diff options
| author |   Lars Wendler <polynomial-c@gentoo.org> | 2014-07-23 05:26:08 +0000 |
|---|---|---|
| committer | Lars Wendler <polynomial-c@gentoo.org> | 2014-07-23 05:26:08 +0000 |
| commit | 057b0ee7dd22e90e6a363871b14ed3b3df966cfd (patch) | |
| tree | d79666e558f683189eb9bab3de0716def2b8eb34 /dev-libs/openssl | |
| parent | Version bump. Add ruby21. Avoid network tests, fixing bug 454830. (diff) | |
| download | gentoo-2-057b0ee7dd22e90e6a363871b14ed3b3df966cfd.tar.gz gentoo-2-057b0ee7dd22e90e6a363871b14ed3b3df966cfd.tar.bz2 gentoo-2-057b0ee7dd22e90e6a363871b14ed3b3df966cfd.zip | |
Version bump. Removed old
(Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key 0x981CA6FC)
Diffstat (limited to 'dev-libs/openssl')
| -rw-r--r-- | dev-libs/openssl/ChangeLog | 12 | ||||
| -rw-r--r-- | dev-libs/openssl/files/openssl-1.0.2_beta1-perl-5.18.patch | 398 | ||||
| -rw-r--r-- | dev-libs/openssl/files/openssl-1.0.2_beta2-ipv6.patch (renamed from dev-libs/openssl/files/openssl-1.0.2-ipv6.patch) | 124 | ||||
| -rw-r--r-- | dev-libs/openssl/files/openssl-1.0.2_beta2-revert-alpha-perl-generation.patch | 65 | ||||
| -rw-r--r-- | dev-libs/openssl/openssl-1.0.2_beta1-r2.ebuild | 246 | ||||
| -rw-r--r-- | dev-libs/openssl/openssl-1.0.2_beta2.ebuild (renamed from dev-libs/openssl/openssl-1.0.2_beta1-r3.ebuild) | 14 |
6 files changed, 132 insertions, 727 deletions
diff --git a/dev-libs/openssl/ChangeLog b/dev-libs/openssl/ChangeLog index e939edafb84a..2da2340234a3 100644 --- a/dev-libs/openssl/ChangeLog +++ b/dev-libs/openssl/ChangeLog @@ -1,6 +1,16 @@ # ChangeLog for dev-libs/openssl # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.565 2014/07/22 10:43:26 ago Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.566 2014/07/23 05:26:08 polynomial-c Exp $ + +*openssl-1.0.2_beta2 (23 Jul 2014) + + 23 Jul 2014; Lars Wendler <polynomial-c@gentoo.org> + -openssl-1.0.2_beta1-r2.ebuild, -openssl-1.0.2_beta1-r3.ebuild, + +openssl-1.0.2_beta2.ebuild, -files/openssl-1.0.2-ipv6.patch, + -files/openssl-1.0.2_beta1-perl-5.18.patch, + +files/openssl-1.0.2_beta2-ipv6.patch, + +files/openssl-1.0.2_beta2-revert-alpha-perl-generation.patch: + Version bump. Removed old. 22 Jul 2014; Agostino Sarubbo <ago@gentoo.org> openssl-0.9.8z_p1-r2.ebuild, openssl-1.0.1h-r2.ebuild: diff --git a/dev-libs/openssl/files/openssl-1.0.2_beta1-perl-5.18.patch b/dev-libs/openssl/files/openssl-1.0.2_beta1-perl-5.18.patch deleted file mode 100644 index cbf9f0c940a8..000000000000 --- a/dev-libs/openssl/files/openssl-1.0.2_beta1-perl-5.18.patch +++ /dev/null @@ -1,398 +0,0 @@ -Forward-ported from openssl-1.0.1f-perl-5.18.patch -Fixes install with perl-5.18. - -Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> - ---- openssl-1.0.2-beta1/doc/apps/cms.pod -+++ openssl-1.0.2-beta1/doc/apps/cms.pod -@@ -463,28 +463,28 @@ - - =over 4 - --=item 0 -+=item C<0> - - the operation was completely successfully. - --=item 1 -+=item C<1> - - an error occurred parsing the command options. - --=item 2 -+=item C<2> - - one of the input files could not be read. - --=item 3 -+=item C<3> - - an error occurred creating the CMS file or when reading the MIME - message. - --=item 4 -+=item C<4> - - an error occurred decrypting or verifying the message. - --=item 5 -+=item C<5> - - the message was verified correctly but an error occurred writing out - the signers certificates. ---- openssl-1.0.2-beta1/doc/apps/smime.pod -+++ openssl-1.0.2-beta1/doc/apps/smime.pod -@@ -308,28 +308,28 @@ - - =over 4 - --=item 0 -+=item C<0> - - the operation was completely successfully. - --=item 1 -+=item C<1> - - an error occurred parsing the command options. - --=item 2 -+=item C<2> - - one of the input files could not be read. - --=item 3 -+=item C<3> - - an error occurred creating the PKCS#7 file or when reading the MIME - message. - --=item 4 -+=item C<4> - - an error occurred decrypting or verifying the message. - --=item 5 -+=item C<5> - - the message was verified correctly but an error occurred writing out - the signers certificates. ---- openssl-1.0.2-beta1/doc/ssl/SSL_accept.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_accept.pod -@@ -44,13 +44,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The TLS/SSL handshake was not successful but was shut down controlled and - by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the - return value B<ret> to find out the reason. - --=item 1 -+=item C<1> - - The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been - established. ---- openssl-1.0.2-beta1/doc/ssl/SSL_clear.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_clear.pod -@@ -56,12 +56,12 @@ - - =over 4 - --=item 0 -+=item C<0> - - The SSL_clear() operation could not be performed. Check the error stack to - find out the reason. - --=item 1 -+=item C<1> - - The SSL_clear() operation was successful. - ---- openssl-1.0.2-beta1/doc/ssl/SSL_COMP_add_compression_method.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_COMP_add_compression_method.pod -@@ -53,11 +53,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation succeeded. - --=item 1 -+=item C<1> - - The operation failed. Check the error queue to find out the reason. - ---- openssl-1.0.2-beta1/doc/ssl/SSL_CONF_cmd.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_CONF_cmd.pod -@@ -320,6 +320,8 @@ - - The value is a directory name. - -+=back -+ - =head1 NOTES - - The order of operations is significant. This can be used to set either defaults ---- openssl-1.0.2-beta1/doc/ssl/SSL_connect.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_connect.pod -@@ -41,13 +41,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The TLS/SSL handshake was not successful but was shut down controlled and - by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the - return value B<ret> to find out the reason. - --=item 1 -+=item C<1> - - The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been - established. ---- openssl-1.0.2-beta1/doc/ssl/SSL_CTX_add1_chain_cert.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_CTX_add1_chain_cert.pod -@@ -128,6 +128,8 @@ - - All other functions return 1 for success and 0 for failure. - -+=over -+ - =back - - =head1 SEE ALSO ---- openssl-1.0.2-beta1/doc/ssl/SSL_CTX_add_session.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_CTX_add_session.pod -@@ -52,13 +52,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation failed. In case of the add operation, it was tried to add - the same (identical) session twice. In case of the remove operation, the - session was not found in the cache. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.2-beta1/doc/ssl/SSL_CTX_load_verify_locations.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_CTX_load_verify_locations.pod -@@ -100,13 +100,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation failed because B<CAfile> and B<CApath> are NULL or the - processing at one of the locations specified failed. Check the error - stack to find out the reason. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.2-beta1/doc/ssl/SSL_CTX_set1_curves.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_CTX_set1_curves.pod -@@ -87,6 +87,8 @@ - SSL_get1_shared_curve() returns the NID of shared curve B<n> of zero if there - is no shared curve B<n> or the number of shared curves if B<n> is -1. - -+=over -+ - =back - - =head1 SEE ALSO ---- openssl-1.0.2-beta1/doc/ssl/SSL_CTX_set1_verify_cert_store.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_CTX_set1_verify_cert_store.pod -@@ -70,6 +70,8 @@ - - All these functions return 1 for success and 0 for failure. - -+=over -+ - =back - - =head1 SEE ALSO ---- openssl-1.0.2-beta1/doc/ssl/SSL_CTX_set_client_CA_list.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_CTX_set_client_CA_list.pod -@@ -66,13 +66,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - A failure while manipulating the STACK_OF(X509_NAME) object occurred or - the X509_NAME could not be extracted from B<cacert>. Check the error stack - to find out the reason. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.2-beta1/doc/ssl/SSL_CTX_set_session_id_context.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_CTX_set_session_id_context.pod -@@ -64,13 +64,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded - the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error - is logged to the error stack. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.2-beta1/doc/ssl/SSL_CTX_set_ssl_version.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_CTX_set_ssl_version.pod -@@ -42,11 +42,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - The new choice failed, check the error stack to find out the reason. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.2-beta1/doc/ssl/SSL_CTX_use_psk_identity_hint.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_CTX_use_psk_identity_hint.pod -@@ -96,7 +96,7 @@ - connection will fail with decryption_error before it will be finished - completely. - --=item 0 -+=item C<0> - - PSK identity was not found. An "unknown_psk_identity" alert message - will be sent and the connection setup fails. ---- openssl-1.0.2-beta1/doc/ssl/SSL_do_handshake.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_do_handshake.pod -@@ -45,13 +45,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The TLS/SSL handshake was not successful but was shut down controlled and - by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the - return value B<ret> to find out the reason. - --=item 1 -+=item C<1> - - The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been - established. ---- openssl-1.0.2-beta1/doc/ssl/SSL_read.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_read.pod -@@ -86,7 +86,7 @@ - The read operation was successful; the return value is the number of - bytes actually read from the TLS/SSL connection. - --=item 0 -+=item C<0> - - The read operation was not successful. The reason may either be a clean - shutdown due to a "close notify" alert sent by the peer (in which case ---- openssl-1.0.2-beta1/doc/ssl/SSL_session_reused.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_session_reused.pod -@@ -27,11 +27,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - A new session was negotiated. - --=item 1 -+=item C<1> - - A session was reused. - ---- openssl-1.0.2-beta1/doc/ssl/SSL_set_fd.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_set_fd.pod -@@ -35,11 +35,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation failed. Check the error stack to find out why. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.2-beta1/doc/ssl/SSL_set_session.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_set_session.pod -@@ -37,11 +37,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation failed; check the error stack to find out the reason. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.2-beta1/doc/ssl/SSL_shutdown.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_shutdown.pod -@@ -92,14 +92,14 @@ - - =over 4 - --=item 0 -+=item C<0> - - The shutdown is not yet finished. Call SSL_shutdown() for a second time, - if a bidirectional shutdown shall be performed. - The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an - erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred. - --=item 1 -+=item C<1> - - The shutdown was successfully completed. The "close notify" alert was sent - and the peer's "close notify" alert was received. ---- openssl-1.0.2-beta1/doc/ssl/SSL_write.pod -+++ openssl-1.0.2-beta1/doc/ssl/SSL_write.pod -@@ -79,7 +79,7 @@ - The write operation was successful, the return value is the number of - bytes actually written to the TLS/SSL connection. - --=item 0 -+=item C<0> - - The write operation was not successful. Probably the underlying connection - was closed. Call SSL_get_error() with the return value B<ret> to find out, diff --git a/dev-libs/openssl/files/openssl-1.0.2-ipv6.patch b/dev-libs/openssl/files/openssl-1.0.2_beta2-ipv6.patch index 5af29f56ce6e..8683d2829f04 100644 --- a/dev-libs/openssl/files/openssl-1.0.2-ipv6.patch +++ b/dev-libs/openssl/files/openssl-1.0.2_beta2-ipv6.patch @@ -1,12 +1,7 @@ http://rt.openssl.org/Ticket/Display.html?id=2051&user=guest&pass=guest -Index: apps/s_apps.h -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_apps.h,v -retrieving revision 1.21.2.1 -diff -u -r1.21.2.1 s_apps.h ---- apps/s_apps.h 4 Sep 2009 17:42:04 -0000 1.21.2.1 -+++ apps/s_apps.h 28 Dec 2011 00:28:14 -0000 +--- openssl-1.0.2-beta2/apps/s_apps.h ++++ openssl-1.0.2-beta2/apps/s_apps.h @@ -148,7 +148,7 @@ #define PORT_STR "4433" #define PROTOCOL "tcp" @@ -16,7 +11,7 @@ diff -u -r1.21.2.1 s_apps.h #ifdef HEADER_X509_H int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); #endif -@@ -156,7 +156,7 @@ +@@ -161,7 +161,7 @@ int ssl_print_curves(BIO *out, SSL *s, int noshared); #endif int ssl_print_tmp_key(BIO *out, SSL *s); @@ -25,14 +20,9 @@ diff -u -r1.21.2.1 s_apps.h int should_retry(int i); int extract_port(char *str, short *port_ptr); int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p); -Index: apps/s_client.c -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_client.c,v -retrieving revision 1.123.2.6.2.10 -diff -u -r1.123.2.6.2.10 s_client.c ---- apps/s_client.c 14 Dec 2011 22:18:02 -0000 1.123.2.6.2.10 -+++ apps/s_client.c 28 Dec 2011 00:28:14 -0000 -@@ -285,6 +285,10 @@ +--- openssl-1.0.2-beta2/apps/s_client.c ++++ openssl-1.0.2-beta2/apps/s_client.c +@@ -288,6 +288,10 @@ { BIO_printf(bio_err,"usage: s_client args\n"); BIO_printf(bio_err,"\n"); @@ -43,15 +33,15 @@ diff -u -r1.123.2.6.2.10 s_client.c BIO_printf(bio_err," -host host - use -connect instead\n"); BIO_printf(bio_err," -port port - use -connect instead\n"); BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); -@@ -564,6 +567,7 @@ +@@ -595,6 +599,7 @@ int sbuf_len,sbuf_off; fd_set readfds,writefds; short port=PORT; + int use_ipv4, use_ipv6; int full_log=1; char *host=SSL_HOST_NAME; - char *cert_file=NULL,*key_file=NULL; -@@ -609,7 +613,11 @@ + char *cert_file=NULL,*key_file=NULL,*chain_file=NULL; +@@ -647,7 +652,11 @@ #endif char *sess_in = NULL; char *sess_out = NULL; @@ -64,9 +54,9 @@ diff -u -r1.123.2.6.2.10 s_client.c int peerlen = sizeof(peer); int enable_timeouts = 0 ; long socket_mtu = 0; -@@ -630,6 +638,12 @@ - meth=SSLv2_client_method(); - #endif +@@ -674,6 +683,12 @@ + + meth=SSLv23_client_method(); + use_ipv4 = 1; +#if OPENSSL_USE_IPV6 @@ -77,7 +67,7 @@ diff -u -r1.123.2.6.2.10 s_client.c apps_startup(); c_Pause=0; c_quiet=0; -@@ -951,6 +961,18 @@ +@@ -1079,6 +1094,18 @@ jpake_secret = *++argv; } #endif @@ -96,7 +86,7 @@ diff -u -r1.123.2.6.2.10 s_client.c else if (strcmp(*argv,"-use_srtp") == 0) { if (--argc < 1) goto bad; -@@ -1259,7 +1276,7 @@ +@@ -1445,7 +1472,7 @@ re_start: @@ -105,7 +95,7 @@ diff -u -r1.123.2.6.2.10 s_client.c { BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error()); SHUTDOWN(s); -@@ -1285,7 +1302,7 @@ +@@ -1471,7 +1498,7 @@ { sbio=BIO_new_dgram(s,BIO_NOCLOSE); @@ -114,15 +104,11 @@ diff -u -r1.123.2.6.2.10 s_client.c { BIO_printf(bio_err, "getsockname:errno=%d\n", get_last_socket_error()); -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_server.c,v -retrieving revision 1.136.2.15.2.13 -diff -u -r1.136.2.15.2.13 s_server.c ---- apps/s_server.c 27 Dec 2011 14:23:22 -0000 1.136.2.15.2.13 -+++ apps/s_server.c 28 Dec 2011 00:28:14 -0000 -@@ -558,6 +558,10 @@ - # endif - BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list"); +--- openssl-1.0.2-beta2/apps/s_server.c ++++ openssl-1.0.2-beta2/apps/s_server.c +@@ -584,6 +584,10 @@ + BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); + BIO_printf(bio_err," -alpn arg - set the advertised protocols for the ALPN extension (comma-separated list)\n"); #endif + BIO_printf(bio_err," -4 - use IPv4 only\n"); +#if OPENSSL_USE_IPV6 @@ -130,8 +116,8 @@ diff -u -r1.136.2.15.2.13 s_server.c +#endif BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); - } -@@ -943,6 +947,7 @@ + BIO_printf(bio_err," -status - respond to certificate status requests\n"); +@@ -1014,6 +1018,7 @@ int state=0; const SSL_METHOD *meth=NULL; int socket_type=SOCK_STREAM; @@ -139,9 +125,9 @@ diff -u -r1.136.2.15.2.13 s_server.c ENGINE *e=NULL; char *inrand=NULL; int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; -@@ -981,6 +986,12 @@ - /* #error no SSL version enabled */ - #endif +@@ -1055,6 +1060,12 @@ + + meth=SSLv23_server_method(); + use_ipv4 = 1; +#if OPENSSL_USE_IPV6 @@ -152,7 +138,7 @@ diff -u -r1.136.2.15.2.13 s_server.c local_argc=argc; local_argv=argv; -@@ -1329,6 +1340,18 @@ +@@ -1493,6 +1504,18 @@ jpake_secret = *(++argv); } #endif @@ -171,7 +157,7 @@ diff -u -r1.136.2.15.2.13 s_server.c else if (strcmp(*argv,"-use_srtp") == 0) { if (--argc < 1) goto bad; -@@ -2104,11 +2104,11 @@ bad: +@@ -2063,11 +2086,11 @@ BIO_printf(bio_s_out,"ACCEPT\n"); (void)BIO_flush(bio_s_out); if (rev) @@ -186,13 +172,8 @@ diff -u -r1.136.2.15.2.13 s_server.c print_stats(bio_s_out,ctx); ret=0; end: -Index: apps/s_socket.c -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_socket.c,v -retrieving revision 1.43.2.3.2.2 -diff -u -r1.43.2.3.2.2 s_socket.c ---- apps/s_socket.c 2 Dec 2011 14:39:40 -0000 1.43.2.3.2.2 -+++ apps/s_socket.c 28 Dec 2011 00:28:14 -0000 +--- openssl-1.0.2-beta2/apps/s_socket.c ++++ openssl-1.0.2-beta2/apps/s_socket.c @@ -97,16 +97,16 @@ #include "netdb.h" #endif @@ -304,8 +285,8 @@ diff -u -r1.43.2.3.2.2 s_socket.c if (s == INVALID_SOCKET) { perror("socket"); return(0); } -@@ -277,29 +315,27 @@ - if (i < 0) { perror("keepalive"); return(0); } +@@ -277,29 +307,27 @@ + if (i < 0) { closesocket(s); perror("keepalive"); return(0); } } #endif - @@ -339,7 +320,7 @@ diff -u -r1.43.2.3.2.2 s_socket.c if (type==SOCK_STREAM) { if (do_accept(accept_socket,&sock,&name) == 0) -@@ -322,41 +358,88 @@ +@@ -324,41 +352,88 @@ } } @@ -404,17 +385,13 @@ diff -u -r1.43.2.3.2.2 s_socket.c +#endif +#if OPENSSL_USE_IPV6 + if ((use_ipv4 == 0) && (use_ipv6 == 1)) - { -- int j = 1; -- setsockopt(s, SOL_SOCKET, SO_REUSEADDR, -- (void *) &j, sizeof j); ++ { + const int on = 1; + + setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, + (const void *) &on, sizeof(int)); - } - #endif -- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1) ++ } ++#endif + if (domain == AF_INET) + { + addr_len = (socklen_t)sizeof(struct sockaddr_in); @@ -433,7 +410,10 @@ diff -u -r1.43.2.3.2.2 s_socket.c + } +#if OPENSSL_USE_IPV6 + else -+ { + { +- int j = 1; +- setsockopt(s, SOL_SOCKET, SO_REUSEADDR, +- (void *) &j, sizeof j); + addr_len = (socklen_t)sizeof(struct sockaddr_in6); + memset(server_in6, 0, sizeof(struct sockaddr_in6)); + server_in6->sin6_family = AF_INET6; @@ -442,13 +422,14 @@ diff -u -r1.43.2.3.2.2 s_socket.c + server_in6->sin6_addr = in6addr_any; + else + memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr)); -+ } -+#endif + } + #endif +- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1) + if (bind(s, (struct sockaddr *)&server, addr_len) == -1) { #ifndef OPENSSL_SYS_WINDOWS perror("bind"); -@@ -375,16 +458,23 @@ +@@ -377,16 +452,23 @@ return(ret); } @@ -475,7 +456,7 @@ diff -u -r1.43.2.3.2.2 s_socket.c int len; /* struct linger ling; */ -@@ -431,13 +521,23 @@ +@@ -433,13 +515,23 @@ */ if (host == NULL) goto end; @@ -504,7 +485,7 @@ diff -u -r1.43.2.3.2.2 s_socket.c #endif if (h1 == NULL) { -@@ -454,15 +554,23 @@ +@@ -457,16 +549,24 @@ } BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1); @@ -517,6 +498,7 @@ diff -u -r1.43.2.3.2.2 s_socket.c if (h2 == NULL) { BIO_printf(bio_err,"gethostbyname failure\n"); + closesocket(ret); return(0); } - if (h2->h_addrtype != AF_INET) @@ -527,11 +509,11 @@ diff -u -r1.43.2.3.2.2 s_socket.c +#endif { - BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); -+ BIO_printf(bio_err,"gethostbyname addr address is not correct\n"); ++ BIO_printf(bio_err,"gethostbyname addr is not correct\n"); + closesocket(ret); return(0); } - } -@@ -477,7 +585,7 @@ +@@ -482,7 +582,7 @@ char *h,*p; h=str; @@ -540,7 +522,7 @@ diff -u -r1.43.2.3.2.2 s_socket.c if (p == NULL) { BIO_printf(bio_err,"no port defined\n"); -@@ -485,7 +593,7 @@ +@@ -490,7 +590,7 @@ } *(p++)='\0'; @@ -549,7 +531,7 @@ diff -u -r1.43.2.3.2.2 s_socket.c goto err; if (host_ptr != NULL) *host_ptr=h; -@@ -496,48 +604,58 @@ +@@ -501,48 +601,58 @@ return(0); } @@ -624,7 +606,7 @@ diff -u -r1.43.2.3.2.2 s_socket.c err: return(0); } -@@ -574,7 +692,7 @@ +@@ -579,7 +689,7 @@ static unsigned long ghbn_hits=0L; static unsigned long ghbn_miss=0L; @@ -633,7 +615,7 @@ diff -u -r1.43.2.3.2.2 s_socket.c { struct hostent *ret; int i,lowi=0; -@@ -589,14 +707,20 @@ +@@ -594,14 +704,20 @@ } if (ghbn_cache[i].order > 0) { diff --git a/dev-libs/openssl/files/openssl-1.0.2_beta2-revert-alpha-perl-generation.patch b/dev-libs/openssl/files/openssl-1.0.2_beta2-revert-alpha-perl-generation.patch new file mode 100644 index 000000000000..9c3dbb7e262f --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.0.2_beta2-revert-alpha-perl-generation.patch @@ -0,0 +1,65 @@ +https://bugs.gentoo.org/499086 +https://rt.openssl.org/Ticket/Display.html?id=3333&user=guest&pass=guest + +when gcc is given a .s file and told to preprocess it, it outputs nothing + +This reverts commit d1cf23ac86c05b22b8780e2c03b67230564d2d34. +--- + Makefile | 4 +--- + bn/Makefile | 4 +--- + modes/Makefile | 4 +--- + sha/Makefile | 4 +--- + 4 files changed, 4 insertions(+), 12 deletions(-) + +--- openssl-1.0.2-beta2/crypto/bn/Makefile ++++ openssl-1.0.2-beta2/crypto/bn/Makefile +@@ -135,9 +135,7 @@ + ppc64-mont.s: asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@ + + alpha-mont.s: asm/alpha-mont.pl +- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \ +- $(PERL) asm/alpha-mont.pl > $$preproc && \ +- $(CC) -E $$preproc > $@ && rm $$preproc) ++ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null + + # GNU make "catch all" + %-mont.S: asm/%-mont.pl; $(PERL) $< $(PERLASM_SCHEME) $@ +--- openssl-1.0.2-beta2/crypto/Makefile ++++ openssl-1.0.2-beta2/crypto/Makefile +@@ -77,9 +77,7 @@ + ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@ + pariscid.s: pariscid.pl; $(PERL) pariscid.pl $(PERLASM_SCHEME) $@ + alphacpuid.s: alphacpuid.pl +- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \ +- $(PERL) alphacpuid.pl > $$preproc && \ +- $(CC) -E $$preproc > $@ && rm $$preproc) ++ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null + + testapps: + [ -z "$(THIS)" ] || ( if echo $(SDIRS) | fgrep ' des '; \ +--- openssl-1.0.2-beta2/crypto/modes/Makefile ++++ openssl-1.0.2-beta2/crypto/modes/Makefile +@@ -55,9 +55,7 @@ + ghash-sparcv9.s: asm/ghash-sparcv9.pl + $(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS) + ghash-alpha.s: asm/ghash-alpha.pl +- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \ +- $(PERL) asm/ghash-alpha.pl > $$preproc && \ +- $(CC) -E $$preproc > $@ && rm $$preproc) ++ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null + ghash-parisc.s: asm/ghash-parisc.pl + $(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@ + ghashv8-armx.S: asm/ghashv8-armx.pl +--- openssl-1.0.2-beta2/crypto/sha/Makefile ++++ openssl-1.0.2-beta2/crypto/sha/Makefile +@@ -60,9 +60,7 @@ + $(PERL) $< $(PERLASM_SCHEME) $@ + + sha1-alpha.s: asm/sha1-alpha.pl +- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \ +- $(PERL) asm/sha1-alpha.pl > $$preproc && \ +- $(CC) -E $$preproc > $@ && rm $$preproc) ++ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null + + # Solaris make has to be explicitly told + sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@ diff --git a/dev-libs/openssl/openssl-1.0.2_beta1-r2.ebuild b/dev-libs/openssl/openssl-1.0.2_beta1-r2.ebuild deleted file mode 100644 index 31e9e7000be5..000000000000 --- a/dev-libs/openssl/openssl-1.0.2_beta1-r2.ebuild +++ /dev/null @@ -1,246 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2_beta1-r2.ebuild,v 1.1 2014/04/25 08:19:03 polynomial-c Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib - -REV="1.7" -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz - http://dev.gentoo.org/~polynomial-c/${P}-patches-02.tar.xz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib" - -# Have the sub-libs in RDEPEND with [static-libs] since, logically, -# our libssl.a depends on libz.a/etc... at runtime. -LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] ) - zlib? ( sys-libs/zlib[static-libs(+)] ) - kerberos? ( app-crypt/mit-krb5 )" -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="static-libs? ( ${LIB_DEPEND} ) - !static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -src_prepare() { - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.2-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2_beta1-perl-5.18.patch #497286 - epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - - # upstream fixes taken from 1.0.2_stable branch at openssl.git - # repository. - EPATCH_SUFFIX="patch" EPATCH_FORCE="yes" \ - epatch "${WORKDIR}/patches" - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config --test-sanity || die "I AM NOT SANE" -} - -src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - echoit \ - ./${config} \ - ${sslout} \ - $(use sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads \ - || die - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -src_compile() { - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -src_test() { - emake -j1 test -} - -src_install() { - emake INSTALL_PREFIX="${D}" install - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8 -} diff --git a/dev-libs/openssl/openssl-1.0.2_beta1-r3.ebuild b/dev-libs/openssl/openssl-1.0.2_beta2.ebuild index 3f28da5f97e3..313c2c443bbb 100644 --- a/dev-libs/openssl/openssl-1.0.2_beta1-r3.ebuild +++ b/dev-libs/openssl/openssl-1.0.2_beta2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2_beta1-r3.ebuild,v 1.5 2014/06/18 19:18:41 mgorny Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2_beta2.ebuild,v 1.1 2014/07/23 05:26:08 polynomial-c Exp $ EAPI="4" @@ -11,7 +11,6 @@ MY_P=${P/_/-} DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" HOMEPAGE="http://www.openssl.org/" SRC_URI="mirror://openssl/source/${MY_P}.tar.gz - http://dev.gentoo.org/~polynomial-c/${P}-patches-02.tar.xz http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" LICENSE="openssl" @@ -58,17 +57,10 @@ src_prepare() { if ! use vanilla ; then epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch epatch "${FILESDIR}"/${PN}-1.0.2-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2_beta1-perl-5.18.patch #497286 + epatch "${FILESDIR}"/${PN}-1.0.2_beta2-ipv6.patch epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - - # upstream fixes taken from 1.0.2_stable branch at openssl.git - # repository. - EPATCH_SUFFIX="patch" EPATCH_FORCE="yes" \ - epatch "${WORKDIR}/patches" + epatch "${FILESDIR}"/${PN}-1.0.2_beta2-revert-alpha-perl-generation.patch #499086 epatch_user #332661 fi |