parent
7374347210
commit
becf11f45b
@ -1,14 +1,14 @@
|
||||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA256
|
||||
|
||||
EBUILD gamin-0.1.10-r1.ebuild 749 SHA256 d1b675c925b01362f32886daca8774500a48832f768bdc8f58d90dd014a7a4bc SHA512 eed00ec304f3a06187f2e0b1e263c622ed524960c8101f69e16f93353629f076bfda9e3f3599f6b28e70d8bb22157bc83a99332a225b6a94594017d8150badef WHIRLPOOL 2b2b87b5540f167f7d78c5e0960f57f78f3f11ec8f117d7550ef9c754ed043e1cdd01f8a5a96836f5296b4529b70749f1dcdab2ff1571914e5009b9f82efefb7
|
||||
EBUILD gamin-0.1.10-r1.ebuild 746 SHA256 6f86c0c7016a29463bf749084e7609f96ac0e06ed9a2d2771e293f2e39694ca2 SHA512 89b35440d0bd9cc4773a5650c84e85d155b3f7e2a49d61f99b0cbe70c8aa39435cf98c77620760836d1ceeaa54533e9e92e6f0bad490465ab3f5f6580f02518a WHIRLPOOL 99b9e7cb4245249a838beecf0cb59232e186f1c43740fef0ccf8cf3e52a5306af693ae43c9f12483a8c62f34365369c33fb910c6f5fc527d6d849dcdde4307ca
|
||||
EBUILD gamin-0.1.10.ebuild 687 SHA256 d74b62a0a63a77622069a3397e018cf1f79798c4973e49db1b4869ab73364ff5 SHA512 6effecdc66186a26b8034aecb47d88326918b3fba9185049e1c17881a23f8729295097dc4ff4ff2e285f0bf8cf001dd177de572e141eab4608038e9a37c5f86f WHIRLPOOL 0b920a942181dbf49c653533a67920bc07d28211c653a99fb318842869b22145e056028926c8c9c89641f2786f6456a725ab868659f480d0c2370494c6a13876
|
||||
MISC ChangeLog 14295 SHA256 e6c46049528c08eb613850f6b00b7c042fc38a1ff984fae6c5ef35ed72ea0a15 SHA512 c579fc3e1d523c36958586f53286d5e05a1ea0d7cf4f8d703558e95af3ba68e0cda5c4b90d65dc8a43261486e67e0f33d39a7c373f89a1e5a3639147b93cc0cc WHIRLPOOL 39e6b14b92873ef28f96238630a0f213c5e2e4ec349dfc0fded2b5c2b9d5d5efffd394a1022383cdb33865d3c5540a4365062bf2ea50b028419635e0d88c7e87
|
||||
MISC ChangeLog 14398 SHA256 0796491bad90db75ed837f3035aee6aee3e9437032f3faad7bd429fbbc4be5c7 SHA512 f25bf2a3be028abc428612662869395c20d013ef2b3b53d861505dfd141970370cdd50f23f6a31ce345bc5e805841b82d668baa546e58cf05e38e4920270dccf WHIRLPOOL b595f88555ee3335aeca06993eb5efdd4349cbf9d448b853c86d24746d68f96093aee8ccbeaf1f93d00b7068cba39d5f702a0197d0eec41de8a021ae53fd6b76
|
||||
MISC metadata.xml 234 SHA256 3018e3b31ed690a57bfc14e35699dd20ea3b352fc28b918f699e6955b57a2d97 SHA512 eed880663c66280f6688f896bd6b82d600cac0063eb79da7b1be0fe3bf866e7289edb389a505dfbf45bd9c7e5282748dadd7bf3477759788c1024300796545c3 WHIRLPOOL 79028c7efb93b6255351aebe7f35d1587d07ec1405e8fbee4fd874e42e57e6d10368b0f4ab60c89e115493a094f36af8be1bc2fe79fc2d34daae83dc0f8d7b16
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v2.0.22 (GNU/Linux)
|
||||
|
||||
iEYEAREIAAYFAlKSSqwACgkQCaWpQKGI+9SSsQCghytaOtt+YK1Jx7xp2km8w2ti
|
||||
7pYAnRwr1/VA4o+vEDjGTsGwZQXIUyIl
|
||||
=Vxqx
|
||||
iEYEAREIAAYFAlKU/8YACgkQVWmRsqeSphMVrQCfYJ1JD6BusN0oMzVOLZfzcAdX
|
||||
K5cAn2rfoYx7UskwD9jSwhWI27jhDGeK
|
||||
=UvLQ
|
||||
-----END PGP SIGNATURE-----
|
||||
|
@ -0,0 +1,110 @@
|
||||
# Copyright 1999-2013 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/app-benchmarks/phoronix-test-suite/phoronix-test-suite-4.8.3.ebuild,v 1.1 2013/11/27 04:08:40 patrick Exp $
|
||||
|
||||
EAPI=4
|
||||
|
||||
inherit eutils bash-completion-r1
|
||||
|
||||
DESCRIPTION="Phoronix's comprehensive, cross-platform testing and benchmark suite"
|
||||
HOMEPAGE="http://www.phoronix-test-suite.com"
|
||||
SRC_URI="http://www.phoronix-test-suite.com/download.php?file=${P} -> ${P}.tar.gz"
|
||||
|
||||
LICENSE="GPL-3"
|
||||
SLOT="0"
|
||||
KEYWORDS="~amd64 ~x86"
|
||||
IUSE=""
|
||||
|
||||
DEPEND=""
|
||||
|
||||
# php 5.3 doesn't have pcre and reflection useflags anymore
|
||||
RDEPEND="dev-lang/php[cli,curl,gd,json,posix,pcntl,truetype,zip]
|
||||
dev-php/pecl-ps"
|
||||
|
||||
S="${WORKDIR}/${PN}"
|
||||
|
||||
src_prepare() {
|
||||
sed -i -e "s,export PTS_DIR=\`pwd\`,export PTS_DIR=\"/usr/share/${PN}\"," \
|
||||
phoronix-test-suite
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
:
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
:
|
||||
}
|
||||
|
||||
src_install() {
|
||||
dodir /usr/share/${PN}
|
||||
insinto /usr/share/${PN}
|
||||
|
||||
doman documentation/man-pages/phoronix-test-suite.1
|
||||
dodoc AUTHORS CHANGE-LOG
|
||||
dohtml -r documentation/
|
||||
doicon pts-core/static/images/phoronix-test-suite.png
|
||||
doicon pts-core/static/images/openbenchmarking.png
|
||||
domenu pts-core/static/phoronix-test-suite.desktop
|
||||
rm -f pts-core/static/phoronix-test-suite.desktop
|
||||
|
||||
doins -r pts-core
|
||||
exeinto /usr/bin
|
||||
doexe phoronix-test-suite
|
||||
|
||||
fperms a+x /usr/share/${PN}/pts-core/static/scripts/root-access.sh
|
||||
fperms a+x /usr/share/${PN}/pts-core/external-test-dependencies/scripts/install-gentoo-packages.sh
|
||||
|
||||
dobashcompletion pts-core/static/bash_completion ${PN}
|
||||
|
||||
# Need to fix the cli-php config for downloading to work. Very naughty!
|
||||
local slots
|
||||
local slot
|
||||
if [[ "x${PHP_TARGETS}" == "x" ]] ; then
|
||||
ewarn
|
||||
ewarn "PHP_TARGETS seems empty, php.ini file can't be configure."
|
||||
ewarn "Make sure that PHP_TARGETS in /etc/make.conf is set."
|
||||
ewarn "phoronix-test-suite needs the 'allow_url_fopen' option set to \"On\""
|
||||
ewarn "for downloading to work properly."
|
||||
ewarn
|
||||
else
|
||||
for slot in ${PHP_TARGETS}; do
|
||||
slots+=" ${slot/-/.}"
|
||||
done
|
||||
fi
|
||||
|
||||
for slot in ${slots}; do
|
||||
local PHP_INI_FILE="/etc/php/cli-${slot}/php.ini"
|
||||
if [[ -f ${PHP_INI_FILE} ]] ; then
|
||||
dodir $(dirname ${PHP_INI_FILE})
|
||||
cp ${PHP_INI_FILE} "${D}${PHP_INI_FILE}"
|
||||
sed -e 's|^allow_url_fopen .*|allow_url_fopen = On|g' -i "${D}${PHP_INI_FILE}"
|
||||
else
|
||||
if [[ "x$(eselect php show cli)" == "x${slot}" ]] ; then
|
||||
ewarn
|
||||
ewarn "${slot} hasn't a php.ini file."
|
||||
ewarn "phoronix-test-suite needs the 'allow_url_fopen' option set to \"On\""
|
||||
ewarn "for downloading to work properly."
|
||||
ewarn "Check that your PHP_INI_VERSION is set during ${slot} merge"
|
||||
ewarn
|
||||
else
|
||||
elog
|
||||
elog "${slot} hasn't a php.ini file."
|
||||
elog "phoronix-test-suite may need the 'allow_url_fopen' option set to \"On\""
|
||||
elog "for downloading to work properly if you switch to ${slot}"
|
||||
elog "Check that your PHP_INI_VERSION is set during ${slot} merge"
|
||||
elog
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
ewarn
|
||||
ewarn "If you upgrade from phoronix-test-suite-2*, you should reinstall all"
|
||||
ewarn "your tests because"
|
||||
ewarn " \$HOME/.phoronix-test-suite/installed-tests/\$TEST_NAME/"
|
||||
ewarn "moves to"
|
||||
ewarn " \$HOME/.phoronix-test-suite/installed-tests/pts/\$TEST_NAME-\$TEST_VERSION/"
|
||||
ewarn "in phoronix-test-suite-3* version. The \$TEST_VERSION can be find in"
|
||||
ewarn "pts-install.xml file."
|
||||
ewarn
|
||||
}
|
@ -0,0 +1,50 @@
|
||||
# Copyright 1999-2013 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/app-benchmarks/siege/siege-3.0.5.ebuild,v 1.1 2013/11/27 04:00:30 patrick Exp $
|
||||
|
||||
EAPI=4
|
||||
|
||||
#WANT_AUTOMAKE=1.9
|
||||
|
||||
inherit eutils bash-completion-r1 libtool autotools
|
||||
|
||||
DESCRIPTION="A HTTP regression testing and benchmarking utility"
|
||||
HOMEPAGE="http://www.joedog.org/JoeDog/Siege"
|
||||
SRC_URI="http://www.joedog.org/pub/siege/${P}.tar.gz"
|
||||
|
||||
LICENSE="GPL-2"
|
||||
KEYWORDS="~amd64 ~hppa ~mips ~ppc ~x86"
|
||||
SLOT="0"
|
||||
IUSE="ssl"
|
||||
|
||||
RDEPEND="ssl? ( >=dev-libs/openssl-0.9.6d )"
|
||||
DEPEND="${RDEPEND}
|
||||
sys-devel/libtool"
|
||||
|
||||
src_prepare() {
|
||||
# bundled macros break recent libtool
|
||||
sed -i -e 's/AC_PROG_SHELL//' configure.ac || die
|
||||
rm *.m4 || die "failed to remove bundled macros"
|
||||
eautoreconf
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
local myconf
|
||||
use ssl && myconf="--with-ssl=/usr" || myconf="--without-ssl"
|
||||
econf ${myconf}
|
||||
}
|
||||
|
||||
src_install() {
|
||||
make DESTDIR="${D}" install
|
||||
|
||||
dodoc AUTHORS ChangeLog INSTALL MACHINES README* KNOWNBUGS \
|
||||
doc/siegerc doc/urls.txt
|
||||
|
||||
newbashcomp "${FILESDIR}"/${PN}.bash-completion ${PN}
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
echo
|
||||
elog "An example ~/.siegerc file has been installed in"
|
||||
elog "/usr/share/doc/${PF}/"
|
||||
}
|
@ -0,0 +1,167 @@
|
||||
# Copyright 1999-2013 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/app-emulation/docker/docker-0.7.0.ebuild,v 1.1 2013/11/26 15:17:48 gregkh Exp $
|
||||
|
||||
EAPI=5
|
||||
|
||||
DESCRIPTION="Docker complements LXC with a high-level API which operates at the process level."
|
||||
HOMEPAGE="http://www.docker.io/"
|
||||
SRC_URI=""
|
||||
|
||||
EGIT_REPO_URI="git://github.com/dotcloud/docker.git"
|
||||
if [[ ${PV} == *9999 ]]; then
|
||||
KEYWORDS=""
|
||||
else
|
||||
EGIT_COMMIT="v${PV}"
|
||||
KEYWORDS="~amd64"
|
||||
fi
|
||||
|
||||
inherit bash-completion-r1 git-2 linux-info systemd user
|
||||
|
||||
LICENSE="Apache-2.0"
|
||||
SLOT="0"
|
||||
IUSE="aufs +device-mapper doc vim-syntax"
|
||||
|
||||
CDEPEND="
|
||||
>=dev-db/sqlite-3.7.9:3
|
||||
device-mapper? (
|
||||
sys-fs/lvm2[thin]
|
||||
)
|
||||
"
|
||||
DEPEND="
|
||||
${CDEPEND}
|
||||
>=dev-lang/go-1.1.2
|
||||
dev-vcs/git
|
||||
dev-vcs/mercurial
|
||||
doc? (
|
||||
dev-python/sphinx
|
||||
dev-python/sphinxcontrib-httpdomain
|
||||
)
|
||||
"
|
||||
RDEPEND="
|
||||
${CDEPEND}
|
||||
!app-emulation/docker-bin
|
||||
>=app-arch/tar-1.26
|
||||
>=sys-apps/iproute2-3.5
|
||||
>=net-firewall/iptables-1.4
|
||||
>=app-emulation/lxc-0.8
|
||||
>=dev-vcs/git-1.7
|
||||
>=app-arch/xz-utils-4.9
|
||||
aufs? (
|
||||
|| (
|
||||
sys-fs/aufs3
|
||||
sys-kernel/aufs-sources
|
||||
)
|
||||
)
|
||||
"
|
||||
|
||||
RESTRICT="strip"
|
||||
|
||||
pkg_setup() {
|
||||
CONFIG_CHECK+="
|
||||
~BRIDGE
|
||||
~MEMCG_SWAP
|
||||
~NETFILTER_XT_MATCH_ADDRTYPE
|
||||
~NF_NAT
|
||||
~NF_NAT_NEEDED
|
||||
"
|
||||
ERROR_MEMCG_SWAP="MEMCG_SWAP is required if you wish to limit swap usage of containers"
|
||||
|
||||
if use aufs; then
|
||||
CONFIG_CHECK+="
|
||||
~AUFS_FS
|
||||
"
|
||||
ERROR_AUFS_FS="AUFS_FS is required to be set if and only if aufs-sources are used"
|
||||
fi
|
||||
|
||||
if use device-mapper; then
|
||||
CONFIG_CHECK+="
|
||||
~BLK_DEV_DM
|
||||
~DM_THIN_PROVISIONING
|
||||
~EXT4_FS
|
||||
"
|
||||
fi
|
||||
|
||||
check_extra_config
|
||||
}
|
||||
|
||||
src_unpack() {
|
||||
git-2_src_unpack
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
export GOPATH="${WORKDIR}/gopath"
|
||||
mkdir -p "$GOPATH" || die
|
||||
|
||||
# make sure docker itself is in our shiny new GOPATH
|
||||
mkdir -p "${GOPATH}/src/github.com/dotcloud" || die
|
||||
ln -sf "$(pwd -P)" "${GOPATH}/src/github.com/dotcloud/docker" || die
|
||||
|
||||
# we need our vendored deps, too
|
||||
export GOPATH="$GOPATH:$(pwd -P)/vendor"
|
||||
|
||||
# time to build!
|
||||
./hack/make.sh dynbinary || die
|
||||
|
||||
if use doc; then
|
||||
emake -C docs docs man || die
|
||||
fi
|
||||
}
|
||||
|
||||
src_install() {
|
||||
VERSION=$(cat VERSION)
|
||||
newbin bundles/$VERSION/dynbinary/docker-$VERSION docker
|
||||
exeinto /usr/libexec/docker
|
||||
newexe bundles/$VERSION/dynbinary/dockerinit-$VERSION dockerinit
|
||||
|
||||
newinitd contrib/init/openrc/docker.initd docker
|
||||
newconfd contrib/init/openrc/docker.confd docker
|
||||
|
||||
systemd_dounit contrib/init/systemd/docker.service
|
||||
|
||||
dodoc AUTHORS CONTRIBUTING.md CHANGELOG.md NOTICE README.md
|
||||
if use doc; then
|
||||
dohtml -r docs/_build/html/*
|
||||
doman docs/_build/man/*
|
||||
fi
|
||||
|
||||
dobashcomp contrib/completion/bash/*
|
||||
|
||||
insinto /usr/share/zsh/site-functions
|
||||
doins contrib/completion/zsh/*
|
||||
|
||||
if use vim-syntax; then
|
||||
insinto /usr/share/vim/vimfiles
|
||||
doins -r contrib/vim-syntax/ftdetect
|
||||
doins -r contrib/vim-syntax/syntax
|
||||
fi
|
||||
|
||||
insinto /usr/share/${P}/contrib
|
||||
doins contrib/README
|
||||
cp -R "${S}/contrib"/* "${D}/usr/share/${P}/contrib/"
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
elog ""
|
||||
elog "To use docker, the docker daemon must be running as root. To automatically"
|
||||
elog "start the docker daemon at boot, add docker to the default runlevel:"
|
||||
elog " rc-update add docker default"
|
||||
elog "Similarly for systemd:"
|
||||
elog " systemctl enable docker.service"
|
||||
elog ""
|
||||
|
||||
# create docker group if the code checking for it in /etc/group exists
|
||||
enewgroup docker
|
||||
|
||||
elog "To use docker as a non-root user, add yourself to the docker group."
|
||||
elog ""
|
||||
|
||||
ewarn ""
|
||||
ewarn "If you want your containers to have access to the public internet or even"
|
||||
ewarn "the existing private network, IP Forwarding must be enabled:"
|
||||
ewarn " sysctl -w net.ipv4.ip_forward=1"
|
||||
ewarn "or more permanently:"
|
||||
ewarn " echo net.ipv4.ip_forward = 1 > /etc/sysctl.d/${PN}.conf"
|
||||
ewarn "Please be mindful of the security implications of enabling IP Forwarding."
|
||||
ewarn ""
|
||||
}
|
@ -0,0 +1,213 @@
|
||||
# Copyright 1999-2013 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/app-text/calibre/calibre-1.12.ebuild,v 1.1 2013/11/26 18:56:03 mrueg Exp $
|
||||
|
||||
EAPI=5
|
||||
|
||||
inherit eutils fdo-mime bash-completion-r1 multilib toolchain-funcs
|
||||
|
||||
DESCRIPTION="Ebook management application."
|
||||
HOMEPAGE="http://calibre-ebook.com/"
|
||||
[[ ${PV} == ${PV%.*}.${PV#*.} ]] && MY_PV=${PV}.0 || MY_PV=${PV}
|
||||
SRC_URI="http://sourceforge.net/projects/calibre/files/${MY_PV}/${PN}-${MY_PV}.tar.xz"
|
||||
|
||||
LICENSE="
|
||||
GPL-3+
|
||||
GPL-3
|
||||
GPL-2+
|
||||
GPL-2
|
||||
GPL-1+
|
||||
LGPL-3+
|
||||
LGPL-2.1+
|
||||
LGPL-2.1
|
||||
BSD
|
||||
MIT
|
||||
Old-MIT
|
||||
Apache-2.0
|
||||
public-domain
|
||||
|| ( Artistic GPL-1+ )
|
||||
CC-BY-3.0
|
||||
OFL-1.1
|
||||
PSF-2
|
||||
unRAR
|
||||
"
|
||||
|
||||
KEYWORDS="~amd64 ~x86"
|
||||
|
||||
SLOT="0"
|
||||
|
||||
IUSE="+udisks"
|
||||
|
||||
COMMON_DEPEND="
|
||||
>=app-text/podofo-0.8.2:=
|
||||
>=app-text/poppler-0.12.3-r3:=[qt4,xpdf-headers(+)]
|
||||
>=dev-lang/python-2.7.1:2.7[sqlite,ssl]
|
||||
>=dev-libs/chmlib-0.40:=
|
||||
>=dev-libs/icu-4.4:=
|
||||
dev-python/apsw
|
||||
>=dev-python/beautifulsoup-3.0.5:python-2
|
||||
dev-python/netifaces
|
||||
dev-python/python-dateutil
|
||||
>=dev-python/dnspython-1.6.0
|
||||
>=dev-python/cssselect-0.7.1
|
||||
>=dev-python/cssutils-0.9.9
|
||||
>=dev-python/dbus-python-0.82.2
|
||||
virtual/python-imaging
|
||||
>=dev-python/lxml-2.2.1
|
||||
>=dev-python/mechanize-0.1.11
|
||||
>=dev-python/python-dateutil-1.4.1
|
||||
>=dev-python/PyQt4-4.9.1[X,svg,webkit]
|
||||
media-fonts/liberation-fonts
|
||||
>=media-gfx/imagemagick-6.5.9[jpeg,png]
|
||||
>=media-libs/freetype-2:=
|
||||
>=media-libs/libwmf-0.2.8
|
||||
>=media-libs/libmtp-1.1.4:=
|
||||
virtual/libusb:1=
|
||||
dev-qt/qtdbus:4=
|
||||
dev-qt/qtsvg:4=
|
||||
>=x11-misc/xdg-utils-1.0.2-r2"
|
||||
|
||||
RDEPEND="${COMMON_DEPEND}
|
||||
udisks? ( || ( sys-fs/udisks:2 sys-fs/udisks:0 ) )"
|
||||
|
||||
DEPEND="${COMMON_DEPEND}
|
||||
>=dev-python/setuptools-0.6_rc5"
|
||||
|
||||
S=${WORKDIR}/${PN}
|
||||
|
||||
src_prepare() {
|
||||
# Fix outdated version constant.
|
||||
#sed -e "s#\\(^numeric_version =\\).*#\\1 (${PV//./, })#" \
|
||||
# -i src/calibre/constants.py || \
|
||||
# die "sed failed to patch constants.py"
|
||||
|
||||
# Avoid sandbox violation in /usr/share/gnome/apps when linux.py
|
||||
# calls xdg-* (bug #258938).
|
||||
sed -e "s|'xdg-desktop-menu', 'install'|\\0, '--mode', 'user'|" \
|
||||
-e "s|check_call(\\['xdg-desktop-menu', 'forceupdate'\\])|#\\0|" \
|
||||
-e "s|\\(CurrentDir(tdir)\\), \\\\\$|\\1:|" \
|
||||
-e "s|PreserveMIMEDefaults():||" \
|
||||
-e "s|xdg-icon-resource install|\\0 --mode user|" \
|
||||
-e "s|cc(\\['xdg-desktop-menu', 'forceupdate'\\])|#\\0|" \
|
||||
-e "s|xdg-mime install|\\0 --mode user|" \
|
||||
-i src/calibre/linux.py || die "sed failed to patch linux.py"
|
||||
|
||||
# Disable unnecessary privilege dropping for bug #287067.
|
||||
sed -e "s:if os.geteuid() == 0:if False and os.geteuid() == 0:" \
|
||||
-i setup/install.py || die "sed failed to patch install.py"
|
||||
|
||||
sed -e "/^ self\\.check_call(qmc + \\[.*\\.pro'\\])$/a\
|
||||
\\ \\ \\ \\ \\ \\ \\ \\ \\ \\ \\ \\ self.check_call(['sed', \
|
||||
'-e', 's|^CFLAGS .*|\\\\\\\\0 ${CFLAGS}|', \
|
||||
'-e', 's|^CXXFLAGS .*|\\\\\\\\0 ${CXXFLAGS}|', \
|
||||
'-e', 's|^LFLAGS .*|\\\\\\\\0 ${LDFLAGS}|', \
|
||||
'-i', 'Makefile'])" \
|
||||
-i setup/extensions.py || die "sed failed to patch extensions.py"
|
||||
|
||||
# no_updates: do not annoy user with "new version is availible all the time
|
||||
# disable_plugins: walking sec-hole, wait for upstream to use GHNS interface
|
||||
epatch \
|
||||
"${FILESDIR}/${PN}-no_updates_dialog.patch" \
|
||||
"${FILESDIR}/${PN}-disable_plugins.patch"
|
||||
}
|
||||
|
||||
src_install() {
|
||||
# Bypass kbuildsycoca and update-mime-database in order to
|
||||
# avoid sandbox violations if xdg-mime tries to call them.
|
||||
cat - > "${T}/kbuildsycoca" <<-EOF
|
||||
#!${BASH}
|
||||
exit 0
|
||||
EOF
|
||||
|
||||
cp "${T}"/{kbuildsycoca,update-mime-database}
|
||||
chmod +x "${T}"/{kbuildsycoca,update-mime-database}
|
||||
|
||||
# Unset DISPLAY in order to prevent xdg-mime from triggering a sandbox
|
||||
# violation with kbuildsycoca as in bug #287067, comment #13.
|
||||
export -n DISPLAY
|
||||
|
||||
# Bug #352625 - Some LANGUAGE values can trigger the following ValueError:
|
||||
# File "/usr/lib/python2.6/locale.py", line 486, in getdefaultlocale
|
||||
# return _parse_localename(localename)
|
||||
# File "/usr/lib/python2.6/locale.py", line 418, in _parse_localename
|
||||
# raise ValueError, 'unknown locale: %s' % localename
|
||||
#ValueError: unknown locale: 46
|
||||
export -n LANGUAGE
|
||||
|
||||
# Bug #295672 - Avoid sandbox violation in ~/.config by forcing
|
||||
# variables to point to our fake temporary $HOME.
|
||||
export HOME="${T}/fake_homedir"
|
||||
export XDG_CONFIG_HOME="${HOME}/.config"
|
||||
export XDG_DATA_HOME="${HOME}/.local/share"
|
||||
export CALIBRE_CONFIG_DIRECTORY="${XDG_CONFIG_HOME}/calibre"
|
||||
mkdir -p "${XDG_CONFIG_HOME}" "${CALIBRE_CONFIG_DIRECTORY}"
|
||||
|
||||
tc-export CC CXX
|
||||
# Bug #334243 - respect LDFLAGS when building extensions
|
||||
export OVERRIDE_CFLAGS="$CFLAGS" OVERRIDE_LDFLAGS="$LDFLAGS"
|
||||
local libdir=$(get_libdir)
|
||||
[[ -n $libdir ]] || die "get_libdir returned an empty string"
|
||||
|
||||
# Bug #472690 - Avoid sandbox violation for /dev/dri/card0.
|
||||
local x
|
||||
for x in /dev/dri/card[0-9] ; do
|
||||
[[ -e ${x} ]] && addpredict ${x}
|
||||
done
|
||||
|
||||
dodir "/usr/$(get_libdir)/python2.7/site-packages" # for init_calibre.py
|
||||
PATH=${T}:${PATH} PYTHONPATH=${S}/src${PYTHONPATH:+:}${PYTHONPATH} \
|
||||
"${EPREFIX}"/usr/bin/python2.7 setup.py install \
|
||||
--root="${D}" \
|
||||
--prefix="${EPREFIX}/usr" \
|
||||
--libdir="${EPREFIX}/usr/${libdir}" \
|
||||
--staging-root="${ED}usr" \
|
||||
--staging-libdir="${ED}usr/${libdir}" || die
|
||||
|
||||
grep -rlZ "${ED}" "${ED}" | xargs -0 sed -e "s:${D}:/:g" -i ||
|
||||
die "failed to fix harcoded \$D in paths"
|
||||
|
||||
# The menu entries end up here due to '--mode user' being added to
|
||||
# xdg-* options in src_prepare.
|
||||
dodir /usr/share/mime/packages
|
||||
chmod -fR a+rX,u+w,g-w,o-w "${HOME}"/.local
|
||||
mv "${HOME}"/.local/share/mime/packages/* "${ED}"usr/share/mime/packages/ ||
|
||||
die "failed to register mime types"
|
||||
dodir /usr/share/icons
|
||||
mv "${HOME}"/.local/share/icons/* "${ED}"usr/share/icons/ ||
|
||||
die "failed to install icon files"
|
||||
|
||||
domenu "${HOME}"/.local/share/applications/*.desktop ||
|
||||
die "failed to install .desktop menu files"
|
||||
|
||||
dobashcomp "${ED}"usr/etc/bash_completion.d/calibre
|
||||
rm -r "${ED}"usr/etc/bash_completion.d
|
||||
find "${ED}"usr/etc -type d -empty -delete
|
||||
|
||||
cd "${ED}"/usr/share/calibre/fonts/liberation || die
|
||||
local x
|
||||
for x in * ; do
|
||||
[[ -f ${EROOT}usr/share/fonts/liberation-fonts/${x} ]] || continue
|
||||
ln -sf "../../../fonts/liberation-fonts/${x}" "${x}" || die
|
||||
done
|
||||
|
||||
einfo "Converting python shebangs"
|
||||
while read -r -d $'\0' ; do
|
||||
local shebang=$(head -n1 "$REPLY")
|
||||
if [[ ${shebang} == "#!"*python* ]] ; then
|
||||
sed -i -e "1s:.*:#!${EPREFIX}/usr/bin/python2.7:" "$REPLY" || \
|
||||
die "sed failed"
|
||||
fi
|
||||
done < <(find "${ED}" -type f -print0)
|
||||
|
||||
einfo "Compiling python modules"
|
||||
"${EPREFIX}"/usr/bin/python2.7 -m compileall -q -f \
|
||||
-d "${EPREFIX}"/usr/lib/calibre "${ED}"usr/lib/calibre || die
|
||||
|
||||
newinitd "${FILESDIR}"/calibre-server.init calibre-server
|
||||
newconfd "${FILESDIR}"/calibre-server.conf calibre-server
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
fdo-mime_desktop_database_update
|
||||
fdo-mime_mime_database_update
|
||||
}
|
@ -0,0 +1,68 @@
|
||||
# Copyright 1999-2013 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/dev-db/slony1/slony1-2.2.1.ebuild,v 1.1 2013/11/27 04:17:32 patrick Exp $
|
||||
|
||||
EAPI="4"
|
||||
|
||||
inherit eutils versionator
|
||||
|
||||
IUSE="doc perl"
|
||||
|
||||
DESCRIPTION="A replication system for the PostgreSQL Database Management System"
|
||||
HOMEPAGE="http://slony.info/"
|
||||
|
||||
# ${P}-docs.tar.bz2 contains man pages as well as additional documentation
|
||||
MAJ_PV=$(get_version_component_range 1-2)
|
||||
SRC_URI="http://main.slony.info/downloads/${MAJ_PV}/source/${P}.tar.bz2
|
||||
http://main.slony.info/downloads/${MAJ_PV}/source/${P}-docs.tar.bz2"
|
||||
|
||||
LICENSE="BSD GPL-2"
|
||||
SLOT="0"
|
||||
KEYWORDS="~amd64 ~ppc ~x86"
|
||||
|
||||
DEPEND="|| (
|
||||
dev-db/postgresql-server:9.3
|
||||
dev-db/postgresql-server:9.2
|
||||
dev-db/postgresql-server:9.1
|
||||
dev-db/postgresql-server:9.0
|
||||
dev-db/postgresql-server:8.4
|
||||
dev-db/postgresql-server:8.3
|
||||
)
|
||||
dev-db/postgresql-base[threads]
|
||||
perl? ( dev-perl/DBD-Pg )
|
||||
"
|
||||
|
||||
pkg_setup() {
|
||||
local PGSLOT="$(postgresql-config show)"
|
||||
if [[ ${PGSLOT//.} < 83 ]] ; then
|
||||
eerror "You must build ${CATEGORY}/${PN} against PostgreSQL 8.3 or higher."
|
||||
eerror "Set an appropriate slot with postgresql-config."
|
||||
die "postgresql-config not set to 8.3 or higher."
|
||||
fi
|
||||
|
||||
# if [[ ${PGSLOT//.} > 90 ]] ; then
|
||||
# ewarn "You are building ${CATEGORY}/${PN} against a version of PostgreSQL greater than 9.0."
|
||||
# ewarn "This is neither supported here nor upstream."
|
||||
# ewarn "Any bugs you encounter should be reported upstream."
|
||||
# fi
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
local myconf
|
||||
use perl && myconf='--with-perltools'
|
||||
econf ${myconf}
|
||||
}
|
||||
|
||||
src_install() {
|
||||
emake DESTDIR="${D}" install
|
||||
|
||||
dodoc INSTALL README SAMPLE TODO UPGRADING share/slon.conf-sample
|
||||
|
||||
if use doc ; then
|
||||
cd "${S}"/doc
|
||||
dohtml -r *
|
||||
fi
|
||||
|
||||
newinitd "${FILESDIR}"/slony1.init slony1
|
||||
newconfd "${FILESDIR}"/slony1.conf slony1
|
||||
}
|
@ -1,59 +0,0 @@
|
||||
fix unaligned access in alpha specific 'OPENSSL_cleanse' function
|
||||
|
||||
Debugged with the following simple program:
|
||||
// gcc cleanse_test.c -o ct -lcrypto
|
||||
#include <openssl/crypto.h>
|
||||
int main(void)
|
||||
{
|
||||
char buffer [128];
|
||||
int off;
|
||||
int sz;
|
||||
for (off = 0; off < sizeof (buffer); ++off)
|
||||
for (sz = 0; sz < sizeof (buffer) - off; ++sz)
|
||||
OPENSSL_cleanse (buffer + off, sz);
|
||||
return 0;
|
||||
}
|
||||
$ prctl --unaligned=signal ./cleanse_test
|
||||
Bus error
|
||||
|
||||
https://bugs.gentoo.org/show_bug.cgi?id=371561
|
||||
http://cvs.openssl.org/chngview?cn=21233
|
||||
Reported by Tobias Klausmann <klausman@gentoo.org>
|
||||
Fixed by Andy Polyakov <appro@openssl.org>
|
||||
diff --git a/crypto/alphacpuid.pl b/crypto/alphacpuid.pl
|
||||
index 11f2e30..5b0e21b 100644
|
||||
--- a/crypto/alphacpuid.pl
|
||||
+++ b/crypto/alphacpuid.pl
|
||||
@@ -99,19 +99,19 @@ OPENSSL_cleanse:
|
||||
beq $0,.Laligned
|
||||
|
||||
.Little:
|
||||
+ subq $0,8,$0
|
||||
ldq_u $1,0($16)
|
||||
mov $16,$2
|
||||
.Lalign:
|
||||
mskbl $1,$16,$1
|
||||
lda $16,1($16)
|
||||
subq $17,1,$17
|
||||
- subq $0,1,$0
|
||||
+ addq $0,1,$0
|
||||
beq $17,.Lout
|
||||
bne $0,.Lalign
|
||||
.Lout: stq_u $1,0($2)
|
||||
beq $17,.Ldone
|
||||
bic $17,7,$at
|
||||
- mov $17,$0
|
||||
beq $at,.Little
|
||||
|
||||
.Laligned:
|
||||
@@ -120,9 +120,7 @@ OPENSSL_cleanse:
|
||||
lda $16,8($16)
|
||||
bic $17,7,$at
|
||||
bne $at,.Laligned
|
||||
- beq $17,.Ldone
|
||||
- mov $17,$0
|
||||
- br .Little
|
||||
+ bne $17,.Little
|
||||
.Ldone: ret ($26)
|
||||
.end OPENSSL_cleanse
|
||||
___
|
@ -1,13 +0,0 @@
|
||||
http://bugs.gentoo.org/364699
|
||||
|
||||
--- crypto/bn/asm/alpha-mont.pl
|
||||
+++ crypto/bn/asm/alpha-mont.pl
|
||||
@@ -41,7 +41,7 @@ $j="s4";
|
||||
$m1="s5";
|
||||
|
||||
$code=<<___;
|
||||
-#indef __linux__
|
||||
+#ifdef __linux__
|
||||
#include <asm/regdef.h>
|
||||
#else
|
||||
#include <asm.h>
|
@ -1,42 +0,0 @@
|
||||
move internal libraries to ".private" fields so that the default
|
||||
--libs output matches only what we need
|
||||
|
||||
--- a/Makefile.org
|
||||
+++ b/Makefile.org
|
||||
@@ -325,7 +325,8 @@ libcrypto.pc: Makefile
|
||||
echo 'Description: OpenSSL cryptography library'; \
|
||||
echo 'Version: '$(VERSION); \
|
||||
echo 'Requires: '; \
|
||||
- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
|
||||
+ echo 'Libs: -L$${libdir} -lcrypto'; \
|
||||
+ echo 'Libs.private: $(EX_LIBS)'; \
|
||||
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
|
||||
|
||||
libssl.pc: Makefile
|
||||
@@ -334,11 +335,12 @@ libssl.pc: Makefile
|
||||
echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
|
||||
echo 'includedir=$${prefix}/include'; \
|
||||
echo ''; \
|
||||
- echo 'Name: OpenSSL'; \
|
||||
+ echo 'Name: OpenSSL-libssl'; \
|
||||
echo 'Description: Secure Sockets Layer and cryptography libraries'; \
|
||||
echo 'Version: '$(VERSION); \
|
||||
- echo 'Requires: '; \
|
||||
- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
|
||||
+ echo 'Requires.private: libcrypto'; \
|
||||
+ echo 'Libs: -L$${libdir} -lssl'; \
|
||||
+ echo 'Libs.private: $(EX_LIBS)'; \
|
||||
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
|
||||
|
||||
openssl.pc: Makefile
|
||||
@@ -350,9 +352,7 @@ openssl.pc: Makefile
|
||||
echo 'Name: OpenSSL'; \
|
||||
echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
|
||||
echo 'Version: '$(VERSION); \
|
||||
- echo 'Requires: '; \
|
||||
- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
|
||||
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
|
||||
+ echo 'Requires: libssl libcrypto' ) > openssl.pc
|
||||
|
||||
Makefile: Makefile.org Configure config
|
||||
@echo "Makefile is older than Makefile.org, Configure or config."
|
@ -1,678 +0,0 @@
|
||||
http://rt.openssl.org/Ticket/Display.html?id=2051
|
||||
user/pass: guest/guest
|
||||
|
||||
Index: apps/s_apps.h
|
||||
===================================================================
|
||||
RCS file: /v/openssl/cvs/openssl/apps/s_apps.h,v
|
||||
retrieving revision 1.21.2.1
|
||||
diff -u -r1.21.2.1 s_apps.h
|
||||
--- apps/s_apps.h 4 Sep 2009 17:42:04 -0000 1.21.2.1
|
||||
+++ apps/s_apps.h 28 Dec 2011 00:28:14 -0000
|
||||
@@ -148,7 +148,7 @@
|
||||
#define PORT_STR "4433"
|
||||
#define PROTOCOL "tcp"
|
||||
|
||||
-int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
|
||||
+int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6);
|
||||
#ifdef HEADER_X509_H
|
||||
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
|
||||
#endif
|
||||
@@ -156,7 +156,7 @@
|
||||
int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
|
||||
int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
|
||||
#endif
|
||||
-int init_client(int *sock, char *server, int port, int type);
|
||||
+int init_client(int *sock, char *server, int port, int type, int use_ipv4, int use_ipv6);
|
||||
int should_retry(int i);
|
||||
int extract_port(char *str, short *port_ptr);
|
||||
int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
|
||||
Index: apps/s_cb.c
|
||||
===================================================================
|
||||
RCS file: /v/openssl/cvs/openssl/apps/s_cb.c,v
|
||||
retrieving revision 1.27.2.8.2.2
|
||||
diff -u -r1.27.2.8.2.2 s_cb.c
|
||||
--- apps/s_cb.c 13 Nov 2011 13:13:13 -0000 1.27.2.8.2.2
|
||||
+++ apps/s_cb.c 28 Dec 2011 00:28:14 -0000
|
||||
Index: apps/s_client.c
|
||||
===================================================================
|
||||
RCS file: /v/openssl/cvs/openssl/apps/s_client.c,v
|
||||
retrieving revision 1.123.2.6.2.10
|
||||
diff -u -r1.123.2.6.2.10 s_client.c
|
||||
--- apps/s_client.c 14 Dec 2011 22:18:02 -0000 1.123.2.6.2.10
|
||||
+++ apps/s_client.c 28 Dec 2011 00:28:14 -0000
|
||||
@@ -285,6 +285,9 @@
|
||||
{
|
||||
BIO_printf(bio_err,"usage: s_client args\n");
|
||||
BIO_printf(bio_err,"\n");
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ BIO_printf(bio_err," -6 - use IPv6\n");
|
||||
+#endif
|
||||
BIO_printf(bio_err," -host host - use -connect instead\n");
|
||||
BIO_printf(bio_err," -port port - use -connect instead\n");
|
||||
BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
|
||||
@@ -564,6 +567,7 @@
|
||||
int sbuf_len,sbuf_off;
|
||||
fd_set readfds,writefds;
|
||||
short port=PORT;
|
||||
+ int use_ipv4, use_ipv6;
|
||||
int full_log=1;
|
||||
char *host=SSL_HOST_NAME;
|
||||
char *cert_file=NULL,*key_file=NULL;
|
||||
@@ -609,7 +613,11 @@
|
||||
#endif
|
||||
char *sess_in = NULL;
|
||||
char *sess_out = NULL;
|
||||
- struct sockaddr peer;
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ struct sockaddr_storage peer;
|
||||
+#else
|
||||
+ struct sockaddr_in peer;
|
||||
+#endif
|
||||
int peerlen = sizeof(peer);
|
||||
int enable_timeouts = 0 ;
|
||||
long socket_mtu = 0;
|
||||
@@ -630,6 +638,8 @@
|
||||
meth=SSLv2_client_method();
|
||||
#endif
|
||||
|
||||
+ use_ipv4 = 1;
|
||||
+ use_ipv6 = 0;
|
||||
apps_startup();
|
||||
c_Pause=0;
|
||||
c_quiet=0;
|
||||
@@ -951,6 +961,13 @@
|
||||
jpake_secret = *++argv;
|
||||
}
|
||||
#endif
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ else if (strcmp(*argv,"-6") == 0)
|
||||
+ {
|
||||
+ use_ipv4 = 0;
|
||||
+ use_ipv6 = 1;
|
||||
+ }
|
||||
+#endif
|
||||
else if (strcmp(*argv,"-use_srtp") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
@@ -967,7 +984,7 @@
|
||||
keymatexportlen=atoi(*(++argv));
|
||||
if (keymatexportlen == 0) goto bad;
|
||||
}
|
||||
- else
|
||||
+ else
|
||||
{
|
||||
BIO_printf(bio_err,"unknown option %s\n",*argv);
|
||||
badop=1;
|
||||
@@ -1259,7 +1276,7 @@
|
||||
|
||||
re_start:
|
||||
|
||||
- if (init_client(&s,host,port,socket_type) == 0)
|
||||
+ if (init_client(&s,host,port,socket_type,use_ipv4,use_ipv6) == 0)
|
||||
{
|
||||
BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
|
||||
SHUTDOWN(s);
|
||||
@@ -1285,7 +1302,7 @@
|
||||
{
|
||||
|
||||
sbio=BIO_new_dgram(s,BIO_NOCLOSE);
|
||||
- if (getsockname(s, &peer, (void *)&peerlen) < 0)
|
||||
+ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0)
|
||||
{
|
||||
BIO_printf(bio_err, "getsockname:errno=%d\n",
|
||||
get_last_socket_error());
|
||||
@@ -2036,7 +2061,7 @@
|
||||
BIO_printf(bio,"Expansion: %s\n",
|
||||
expansion ? SSL_COMP_get_name(expansion) : "NONE");
|
||||
#endif
|
||||
-
|
||||
+
|
||||
#ifdef SSL_DEBUG
|
||||
{
|
||||
/* Print out local port of connection: useful for debugging */
|
||||
===================================================================
|
||||
RCS file: /v/openssl/cvs/openssl/apps/s_server.c,v
|
||||
retrieving revision 1.136.2.15.2.13
|
||||
diff -u -r1.136.2.15.2.13 s_server.c
|
||||
--- apps/s_server.c 27 Dec 2011 14:23:22 -0000 1.136.2.15.2.13
|
||||
+++ apps/s_server.c 28 Dec 2011 00:28:14 -0000
|
||||
@@ -558,6 +558,10 @@
|
||||
# endif
|
||||
BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list");
|
||||
#endif
|
||||
+ BIO_printf(bio_err," -4 - use IPv4 only\n");
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ BIO_printf(bio_err," -6 - use IPv6 only\n");
|
||||
+#endif
|
||||
BIO_printf(bio_err," -keymatexport label - Export keying material using label\n");
|
||||
BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n");
|
||||
}
|
||||
@@ -943,6 +947,7 @@
|
||||
int state=0;
|
||||
const SSL_METHOD *meth=NULL;
|
||||
int socket_type=SOCK_STREAM;
|
||||
+ int use_ipv4, use_ipv6;
|
||||
ENGINE *e=NULL;
|
||||
char *inrand=NULL;
|
||||
int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
|
||||
@@ -981,6 +986,12 @@
|
||||
/* #error no SSL version enabled */
|
||||
#endif
|
||||
|
||||
+ use_ipv4 = 1;
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ use_ipv6 = 1;
|
||||
+#else
|
||||
+ use_ipv6 = 0;
|
||||
+#endif
|
||||
local_argc=argc;
|
||||
local_argv=argv;
|
||||
|
||||
@@ -1329,6 +1340,18 @@
|
||||
jpake_secret = *(++argv);
|
||||
}
|
||||
#endif
|
||||
+ else if (strcmp(*argv,"-4") == 0)
|
||||
+ {
|
||||
+ use_ipv4 = 1;
|
||||
+ use_ipv6 = 0;
|
||||
+ }
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ else if (strcmp(*argv,"-6") == 0)
|
||||
+ {
|
||||
+ use_ipv4 = 0;
|
||||
+ use_ipv6 = 1;
|
||||
+ }
|
||||
+#endif
|
||||
else if (strcmp(*argv,"-use_srtp") == 0)
|
||||
{
|
||||
if (--argc < 1) goto bad;
|
||||
@@ -1884,9 +1907,9 @@
|
||||
BIO_printf(bio_s_out,"ACCEPT\n");
|
||||
(void)BIO_flush(bio_s_out);
|
||||
if (www)
|
||||
- do_server(port,socket_type,&accept_socket,www_body, context);
|
||||
+ do_server(port,socket_type,&accept_socket,www_body, context, use_ipv4, use_ipv6);
|
||||
else
|
||||
- do_server(port,socket_type,&accept_socket,sv_body, context);
|
||||
+ do_server(port,socket_type,&accept_socket,sv_body, context, use_ipv4, use_ipv6);
|
||||
print_stats(bio_s_out,ctx);
|
||||
ret=0;
|
||||
end:
|
||||
Index: apps/s_socket.c
|
||||
===================================================================
|
||||
RCS file: /v/openssl/cvs/openssl/apps/s_socket.c,v
|
||||
retrieving revision 1.43.2.3.2.2
|
||||
diff -u -r1.43.2.3.2.2 s_socket.c
|
||||
--- apps/s_socket.c 2 Dec 2011 14:39:40 -0000 1.43.2.3.2.2
|
||||
+++ apps/s_socket.c 28 Dec 2011 00:28:14 -0000
|
||||
@@ -97,16 +97,16 @@
|
||||
#include "netdb.h"
|
||||
#endif
|
||||
|
||||
-static struct hostent *GetHostByName(char *name);
|
||||
+static struct hostent *GetHostByName(char *name, int domain);
|
||||
#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
|
||||
static void ssl_sock_cleanup(void);
|
||||
#endif
|
||||
static int ssl_sock_init(void);
|
||||
-static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
|
||||
-static int init_server(int *sock, int port, int type);
|
||||
-static int init_server_long(int *sock, int port,char *ip, int type);
|
||||
+static int init_client_ip(int *sock,unsigned char *ip, int port, int type, int domain);
|
||||
+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6);
|
||||
+static int init_server_long(int *sock, int port,char *ip, int type, int use_ipv4, int use_ipv6);
|
||||
static int do_accept(int acc_sock, int *sock, char **host);
|
||||
-static int host_ip(char *str, unsigned char ip[4]);
|
||||
+static int host_ip(char *str, unsigned char *ip, int domain);
|
||||
|
||||
#ifdef OPENSSL_SYS_WIN16
|
||||
#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
|
||||
@@ -234,38 +234,76 @@
|
||||
return(1);
|
||||
}
|
||||
|
||||
-int init_client(int *sock, char *host, int port, int type)
|
||||
+int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6)
|
||||
{
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ unsigned char ip[16];
|
||||
+#else
|
||||
unsigned char ip[4];
|
||||
+#endif
|
||||
|
||||
- memset(ip, '\0', sizeof ip);
|
||||
- if (!host_ip(host,&(ip[0])))
|
||||
+ if (!use_ipv4 && !use_ipv6)
|
||||
return 0;
|
||||
- return init_client_ip(sock,ip,port,type);
|
||||
- }
|
||||
-
|
||||
-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
|
||||
- {
|
||||
- unsigned long addr;
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ /* we are fine here */
|
||||
+#else
|
||||
+ if (use_ipv6)
|
||||
+ return 0;
|
||||
+#endif
|
||||
+ if (use_ipv4)
|
||||
+ if (host_ip(host,ip,AF_INET))
|
||||
+ return(init_client_ip(sock,ip,port,type,AF_INET));
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ if (use_ipv6)
|
||||
+ if (host_ip(host,ip,AF_INET6))
|
||||
+ return(init_client_ip(sock,ip,port,type,AF_INET6));
|
||||
+#endif
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain)
|
||||
+ {
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ struct sockaddr_storage them;
|
||||
+ struct sockaddr_in *them_in = (struct sockaddr_in *)&them;
|
||||
+ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them;
|
||||
+#else
|
||||
struct sockaddr_in them;
|
||||
+ struct sockaddr_in *them_in = &them;
|
||||
+#endif
|
||||
+ socklen_t addr_len;
|
||||
int s,i;
|
||||
|
||||
if (!ssl_sock_init()) return(0);
|
||||
|
||||
memset((char *)&them,0,sizeof(them));
|
||||
- them.sin_family=AF_INET;
|
||||
- them.sin_port=htons((unsigned short)port);
|
||||
- addr=(unsigned long)
|
||||
- ((unsigned long)ip[0]<<24L)|
|
||||
- ((unsigned long)ip[1]<<16L)|
|
||||
- ((unsigned long)ip[2]<< 8L)|
|
||||
- ((unsigned long)ip[3]);
|
||||
- them.sin_addr.s_addr=htonl(addr);
|
||||
+ if (domain == AF_INET)
|
||||
+ {
|
||||
+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
|
||||
+ them_in->sin_family=AF_INET;
|
||||
+ them_in->sin_port=htons((unsigned short)port);
|
||||
+#ifndef BIT_FIELD_LIMITS
|
||||
+ memcpy(&them_in->sin_addr.s_addr, ip, 4);
|
||||
+#else
|
||||
+ memcpy(&them_in->sin_addr, ip, 4);
|
||||
+#endif
|
||||
+ }
|
||||
+ else
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ {
|
||||
+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
|
||||
+ them_in6->sin6_family=AF_INET6;
|
||||
+ them_in6->sin6_port=htons((unsigned short)port);
|
||||
+ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr));
|
||||
+ }
|
||||
+#else
|
||||
+ return(0);
|
||||
+#endif
|
||||
|
||||
if (type == SOCK_STREAM)
|
||||
- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
|
||||
+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL);
|
||||
else /* ( type == SOCK_DGRAM) */
|
||||
- s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
|
||||
+ s=socket(domain,SOCK_DGRAM,IPPROTO_UDP);
|
||||
|
||||
if (s == INVALID_SOCKET) { perror("socket"); return(0); }
|
||||
|
||||
@@ -277,29 +315,27 @@
|
||||
if (i < 0) { perror("keepalive"); return(0); }
|
||||
}
|
||||
#endif
|
||||
-
|
||||
- if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
|
||||
+ if (connect(s,(struct sockaddr *)&them,addr_len) == -1)
|
||||
{ closesocket(s); perror("connect"); return(0); }
|
||||
*sock=s;
|
||||
return(1);
|
||||
}
|
||||
|
||||
-int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
|
||||
+int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6)
|
||||
{
|
||||
int sock;
|
||||
char *name = NULL;
|
||||
int accept_socket = 0;
|
||||
int i;
|
||||
|
||||
- if (!init_server(&accept_socket,port,type)) return(0);
|
||||
-
|
||||
+ if (!init_server(&accept_socket,port,type, use_ipv4, use_ipv6)) return(0);
|
||||
if (ret != NULL)
|
||||
{
|
||||
*ret=accept_socket;
|
||||
/* return(1);*/
|
||||
}
|
||||
- for (;;)
|
||||
- {
|
||||
+ for (;;)
|
||||
+ {
|
||||
if (type==SOCK_STREAM)
|
||||
{
|
||||
if (do_accept(accept_socket,&sock,&name) == 0)
|
||||
@@ -322,41 +358,88 @@
|
||||
}
|
||||
}
|
||||
|
||||
-static int init_server_long(int *sock, int port, char *ip, int type)
|
||||
+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6)
|
||||
{
|
||||
int ret=0;
|
||||
+ int domain;
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ struct sockaddr_storage server;
|
||||
+ struct sockaddr_in *server_in = (struct sockaddr_in *)&server;
|
||||
+ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server;
|
||||
+#else
|
||||
struct sockaddr_in server;
|
||||
+ struct sockaddr_in *server_in = &server;
|
||||
+#endif
|
||||
+ socklen_t addr_len;
|
||||
int s= -1;
|
||||
|
||||
+ if (!use_ipv4 && !use_ipv6)
|
||||
+ goto err;
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ /* we are fine here */
|
||||
+#else
|
||||
+ if (use_ipv6)
|
||||
+ goto err;
|
||||
+#endif
|
||||
if (!ssl_sock_init()) return(0);
|
||||
|
||||
- memset((char *)&server,0,sizeof(server));
|
||||
- server.sin_family=AF_INET;
|
||||
- server.sin_port=htons((unsigned short)port);
|
||||
- if (ip == NULL)
|
||||
- server.sin_addr.s_addr=INADDR_ANY;
|
||||
- else
|
||||
-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
|
||||
-#ifndef BIT_FIELD_LIMITS
|
||||
- memcpy(&server.sin_addr.s_addr,ip,4);
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ domain = use_ipv6 ? AF_INET6 : AF_INET;
|
||||
#else
|
||||
- memcpy(&server.sin_addr,ip,4);
|
||||
+ domain = AF_INET;
|
||||
#endif
|
||||
-
|
||||
- if (type == SOCK_STREAM)
|
||||
- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
|
||||
- else /* type == SOCK_DGRAM */
|
||||
- s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
|
||||
+ if (type == SOCK_STREAM)
|
||||
+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL);
|
||||
+ else /* type == SOCK_DGRAM */
|
||||
+ s=socket(domain, SOCK_DGRAM,IPPROTO_UDP);
|
||||
|
||||
if (s == INVALID_SOCKET) goto err;
|
||||
#if defined SOL_SOCKET && defined SO_REUSEADDR
|
||||
+ {
|
||||
+ int j = 1;
|
||||
+ setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
|
||||
+ (void *) &j, sizeof j);
|
||||
+ }
|
||||
+#endif
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ if ((use_ipv4 == 0) && (use_ipv6 == 1))
|
||||
{
|
||||
- int j = 1;
|
||||
- setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
|
||||
- (void *) &j, sizeof j);
|
||||
+ const int on = 1;
|
||||
+
|
||||
+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY,
|
||||
+ (const void *) &on, sizeof(int));
|
||||
}
|
||||
#endif
|
||||
- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
|
||||
+ if (domain == AF_INET)
|
||||
+ {
|
||||
+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
|
||||
+ memset(server_in, 0, sizeof(struct sockaddr_in));
|
||||
+ server_in->sin_family=AF_INET;
|
||||
+ server_in->sin_port = htons((unsigned short)port);
|
||||
+ if (ip == NULL)
|
||||
+ server_in->sin_addr.s_addr = htonl(INADDR_ANY);
|
||||
+ else
|
||||
+/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
|
||||
+#ifndef BIT_FIELD_LIMITS
|
||||
+ memcpy(&server_in->sin_addr.s_addr, ip, 4);
|
||||
+#else
|
||||
+ memcpy(&server_in->sin_addr, ip, 4);
|
||||
+#endif
|
||||
+ }
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ else
|
||||
+ {
|
||||
+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
|
||||
+ memset(server_in6, 0, sizeof(struct sockaddr_in6));
|
||||
+ server_in6->sin6_family = AF_INET6;
|
||||
+ server_in6->sin6_port = htons((unsigned short)port);
|
||||
+ if (ip == NULL)
|
||||
+ server_in6->sin6_addr = in6addr_any;
|
||||
+ else
|
||||
+ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr));
|
||||
+ }
|
||||
+#endif
|
||||
+ if (bind(s, (struct sockaddr *)&server, addr_len) == -1)
|
||||
{
|
||||
#ifndef OPENSSL_SYS_WINDOWS
|
||||
perror("bind");
|
||||
@@ -375,16 +458,23 @@
|
||||
return(ret);
|
||||
}
|
||||
|
||||
-static int init_server(int *sock, int port, int type)
|
||||
+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6)
|
||||
{
|
||||
- return(init_server_long(sock, port, NULL, type));
|
||||
+ return(init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6));
|
||||
}
|
||||
|
||||
static int do_accept(int acc_sock, int *sock, char **host)
|
||||
{
|
||||
int ret;
|
||||
struct hostent *h1,*h2;
|
||||
- static struct sockaddr_in from;
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ struct sockaddr_storage from;
|
||||
+ struct sockaddr_in *from_in = (struct sockaddr_in *)&from;
|
||||
+ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from;
|
||||
+#else
|
||||
+ struct sockaddr_in from;
|
||||
+ struct sockaddr_in *from_in = &from;
|
||||
+#endif
|
||||
int len;
|
||||
/* struct linger ling; */
|
||||
|
||||
@@ -431,13 +521,23 @@
|
||||
*/
|
||||
|
||||
if (host == NULL) goto end;
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ if (from.ss_family == AF_INET)
|
||||
+#else
|
||||
+ if (from.sin_family == AF_INET)
|
||||
+#endif
|
||||
#ifndef BIT_FIELD_LIMITS
|
||||
- /* I should use WSAAsyncGetHostByName() under windows */
|
||||
- h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
|
||||
- sizeof(from.sin_addr.s_addr),AF_INET);
|
||||
+ /* I should use WSAAsyncGetHostByName() under windows */
|
||||
+ h1=gethostbyaddr((char *)&from_in->sin_addr.s_addr,
|
||||
+ sizeof(from_in->sin_addr.s_addr), AF_INET);
|
||||
#else
|
||||
- h1=gethostbyaddr((char *)&from.sin_addr,
|
||||
- sizeof(struct in_addr),AF_INET);
|
||||
+ h1=gethostbyaddr((char *)&from_in->sin_addr,
|
||||
+ sizeof(struct in_addr), AF_INET);
|
||||
+#endif
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ else
|
||||
+ h1=gethostbyaddr((char *)&from_in6->sin6_addr,
|
||||
+ sizeof(struct in6_addr), AF_INET6);
|
||||
#endif
|
||||
if (h1 == NULL)
|
||||
{
|
||||
@@ -454,15 +554,23 @@
|
||||
}
|
||||
BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
|
||||
|
||||
- h2=GetHostByName(*host);
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ h2=GetHostByName(*host, from.ss_family);
|
||||
+#else
|
||||
+ h2=GetHostByName(*host, from.sin_family);
|
||||
+#endif
|
||||
if (h2 == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"gethostbyname failure\n");
|
||||
return(0);
|
||||
}
|
||||
- if (h2->h_addrtype != AF_INET)
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ if (h2->h_addrtype != from.ss_family)
|
||||
+#else
|
||||
+ if (h2->h_addrtype != from.sin_family)
|
||||
+#endif
|
||||
{
|
||||
- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
|
||||
+ BIO_printf(bio_err,"gethostbyname addr address is not correct\n");
|
||||
return(0);
|
||||
}
|
||||
}
|
||||
@@ -477,7 +585,7 @@
|
||||
char *h,*p;
|
||||
|
||||
h=str;
|
||||
- p=strchr(str,':');
|
||||
+ p=strrchr(str,':');
|
||||
if (p == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"no port defined\n");
|
||||
@@ -485,7 +593,7 @@
|
||||
}
|
||||
*(p++)='\0';
|
||||
|
||||
- if ((ip != NULL) && !host_ip(str,ip))
|
||||
+ if ((ip != NULL) && !host_ip(str,ip,AF_INET))
|
||||
goto err;
|
||||
if (host_ptr != NULL) *host_ptr=h;
|
||||
|
||||
@@ -496,48 +604,58 @@
|
||||
return(0);
|
||||
}
|
||||
|
||||
-static int host_ip(char *str, unsigned char ip[4])
|
||||
+static int host_ip(char *str, unsigned char *ip, int domain)
|
||||
{
|
||||
- unsigned int in[4];
|
||||
+ unsigned int in[4];
|
||||
+ unsigned long l;
|
||||
int i;
|
||||
|
||||
- if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
|
||||
+ if ((domain == AF_INET) &&
|
||||
+ (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4))
|
||||
{
|
||||
+
|
||||
for (i=0; i<4; i++)
|
||||
if (in[i] > 255)
|
||||
{
|
||||
BIO_printf(bio_err,"invalid IP address\n");
|
||||
goto err;
|
||||
}
|
||||
- ip[0]=in[0];
|
||||
- ip[1]=in[1];
|
||||
- ip[2]=in[2];
|
||||
- ip[3]=in[3];
|
||||
- }
|
||||
+ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]);
|
||||
+ memcpy(ip, &l, 4);
|
||||
+ return 1;
|
||||
+ }
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ else if ((domain == AF_INET6) &&
|
||||
+ (inet_pton(AF_INET6, str, ip) == 1))
|
||||
+ return 1;
|
||||
+#endif
|
||||
else
|
||||
{ /* do a gethostbyname */
|
||||
struct hostent *he;
|
||||
|
||||
if (!ssl_sock_init()) return(0);
|
||||
|
||||
- he=GetHostByName(str);
|
||||
+ he=GetHostByName(str,domain);
|
||||
if (he == NULL)
|
||||
{
|
||||
BIO_printf(bio_err,"gethostbyname failure\n");
|
||||
goto err;
|
||||
}
|
||||
/* cast to short because of win16 winsock definition */
|
||||
- if ((short)he->h_addrtype != AF_INET)
|
||||
+ if ((short)he->h_addrtype != domain)
|
||||
{
|
||||
- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
|
||||
+ BIO_printf(bio_err,"gethostbyname addr family is not correct\n");
|
||||
return(0);
|
||||
}
|
||||
- ip[0]=he->h_addr_list[0][0];
|
||||
- ip[1]=he->h_addr_list[0][1];
|
||||
- ip[2]=he->h_addr_list[0][2];
|
||||
- ip[3]=he->h_addr_list[0][3];
|
||||
+ if (domain == AF_INET)
|
||||
+ memset(ip, 0, 4);
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ else
|
||||
+ memset(ip, 0, 16);
|
||||
+#endif
|
||||
+ memcpy(ip, he->h_addr_list[0], he->h_length);
|
||||
+ return 1;
|
||||
}
|
||||
- return(1);
|
||||
err:
|
||||
return(0);
|
||||
}
|
||||
@@ -574,7 +692,7 @@
|
||||
static unsigned long ghbn_hits=0L;
|
||||
static unsigned long ghbn_miss=0L;
|
||||
|
||||
-static struct hostent *GetHostByName(char *name)
|
||||
+static struct hostent *GetHostByName(char *name, int domain)
|
||||
{
|
||||
struct hostent *ret;
|
||||
int i,lowi=0;
|
||||
@@ -589,14 +707,20 @@
|
||||
}
|
||||
if (ghbn_cache[i].order > 0)
|
||||
{
|
||||
- if (strncmp(name,ghbn_cache[i].name,128) == 0)
|
||||
+ if ((strncmp(name,ghbn_cache[i].name,128) == 0) &&
|
||||
+ (ghbn_cache[i].ent.h_addrtype == domain))
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (i == GHBN_NUM) /* no hit*/
|
||||
{
|
||||
ghbn_miss++;
|
||||
- ret=gethostbyname(name);
|
||||
+ if (domain == AF_INET)
|
||||
+ ret=gethostbyname(name);
|
||||
+#if OPENSSL_USE_IPV6
|
||||
+ else
|
||||
+ ret=gethostbyname2(name, AF_INET6);
|
||||
+#endif
|
||||
if (ret == NULL) return(NULL);
|
||||
/* else add to cache */
|
||||
if(strlen(name) < sizeof ghbn_cache[0].name)
|
@ -1,52 +0,0 @@
|
||||
http://cvs.openssl.org/chngview?cn=22455
|
||||
|
||||
fix from upstream for building on non-x86 arches
|
||||
|
||||
e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms [from HEAD]. PR: 2792
|
||||
|
||||
Index: crypto/evp/e_rc4_hmac_md5.c
|
||||
===================================================================
|
||||
RCS file: /usr/local/src/openssl/CVSROOT/openssl/crypto/evp/e_rc4_hmac_md5.c,v
|
||||
retrieving revision 1.1.2.5
|
||||
retrieving revision 1.1.2.6
|
||||
diff -u -p -r1.1.2.5 -r1.1.2.6
|
||||
--- crypto/evp/e_rc4_hmac_md5.c 18 Apr 2012 17:51:33 -0000 1.1.2.5
|
||||
+++ crypto/evp/e_rc4_hmac_md5.c 19 Apr 2012 20:43:02 -0000 1.1.2.6
|
||||
@@ -121,6 +121,7 @@ static int rc4_hmac_md5_cipher(EVP_CIPHE
|
||||
md5_off = MD5_CBLOCK-key->md.num,
|
||||
blocks;
|
||||
unsigned int l;
|
||||
+ extern unsigned int OPENSSL_ia32cap_P[];
|
||||
#endif
|
||||
size_t plen = key->payload_length;
|
||||
|
||||
@@ -132,7 +133,8 @@ static int rc4_hmac_md5_cipher(EVP_CIPHE
|
||||
/* cipher has to "fall behind" */
|
||||
if (rc4_off>md5_off) md5_off+=MD5_CBLOCK;
|
||||
|
||||
- if (plen>md5_off && (blocks=(plen-md5_off)/MD5_CBLOCK)) {
|
||||
+ if (plen>md5_off && (blocks=(plen-md5_off)/MD5_CBLOCK) &&
|
||||
+ (OPENSSL_ia32cap_P[0]&(1<<20))==0) {
|
||||
MD5_Update(&key->md,in,md5_off);
|
||||
RC4(&key->ks,rc4_off,in,out);
|
||||
|
||||
@@ -172,7 +174,8 @@ static int rc4_hmac_md5_cipher(EVP_CIPHE
|
||||
if (md5_off>rc4_off) rc4_off += 2*MD5_CBLOCK;
|
||||
else rc4_off += MD5_CBLOCK;
|
||||
|
||||
- if (len>rc4_off && (blocks=(len-rc4_off)/MD5_CBLOCK)) {
|
||||
+ if (len>rc4_off && (blocks=(len-rc4_off)/MD5_CBLOCK) &&
|
||||
+ (OPENSSL_ia32cap_P[0]&(1<<20))==0) {
|
||||
RC4(&key->ks,rc4_off,in,out);
|
||||
MD5_Update(&key->md,out,md5_off);
|
||||
|
||||
@@ -289,8 +292,6 @@ static EVP_CIPHER r4_hmac_md5_cipher=
|
||||
|
||||
const EVP_CIPHER *EVP_rc4_hmac_md5(void)
|
||||
{
|
||||
- extern unsigned int OPENSSL_ia32cap_P[];
|
||||
- /* RC4_CHAR flag ------------vvvvv */
|
||||
- return(OPENSSL_ia32cap_P[0]&(1<<20) ? NULL : &r4_hmac_md5_cipher);
|
||||
+ return(&r4_hmac_md5_cipher);
|
||||
}
|
||||
#endif
|
@ -1,76 +0,0 @@
|
||||
https://bugs.gentoo.org/456108
|
||||
|
||||
taken from upstream
|
||||
|
||||
From 32cc2479b473c49ce869e57fded7e9a77b695c0d Mon Sep 17 00:00:00 2001
|
||||
From: "Dr. Stephen Henson" <steve@openssl.org>
|
||||
Date: Thu, 7 Feb 2013 21:06:37 +0000
|
||||
Subject: [PATCH] Fix IV check and padding removal.
|
||||
|
||||
Fix the calculation that checks there is enough room in a record
|
||||
after removing padding and optional explicit IV. (by Steve)
|
||||
|
||||
For AEAD remove the correct number of padding bytes (by Andy)
|
||||
---
|
||||
ssl/s3_cbc.c | 33 ++++++++++++---------------------
|
||||
1 file changed, 12 insertions(+), 21 deletions(-)
|
||||
|
||||
diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
|
||||
index ce77acd..0f60507 100644
|
||||
--- a/ssl/s3_cbc.c
|
||||
+++ b/ssl/s3_cbc.c
|
||||
@@ -139,31 +139,22 @@ int tls1_cbc_remove_padding(const SSL* s,
|
||||
unsigned mac_size)
|
||||
{
|
||||
unsigned padding_length, good, to_check, i;
|
||||
- const char has_explicit_iv =
|
||||
- s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION;
|
||||
- const unsigned overhead = 1 /* padding length byte */ +
|
||||
- mac_size +
|
||||
- (has_explicit_iv ? block_size : 0);
|
||||
-
|
||||
- /* These lengths are all public so we can test them in non-constant
|
||||
- * time. */
|
||||
- if (overhead > rec->length)
|
||||
- return 0;
|
||||
-
|
||||
- /* We can always safely skip the explicit IV. We check at the beginning
|
||||
- * of this function that the record has at least enough space for the
|
||||
- * IV, MAC and padding length byte. (These can be checked in
|
||||
- * non-constant time because it's all public information.) So, if the
|
||||
- * padding was invalid, then we didn't change |rec->length| and this is
|
||||
- * safe. If the padding was valid then we know that we have at least
|
||||
- * overhead+padding_length bytes of space and so this is still safe
|
||||
- * because overhead accounts for the explicit IV. */
|
||||
- if (has_explicit_iv)
|
||||
+ const unsigned overhead = 1 /* padding length byte */ + mac_size;
|
||||
+ /* Check if version requires explicit IV */
|
||||
+ if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION)
|
||||
{
|
||||
+ /* These lengths are all public so we can test them in
|
||||
+ * non-constant time.
|
||||
+ */
|
||||
+ if (overhead + block_size > rec->length)
|
||||
+ return 0;
|
||||
+ /* We can now safely skip explicit IV */
|
||||
rec->data += block_size;
|
||||
rec->input += block_size;
|
||||
rec->length -= block_size;
|
||||
}
|
||||
+ else if (overhead > rec->length)
|
||||
+ return 0;
|
||||
|
||||
padding_length = rec->data[rec->length-1];
|
||||
|
||||
@@ -190,7 +181,7 @@ int tls1_cbc_remove_padding(const SSL* s,
|
||||
if (EVP_CIPHER_flags(s->enc_read_ctx->cipher)&EVP_CIPH_FLAG_AEAD_CIPHER)
|
||||
{
|
||||
/* padding is already verified */
|
||||
- rec->length -= padding_length;
|
||||
+ rec->length -= padding_length + 1;
|
||||
return 1;
|
||||
}
|
||||
|
||||
--
|
||||
1.8.0.2
|
||||
|
@ -1,141 +0,0 @@
|
||||
# Copyright 1999-2012 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8u.ebuild,v 1.5 2012/05/25 17:41:49 vapier Exp $
|
||||
|
||||
# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat
|
||||
|
||||
EAPI="2"
|
||||
|
||||
inherit eutils flag-o-matic toolchain-funcs multilib
|
||||
|
||||
DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1"
|
||||
HOMEPAGE="http://www.openssl.org/"
|
||||
SRC_URI="mirror://openssl/source/${P}.tar.gz"
|
||||
|
||||
LICENSE="openssl"
|
||||
SLOT="0.9.8"
|
||||
KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd"
|
||||
IUSE="bindist gmp kerberos sse2 test zlib"
|
||||
|
||||
RDEPEND="gmp? ( dev-libs/gmp )
|
||||
zlib? ( sys-libs/zlib )
|
||||
kerberos? ( app-crypt/mit-krb5 )
|
||||
!=dev-libs/openssl-0.9.8*:0"
|
||||
DEPEND="${RDEPEND}
|
||||
sys-apps/diffutils
|
||||
>=dev-lang/perl-5
|
||||
test? ( sys-devel/bc )"
|
||||
|
||||
pkg_setup() {
|
||||
# avoid collisions with openssl-1 (preserve lib)
|
||||
if ! has_version dev-libs/openssl:${SLOT} ; then
|
||||
ewarn "Removing lib{crypto,ssl}.so.0.9.8 to avoid collision with openssl-1"
|
||||
rm -f "${ROOT}"/usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
fi
|
||||
}
|
||||
|
||||
src_prepare() {
|
||||
epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch
|
||||
epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438
|
||||
epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130
|
||||
|
||||
# disable fips in the build
|
||||
# make sure the man pages are suffixed #302165
|
||||
# don't bother building man pages if they're disabled
|
||||
sed -i \
|
||||
-e '/DIRS/s: fips : :g' \
|
||||
-e '/^MANSUFFIX/s:=.*:=ssl:' \
|
||||
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
|
||||
-e $(has noman FEATURES \
|
||||
&& echo '/^install:/s:install_docs::' \
|
||||
|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
|
||||
Makefile{,.org} \
|
||||
|| die
|
||||
# show the actual commands in the log
|
||||
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
|
||||
# update the enginedir path
|
||||
sed -i \
|
||||
-e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \
|
||||
Configure || die
|
||||
|
||||
# allow openssl to be cross-compiled
|
||||
cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed"
|
||||
chmod a+rx gentoo.config
|
||||
|
||||
append-flags -fno-strict-aliasing
|
||||
append-flags -Wa,--noexecstack
|
||||
|
||||
sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
|
||||
sed -i '/^"debug-steve/d' Configure # 0.9.8k shipped broken
|
||||
./config --test-sanity || die "I AM NOT SANE"
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
unset APPS #197996
|
||||
unset SCRIPTS #312551
|
||||
|
||||
tc-export CC AR RANLIB
|
||||
|
||||
# Clean out patent-or-otherwise-encumbered code
|
||||
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
|
||||
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
|
||||
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
|
||||
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
|
||||
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
|
||||
|
||||
use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; }
|
||||
echoit() { echo "$@" ; "$@" ; }
|
||||
|
||||
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
|
||||
|
||||
local sslout=$(./gentoo.config)
|
||||
einfo "Use configuration ${sslout:-(openssl knows best)}"
|
||||
local config="Configure"
|
||||
[[ -z ${sslout} ]] && config="config"
|
||||
echoit \
|
||||
./${config} \
|
||||
${sslout} \
|
||||
$(use sse2 || echo "no-sse2") \
|
||||
enable-camellia \
|
||||
$(use_ssl !bindist ec) \
|
||||
enable-idea \
|
||||
enable-mdc2 \
|
||||
$(use_ssl !bindist rc5) \
|
||||
enable-tlsext \
|
||||
$(use_ssl gmp gmp -lgmp) \
|
||||
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
|
||||
$(use_ssl zlib) \
|
||||
--prefix=/usr \
|
||||
--openssldir=/etc/ssl \
|
||||
shared threads \
|
||||
|| die "Configure failed"
|
||||
|
||||
# Clean out hardcoded flags that openssl uses
|
||||
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
|
||||
-e 's:^CFLAG=::' \
|
||||
-e 's:-fomit-frame-pointer ::g' \
|
||||
-e 's:-O[0-9] ::g' \
|
||||
-e 's:-march=[-a-z0-9]* ::g' \
|
||||
-e 's:-mcpu=[-a-z0-9]* ::g' \
|
||||
-e 's:-m[a-z0-9]* ::g' \
|
||||
)
|
||||
sed -i \
|
||||
-e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \
|
||||
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
|
||||
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
|
||||
Makefile || die
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
# depend is needed to use $confopts
|
||||
emake -j1 depend || die "depend failed"
|
||||
emake -j1 build_libs || die "make build_libs failed"
|
||||
}
|
||||
|
||||
src_test() {
|
||||
emake -j1 test || die "make test failed"
|
||||
}
|
||||
|
||||
src_install() {
|
||||
dolib.so lib{crypto,ssl}.so.0.9.8 || die
|
||||
}
|
@ -1,141 +0,0 @@
|
||||
# Copyright 1999-2012 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8v.ebuild,v 1.5 2012/05/25 17:41:49 vapier Exp $
|
||||
|
||||
# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat
|
||||
|
||||
EAPI="2"
|
||||
|
||||
inherit eutils flag-o-matic toolchain-funcs multilib
|
||||
|
||||
DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1"
|
||||
HOMEPAGE="http://www.openssl.org/"
|
||||
SRC_URI="mirror://openssl/source/${P}.tar.gz"
|
||||
|
||||
LICENSE="openssl"
|
||||
SLOT="0.9.8"
|
||||
KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd"
|
||||
IUSE="bindist gmp kerberos sse2 test zlib"
|
||||
|
||||
RDEPEND="gmp? ( dev-libs/gmp )
|
||||
zlib? ( sys-libs/zlib )
|
||||
kerberos? ( app-crypt/mit-krb5 )
|
||||
!=dev-libs/openssl-0.9.8*:0"
|
||||
DEPEND="${RDEPEND}
|
||||
sys-apps/diffutils
|
||||
>=dev-lang/perl-5
|
||||
test? ( sys-devel/bc )"
|
||||
|
||||
pkg_setup() {
|
||||
# avoid collisions with openssl-1 (preserve lib)
|
||||
if ! has_version dev-libs/openssl:${SLOT} ; then
|
||||
ewarn "Removing lib{crypto,ssl}.so.0.9.8 to avoid collision with openssl-1"
|
||||
rm -f "${ROOT}"/usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
fi
|
||||
}
|
||||
|
||||
src_prepare() {
|
||||
epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch
|
||||
epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438
|
||||
epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130
|
||||
|
||||
# disable fips in the build
|
||||
# make sure the man pages are suffixed #302165
|
||||
# don't bother building man pages if they're disabled
|
||||
sed -i \
|
||||
-e '/DIRS/s: fips : :g' \
|
||||
-e '/^MANSUFFIX/s:=.*:=ssl:' \
|
||||
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
|
||||
-e $(has noman FEATURES \
|
||||
&& echo '/^install:/s:install_docs::' \
|
||||
|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
|
||||
Makefile{,.org} \
|
||||
|| die
|
||||
# show the actual commands in the log
|
||||
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
|
||||
# update the enginedir path
|
||||
sed -i \
|
||||
-e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \
|
||||
Configure || die
|
||||
|
||||
# allow openssl to be cross-compiled
|
||||
cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed"
|
||||
chmod a+rx gentoo.config
|
||||
|
||||
append-flags -fno-strict-aliasing
|
||||
append-flags -Wa,--noexecstack
|
||||
|
||||
sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
|
||||
sed -i '/^"debug-steve/d' Configure # 0.9.8k shipped broken
|
||||
./config --test-sanity || die "I AM NOT SANE"
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
unset APPS #197996
|
||||
unset SCRIPTS #312551
|
||||
|
||||
tc-export CC AR RANLIB
|
||||
|
||||
# Clean out patent-or-otherwise-encumbered code
|
||||
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
|
||||
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
|
||||
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
|
||||
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
|
||||
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
|
||||
|
||||
use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; }
|
||||
echoit() { echo "$@" ; "$@" ; }
|
||||
|
||||
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
|
||||
|
||||
local sslout=$(./gentoo.config)
|
||||
einfo "Use configuration ${sslout:-(openssl knows best)}"
|
||||
local config="Configure"
|
||||
[[ -z ${sslout} ]] && config="config"
|
||||
echoit \
|
||||
./${config} \
|
||||
${sslout} \
|
||||
$(use sse2 || echo "no-sse2") \
|
||||
enable-camellia \
|
||||
$(use_ssl !bindist ec) \
|
||||
enable-idea \
|
||||
enable-mdc2 \
|
||||
$(use_ssl !bindist rc5) \
|
||||
enable-tlsext \
|
||||
$(use_ssl gmp gmp -lgmp) \
|
||||
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
|
||||
$(use_ssl zlib) \
|
||||
--prefix=/usr \
|
||||
--openssldir=/etc/ssl \
|
||||
shared threads \
|
||||
|| die "Configure failed"
|
||||
|
||||
# Clean out hardcoded flags that openssl uses
|
||||
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
|
||||
-e 's:^CFLAG=::' \
|
||||
-e 's:-fomit-frame-pointer ::g' \
|
||||
-e 's:-O[0-9] ::g' \
|
||||
-e 's:-march=[-a-z0-9]* ::g' \
|
||||
-e 's:-mcpu=[-a-z0-9]* ::g' \
|
||||
-e 's:-m[a-z0-9]* ::g' \
|
||||
)
|
||||
sed -i \
|
||||
-e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \
|
||||
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
|
||||
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
|
||||
Makefile || die
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
# depend is needed to use $confopts
|
||||
emake -j1 depend || die "depend failed"
|
||||
emake -j1 build_libs || die "make build_libs failed"
|
||||
}
|
||||
|
||||
src_test() {
|
||||
emake -j1 test || die "make test failed"
|
||||
}
|
||||
|
||||
src_install() {
|
||||
dolib.so lib{crypto,ssl}.so.0.9.8 || die
|
||||
}
|
@ -1,141 +0,0 @@
|
||||
# Copyright 1999-2012 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8w.ebuild,v 1.4 2012/05/25 17:41:49 vapier Exp $
|
||||
|
||||
# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat
|
||||
|
||||
EAPI="2"
|
||||
|
||||
inherit eutils flag-o-matic toolchain-funcs multilib
|
||||
|
||||
DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1"
|
||||
HOMEPAGE="http://www.openssl.org/"
|
||||
SRC_URI="mirror://openssl/source/${P}.tar.gz"
|
||||
|
||||
LICENSE="openssl"
|
||||
SLOT="0.9.8"
|
||||
KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd"
|
||||
IUSE="bindist gmp kerberos sse2 test zlib"
|
||||
|
||||
RDEPEND="gmp? ( dev-libs/gmp )
|
||||
zlib? ( sys-libs/zlib )
|
||||
kerberos? ( app-crypt/mit-krb5 )
|
||||
!=dev-libs/openssl-0.9.8*:0"
|
||||
DEPEND="${RDEPEND}
|
||||
sys-apps/diffutils
|
||||
>=dev-lang/perl-5
|
||||
test? ( sys-devel/bc )"
|
||||
|
||||
pkg_setup() {
|
||||
# avoid collisions with openssl-1 (preserve lib)
|
||||
if ! has_version dev-libs/openssl:${SLOT} ; then
|
||||
ewarn "Removing lib{crypto,ssl}.so.0.9.8 to avoid collision with openssl-1"
|
||||
rm -f "${ROOT}"/usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
fi
|
||||
}
|
||||
|
||||
src_prepare() {
|
||||
epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch
|
||||
epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438
|
||||
epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130
|
||||
|
||||
# disable fips in the build
|
||||
# make sure the man pages are suffixed #302165
|
||||
# don't bother building man pages if they're disabled
|
||||
sed -i \
|
||||
-e '/DIRS/s: fips : :g' \
|
||||
-e '/^MANSUFFIX/s:=.*:=ssl:' \
|
||||
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
|
||||
-e $(has noman FEATURES \
|
||||
&& echo '/^install:/s:install_docs::' \
|
||||
|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
|
||||
Makefile{,.org} \
|
||||
|| die
|
||||
# show the actual commands in the log
|
||||
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
|
||||
# update the enginedir path
|
||||
sed -i \
|
||||
-e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \
|
||||
Configure || die
|
||||
|
||||
# allow openssl to be cross-compiled
|
||||
cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed"
|
||||
chmod a+rx gentoo.config
|
||||
|
||||
append-flags -fno-strict-aliasing
|
||||
append-flags -Wa,--noexecstack
|
||||
|
||||
sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
|
||||
sed -i '/^"debug-steve/d' Configure # 0.9.8k shipped broken
|
||||
./config --test-sanity || die "I AM NOT SANE"
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
unset APPS #197996
|
||||
unset SCRIPTS #312551
|
||||
|
||||
tc-export CC AR RANLIB
|
||||
|
||||
# Clean out patent-or-otherwise-encumbered code
|
||||
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
|
||||
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
|
||||
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
|
||||
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
|
||||
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
|
||||
|
||||
use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; }
|
||||
echoit() { echo "$@" ; "$@" ; }
|
||||
|
||||
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
|
||||
|
||||
local sslout=$(./gentoo.config)
|
||||
einfo "Use configuration ${sslout:-(openssl knows best)}"
|
||||
local config="Configure"
|
||||
[[ -z ${sslout} ]] && config="config"
|
||||
echoit \
|
||||
./${config} \
|
||||
${sslout} \
|
||||
$(use sse2 || echo "no-sse2") \
|
||||
enable-camellia \
|
||||
$(use_ssl !bindist ec) \
|
||||
enable-idea \
|
||||
enable-mdc2 \
|
||||
$(use_ssl !bindist rc5) \
|
||||
enable-tlsext \
|
||||
$(use_ssl gmp gmp -lgmp) \
|
||||
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
|
||||
$(use_ssl zlib) \
|
||||
--prefix=/usr \
|
||||
--openssldir=/etc/ssl \
|
||||
shared threads \
|
||||
|| die "Configure failed"
|
||||
|
||||
# Clean out hardcoded flags that openssl uses
|
||||
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
|
||||
-e 's:^CFLAG=::' \
|
||||
-e 's:-fomit-frame-pointer ::g' \
|
||||
-e 's:-O[0-9] ::g' \
|
||||
-e 's:-march=[-a-z0-9]* ::g' \
|
||||
-e 's:-mcpu=[-a-z0-9]* ::g' \
|
||||
-e 's:-m[a-z0-9]* ::g' \
|
||||
)
|
||||
sed -i \
|
||||
-e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \
|
||||
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
|
||||
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
|
||||
Makefile || die
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
# depend is needed to use $confopts
|
||||
emake -j1 depend || die "depend failed"
|
||||
emake -j1 build_libs || die "make build_libs failed"
|
||||
}
|
||||
|
||||
src_test() {
|
||||
emake -j1 test || die "make test failed"
|
||||
}
|
||||
|
||||
src_install() {
|
||||
dolib.so lib{crypto,ssl}.so.0.9.8 || die
|
||||
}
|
@ -1,141 +0,0 @@
|
||||
# Copyright 1999-2012 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8x.ebuild,v 1.4 2012/05/25 17:41:49 vapier Exp $
|
||||
|
||||
# this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat
|
||||
|
||||
EAPI="2"
|
||||
|
||||
inherit eutils flag-o-matic toolchain-funcs multilib
|
||||
|
||||
DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1"
|
||||
HOMEPAGE="http://www.openssl.org/"
|
||||
SRC_URI="mirror://openssl/source/${P}.tar.gz"
|
||||
|
||||
LICENSE="openssl"
|
||||
SLOT="0.9.8"
|
||||
KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd"
|
||||
IUSE="bindist gmp kerberos sse2 test zlib"
|
||||
|
||||
RDEPEND="gmp? ( dev-libs/gmp )
|
||||
zlib? ( sys-libs/zlib )
|
||||
kerberos? ( app-crypt/mit-krb5 )
|
||||
!=dev-libs/openssl-0.9.8*:0"
|
||||
DEPEND="${RDEPEND}
|
||||
sys-apps/diffutils
|
||||
>=dev-lang/perl-5
|
||||
test? ( sys-devel/bc )"
|
||||
|
||||
pkg_setup() {
|
||||
# avoid collisions with openssl-1 (preserve lib)
|
||||
if ! has_version dev-libs/openssl:${SLOT} ; then
|
||||
ewarn "Removing lib{crypto,ssl}.so.0.9.8 to avoid collision with openssl-1"
|
||||
rm -f "${ROOT}"/usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
fi
|
||||
}
|
||||
|
||||
src_prepare() {
|
||||
epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch
|
||||
epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438
|
||||
epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130
|
||||
|
||||
# disable fips in the build
|
||||
# make sure the man pages are suffixed #302165
|
||||
# don't bother building man pages if they're disabled
|
||||
sed -i \
|
||||
-e '/DIRS/s: fips : :g' \
|
||||
-e '/^MANSUFFIX/s:=.*:=ssl:' \
|
||||
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
|
||||
-e $(has noman FEATURES \
|
||||
&& echo '/^install:/s:install_docs::' \
|
||||
|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
|
||||
Makefile{,.org} \
|
||||
|| die
|
||||
# show the actual commands in the log
|
||||
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
|
||||
# update the enginedir path
|
||||
sed -i \
|
||||
-e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \
|
||||
Configure || die
|
||||
|
||||
# allow openssl to be cross-compiled
|
||||
cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed"
|
||||
chmod a+rx gentoo.config
|
||||
|
||||
append-flags -fno-strict-aliasing
|
||||
append-flags -Wa,--noexecstack
|
||||
|
||||
sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
|
||||
sed -i '/^"debug-steve/d' Configure # 0.9.8k shipped broken
|
||||
./config --test-sanity || die "I AM NOT SANE"
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
unset APPS #197996
|
||||
unset SCRIPTS #312551
|
||||
|
||||
tc-export CC AR RANLIB
|
||||
|
||||
# Clean out patent-or-otherwise-encumbered code
|
||||
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
|
||||
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
|
||||
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
|
||||
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
|
||||
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
|
||||
|
||||
use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; }
|
||||
echoit() { echo "$@" ; "$@" ; }
|
||||
|
||||
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
|
||||
|
||||
local sslout=$(./gentoo.config)
|
||||
einfo "Use configuration ${sslout:-(openssl knows best)}"
|
||||
local config="Configure"
|
||||
[[ -z ${sslout} ]] && config="config"
|
||||
echoit \
|
||||
./${config} \
|
||||
${sslout} \
|
||||
$(use sse2 || echo "no-sse2") \
|
||||
enable-camellia \
|
||||
$(use_ssl !bindist ec) \
|
||||
enable-idea \
|
||||
enable-mdc2 \
|
||||
$(use_ssl !bindist rc5) \
|
||||
enable-tlsext \
|
||||
$(use_ssl gmp gmp -lgmp) \
|
||||
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
|
||||
$(use_ssl zlib) \
|
||||
--prefix=/usr \
|
||||
--openssldir=/etc/ssl \
|
||||
shared threads \
|
||||
|| die "Configure failed"
|
||||
|
||||
# Clean out hardcoded flags that openssl uses
|
||||
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
|
||||
-e 's:^CFLAG=::' \
|
||||
-e 's:-fomit-frame-pointer ::g' \
|
||||
-e 's:-O[0-9] ::g' \
|
||||
-e 's:-march=[-a-z0-9]* ::g' \
|
||||
-e 's:-mcpu=[-a-z0-9]* ::g' \
|
||||
-e 's:-m[a-z0-9]* ::g' \
|
||||
)
|
||||
sed -i \
|
||||
-e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \
|
||||
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
|
||||
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
|
||||
Makefile || die
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
# depend is needed to use $confopts
|
||||
emake -j1 depend || die "depend failed"
|
||||
emake -j1 build_libs || die "make build_libs failed"
|
||||
}
|
||||
|
||||
src_test() {
|
||||
emake -j1 test || die "make test failed"
|
||||
}
|
||||
|
||||
src_install() {
|
||||
dolib.so lib{crypto,ssl}.so.0.9.8 || die
|
||||
}
|
@ -1,213 +0,0 @@
|
||||
# Copyright 1999-2013 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0h.ebuild,v 1.8 2013/02/08 06:17:18 vapier Exp $
|
||||
|
||||
EAPI="4"
|
||||
|
||||
inherit eutils flag-o-matic toolchain-funcs multilib
|
||||
|
||||
REV="1.7"
|
||||
DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
|
||||
HOMEPAGE="http://www.openssl.org/"
|
||||
SRC_URI="mirror://openssl/source/${P}.tar.gz
|
||||
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
|
||||
|
||||
LICENSE="openssl"
|
||||
SLOT="0"
|
||||
KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd"
|
||||
IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test zlib"
|
||||
|
||||
# Have the sub-libs in RDEPEND with [static-libs] since, logically,
|
||||
# our libssl.a depends on libz.a/etc... at runtime.
|
||||
LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] )
|
||||
zlib? ( sys-libs/zlib[static-libs(+)] )
|
||||
kerberos? ( app-crypt/mit-krb5 )"
|
||||
RDEPEND="static-libs? ( ${LIB_DEPEND} )
|
||||
!static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )"
|
||||
DEPEND="${RDEPEND}
|
||||
sys-apps/diffutils
|
||||
>=dev-lang/perl-5
|
||||
test? ( sys-devel/bc )"
|
||||
PDEPEND="app-misc/ca-certificates"
|
||||
|
||||
src_unpack() {
|
||||
unpack ${P}.tar.gz
|
||||
SSL_CNF_DIR="/etc/ssl"
|
||||
sed \
|
||||
-e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \
|
||||
"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
|
||||
> "${WORKDIR}"/c_rehash || die #416717
|
||||
}
|
||||
|
||||
src_prepare() {
|
||||
# Make sure we only ever touch Makefile.org and avoid patching a file
|
||||
# that gets blown away anyways by the Configure script in src_configure
|
||||
rm -f Makefile
|
||||
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0e-parallel-build.patch
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0e-x32.patch
|
||||
epatch_user #332661
|
||||
|
||||
# disable fips in the build
|
||||
# make sure the man pages are suffixed #302165
|
||||
# don't bother building man pages if they're disabled
|
||||
sed -i \
|
||||
-e '/DIRS/s: fips : :g' \
|
||||
-e '/^MANSUFFIX/s:=.*:=ssl:' \
|
||||
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
|
||||
-e $(has noman FEATURES \
|
||||
&& echo '/^install:/s:install_docs::' \
|
||||
|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
|
||||
Makefile.org \
|
||||
|| die
|
||||
# show the actual commands in the log
|
||||
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
|
||||
|
||||
# allow openssl to be cross-compiled
|
||||
cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die
|
||||
chmod a+rx gentoo.config
|
||||
|
||||
append-flags -fno-strict-aliasing
|
||||
append-flags $(test-flags-CC -Wa,--noexecstack)
|
||||
|
||||
sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
|
||||
./config --test-sanity || die "I AM NOT SANE"
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
unset APPS #197996
|
||||
unset SCRIPTS #312551
|
||||
unset CROSS_COMPILE #311473
|
||||
|
||||
tc-export CC AR RANLIB RC
|
||||
|
||||
# Clean out patent-or-otherwise-encumbered code
|
||||
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
|
||||
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
|
||||
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
|
||||
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
|
||||
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
|
||||
|
||||
use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
|
||||
echoit() { echo "$@" ; "$@" ; }
|
||||
|
||||
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
|
||||
|
||||
local sslout=$(./gentoo.config)
|
||||
einfo "Use configuration ${sslout:-(openssl knows best)}"
|
||||
local config="Configure"
|
||||
[[ -z ${sslout} ]] && config="config"
|
||||
echoit \
|
||||
./${config} \
|
||||
${sslout} \
|
||||
$(use sse2 || echo "no-sse2") \
|
||||
enable-camellia \
|
||||
$(use_ssl !bindist ec) \
|
||||
enable-idea \
|
||||
enable-mdc2 \
|
||||
$(use_ssl !bindist rc5) \
|
||||
enable-tlsext \
|
||||
$(use_ssl gmp gmp -lgmp) \
|
||||
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
|
||||
$(use_ssl rfc3779) \
|
||||
$(use_ssl zlib) \
|
||||
--prefix=/usr \
|
||||
--openssldir=${SSL_CNF_DIR} \
|
||||
--libdir=$(get_libdir) \
|
||||
shared threads \
|
||||
|| die
|
||||
|
||||
# Clean out hardcoded flags that openssl uses
|
||||
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
|
||||
-e 's:^CFLAG=::' \
|
||||
-e 's:-fomit-frame-pointer ::g' \
|
||||
-e 's:-O[0-9] ::g' \
|
||||
-e 's:-march=[-a-z0-9]* ::g' \
|
||||
-e 's:-mcpu=[-a-z0-9]* ::g' \
|
||||
-e 's:-m[a-z0-9]* ::g' \
|
||||
)
|
||||
sed -i \
|
||||
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
|
||||
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
|
||||
Makefile || die
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
# depend is needed to use $confopts; it also doesn't matter
|
||||
# that it's -j1 as the code itself serializes subdirs
|
||||
emake -j1 depend || die
|
||||
emake all || die
|
||||
# rehash is needed to prep the certs/ dir; do this
|
||||
# separately to avoid parallel build issues.
|
||||
emake rehash || die
|
||||
}
|
||||
|
||||
src_test() {
|
||||
emake -j1 test || die
|
||||
}
|
||||
|
||||
src_install() {
|
||||
emake INSTALL_PREFIX="${D}" install || die
|
||||
dobin "${WORKDIR}"/c_rehash || die #333117
|
||||
dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
|
||||
dohtml -r doc/*
|
||||
use rfc3779 && dodoc engines/ccgost/README.gost
|
||||
|
||||
# This is crappy in that the static archives are still built even
|
||||
# when USE=static-libs. But this is due to a failing in the openssl
|
||||
# build system: the static archives are built as PIC all the time.
|
||||
# Only way around this would be to manually configure+compile openssl
|
||||
# twice; once with shared lib support enabled and once without.
|
||||
use static-libs || rm -f "${D}"/usr/lib*/lib*.a
|
||||
|
||||
# create the certs directory
|
||||
dodir ${SSL_CNF_DIR}/certs
|
||||
cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die
|
||||
rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired}
|
||||
|
||||
# Namespace openssl programs to prevent conflicts with other man pages
|
||||
cd "${D}"/usr/share/man
|
||||
local m d s
|
||||
for m in $(find . -type f | xargs grep -L '#include') ; do
|
||||
d=${m%/*} ; d=${d#./} ; m=${m##*/}
|
||||
[[ ${m} == openssl.1* ]] && continue
|
||||
[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
|
||||
mv ${d}/{,ssl-}${m}
|
||||
# fix up references to renamed man pages
|
||||
sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
|
||||
ln -s ssl-${m} ${d}/openssl-${m}
|
||||
# locate any symlinks that point to this man page ... we assume
|
||||
# that any broken links are due to the above renaming
|
||||
for s in $(find -L ${d} -type l) ; do
|
||||
s=${s##*/}
|
||||
rm -f ${d}/${s}
|
||||
ln -s ssl-${m} ${d}/ssl-${s}
|
||||
ln -s ssl-${s} ${d}/openssl-${s}
|
||||
done
|
||||
done
|
||||
[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
|
||||
|
||||
dodir /etc/sandbox.d #254521
|
||||
echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl
|
||||
|
||||
diropts -m0700
|
||||
keepdir ${SSL_CNF_DIR}/private
|
||||
}
|
||||
|
||||
pkg_preinst() {
|
||||
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
|
||||
preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
|
||||
c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
|
||||
eend $?
|
||||
|
||||
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
|
||||
preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
}
|
@ -1,213 +0,0 @@
|
||||
# Copyright 1999-2013 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0i.ebuild,v 1.10 2013/02/08 06:17:18 vapier Exp $
|
||||
|
||||
EAPI="4"
|
||||
|
||||
inherit eutils flag-o-matic toolchain-funcs multilib
|
||||
|
||||
REV="1.7"
|
||||
DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
|
||||
HOMEPAGE="http://www.openssl.org/"
|
||||
SRC_URI="mirror://openssl/source/${P}.tar.gz
|
||||
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
|
||||
|
||||
LICENSE="openssl"
|
||||
SLOT="0"
|
||||
KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd"
|
||||
IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test zlib"
|
||||
|
||||
# Have the sub-libs in RDEPEND with [static-libs] since, logically,
|
||||
# our libssl.a depends on libz.a/etc... at runtime.
|
||||
LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] )
|
||||
zlib? ( sys-libs/zlib[static-libs(+)] )
|
||||
kerberos? ( app-crypt/mit-krb5 )"
|
||||
RDEPEND="static-libs? ( ${LIB_DEPEND} )
|
||||
!static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )"
|
||||
DEPEND="${RDEPEND}
|
||||
sys-apps/diffutils
|
||||
>=dev-lang/perl-5
|
||||
test? ( sys-devel/bc )"
|
||||
PDEPEND="app-misc/ca-certificates"
|
||||
|
||||
src_unpack() {
|
||||
unpack ${P}.tar.gz
|
||||
SSL_CNF_DIR="/etc/ssl"
|
||||
sed \
|
||||
-e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \
|
||||
"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
|
||||
> "${WORKDIR}"/c_rehash || die #416717
|
||||
}
|
||||
|
||||
src_prepare() {
|
||||
# Make sure we only ever touch Makefile.org and avoid patching a file
|
||||
# that gets blown away anyways by the Configure script in src_configure
|
||||
rm -f Makefile
|
||||
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0e-parallel-build.patch
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0e-x32.patch
|
||||
epatch_user #332661
|
||||
|
||||
# disable fips in the build
|
||||
# make sure the man pages are suffixed #302165
|
||||
# don't bother building man pages if they're disabled
|
||||
sed -i \
|
||||
-e '/DIRS/s: fips : :g' \
|
||||
-e '/^MANSUFFIX/s:=.*:=ssl:' \
|
||||
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
|
||||
-e $(has noman FEATURES \
|
||||
&& echo '/^install:/s:install_docs::' \
|
||||
|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
|
||||
Makefile.org \
|
||||
|| die
|
||||
# show the actual commands in the log
|
||||
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
|
||||
|
||||
# allow openssl to be cross-compiled
|
||||
cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die
|
||||
chmod a+rx gentoo.config
|
||||
|
||||
append-flags -fno-strict-aliasing
|
||||
append-flags $(test-flags-CC -Wa,--noexecstack)
|
||||
|
||||
sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
|
||||
./config --test-sanity || die "I AM NOT SANE"
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
unset APPS #197996
|
||||
unset SCRIPTS #312551
|
||||
unset CROSS_COMPILE #311473
|
||||
|
||||
tc-export CC AR RANLIB RC
|
||||
|
||||
# Clean out patent-or-otherwise-encumbered code
|
||||
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
|
||||
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
|
||||
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
|
||||
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
|
||||
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
|
||||
|
||||
use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
|
||||
echoit() { echo "$@" ; "$@" ; }
|
||||
|
||||
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
|
||||
|
||||
local sslout=$(./gentoo.config)
|
||||
einfo "Use configuration ${sslout:-(openssl knows best)}"
|
||||
local config="Configure"
|
||||
[[ -z ${sslout} ]] && config="config"
|
||||
echoit \
|
||||
./${config} \
|
||||
${sslout} \
|
||||
$(use sse2 || echo "no-sse2") \
|
||||
enable-camellia \
|
||||
$(use_ssl !bindist ec) \
|
||||
enable-idea \
|
||||
enable-mdc2 \
|
||||
$(use_ssl !bindist rc5) \
|
||||
enable-tlsext \
|
||||
$(use_ssl gmp gmp -lgmp) \
|
||||
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
|
||||
$(use_ssl rfc3779) \
|
||||
$(use_ssl zlib) \
|
||||
--prefix=/usr \
|
||||
--openssldir=${SSL_CNF_DIR} \
|
||||
--libdir=$(get_libdir) \
|
||||
shared threads \
|
||||
|| die
|
||||
|
||||
# Clean out hardcoded flags that openssl uses
|
||||
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
|
||||
-e 's:^CFLAG=::' \
|
||||
-e 's:-fomit-frame-pointer ::g' \
|
||||
-e 's:-O[0-9] ::g' \
|
||||
-e 's:-march=[-a-z0-9]* ::g' \
|
||||
-e 's:-mcpu=[-a-z0-9]* ::g' \
|
||||
-e 's:-m[a-z0-9]* ::g' \
|
||||
)
|
||||
sed -i \
|
||||
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
|
||||
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
|
||||
Makefile || die
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
# depend is needed to use $confopts; it also doesn't matter
|
||||
# that it's -j1 as the code itself serializes subdirs
|
||||
emake -j1 depend || die
|
||||
emake all || die
|
||||
# rehash is needed to prep the certs/ dir; do this
|
||||
# separately to avoid parallel build issues.
|
||||
emake rehash || die
|
||||
}
|
||||
|
||||
src_test() {
|
||||
emake -j1 test || die
|
||||
}
|
||||
|
||||
src_install() {
|
||||
emake INSTALL_PREFIX="${D}" install || die
|
||||
dobin "${WORKDIR}"/c_rehash || die #333117
|
||||
dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
|
||||
dohtml -r doc/*
|
||||
use rfc3779 && dodoc engines/ccgost/README.gost
|
||||
|
||||
# This is crappy in that the static archives are still built even
|
||||
# when USE=static-libs. But this is due to a failing in the openssl
|
||||
# build system: the static archives are built as PIC all the time.
|
||||
# Only way around this would be to manually configure+compile openssl
|
||||
# twice; once with shared lib support enabled and once without.
|
||||
use static-libs || rm -f "${D}"/usr/lib*/lib*.a
|
||||
|
||||
# create the certs directory
|
||||
dodir ${SSL_CNF_DIR}/certs
|
||||
cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die
|
||||
rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired}
|
||||
|
||||
# Namespace openssl programs to prevent conflicts with other man pages
|
||||
cd "${D}"/usr/share/man
|
||||
local m d s
|
||||
for m in $(find . -type f | xargs grep -L '#include') ; do
|
||||
d=${m%/*} ; d=${d#./} ; m=${m##*/}
|
||||
[[ ${m} == openssl.1* ]] && continue
|
||||
[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
|
||||
mv ${d}/{,ssl-}${m}
|
||||
# fix up references to renamed man pages
|
||||
sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
|
||||
ln -s ssl-${m} ${d}/openssl-${m}
|
||||
# locate any symlinks that point to this man page ... we assume
|
||||
# that any broken links are due to the above renaming
|
||||
for s in $(find -L ${d} -type l) ; do
|
||||
s=${s##*/}
|
||||
rm -f ${d}/${s}
|
||||
ln -s ssl-${m} ${d}/ssl-${s}
|
||||
ln -s ssl-${s} ${d}/openssl-${s}
|
||||
done
|
||||
done
|
||||
[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
|
||||
|
||||
dodir /etc/sandbox.d #254521
|
||||
echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl
|
||||
|
||||
diropts -m0700
|
||||
keepdir ${SSL_CNF_DIR}/private
|
||||
}
|
||||
|
||||
pkg_preinst() {
|
||||
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
|
||||
preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
|
||||
c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
|
||||
eend $?
|
||||
|
||||
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
|
||||
preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
}
|
@ -1,222 +0,0 @@
|
||||
# Copyright 1999-2013 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1a.ebuild,v 1.8 2013/05/21 17:53:18 vapier Exp $
|
||||
|
||||
EAPI="4"
|
||||
|
||||
inherit eutils flag-o-matic toolchain-funcs multilib
|
||||
|
||||
REV="1.7"
|
||||
DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
|
||||
HOMEPAGE="http://www.openssl.org/"
|
||||
SRC_URI="mirror://openssl/source/${P}.tar.gz
|
||||
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
|
||||
|
||||
LICENSE="openssl"
|
||||
SLOT="0"
|
||||
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
|
||||
IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test vanilla zlib"
|
||||
|
||||
# Have the sub-libs in RDEPEND with [static-libs] since, logically,
|
||||
# our libssl.a depends on libz.a/etc... at runtime.
|
||||
LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] )
|
||||
zlib? ( sys-libs/zlib[static-libs(+)] )
|
||||
kerberos? ( app-crypt/mit-krb5 )"
|
||||
# The blocks are temporary just to make sure people upgrade to a
|
||||
# version that lack runtime version checking. We'll drop them in
|
||||
# the future.
|
||||
RDEPEND="static-libs? ( ${LIB_DEPEND} )
|
||||
!static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )
|
||||
!<net-misc/openssh-5.9_p1-r4
|
||||
!<net-libs/neon-0.29.6-r1"
|
||||
DEPEND="${RDEPEND}
|
||||
sys-apps/diffutils
|
||||
>=dev-lang/perl-5
|
||||
test? ( sys-devel/bc )"
|
||||
PDEPEND="app-misc/ca-certificates"
|
||||
|
||||
src_unpack() {
|
||||
unpack ${P}.tar.gz
|
||||
SSL_CNF_DIR="/etc/ssl"
|
||||
sed \
|
||||
-e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \
|
||||
"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
|
||||
> "${WORKDIR}"/c_rehash || die #416717
|
||||
}
|
||||
|
||||
src_prepare() {
|
||||
# Make sure we only ever touch Makefile.org and avoid patching a file
|
||||
# that gets blown away anyways by the Configure script in src_configure
|
||||
rm -f Makefile
|
||||
|
||||
if ! use vanilla ; then
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
|
||||
epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch
|
||||
epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch
|
||||
epatch "${FILESDIR}"/${PN}-1.0.1-ipv6.patch
|
||||
epatch "${FILESDIR}"/${P}-hmac-ia32cap.patch
|
||||
epatch_user #332661
|
||||
fi
|
||||
|
||||
# disable fips in the build
|
||||
# make sure the man pages are suffixed #302165
|
||||
# don't bother building man pages if they're disabled
|
||||
sed -i \
|
||||
-e '/DIRS/s: fips : :g' \
|
||||
-e '/^MANSUFFIX/s:=.*:=ssl:' \
|
||||
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
|
||||
-e $(has noman FEATURES \
|
||||
&& echo '/^install:/s:install_docs::' \
|
||||
|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
|
||||
Makefile.org \
|
||||
|| die
|
||||
# show the actual commands in the log
|
||||
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
|
||||
|
||||
# allow openssl to be cross-compiled
|
||||
cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die
|
||||
chmod a+rx gentoo.config
|
||||
|
||||
append-flags -fno-strict-aliasing
|
||||
append-flags $(test-flags-CC -Wa,--noexecstack)
|
||||
|
||||
sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
|
||||
./config --test-sanity || die "I AM NOT SANE"
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
unset APPS #197996
|
||||
unset SCRIPTS #312551
|
||||
unset CROSS_COMPILE #311473
|
||||
|
||||
tc-export CC AR RANLIB RC
|
||||
|
||||
# Clean out patent-or-otherwise-encumbered code
|
||||
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
|
||||
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
|
||||
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
|
||||
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
|
||||
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
|
||||
|
||||
use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
|
||||
echoit() { echo "$@" ; "$@" ; }
|
||||
|
||||
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
|
||||
|
||||
local sslout=$(./gentoo.config)
|
||||
einfo "Use configuration ${sslout:-(openssl knows best)}"
|
||||
local config="Configure"
|
||||
[[ -z ${sslout} ]] && config="config"
|
||||
echoit \
|
||||
./${config} \
|
||||
${sslout} \
|
||||
$(use sse2 || echo "no-sse2") \
|
||||
enable-camellia \
|
||||
$(use_ssl !bindist ec) \
|
||||
enable-idea \
|
||||
enable-mdc2 \
|
||||
$(use_ssl !bindist rc5) \
|
||||
enable-tlsext \
|
||||
$(use_ssl gmp gmp -lgmp) \
|
||||
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
|
||||
$(use_ssl rfc3779) \
|
||||
$(use_ssl zlib) \
|
||||
--prefix=/usr \
|
||||
--openssldir=${SSL_CNF_DIR} \
|
||||
--libdir=$(get_libdir) \
|
||||
shared threads \
|
||||
|| die
|
||||
|
||||
# Clean out hardcoded flags that openssl uses
|
||||
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
|
||||
-e 's:^CFLAG=::' \
|
||||
-e 's:-fomit-frame-pointer ::g' \
|
||||
-e 's:-O[0-9] ::g' \
|
||||
-e 's:-march=[-a-z0-9]* ::g' \
|
||||
-e 's:-mcpu=[-a-z0-9]* ::g' \
|
||||
-e 's:-m[a-z0-9]* ::g' \
|
||||
)
|
||||
sed -i \
|
||||
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
|
||||
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
|
||||
Makefile || die
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
# depend is needed to use $confopts; it also doesn't matter
|
||||
# that it's -j1 as the code itself serializes subdirs
|
||||
emake -j1 depend
|
||||
emake all
|
||||
# rehash is needed to prep the certs/ dir; do this
|
||||
# separately to avoid parallel build issues.
|
||||
emake rehash
|
||||
}
|
||||
|
||||
src_test() {
|
||||
emake -j1 test
|
||||
}
|
||||
|
||||
src_install() {
|
||||
emake INSTALL_PREFIX="${D}" install
|
||||
dobin "${WORKDIR}"/c_rehash #333117
|
||||
dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
|
||||
dohtml -r doc/*
|
||||
use rfc3779 && dodoc engines/ccgost/README.gost
|
||||
|
||||
# This is crappy in that the static archives are still built even
|
||||
# when USE=static-libs. But this is due to a failing in the openssl
|
||||
# build system: the static archives are built as PIC all the time.
|
||||
# Only way around this would be to manually configure+compile openssl
|
||||
# twice; once with shared lib support enabled and once without.
|
||||
use static-libs || rm -f "${D}"/usr/lib*/lib*.a
|
||||
|
||||
# create the certs directory
|
||||
dodir ${SSL_CNF_DIR}/certs
|
||||
cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die
|
||||
rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired}
|
||||
|
||||
# Namespace openssl programs to prevent conflicts with other man pages
|
||||
cd "${D}"/usr/share/man
|
||||
local m d s
|
||||
for m in $(find . -type f | xargs grep -L '#include') ; do
|
||||
d=${m%/*} ; d=${d#./} ; m=${m##*/}
|
||||
[[ ${m} == openssl.1* ]] && continue
|
||||
[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
|
||||
mv ${d}/{,ssl-}${m}
|
||||
# fix up references to renamed man pages
|
||||
sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
|
||||
ln -s ssl-${m} ${d}/openssl-${m}
|
||||
# locate any symlinks that point to this man page ... we assume
|
||||
# that any broken links are due to the above renaming
|
||||
for s in $(find -L ${d} -type l) ; do
|
||||
s=${s##*/}
|
||||
rm -f ${d}/${s}
|
||||
ln -s ssl-${m} ${d}/ssl-${s}
|
||||
ln -s ssl-${s} ${d}/openssl-${s}
|
||||
done
|
||||
done
|
||||
[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
|
||||
|
||||
dodir /etc/sandbox.d #254521
|
||||
echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl
|
||||
|
||||
diropts -m0700
|
||||
keepdir ${SSL_CNF_DIR}/private
|
||||
}
|
||||
|
||||
pkg_preinst() {
|
||||
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
|
||||
preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
|
||||
c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
|
||||
eend $?
|
||||
|
||||
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
|
||||
preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
}
|
@ -1,221 +0,0 @@
|
||||
# Copyright 1999-2013 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1b.ebuild,v 1.5 2013/05/21 17:53:18 vapier Exp $
|
||||
|
||||
EAPI="4"
|
||||
|
||||
inherit eutils flag-o-matic toolchain-funcs multilib
|
||||
|
||||
REV="1.7"
|
||||
DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
|
||||
HOMEPAGE="http://www.openssl.org/"
|
||||
SRC_URI="mirror://openssl/source/${P}.tar.gz
|
||||
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
|
||||
|
||||
LICENSE="openssl"
|
||||
SLOT="0"
|
||||
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
|
||||
IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test vanilla zlib"
|
||||
|
||||
# Have the sub-libs in RDEPEND with [static-libs] since, logically,
|
||||
# our libssl.a depends on libz.a/etc... at runtime.
|
||||
LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] )
|
||||
zlib? ( sys-libs/zlib[static-libs(+)] )
|
||||
kerberos? ( app-crypt/mit-krb5 )"
|
||||
# The blocks are temporary just to make sure people upgrade to a
|
||||
# version that lack runtime version checking. We'll drop them in
|
||||
# the future.
|
||||
RDEPEND="static-libs? ( ${LIB_DEPEND} )
|
||||
!static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )
|
||||
!<net-misc/openssh-5.9_p1-r4
|
||||
!<net-libs/neon-0.29.6-r1"
|
||||
DEPEND="${RDEPEND}
|
||||
sys-apps/diffutils
|
||||
>=dev-lang/perl-5
|
||||
test? ( sys-devel/bc )"
|
||||
PDEPEND="app-misc/ca-certificates"
|
||||
|
||||
src_unpack() {
|
||||
unpack ${P}.tar.gz
|
||||
SSL_CNF_DIR="/etc/ssl"
|
||||
sed \
|
||||
-e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \
|
||||
"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
|
||||
> "${WORKDIR}"/c_rehash || die #416717
|
||||
}
|
||||
|
||||
src_prepare() {
|
||||
# Make sure we only ever touch Makefile.org and avoid patching a file
|
||||
# that gets blown away anyways by the Configure script in src_configure
|
||||
rm -f Makefile
|
||||
|
||||
if ! use vanilla ; then
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
|
||||
epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch
|
||||
epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch
|
||||
epatch "${FILESDIR}"/${PN}-1.0.1-ipv6.patch
|
||||
epatch_user #332661
|
||||
fi
|
||||
|
||||
# disable fips in the build
|
||||
# make sure the man pages are suffixed #302165
|
||||
# don't bother building man pages if they're disabled
|
||||
sed -i \
|
||||
-e '/DIRS/s: fips : :g' \
|
||||
-e '/^MANSUFFIX/s:=.*:=ssl:' \
|
||||
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
|
||||
-e $(has noman FEATURES \
|
||||
&& echo '/^install:/s:install_docs::' \
|
||||
|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
|
||||
Makefile.org \
|
||||
|| die
|
||||
# show the actual commands in the log
|
||||
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
|
||||
|
||||
# allow openssl to be cross-compiled
|
||||
cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die
|
||||
chmod a+rx gentoo.config
|
||||
|
||||
append-flags -fno-strict-aliasing
|
||||
append-flags $(test-flags-CC -Wa,--noexecstack)
|
||||
|
||||
sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
|
||||
./config --test-sanity || die "I AM NOT SANE"
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
unset APPS #197996
|
||||
unset SCRIPTS #312551
|
||||
unset CROSS_COMPILE #311473
|
||||
|
||||
tc-export CC AR RANLIB RC
|
||||
|
||||
# Clean out patent-or-otherwise-encumbered code
|
||||
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
|
||||
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
|
||||
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
|
||||
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
|
||||
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
|
||||
|
||||
use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
|
||||
echoit() { echo "$@" ; "$@" ; }
|
||||
|
||||
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
|
||||
|
||||
local sslout=$(./gentoo.config)
|
||||
einfo "Use configuration ${sslout:-(openssl knows best)}"
|
||||
local config="Configure"
|
||||
[[ -z ${sslout} ]] && config="config"
|
||||
echoit \
|
||||
./${config} \
|
||||
${sslout} \
|
||||
$(use sse2 || echo "no-sse2") \
|
||||
enable-camellia \
|
||||
$(use_ssl !bindist ec) \
|
||||
enable-idea \
|
||||
enable-mdc2 \
|
||||
$(use_ssl !bindist rc5) \
|
||||
enable-tlsext \
|
||||
$(use_ssl gmp gmp -lgmp) \
|
||||
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
|
||||
$(use_ssl rfc3779) \
|
||||
$(use_ssl zlib) \
|
||||
--prefix=/usr \
|
||||
--openssldir=${SSL_CNF_DIR} \
|
||||
--libdir=$(get_libdir) \
|
||||
shared threads \
|
||||
|| die
|
||||
|
||||
# Clean out hardcoded flags that openssl uses
|
||||
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
|
||||
-e 's:^CFLAG=::' \
|
||||
-e 's:-fomit-frame-pointer ::g' \
|
||||
-e 's:-O[0-9] ::g' \
|
||||
-e 's:-march=[-a-z0-9]* ::g' \
|
||||
-e 's:-mcpu=[-a-z0-9]* ::g' \
|
||||
-e 's:-m[a-z0-9]* ::g' \
|
||||
)
|
||||
sed -i \
|
||||
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
|
||||
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
|
||||
Makefile || die
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
# depend is needed to use $confopts; it also doesn't matter
|
||||
# that it's -j1 as the code itself serializes subdirs
|
||||
emake -j1 depend
|
||||
emake all
|
||||
# rehash is needed to prep the certs/ dir; do this
|
||||
# separately to avoid parallel build issues.
|
||||
emake rehash
|
||||
}
|
||||
|
||||
src_test() {
|
||||
emake -j1 test
|
||||
}
|
||||
|
||||
src_install() {
|
||||
emake INSTALL_PREFIX="${D}" install
|
||||
dobin "${WORKDIR}"/c_rehash #333117
|
||||
dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
|
||||
dohtml -r doc/*
|
||||
use rfc3779 && dodoc engines/ccgost/README.gost
|
||||
|
||||
# This is crappy in that the static archives are still built even
|
||||
# when USE=static-libs. But this is due to a failing in the openssl
|
||||
# build system: the static archives are built as PIC all the time.
|
||||
# Only way around this would be to manually configure+compile openssl
|
||||
# twice; once with shared lib support enabled and once without.
|
||||
use static-libs || rm -f "${D}"/usr/lib*/lib*.a
|
||||
|
||||
# create the certs directory
|
||||
dodir ${SSL_CNF_DIR}/certs
|
||||
cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die
|
||||
rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired}
|
||||
|
||||
# Namespace openssl programs to prevent conflicts with other man pages
|
||||
cd "${D}"/usr/share/man
|
||||
local m d s
|
||||
for m in $(find . -type f | xargs grep -L '#include') ; do
|
||||
d=${m%/*} ; d=${d#./} ; m=${m##*/}
|
||||
[[ ${m} == openssl.1* ]] && continue
|
||||
[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
|
||||
mv ${d}/{,ssl-}${m}
|
||||
# fix up references to renamed man pages
|
||||
sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
|
||||
ln -s ssl-${m} ${d}/openssl-${m}
|
||||
# locate any symlinks that point to this man page ... we assume
|
||||
# that any broken links are due to the above renaming
|
||||
for s in $(find -L ${d} -type l) ; do
|
||||
s=${s##*/}
|
||||
rm -f ${d}/${s}
|
||||
ln -s ssl-${m} ${d}/ssl-${s}
|
||||
ln -s ssl-${s} ${d}/openssl-${s}
|
||||
done
|
||||
done
|
||||
[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
|
||||
|
||||
dodir /etc/sandbox.d #254521
|
||||
echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl
|
||||
|
||||
diropts -m0700
|
||||
keepdir ${SSL_CNF_DIR}/private
|
||||
}
|
||||
|
||||
pkg_preinst() {
|
||||
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
|
||||
preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
|
||||
c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
|
||||
eend $?
|
||||
|
||||
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
|
||||
preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
}
|
@ -1,221 +0,0 @@
|
||||
# Copyright 1999-2013 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1c.ebuild,v 1.14 2013/05/21 17:53:18 vapier Exp $
|
||||
|
||||
EAPI="4"
|
||||
|
||||
inherit eutils flag-o-matic toolchain-funcs multilib
|
||||
|
||||
REV="1.7"
|
||||
DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
|
||||
HOMEPAGE="http://www.openssl.org/"
|
||||
SRC_URI="mirror://openssl/source/${P}.tar.gz
|
||||
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
|
||||
|
||||
LICENSE="openssl"
|
||||
SLOT="0"
|
||||
KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
|
||||
IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test vanilla zlib"
|
||||
|
||||
# Have the sub-libs in RDEPEND with [static-libs] since, logically,
|
||||
# our libssl.a depends on libz.a/etc... at runtime.
|
||||
LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] )
|
||||
zlib? ( sys-libs/zlib[static-libs(+)] )
|
||||
kerberos? ( app-crypt/mit-krb5 )"
|
||||
# The blocks are temporary just to make sure people upgrade to a
|
||||
# version that lack runtime version checking. We'll drop them in
|
||||
# the future.
|
||||
RDEPEND="static-libs? ( ${LIB_DEPEND} )
|
||||
!static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )
|
||||
!<net-misc/openssh-5.9_p1-r4
|
||||
!<net-libs/neon-0.29.6-r1"
|
||||
DEPEND="${RDEPEND}
|
||||
sys-apps/diffutils
|
||||
>=dev-lang/perl-5
|
||||
test? ( sys-devel/bc )"
|
||||
PDEPEND="app-misc/ca-certificates"
|
||||
|
||||
src_unpack() {
|
||||
unpack ${P}.tar.gz
|
||||
SSL_CNF_DIR="/etc/ssl"
|
||||
sed \
|
||||
-e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \
|
||||
"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
|
||||
> "${WORKDIR}"/c_rehash || die #416717
|
||||
}
|
||||
|
||||
src_prepare() {
|
||||
# Make sure we only ever touch Makefile.org and avoid patching a file
|
||||
# that gets blown away anyways by the Configure script in src_configure
|
||||
rm -f Makefile
|
||||
|
||||
if ! use vanilla ; then
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
|
||||
epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
|
||||
epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch
|
||||
epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch
|
||||
epatch "${FILESDIR}"/${PN}-1.0.1-ipv6.patch
|
||||
epatch_user #332661
|
||||
fi
|
||||
|
||||
# disable fips in the build
|
||||
# make sure the man pages are suffixed #302165
|
||||
# don't bother building man pages if they're disabled
|
||||
sed -i \
|
||||
-e '/DIRS/s: fips : :g' \
|
||||
-e '/^MANSUFFIX/s:=.*:=ssl:' \
|
||||
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
|
||||
-e $(has noman FEATURES \
|
||||
&& echo '/^install:/s:install_docs::' \
|
||||
|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
|
||||
Makefile.org \
|
||||
|| die
|
||||
# show the actual commands in the log
|
||||
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
|
||||
|
||||
# allow openssl to be cross-compiled
|
||||
cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die
|
||||
chmod a+rx gentoo.config
|
||||
|
||||
append-flags -fno-strict-aliasing
|
||||
append-flags $(test-flags-CC -Wa,--noexecstack)
|
||||
|
||||
sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
|
||||
./config --test-sanity || die "I AM NOT SANE"
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
unset APPS #197996
|
||||
unset SCRIPTS #312551
|
||||
unset CROSS_COMPILE #311473
|
||||
|
||||
tc-export CC AR RANLIB RC
|
||||
|
||||
# Clean out patent-or-otherwise-encumbered code
|
||||
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
|
||||
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
|
||||
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
|
||||
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
|
||||
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
|
||||
|
||||
use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
|
||||
echoit() { echo "$@" ; "$@" ; }
|
||||
|
||||
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
|
||||
|
||||
local sslout=$(./gentoo.config)
|
||||
einfo "Use configuration ${sslout:-(openssl knows best)}"
|
||||
local config="Configure"
|
||||
[[ -z ${sslout} ]] && config="config"
|
||||
echoit \
|
||||
./${config} \
|
||||
${sslout} \
|
||||
$(use sse2 || echo "no-sse2") \
|
||||
enable-camellia \
|
||||
$(use_ssl !bindist ec) \
|
||||
enable-idea \
|
||||
enable-mdc2 \
|
||||
$(use_ssl !bindist rc5) \
|
||||
enable-tlsext \
|
||||
$(use_ssl gmp gmp -lgmp) \
|
||||
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
|
||||
$(use_ssl rfc3779) \
|
||||
$(use_ssl zlib) \
|
||||
--prefix=/usr \
|
||||
--openssldir=${SSL_CNF_DIR} \
|
||||
--libdir=$(get_libdir) \
|
||||
shared threads \
|
||||
|| die
|
||||
|
||||
# Clean out hardcoded flags that openssl uses
|
||||
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
|
||||
-e 's:^CFLAG=::' \
|
||||
-e 's:-fomit-frame-pointer ::g' \
|
||||
-e 's:-O[0-9] ::g' \
|
||||
-e 's:-march=[-a-z0-9]* ::g' \
|
||||
-e 's:-mcpu=[-a-z0-9]* ::g' \
|
||||
-e 's:-m[a-z0-9]* ::g' \
|
||||
)
|
||||
sed -i \
|
||||
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
|
||||
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
|
||||
Makefile || die
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
# depend is needed to use $confopts; it also doesn't matter
|
||||
# that it's -j1 as the code itself serializes subdirs
|
||||
emake -j1 depend
|
||||
emake all
|
||||
# rehash is needed to prep the certs/ dir; do this
|
||||
# separately to avoid parallel build issues.
|
||||
emake rehash
|
||||
}
|
||||
|
||||
src_test() {
|
||||
emake -j1 test
|
||||
}
|
||||
|
||||
src_install() {
|
||||
emake INSTALL_PREFIX="${D}" install
|
||||
dobin "${WORKDIR}"/c_rehash #333117
|
||||
dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
|
||||
dohtml -r doc/*
|
||||
use rfc3779 && dodoc engines/ccgost/README.gost
|
||||
|
||||
# This is crappy in that the static archives are still built even
|
||||
# when USE=static-libs. But this is due to a failing in the openssl
|
||||
# build system: the static archives are built as PIC all the time.
|
||||
# Only way around this would be to manually configure+compile openssl
|
||||
# twice; once with shared lib support enabled and once without.
|
||||
use static-libs || rm -f "${D}"/usr/lib*/lib*.a
|
||||
|
||||
# create the certs directory
|
||||
dodir ${SSL_CNF_DIR}/certs
|
||||
cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die
|
||||
rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired}
|
||||
|
||||
# Namespace openssl programs to prevent conflicts with other man pages
|
||||
cd "${D}"/usr/share/man
|
||||
local m d s
|
||||
for m in $(find . -type f | xargs grep -L '#include') ; do
|
||||
d=${m%/*} ; d=${d#./} ; m=${m##*/}
|
||||
[[ ${m} == openssl.1* ]] && continue
|
||||
[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
|
||||
mv ${d}/{,ssl-}${m}
|
||||
# fix up references to renamed man pages
|
||||
sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
|
||||
ln -s ssl-${m} ${d}/openssl-${m}
|
||||
# locate any symlinks that point to this man page ... we assume
|
||||
# that any broken links are due to the above renaming
|
||||
for s in $(find -L ${d} -type l) ; do
|
||||
s=${s##*/}
|
||||
rm -f ${d}/${s}
|
||||
ln -s ssl-${m} ${d}/ssl-${s}
|
||||
ln -s ssl-${s} ${d}/openssl-${s}
|
||||
done
|
||||
done
|
||||
[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
|
||||
|
||||
dodir /etc/sandbox.d #254521
|
||||
echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl
|
||||
|
||||
diropts -m0700
|
||||
keepdir ${SSL_CNF_DIR}/private
|
||||
}
|
||||
|
||||
pkg_preinst() {
|
||||
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
|
||||
preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
|
||||
c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
|
||||
eend $?
|
||||
|
||||
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
|
||||
preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
|
||||
}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue