(BUILD_CMD) |
3708 |
-+ +@target=$(EVPTEST); $(BUILD_CMD) |
3709 |
- |
3710 |
- $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) |
3711 |
-- @target=$(ECDSATEST); $(BUILD_CMD) |
3712 |
-+ +@target=$(ECDSATEST); $(BUILD_CMD) |
3713 |
- |
3714 |
- $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) |
3715 |
-- @target=$(ECDHTEST); $(BUILD_CMD) |
3716 |
-+ +@target=$(ECDHTEST); $(BUILD_CMD) |
3717 |
- |
3718 |
- $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) |
3719 |
-- @target=$(IGETEST); $(BUILD_CMD) |
3720 |
-+ +@target=$(IGETEST); $(BUILD_CMD) |
3721 |
- |
3722 |
- $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) |
3723 |
-- @target=$(JPAKETEST); $(BUILD_CMD) |
3724 |
-+ +@target=$(JPAKETEST); $(BUILD_CMD) |
3725 |
- |
3726 |
- $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) |
3727 |
-- @target=$(ASN1TEST); $(BUILD_CMD) |
3728 |
-+ +@target=$(ASN1TEST); $(BUILD_CMD) |
3729 |
- |
3730 |
- $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) |
3731 |
-- @target=$(SRPTEST); $(BUILD_CMD) |
3732 |
-+ +@target=$(SRPTEST); $(BUILD_CMD) |
3733 |
- |
3734 |
- #$(AESTEST).o: $(AESTEST).c |
3735 |
- # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c |
3736 |
-@@ -480,7 +480,7 @@ |
3737 |
- # fi |
3738 |
- |
3739 |
- dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) |
3740 |
-- @target=dummytest; $(BUILD_CMD) |
3741 |
-+ +@target=dummytest; $(BUILD_CMD) |
3742 |
- |
3743 |
- # DO NOT DELETE THIS LINE -- make depend depends on it. |
3744 |
- |
3745 |
---- a/crypto/objects/Makefile |
3746 |
-+++ b/crypto/objects/Makefile |
3747 |
-@@ -44,11 +44,11 @@ obj_dat.h: obj_dat.pl obj_mac.h |
3748 |
- # objects.pl both reads and writes obj_mac.num |
3749 |
- obj_mac.h: objects.pl objects.txt obj_mac.num |
3750 |
- $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h |
3751 |
-- @sleep 1; touch obj_mac.h; sleep 1 |
3752 |
- |
3753 |
--obj_xref.h: objxref.pl obj_xref.txt obj_mac.num |
3754 |
-+# This doesn't really need obj_mac.h, but since that rule reads & writes |
3755 |
-+# obj_mac.num, we can't run in parallel with it. |
3756 |
-+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h |
3757 |
- $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h |
3758 |
-- @sleep 1; touch obj_xref.h; sleep 1 |
3759 |
- |
3760 |
- files: |
3761 |
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
3762 |
|
3763 |
diff --git a/dev-libs/openssl/openssl-0.9.8z_p5-r1.ebuild b/dev-libs/openssl/openssl-0.9.8z_p5-r1.ebuild |
3764 |
deleted file mode 100644 |
3765 |
index 12eb16d..0000000 |
3766 |
--- a/dev-libs/openssl/openssl-0.9.8z_p5-r1.ebuild |
3767 |
+++ /dev/null |
3768 |
@@ -1,161 +0,0 @@ |
3769 |
-# Copyright 1999-2015 Gentoo Foundation |
3770 |
-# Distributed under the terms of the GNU General Public License v2 |
3771 |
-# $Id$ |
3772 |
- |
3773 |
-# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat |
3774 |
- |
3775 |
-EAPI="5" |
3776 |
- |
3777 |
-inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal |
3778 |
- |
3779 |
-PLEVEL=$(echo "${PV##*_p}" | tr '[1-9]' '[a-i]') |
3780 |
-MY_PV=${PV/_p*/${PLEVEL}} |
3781 |
-MY_P=${PN}-${MY_PV} |
3782 |
-S="${WORKDIR}/${MY_P}" |
3783 |
-DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" |
3784 |
-HOMEPAGE="http://www.openssl.org/" |
3785 |
-SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" |
3786 |
- |
3787 |
-LICENSE="openssl" |
3788 |
-SLOT="0.9.8" |
3789 |
-KEYWORDS="alpha amd64 arm ~hppa ia64 ~m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd" |
3790 |
-IUSE="bindist gmp kerberos cpu_flags_x86_sse2 test zlib" |
3791 |
-RESTRICT="!bindist? ( bindist )" |
3792 |
- |
3793 |
-RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[${MULTILIB_USEDEP}] ) |
3794 |
- zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) |
3795 |
- kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) |
3796 |
- abi_x86_32? ( |
3797 |
- !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 |
3798 |
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] |
3799 |
- ) |
3800 |
- !=dev-libs/openssl-0.9.8*:0" |
3801 |
-DEPEND="${RDEPEND} |
3802 |
- sys-apps/diffutils |
3803 |
- >=dev-lang/perl-5 |
3804 |
- test? ( sys-devel/bc )" |
3805 |
- |
3806 |
-# Do not install any docs |
3807 |
-DOCS=() |
3808 |
- |
3809 |
-src_prepare() { |
3810 |
- epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch |
3811 |
- epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438 |
3812 |
- epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130 |
3813 |
- epatch "${FILESDIR}"/${PN}-0.9.8ze-CVE-2015-0286.patch #543552 |
3814 |
- |
3815 |
- # disable fips in the build |
3816 |
- # make sure the man pages are suffixed #302165 |
3817 |
- # don't bother building man pages if they're disabled |
3818 |
- sed -i \ |
3819 |
- -e '/DIRS/s: fips : :g' \ |
3820 |
- -e '/^MANSUFFIX/s:=.*:=ssl:' \ |
3821 |
- -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ |
3822 |
- -e $(has noman FEATURES \ |
3823 |
- && echo '/^install:/s:install_docs::' \ |
3824 |
- || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ |
3825 |
- Makefile{,.org} \ |
3826 |
- || die |
3827 |
- # show the actual commands in the log |
3828 |
- sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared |
3829 |
- # update the enginedir path. |
3830 |
- # punt broken config we don't care about as it fails sanity check. |
3831 |
- sed -i \ |
3832 |
- -e '/^"debug-ben-debug-64"/d' \ |
3833 |
- -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ |
3834 |
- Configure || die |
3835 |
- |
3836 |
- # since we're forcing $(CC) as makedep anyway, just fix |
3837 |
- # the conditional as always-on |
3838 |
- # helps clang (#417795), and versioned gcc (#499818) |
3839 |
- sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die |
3840 |
- |
3841 |
- # quiet out unknown driver argument warnings since openssl |
3842 |
- # doesn't have well-split CFLAGS and we're making it even worse |
3843 |
- # and 'make depend' uses -Werror for added fun (#417795 again) |
3844 |
- [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments |
3845 |
- |
3846 |
- # allow openssl to be cross-compiled |
3847 |
- cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" |
3848 |
- chmod a+rx gentoo.config |
3849 |
- |
3850 |
- append-flags -fno-strict-aliasing |
3851 |
- append-flags -Wa,--noexecstack |
3852 |
- |
3853 |
- sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 |
3854 |
- sed -i '/^"debug-bodo/d' Configure # 0.9.8za shipped broken |
3855 |
- ./config --test-sanity || die "I AM NOT SANE" |
3856 |
- |
3857 |
- multilib_copy_sources |
3858 |
-} |
3859 |
- |
3860 |
-multilib_src_configure() { |
3861 |
- unset APPS #197996 |
3862 |
- unset SCRIPTS #312551 |
3863 |
- |
3864 |
- tc-export CC AR RANLIB |
3865 |
- |
3866 |
- # Clean out patent-or-otherwise-encumbered code |
3867 |
- # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) |
3868 |
- # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm |
3869 |
- # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography |
3870 |
- # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 |
3871 |
- # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 |
3872 |
- |
3873 |
- use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; } |
3874 |
- echoit() { echo "$@" ; "$@" ; } |
3875 |
- |
3876 |
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") |
3877 |
- |
3878 |
- local sslout=$(./gentoo.config) |
3879 |
- einfo "Use configuration ${sslout:-(openssl knows best)}" |
3880 |
- local config="Configure" |
3881 |
- [[ -z ${sslout} ]] && config="config" |
3882 |
- |
3883 |
- echoit \ |
3884 |
- ./${config} \ |
3885 |
- ${sslout} \ |
3886 |
- $(use cpu_flags_x86_sse2 || echo "no-sse2") \ |
3887 |
- enable-camellia \ |
3888 |
- $(use_ssl !bindist ec) \ |
3889 |
- enable-idea \ |
3890 |
- enable-mdc2 \ |
3891 |
- $(use_ssl !bindist rc5) \ |
3892 |
- enable-tlsext \ |
3893 |
- $(use_ssl gmp gmp -lgmp) \ |
3894 |
- $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ |
3895 |
- $(use_ssl zlib) \ |
3896 |
- --prefix=/usr \ |
3897 |
- --openssldir=/etc/ssl \ |
3898 |
- shared threads \ |
3899 |
- || die "Configure failed" |
3900 |
- |
3901 |
- # Clean out hardcoded flags that openssl uses |
3902 |
- local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ |
3903 |
- -e 's:^CFLAG=::' \ |
3904 |
- -e 's:-fomit-frame-pointer ::g' \ |
3905 |
- -e 's:-O[0-9] ::g' \ |
3906 |
- -e 's:-march=[-a-z0-9]* ::g' \ |
3907 |
- -e 's:-mcpu=[-a-z0-9]* ::g' \ |
3908 |
- -e 's:-m[a-z0-9]* ::g' \ |
3909 |
- ) |
3910 |
- sed -i \ |
3911 |
- -e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \ |
3912 |
- -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ |
3913 |
- -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ |
3914 |
- Makefile || die |
3915 |
-} |
3916 |
- |
3917 |
-multilib_src_compile() { |
3918 |
- # depend is needed to use $confopts |
3919 |
- emake -j1 depend |
3920 |
- emake -j1 build_libs |
3921 |
-} |
3922 |
- |
3923 |
-multilib_src_test() { |
3924 |
- emake -j1 test |
3925 |
-} |
3926 |
- |
3927 |
-multilib_src_install() { |
3928 |
- dolib.so lib{crypto,ssl}.so.0.9.8 |
3929 |
-} |
3930 |
|
3931 |
diff --git a/dev-libs/openssl/openssl-0.9.8z_p6.ebuild b/dev-libs/openssl/openssl-0.9.8z_p6.ebuild |
3932 |
deleted file mode 100644 |
3933 |
index b2d9ea9..0000000 |
3934 |
--- a/dev-libs/openssl/openssl-0.9.8z_p6.ebuild |
3935 |
+++ /dev/null |
3936 |
@@ -1,160 +0,0 @@ |
3937 |
-# Copyright 1999-2015 Gentoo Foundation |
3938 |
-# Distributed under the terms of the GNU General Public License v2 |
3939 |
-# $Id$ |
3940 |
- |
3941 |
-# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat |
3942 |
- |
3943 |
-EAPI="5" |
3944 |
- |
3945 |
-inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal |
3946 |
- |
3947 |
-PLEVEL=$(echo "${PV##*_p}" | tr '[1-9]' '[a-i]') |
3948 |
-MY_PV=${PV/_p*/${PLEVEL}} |
3949 |
-MY_P=${PN}-${MY_PV} |
3950 |
-S="${WORKDIR}/${MY_P}" |
3951 |
-DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" |
3952 |
-HOMEPAGE="http://www.openssl.org/" |
3953 |
-SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" |
3954 |
- |
3955 |
-LICENSE="openssl" |
3956 |
-SLOT="0.9.8" |
3957 |
-KEYWORDS="alpha amd64 arm ~hppa ~ia64 ~m68k ~mips ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd" |
3958 |
-IUSE="bindist gmp kerberos cpu_flags_x86_sse2 test zlib" |
3959 |
-RESTRICT="!bindist? ( bindist )" |
3960 |
- |
3961 |
-RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[${MULTILIB_USEDEP}] ) |
3962 |
- zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) |
3963 |
- kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) |
3964 |
- abi_x86_32? ( |
3965 |
- !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 |
3966 |
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] |
3967 |
- ) |
3968 |
- !=dev-libs/openssl-0.9.8*:0" |
3969 |
-DEPEND="${RDEPEND} |
3970 |
- sys-apps/diffutils |
3971 |
- >=dev-lang/perl-5 |
3972 |
- test? ( sys-devel/bc )" |
3973 |
- |
3974 |
-# Do not install any docs |
3975 |
-DOCS=() |
3976 |
- |
3977 |
-src_prepare() { |
3978 |
- epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch |
3979 |
- epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438 |
3980 |
- epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130 |
3981 |
- |
3982 |
- # disable fips in the build |
3983 |
- # make sure the man pages are suffixed #302165 |
3984 |
- # don't bother building man pages if they're disabled |
3985 |
- sed -i \ |
3986 |
- -e '/DIRS/s: fips : :g' \ |
3987 |
- -e '/^MANSUFFIX/s:=.*:=ssl:' \ |
3988 |
- -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ |
3989 |
- -e $(has noman FEATURES \ |
3990 |
- && echo '/^install:/s:install_docs::' \ |
3991 |
- || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ |
3992 |
- Makefile{,.org} \ |
3993 |
- || die |
3994 |
- # show the actual commands in the log |
3995 |
- sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared |
3996 |
- # update the enginedir path. |
3997 |
- # punt broken config we don't care about as it fails sanity check. |
3998 |
- sed -i \ |
3999 |
- -e '/^"debug-ben-debug-64"/d' \ |
4000 |
- -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ |
4001 |
- Configure || die |
4002 |
- |
4003 |
- # since we're forcing $(CC) as makedep anyway, just fix |
4004 |
- # the conditional as always-on |
4005 |
- # helps clang (#417795), and versioned gcc (#499818) |
4006 |
- sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die |
4007 |
- |
4008 |
- # quiet out unknown driver argument warnings since openssl |
4009 |
- # doesn't have well-split CFLAGS and we're making it even worse |
4010 |
- # and 'make depend' uses -Werror for added fun (#417795 again) |
4011 |
- [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments |
4012 |
- |
4013 |
- # allow openssl to be cross-compiled |
4014 |
- cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" |
4015 |
- chmod a+rx gentoo.config |
4016 |
- |
4017 |
- append-flags -fno-strict-aliasing |
4018 |
- append-flags -Wa,--noexecstack |
4019 |
- |
4020 |
- sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 |
4021 |
- sed -i '/^"debug-bodo/d' Configure # 0.9.8za shipped broken |
4022 |
- ./config --test-sanity || die "I AM NOT SANE" |
4023 |
- |
4024 |
- multilib_copy_sources |
4025 |
-} |
4026 |
- |
4027 |
-multilib_src_configure() { |
4028 |
- unset APPS #197996 |
4029 |
- unset SCRIPTS #312551 |
4030 |
- |
4031 |
- tc-export CC AR RANLIB |
4032 |
- |
4033 |
- # Clean out patent-or-otherwise-encumbered code |
4034 |
- # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) |
4035 |
- # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm |
4036 |
- # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography |
4037 |
- # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 |
4038 |
- # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 |
4039 |
- |
4040 |
- use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; } |
4041 |
- echoit() { echo "$@" ; "$@" ; } |
4042 |
- |
4043 |
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") |
4044 |
- |
4045 |
- local sslout=$(./gentoo.config) |
4046 |
- einfo "Use configuration ${sslout:-(openssl knows best)}" |
4047 |
- local config="Configure" |
4048 |
- [[ -z ${sslout} ]] && config="config" |
4049 |
- |
4050 |
- echoit \ |
4051 |
- ./${config} \ |
4052 |
- ${sslout} \ |
4053 |
- $(use cpu_flags_x86_sse2 || echo "no-sse2") \ |
4054 |
- enable-camellia \ |
4055 |
- $(use_ssl !bindist ec) \ |
4056 |
- enable-idea \ |
4057 |
- enable-mdc2 \ |
4058 |
- $(use_ssl !bindist rc5) \ |
4059 |
- enable-tlsext \ |
4060 |
- $(use_ssl gmp gmp -lgmp) \ |
4061 |
- $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ |
4062 |
- $(use_ssl zlib) \ |
4063 |
- --prefix=/usr \ |
4064 |
- --openssldir=/etc/ssl \ |
4065 |
- shared threads \ |
4066 |
- || die "Configure failed" |
4067 |
- |
4068 |
- # Clean out hardcoded flags that openssl uses |
4069 |
- local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ |
4070 |
- -e 's:^CFLAG=::' \ |
4071 |
- -e 's:-fomit-frame-pointer ::g' \ |
4072 |
- -e 's:-O[0-9] ::g' \ |
4073 |
- -e 's:-march=[-a-z0-9]* ::g' \ |
4074 |
- -e 's:-mcpu=[-a-z0-9]* ::g' \ |
4075 |
- -e 's:-m[a-z0-9]* ::g' \ |
4076 |
- ) |
4077 |
- sed -i \ |
4078 |
- -e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \ |
4079 |
- -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ |
4080 |
- -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ |
4081 |
- Makefile || die |
4082 |
-} |
4083 |
- |
4084 |
-multilib_src_compile() { |
4085 |
- # depend is needed to use $confopts |
4086 |
- emake -j1 depend |
4087 |
- emake -j1 build_libs |
4088 |
-} |
4089 |
- |
4090 |
-multilib_src_test() { |
4091 |
- emake -j1 test |
4092 |
-} |
4093 |
- |
4094 |
-multilib_src_install() { |
4095 |
- dolib.so lib{crypto,ssl}.so.0.9.8 |
4096 |
-} |
4097 |
|
4098 |
diff --git a/dev-libs/openssl/openssl-1.0.0r.ebuild b/dev-libs/openssl/openssl-1.0.0r.ebuild |
4099 |
deleted file mode 100644 |
4100 |
index e719253..0000000 |
4101 |
--- a/dev-libs/openssl/openssl-1.0.0r.ebuild |
4102 |
+++ /dev/null |
4103 |
@@ -1,214 +0,0 @@ |
4104 |
-# Copyright 1999-2015 Gentoo Foundation |
4105 |
-# Distributed under the terms of the GNU General Public License v2 |
4106 |
-# $Id$ |
4107 |
- |
4108 |
-EAPI="4" |
4109 |
- |
4110 |
-inherit eutils flag-o-matic toolchain-funcs multilib |
4111 |
- |
4112 |
-REV="1.7" |
4113 |
-DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)" |
4114 |
-HOMEPAGE="http://www.openssl.org/" |
4115 |
-SRC_URI="mirror://openssl/source/${P}.tar.gz |
4116 |
- http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" |
4117 |
- |
4118 |
-LICENSE="openssl" |
4119 |
-SLOT="0" |
4120 |
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd" |
4121 |
-IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test zlib" |
4122 |
-RESTRICT="!bindist? ( bindist )" |
4123 |
- |
4124 |
-# Have the sub-libs in RDEPEND with [static-libs] since, logically, |
4125 |
-# our libssl.a depends on libz.a/etc... at runtime. |
4126 |
-LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] ) |
4127 |
- zlib? ( sys-libs/zlib[static-libs(+)] ) |
4128 |
- kerberos? ( app-crypt/mit-krb5 )" |
4129 |
-RDEPEND="static-libs? ( ${LIB_DEPEND} ) |
4130 |
- !static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )" |
4131 |
-DEPEND="${RDEPEND} |
4132 |
- sys-apps/diffutils |
4133 |
- >=dev-lang/perl-5 |
4134 |
- test? ( sys-devel/bc )" |
4135 |
-PDEPEND="app-misc/ca-certificates" |
4136 |
- |
4137 |
-src_unpack() { |
4138 |
- unpack ${P}.tar.gz |
4139 |
- SSL_CNF_DIR="/etc/ssl" |
4140 |
- sed \ |
4141 |
- -e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \ |
4142 |
- "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ |
4143 |
- > "${WORKDIR}"/c_rehash || die #416717 |
4144 |
-} |
4145 |
- |
4146 |
-src_prepare() { |
4147 |
- # Make sure we only ever touch Makefile.org and avoid patching a file |
4148 |
- # that gets blown away anyways by the Configure script in src_configure |
4149 |
- rm -f Makefile |
4150 |
- |
4151 |
- epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 |
4152 |
- #epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089 |
4153 |
- epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 |
4154 |
- epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch |
4155 |
- epatch "${FILESDIR}"/${PN}-1.0.0e-parallel-build.patch |
4156 |
- epatch "${FILESDIR}"/${PN}-1.0.0r-x32.patch |
4157 |
- epatch_user #332661 |
4158 |
- |
4159 |
- # disable fips in the build |
4160 |
- # make sure the man pages are suffixed #302165 |
4161 |
- # don't bother building man pages if they're disabled |
4162 |
- sed -i \ |
4163 |
- -e '/DIRS/s: fips : :g' \ |
4164 |
- -e '/^MANSUFFIX/s:=.*:=ssl:' \ |
4165 |
- -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ |
4166 |
- -e $(has noman FEATURES \ |
4167 |
- && echo '/^install:/s:install_docs::' \ |
4168 |
- || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ |
4169 |
- Makefile.org \ |
4170 |
- || die |
4171 |
- # show the actual commands in the log |
4172 |
- sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared |
4173 |
- |
4174 |
- # allow openssl to be cross-compiled |
4175 |
- cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die |
4176 |
- chmod a+rx gentoo.config |
4177 |
- |
4178 |
- append-flags -fno-strict-aliasing |
4179 |
- append-flags $(test-flags-CC -Wa,--noexecstack) |
4180 |
- |
4181 |
- sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 |
4182 |
- ./config --test-sanity || die "I AM NOT SANE" |
4183 |
-} |
4184 |
- |
4185 |
-src_configure() { |
4186 |
- unset APPS #197996 |
4187 |
- unset SCRIPTS #312551 |
4188 |
- unset CROSS_COMPILE #311473 |
4189 |
- |
4190 |
- tc-export CC AR RANLIB RC |
4191 |
- |
4192 |
- # Clean out patent-or-otherwise-encumbered code |
4193 |
- # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) |
4194 |
- # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm |
4195 |
- # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography |
4196 |
- # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 |
4197 |
- # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 |
4198 |
- |
4199 |
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } |
4200 |
- echoit() { echo "$@" ; "$@" ; } |
4201 |
- |
4202 |
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") |
4203 |
- |
4204 |
- local sslout=$(./gentoo.config) |
4205 |
- einfo "Use configuration ${sslout:-(openssl knows best)}" |
4206 |
- local config="Configure" |
4207 |
- [[ -z ${sslout} ]] && config="config" |
4208 |
- echoit \ |
4209 |
- ./${config} \ |
4210 |
- ${sslout} \ |
4211 |
- $(use cpu_flags_x86_sse2 || echo "no-sse2") \ |
4212 |
- enable-camellia \ |
4213 |
- $(use_ssl !bindist ec) \ |
4214 |
- enable-idea \ |
4215 |
- enable-mdc2 \ |
4216 |
- $(use_ssl !bindist rc5) \ |
4217 |
- enable-tlsext \ |
4218 |
- $(use_ssl gmp gmp -lgmp) \ |
4219 |
- $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ |
4220 |
- $(use_ssl rfc3779) \ |
4221 |
- $(use_ssl zlib) \ |
4222 |
- --prefix=/usr \ |
4223 |
- --openssldir=${SSL_CNF_DIR} \ |
4224 |
- --libdir=$(get_libdir) \ |
4225 |
- shared threads \ |
4226 |
- || die |
4227 |
- |
4228 |
- # Clean out hardcoded flags that openssl uses |
4229 |
- local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ |
4230 |
- -e 's:^CFLAG=::' \ |
4231 |
- -e 's:-fomit-frame-pointer ::g' \ |
4232 |
- -e 's:-O[0-9] ::g' \ |
4233 |
- -e 's:-march=[-a-z0-9]* ::g' \ |
4234 |
- -e 's:-mcpu=[-a-z0-9]* ::g' \ |
4235 |
- -e 's:-m[a-z0-9]* ::g' \ |
4236 |
- ) |
4237 |
- sed -i \ |
4238 |
- -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ |
4239 |
- -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ |
4240 |
- Makefile || die |
4241 |
-} |
4242 |
- |
4243 |
-src_compile() { |
4244 |
- # depend is needed to use $confopts; it also doesn't matter |
4245 |
- # that it's -j1 as the code itself serializes subdirs |
4246 |
- emake -j1 depend || die |
4247 |
- emake all || die |
4248 |
- # rehash is needed to prep the certs/ dir; do this |
4249 |
- # separately to avoid parallel build issues. |
4250 |
- emake rehash || die |
4251 |
-} |
4252 |
- |
4253 |
-src_test() { |
4254 |
- emake -j1 test || die |
4255 |
-} |
4256 |
- |
4257 |
-src_install() { |
4258 |
- emake INSTALL_PREFIX="${D}" install || die |
4259 |
- dobin "${WORKDIR}"/c_rehash || die #333117 |
4260 |
- dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el |
4261 |
- dohtml -r doc/* |
4262 |
- use rfc3779 && dodoc engines/ccgost/README.gost |
4263 |
- |
4264 |
- # This is crappy in that the static archives are still built even |
4265 |
- # when USE=static-libs. But this is due to a failing in the openssl |
4266 |
- # build system: the static archives are built as PIC all the time. |
4267 |
- # Only way around this would be to manually configure+compile openssl |
4268 |
- # twice; once with shared lib support enabled and once without. |
4269 |
- use static-libs || rm -f "${D}"/usr/lib*/lib*.a |
4270 |
- |
4271 |
- # create the certs directory |
4272 |
- dodir ${SSL_CNF_DIR}/certs |
4273 |
- cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die |
4274 |
- rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired} |
4275 |
- |
4276 |
- # Namespace openssl programs to prevent conflicts with other man pages |
4277 |
- cd "${D}"/usr/share/man |
4278 |
- local m d s |
4279 |
- for m in $(find . -type f | xargs grep -L '#include') ; do |
4280 |
- d=${m%/*} ; d=${d#./} ; m=${m##*/} |
4281 |
- [[ ${m} == openssl.1* ]] && continue |
4282 |
- [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" |
4283 |
- mv ${d}/{,ssl-}${m} |
4284 |
- # fix up references to renamed man pages |
4285 |
- sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} |
4286 |
- ln -s ssl-${m} ${d}/openssl-${m} |
4287 |
- # locate any symlinks that point to this man page ... we assume |
4288 |
- # that any broken links are due to the above renaming |
4289 |
- for s in $(find -L ${d} -type l) ; do |
4290 |
- s=${s##*/} |
4291 |
- rm -f ${d}/${s} |
4292 |
- ln -s ssl-${m} ${d}/ssl-${s} |
4293 |
- ln -s ssl-${s} ${d}/openssl-${s} |
4294 |
- done |
4295 |
- done |
4296 |
- [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" |
4297 |
- |
4298 |
- dodir /etc/sandbox.d #254521 |
4299 |
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl |
4300 |
- |
4301 |
- diropts -m0700 |
4302 |
- keepdir ${SSL_CNF_DIR}/private |
4303 |
-} |
4304 |
- |
4305 |
-pkg_preinst() { |
4306 |
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
4307 |
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
4308 |
-} |
4309 |
- |
4310 |
-pkg_postinst() { |
4311 |
- ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" |
4312 |
- c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null |
4313 |
- eend $? |
4314 |
- |
4315 |
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
4316 |
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
4317 |
-} |
4318 |
|
4319 |
diff --git a/dev-libs/openssl/openssl-1.0.1l-r1.ebuild b/dev-libs/openssl/openssl-1.0.1l-r1.ebuild |
4320 |
deleted file mode 100644 |
4321 |
index 8f063dc..0000000 |
4322 |
--- a/dev-libs/openssl/openssl-1.0.1l-r1.ebuild |
4323 |
+++ /dev/null |
4324 |
@@ -1,260 +0,0 @@ |
4325 |
-# Copyright 1999-2015 Gentoo Foundation |
4326 |
-# Distributed under the terms of the GNU General Public License v2 |
4327 |
-# $Id$ |
4328 |
- |
4329 |
-EAPI="4" |
4330 |
- |
4331 |
-inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal |
4332 |
- |
4333 |
-REV="1.7" |
4334 |
-DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" |
4335 |
-HOMEPAGE="http://www.openssl.org/" |
4336 |
-SRC_URI="mirror://openssl/source/${P}.tar.gz |
4337 |
- http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" |
4338 |
- |
4339 |
-LICENSE="openssl" |
4340 |
-SLOT="0" |
4341 |
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" |
4342 |
-IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" |
4343 |
-RESTRICT="!bindist? ( bindist )" |
4344 |
- |
4345 |
-# The blocks are temporary just to make sure people upgrade to a |
4346 |
-# version that lack runtime version checking. We'll drop them in |
4347 |
-# the future. |
4348 |
-RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) |
4349 |
- zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) |
4350 |
- kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) |
4351 |
- abi_x86_32? ( |
4352 |
- !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 |
4353 |
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] |
4354 |
- ) |
4355 |
- !<net-misc/openssh-5.9_p1-r4 |
4356 |
- !<net-libs/neon-0.29.6-r1" |
4357 |
-DEPEND="${RDEPEND} |
4358 |
- sys-apps/diffutils |
4359 |
- >=dev-lang/perl-5 |
4360 |
- test? ( sys-devel/bc )" |
4361 |
-PDEPEND="app-misc/ca-certificates" |
4362 |
- |
4363 |
-src_unpack() { |
4364 |
- unpack ${P}.tar.gz |
4365 |
- SSL_CNF_DIR="/etc/ssl" |
4366 |
- sed \ |
4367 |
- -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ |
4368 |
- -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ |
4369 |
- "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ |
4370 |
- > "${WORKDIR}"/c_rehash || die #416717 |
4371 |
-} |
4372 |
- |
4373 |
-MULTILIB_WRAPPED_HEADERS=( |
4374 |
- usr/include/openssl/opensslconf.h |
4375 |
-) |
4376 |
- |
4377 |
-src_prepare() { |
4378 |
- # Make sure we only ever touch Makefile.org and avoid patching a file |
4379 |
- # that gets blown away anyways by the Configure script in src_configure |
4380 |
- rm -f Makefile |
4381 |
- |
4382 |
- if ! use vanilla ; then |
4383 |
- epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 |
4384 |
- epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 |
4385 |
- epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch |
4386 |
- epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch |
4387 |
- epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch |
4388 |
- epatch "${FILESDIR}"/${PN}-1.0.1h-ipv6.patch |
4389 |
- epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 |
4390 |
- epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 |
4391 |
- epatch "${FILESDIR}"/${PN}-1.0.1l-CVE-2015-0286.patch #543552 |
4392 |
- epatch_user #332661 |
4393 |
- fi |
4394 |
- |
4395 |
- # disable fips in the build |
4396 |
- # make sure the man pages are suffixed #302165 |
4397 |
- # don't bother building man pages if they're disabled |
4398 |
- sed -i \ |
4399 |
- -e '/DIRS/s: fips : :g' \ |
4400 |
- -e '/^MANSUFFIX/s:=.*:=ssl:' \ |
4401 |
- -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ |
4402 |
- -e $(has noman FEATURES \ |
4403 |
- && echo '/^install:/s:install_docs::' \ |
4404 |
- || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ |
4405 |
- Makefile.org \ |
4406 |
- || die |
4407 |
- # show the actual commands in the log |
4408 |
- sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared |
4409 |
- |
4410 |
- # since we're forcing $(CC) as makedep anyway, just fix |
4411 |
- # the conditional as always-on |
4412 |
- # helps clang (#417795), and versioned gcc (#499818) |
4413 |
- sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die |
4414 |
- |
4415 |
- # quiet out unknown driver argument warnings since openssl |
4416 |
- # doesn't have well-split CFLAGS and we're making it even worse |
4417 |
- # and 'make depend' uses -Werror for added fun (#417795 again) |
4418 |
- [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments |
4419 |
- |
4420 |
- # allow openssl to be cross-compiled |
4421 |
- cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die |
4422 |
- chmod a+rx gentoo.config |
4423 |
- |
4424 |
- append-flags -fno-strict-aliasing |
4425 |
- append-flags $(test-flags-CC -Wa,--noexecstack) |
4426 |
- |
4427 |
- sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 |
4428 |
- # The config script does stupid stuff to prompt the user. Kill it. |
4429 |
- sed -i '/stty -icanon min 0 time 50; read waste/d' config || die |
4430 |
- ./config --test-sanity || die "I AM NOT SANE" |
4431 |
- |
4432 |
- multilib_copy_sources |
4433 |
-} |
4434 |
- |
4435 |
-multilib_src_configure() { |
4436 |
- unset APPS #197996 |
4437 |
- unset SCRIPTS #312551 |
4438 |
- unset CROSS_COMPILE #311473 |
4439 |
- |
4440 |
- tc-export CC AR RANLIB RC |
4441 |
- |
4442 |
- # Clean out patent-or-otherwise-encumbered code |
4443 |
- # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) |
4444 |
- # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm |
4445 |
- # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography |
4446 |
- # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 |
4447 |
- # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 |
4448 |
- |
4449 |
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } |
4450 |
- echoit() { echo "$@" ; "$@" ; } |
4451 |
- |
4452 |
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") |
4453 |
- |
4454 |
- # See if our toolchain supports __uint128_t. If so, it's 64bit |
4455 |
- # friendly and can use the nicely optimized code paths. #460790 |
4456 |
- local ec_nistp_64_gcc_128 |
4457 |
- # Disable it for now though #469976 |
4458 |
- #if ! use bindist ; then |
4459 |
- # echo "__uint128_t i;" > "${T}"/128.c |
4460 |
- # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then |
4461 |
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" |
4462 |
- # fi |
4463 |
- #fi |
4464 |
- |
4465 |
- local sslout=$(./gentoo.config) |
4466 |
- einfo "Use configuration ${sslout:-(openssl knows best)}" |
4467 |
- local config="Configure" |
4468 |
- [[ -z ${sslout} ]] && config="config" |
4469 |
- |
4470 |
- echoit \ |
4471 |
- ./${config} \ |
4472 |
- ${sslout} \ |
4473 |
- $(use cpu_flags_x86_sse2 || echo "no-sse2") \ |
4474 |
- enable-camellia \ |
4475 |
- $(use_ssl !bindist ec) \ |
4476 |
- ${ec_nistp_64_gcc_128} \ |
4477 |
- enable-idea \ |
4478 |
- enable-mdc2 \ |
4479 |
- $(use_ssl !bindist rc5) \ |
4480 |
- enable-tlsext \ |
4481 |
- $(use_ssl gmp gmp -lgmp) \ |
4482 |
- $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ |
4483 |
- $(use_ssl rfc3779) \ |
4484 |
- $(use_ssl tls-heartbeat heartbeats) \ |
4485 |
- $(use_ssl zlib) \ |
4486 |
- --prefix="${EPREFIX}"/usr \ |
4487 |
- --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ |
4488 |
- --libdir=$(get_libdir) \ |
4489 |
- shared threads \ |
4490 |
- || die |
4491 |
- |
4492 |
- # Clean out hardcoded flags that openssl uses |
4493 |
- local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ |
4494 |
- -e 's:^CFLAG=::' \ |
4495 |
- -e 's:-fomit-frame-pointer ::g' \ |
4496 |
- -e 's:-O[0-9] ::g' \ |
4497 |
- -e 's:-march=[-a-z0-9]* ::g' \ |
4498 |
- -e 's:-mcpu=[-a-z0-9]* ::g' \ |
4499 |
- -e 's:-m[a-z0-9]* ::g' \ |
4500 |
- ) |
4501 |
- sed -i \ |
4502 |
- -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ |
4503 |
- -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ |
4504 |
- Makefile || die |
4505 |
-} |
4506 |
- |
4507 |
-multilib_src_compile() { |
4508 |
- # depend is needed to use $confopts; it also doesn't matter |
4509 |
- # that it's -j1 as the code itself serializes subdirs |
4510 |
- emake -j1 depend |
4511 |
- emake all |
4512 |
- # rehash is needed to prep the certs/ dir; do this |
4513 |
- # separately to avoid parallel build issues. |
4514 |
- emake rehash |
4515 |
-} |
4516 |
- |
4517 |
-multilib_src_test() { |
4518 |
- emake -j1 test |
4519 |
-} |
4520 |
- |
4521 |
-multilib_src_install() { |
4522 |
- emake INSTALL_PREFIX="${D}" install |
4523 |
-} |
4524 |
- |
4525 |
-multilib_src_install_all() { |
4526 |
- dobin "${WORKDIR}"/c_rehash #333117 |
4527 |
- dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el |
4528 |
- dohtml -r doc/* |
4529 |
- use rfc3779 && dodoc engines/ccgost/README.gost |
4530 |
- |
4531 |
- # This is crappy in that the static archives are still built even |
4532 |
- # when USE=static-libs. But this is due to a failing in the openssl |
4533 |
- # build system: the static archives are built as PIC all the time. |
4534 |
- # Only way around this would be to manually configure+compile openssl |
4535 |
- # twice; once with shared lib support enabled and once without. |
4536 |
- use static-libs || rm -f "${ED}"/usr/lib*/lib*.a |
4537 |
- |
4538 |
- # create the certs directory |
4539 |
- dodir ${SSL_CNF_DIR}/certs |
4540 |
- cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die |
4541 |
- rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} |
4542 |
- |
4543 |
- # Namespace openssl programs to prevent conflicts with other man pages |
4544 |
- cd "${ED}"/usr/share/man |
4545 |
- local m d s |
4546 |
- for m in $(find . -type f | xargs grep -L '#include') ; do |
4547 |
- d=${m%/*} ; d=${d#./} ; m=${m##*/} |
4548 |
- [[ ${m} == openssl.1* ]] && continue |
4549 |
- [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" |
4550 |
- mv ${d}/{,ssl-}${m} |
4551 |
- # fix up references to renamed man pages |
4552 |
- sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} |
4553 |
- ln -s ssl-${m} ${d}/openssl-${m} |
4554 |
- # locate any symlinks that point to this man page ... we assume |
4555 |
- # that any broken links are due to the above renaming |
4556 |
- for s in $(find -L ${d} -type l) ; do |
4557 |
- s=${s##*/} |
4558 |
- rm -f ${d}/${s} |
4559 |
- ln -s ssl-${m} ${d}/ssl-${s} |
4560 |
- ln -s ssl-${s} ${d}/openssl-${s} |
4561 |
- done |
4562 |
- done |
4563 |
- [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" |
4564 |
- |
4565 |
- dodir /etc/sandbox.d #254521 |
4566 |
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl |
4567 |
- |
4568 |
- diropts -m0700 |
4569 |
- keepdir ${SSL_CNF_DIR}/private |
4570 |
-} |
4571 |
- |
4572 |
-pkg_preinst() { |
4573 |
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
4574 |
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
4575 |
-} |
4576 |
- |
4577 |
-pkg_postinst() { |
4578 |
- ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" |
4579 |
- c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null |
4580 |
- eend $? |
4581 |
- |
4582 |
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
4583 |
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
4584 |
-} |
4585 |
|
4586 |
diff --git a/dev-libs/openssl/openssl-1.0.1m.ebuild b/dev-libs/openssl/openssl-1.0.1m.ebuild |
4587 |
deleted file mode 100644 |
4588 |
index 7f30b56..0000000 |
4589 |
--- a/dev-libs/openssl/openssl-1.0.1m.ebuild |
4590 |
+++ /dev/null |
4591 |
@@ -1,259 +0,0 @@ |
4592 |
-# Copyright 1999-2015 Gentoo Foundation |
4593 |
-# Distributed under the terms of the GNU General Public License v2 |
4594 |
-# $Id$ |
4595 |
- |
4596 |
-EAPI="4" |
4597 |
- |
4598 |
-inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal |
4599 |
- |
4600 |
-REV="1.7" |
4601 |
-DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" |
4602 |
-HOMEPAGE="http://www.openssl.org/" |
4603 |
-SRC_URI="mirror://openssl/source/${P}.tar.gz |
4604 |
- http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" |
4605 |
- |
4606 |
-LICENSE="openssl" |
4607 |
-SLOT="0" |
4608 |
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh ~sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" |
4609 |
-IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" |
4610 |
-RESTRICT="!bindist? ( bindist )" |
4611 |
- |
4612 |
-# The blocks are temporary just to make sure people upgrade to a |
4613 |
-# version that lack runtime version checking. We'll drop them in |
4614 |
-# the future. |
4615 |
-RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) |
4616 |
- zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) |
4617 |
- kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) |
4618 |
- abi_x86_32? ( |
4619 |
- !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 |
4620 |
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] |
4621 |
- ) |
4622 |
- !<net-misc/openssh-5.9_p1-r4 |
4623 |
- !<net-libs/neon-0.29.6-r1" |
4624 |
-DEPEND="${RDEPEND} |
4625 |
- sys-apps/diffutils |
4626 |
- >=dev-lang/perl-5 |
4627 |
- test? ( sys-devel/bc )" |
4628 |
-PDEPEND="app-misc/ca-certificates" |
4629 |
- |
4630 |
-src_unpack() { |
4631 |
- unpack ${P}.tar.gz |
4632 |
- SSL_CNF_DIR="/etc/ssl" |
4633 |
- sed \ |
4634 |
- -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ |
4635 |
- -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ |
4636 |
- "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ |
4637 |
- > "${WORKDIR}"/c_rehash || die #416717 |
4638 |
-} |
4639 |
- |
4640 |
-MULTILIB_WRAPPED_HEADERS=( |
4641 |
- usr/include/openssl/opensslconf.h |
4642 |
-) |
4643 |
- |
4644 |
-src_prepare() { |
4645 |
- # Make sure we only ever touch Makefile.org and avoid patching a file |
4646 |
- # that gets blown away anyways by the Configure script in src_configure |
4647 |
- rm -f Makefile |
4648 |
- |
4649 |
- if ! use vanilla ; then |
4650 |
- epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 |
4651 |
- epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 |
4652 |
- epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch |
4653 |
- epatch "${FILESDIR}"/${PN}-1.0.1m-parallel-build.patch |
4654 |
- epatch "${FILESDIR}"/${PN}-1.0.1m-x32.patch |
4655 |
- epatch "${FILESDIR}"/${PN}-1.0.1m-ipv6.patch |
4656 |
- epatch "${FILESDIR}"/${PN}-1.0.1m-s_client-verify.patch #472584 |
4657 |
- epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 |
4658 |
- epatch_user #332661 |
4659 |
- fi |
4660 |
- |
4661 |
- # disable fips in the build |
4662 |
- # make sure the man pages are suffixed #302165 |
4663 |
- # don't bother building man pages if they're disabled |
4664 |
- sed -i \ |
4665 |
- -e '/DIRS/s: fips : :g' \ |
4666 |
- -e '/^MANSUFFIX/s:=.*:=ssl:' \ |
4667 |
- -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ |
4668 |
- -e $(has noman FEATURES \ |
4669 |
- && echo '/^install:/s:install_docs::' \ |
4670 |
- || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ |
4671 |
- Makefile.org \ |
4672 |
- || die |
4673 |
- # show the actual commands in the log |
4674 |
- sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared |
4675 |
- |
4676 |
- # since we're forcing $(CC) as makedep anyway, just fix |
4677 |
- # the conditional as always-on |
4678 |
- # helps clang (#417795), and versioned gcc (#499818) |
4679 |
- sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die |
4680 |
- |
4681 |
- # quiet out unknown driver argument warnings since openssl |
4682 |
- # doesn't have well-split CFLAGS and we're making it even worse |
4683 |
- # and 'make depend' uses -Werror for added fun (#417795 again) |
4684 |
- [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments |
4685 |
- |
4686 |
- # allow openssl to be cross-compiled |
4687 |
- cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die |
4688 |
- chmod a+rx gentoo.config |
4689 |
- |
4690 |
- append-flags -fno-strict-aliasing |
4691 |
- append-flags $(test-flags-CC -Wa,--noexecstack) |
4692 |
- |
4693 |
- sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 |
4694 |
- # The config script does stupid stuff to prompt the user. Kill it. |
4695 |
- sed -i '/stty -icanon min 0 time 50; read waste/d' config || die |
4696 |
- ./config --test-sanity || die "I AM NOT SANE" |
4697 |
- |
4698 |
- multilib_copy_sources |
4699 |
-} |
4700 |
- |
4701 |
-multilib_src_configure() { |
4702 |
- unset APPS #197996 |
4703 |
- unset SCRIPTS #312551 |
4704 |
- unset CROSS_COMPILE #311473 |
4705 |
- |
4706 |
- tc-export CC AR RANLIB RC |
4707 |
- |
4708 |
- # Clean out patent-or-otherwise-encumbered code |
4709 |
- # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) |
4710 |
- # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm |
4711 |
- # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography |
4712 |
- # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 |
4713 |
- # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 |
4714 |
- |
4715 |
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } |
4716 |
- echoit() { echo "$@" ; "$@" ; } |
4717 |
- |
4718 |
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") |
4719 |
- |
4720 |
- # See if our toolchain supports __uint128_t. If so, it's 64bit |
4721 |
- # friendly and can use the nicely optimized code paths. #460790 |
4722 |
- local ec_nistp_64_gcc_128 |
4723 |
- # Disable it for now though #469976 |
4724 |
- #if ! use bindist ; then |
4725 |
- # echo "__uint128_t i;" > "${T}"/128.c |
4726 |
- # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then |
4727 |
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" |
4728 |
- # fi |
4729 |
- #fi |
4730 |
- |
4731 |
- local sslout=$(./gentoo.config) |
4732 |
- einfo "Use configuration ${sslout:-(openssl knows best)}" |
4733 |
- local config="Configure" |
4734 |
- [[ -z ${sslout} ]] && config="config" |
4735 |
- |
4736 |
- echoit \ |
4737 |
- ./${config} \ |
4738 |
- ${sslout} \ |
4739 |
- $(use cpu_flags_x86_sse2 || echo "no-sse2") \ |
4740 |
- enable-camellia \ |
4741 |
- $(use_ssl !bindist ec) \ |
4742 |
- ${ec_nistp_64_gcc_128} \ |
4743 |
- enable-idea \ |
4744 |
- enable-mdc2 \ |
4745 |
- $(use_ssl !bindist rc5) \ |
4746 |
- enable-tlsext \ |
4747 |
- $(use_ssl gmp gmp -lgmp) \ |
4748 |
- $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ |
4749 |
- $(use_ssl rfc3779) \ |
4750 |
- $(use_ssl tls-heartbeat heartbeats) \ |
4751 |
- $(use_ssl zlib) \ |
4752 |
- --prefix="${EPREFIX}"/usr \ |
4753 |
- --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ |
4754 |
- --libdir=$(get_libdir) \ |
4755 |
- shared threads \ |
4756 |
- || die |
4757 |
- |
4758 |
- # Clean out hardcoded flags that openssl uses |
4759 |
- local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ |
4760 |
- -e 's:^CFLAG=::' \ |
4761 |
- -e 's:-fomit-frame-pointer ::g' \ |
4762 |
- -e 's:-O[0-9] ::g' \ |
4763 |
- -e 's:-march=[-a-z0-9]* ::g' \ |
4764 |
- -e 's:-mcpu=[-a-z0-9]* ::g' \ |
4765 |
- -e 's:-m[a-z0-9]* ::g' \ |
4766 |
- ) |
4767 |
- sed -i \ |
4768 |
- -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ |
4769 |
- -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ |
4770 |
- Makefile || die |
4771 |
-} |
4772 |
- |
4773 |
-multilib_src_compile() { |
4774 |
- # depend is needed to use $confopts; it also doesn't matter |
4775 |
- # that it's -j1 as the code itself serializes subdirs |
4776 |
- emake -j1 depend |
4777 |
- emake all |
4778 |
- # rehash is needed to prep the certs/ dir; do this |
4779 |
- # separately to avoid parallel build issues. |
4780 |
- emake rehash |
4781 |
-} |
4782 |
- |
4783 |
-multilib_src_test() { |
4784 |
- emake -j1 test |
4785 |
-} |
4786 |
- |
4787 |
-multilib_src_install() { |
4788 |
- emake INSTALL_PREFIX="${D}" install |
4789 |
-} |
4790 |
- |
4791 |
-multilib_src_install_all() { |
4792 |
- dobin "${WORKDIR}"/c_rehash #333117 |
4793 |
- dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el |
4794 |
- dohtml -r doc/* |
4795 |
- use rfc3779 && dodoc engines/ccgost/README.gost |
4796 |
- |
4797 |
- # This is crappy in that the static archives are still built even |
4798 |
- # when USE=static-libs. But this is due to a failing in the openssl |
4799 |
- # build system: the static archives are built as PIC all the time. |
4800 |
- # Only way around this would be to manually configure+compile openssl |
4801 |
- # twice; once with shared lib support enabled and once without. |
4802 |
- use static-libs || rm -f "${ED}"/usr/lib*/lib*.a |
4803 |
- |
4804 |
- # create the certs directory |
4805 |
- dodir ${SSL_CNF_DIR}/certs |
4806 |
- cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die |
4807 |
- rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} |
4808 |
- |
4809 |
- # Namespace openssl programs to prevent conflicts with other man pages |
4810 |
- cd "${ED}"/usr/share/man |
4811 |
- local m d s |
4812 |
- for m in $(find . -type f | xargs grep -L '#include') ; do |
4813 |
- d=${m%/*} ; d=${d#./} ; m=${m##*/} |
4814 |
- [[ ${m} == openssl.1* ]] && continue |
4815 |
- [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" |
4816 |
- mv ${d}/{,ssl-}${m} |
4817 |
- # fix up references to renamed man pages |
4818 |
- sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} |
4819 |
- ln -s ssl-${m} ${d}/openssl-${m} |
4820 |
- # locate any symlinks that point to this man page ... we assume |
4821 |
- # that any broken links are due to the above renaming |
4822 |
- for s in $(find -L ${d} -type l) ; do |
4823 |
- s=${s##*/} |
4824 |
- rm -f ${d}/${s} |
4825 |
- ln -s ssl-${m} ${d}/ssl-${s} |
4826 |
- ln -s ssl-${s} ${d}/openssl-${s} |
4827 |
- done |
4828 |
- done |
4829 |
- [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" |
4830 |
- |
4831 |
- dodir /etc/sandbox.d #254521 |
4832 |
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl |
4833 |
- |
4834 |
- diropts -m0700 |
4835 |
- keepdir ${SSL_CNF_DIR}/private |
4836 |
-} |
4837 |
- |
4838 |
-pkg_preinst() { |
4839 |
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
4840 |
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
4841 |
-} |
4842 |
- |
4843 |
-pkg_postinst() { |
4844 |
- ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" |
4845 |
- c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null |
4846 |
- eend $? |
4847 |
- |
4848 |
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
4849 |
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
4850 |
-} |
4851 |
|
4852 |
diff --git a/dev-libs/openssl/openssl-1.0.1n.ebuild b/dev-libs/openssl/openssl-1.0.1n.ebuild |
4853 |
deleted file mode 100644 |
4854 |
index 0b33ee9..0000000 |
4855 |
--- a/dev-libs/openssl/openssl-1.0.1n.ebuild |
4856 |
+++ /dev/null |
4857 |
@@ -1,258 +0,0 @@ |
4858 |
-# Copyright 1999-2015 Gentoo Foundation |
4859 |
-# Distributed under the terms of the GNU General Public License v2 |
4860 |
-# $Id$ |
4861 |
- |
4862 |
-EAPI="4" |
4863 |
- |
4864 |
-inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal |
4865 |
- |
4866 |
-REV="1.7" |
4867 |
-DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" |
4868 |
-HOMEPAGE="http://www.openssl.org/" |
4869 |
-SRC_URI="mirror://openssl/source/${P}.tar.gz |
4870 |
- http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" |
4871 |
- |
4872 |
-LICENSE="openssl" |
4873 |
-SLOT="0" |
4874 |
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" |
4875 |
-IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" |
4876 |
-RESTRICT="!bindist? ( bindist )" |
4877 |
- |
4878 |
-# The blocks are temporary just to make sure people upgrade to a |
4879 |
-# version that lack runtime version checking. We'll drop them in |
4880 |
-# the future. |
4881 |
-RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) |
4882 |
- zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) |
4883 |
- kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) |
4884 |
- abi_x86_32? ( |
4885 |
- !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 |
4886 |
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] |
4887 |
- ) |
4888 |
- !<net-misc/openssh-5.9_p1-r4 |
4889 |
- !<net-libs/neon-0.29.6-r1" |
4890 |
-DEPEND="${RDEPEND} |
4891 |
- sys-apps/diffutils |
4892 |
- >=dev-lang/perl-5 |
4893 |
- test? ( sys-devel/bc )" |
4894 |
-PDEPEND="app-misc/ca-certificates" |
4895 |
- |
4896 |
-src_unpack() { |
4897 |
- unpack ${P}.tar.gz |
4898 |
- SSL_CNF_DIR="/etc/ssl" |
4899 |
- sed \ |
4900 |
- -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ |
4901 |
- -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ |
4902 |
- "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ |
4903 |
- > "${WORKDIR}"/c_rehash || die #416717 |
4904 |
-} |
4905 |
- |
4906 |
-MULTILIB_WRAPPED_HEADERS=( |
4907 |
- usr/include/openssl/opensslconf.h |
4908 |
-) |
4909 |
- |
4910 |
-src_prepare() { |
4911 |
- # Make sure we only ever touch Makefile.org and avoid patching a file |
4912 |
- # that gets blown away anyways by the Configure script in src_configure |
4913 |
- rm -f Makefile |
4914 |
- |
4915 |
- if ! use vanilla ; then |
4916 |
- epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 |
4917 |
- epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 |
4918 |
- epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch |
4919 |
- epatch "${FILESDIR}"/${PN}-1.0.1m-parallel-build.patch |
4920 |
- epatch "${FILESDIR}"/${PN}-1.0.1m-x32.patch |
4921 |
- epatch "${FILESDIR}"/${PN}-1.0.1m-ipv6.patch |
4922 |
- epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 |
4923 |
- epatch_user #332661 |
4924 |
- fi |
4925 |
- |
4926 |
- # disable fips in the build |
4927 |
- # make sure the man pages are suffixed #302165 |
4928 |
- # don't bother building man pages if they're disabled |
4929 |
- sed -i \ |
4930 |
- -e '/DIRS/s: fips : :g' \ |
4931 |
- -e '/^MANSUFFIX/s:=.*:=ssl:' \ |
4932 |
- -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ |
4933 |
- -e $(has noman FEATURES \ |
4934 |
- && echo '/^install:/s:install_docs::' \ |
4935 |
- || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ |
4936 |
- Makefile.org \ |
4937 |
- || die |
4938 |
- # show the actual commands in the log |
4939 |
- sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared |
4940 |
- |
4941 |
- # since we're forcing $(CC) as makedep anyway, just fix |
4942 |
- # the conditional as always-on |
4943 |
- # helps clang (#417795), and versioned gcc (#499818) |
4944 |
- sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die |
4945 |
- |
4946 |
- # quiet out unknown driver argument warnings since openssl |
4947 |
- # doesn't have well-split CFLAGS and we're making it even worse |
4948 |
- # and 'make depend' uses -Werror for added fun (#417795 again) |
4949 |
- [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments |
4950 |
- |
4951 |
- # allow openssl to be cross-compiled |
4952 |
- cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die |
4953 |
- chmod a+rx gentoo.config |
4954 |
- |
4955 |
- append-flags -fno-strict-aliasing |
4956 |
- append-flags $(test-flags-CC -Wa,--noexecstack) |
4957 |
- |
4958 |
- sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 |
4959 |
- # The config script does stupid stuff to prompt the user. Kill it. |
4960 |
- sed -i '/stty -icanon min 0 time 50; read waste/d' config || die |
4961 |
- ./config --test-sanity || die "I AM NOT SANE" |
4962 |
- |
4963 |
- multilib_copy_sources |
4964 |
-} |
4965 |
- |
4966 |
-multilib_src_configure() { |
4967 |
- unset APPS #197996 |
4968 |
- unset SCRIPTS #312551 |
4969 |
- unset CROSS_COMPILE #311473 |
4970 |
- |
4971 |
- tc-export CC AR RANLIB RC |
4972 |
- |
4973 |
- # Clean out patent-or-otherwise-encumbered code |
4974 |
- # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) |
4975 |
- # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm |
4976 |
- # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography |
4977 |
- # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 |
4978 |
- # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 |
4979 |
- |
4980 |
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } |
4981 |
- echoit() { echo "$@" ; "$@" ; } |
4982 |
- |
4983 |
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") |
4984 |
- |
4985 |
- # See if our toolchain supports __uint128_t. If so, it's 64bit |
4986 |
- # friendly and can use the nicely optimized code paths. #460790 |
4987 |
- local ec_nistp_64_gcc_128 |
4988 |
- # Disable it for now though #469976 |
4989 |
- #if ! use bindist ; then |
4990 |
- # echo "__uint128_t i;" > "${T}"/128.c |
4991 |
- # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then |
4992 |
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" |
4993 |
- # fi |
4994 |
- #fi |
4995 |
- |
4996 |
- local sslout=$(./gentoo.config) |
4997 |
- einfo "Use configuration ${sslout:-(openssl knows best)}" |
4998 |
- local config="Configure" |
4999 |
- [[ -z ${sslout} ]] && config="config" |
5000 |
- |
5001 |
- echoit \ |
5002 |
- ./${config} \ |
5003 |
- ${sslout} \ |
5004 |
- $(use cpu_flags_x86_sse2 || echo "no-sse2") \ |
5005 |
- enable-camellia \ |
5006 |
- $(use_ssl !bindist ec) \ |
5007 |
- ${ec_nistp_64_gcc_128} \ |
5008 |
- enable-idea \ |
5009 |
- enable-mdc2 \ |
5010 |
- $(use_ssl !bindist rc5) \ |
5011 |
- enable-tlsext \ |
5012 |
- $(use_ssl gmp gmp -lgmp) \ |
5013 |
- $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ |
5014 |
- $(use_ssl rfc3779) \ |
5015 |
- $(use_ssl tls-heartbeat heartbeats) \ |
5016 |
- $(use_ssl zlib) \ |
5017 |
- --prefix="${EPREFIX}"/usr \ |
5018 |
- --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ |
5019 |
- --libdir=$(get_libdir) \ |
5020 |
- shared threads \ |
5021 |
- || die |
5022 |
- |
5023 |
- # Clean out hardcoded flags that openssl uses |
5024 |
- local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ |
5025 |
- -e 's:^CFLAG=::' \ |
5026 |
- -e 's:-fomit-frame-pointer ::g' \ |
5027 |
- -e 's:-O[0-9] ::g' \ |
5028 |
- -e 's:-march=[-a-z0-9]* ::g' \ |
5029 |
- -e 's:-mcpu=[-a-z0-9]* ::g' \ |
5030 |
- -e 's:-m[a-z0-9]* ::g' \ |
5031 |
- ) |
5032 |
- sed -i \ |
5033 |
- -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ |
5034 |
- -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ |
5035 |
- Makefile || die |
5036 |
-} |
5037 |
- |
5038 |
-multilib_src_compile() { |
5039 |
- # depend is needed to use $confopts; it also doesn't matter |
5040 |
- # that it's -j1 as the code itself serializes subdirs |
5041 |
- emake -j1 depend |
5042 |
- emake all |
5043 |
- # rehash is needed to prep the certs/ dir; do this |
5044 |
- # separately to avoid parallel build issues. |
5045 |
- emake rehash |
5046 |
-} |
5047 |
- |
5048 |
-multilib_src_test() { |
5049 |
- emake -j1 test |
5050 |
-} |
5051 |
- |
5052 |
-multilib_src_install() { |
5053 |
- emake INSTALL_PREFIX="${D}" install |
5054 |
-} |
5055 |
- |
5056 |
-multilib_src_install_all() { |
5057 |
- dobin "${WORKDIR}"/c_rehash #333117 |
5058 |
- dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el |
5059 |
- dohtml -r doc/* |
5060 |
- use rfc3779 && dodoc engines/ccgost/README.gost |
5061 |
- |
5062 |
- # This is crappy in that the static archives are still built even |
5063 |
- # when USE=static-libs. But this is due to a failing in the openssl |
5064 |
- # build system: the static archives are built as PIC all the time. |
5065 |
- # Only way around this would be to manually configure+compile openssl |
5066 |
- # twice; once with shared lib support enabled and once without. |
5067 |
- use static-libs || rm -f "${ED}"/usr/lib*/lib*.a |
5068 |
- |
5069 |
- # create the certs directory |
5070 |
- dodir ${SSL_CNF_DIR}/certs |
5071 |
- cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die |
5072 |
- rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} |
5073 |
- |
5074 |
- # Namespace openssl programs to prevent conflicts with other man pages |
5075 |
- cd "${ED}"/usr/share/man |
5076 |
- local m d s |
5077 |
- for m in $(find . -type f | xargs grep -L '#include') ; do |
5078 |
- d=${m%/*} ; d=${d#./} ; m=${m##*/} |
5079 |
- [[ ${m} == openssl.1* ]] && continue |
5080 |
- [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" |
5081 |
- mv ${d}/{,ssl-}${m} |
5082 |
- # fix up references to renamed man pages |
5083 |
- sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} |
5084 |
- ln -s ssl-${m} ${d}/openssl-${m} |
5085 |
- # locate any symlinks that point to this man page ... we assume |
5086 |
- # that any broken links are due to the above renaming |
5087 |
- for s in $(find -L ${d} -type l) ; do |
5088 |
- s=${s##*/} |
5089 |
- rm -f ${d}/${s} |
5090 |
- ln -s ssl-${m} ${d}/ssl-${s} |
5091 |
- ln -s ssl-${s} ${d}/openssl-${s} |
5092 |
- done |
5093 |
- done |
5094 |
- [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" |
5095 |
- |
5096 |
- dodir /etc/sandbox.d #254521 |
5097 |
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl |
5098 |
- |
5099 |
- diropts -m0700 |
5100 |
- keepdir ${SSL_CNF_DIR}/private |
5101 |
-} |
5102 |
- |
5103 |
-pkg_preinst() { |
5104 |
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
5105 |
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
5106 |
-} |
5107 |
- |
5108 |
-pkg_postinst() { |
5109 |
- ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" |
5110 |
- c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null |
5111 |
- eend $? |
5112 |
- |
5113 |
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
5114 |
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
5115 |
-} |
5116 |
|
5117 |
diff --git a/dev-libs/openssl/openssl-1.0.1o.ebuild b/dev-libs/openssl/openssl-1.0.1o.ebuild |
5118 |
deleted file mode 100644 |
5119 |
index f6c6c16..0000000 |
5120 |
--- a/dev-libs/openssl/openssl-1.0.1o.ebuild |
5121 |
+++ /dev/null |
5122 |
@@ -1,258 +0,0 @@ |
5123 |
-# Copyright 1999-2015 Gentoo Foundation |
5124 |
-# Distributed under the terms of the GNU General Public License v2 |
5125 |
-# $Id$ |
5126 |
- |
5127 |
-EAPI="4" |
5128 |
- |
5129 |
-inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal |
5130 |
- |
5131 |
-REV="1.7" |
5132 |
-DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" |
5133 |
-HOMEPAGE="http://www.openssl.org/" |
5134 |
-SRC_URI="mirror://openssl/source/${P}.tar.gz |
5135 |
- http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" |
5136 |
- |
5137 |
-LICENSE="openssl" |
5138 |
-SLOT="0" |
5139 |
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" |
5140 |
-IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" |
5141 |
-RESTRICT="!bindist? ( bindist )" |
5142 |
- |
5143 |
-# The blocks are temporary just to make sure people upgrade to a |
5144 |
-# version that lack runtime version checking. We'll drop them in |
5145 |
-# the future. |
5146 |
-RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) |
5147 |
- zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) |
5148 |
- kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) |
5149 |
- abi_x86_32? ( |
5150 |
- !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 |
5151 |
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] |
5152 |
- ) |
5153 |
- !<net-misc/openssh-5.9_p1-r4 |
5154 |
- !<net-libs/neon-0.29.6-r1" |
5155 |
-DEPEND="${RDEPEND} |
5156 |
- sys-apps/diffutils |
5157 |
- >=dev-lang/perl-5 |
5158 |
- test? ( sys-devel/bc )" |
5159 |
-PDEPEND="app-misc/ca-certificates" |
5160 |
- |
5161 |
-src_unpack() { |
5162 |
- unpack ${P}.tar.gz |
5163 |
- SSL_CNF_DIR="/etc/ssl" |
5164 |
- sed \ |
5165 |
- -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ |
5166 |
- -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ |
5167 |
- "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ |
5168 |
- > "${WORKDIR}"/c_rehash || die #416717 |
5169 |
-} |
5170 |
- |
5171 |
-MULTILIB_WRAPPED_HEADERS=( |
5172 |
- usr/include/openssl/opensslconf.h |
5173 |
-) |
5174 |
- |
5175 |
-src_prepare() { |
5176 |
- # Make sure we only ever touch Makefile.org and avoid patching a file |
5177 |
- # that gets blown away anyways by the Configure script in src_configure |
5178 |
- rm -f Makefile |
5179 |
- |
5180 |
- if ! use vanilla ; then |
5181 |
- epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 |
5182 |
- epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 |
5183 |
- epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch |
5184 |
- epatch "${FILESDIR}"/${PN}-1.0.1m-parallel-build.patch |
5185 |
- epatch "${FILESDIR}"/${PN}-1.0.1m-x32.patch |
5186 |
- epatch "${FILESDIR}"/${PN}-1.0.1m-ipv6.patch |
5187 |
- epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 |
5188 |
- epatch_user #332661 |
5189 |
- fi |
5190 |
- |
5191 |
- # disable fips in the build |
5192 |
- # make sure the man pages are suffixed #302165 |
5193 |
- # don't bother building man pages if they're disabled |
5194 |
- sed -i \ |
5195 |
- -e '/DIRS/s: fips : :g' \ |
5196 |
- -e '/^MANSUFFIX/s:=.*:=ssl:' \ |
5197 |
- -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ |
5198 |
- -e $(has noman FEATURES \ |
5199 |
- && echo '/^install:/s:install_docs::' \ |
5200 |
- || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ |
5201 |
- Makefile.org \ |
5202 |
- || die |
5203 |
- # show the actual commands in the log |
5204 |
- sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared |
5205 |
- |
5206 |
- # since we're forcing $(CC) as makedep anyway, just fix |
5207 |
- # the conditional as always-on |
5208 |
- # helps clang (#417795), and versioned gcc (#499818) |
5209 |
- sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die |
5210 |
- |
5211 |
- # quiet out unknown driver argument warnings since openssl |
5212 |
- # doesn't have well-split CFLAGS and we're making it even worse |
5213 |
- # and 'make depend' uses -Werror for added fun (#417795 again) |
5214 |
- [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments |
5215 |
- |
5216 |
- # allow openssl to be cross-compiled |
5217 |
- cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die |
5218 |
- chmod a+rx gentoo.config |
5219 |
- |
5220 |
- append-flags -fno-strict-aliasing |
5221 |
- append-flags $(test-flags-CC -Wa,--noexecstack) |
5222 |
- |
5223 |
- sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 |
5224 |
- # The config script does stupid stuff to prompt the user. Kill it. |
5225 |
- sed -i '/stty -icanon min 0 time 50; read waste/d' config || die |
5226 |
- ./config --test-sanity || die "I AM NOT SANE" |
5227 |
- |
5228 |
- multilib_copy_sources |
5229 |
-} |
5230 |
- |
5231 |
-multilib_src_configure() { |
5232 |
- unset APPS #197996 |
5233 |
- unset SCRIPTS #312551 |
5234 |
- unset CROSS_COMPILE #311473 |
5235 |
- |
5236 |
- tc-export CC AR RANLIB RC |
5237 |
- |
5238 |
- # Clean out patent-or-otherwise-encumbered code |
5239 |
- # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) |
5240 |
- # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm |
5241 |
- # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography |
5242 |
- # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 |
5243 |
- # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 |
5244 |
- |
5245 |
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } |
5246 |
- echoit() { echo "$@" ; "$@" ; } |
5247 |
- |
5248 |
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") |
5249 |
- |
5250 |
- # See if our toolchain supports __uint128_t. If so, it's 64bit |
5251 |
- # friendly and can use the nicely optimized code paths. #460790 |
5252 |
- local ec_nistp_64_gcc_128 |
5253 |
- # Disable it for now though #469976 |
5254 |
- #if ! use bindist ; then |
5255 |
- # echo "__uint128_t i;" > "${T}"/128.c |
5256 |
- # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then |
5257 |
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" |
5258 |
- # fi |
5259 |
- #fi |
5260 |
- |
5261 |
- local sslout=$(./gentoo.config) |
5262 |
- einfo "Use configuration ${sslout:-(openssl knows best)}" |
5263 |
- local config="Configure" |
5264 |
- [[ -z ${sslout} ]] && config="config" |
5265 |
- |
5266 |
- echoit \ |
5267 |
- ./${config} \ |
5268 |
- ${sslout} \ |
5269 |
- $(use cpu_flags_x86_sse2 || echo "no-sse2") \ |
5270 |
- enable-camellia \ |
5271 |
- $(use_ssl !bindist ec) \ |
5272 |
- ${ec_nistp_64_gcc_128} \ |
5273 |
- enable-idea \ |
5274 |
- enable-mdc2 \ |
5275 |
- $(use_ssl !bindist rc5) \ |
5276 |
- enable-tlsext \ |
5277 |
- $(use_ssl gmp gmp -lgmp) \ |
5278 |
- $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ |
5279 |
- $(use_ssl rfc3779) \ |
5280 |
- $(use_ssl tls-heartbeat heartbeats) \ |
5281 |
- $(use_ssl zlib) \ |
5282 |
- --prefix="${EPREFIX}"/usr \ |
5283 |
- --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ |
5284 |
- --libdir=$(get_libdir) \ |
5285 |
- shared threads \ |
5286 |
- || die |
5287 |
- |
5288 |
- # Clean out hardcoded flags that openssl uses |
5289 |
- local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ |
5290 |
- -e 's:^CFLAG=::' \ |
5291 |
- -e 's:-fomit-frame-pointer ::g' \ |
5292 |
- -e 's:-O[0-9] ::g' \ |
5293 |
- -e 's:-march=[-a-z0-9]* ::g' \ |
5294 |
- -e 's:-mcpu=[-a-z0-9]* ::g' \ |
5295 |
- -e 's:-m[a-z0-9]* ::g' \ |
5296 |
- ) |
5297 |
- sed -i \ |
5298 |
- -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ |
5299 |
- -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ |
5300 |
- Makefile || die |
5301 |
-} |
5302 |
- |
5303 |
-multilib_src_compile() { |
5304 |
- # depend is needed to use $confopts; it also doesn't matter |
5305 |
- # that it's -j1 as the code itself serializes subdirs |
5306 |
- emake -j1 depend |
5307 |
- emake all |
5308 |
- # rehash is needed to prep the certs/ dir; do this |
5309 |
- # separately to avoid parallel build issues. |
5310 |
- emake rehash |
5311 |
-} |
5312 |
- |
5313 |
-multilib_src_test() { |
5314 |
- emake -j1 test |
5315 |
-} |
5316 |
- |
5317 |
-multilib_src_install() { |
5318 |
- emake INSTALL_PREFIX="${D}" install |
5319 |
-} |
5320 |
- |
5321 |
-multilib_src_install_all() { |
5322 |
- dobin "${WORKDIR}"/c_rehash #333117 |
5323 |
- dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el |
5324 |
- dohtml -r doc/* |
5325 |
- use rfc3779 && dodoc engines/ccgost/README.gost |
5326 |
- |
5327 |
- # This is crappy in that the static archives are still built even |
5328 |
- # when USE=static-libs. But this is due to a failing in the openssl |
5329 |
- # build system: the static archives are built as PIC all the time. |
5330 |
- # Only way around this would be to manually configure+compile openssl |
5331 |
- # twice; once with shared lib support enabled and once without. |
5332 |
- use static-libs || rm -f "${ED}"/usr/lib*/lib*.a |
5333 |
- |
5334 |
- # create the certs directory |
5335 |
- dodir ${SSL_CNF_DIR}/certs |
5336 |
- cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die |
5337 |
- rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} |
5338 |
- |
5339 |
- # Namespace openssl programs to prevent conflicts with other man pages |
5340 |
- cd "${ED}"/usr/share/man |
5341 |
- local m d s |
5342 |
- for m in $(find . -type f | xargs grep -L '#include') ; do |
5343 |
- d=${m%/*} ; d=${d#./} ; m=${m##*/} |
5344 |
- [[ ${m} == openssl.1* ]] && continue |
5345 |
- [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" |
5346 |
- mv ${d}/{,ssl-}${m} |
5347 |
- # fix up references to renamed man pages |
5348 |
- sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} |
5349 |
- ln -s ssl-${m} ${d}/openssl-${m} |
5350 |
- # locate any symlinks that point to this man page ... we assume |
5351 |
- # that any broken links are due to the above renaming |
5352 |
- for s in $(find -L ${d} -type l) ; do |
5353 |
- s=${s##*/} |
5354 |
- rm -f ${d}/${s} |
5355 |
- ln -s ssl-${m} ${d}/ssl-${s} |
5356 |
- ln -s ssl-${s} ${d}/openssl-${s} |
5357 |
- done |
5358 |
- done |
5359 |
- [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" |
5360 |
- |
5361 |
- dodir /etc/sandbox.d #254521 |
5362 |
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl |
5363 |
- |
5364 |
- diropts -m0700 |
5365 |
- keepdir ${SSL_CNF_DIR}/private |
5366 |
-} |
5367 |
- |
5368 |
-pkg_preinst() { |
5369 |
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
5370 |
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
5371 |
-} |
5372 |
- |
5373 |
-pkg_postinst() { |
5374 |
- ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" |
5375 |
- c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null |
5376 |
- eend $? |
5377 |
- |
5378 |
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
5379 |
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
5380 |
-} |
5381 |
|
5382 |
diff --git a/dev-libs/openssl/openssl-1.0.2-r3.ebuild b/dev-libs/openssl/openssl-1.0.2-r3.ebuild |
5383 |
deleted file mode 100644 |
5384 |
index 231155d..0000000 |
5385 |
--- a/dev-libs/openssl/openssl-1.0.2-r3.ebuild |
5386 |
+++ /dev/null |
5387 |
@@ -1,263 +0,0 @@ |
5388 |
-# Copyright 1999-2015 Gentoo Foundation |
5389 |
-# Distributed under the terms of the GNU General Public License v2 |
5390 |
-# $Id$ |
5391 |
- |
5392 |
-EAPI="4" |
5393 |
- |
5394 |
-inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal |
5395 |
- |
5396 |
-REV="1.7" |
5397 |
-MY_P=${P/_/-} |
5398 |
-DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" |
5399 |
-HOMEPAGE="http://www.openssl.org/" |
5400 |
-SRC_URI="mirror://openssl/source/${MY_P}.tar.gz |
5401 |
- http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" |
5402 |
- |
5403 |
-LICENSE="openssl" |
5404 |
-SLOT="0" |
5405 |
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" |
5406 |
-IUSE="bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" |
5407 |
-RESTRICT="!bindist? ( bindist )" |
5408 |
- |
5409 |
-# The blocks are temporary just to make sure people upgrade to a |
5410 |
-# version that lack runtime version checking. We'll drop them in |
5411 |
-# the future. |
5412 |
-RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) |
5413 |
- zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) |
5414 |
- kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) |
5415 |
- abi_x86_32? ( |
5416 |
- !<=app-emulation/emul-linux-x86-baselibs-20140508 |
5417 |
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] |
5418 |
- ) |
5419 |
- !<net-misc/openssh-5.9_p1-r4 |
5420 |
- !<net-libs/neon-0.29.6-r1" |
5421 |
-DEPEND="${RDEPEND} |
5422 |
- sys-apps/diffutils |
5423 |
- >=dev-lang/perl-5 |
5424 |
- sctp? ( >=net-misc/lksctp-tools-1.0.12 ) |
5425 |
- test? ( sys-devel/bc )" |
5426 |
-PDEPEND="app-misc/ca-certificates" |
5427 |
- |
5428 |
-S="${WORKDIR}/${MY_P}" |
5429 |
- |
5430 |
-MULTILIB_WRAPPED_HEADERS=( |
5431 |
- usr/include/openssl/opensslconf.h |
5432 |
-) |
5433 |
- |
5434 |
-src_prepare() { |
5435 |
- SSL_CNF_DIR="/etc/ssl" |
5436 |
- sed \ |
5437 |
- -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ |
5438 |
- -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ |
5439 |
- "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ |
5440 |
- > "${WORKDIR}"/c_rehash || die #416717 |
5441 |
- |
5442 |
- # Make sure we only ever touch Makefile.org and avoid patching a file |
5443 |
- # that gets blown away anyways by the Configure script in src_configure |
5444 |
- rm -f Makefile |
5445 |
- |
5446 |
- epatch "${FILESDIR}"/${P}-CVE-2015-0209.patch #541502 |
5447 |
- epatch "${FILESDIR}"/${P}-CVE-2015-0288.patch #542038 |
5448 |
- if ! use vanilla ; then |
5449 |
- epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 |
5450 |
- epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 |
5451 |
- epatch "${FILESDIR}"/${PN}-1.0.2-parallel-build.patch |
5452 |
- epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch |
5453 |
- epatch "${FILESDIR}"/${PN}-1.0.2-s_client-verify.patch #472584 |
5454 |
- epatch "${FILESDIR}"/${PN}-1.0.2-CVE-2015-0291.patch |
5455 |
- |
5456 |
- epatch_user #332661 |
5457 |
- fi |
5458 |
- |
5459 |
- # disable fips in the build |
5460 |
- # make sure the man pages are suffixed #302165 |
5461 |
- # don't bother building man pages if they're disabled |
5462 |
- sed -i \ |
5463 |
- -e '/DIRS/s: fips : :g' \ |
5464 |
- -e '/^MANSUFFIX/s:=.*:=ssl:' \ |
5465 |
- -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ |
5466 |
- -e $(has noman FEATURES \ |
5467 |
- && echo '/^install:/s:install_docs::' \ |
5468 |
- || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ |
5469 |
- Makefile.org \ |
5470 |
- || die |
5471 |
- # show the actual commands in the log |
5472 |
- sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared |
5473 |
- |
5474 |
- # since we're forcing $(CC) as makedep anyway, just fix |
5475 |
- # the conditional as always-on |
5476 |
- # helps clang (#417795), and versioned gcc (#499818) |
5477 |
- sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die |
5478 |
- |
5479 |
- # quiet out unknown driver argument warnings since openssl |
5480 |
- # doesn't have well-split CFLAGS and we're making it even worse |
5481 |
- # and 'make depend' uses -Werror for added fun (#417795 again) |
5482 |
- [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments |
5483 |
- |
5484 |
- # allow openssl to be cross-compiled |
5485 |
- cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die |
5486 |
- chmod a+rx gentoo.config |
5487 |
- |
5488 |
- append-flags -fno-strict-aliasing |
5489 |
- append-flags $(test-flags-CC -Wa,--noexecstack) |
5490 |
- append-cppflags -DOPENSSL_NO_BUF_FREELISTS |
5491 |
- |
5492 |
- sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 |
5493 |
- # The config script does stupid stuff to prompt the user. Kill it. |
5494 |
- sed -i '/stty -icanon min 0 time 50; read waste/d' config || die |
5495 |
- ./config --test-sanity || die "I AM NOT SANE" |
5496 |
- |
5497 |
- multilib_copy_sources |
5498 |
-} |
5499 |
- |
5500 |
-multilib_src_configure() { |
5501 |
- unset APPS #197996 |
5502 |
- unset SCRIPTS #312551 |
5503 |
- unset CROSS_COMPILE #311473 |
5504 |
- |
5505 |
- tc-export CC AR RANLIB RC |
5506 |
- |
5507 |
- # Clean out patent-or-otherwise-encumbered code |
5508 |
- # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) |
5509 |
- # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm |
5510 |
- # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography |
5511 |
- # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 |
5512 |
- # RC5: Expired http://en.wikipedia.org/wiki/RC5 |
5513 |
- |
5514 |
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } |
5515 |
- echoit() { echo "$@" ; "$@" ; } |
5516 |
- |
5517 |
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") |
5518 |
- |
5519 |
- # See if our toolchain supports __uint128_t. If so, it's 64bit |
5520 |
- # friendly and can use the nicely optimized code paths. #460790 |
5521 |
- local ec_nistp_64_gcc_128 |
5522 |
- # Disable it for now though #469976 |
5523 |
- #if ! use bindist ; then |
5524 |
- # echo "__uint128_t i;" > "${T}"/128.c |
5525 |
- # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then |
5526 |
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" |
5527 |
- # fi |
5528 |
- #fi |
5529 |
- |
5530 |
- local sslout=$(./gentoo.config) |
5531 |
- einfo "Use configuration ${sslout:-(openssl knows best)}" |
5532 |
- local config="Configure" |
5533 |
- [[ -z ${sslout} ]] && config="config" |
5534 |
- |
5535 |
- echoit \ |
5536 |
- ./${config} \ |
5537 |
- ${sslout} \ |
5538 |
- $(use sctp && echo "sctp") \ |
5539 |
- $(use cpu_flags_x86_sse2 || echo "no-sse2") \ |
5540 |
- enable-camellia \ |
5541 |
- $(use_ssl !bindist ec) \ |
5542 |
- ${ec_nistp_64_gcc_128} \ |
5543 |
- enable-idea \ |
5544 |
- enable-mdc2 \ |
5545 |
- enable-rc5 \ |
5546 |
- enable-tlsext \ |
5547 |
- $(use_ssl gmp gmp -lgmp) \ |
5548 |
- $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ |
5549 |
- $(use_ssl rfc3779) \ |
5550 |
- $(use_ssl tls-heartbeat heartbeats) \ |
5551 |
- $(use_ssl zlib) \ |
5552 |
- --prefix="${EPREFIX}"/usr \ |
5553 |
- --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ |
5554 |
- --libdir=$(get_libdir) \ |
5555 |
- shared threads \ |
5556 |
- || die |
5557 |
- |
5558 |
- # Clean out hardcoded flags that openssl uses |
5559 |
- local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ |
5560 |
- -e 's:^CFLAG=::' \ |
5561 |
- -e 's:-fomit-frame-pointer ::g' \ |
5562 |
- -e 's:-O[0-9] ::g' \ |
5563 |
- -e 's:-march=[-a-z0-9]* ::g' \ |
5564 |
- -e 's:-mcpu=[-a-z0-9]* ::g' \ |
5565 |
- -e 's:-m[a-z0-9]* ::g' \ |
5566 |
- ) |
5567 |
- sed -i \ |
5568 |
- -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ |
5569 |
- -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ |
5570 |
- Makefile || die |
5571 |
-} |
5572 |
- |
5573 |
-multilib_src_compile() { |
5574 |
- # depend is needed to use $confopts; it also doesn't matter |
5575 |
- # that it's -j1 as the code itself serializes subdirs |
5576 |
- emake -j1 depend |
5577 |
- emake all |
5578 |
- # rehash is needed to prep the certs/ dir; do this |
5579 |
- # separately to avoid parallel build issues. |
5580 |
- emake rehash |
5581 |
-} |
5582 |
- |
5583 |
-multilib_src_test() { |
5584 |
- emake -j1 test |
5585 |
-} |
5586 |
- |
5587 |
-multilib_src_install() { |
5588 |
- emake INSTALL_PREFIX="${D}" install |
5589 |
-} |
5590 |
- |
5591 |
-multilib_src_install_all() { |
5592 |
- dobin "${WORKDIR}"/c_rehash #333117 |
5593 |
- dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el |
5594 |
- dohtml -r doc/* |
5595 |
- use rfc3779 && dodoc engines/ccgost/README.gost |
5596 |
- |
5597 |
- # This is crappy in that the static archives are still built even |
5598 |
- # when USE=static-libs. But this is due to a failing in the openssl |
5599 |
- # build system: the static archives are built as PIC all the time. |
5600 |
- # Only way around this would be to manually configure+compile openssl |
5601 |
- # twice; once with shared lib support enabled and once without. |
5602 |
- use static-libs || rm -f "${ED}"/usr/lib*/lib*.a |
5603 |
- |
5604 |
- # create the certs directory |
5605 |
- dodir ${SSL_CNF_DIR}/certs |
5606 |
- cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die |
5607 |
- rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} |
5608 |
- |
5609 |
- # Namespace openssl programs to prevent conflicts with other man pages |
5610 |
- cd "${ED}"/usr/share/man |
5611 |
- local m d s |
5612 |
- for m in $(find . -type f | xargs grep -L '#include') ; do |
5613 |
- d=${m%/*} ; d=${d#./} ; m=${m##*/} |
5614 |
- [[ ${m} == openssl.1* ]] && continue |
5615 |
- [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" |
5616 |
- mv ${d}/{,ssl-}${m} |
5617 |
- # fix up references to renamed man pages |
5618 |
- sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} |
5619 |
- ln -s ssl-${m} ${d}/openssl-${m} |
5620 |
- # locate any symlinks that point to this man page ... we assume |
5621 |
- # that any broken links are due to the above renaming |
5622 |
- for s in $(find -L ${d} -type l) ; do |
5623 |
- s=${s##*/} |
5624 |
- rm -f ${d}/${s} |
5625 |
- ln -s ssl-${m} ${d}/ssl-${s} |
5626 |
- ln -s ssl-${s} ${d}/openssl-${s} |
5627 |
- done |
5628 |
- done |
5629 |
- [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" |
5630 |
- |
5631 |
- dodir /etc/sandbox.d #254521 |
5632 |
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl |
5633 |
- |
5634 |
- diropts -m0700 |
5635 |
- keepdir ${SSL_CNF_DIR}/private |
5636 |
-} |
5637 |
- |
5638 |
-pkg_preinst() { |
5639 |
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
5640 |
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
5641 |
-} |
5642 |
- |
5643 |
-pkg_postinst() { |
5644 |
- ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" |
5645 |
- c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null |
5646 |
- eend $? |
5647 |
- |
5648 |
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0 |
5649 |
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 |
5650 |
-} |