Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Mike Frysinger (vapier)" <vapier@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in dev-libs/openssl: openssl-1.0.0a-r2.ebuild metadata.xml ChangeLog
Date: Thu, 19 Aug 2010 22:33:48
Message-Id: 20100819223328.A85EF2004C@flycatcher.gentoo.org
1 vapier 10/08/19 22:33:28
2
3 Modified: metadata.xml ChangeLog
4 Added: openssl-1.0.0a-r2.ebuild
5 Log:
6 Grab POSIX shell version of c_rehash from PLD #333117. Add a local USE=sslv2 flag so people can enable legacy support #332661 by Stefan de Konink.
7 (Portage version: 2.2_rc67/cvs/Linux x86_64)
8
9 Revision Changes Path
10 1.4 dev-libs/openssl/metadata.xml
11
12 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/metadata.xml?rev=1.4&view=markup
13 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/metadata.xml?rev=1.4&content-type=text/plain
14 diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/metadata.xml?r1=1.3&r2=1.4
15
16 Index: metadata.xml
17 ===================================================================
18 RCS file: /var/cvsroot/gentoo-x86/dev-libs/openssl/metadata.xml,v
19 retrieving revision 1.3
20 retrieving revision 1.4
21 diff -u -r1.3 -r1.4
22 --- metadata.xml 13 Feb 2010 10:23:09 -0000 1.3
23 +++ metadata.xml 19 Aug 2010 22:33:28 -0000 1.4
24 @@ -4,5 +4,6 @@
25 <herd>base-system</herd>
26 <use>
27 <flag name='rfc3779'>Enable support for RFC 3779 (X.509 Extensions for IP Addresses and AS Identifiers)</flag>
28 + <flag name='sslv2'>Enable old/vulnerable SSLv2 protocol -- ONLY do this with closed/legacy systems</flag>
29 </use>
30 </pkgmetadata>
31
32
33
34 1.345 dev-libs/openssl/ChangeLog
35
36 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/ChangeLog?rev=1.345&view=markup
37 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/ChangeLog?rev=1.345&content-type=text/plain
38 diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/ChangeLog?r1=1.344&r2=1.345
39
40 Index: ChangeLog
41 ===================================================================
42 RCS file: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v
43 retrieving revision 1.344
44 retrieving revision 1.345
45 diff -u -r1.344 -r1.345
46 --- ChangeLog 17 Aug 2010 04:10:10 -0000 1.344
47 +++ ChangeLog 19 Aug 2010 22:33:28 -0000 1.345
48 @@ -1,6 +1,13 @@
49 # ChangeLog for dev-libs/openssl
50 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
51 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.344 2010/08/17 04:10:10 vapier Exp $
52 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.345 2010/08/19 22:33:28 vapier Exp $
53 +
54 +*openssl-1.0.0a-r2 (19 Aug 2010)
55 +
56 + 19 Aug 2010; Mike Frysinger <vapier@g.o> +openssl-1.0.0a-r2.ebuild,
57 + metadata.xml:
58 + Grab POSIX shell version of c_rehash from PLD #333117. Add a local USE=sslv2
59 + flag so people can enable legacy support #332661 by Stefan de Konink.
60
61 17 Aug 2010; Mike Frysinger <vapier@g.o> openssl-1.0.0a-r1.ebuild:
62 Automatically rehash ssl certs for people #333069.
63
64
65
66 1.1 dev-libs/openssl/openssl-1.0.0a-r2.ebuild
67
68 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/openssl-1.0.0a-r2.ebuild?rev=1.1&view=markup
69 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/openssl/openssl-1.0.0a-r2.ebuild?rev=1.1&content-type=text/plain
70
71 Index: openssl-1.0.0a-r2.ebuild
72 ===================================================================
73 # Copyright 1999-2010 Gentoo Foundation
74 # Distributed under the terms of the GNU General Public License v2
75 # $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0a-r2.ebuild,v 1.1 2010/08/19 22:33:28 vapier Exp $
76
77 inherit eutils flag-o-matic toolchain-funcs
78
79 DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
80 HOMEPAGE="http://www.openssl.org/"
81 SRC_URI="mirror://openssl/source/${P}.tar.gz
82 http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=1.7"
83
84 LICENSE="openssl"
85 SLOT="0"
86 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd"
87 IUSE="bindist gmp kerberos rfc3779 sse2 sslv2 test zlib"
88
89 RDEPEND="gmp? ( dev-libs/gmp )
90 zlib? ( sys-libs/zlib )
91 kerberos? ( app-crypt/mit-krb5 )"
92 DEPEND="${RDEPEND}
93 sys-apps/diffutils
94 >=dev-lang/perl-5
95 test? ( sys-devel/bc )"
96 PDEPEND="app-misc/ca-certificates"
97
98 src_unpack() {
99 unpack ${P}.tar.gz
100 cp "${DISTDIR}"/openssl-c_rehash.sh* "${WORKDIR}"/c_rehash || die
101 cd "${S}"
102
103 epatch "${FILESDIR}"/${PN}-0.9.7e-gentoo.patch
104 epatch "${FILESDIR}"/${PN}-0.9.8l-binutils.patch #289130
105 epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
106 epatch "${FILESDIR}"/${P}-fix-double-free.patch #332027
107 cp "${FILESDIR}"/alphacpuid.s "${S}"/crypto/ || die #330915
108
109 # disable fips in the build
110 # make sure the man pages are suffixed #302165
111 # don't bother building man pages if they're disabled
112 sed -i \
113 -e '/DIRS/s: fips : :g' \
114 -e '/^MANSUFFIX/s:=.*:=ssl:' \
115 -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
116 -e $(has noman FEATURES \
117 && echo '/^install:/s:install_docs::' \
118 || echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
119 Makefile{,.org} \
120 || die
121 # show the actual commands in the log
122 sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
123
124 # allow openssl to be cross-compiled
125 cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed"
126 chmod a+rx gentoo.config
127
128 append-flags -fno-strict-aliasing
129 append-flags -Wa,--noexecstack
130
131 sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
132 ./config --test-sanity || die "I AM NOT SANE"
133 }
134
135 src_compile() {
136 unset APPS #197996
137 unset SCRIPTS #312551
138
139 tc-export CC AR RANLIB
140
141 # Clean out patent-or-otherwise-encumbered code
142 # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
143 # IDEA: 5,214,703 07/01/2012 http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
144 # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
145 # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
146 # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
147
148 use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; }
149 echoit() { echo "$@" ; "$@" ; }
150
151 local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
152
153 local sslout=$(./gentoo.config)
154 einfo "Use configuration ${sslout:-(openssl knows best)}"
155 local config="Configure"
156 [[ -z ${sslout} ]] && config="config"
157 echoit \
158 ./${config} \
159 ${sslout} \
160 $(use sse2 || echo "no-sse2") \
161 enable-camellia \
162 $(use_ssl !bindist ec) \
163 $(use_ssl !bindist idea) \
164 enable-mdc2 \
165 $(use_ssl !bindist rc5) \
166 enable-tlsext \
167 $(use_ssl gmp gmp -lgmp) \
168 $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
169 $(use_ssl rfc3779) \
170 $(use_ssl sslv2 ssl2) \
171 $(use_ssl zlib) \
172 --prefix=/usr \
173 --openssldir=/etc/ssl \
174 --libdir=$(get_libdir) \
175 shared threads \
176 || die "Configure failed"
177
178 # Clean out hardcoded flags that openssl uses
179 local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
180 -e 's:^CFLAG=::' \
181 -e 's:-fomit-frame-pointer ::g' \
182 -e 's:-O[0-9] ::g' \
183 -e 's:-march=[-a-z0-9]* ::g' \
184 -e 's:-mcpu=[-a-z0-9]* ::g' \
185 -e 's:-m[a-z0-9]* ::g' \
186 )
187 sed -i \
188 -e "/^CFLAG/s:=.*:=${CFLAG} ${CFLAGS}:" \
189 -e "/^SHARED_LDFLAGS=/s:$: ${LDFLAGS}:" \
190 Makefile || die
191
192 # depend is needed to use $confopts
193 # rehash is needed to prep the certs/ dir
194 emake -j1 depend || die "depend failed"
195 emake -j1 all rehash || die "make all failed"
196 }
197
198 src_test() {
199 emake -j1 test || die "make test failed"
200 }
201
202 src_install() {
203 emake -j1 INSTALL_PREFIX="${D}" install || die
204 dobin "${WORKDIR}"/c_rehash || die #333117
205 dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
206 dohtml -r doc/*
207
208 # create the certs directory
209 dodir /etc/ssl/certs
210 cp -RP certs/* "${D}"/etc/ssl/certs/ || die "failed to install certs"
211 rm -r "${D}"/etc/ssl/certs/{demo,expired}
212
213 # Namespace openssl programs to prevent conflicts with other man pages
214 cd "${D}"/usr/share/man
215 local m d s
216 for m in $(find . -type f | xargs grep -L '#include') ; do
217 d=${m%/*} ; d=${d#./} ; m=${m##*/}
218 [[ ${m} == openssl.1* ]] && continue
219 [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
220 mv ${d}/{,ssl-}${m}
221 # fix up references to renamed man pages
222 sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
223 ln -s ssl-${m} ${d}/openssl-${m}
224 # locate any symlinks that point to this man page ... we assume
225 # that any broken links are due to the above renaming
226 for s in $(find -L ${d} -type l) ; do
227 s=${s##*/}
228 rm -f ${d}/${s}
229 ln -s ssl-${m} ${d}/ssl-${s}
230 ln -s ssl-${s} ${d}/openssl-${s}
231 done
232 done
233 [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
234
235 dodir /etc/sandbox.d #254521
236 echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl
237
238 diropts -m0700
239 keepdir /etc/ssl/private
240 }
241
242 pkg_preinst() {
243 has_version ${CATEGORY}/${PN}:0.9.8 && return 0
244 preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
245 }
246
247 pkg_postinst() {
248 ebegin "Running 'c_rehash ${ROOT}etc/ssl/certs/' to rebuild hashes #333069"
249 c_rehash "${ROOT}etc/ssl/certs" >/dev/null
250 eend $?
251
252 has_version ${CATEGORY}/${PN}:0.9.8 && return 0
253 preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
254 }
Report Message
Find on MARC Find on Google Groups