[gentoo-commits] gentoo-x86 commit in dev-libs/openssl: ChangeLog openssl-0.9.8g-r2.ebuild - gentoo-commits

From:	"Doug Goldstein (cardoe)" <cardoe@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-x86 commit in dev-libs/openssl: ChangeLog openssl-0.9.8g-r2.ebuild
Date:	Fri, 30 May 2008 21:30:35
Message-Id:	`E1K2CBB-0002vj-Sa@stork.gentoo.org`

1

cardoe      08/05/30 21:30:29

2

3

  Modified:             ChangeLog

4

  Added:                openssl-0.9.8g-r2.ebuild

5

  Log:

6

  Security fix for CVE-2008-0891 & CVE-2008-1672. bug #223429

7

  (Portage version: 2.1.5.2)

8

9

Revision  Changes    Path

10

1.261                dev-libs/openssl/ChangeLog

11

12

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/ChangeLog?rev=1.261&view=markup

13

plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/ChangeLog?rev=1.261&content-type=text/plain

14

diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/ChangeLog?r1=1.260&r2=1.261

15

16

Index: ChangeLog

17

===================================================================

18

RCS file: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v

19

retrieving revision 1.260

20

retrieving revision 1.261

21

diff -u -r1.260 -r1.261

22

--- ChangeLog	28 May 2008 16:30:40 -0000	1.260

23

+++ ChangeLog	30 May 2008 21:30:29 -0000	1.261

24

@@ -1,6 +1,13 @@

25

 # ChangeLog for dev-libs/openssl

26

 # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2

27

-# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.260 2008/05/28 16:30:40 vapier Exp $

28

+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.261 2008/05/30 21:30:29 cardoe Exp $

29

+

30

+*openssl-0.9.8g-r2 (30 May 2008)

31

+

32

+  30 May 2008; Doug Goldstein <cardoe@g.o>

33

+  +files/openssl-0.9.8g-CVE-2008-0891.patch,

34

+  +files/openssl-0.9.8g-CVE-2008-1672.patch, +openssl-0.9.8g-r2.ebuild:

35

+  Security fix for CVE-2008-0891 & CVE-2008-1672. bug #223429

36

37

 *openssl-0.9.8h (28 May 2008)

38

39

@@ -29,7 +36,7 @@

40

   19 Nov 2007; Joshua Kinard <kumba@g.o> openssl-0.9.8g.ebuild:

41

   Stable on mips, per #198370.

42

43

-  16 Nov 2007; Doug Klima <cardoe@g.o> openssl-0.9.8g.ebuild:

44

+  16 Nov 2007; Doug Goldstein <cardoe@g.o> openssl-0.9.8g.ebuild:

45

   change depend to mit-krb5 since openssl's Configure script specifically

46

   states they don't support building against heimdal and it will break. Which

47

   results in a die during the ebuild

1.1                  dev-libs/openssl/openssl-0.9.8g-r2.ebuild

52

53

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/openssl-0.9.8g-r2.ebuild?rev=1.1&view=markup

54

plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/openssl-0.9.8g-r2.ebuild?rev=1.1&content-type=text/plain

55

56

Index: openssl-0.9.8g-r2.ebuild

57

===================================================================

58

# Copyright 1999-2008 Gentoo Foundation

59

# Distributed under the terms of the GNU General Public License v2

60

# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8g-r2.ebuild,v 1.1 2008/05/30 21:30:29 cardoe Exp $

61

62

inherit eutils flag-o-matic toolchain-funcs

63

64

DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1"

65

HOMEPAGE="http://www.openssl.org/"

66

SRC_URI="mirror://openssl/source/${P}.tar.gz"

67

68

LICENSE="openssl"

69

SLOT="0"

70

KEYWORDS="-* ~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd"

71

IUSE="bindist gmp kerberos sse2 test zlib"

72

73

RDEPEND="gmp? ( dev-libs/gmp )

74

	zlib? ( sys-libs/zlib )

75

	kerberos? ( app-crypt/mit-krb5 )"

76

DEPEND="${RDEPEND}

77

	sys-apps/diffutils

78

	>=dev-lang/perl-5

79

	test? ( sys-devel/bc )"

80

PDEPEND="app-misc/ca-certificates"

81

82

src_unpack() {

83

	unpack ${A}

84

	cd "${S}"

85

86

	epatch "${FILESDIR}"/${PN}-0.9.7e-gentoo.patch

87

	epatch "${FILESDIR}"/${PN}-0.9.7-alpha-default-gcc.patch

88

	epatch "${FILESDIR}"/${PN}-0.9.8b-parallel-build.patch

89

	epatch "${FILESDIR}"/${PN}-0.9.8-make-engines-dir.patch

90

	epatch "${FILESDIR}"/${PN}-0.9.8-toolchain.patch

91

	epatch "${FILESDIR}"/${PN}-0.9.8b-doc-updates.patch

92

	epatch "${FILESDIR}"/${PN}-0.9.8-makedepend.patch #149583

93

	epatch "${FILESDIR}"/${PN}-0.9.8e-make.patch #146316

94

	epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch

95

	epatch "${FILESDIR}"/${PN}-0.9.8g-sslv3-no-tlsext.patch

96

97

	# Security Fixes

98

	epatch "${FILESDIR}"/${PN}-0.9.8g-CVE-2008-0891.patch

99

	epatch "${FILESDIR}"/${PN}-0.9.8g-CVE-2008-1672.patch

100

101

	# allow openssl to be cross-compiled

102

	cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed"

103

	chmod a+rx gentoo.config

104

105

	# Don't build manpages if we don't want them

106

	has noman FEATURES \

107

		&& sed -i '/^install:/s:install_docs::' Makefile.org \

108

		|| sed -i '/^MANDIR=/s:=.*:=/usr/share/man:' Makefile.org

109

110

	# Try to derice users and work around broken ass toolchains

111

	if [[ $(gcc-major-version) == "3" ]] ; then

112

		filter-flags -fprefetch-loop-arrays -freduce-all-givs -funroll-loops

113

		[[ $(tc-arch) == "ppc64" ]] && replace-flags -O? -O

114

fi

115

	[[ $(tc-arch) == ppc* ]] && append-flags -fno-strict-aliasing

116

	append-flags -Wa,--noexecstack

117

118

	# using a library directory other than lib requires some magic

119

	sed -i \

120

		-e "s+\(\$(INSTALL_PREFIX)\$(INSTALLTOP)\)/lib+\1/$(get_libdir)+g" \

121

		-e "s+libdir=\$\${exec_prefix}/lib+libdir=\$\${exec_prefix}/$(get_libdir)+g" \

122

		Makefile.org engines/Makefile \

123

		|| die "sed failed"

124

	./config --test-sanity || die "I AM NOT SANE"

125

}

126

127

src_compile() {

128

	unset APPS #197996

129

130

	tc-export CC AR RANLIB

131

132

	# Clean out patent-or-otherwise-encumbered code

133

	# Camellia: Royalty Free            http://en.wikipedia.org/wiki/Camellia_(cipher)

134

	# IDEA:     5,214,703 25/05/2010    http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm

135

	# EC:       ????????? ??/??/2015    http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography

136

	# MDC2:     Expired                 http://en.wikipedia.org/wiki/MDC-2

137

	# RC5:      5,724,428 03/03/2015    http://en.wikipedia.org/wiki/RC5

138

139

	use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; }

140

	echoit() { echo "$@" ; "$@" ; }

141

142

	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")

143

144

	local sslout=$(./gentoo.config)

145

	einfo "Use configuration ${sslout:-(openssl knows best)}"

146

	local config="Configure"

147

	[[ -z ${sslout} ]] && config="config"

148

	echoit \

149

	./${config} \

150

		${sslout} \

151

		$(use sse2 || echo "no-sse2") \

152

		enable-camellia \

153

		$(use_ssl !bindist ec) \

154

		$(use_ssl !bindist idea) \

155

		enable-mdc2 \

156

		$(use_ssl !bindist rc5) \

157

		enable-tlsext \

158

		$(use_ssl gmp) \

159

		$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \

160

		$(use_ssl zlib) \

161

		$(use_ssl zlib zlib-dynamic) \

162

		--prefix=/usr \

163

		--openssldir=/etc/ssl \

164

		shared threads \

165

		|| die "Configure failed"

166

167

	# Clean out hardcoded flags that openssl uses

168

	local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \

169

		-e 's:^CFLAG=::' \

170

		-e 's:-fomit-frame-pointer ::g' \

171

		-e 's:-O[0-9] ::g' \

172

		-e 's:-march=[-a-z0-9]* ::g' \

173

		-e 's:-mcpu=[-a-z0-9]* ::g' \

174

		-e 's:-m[a-z0-9]* ::g' \

175

)

176

	sed -i \

177

		-e "/^CFLAG/s:=.*:=${CFLAG} ${CFLAGS}:" \

178

		-e "/^SHARED_LDFLAGS=/s:$: ${LDFLAGS}:" \

179

		Makefile || die

180

181

	# depend is needed to use $confopts

182

	# rehash is needed to prep the certs/ dir

183

	emake -j1 depend || die "depend failed"

184

	emake all rehash || die "make all failed"

185

}

186

187

src_test() {

188

	# make sure sandbox doesnt die on *BSD

189

	addpredict /dev/crypto

190

191

	emake -j1 test || die "make test failed"

192

}

193

194

src_install() {

195

	emake -j1 INSTALL_PREFIX="${D}" install || die

196

	dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el

197

	dohtml doc/*

198

199

	# create the certs directory

200

	dodir /etc/ssl/certs

201

	cp -RP certs/* "${D}"/etc/ssl/certs/ || die "failed to install certs"

202

	rm -r "${D}"/etc/ssl/certs/{demo,expired}

203

204

	# Namespace openssl programs to prevent conflicts with other man pages

205

	cd "${D}"/usr/share/man

206

	local m d s

207

	for m in $(find . -type f | xargs grep -L '#include') ; do

208

		d=${m%/*} ; d=${d#./} ; m=${m##*/}

209

		[[ ${m} == openssl.1* ]] && continue

210

		[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"

211

		mv ${d}/{,ssl-}${m}

212

		ln -s ssl-${m} ${d}/openssl-${m}

213

		# locate any symlinks that point to this man page ... we assume

214

		# that any broken links are due to the above renaming

215

		for s in $(find -L ${d} -type l) ; do

216

			s=${s##*/}

217

			rm -f ${d}/${s}

218

			ln -s ssl-${m} ${d}/ssl-${s}

219

			ln -s ssl-${s} ${d}/openssl-${s}

220

		done

221

	done

222

	[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("

223

224

	diropts -m0700

225

	keepdir /etc/ssl/private

226

}

227

228

pkg_preinst() {

229

	preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.{6,7}

230

}

231

232

pkg_postinst() {

233

	preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.{6,7}

234

235

	if [[ ${CHOST} == i686* ]] ; then

236

		ewarn "Due to the way openssl is architected, you cannot"

237

		ewarn "switch between optimized versions without breaking"

238

		ewarn "ABI.  The default i686 0.9.8 ABI was an unoptimized"

239

		ewarn "version with horrible performance.  This version uses"

240

		ewarn "the optimized ABI.  If you experience segfaults when"

241

		ewarn "using ssl apps (like openssh), just re-emerge the"

242

		ewarn "offending package."

243

fi

244

}

--

249

gentoo-commits@l.g.o mailing list

1	cardoe 08/05/30 21:30:29
2
3	Modified: ChangeLog
4	Added: openssl-0.9.8g-r2.ebuild
5	Log:
6	Security fix for CVE-2008-0891 & CVE-2008-1672. bug #223429
7	(Portage version: 2.1.5.2)
8
9	Revision Changes Path
10	1.261 dev-libs/openssl/ChangeLog
11
12	file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/ChangeLog?rev=1.261&view=markup
13	plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/ChangeLog?rev=1.261&content-type=text/plain
14	diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/ChangeLog?r1=1.260&r2=1.261
15
16	Index: ChangeLog
17	===================================================================
18	RCS file: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v
19	retrieving revision 1.260
20	retrieving revision 1.261
21	diff -u -r1.260 -r1.261
22	--- ChangeLog 28 May 2008 16:30:40 -0000 1.260
23	+++ ChangeLog 30 May 2008 21:30:29 -0000 1.261
24	@@ -1,6 +1,13 @@
25	# ChangeLog for dev-libs/openssl
26	# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
27	-# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.260 2008/05/28 16:30:40 vapier Exp $
28	+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.261 2008/05/30 21:30:29 cardoe Exp $
29	+
30	+*openssl-0.9.8g-r2 (30 May 2008)
31	+
32	+ 30 May 2008; Doug Goldstein <cardoe@g.o>
33	+ +files/openssl-0.9.8g-CVE-2008-0891.patch,
34	+ +files/openssl-0.9.8g-CVE-2008-1672.patch, +openssl-0.9.8g-r2.ebuild:
35	+ Security fix for CVE-2008-0891 & CVE-2008-1672. bug #223429
36
37	*openssl-0.9.8h (28 May 2008)
38
39	@@ -29,7 +36,7 @@
40	19 Nov 2007; Joshua Kinard <kumba@g.o> openssl-0.9.8g.ebuild:
41	Stable on mips, per #198370.
42
43	- 16 Nov 2007; Doug Klima <cardoe@g.o> openssl-0.9.8g.ebuild:
44	+ 16 Nov 2007; Doug Goldstein <cardoe@g.o> openssl-0.9.8g.ebuild:
45	change depend to mit-krb5 since openssl's Configure script specifically
46	states they don't support building against heimdal and it will break. Which
47	results in a die during the ebuild
48
49
50
51	1.1 dev-libs/openssl/openssl-0.9.8g-r2.ebuild
52
53	file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/openssl-0.9.8g-r2.ebuild?rev=1.1&view=markup
54	plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/openssl-0.9.8g-r2.ebuild?rev=1.1&content-type=text/plain
55
56	Index: openssl-0.9.8g-r2.ebuild
57	===================================================================
58	# Copyright 1999-2008 Gentoo Foundation
59	# Distributed under the terms of the GNU General Public License v2
60	# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8g-r2.ebuild,v 1.1 2008/05/30 21:30:29 cardoe Exp $
61
62	inherit eutils flag-o-matic toolchain-funcs
63
64	DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1"
65	HOMEPAGE="http://www.openssl.org/"
66	SRC_URI="mirror://openssl/source/${P}.tar.gz"
67
68	LICENSE="openssl"
69	SLOT="0"
70	KEYWORDS="-* ~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd"
71	IUSE="bindist gmp kerberos sse2 test zlib"
72
73	RDEPEND="gmp? ( dev-libs/gmp )
74	zlib? ( sys-libs/zlib )
75	kerberos? ( app-crypt/mit-krb5 )"
76	DEPEND="${RDEPEND}
77	sys-apps/diffutils
78	>=dev-lang/perl-5
79	test? ( sys-devel/bc )"
80	PDEPEND="app-misc/ca-certificates"
81
82	src_unpack() {
83	unpack ${A}
84	cd "${S}"
85
86	epatch "${FILESDIR}"/${PN}-0.9.7e-gentoo.patch
87	epatch "${FILESDIR}"/${PN}-0.9.7-alpha-default-gcc.patch
88	epatch "${FILESDIR}"/${PN}-0.9.8b-parallel-build.patch
89	epatch "${FILESDIR}"/${PN}-0.9.8-make-engines-dir.patch
90	epatch "${FILESDIR}"/${PN}-0.9.8-toolchain.patch
91	epatch "${FILESDIR}"/${PN}-0.9.8b-doc-updates.patch
92	epatch "${FILESDIR}"/${PN}-0.9.8-makedepend.patch #149583
93	epatch "${FILESDIR}"/${PN}-0.9.8e-make.patch #146316
94	epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch
95	epatch "${FILESDIR}"/${PN}-0.9.8g-sslv3-no-tlsext.patch
96
97	# Security Fixes
98	epatch "${FILESDIR}"/${PN}-0.9.8g-CVE-2008-0891.patch
99	epatch "${FILESDIR}"/${PN}-0.9.8g-CVE-2008-1672.patch
100
101	# allow openssl to be cross-compiled
102	cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config \|\| die "cp cross-compile failed"
103	chmod a+rx gentoo.config
104
105	# Don't build manpages if we don't want them
106	has noman FEATURES \
107	&& sed -i '/^install:/s:install_docs::' Makefile.org \
108	\|\| sed -i '/^MANDIR=/s:=.*:=/usr/share/man:' Makefile.org
109
110	# Try to derice users and work around broken ass toolchains
111	if [[ $(gcc-major-version) == "3" ]] ; then
112	filter-flags -fprefetch-loop-arrays -freduce-all-givs -funroll-loops
113	[[ $(tc-arch) == "ppc64" ]] && replace-flags -O? -O
114	fi
115	[[ $(tc-arch) == ppc* ]] && append-flags -fno-strict-aliasing
116	append-flags -Wa,--noexecstack
117
118	# using a library directory other than lib requires some magic
119	sed -i \
120	-e "s+\(\$(INSTALL_PREFIX)\$(INSTALLTOP)\)/lib+\1/$(get_libdir)+g" \
121	-e "s+libdir=\$\${exec_prefix}/lib+libdir=\$\${exec_prefix}/$(get_libdir)+g" \
122	Makefile.org engines/Makefile \
123	\|\| die "sed failed"
124	./config --test-sanity \|\| die "I AM NOT SANE"
125	}
126
127	src_compile() {
128	unset APPS #197996
129
130	tc-export CC AR RANLIB
131
132	# Clean out patent-or-otherwise-encumbered code
133	# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
134	# IDEA: 5,214,703 25/05/2010 http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
135	# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
136	# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
137	# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
138
139	use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" \|\| echo "no-${2:-$1}" ; }
140	echoit() { echo "$@" ; "$@" ; }
141
142	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" \|\| echo "Heimdal")
143
144	local sslout=$(./gentoo.config)
145	einfo "Use configuration ${sslout:-(openssl knows best)}"
146	local config="Configure"
147	[[ -z ${sslout} ]] && config="config"
148	echoit \
149	./${config} \
150	${sslout} \
151	$(use sse2 \|\| echo "no-sse2") \
152	enable-camellia \
153	$(use_ssl !bindist ec) \
154	$(use_ssl !bindist idea) \
155	enable-mdc2 \
156	$(use_ssl !bindist rc5) \
157	enable-tlsext \
158	$(use_ssl gmp) \
159	$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
160	$(use_ssl zlib) \
161	$(use_ssl zlib zlib-dynamic) \
162	--prefix=/usr \
163	--openssldir=/etc/ssl \
164	shared threads \
165	\|\| die "Configure failed"
166
167	# Clean out hardcoded flags that openssl uses
168	local CFLAG=$(grep ^CFLAG= Makefile \| LC_ALL=C sed \
169	-e 's:^CFLAG=::' \
170	-e 's:-fomit-frame-pointer ::g' \
171	-e 's:-O[0-9] ::g' \
172	-e 's:-march=[-a-z0-9]* ::g' \
173	-e 's:-mcpu=[-a-z0-9]* ::g' \
174	-e 's:-m[a-z0-9]* ::g' \
175	)
176	sed -i \
177	-e "/^CFLAG/s:=.*:=${CFLAG} ${CFLAGS}:" \
178	-e "/^SHARED_LDFLAGS=/s:$: ${LDFLAGS}:" \
179	Makefile \|\| die
180
181	# depend is needed to use $confopts
182	# rehash is needed to prep the certs/ dir
183	emake -j1 depend \|\| die "depend failed"
184	emake all rehash \|\| die "make all failed"
185	}
186
187	src_test() {
188	# make sure sandbox doesnt die on *BSD
189	addpredict /dev/crypto
190
191	emake -j1 test \|\| die "make test failed"
192	}
193
194	src_install() {
195	emake -j1 INSTALL_PREFIX="${D}" install \|\| die
196	dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
197	dohtml doc/*
198
199	# create the certs directory
200	dodir /etc/ssl/certs
201	cp -RP certs/* "${D}"/etc/ssl/certs/ \|\| die "failed to install certs"
202	rm -r "${D}"/etc/ssl/certs/{demo,expired}
203
204	# Namespace openssl programs to prevent conflicts with other man pages
205	cd "${D}"/usr/share/man
206	local m d s
207	for m in $(find . -type f \| xargs grep -L '#include') ; do
208	d=${m%/} ; d=${d#./} ; m=${m##/}
209	[[ ${m} == openssl.1* ]] && continue
210	[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
211	mv ${d}/{,ssl-}${m}
212	ln -s ssl-${m} ${d}/openssl-${m}
213	# locate any symlinks that point to this man page ... we assume
214	# that any broken links are due to the above renaming
215	for s in $(find -L ${d} -type l) ; do
216	s=${s##*/}
217	rm -f ${d}/${s}
218	ln -s ssl-${m} ${d}/ssl-${s}
219	ln -s ssl-${s} ${d}/openssl-${s}
220	done
221	done
222	[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
223
224	diropts -m0700
225	keepdir /etc/ssl/private
226	}
227
228	pkg_preinst() {
229	preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.{6,7}
230	}
231
232	pkg_postinst() {
233	preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.{6,7}
234
235	if [[ ${CHOST} == i686* ]] ; then
236	ewarn "Due to the way openssl is architected, you cannot"
237	ewarn "switch between optimized versions without breaking"
238	ewarn "ABI. The default i686 0.9.8 ABI was an unoptimized"
239	ewarn "version with horrible performance. This version uses"
240	ewarn "the optimized ABI. If you experience segfaults when"
241	ewarn "using ssl apps (like openssh), just re-emerge the"
242	ewarn "offending package."
243	fi
244	}
245
246
247
248	--
249	gentoo-commits@l.g.o mailing list

Gentoo Archives: gentoo-commits