1 |
commit: 47f53172d2f6e2beaddb1c072d62e51de3884111 |
2 |
Author: Doug Goldstein <cardoe <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Feb 26 22:49:18 2016 +0000 |
4 |
Commit: Doug Goldstein <cardoe <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Feb 26 22:50:04 2016 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=47f53172 |
7 |
|
8 |
dev-libs/openssl: remove vulnerable version |
9 |
|
10 |
Due to multiple vulnerabilities remove outdated version of OpenSSL. |
11 |
|
12 |
Gentoo-Bug: 567476 |
13 |
|
14 |
Package-Manager: portage-2.2.26 |
15 |
Signed-off-by: Doug Goldstein <cardoe <AT> gentoo.org> |
16 |
|
17 |
dev-libs/openssl/Manifest | 1 - |
18 |
dev-libs/openssl/openssl-0.9.8z_p7.ebuild | 162 ------------------------------ |
19 |
2 files changed, 163 deletions(-) |
20 |
|
21 |
diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest |
22 |
index 5decc0a..e16c5f3 100644 |
23 |
--- a/dev-libs/openssl/Manifest |
24 |
+++ b/dev-libs/openssl/Manifest |
25 |
@@ -1,3 +1,2 @@ |
26 |
-DIST openssl-0.9.8zg.tar.gz 3826891 SHA256 06500060639930e471050474f537fcd28ec934af92ee282d78b52460fbe8f580 SHA512 c757454de321d168ac6d89fe2859966a9f07a8b28305bf697af9018db13fc457e0883346b3d35977461ab058442375563554ecb2a8756a687ff9fc2fdd9103c9 WHIRLPOOL 55ecf50a264a2ddd9b5755b5d90b9b736d2f27e0ba2fd529ccff3b68bbd726d1f60460182a0d215ae6712dbc4d3ef2df11339fb2d8424e049f54c3e904fcfab0 |
27 |
DIST openssl-0.9.8zh.tar.gz 3818524 SHA256 f1d9f3ed1b85a82ecf80d0e2d389e1fda3fca9a4dba0bf07adbf231e1a5e2fd6 SHA512 b97fa2468211f86c0719c68ad1781eff84f772c479ed5193d6da14bac086b4ca706e7d851209d9df3f0962943b5e5333ab0def00110fb2e517caa73c0c6674c6 WHIRLPOOL 8ed3362e6aed89cd6ae02438bc3fb58ff3a91afb8a2d401d1d66c1ee4fd96f4befb50558131dd03a60fc15b588172fc1ede5d56bb1f68e184453bfe3b34f9abf |
28 |
DIST openssl-1.0.2f.tar.gz 5258384 SHA256 932b4ee4def2b434f85435d9e3e19ca8ba99ce9a065a61524b429a9d5e9b2e9c SHA512 50abf6dc94cafd06e7fd20770808bdc675c88daa369e4f752bd584ab17f72a57357c1ca1eca3c83e6745b5a3c9c73c99dce70adaa904d73f6df4c75bc7138351 WHIRLPOOL 179e1b5ad38c50a4c8110024aa7b33c53634c39690917e3bf5c2099548430beef96132ae9f9588ff0cedd6e08bb216a8d36835baaaa04e506fb3fbaed37d31c9 |
29 |
|
30 |
diff --git a/dev-libs/openssl/openssl-0.9.8z_p7.ebuild b/dev-libs/openssl/openssl-0.9.8z_p7.ebuild |
31 |
deleted file mode 100644 |
32 |
index 817c1c8..0000000 |
33 |
--- a/dev-libs/openssl/openssl-0.9.8z_p7.ebuild |
34 |
+++ /dev/null |
35 |
@@ -1,162 +0,0 @@ |
36 |
-# Copyright 1999-2015 Gentoo Foundation |
37 |
-# Distributed under the terms of the GNU General Public License v2 |
38 |
-# $Id$ |
39 |
- |
40 |
-# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat |
41 |
- |
42 |
-EAPI="5" |
43 |
- |
44 |
-inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal |
45 |
- |
46 |
-PLEVEL=$(echo "${PV##*_p}" | tr '[1-9]' '[a-i]') |
47 |
-MY_PV=${PV/_p*/${PLEVEL}} |
48 |
-MY_P=${PN}-${MY_PV} |
49 |
-S="${WORKDIR}/${MY_P}" |
50 |
-DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1" |
51 |
-HOMEPAGE="http://www.openssl.org/" |
52 |
-SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" |
53 |
- |
54 |
-LICENSE="openssl" |
55 |
-SLOT="0.9.8" |
56 |
-KEYWORDS="alpha amd64 arm ~hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd" |
57 |
-IUSE="bindist gmp kerberos cpu_flags_x86_sse2 test zlib" |
58 |
-RESTRICT="!bindist? ( bindist )" |
59 |
- |
60 |
-RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[${MULTILIB_USEDEP}] ) |
61 |
- zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] ) |
62 |
- kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) |
63 |
- abi_x86_32? ( |
64 |
- !<=app-emulation/emul-linux-x86-baselibs-20140508-r4 |
65 |
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] |
66 |
- ) |
67 |
- !=dev-libs/openssl-0.9.8*:0" |
68 |
-DEPEND="${RDEPEND} |
69 |
- >=dev-lang/perl-5 |
70 |
- test? ( |
71 |
- sys-apps/diffutils |
72 |
- sys-devel/bc |
73 |
- )" |
74 |
- |
75 |
-# Do not install any docs |
76 |
-DOCS=() |
77 |
- |
78 |
-src_prepare() { |
79 |
- epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch |
80 |
- epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438 |
81 |
- epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130 |
82 |
- |
83 |
- # disable fips in the build |
84 |
- # make sure the man pages are suffixed #302165 |
85 |
- # don't bother building man pages if they're disabled |
86 |
- sed -i \ |
87 |
- -e '/DIRS/s: fips : :g' \ |
88 |
- -e '/^MANSUFFIX/s:=.*:=ssl:' \ |
89 |
- -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ |
90 |
- -e $(has noman FEATURES \ |
91 |
- && echo '/^install:/s:install_docs::' \ |
92 |
- || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \ |
93 |
- Makefile{,.org} \ |
94 |
- || die |
95 |
- # show the actual commands in the log |
96 |
- sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared |
97 |
- # update the enginedir path. |
98 |
- # punt broken config we don't care about as it fails sanity check. |
99 |
- sed -i \ |
100 |
- -e '/^"debug-ben-debug-64"/d' \ |
101 |
- -e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \ |
102 |
- Configure || die |
103 |
- |
104 |
- # since we're forcing $(CC) as makedep anyway, just fix |
105 |
- # the conditional as always-on |
106 |
- # helps clang (#417795), and versioned gcc (#499818) |
107 |
- sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die |
108 |
- |
109 |
- # quiet out unknown driver argument warnings since openssl |
110 |
- # doesn't have well-split CFLAGS and we're making it even worse |
111 |
- # and 'make depend' uses -Werror for added fun (#417795 again) |
112 |
- [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments |
113 |
- |
114 |
- # allow openssl to be cross-compiled |
115 |
- cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed" |
116 |
- chmod a+rx gentoo.config |
117 |
- |
118 |
- append-flags -fno-strict-aliasing |
119 |
- append-flags -Wa,--noexecstack |
120 |
- |
121 |
- sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906 |
122 |
- sed -i '/^"debug-bodo/d' Configure # 0.9.8za shipped broken |
123 |
- ./config --test-sanity || die "I AM NOT SANE" |
124 |
- |
125 |
- multilib_copy_sources |
126 |
-} |
127 |
- |
128 |
-multilib_src_configure() { |
129 |
- unset APPS #197996 |
130 |
- unset SCRIPTS #312551 |
131 |
- |
132 |
- tc-export CC AR RANLIB |
133 |
- |
134 |
- # Clean out patent-or-otherwise-encumbered code |
135 |
- # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) |
136 |
- # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm |
137 |
- # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography |
138 |
- # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 |
139 |
- # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 |
140 |
- |
141 |
- use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; } |
142 |
- echoit() { echo "$@" ; "$@" ; } |
143 |
- |
144 |
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") |
145 |
- |
146 |
- local sslout=$(./gentoo.config) |
147 |
- einfo "Use configuration ${sslout:-(openssl knows best)}" |
148 |
- local config="Configure" |
149 |
- [[ -z ${sslout} ]] && config="config" |
150 |
- |
151 |
- echoit \ |
152 |
- ./${config} \ |
153 |
- ${sslout} \ |
154 |
- $(use cpu_flags_x86_sse2 || echo "no-sse2") \ |
155 |
- enable-camellia \ |
156 |
- $(use_ssl !bindist ec) \ |
157 |
- enable-idea \ |
158 |
- enable-mdc2 \ |
159 |
- $(use_ssl !bindist rc5) \ |
160 |
- enable-tlsext \ |
161 |
- $(use_ssl gmp gmp -lgmp) \ |
162 |
- $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ |
163 |
- $(use_ssl zlib) \ |
164 |
- --prefix=/usr \ |
165 |
- --openssldir=/etc/ssl \ |
166 |
- shared threads \ |
167 |
- || die "Configure failed" |
168 |
- |
169 |
- # Clean out hardcoded flags that openssl uses |
170 |
- local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ |
171 |
- -e 's:^CFLAG=::' \ |
172 |
- -e 's:-fomit-frame-pointer ::g' \ |
173 |
- -e 's:-O[0-9] ::g' \ |
174 |
- -e 's:-march=[-a-z0-9]* ::g' \ |
175 |
- -e 's:-mcpu=[-a-z0-9]* ::g' \ |
176 |
- -e 's:-m[a-z0-9]* ::g' \ |
177 |
- ) |
178 |
- sed -i \ |
179 |
- -e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \ |
180 |
- -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ |
181 |
- -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ |
182 |
- Makefile || die |
183 |
-} |
184 |
- |
185 |
-multilib_src_compile() { |
186 |
- # depend is needed to use $confopts |
187 |
- emake -j1 depend |
188 |
- emake -j1 build_libs |
189 |
-} |
190 |
- |
191 |
-multilib_src_test() { |
192 |
- emake -j1 test |
193 |
-} |
194 |
- |
195 |
-multilib_src_install() { |
196 |
- dolib.so lib{crypto,ssl}.so.0.9.8 |
197 |
-} |