diff options
26 files changed, 79 insertions, 7892 deletions
diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest index e8ed8a15..10ec7e0a 100644 --- a/dev-libs/openssl/Manifest +++ b/dev-libs/openssl/Manifest @@ -1,102 +1,57 @@ -AUX gentoo.config-1.0.1 4999 SHA256 279ee86a8048f717eb2aa4ffdb3bc50c505515f3147a4368af2674f02f2fcc02 SHA512 bc39bbb6c30721631941851f23cc633c16b90031511bc212d1f9f978beba3592098f3de1b63f0c272ba0d519d185ec7e0546388ebf6be9f43f4d93c243c5710d WHIRLPOOL f5c82935b9c43c93a8f6645611c040b6c9d4770389437bdc65bf95d22aa6001787f212a26c90ab07b6325de65ea7f7d5e069dfdf6ba11de697a5d1d316258e31 -AUX gentoo.config-1.0.2 5162 SHA256 55156af6205dadae726f0201ab380fe28145c8b6acdd3cedc035aad6bc028011 SHA512 e352c2c52cf5a7c757bf6b88e025b22a3d75c267a5d70d76f1c510d6751977790894fecaf2f4fa2dde3ae37980e7292ac66e460c28e353aa6a8b496b6535fd48 WHIRLPOOL cf734d962df7e56283feccf174618fd49a6163d0995b84ee5761010a05a68c4d892dfde4cc746bba507028f3cbc3858ff43355e022ee24cfa25f8fb1d7e2dbb8 -AUX openssl-0.9.8g-engines-installnames.patch 529 SHA256 67eaee0e6dc8b17cefcebb028f2b393bb024f2c618bba5a53a62eedc9e2c7e12 SHA512 3a843dbd90aefe28a7ef0c68bf685aa9136f01565014b4e07ad8e51632d84bd5918efc8f5d13e0e99bf0e8ff06f13f59d7cb04c45f2ac790fd48f60221774fdc WHIRLPOOL 4b71405081d0984ccc28f16654839eb92ebe639d7bd5e8b541180487d14eecaab5e5709e5c53385e2fe42c2832ee0bf316e64855111bc2d9d1529f18e35cf935 -AUX openssl-0.9.8k-winnt.patch 4055 SHA256 8b4d028912223db12b727a5c919b5045d5d58f3322fb4911b2d10889a63807ea SHA512 ba7cb57e085aeb3ca4542c4f1d46db26d4e5a151312a01af0a03a46248686146714d57d8d6377f4d910b4b67a3dd1e5806559b86581a23a0a14fe9169d7c5c06 WHIRLPOOL c32ebcda484af837aca42b88c42e3b5646bf4e15d2d04b493344744ce20d40bd8de255f494ea67bbc6cb400bbbc6f4299c5c139583179c0a60745e9d7479ee4a -AUX openssl-0.9.8l-aixso.patch 1298 SHA256 4b43b57696ba8471036e47ab800b86b3cbc72b1afdc05ad41a64f5512c98c4d2 SHA512 e8a1c9dc913950b1e93c815680290c2feba594a95e8ea511815dfda5f9179d66eaf192df018d4585cab3a963b146d0353f223983f67daeaeb830d18cf0b57bf4 WHIRLPOOL 67d02c19225183368a3c8b390c74201e129bd1a7107b9e3eb8b8c5129f52e67adeb5b715869a383c7b18a40a69e3610d88aac499263d9352713c6f643ee0e63a -AUX openssl-1.0.0a-interix.patch 1223 SHA256 5f08733929f9caf385baefdab164870b9fbc5a702aeccb6a4ec574c27d63f3d7 SHA512 b035bc0fbaff529c4fb679399e412c022314bc85f481c3751fe2c1b12b2fefee4977be3901f920a517a9a92389caa513b122d2a3c1faf3ac5173bbbd580ed478 WHIRLPOOL 2a5d9440f5acd18b06bc17a3b519199b72f78a043a122c2292deb02dd28e896cb35c174951b7245cad32d4c75ab0681fb727bb698739ffd0bdb2f0679b935bc6 -AUX openssl-1.0.0a-ldflags.patch 1095 SHA256 17bb0b9988de0be6b8bb916d953d5d62cf054943f3bc24c5d7c8fea91d864350 SHA512 80c3677313a6268fdc2eb7b556dc081f1047694cf932a8669820923952bf0e3002da4cd92d6a335b44f8a6ece7d88319c15e9c0171118bfc03ff7a9b718726d8 WHIRLPOOL 55bc5d8f0ee620d8e56215572a6eb65a06ff9bf180d6b33f6db74e2129e5373252238772ba6db25293f398a6713b7259c6ae959b15ce8292da9aeb3071a34243 -AUX openssl-1.0.0a-mint.patch 903 SHA256 23b15301aa0688ff3135690680c0f753a8818f6b2160d49398685834252c03f1 SHA512 559149c296123923d5022309de54012f2c4e81845e0dc0233d85c33a5f3285ad32ff1c214dff68b56b9cfc95b5b2933cc9522311e443977d95edd244649c0b27 WHIRLPOOL 7b9226f85df07a1b1fb2217edbd5480326bd86e4b85d3e87d3f02d7e76cbd2339ecddf0d6019d9d5fb7f2012fd2c9fc5159260458f591b7dcdf3c0ed27b56e42 -AUX openssl-1.0.0b-darwin-bundle-compile-fix.patch 1714 SHA256 327e2823e1a613d3821cebefa05b72bcaa6e1185c2eed4d1af0c33403db717bb SHA512 15b54339efde966b8420fabcd23f9a48f3fb057bd4479284ce2301aefb59bae900d41959fd9b937fa380c307a8e7b4c9c90d13fac96a3a53e253a7cfb782d639 WHIRLPOOL 045e84ee7e9b3172589481f746bed653abab6f2f7b6472909b39f38e67a3e8ad0efb058f6b92843845a57b9838943d15875d4a8c6efb199297c41ac2928e058f -AUX openssl-1.0.0d-windres.patch 2912 SHA256 e5dbfd6af69bc3f69b51787cf1f6245207be9824dfffbdd9b4e278772ed8ab32 SHA512 d7a0238edea29aac7d20dca0778c67f8ae4dc0da190e5277e1b3519ae536f2c44533ac5dc1cbcd138bc4277ad669b13fca316bd962f26e2cb387f2ad3fd0111b WHIRLPOOL d62156820e55898d0a0393473c6ad8e49c5aa7bb9d3fc7043795de7102c3003d5f8b874c751e03cf832e306ac290790e871e1318bb830b3558a43e09be5b45b4 -AUX openssl-1.0.0h-pkg-config.patch 1363 SHA256 dbbcc175f02e5edced01a13dd1e7d35dc4322c0970f78a7fd781a6c0766886af SHA512 c2f7a68c96098bd742235a40f27d6b1e5a0ebece53ca32dd0be74b85210479064efa1d5dc76e457b786067185768492fab2ed53762a22c511c2a2e3d43ed137b WHIRLPOOL 7f795dbed2124d8d2d126886d106675662f09b8e79c70fa2af3298486fdb75b7f1285dc17a53daf985bd4af1e58c36e13e49f46d18af860f0dabad1b3898c3b0 -AUX openssl-1.0.1-gethostbyname2-solaris.patch 426 SHA256 6b256df7c02ffbb58654bb4ae99d835b1905896a79d0b06b474f2e27a805ec90 SHA512 db9459677dac6482daa84f7784a81ecf87d68f2051034630979b0206c2a1b4844126742ac20137952d39b68a7509397fd55b05099a4e0efba51f53f54e431101 WHIRLPOOL 5621b93bfbdae12468036f55e2af3422a5e9e7249ce8367f99cb2986a344b9dd196699b209f0670bd6915dc2e1a46d0ac1acdcf3479f05c10d6b19b2e93147a6 -AUX openssl-1.0.1-parallel-build.patch 10614 SHA256 f3aa674880ffa53a891d3f9054a1ff162c4461b3ec160a365990275907636259 SHA512 439015b3b007adfbab047a1e3e12a9700030779a593bba1a30e9554c7c02eb1cffe9acb089546954e87163847cf86b13130abf9646eb5d00a2ff725b534f84d5 WHIRLPOOL 673f6f045765effb9ded607bf8116a81e7bfeee78ba0e8a34892081c272239a2b75fbb14f4c48b61d93593fac8e1b1e8bef7223f4cc64e8443e19c8f337ab6bc -AUX openssl-1.0.1-x32.patch 3273 SHA256 a4f05b8757e225a05a9c5a3ea485159066760d878c9ee54c4eaf61760e33c6cf SHA512 6bed57fe2fbe2d0ced1279b53804d94426a679d5d6b80ad7d0ed18523a7fda397e02038032c08cdd4e6034f9ff6e82cad365ff2a724d49d91467cf2b77f47752 WHIRLPOOL 1366632e7dc1c6e54efc5b9791bf24833d20e7a61ca29aa38d31b5b9629febf926a29742e370b7cd6767c810c0a1676100ca9169f0d836dfd19ff0b2c29e49c1 -AUX openssl-1.0.1e-ipv6.patch 18596 SHA256 430d15f2f62c2d7b9bbb968d3c1d3cea51c97d549e01683fd6befb20e2b60946 SHA512 15bfcafc8c173d2875954a43db19d15956619528a0fc356b6d36877f7434321071cf707d950767491261adc1e6403e56b3e014e3d0ffb6cef563daca00a128bd WHIRLPOOL d1dd63d00b166efb1ca9e5d8da931a47e571f5784e3b47780355553b4d0cf656885375e3fe7fc1554b6c5eb749371efeb370c7462e4fcc52c0dd85c6e2318ad8 -AUX openssl-1.0.1e-s_client-verify.patch 592 SHA256 6f540fce663eefbe68cee16ad7d8d561d6c898eeb4180c2f4a4caa7e43c6d0c9 SHA512 117b1017e1259667078d3ccdcd9fd46357c6f85cf2702794f49c612b37acdc044fe88f871dbe46fcad9ed4cd8aaaaee800dddb5286203322802efd7549a43b68 WHIRLPOOL 70a4cc36b1dcb24d7e9bcef016684fb2394977f7f20aa332ebd0aa15e3f4c16c74563d2fc0ba8d70669f6cc9a13bf8a30cdb28ebafe2d102cd2859a4e32c38d7 -AUX openssl-1.0.1f-domd.patch 639 SHA256 fca508cec7d689a037872450c9c3a975f2d7ffe364a8f123b2739c8033ce27fc SHA512 3d1d4fd24da5e3d522ec4c2d6c0e0296282fdd9c40e5438be6e3413f1c634336da3c573be1a84cb2f0e2f3db17b294dc5d17c26c4b281a5f9e6a08f1d56dbde4 WHIRLPOOL 4832a73530a8ebb25270e9cf78f826dee7fe680cbb068be899c3183d1a46f69c3cdec6c9438a664396b439d904c8ff861ddb692aa300d8f9aae80222a50e7124 -AUX openssl-1.0.1f-perl-5.18.patch 7820 SHA256 e45c6856ef35b16e150282afa59432e783943e6aee62394f8a0e79ccd469fd84 SHA512 2fcda9f76968e8a193892170b2acc06b246c5a04bda2c501fa223231af0e4b2a38afd1adaf83cce4afd4210cdfd9cae8251aeb9510f24bcb50e7aeaa9fa09364 WHIRLPOOL 38768056d2bc4cd719c88038d201f765420a7d47b5dbd73b6d86347e59b4a1fc62f5f27d6c576fb73184fcfe26917446753d871db22aeac2a205f0bd18d2bbc3 -AUX openssl-1.0.1f-revert-alpha-perl-generation.patch 3102 SHA256 6e502275b32ac0eca80f28448ae1bb88506f9135258f420fd857ea0b9b485778 SHA512 c80439da3d268e70fd492d0ca73c0a17ddb088b9330610794a338d1921ee13dad9caca4c81ca103b82a7541c8712f77e51f352ec1b1b02789d9aed291acb0cdc WHIRLPOOL cb760366c8759b1c78c5307134bb48c4fc12b1556276c2ef55455ea54725d20cb433ade966a7453f512d2feb5ae89a9798078ab535e4605366633a8e003c7ac6 -AUX openssl-1.0.1h-ipv6.patch 17788 SHA256 7adeeb88cc544f8b210efbe2baff48fccf5029b582dff7010ae70e0e1f097d7b SHA512 0f0990d4294abcb5f3e51c84080883046a054c710b57a23f99b3323727d5e9aeb5ddeb6b6c2565b4be364f7c21419c90ce5288154e404cd663678f87e0d1c259 WHIRLPOOL cfe7a2e141a4a6252ffcfe215b16dd1082bc14a757dad7eb01bb9819de41ef0ee51a4b2dbf110c27b52e483341c337bf4d1f77f4f9f3172d2fee9e348c30af7e -AUX openssl-1.0.1k-aix-soname.patch 2682 SHA256 fc2b35ea9807911288ef4d2926b686dafda6392a0dcb03783a227c61ae526ed7 SHA512 4efa571b505c2b8a19ef55b817443803977987ed226f4f15da3bd604f04a30ae2400ea5ac4ebcfde842c4e26b0c62aa7ed495ab4642d2c6f7f42cd6604c90d8e WHIRLPOOL 0cfd031610e004b2f6c118241972f1c2bc216635ff7df07cc68d2a775d640702d9581efcd92ca412ce174e027b30a025f7d410b85beb5d832f1973d52f280441 -AUX openssl-1.0.1l-CVE-2015-0286.patch 10790 SHA256 3d234f4b7bd79b7de1a6fe2f42016531732c81dcb73af45edc5b280858d32cb8 SHA512 432a9e556df26e3f0059f53556dbc088cfe7e30e2c38354e7a7879bb4db204330702ab8050b9b31b3ef48badb8f0abdbf047445b71aa0c4c96f5aeb0bf16f9df WHIRLPOOL c4834efebdca3bee769819fee40099f2d83f4282db98a96da853164dae2639adaef18fe3caf87801f52e53b47752a99fd693aab66239e30344b714119c4c1c7a -AUX openssl-1.0.1m-gethostbyname2-solaris.patch 412 SHA256 393c0b2898f14aa579c9c2e23c2b9075898276747b88c600412ff387fc1855f1 SHA512 ec2b6991bcf25e754a1712f42ccdc521682e4a5eb6be759cf1f4749f4df41daf67fcf713630122b23a4ad273c16b50bc07ddebbdafb27205e3ccd70aef747e3a WHIRLPOOL 4a5c301ba40aa08177155e1cd4488bba7b376cdb2b457046fd47d5002aaa05864911d7600d20813b8f272e5221200176b1de110c59b6947657a4f31ffc0afadf -AUX openssl-1.0.1m-ipv6.patch 19626 SHA256 335bef8cca314593a71d81d9225ec81b95fcfc4183cffb1846d6247e907b53fe SHA512 924a5d1925a8d0c62d2615a05ce76dcb83046ee02d578097eac0bf0145460d97965c974674c6340a08347261440cf0d67b8fe9b6ee8a2853774596dc7e1e1dba WHIRLPOOL 82ffe7d315dcd8f903633faad00ef03377ca9d451b9dc045b4ce51222dac3314ea17fc7a6d468115b4ebfa98ca2b7407281e7e9abe4877da123201e32fd632b3 -AUX openssl-1.0.1m-parallel-build.patch 11132 SHA256 87e9694d79ca6cc85a140e67eedf056e8d57cda45d904bc4445a52e810bba161 SHA512 4f5bde6deae9fe609f248eacb7f2d09276371a608508a3edf8032026291858767feb47d03b6233322008b40dfe5399a3bd2780186036311eae83fd417fe883fa WHIRLPOOL 22698861059f95f134ccbbddd23a39e5260015482e626a046183ffdc81948893e685da7e7d1f95dad5b9f78acc2399fa9505bfe7be87e1464dadc6c6f2eaf4ee -AUX openssl-1.0.1m-s_client-verify.patch 803 SHA256 bac4ce4d0ee9213dd63e95d8d6dcca11da6e4d4991c3005247bfdd34c3996e82 SHA512 a1b5fb62fce5ba33cb1aea889c4e726542c9d0aea701bd7ca2e9c2078746205305b64401f2e3766ba3bb49038f725c384d2d47ce19149f46cecd55b915c93cdc WHIRLPOOL ccfa8298a1fc0ba3acaf582bd80a7ca3932df197aca9cf9c9cc041fb8aa1512705faa1d8225df69a88bdaa17e2748bb686b1cfd76c630d2bd418e825988de7ca -AUX openssl-1.0.1m-x32.patch 3306 SHA256 ef4be84cb0cdf7e9d551ddd87029f4c63ed833fe5af1de996ce9d770b0482c2c SHA512 365e8898cdfbafe89e5c0fd6859019314f63e14e5989e04ff392e5a95520a61c9e580136b5abbd8f7a4734e4c999155a73d68d1ecbd3fd46efebbbdf8d5e12dc WHIRLPOOL e7d0394eff912c5fb34f075f4a7491a207479ab520109f588ce89a15ef0b233567dbb3a5691ecf961fdfc218c25f09d17d7d28e8d117dc5befae4db0e9be2018 -AUX openssl-1.0.1p-default-source.patch 861 SHA256 390b6857e76cd0513a089ff3eeed60097c3b30bec4b004bb6adbb8eaab02dc4a SHA512 cbd47ae5553ec0e683a92171cb1c2e68d7eb0cf2b1787e3fe332ca2df0aefa31a1a74d60345d5e42d00bdda439019d089560cf2f5464dfe19ff7a3d6a310d06b WHIRLPOOL d734c8776c2d4f17a562f580f676de08bf35e07b04005f1c2a6e7f2752e3a1b57f6d771195f84d7d9709bf2e669b119fe3ae37e473de192e9c10a8ffb1c8969f -AUX openssl-1.0.1p-parallel-build.patch 11063 SHA256 7644435a161d7fd6c8f13c887b7f9913abd90fef0207ec29b351c0623f978ecd SHA512 3ef5cda8516739c376a558d75eebd0722913ac0a96dcd4f799469a5c95396f6f703219fc29a77d7ff9b62d65962b8d2cd0b41507fd1ee579ec5e3a307eca0048 WHIRLPOOL c5bbaecb556e8a01ad264f1ee9249ec340f51d9e08054627bb9cb7da1cfb7a0c42075172615a4e588d5b8dd4692a917fffbee38f54c4f32ac4b648254798e404 -AUX openssl-1.0.2-CVE-2015-0209.patch 1282 SHA256 6be2b1fa0d440bc1c1b15da4a9d32811a04c3e7c701678eb8ee72454bbf87401 SHA512 db5b73c815582453d3231d49c9c24d60824e56f67a74f815818d0f90bccd485e98a98b449386aa297fa055b5fc27e2a058c03bc410478fb98051a729ac75b4db WHIRLPOOL 46ddfaff115622e2426c544e757bf882fc5069f35d169189cf277d90a5ad36c274beaf1ff89cdc593e2e5cd1593588c389262dce3bb6a166c5fd7eb908458fec -AUX openssl-1.0.2-CVE-2015-0288.patch 800 SHA256 613acdc06a22ec5cbc274cc39022b1fa1fd73e409551493bcab6d4a273983484 SHA512 4785d9c4620492c4997cbe7c83a42a9804a9e8c3d94e35dd7d3e6bd16f607a9b294b77123686f24c953e6330f96907008dccf1379648d806fa85bbdd20b81ca0 WHIRLPOOL 738831379e3c117f260306e2f39aacd51b895ed4bcb7dd0189f14a7301c09ffd4fbd882fbd05d7e71cd6c9524fc289124909e5fd2dcc23607fa4ce71ba3a0df7 -AUX openssl-1.0.2-CVE-2015-0291.patch 16069 SHA256 be4f9fa463a027e7c77396a8d3ddc1d6ad6c0bbc8b07c2f7af0738621c619710 SHA512 2ee10f21ce02f1c46ee6c446c60d4e1e3af05366769603f38c971018ce07341369db87cb050432d0501f152cabf377c03848df501694ea46ef2f6578d19cf030 WHIRLPOOL 1ea004fe43633b18c91a8cf390285c274b1c05d3bed313ccc6f9bebb92e0b313504f17d4fe41a643feedc626a8851c6e568b34b2d5bf7d62683e170f5c3e5301 -AUX openssl-1.0.2-gethostbyname2-solaris.patch 399 SHA256 16d6dfd738b958cd03aa718882d083ec4766318d8ac66361e72da9beb21471b3 SHA512 41a783e05fe8fe2cc726994c7bc11a78f5d9c9ec759460178f3917cb4c51c67876b4d84b1d8a50838f9745545d4c307110d383e9443269ec29945a8a5465f0ce WHIRLPOOL 0ab07274aee3015a64995a4e7d043744acb38bad8cca1ba4e413c671487ff6e5e8ab7df8abb549e7bf304c59016ed3bbcf85bbc8c70a839bc18e54f2f11f3b12 -AUX openssl-1.0.2-ipv6.patch 18811 SHA256 9ff3150c75f3f3e6a9773ffe54d90994cbf68cc919134aea68e09e7ed921763d SHA512 58e293f8f19a3fad08729b842dd977b73fedb0c49208d87a056bfea857c0e2b79a310d7d098c04429b65564fce64defeda6d1dcc3068ad5a80ef276db6421e54 WHIRLPOOL 36a0fffc7238011b93077bed94c9507f2ffc1cf199e6c06e94d01589cdc84a6568b9122e1a120b8262bd0a1c43f25169a29796c92a78338dd9f03b4cc2cdf0b8 -AUX openssl-1.0.2-parallel-build.patch 10661 SHA256 bc5622150a964dc2d9909f41557140b696ce1bdfa4e2b12cc3e0e51029ead32b SHA512 a4957304a4424016cd8a1c6552c422cd042d737e12f96235ec54d1e601ccbe8cb79d931ac8777d1a599bd4a70eac4e6700a24362f14fb04eb273df82f2de0d01 WHIRLPOOL 5b34e45dcb0db6649e26d275925ca008f5201afbc22184e15c5324513bc0ed40ee271a70686e10a20bb219b3c4bd2148323b317ead97cdc27a3c897c0a07d228 -AUX openssl-1.0.2-s_client-verify.patch 648 SHA256 b6ca2278dd9833f87a1d0037cb3cac8aee0f8326ff13ece1f08a536b8545eb77 SHA512 78b09ae700096205582785584a268776af46fc5bc94a0faa1ce6087ffcc945649e69269ff7fa88dedd5df1a5cdecc53e885de1e39506470f23b02028ca962104 WHIRLPOOL 8e7c90d37c1736b4b2f2c38d1c12dcfee4996a50a2a7dd07645a0c0b6616006d11232dd0f88ab735833e1c46aa171ceb5e1288c3d57296010bdda59295de7599 -AUX openssl-1.0.2a-aix-soname.patch 2704 SHA256 ae7e14131e5457160927e80207c8c319ef4893e5c93a556e732e28d79bbf0706 SHA512 9c1241191e51aff42d7dd9bfb1831a3a85de57d8549a2e3195178eaaacc61cba390850b7454ef2c95a4e6de06693becfd6e527b06ccd54fea3f9da7104d6b4de WHIRLPOOL 450c34b08902067a20b11b4f92034b2a29a9525f7f4627249fae253821fb22dbdfa70273bb9d85d3689160604f60e90ed1a9f3f9e15f9b764c90a42ad2fe8e7d -AUX openssl-1.0.2a-malloc-typo.patch 1440 SHA256 f911737f715f8af87786cc46a196b78c7d9af0fbb4af77bff178dc817ee9d9c6 SHA512 5b4c9bcd24a80bcb17e21ffdd88b1a58f1794ae6069e773483ed1595022d212ace521aef3faa90df489b549fc60c0e871d5d711859a599b6373dc67af29a0c4b WHIRLPOOL 18d3e7b1df3b15b08aaa260081d54125c9f0cdc65c77ccc0ae5c642c5752fcb58e31e905bb1fb6c73736d1dee3f22dd1a7c399df8b3f6baeb47e9dbae5d26937 -AUX openssl-1.0.2a-parallel-build.patch 9573 SHA256 db2dcdb27062923d2818f988787bb802c292053d1d8a5bf032800e658c7bd196 SHA512 eef70d7662fe1c84ea8a998b1b394900805a91ae371a99e45ea07725ac218ffd6be5b75add647724e1a6b5556884bcb4a5be31b97254fd62b63aeead7ff701e3 WHIRLPOOL cbd5822db1da8e59b604f502856586c7251aa31594eefb3cfb4c0aa6bc33587df6298a245b8f733486d7a3f053bb33ff29066725dd4430dc9f9b2c54bb5464dc -AUX openssl-1.0.2a-parallel-install-dirs.patch 2013 SHA256 eddd8a5123748052c598214487ac178e4bfa4e31ba2ec520c70d59c8c5bfa2e9 SHA512 c3b97fa318b9627bcaf4f39d1615c46322c1081cded135af5b5115beb2be74ead46084119fce5643b12c54b6851c33bfb624694ccf6f3d32060b6d56239d3674 WHIRLPOOL 59228ad2796e28edf7508a3b3bbdab36f7b678922566a1ed43a86727371c7b6b8c362431f49812e7c60a9aa72134d7fffaeb7be0efb6b5ca0f10e1c716b6a557 -AUX openssl-1.0.2a-parallel-obj-headers.patch 1359 SHA256 147c3eeaad614c044749ea527cb433eae5e2d5cad34a78c6ba61cd967bfbe01f SHA512 ac8224bc088099d72e7e6761303b8653766372bd027536951c458bd22fd0526163de22bf27675e0292a12ae7257a5c1edf26a92747e00cc139e13e1b624b4072 WHIRLPOOL 58b1de7c90ed96a077065ff6abfdeaffd98ce68cc9a2551dab7ff3d04e9b38be8d4bb94a6830f4e6c3d997747345c43f76c31f4c7b825f56fd488e85b9c6179e -AUX openssl-1.0.2a-parallel-symlinking.patch 2041 SHA256 30cb49489de5041841a74da9155cd4fabfbce33237262ba7cd23974314ae2956 SHA512 b87ab581784c285ef394b31baa1196a831a86c3b2d578704c9d8b80d68c70a8b19cfa88bd29b84578ed024135ae2d2ac4d622c91e1040074016b8fd104d6c05a WHIRLPOOL c8200ec6755efdce550afd2f59b3d5dc36324c6810b3ae7427af7130be9ba0db5857c13811f97dd6672230b9f096f81ebb4136c9589d53d25dcfe5c064355a46 -AUX openssl-1.0.2a-x32-asm.patch 1561 SHA256 8bcff04217c5ad82448e27d14f3559a157c2cad89b5fb2b6af701fff1664f86d SHA512 fbb23393e68776e9d34953f85ba3cbb285421d50f06bd297b485c7cffc8d89ca8caff6783f21038ae668b5c75056c89dc652217ac8609b5328e2c28e70ac294c WHIRLPOOL 70163beaed966de948562c3a633828846d12eda7b04526c7e33746c67af5a20ecf47e9e9e5cce33abf7444676f4b15b770204e95db75d0b91a9db13c46ff92bb -AUX openssl-1.0.2d-parallel-build.patch 9504 SHA256 deaf6f3af41874ecc6d63841ea14b8e6c71cea81d4a511a754bc90c9a993147f SHA512 9d81b0dd260c0622eefea2bd33a8b19806b372c39fa6197af1b19ce263ddcd4554dd4fc4ebc23452ffc8d0144bb7b8d4aeb19fd479b14220c08c3c53b895a88c WHIRLPOOL 4b9b7c1aa5b2c3a867dc53e417453e0cd7414510fe32b0392915601ed5e4a1ea6b5deeb082d0fdfae1e8a23f481fe7551bb29303a752a8a27c4c11d80c4a320d -AUX openssl-1.0.2e-parallel-build.patch 9620 SHA256 1200c48f8e209bce505bec23958afa4700681ee97f374064a5484623fe497269 SHA512 8aa64a78bc190a9c04f0093af2cdbcc0bed25be8c5f31c3a31e8b19954a58ba96ab05139d3ae6ecd7bc24e123536eec54fc98330167affcfd13cbd6d90626637 WHIRLPOOL 7ad5e275dce8f644deb3779900940cdbc625ecdcc984386502e1cb8dd7ead6bbd3a32fa41ae537a7ad5b2dc8308a2458ebbfcd3c05aedc4874e5d5a212677f88 -AUX openssl-1.0.2g-parallel-build.patch 9751 SHA256 a2ac3d132f77f6eaca8beabde454d373f1bfaea7a61b56cb3b5b8469293da601 SHA512 29f784f19e1a4eadd4ecdae3f5a1d4f7123db388943b7940b8917db2cb8f6debb633d5e845a45bc73b5159d0a7b6479c7c582da59e53dc063953a67f31c011bb WHIRLPOOL 60fe9c0b138e3070c519c73bdd77b7369ca3440ddc53ccaed920237b356ef1010a919babe09027f66c3d1c1c90a57ce5cce01ec3aa16b913a861615d3efa6048 -AUX openssl-1.0.2h-CVE-2016-2177.patch 8135 SHA256 e321860623758c8a98b15dfa0b4671244e2cff34b5c62a489c43437d1053ed06 SHA512 6e149213d1c4cbab06e0aedeb04562f96c1430e6e8f9b9836ff4ddd79da361db2bcfbdf83f6615369e8feaaefecfc0dc5f9cee3b56c2eeeca57233a2daf25d2c WHIRLPOOL 31ccd2931172dc4ae6052009c964e0fb063492775c87aacf94a2fe8397f198845a5bb352cd257126d85b37058ae26a86cec8b333a6d8528a941a5ff62125dc88 -AUX openssl-1.0.2h-CVE-2016-2178.patch 1111 SHA256 a418cadb3858c285c080d6c333cb03604e53aef164838ea31324b26a0e136013 SHA512 3225fff5f3e3bfff3a0acd6c294c5b3a6ce58184b6583aec7bf1e1b35cc590f59b25dfc44eda698f95e8c18553a51d36f26e4dc9af2b9a6d601ccd5d95fa9ea4 WHIRLPOOL 9b6e66f7c13d0e417176776bb49939d0e21218a5b6c3ddb2ca73e3a51b2aed4f01d9330e63ae5173ad137c475451fda0db4acd063797810a4a7e1bd9d07092aa -AUX openssl-1.0.2i-parallel-build.patch 10065 SHA256 264233dd15fb73ccb8cd8dd2b09b90ae6d1c5bf6f0b5a2013f1f682e173827f4 SHA512 2a95103d22263ca68582caccfb6860d45da20b92741824a794697eaa4e199199abc95ac8a62b821fc42aeab96098aeb89731ee535726e0a9e779dcd9bf39d12d WHIRLPOOL 95e53be866eda7458ab2289172f70517473d581d293af8d337226508440f1091a56eb2b9ae38e3167db42afb7a6e5cd1f936f5e537efd191f014ab289e34ec37 -AUX openssl-1.0.2l-interix.patch 1280 SHA256 33de0b0683f4adc9ac80c018b114a81ba68ef408954594de14e87787957d183d SHA512 f6993d0b5c8a8e7339c68055a26dde0a2606e51b90db9a71fc612d8fa11526b6fabe380b8ba6c269768327274ad7a817e821782c35c9eae8bad087b77eb1cab7 WHIRLPOOL 31fc147bb3166819b83c8bdb5b41d3661f7331093c74f49c15435ac82d2a7425a18b7070b84815bd0600320a0331cc2500217cac9983d19318bd1d14a43fe046 -AUX openssl-1.0.2l-mint.patch 963 SHA256 30c6d1ee6790a3b3f0b182cd36963f0106cafde77463d791e23966ce6d537c1a SHA512 34853097cb15d908af2219101ba4d1d7b60022e488f21588c0e4e29d63f0a60d0c116e38758dedb6feffcbbe8a791c69271bdc0851eef7d152807054daed08fd WHIRLPOOL adda8efd4c141475ace7a0c67abe59a2a890a01d0a39e82117e9c78e8096a8ebf7723bf968f5a7eb43b8f95501c2cc4c9c2c629418173caf7aa58b6ad332472d -DIST openssl-1.0.1g.tar.gz 4509047 SHA256 53cb818c3b90e507a8348f4f5eaedb05d8bfe5358aabb508b7263cc670c3e028 SHA512 66ebbad3c8ad98a07b486d39d0c3ae62b00133f8f2877cf8b97c461e7c7f40b29cf9c3cae82cf73a92dcf1daa63d33aa76c910fbcbe60158589fc7cb48f41e6d WHIRLPOOL 6bfb30d1f41b051f794e2eb80ad9116b064f6d464c22698538c4e16b85739b80744387ca160fd1a86b92814b5b1b3fc7d0658a709942b7b31b198da8cce37056 -DIST openssl-1.0.1h.tar.gz 4475692 SHA256 9d1c8a9836aa63e2c6adb684186cbd4371c9e9dcc01d6e3bb447abf2d4d3d093 SHA512 687d12ae13e364b15622f68933894050d577a4f8647bd68c7e9e86eb9d9f49cd2ebb0da3c5d3ded0a8746cf7b87e23b167b536116aa9a0402d7e7cc2ee401a92 WHIRLPOOL d453aaf24c6e2c8d9c5c76f76acfdaf8b511719fe25a4748c1681ff1d9e8a64b88249270e94900336cd110e1d7ee53a5e6d778a701967b7addb3f80c8335e5b2 -DIST openssl-1.0.1i.tar.gz 4422117 SHA256 3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7 SHA512 6cbcdcec8568236e8f20f0461f93df8a193a0ad88102ff548443e6ec87e2a7f649e314beee1e6bafda693934b4fb142244b61d14bf736828dda09e277b941d93 WHIRLPOOL 4baefe8a203243d08c2ca4dc9e1019a539135604a8ddfb09b9a7f2711108ad6ebd45eef1cfa09331f19fe57defbe7e1390f9ac2de086437a484c5819cabb5a4a -DIST openssl-1.0.1j.tar.gz 4432964 SHA256 1b60ca8789ba6f03e8ef20da2293b8dc131c39d83814e775069f02d26354edf3 SHA512 a786bb99b68d88c1de79d3c5372767f091ebeefb5abc1d4883253fd3ab5a86af53389f5ff36fdd8faa27c5fb78be8bbff406392c373358697da80d250eadebb8 WHIRLPOOL 467aa3b02d04837e3281670401985e492d15b561c03b97246e3c8e61b0d3b1927332e3a226de4ed5bd02265a04fb31ce84c3501f4af9685633d00a9b43c56978 -DIST openssl-1.0.1k.tar.gz 4434910 SHA256 8f9faeaebad088e772f4ef5e38252d472be4d878c6b3a2718c10a4fcebe7a41c SHA512 8b000fbd1bf919d9913a314f99aedd48a69f6caa4ccf43237889e73e08cbe0d82bfc27e9c7c4cade09fc459f91d6c4a831a9b3fc8bca0344fb864eadd7d1e8e8 WHIRLPOOL 5236a966d610c971e473cfc30e5412a72eef116fd259ada9c50da08bcd4ca967f80bb19babf530b4e5b9f1f24e9275e00391eb2e12a26d4544f593e2b4ba20b8 -DIST openssl-1.0.1l.tar.gz 4429979 SHA256 b2cf4d48fe5d49f240c61c9e624193a6f232b5ed0baf010681e725963c40d1d4 SHA512 27fe42f33815a3aafff75f2b9a5604c328fe5945c5cecaca74e5d2c2a1e066d64ddcc1fdb14b54fc7523cc730ab8a57d7d56b2879c289e86673f91fee0cca65e WHIRLPOOL 79f5698585c68ba647fcdfc4b342a43d06d69230658ca1bc265dd10d8da939c3e27b9a4125bd2adfbf50002b1dddef18be086dfc23a5050e69fb77350131909f -DIST openssl-1.0.1m.tar.gz 4533406 SHA256 095f0b7b09116c0c5526422088058dc7e6e000aa14d22acca6a4e2babcdfef74 SHA512 f37b60cb4449674d5c06a4056acc3d11f1c9773da6111148fa3fbf8d14362ba1ff5eb5e0c0e06c2b5c84543b2b974584617e393ca83de2230cbbe69b52975afc WHIRLPOOL c33cc05debc31d5044be4de58267e1a07281f28f9d68f4288d3da1c3cdfcff6939a47abe1f50b377272d0dbd9475ae5fec84919b0c53d37e0bd3d94c44f68c91 -DIST openssl-1.0.1o.tar.gz 4546659 SHA256 16e678c6a05f2502811e075f2c4059ac01c878d091c9c585afc49ebc541f7b13 SHA512 dc05fc6f47239330ad0c36f27049f02752bb168b7b1234b12760e42a920d41dd47d1e652dfee897b4c99729308fbb59cab80b93c8614acf498215a8b80607fbf WHIRLPOOL af7505625730ea6e59517289fcc6044b24e0826b2538463f36e876ae96ca7d591627ca09386e6a69e8234df88fec11fb9e2a098c2f6996592a0f74cecbf4af30 -DIST openssl-1.0.1p.tar.gz 4560208 SHA256 bd5ee6803165c0fb60bbecbacacf244f1f90d2aa0d71353af610c29121e9b2f1 SHA512 64e475c53a85b78de7c5aa71a22d4bb3a456142842373ebf8f22e9857cb0352b646e591b21af866933baecdbdb5ac4a22aeb64914440c53a0f30cd25914029e5 WHIRLPOOL 2a81f3b9274e3fef37a2a88e3084d8283159b3a61db08e7805879905c87a74faa85bc6e570d18525741bd5c27c34fe09eeb58b2bfe500545d0f304716e14f819 -DIST openssl-1.0.2-patches-1.0.tar.xz 11572 SHA256 374df2ca88df2ff6c0726ed4c5a36d1f212948d30071cce29446e8a6ddb61a3f SHA512 15234ade359a0acf001cf10c7a7fc05f54603a44c67831529c2a6eda03342f9ba1cf40664ac782b5b73c50b23ec5649fb48ccff2aea8f0df2ef634959c47e3e9 WHIRLPOOL fcb1aaa0aff25044e3af29b469302881ca7943c98700163c17840e4052eab8e30cf40af41ce602bfb8c0eb7c7ec0e109d6be1dba307e7b204e18e06a778f59a4 -DIST openssl-1.0.2.tar.gz 5265809 SHA256 8c48baf3babe0d505d16cfc0cf272589c66d3624264098213db0fb00034728e9 SHA512 dea46225a5445edc4986b02b99fbc90153819374b9a9bfdd892b60cd18ac7fefaf21a7e9d2bb05d0e3bfa4d2704e0ee24b06cc8e7081a542d7598cc9e73c67c5 WHIRLPOOL fe628a38125390deb75728b31427c308efbf65637a569fd1f139f6313fea533514ef05bf3d01bbdc793f77eb259400c95c53074a294d32d73576939d16f22e25 -DIST openssl-1.0.2a.tar.gz 5262089 SHA256 15b6393c20030aab02c8e2fe0243cb1d1d18062f6c095d67bca91871dc7f324a SHA512 02d228578824add52b73433d64697706e6503c2334933fe8dd6b477f59c430977012c3c34da207096229a425e1dcb6f3ae806043894b5ac98c27bbcddb794dd4 WHIRLPOOL a590c71794f5d29b80afa28b18621b7535e96b714b3690d793c1422a90b09a89cbcb912841d400c5982a8197bb02c13051190e96ba0e4d530509b48b43067cd7 -DIST openssl-1.0.2c.tar.gz 5280670 SHA256 0038ba37f35a6367c58f17a7a7f687953ef8ce4f9684bbdec63e62515ed36a83 SHA512 2a68e8b017d0d3e34e4f9d33b77abd960b3d04e418f106e852684a2ff247dc8ea390b7d6a42d130fd84d821a15e84e77b68b3677433433ef5c10d156333b9dae WHIRLPOOL c59878c3bd5e8904913b97d71a15ef1eaafcfb4eb58c691ba4fb38bf81752308d0ef4a902e53aec4c6e7585677f2404d29cdea0832d14206fabf28d744af2622 -DIST openssl-1.0.2d.tar.gz 5295447 SHA256 671c36487785628a703374c652ad2cebea45fa920ae5681515df25d9f2c9a8c8 SHA512 68a051e92aaed0e7a8b218c185427c534c32f30f50c45f5d2c1f5b7a26d1416e83863d2953c77486acde3b636a148f39faf48246d28a207607ec069f62b13d75 WHIRLPOOL e3d8f0784903c8d6aa05ada7b8b410517c99157a3c2f4ac34c8a9d80c77408bd6ff9e820ded47f6223ccac4a77413174aa625303166ec28fdbf8374a7d4659ec -DIST openssl-1.0.2e.tar.gz 5256555 SHA256 e23ccafdb75cfcde782da0151731aa2185195ac745eea3846133f2e05c0e0bff SHA512 b73f114a117ccab284cf5891dac050e3016d28e0b1fc71639442cdb42accef676115af90a12deff4bcc1f599cc0cbdeb38142cbf4570bd7d03634786ad32c95f WHIRLPOOL 8e1c1800a66f57fa78dc391e717e4b2bdf0e6e37a837c5ac033d7a4b1a6437451c7e7540c4ec2f75f936a2d2ef4f9293b42c76f51b0c9c93706639589612f196 -DIST openssl-1.0.2f.tar.gz 5258384 SHA256 932b4ee4def2b434f85435d9e3e19ca8ba99ce9a065a61524b429a9d5e9b2e9c SHA512 50abf6dc94cafd06e7fd20770808bdc675c88daa369e4f752bd584ab17f72a57357c1ca1eca3c83e6745b5a3c9c73c99dce70adaa904d73f6df4c75bc7138351 WHIRLPOOL 179e1b5ad38c50a4c8110024aa7b33c53634c39690917e3bf5c2099548430beef96132ae9f9588ff0cedd6e08bb216a8d36835baaaa04e506fb3fbaed37d31c9 -DIST openssl-1.0.2g.tar.gz 5266102 SHA256 b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33 SHA512 4d96b6c8a232203483d6e8bee81da01ba10977bfbac92f25304a36dec9ea584b7ef917bc45e097cc7dbe681d71a4570d649c22244c178393ae91fab48323f735 WHIRLPOOL aedbd82af0a550e8329a84312fae492f3bb3cb04af763fc9ef532099b2b2e61a55e4a7cfb06085f045740e2b692bbdb3ecb8bf5ca82f46325c3caf22d2317ffb -DIST openssl-1.0.2h.tar.gz 5274412 SHA256 1d4007e53aad94a5b2002fe045ee7bb0b3d98f1a47f8b2bc851dcd1c74332919 SHA512 780601f6f3f32f42b6d7bbc4c593db39a3575f9db80294a10a68b2b0bb79448d9bd529ca700b9977354cbdfc65887c76af0aa7b90d3ee421f74ab53e6f15c303 WHIRLPOOL 41b6cf0c08b547f1432dc8167a4c7835da0b6907f8932969e0a352fab8bdbb4d8f612a5bf431e415d93ff1c8238652b2ee3ce0bd935cc2f59e8ea4f40fe6b5d6 -DIST openssl-1.0.2i.tar.gz 5308232 SHA256 9287487d11c9545b6efb287cdb70535d4e9b284dd10d51441d9b9963d000de6f SHA512 41764debd5d64e4e770945f30d682e2c887d9cefb39b358c5c7f9d2cdce34393ed28d49b24e95c4639db2df01c278cbcde71bed2b03f9aafafc76766b03850e3 WHIRLPOOL ba1a4513aaa1de81e36912acfe0b6cf8e0acf7cc71d32b127b5e54eb2f6fc6ce63f4f61e9fc99fecc9e037cdccc496b9d15ea75b594b0fd8721b4478eab1f31d -DIST openssl-1.0.2j.tar.gz 5307912 SHA256 e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431 SHA512 7d6ccae4aa3ccec3a5d128da29c68401cdb1210cba6d212d55235fc3bc63d7085e2f119e2bbee7ddff6b7b5eef07c6196156791724cd2caf313a4c2fef724edd WHIRLPOOL 1f17e80bc10da2eab9d4c1c3a662b0e2b4f7e8bc448aabb44cd98a96ba3d6cd0ef6cf9a3371d44b39a4d11b1a4087c8f0d056272ace6eba5bd2417f7ab9503b7 -DIST openssl-1.0.2k.tar.gz 5309236 SHA256 6b3977c61f2aedf0f96367dcfb5c6e578cf37e7b8d913b4ecb6643c3cb88d8c0 SHA512 0d314b42352f4b1df2c40ca1094abc7e9ad684c5c35ea997efdd58204c70f22a1abcb17291820f0fff3769620a4e06906034203d31eb1a4d540df3e0db294016 WHIRLPOOL ffa3d89a078db6829f1fff21779a19c87e059600162e6d7d3114b8440ba5fa7d1a08e04594b6ed8ab47e148782de299d7ec338f2ba2d466bf7737b0749f590cd -DIST openssl-1.0.2l.tar.gz 5365054 SHA256 ce07195b659e75f4e1db43552860070061f156a98bb37b672b101ba6e3ddf30c SHA512 047d964508ad6025c79caabd8965efd2416dc026a56183d0ef4de7a0a6769ce8e0b4608a3f8393d326f6d03b26a2b067e6e0c750f35b20be190e595e8290c0e3 WHIRLPOOL fa5b303fd7007eb2b7afe0b6a7d90a6676b738bf39addc1005f15a4664e61e72f9465d5020477abcf6b3e420d46a618e44751ad9e21671c70e5dbe8cdc768bfc -DIST openssl-1.0.2m.tar.gz 5373776 SHA256 8c6ff15ec6b319b50788f42c7abc2890c08ba5a1cdcd3810eb9092deada37b0f SHA512 7619aa223ee50d0f5e270ac9090e95b2b1ba5dfc656c98f625a9a277dda472fb960a4e89a7ba300044cb401b2072b2ca6a6fcce8206d927bf373d1c981806a93 WHIRLPOOL 0fa5ab02eb3ca8507b45c408739027f8632a77183a7355f8c31bcc5fedc507222e5cc44a4aff88b22fba87b69188f90465980c4a84bad1133287442ebd136a23 -DIST openssl-1.0.2n.tar.gz 5375802 SHA256 370babb75f278c39e0c50e8c4e7493bc0f18db6867478341a832a982fd15a8fe SHA512 144bf0d6aa27b4af01df0b7b734c39962649e1711554247d42e05e14d8945742b18745aefdba162e2dfc762b941fd7d3b2d5dc6a781ae4ba10a6f5a3cadb0687 WHIRLPOOL a0034add5bb37616389fe1a1cca90622fadf1cc3e648e574dce0010d7a38a84e07d705cbc0fcbd28fd7c120c4852e9f5a419f42a6a55b33a06e2591bc1697d03 -DIST openssl-c_rehash.sh.1.7 4167 SHA256 4999ee79892f52bd6a4a7baba9fac62262454d573bbffd72685d3aae9e48cee0 SHA512 55e8c2e827750a4f375cb83c86bfe2d166c01ffa5d7e9b16657b72b38b747c8985dd2c98f854c911dfbbee2ff3e92aff39fdf089d979b2e3534b7685ee8b80da WHIRLPOOL c88f06a3b8651f76b6289552cccceb64e13f6697c5f0ce3ff114c781ce1c218912b8ee308af9d087cd76a9600fdacda1953175bff07d7d3eb21b0c0b7f4f1ce1 -EBUILD openssl-1.0.1g-r1.ebuild 11170 SHA256 6a84cbdfe9dfe8dc9ec263a5e5b50a8d0c3fc282e849673502565d3e184bc030 SHA512 b4b5d14dfb0f231d039814fc88edaf5cd2d9ec6b5a1d3fbefacf65602c5414a3319e5e02c108cb815c7210de8d3151f6741909caba8256e9441050fcd0607bba WHIRLPOOL 8010ac052bb298bee061b50987a432ee341ad7fa0eb3601c497e3b399ad6712be3c0f0f1605a2a8bff44dbe732ce063cee6d4bfdfae9f980308919e9bc0d7d6c -EBUILD openssl-1.0.1g.ebuild 10756 SHA256 9191ccb65b3c9cc0f60d364c592bf9d27ea557e3e034c304383c0f6453ed7e16 SHA512 e0923143504487ad5376c76fa4526b5e1f25cdeefcf11e38e945263e61ec9b85276a4dd397d70719a05fcdf797600ed3e1739de1a5a14880587c85b7de2fb75c WHIRLPOOL aea760e43b9e4f5437fd3cfdbd2ea4e708c976246e505bd5142747eac170270f3a9f95f237d32a681ec7e2fb124b010fa623bc412de447a75185d6ed72efff0a -EBUILD openssl-1.0.1h-r2.ebuild 11106 SHA256 72ce4df43b85f5b14f84aa0d73b9d4ae5a7bf13a4ab9c43a7a5680d2d2e229da SHA512 5c47e10510a04b465ceb4c204225039f0bfba18ec8fc254dc29009b40dc3d7f0b08b9b39761629ef96e1c880face49fc428e97757f0234efc7a360dd259ade9f WHIRLPOOL 4390170f558fdf3ccc930beda81b9682540fd8255ec64111533bb5115a467ad43015739ac5552e7170b722a647a8b21fd47cef097bd766857d9443c9f7c473bc -EBUILD openssl-1.0.1i.ebuild 11096 SHA256 747b6e3d483fd9d92062db05a94f53b902b4a46e45909ad62bb74284adf4ed79 SHA512 6753ace58d29ec21228c5c1c8f6e9df4142a0c78558532cc789ce8ed9e1510ff4d89f4ae78ec183673e9a1c80c28d0d40653e45bcd133ffd6129d40eb7ede7d8 WHIRLPOOL 41c9b6e64c8336c1cd9dd7281b0a298269e9426fc1832eea11c34f27a76ea82bc136f8fe5c2b0d6b3e54dacde5218e1fafa77ebdc5b2b9e460c4a4edca7fa404 -EBUILD openssl-1.0.1j.ebuild 11131 SHA256 8815099cb41f63015266b28d572511dede3b6eb1b33883e663819bb7582ac009 SHA512 bb798d2dc1b7f749bd2d2ab3807767740d5185a2ad37eb985e738cac82c7407f13758ec5452b8d9428883dd7c390ad1b1c79d8e1a5926a01df1e602b59f663f6 WHIRLPOOL e82a72ecde357abd3931d3a0889828c9df2dbe434073e07d5168f792ccc4b85f5a94bb5751d0440d086b78cb1b2ff3ca5a7b36ef217d5797253e138edb4a42c6 -EBUILD openssl-1.0.1k.ebuild 11347 SHA256 1ae232d5d766080adb51f23d9c2f8dd6f8f013ad99b2c8455701e8a546913b0f SHA512 af39e5d8966016e55800348b3c740c9c0978edae6353cc6f26f4fbe5f77e65786fe756d5a8df32f1d69a6f108c826b6e46a502ced499506ab5f002779b3199e8 WHIRLPOOL 97bed5eb9efe42c5a915e127d246a0142beeac4146744e08fae28697583ea0cd65c9ef41a99cfda4de760e04b46f3c2184ef1ba3df60890e6e9bf29a857f516c -EBUILD openssl-1.0.1l-r1.ebuild 11376 SHA256 57f3f85e093268f924d3b83dbfcf5af212a9d1f7662547a08f003ec626d3f447 SHA512 2ccacbe60b4cbca37d8f8f46c48496f708cffbb26771b4d67dba159d2b47c4d08088278725bcd809b044b27eea6315f3db1ae3fbb0d6028af70d016b6738fd4d WHIRLPOOL 4dea9c196b338fc5b0c5e5207798b67a98a816d4a44a738357e2b9351aec039ddf368a3eddc01704bf581deec893230a1308fa2dd2952b5eaaa68f29b41d515c -EBUILD openssl-1.0.1m.ebuild 11325 SHA256 222d82742545e27b7a832441c79301e8fae9fcb952033e1cb97f1e447f0a3d49 SHA512 8a94df547e672a346f1985345673be9fb0b5a45b4028ac8f6467f6fa8e228b65203c0bfbbbba6f28ce24a8ae43a04543b8dd32a2a30710ce8ae7371400c7c063 WHIRLPOOL 5965d4f72f36f1de341d91e8090030dc1d3ea6e23c5d4adeb08c3168a3f7c84015f2e267d1469e4fa44392182893da533513183df1523a6a539692179d02cacc -EBUILD openssl-1.0.1o.ebuild 11258 SHA256 9678a99a39e57dcbbdb8764f0629b2be0d4127e430605e9e6c26569c4d7cc788 SHA512 d26ebe702762e0c7b7ecaca6c924b175009304d4678cbbb2a6dbb70d8073b5ee55464607af278cede1fc6f7b4284d5bad9fbe1e0c7254de1e2670f5a0e0a7c67 WHIRLPOOL fc7eeebef12baac47bc72b0fb41deeb052ca05f4087a28fc4d6a287aca6462b648c5bfd867f86516569cb9ab2d7c7208b021bb565d1399a6b10f60c2db9fdc31 -EBUILD openssl-1.0.1p.ebuild 11323 SHA256 d0bbd83dbffbbd88c4f9355861f648c9b85dbee96cc322ec737ff61831dbe833 SHA512 d570059e7cd4af14fd4c101d1a166b6d45fbb0f2fdaef54acf21f15c61057c6838e466a521f0057b50fc3837fd0853766f7bb21fef99e9528ece4c455bf59d8d WHIRLPOOL 8927c7a8256dd057e008173e338f3208046a73f1d3baaa3c23ac18d5e35fa99bbba65619be700889972e1c94293b6c8f6e843bcd2b409d7fac44d99cd5f685c6 -EBUILD openssl-1.0.2-r3.ebuild 11986 SHA256 a477d3fa88724a421e77b76032ecb0a263093dc606dbe9bd99a3929e85457b85 SHA512 d5ca2a515dbafb2cb5f8de5f3fbb934a3738749b77b756b947e160f1b85017d2e97053cc37e66b227a702fd859c1b1a0a6628a8ea48a96ed88dbabacfa3c4f44 WHIRLPOOL ae18b29066f3f9e542fefa65b70bfc25775761c857d8795711cff051e0038236b48c5b950ce9c861b81f9a433b031596f0efa73eb10b0786037b6efba4f9abd6 -EBUILD openssl-1.0.2a.ebuild 12108 SHA256 43795c4c0a306be531eb59aa8d0b7c141ee55caaf8e487cb052603484b0f8c35 SHA512 3dad61c1ae867904ea54a0c6cbc277b926fb126e2a2f5fadbc5d5c793aad8e3132054cfbf2eb6ffdc5a7489b86a67ca86602403e22c2bc5865fe13edc3ddf2b1 WHIRLPOOL df8b969994915b4a43e36c108af3ea10fc1d1a934a9b7d1473ebfc848e5d0920bb12e9ac8166ba719009bccee28cd1d458f6baf4899d01726552817530d62947 -EBUILD openssl-1.0.2c.ebuild 11989 SHA256 d77a744c916a86904304fa1aea50982e873f40207f4c8ff870a181dca12151c2 SHA512 b8403ad868d1c5039c1aaa3164166ae778cbfa7678ef9398fdf1aaa9f4732e38df6b976db804be8245df1d4666613a59d37dfca276801ec4da24b56bef5a4728 WHIRLPOOL 5b60907a86f481fba88dc545b8e58c57b77c3b0fee319e45fd66c31566994f79d29667de5f1a0772a9487bd1e27bb56935772a6572b940e16ad401194188b2f6 -EBUILD openssl-1.0.2d-r2.ebuild 11522 SHA256 7d83a6a63fdd1c7954761a4cf32c50c3bf084573cc0306e8a08ac52c4d8225ed SHA512 8a60f109b959dc53f3fda577ae8d843013d7f3ddf5c78040956528cb1587fee477eec7c4148b76177e6dc12179e7083f93c497b5095762da9682090bbac84e60 WHIRLPOOL df5cccaf0c7892e48089eb90b52af3d061f76a69e3e9d8d8e516f0ed64bac7ce7b1036c16fedaeddcf585e8bf5bebe8f2224cae02a9c8b56a9fbff306a69dd10 -EBUILD openssl-1.0.2d.ebuild 12045 SHA256 4897afa0324b2936494469018dccc4ead8a31b7b2b9507b3f806b6e1c3f8c894 SHA512 27f39dc47956df4decfb2df6890008cfba0d7fb42bae420054eb783d0d0755e361b436488db318aa38f725d0b6950899767aa3ccf72675af1556050d81e70c34 WHIRLPOOL b8da8179bb73c160958af8e059248971bf5e717b5e5980838f47b4f662bfc1cb019758ecba48633958089d6328ffac304bdc9735fcddf2d0fae7de36c56dea3f -EBUILD openssl-1.0.2e.ebuild 11509 SHA256 e0de8de0ee0e4ce710e6cd44330fb37520b420a58e668d85cfe13c49e92e8fef SHA512 ac64e9cb114c543c04a36030f04b525ad4fbea51fa914a0d04c085fcde70711b9b61bfd886d542d4608e3bf28351615fef4d9affa5d75c8a3e3396b74d77cb8f WHIRLPOOL fbdb28cb30d63041de835c3a4e92fffdf05bf22e3179b0c8f667ca226fe2a2f0951818804e4bee95f58c03b77e6b51ec50d7d5c3f30399a8686ad1e5bb3136bf -EBUILD openssl-1.0.2f.ebuild 11441 SHA256 cdeaea9a3532c6dbef93b9294b2ebd9709647a9a45240900d93d29104cc2caf9 SHA512 134f1a9ea53477e32377ed31f1bbabab2d53e8aeb8846823d49bf841ce3b1144933a77caee3aef1c469bd38d8b7a58c70fb807f879cdcbe51f3d6242d1a720e6 WHIRLPOOL f3d4a1b7ccc030db57efbd73b6681c1e2f460c634caff04d6f9d82d1ee7fcd5a5eb9eeb19818482d2c4c671f1920dd58ad6f222568d3be7515b90fe02e885845 -EBUILD openssl-1.0.2g-r2.ebuild 11282 SHA256 5bafec9f441d75755169c26af627c0fc64b3f019f85fe872a0f1a22fa4f904c0 SHA512 aff7572e092afe00fc8a48bda32fe7ea8d9d2ef39922e3b16e3310534462b99a0203a9c2e006a3edd846e5d44af39ab1cd15f3599e57c714709229fbb856f5fc WHIRLPOOL 15feeeb2977ca3b11fdee6e19acb1edd12d9de556a01538032d690f1e3402ea2a6ba9131b78a8d51140992753309a213b3401a0aae48f1e1655c224dbe21611f -EBUILD openssl-1.0.2h-r2.ebuild 11022 SHA256 53cf3969bd5d327d56b395358f69669b7d5fe551ffa242a868bc4cec8fc694c7 SHA512 173db88050558d2a06da0452cdde48648d6457741d11ebd5023565bcd816f0303d8578846c07a5c30cff06e044b9061b39a7b49e5c03502fdaf036651aea4af0 WHIRLPOOL abae78aca4cf13f27be4783cbd64b135c95ef8805217bc4661e35aa18183ad64ea0971e7006fbe5a2c66b6b2b717fdb3af1293ecb264f100984ff37f912117bf -EBUILD openssl-1.0.2h.ebuild 11282 SHA256 5bafec9f441d75755169c26af627c0fc64b3f019f85fe872a0f1a22fa4f904c0 SHA512 aff7572e092afe00fc8a48bda32fe7ea8d9d2ef39922e3b16e3310534462b99a0203a9c2e006a3edd846e5d44af39ab1cd15f3599e57c714709229fbb856f5fc WHIRLPOOL 15feeeb2977ca3b11fdee6e19acb1edd12d9de556a01538032d690f1e3402ea2a6ba9131b78a8d51140992753309a213b3401a0aae48f1e1655c224dbe21611f -EBUILD openssl-1.0.2i.ebuild 10852 SHA256 0247caa6790f8ce46c93b1c5cae83d8bc8f39c1aaeb3d5b1fb12d3431b8f64d1 SHA512 c815ce886f3d43efca825d6204db45757051b8e7f3772bff7e927c7648e3c7b9ef707961597f469ba6ae7c45743558be2538abf5b9b1a6d9081b9438e118c0fc WHIRLPOOL dc5964d8c3cbb9aadd160f5d73ba7787a6e8e18c51df6d38e3ba710e955b16b3fe5526d48513283371b8239a94e56a3254021c4091462c68a0be2de3a7cb30db -EBUILD openssl-1.0.2j.ebuild 10843 SHA256 1b3334a4cb00e35916db9119135dfbea28a78a346670d731c277bf7b4e6d46e2 SHA512 870966e83975020f9e106ae8a340e8efa4504c270367df43d8dd5852c579b5226d6935149d81d8035c149df5885657e003bf8fa836087a09ea0256896fbfb2a3 WHIRLPOOL 3dc35d4acd7aa5060ef1aef9cee1629fd7d560a924234a3a4468f60ab1c5ad560fafeecbe6908eb3a738b573af8287ff980897d3e687552ea5a78041102ae010 -EBUILD openssl-1.0.2k.ebuild 11463 SHA256 77edf2fbae68b7eac42d4968877ca6a64d111216eceb6a44ba506c4d26a7af49 SHA512 244e8bb18be564ea9da1e4eadd5314a71ce33cc6fa74b9eac2290f4e583b6a8412213adcf4dfd6bb1fc7e4017b3c9fa9fdced3d6a1d378ad3d7e0449318acdcd WHIRLPOOL 5dfc188678ca70d2731a5e738c0708a09257870b1ae5cb90e0a84abc8b384e44ef1e249603ca4a62792768ae659542e4d695b4f77377f493f384ea3b0dca4c3c -EBUILD openssl-1.0.2l.ebuild 11467 SHA256 d61eaeeda9b5c91c6e9ccbf78d022de739e9c04f2e0406f09b3d7e1e3f9eed05 SHA512 a094971697d7a91ebe711d6799986d4e7bbb6486806ef685cf557ba6cf9d70ca9cac4b9b324e31a12d3f73fee854acde02dbac8dff1b18bbe341bb6b351765ea WHIRLPOOL d2004aca9f7b1133b61d8ff5c7903a9ccd8dbf43bfc449074dab59b51c7513ac393e343c4bd10153aebb2cc41460abd87cbdfd548db4247e5039f0337bc95946 -EBUILD openssl-1.0.2m.ebuild 11468 SHA256 d63cb77348be42b74974ab2126b15369f642b827479d3d498474347c3cce8940 SHA512 9fd50557c4bf454b3d30c8bdba037a7c5135e4ee26e1bc8f44aab89486f9680daffc406423f2aaa0e656b5bb8a0906571f0744d05dc308c42bbae2da60ada495 WHIRLPOOL 16a460c8dfd58cc64b6f8d1b714be32157ef3a02b24e1aed558bfa21cfc49eaec141d552c0253a6eea6250e63c6ab24a3f9262fba6c2afc4d311f5a7d9a13621 -EBUILD openssl-1.0.2n.ebuild 11156 SHA256 ba832f5aa893f2e41301d55eed1425007cba7a62acdaba2f2fac74a28f3a6e21 SHA512 ea744957dc5a622a3824ac16878df0d89689685698a4c970dff7ed8278aa5941618590fe0a3e49fea3dfe12772e6369738c59fc13341af053fcd019874c93062 WHIRLPOOL 107763fa44987716819d0df433636a4a9ed2d391fc82f1d16e263ee7eec9cf3145b16c887381140a72ce613e553c64c58fe6d99448b2adfea6fdd9dedab6d048 +AUX gentoo.config-1.0.1 4999 BLAKE2B 036d6821c1d4200767ffcd207626fc78bf9c9ff5590fe6368d6bb722aa428bd44cec734fafea38203293872083236ddc64ba720597c8daf3d26c3ada3e878577 SHA512 bc39bbb6c30721631941851f23cc633c16b90031511bc212d1f9f978beba3592098f3de1b63f0c272ba0d519d185ec7e0546388ebf6be9f43f4d93c243c5710d +AUX gentoo.config-1.0.2 5162 BLAKE2B 72f91f78fd8581021147a29eb5ae4d929511c34a9afd4cfb6e17fbaa0955e8112a0b8e4dc192e8bf8dccf509124b97a0a5181143053963d426b928d33306ad26 SHA512 e352c2c52cf5a7c757bf6b88e025b22a3d75c267a5d70d76f1c510d6751977790894fecaf2f4fa2dde3ae37980e7292ac66e460c28e353aa6a8b496b6535fd48 +AUX openssl-0.9.8g-engines-installnames.patch 529 BLAKE2B 856cf2c5a82fd24f41075790237f4627ec7c10f9cf4b369fda1f2af9e0568dbff7573f46ec3d4cc937c9fc688474566751b748c227c1cd04e192f837b26dd4cd SHA512 3a843dbd90aefe28a7ef0c68bf685aa9136f01565014b4e07ad8e51632d84bd5918efc8f5d13e0e99bf0e8ff06f13f59d7cb04c45f2ac790fd48f60221774fdc +AUX openssl-0.9.8k-winnt.patch 4055 BLAKE2B 6885558a83b2523cdb6cf68f275c22ccf69ccfa48c217a5da16016f9d08c1f653460a2f5b2c5431b8f16cd236a2d24550136ae827f3bf369b120a3d455849488 SHA512 ba7cb57e085aeb3ca4542c4f1d46db26d4e5a151312a01af0a03a46248686146714d57d8d6377f4d910b4b67a3dd1e5806559b86581a23a0a14fe9169d7c5c06 +AUX openssl-0.9.8l-aixso.patch 1298 BLAKE2B be563c7b5c231ebdabae4ed766945e7c9dc47fcc5019c88b7b5a01c5c6e489db1b4bb37bcbb8f19f721ba31ad9464b1af34f1a75651641763fd0e3c804f1acc5 SHA512 e8a1c9dc913950b1e93c815680290c2feba594a95e8ea511815dfda5f9179d66eaf192df018d4585cab3a963b146d0353f223983f67daeaeb830d18cf0b57bf4 +AUX openssl-1.0.0a-interix.patch 1223 BLAKE2B 135609ee2db4906312fedd446eceaccb420f8d4dab6332ccc1bd762aeff21988ffc9ae07e187968939426f582026fa547163ee461971d9e458934a70996fc873 SHA512 b035bc0fbaff529c4fb679399e412c022314bc85f481c3751fe2c1b12b2fefee4977be3901f920a517a9a92389caa513b122d2a3c1faf3ac5173bbbd580ed478 +AUX openssl-1.0.0a-ldflags.patch 1095 BLAKE2B 505148de509219e062c519365e48fb05bdd8592201be0577357010b2029e6a8152d3971eb1b19826bd3dea2b3940e3385eac7f4cd6f83396ac8bdf095445c991 SHA512 80c3677313a6268fdc2eb7b556dc081f1047694cf932a8669820923952bf0e3002da4cd92d6a335b44f8a6ece7d88319c15e9c0171118bfc03ff7a9b718726d8 +AUX openssl-1.0.0a-mint.patch 903 BLAKE2B 7ee855f755c630384e777c2d7dd916a4b1bc529e38d748c98359b783416c87e20c957f09142144435cb9b2506c9d158eeab4e040be8f3f67b09a0421f32872ca SHA512 559149c296123923d5022309de54012f2c4e81845e0dc0233d85c33a5f3285ad32ff1c214dff68b56b9cfc95b5b2933cc9522311e443977d95edd244649c0b27 +AUX openssl-1.0.0b-darwin-bundle-compile-fix.patch 1714 BLAKE2B 3ec6a0554561d470f9d601c965678ca86922e7801207ccd4de5a5ae05dea5b625118cf5581f52bcd0479ed2925dec1e7d6f5f7b22365a567115792935eadb94c SHA512 15b54339efde966b8420fabcd23f9a48f3fb057bd4479284ce2301aefb59bae900d41959fd9b937fa380c307a8e7b4c9c90d13fac96a3a53e253a7cfb782d639 +AUX openssl-1.0.0d-windres.patch 2912 BLAKE2B e3a3d6f15399aa9e55ee2f64c914b5edd6367fcd744a132af18cb8a4613c00c4ad0931eb392b6baa4d030e6572e0d97d009db404923c8b6be15f404e58f9e35c SHA512 d7a0238edea29aac7d20dca0778c67f8ae4dc0da190e5277e1b3519ae536f2c44533ac5dc1cbcd138bc4277ad669b13fca316bd962f26e2cb387f2ad3fd0111b +AUX openssl-1.0.0h-pkg-config.patch 1363 BLAKE2B 089117b3b4fa393dee7ddf13d747ae86e0b8479d9e87176f7146a567a51b0073005ff91099c91afabf5d772a960393fcd54b2d68ba3852a23fe695713878dd7a SHA512 c2f7a68c96098bd742235a40f27d6b1e5a0ebece53ca32dd0be74b85210479064efa1d5dc76e457b786067185768492fab2ed53762a22c511c2a2e3d43ed137b +AUX openssl-1.0.1-gethostbyname2-solaris.patch 426 BLAKE2B f56662ebfea4cb0c34fab844bc6a21e38d25b24c538f0026a6eb38cbc1c4682a5833299d1f385f49050eeb548ffb38419ae0f8da6436aa9e19b268ccb287aaf8 SHA512 db9459677dac6482daa84f7784a81ecf87d68f2051034630979b0206c2a1b4844126742ac20137952d39b68a7509397fd55b05099a4e0efba51f53f54e431101 +AUX openssl-1.0.1-parallel-build.patch 10614 BLAKE2B 66c3a8a995bd2768d203ffd189cd2696850a32a62bdc5e3f8611f5b7c37d410977db5fb1d3f1b142b06530151ae0ff927a434041bc7edcd42b15c5767e2d39ae SHA512 439015b3b007adfbab047a1e3e12a9700030779a593bba1a30e9554c7c02eb1cffe9acb089546954e87163847cf86b13130abf9646eb5d00a2ff725b534f84d5 +AUX openssl-1.0.1-x32.patch 3273 BLAKE2B 09a7711165a30624fb592eb021cbfa9558593186ea942aaa40bfbd4f2250a557555ef200985691eeb028a0ce1942a38c213e6078bb4bdc99d3d05888c8eee530 SHA512 6bed57fe2fbe2d0ced1279b53804d94426a679d5d6b80ad7d0ed18523a7fda397e02038032c08cdd4e6034f9ff6e82cad365ff2a724d49d91467cf2b77f47752 +AUX openssl-1.0.1e-ipv6.patch 18596 BLAKE2B 6b820c82bbec0eaba5c2cd91943ff3b75a18feb5cbd631e64ffb5168ddf465923adef6a9eb5d39dcfe152915ea7169d882967cd31996194f1d497f38a696ee25 SHA512 15bfcafc8c173d2875954a43db19d15956619528a0fc356b6d36877f7434321071cf707d950767491261adc1e6403e56b3e014e3d0ffb6cef563daca00a128bd +AUX openssl-1.0.1e-s_client-verify.patch 592 BLAKE2B 9a95da7b1f1209693669f220c9a37e1159b8fbf2f4baadc1bc07eea5f4fdd7ace71b3c7e3269208875c438bb0cd5308b3cd3b4e45546851da12fe9b5c10a3048 SHA512 117b1017e1259667078d3ccdcd9fd46357c6f85cf2702794f49c612b37acdc044fe88f871dbe46fcad9ed4cd8aaaaee800dddb5286203322802efd7549a43b68 +AUX openssl-1.0.1f-domd.patch 639 BLAKE2B a8feda575597cd77bcc4928cf65e01b9362617a2d832e0e47dd3642c34f785d56f3c7d4008627ac07485b24d216815fb32cd2d232dcef40b506cc375ce94ad4e SHA512 3d1d4fd24da5e3d522ec4c2d6c0e0296282fdd9c40e5438be6e3413f1c634336da3c573be1a84cb2f0e2f3db17b294dc5d17c26c4b281a5f9e6a08f1d56dbde4 +AUX openssl-1.0.1f-perl-5.18.patch 7820 BLAKE2B eb8dff1700660257e2eb448af9f5d7508a7ec3a4cef123360417b380f3624e9242fd97d56cf251f50727b261046c377f81b3f22acf939a833d3469ea388b799a SHA512 2fcda9f76968e8a193892170b2acc06b246c5a04bda2c501fa223231af0e4b2a38afd1adaf83cce4afd4210cdfd9cae8251aeb9510f24bcb50e7aeaa9fa09364 +AUX openssl-1.0.1f-revert-alpha-perl-generation.patch 3102 BLAKE2B 296cb56c0e4eda07e7ff683b2d6251a3b03416ff5a9596ec713495dfac515fe1f43c9340d31a4729453f7b03bcb9ab60d9356e18bf21945f2c59ccd62b19d77c SHA512 c80439da3d268e70fd492d0ca73c0a17ddb088b9330610794a338d1921ee13dad9caca4c81ca103b82a7541c8712f77e51f352ec1b1b02789d9aed291acb0cdc +AUX openssl-1.0.1h-ipv6.patch 17788 BLAKE2B 5561c4755b11e31423866919c116293e3be2a838d14b581a11e372d6f0408356f2b616099eb30de11e2d51f214bb2a5391792d68b7782871e35e6f69c65cd2a3 SHA512 0f0990d4294abcb5f3e51c84080883046a054c710b57a23f99b3323727d5e9aeb5ddeb6b6c2565b4be364f7c21419c90ce5288154e404cd663678f87e0d1c259 +AUX openssl-1.0.1k-aix-soname.patch 2682 BLAKE2B e3707238e467478f1c124dfb152a32e883f4d5bd75e54c797b9dc1250b8711f1c7d3afef204cadf484b2ba590c260763e19edcdeb30ee2d7e2a5b311e955c86a SHA512 4efa571b505c2b8a19ef55b817443803977987ed226f4f15da3bd604f04a30ae2400ea5ac4ebcfde842c4e26b0c62aa7ed495ab4642d2c6f7f42cd6604c90d8e +AUX openssl-1.0.1l-CVE-2015-0286.patch 10790 BLAKE2B 79ffb071a9d83f3b666ed8c57342b6dc54d0c88a6ae3d1aeff1a433d964cdfd186eb8fd041fc729cb61b573cf62160be999d1c8099c090fad42f47b8b98bc18c SHA512 432a9e556df26e3f0059f53556dbc088cfe7e30e2c38354e7a7879bb4db204330702ab8050b9b31b3ef48badb8f0abdbf047445b71aa0c4c96f5aeb0bf16f9df +AUX openssl-1.0.1m-gethostbyname2-solaris.patch 412 BLAKE2B adc25b1968e2ee4575c271f16c7bd623f98feed840c5029e95ebc7cb78b2528374c51a6124f1686482df17cb1e3b733956a6ac71fd9f49f90d80172f9e397cc6 SHA512 ec2b6991bcf25e754a1712f42ccdc521682e4a5eb6be759cf1f4749f4df41daf67fcf713630122b23a4ad273c16b50bc07ddebbdafb27205e3ccd70aef747e3a +AUX openssl-1.0.1m-ipv6.patch 19626 BLAKE2B 16e3a82e6c3ff30658848b4640aba32dcc714e6f2e64675a15490acb1dd9236ca8792d2b43e0076e350aecb8c2c98ed19a3f8374c85738cf706eebcd7adcf6d8 SHA512 924a5d1925a8d0c62d2615a05ce76dcb83046ee02d578097eac0bf0145460d97965c974674c6340a08347261440cf0d67b8fe9b6ee8a2853774596dc7e1e1dba +AUX openssl-1.0.1m-parallel-build.patch 11132 BLAKE2B bf9a193f4072f190d022b585cb384b88743fe3a6c8b62f337bb3a4828482da8b18d7b9d8c473449706b6e25865530c0c613e57b268fb7455d938e02e8a63e4c5 SHA512 4f5bde6deae9fe609f248eacb7f2d09276371a608508a3edf8032026291858767feb47d03b6233322008b40dfe5399a3bd2780186036311eae83fd417fe883fa +AUX openssl-1.0.1m-s_client-verify.patch 803 BLAKE2B 53be97a4d1fbd96de6ba3f5c0f7940d681b3f84cb861ce947e6777fbb3eee7fce8b99cd251cc44ea79d7342ca8e590929d962203380a980bad023396fd34983e SHA512 a1b5fb62fce5ba33cb1aea889c4e726542c9d0aea701bd7ca2e9c2078746205305b64401f2e3766ba3bb49038f725c384d2d47ce19149f46cecd55b915c93cdc +AUX openssl-1.0.1m-x32.patch 3306 BLAKE2B c90619daf21192a9f210bc5c1b8b632c1c5dbfaa4cfbb1fb3800844aaf8c42459bce1f9a8b3639175a77af7ee2ebf4ed59e388f98069e3b98bc13c08185220c8 SHA512 365e8898cdfbafe89e5c0fd6859019314f63e14e5989e04ff392e5a95520a61c9e580136b5abbd8f7a4734e4c999155a73d68d1ecbd3fd46efebbbdf8d5e12dc +AUX openssl-1.0.1p-default-source.patch 861 BLAKE2B fbe909dbe7b202f36541b541033f6883c12d78dc43e496ac61785ae11497f34665db57069c95fce0b8cad6d10f34affabcc8ec6dbbeeea421b7e45aa6e1020da SHA512 cbd47ae5553ec0e683a92171cb1c2e68d7eb0cf2b1787e3fe332ca2df0aefa31a1a74d60345d5e42d00bdda439019d089560cf2f5464dfe19ff7a3d6a310d06b +AUX openssl-1.0.1p-parallel-build.patch 11063 BLAKE2B 7890e11bfc8a62341aba215af37c03ff7518962ea837fdf002e80462ed8f799823bfa9f52aec0a645f26587e45136477c1e3ee231a8b94e989f90b89a9a30474 SHA512 3ef5cda8516739c376a558d75eebd0722913ac0a96dcd4f799469a5c95396f6f703219fc29a77d7ff9b62d65962b8d2cd0b41507fd1ee579ec5e3a307eca0048 +AUX openssl-1.0.2-CVE-2015-0209.patch 1282 BLAKE2B 991fe0a8aebf0a4b0944ea764e0e89e296c20e40ff4f3e33b0afec133ca8675e0886a404fa9a39c99b5d9d2a47ea05f1b087f2617cfa65e843dee2b2ccd502eb SHA512 db5b73c815582453d3231d49c9c24d60824e56f67a74f815818d0f90bccd485e98a98b449386aa297fa055b5fc27e2a058c03bc410478fb98051a729ac75b4db +AUX openssl-1.0.2-CVE-2015-0288.patch 800 BLAKE2B 7da0730550056a770627553694a56cc9a9d6d97f0273f6a64e97100a13b90602570e447b32b7e351cce450642e4a621a3fbe14be4138edc00a60f6f74c0fddee SHA512 4785d9c4620492c4997cbe7c83a42a9804a9e8c3d94e35dd7d3e6bd16f607a9b294b77123686f24c953e6330f96907008dccf1379648d806fa85bbdd20b81ca0 +AUX openssl-1.0.2-CVE-2015-0291.patch 16069 BLAKE2B 481066097758c78c99ef2a504a0f0ea9c3598a12fd7d51fbbf7465a1b807165420d4966ba1f5a8c3d3b7e042a2fabf6b534b1ce1541033866ef060c67b481c78 SHA512 2ee10f21ce02f1c46ee6c446c60d4e1e3af05366769603f38c971018ce07341369db87cb050432d0501f152cabf377c03848df501694ea46ef2f6578d19cf030 +AUX openssl-1.0.2-gethostbyname2-solaris.patch 399 BLAKE2B 204d00250c041db8d0ef5d3384afc42acb000c730baf33a0cbf2fda117a5ac22caebfc39afebe82a889a22410f11e0b0b2a86f2b057447262c7d453ccb2c9e90 SHA512 41a783e05fe8fe2cc726994c7bc11a78f5d9c9ec759460178f3917cb4c51c67876b4d84b1d8a50838f9745545d4c307110d383e9443269ec29945a8a5465f0ce +AUX openssl-1.0.2-ipv6.patch 18811 BLAKE2B 56036b62751ddc9ce9e73546a56fc68ed2f97ffad94ed6a983e044f16828e8bb7bac9795852694bbc2f0990449292d2e7de7d8a43e506a493a8d39476980c917 SHA512 58e293f8f19a3fad08729b842dd977b73fedb0c49208d87a056bfea857c0e2b79a310d7d098c04429b65564fce64defeda6d1dcc3068ad5a80ef276db6421e54 +AUX openssl-1.0.2-parallel-build.patch 10661 BLAKE2B 30e3ed669913b4ed532de6cef86a3ee9675d9eb447a52a45e42505617d9c8bd932d79756adbb5d58b5f0a03d217f9ae4e0e7727919ad0a23846bdf314c9e5b88 SHA512 a4957304a4424016cd8a1c6552c422cd042d737e12f96235ec54d1e601ccbe8cb79d931ac8777d1a599bd4a70eac4e6700a24362f14fb04eb273df82f2de0d01 +AUX openssl-1.0.2-s_client-verify.patch 648 BLAKE2B 14c71d8f95d505bafaf2e041e6678f160da574c3559a71478f5e3d28f6fc32b621ef0d806ce1547e5c4be858fe3c28205ce8793fd12517bb8b4ad933c184f0d1 SHA512 78b09ae700096205582785584a268776af46fc5bc94a0faa1ce6087ffcc945649e69269ff7fa88dedd5df1a5cdecc53e885de1e39506470f23b02028ca962104 +AUX openssl-1.0.2a-aix-soname.patch 2704 BLAKE2B d36cc275afe5fdd7b60e27124c5b2a1b3abdd36bc4104893b5564de968f1ce6402134ebf603665c1ed0b310ef30157b73b85ee153b6531722ee3702cfdb477d5 SHA512 9c1241191e51aff42d7dd9bfb1831a3a85de57d8549a2e3195178eaaacc61cba390850b7454ef2c95a4e6de06693becfd6e527b06ccd54fea3f9da7104d6b4de +AUX openssl-1.0.2a-malloc-typo.patch 1440 BLAKE2B 75617f0fb7d9dec02f8d56c37be4fbbc6caac381074c92bd2f2d7b5ada6d6d2422cd839f35486a8f5ae468d859956b07126fab5466b6404ec368242f9544e3be SHA512 5b4c9bcd24a80bcb17e21ffdd88b1a58f1794ae6069e773483ed1595022d212ace521aef3faa90df489b549fc60c0e871d5d711859a599b6373dc67af29a0c4b +AUX openssl-1.0.2a-parallel-build.patch 9573 BLAKE2B 6d6b9f60343bc4267c15e214e0a38f9a85579d836e25a2214ba957d4934103c39164de5866aecc8deb94f4023ffbd21014ef5103d1d3a05e43be79a0bb25b933 SHA512 eef70d7662fe1c84ea8a998b1b394900805a91ae371a99e45ea07725ac218ffd6be5b75add647724e1a6b5556884bcb4a5be31b97254fd62b63aeead7ff701e3 +AUX openssl-1.0.2a-parallel-install-dirs.patch 2013 BLAKE2B 208d06d19f9e753e418619dae73b36c11eb86b090d61fd1fc35f0f819c52c09b6b0c194b1caeee269960a8774d6357ec86530227c405b110d0a28e9af6948917 SHA512 c3b97fa318b9627bcaf4f39d1615c46322c1081cded135af5b5115beb2be74ead46084119fce5643b12c54b6851c33bfb624694ccf6f3d32060b6d56239d3674 +AUX openssl-1.0.2a-parallel-obj-headers.patch 1359 BLAKE2B a9655a872a7dd75adcf5cdc7e3e344adc369243e30f23c9f3fad1f20a22d0a4a195590c1d9bc6335721ffd6d5c8823ca6d6d79118ebed94fafeb6665c6f42022 SHA512 ac8224bc088099d72e7e6761303b8653766372bd027536951c458bd22fd0526163de22bf27675e0292a12ae7257a5c1edf26a92747e00cc139e13e1b624b4072 +AUX openssl-1.0.2a-parallel-symlinking.patch 2041 BLAKE2B adf1701b1e02786032ae546d77fb4967aa1a67adef17cf5ec284df2593776128564ea81b77dcd499598f3a6ca3f3c525a0a06fec2fd79b131adb3e2fb02c6ebc SHA512 b87ab581784c285ef394b31baa1196a831a86c3b2d578704c9d8b80d68c70a8b19cfa88bd29b84578ed024135ae2d2ac4d622c91e1040074016b8fd104d6c05a +AUX openssl-1.0.2a-x32-asm.patch 1561 BLAKE2B ee5e5b91e4babacff71edf36cce80fbcb2b8dbb9a7ea63a816d3a5de544fbffd8b4216d7a95bd44e718c7a83dd8b8b5ad85caed4205eab5de566b0b7e5054fc1 SHA512 fbb23393e68776e9d34953f85ba3cbb285421d50f06bd297b485c7cffc8d89ca8caff6783f21038ae668b5c75056c89dc652217ac8609b5328e2c28e70ac294c +AUX openssl-1.0.2d-parallel-build.patch 9504 BLAKE2B 04b2fb51b791d68340273c2e5c2be89fae7bf2028e2ef9e3bef46c1446491f32d966b520dd4d9defcd2b12c83298ba5caa90f51f015fc7a2e5f18c8fb0ace8f6 SHA512 9d81b0dd260c0622eefea2bd33a8b19806b372c39fa6197af1b19ce263ddcd4554dd4fc4ebc23452ffc8d0144bb7b8d4aeb19fd479b14220c08c3c53b895a88c +AUX openssl-1.0.2e-parallel-build.patch 9620 BLAKE2B 91271dd5bd4a1552f3d9a550a3be9aba5ae32d1bb90118f4437ecfa2f1b1879b9e50965c9f7a520d5121fd12e7bc81aa400c4a1501e5e481f8b4c15646220322 SHA512 8aa64a78bc190a9c04f0093af2cdbcc0bed25be8c5f31c3a31e8b19954a58ba96ab05139d3ae6ecd7bc24e123536eec54fc98330167affcfd13cbd6d90626637 +AUX openssl-1.0.2g-parallel-build.patch 9751 BLAKE2B 3f6343cfa1074c61b1570bce96558dfdab1b99dc1e5567425af08a28749df99390397c1f0ff627a49b5d2b8cc887741ceba4f20a123be1f6f987040037cf4541 SHA512 29f784f19e1a4eadd4ecdae3f5a1d4f7123db388943b7940b8917db2cb8f6debb633d5e845a45bc73b5159d0a7b6479c7c582da59e53dc063953a67f31c011bb +AUX openssl-1.0.2h-CVE-2016-2177.patch 8135 BLAKE2B b8b097eba8798f4f1340640ecb8a6918a43f59ca3ffc5b07b1364559ab35d941f30f9e1f8690d8fc7c901d30e650af66b31a8b134d907e176fb439afa15dead5 SHA512 6e149213d1c4cbab06e0aedeb04562f96c1430e6e8f9b9836ff4ddd79da361db2bcfbdf83f6615369e8feaaefecfc0dc5f9cee3b56c2eeeca57233a2daf25d2c +AUX openssl-1.0.2h-CVE-2016-2178.patch 1111 BLAKE2B 357de9640e20261dcae2ee25c47857c1dc09592204316212baf9db95415ae4c1c026b002f6c7be78d119f3bd51d34199fbca9bd558d710ebe8f6eb584517ba5f SHA512 3225fff5f3e3bfff3a0acd6c294c5b3a6ce58184b6583aec7bf1e1b35cc590f59b25dfc44eda698f95e8c18553a51d36f26e4dc9af2b9a6d601ccd5d95fa9ea4 +AUX openssl-1.0.2i-parallel-build.patch 10065 BLAKE2B 3221de2e479e6c77d70637300bd8eac254164947de8f22f8dbaf7c6928d25975871c87e40fed4b95a3a008fb9d3b95324551f105b1b15d2d99353d04b8e9dd27 SHA512 2a95103d22263ca68582caccfb6860d45da20b92741824a794697eaa4e199199abc95ac8a62b821fc42aeab96098aeb89731ee535726e0a9e779dcd9bf39d12d +AUX openssl-1.0.2l-interix.patch 1280 BLAKE2B 8262efca31260185a19da8888a5f3a2e601fc6be6b675c5f98386c0cad43e6b4f16eb9e3b11ad4430ae188be34a4a311fefa9c7dc78c403712d0a1a6500e1012 SHA512 f6993d0b5c8a8e7339c68055a26dde0a2606e51b90db9a71fc612d8fa11526b6fabe380b8ba6c269768327274ad7a817e821782c35c9eae8bad087b77eb1cab7 +AUX openssl-1.0.2l-mint.patch 963 BLAKE2B f9717e681b839d5b1e0d6aeb85c3390e9eda77546a4ae0bab62ae285d2626ada08a18fa8f9bbcafdd1781ef3c49bc32f50d424e79bc520cff3351b93c43f0235 SHA512 34853097cb15d908af2219101ba4d1d7b60022e488f21588c0e4e29d63f0a60d0c116e38758dedb6feffcbbe8a791c69271bdc0851eef7d152807054daed08fd +DIST openssl-1.0.2-patches-1.0.tar.xz 11572 BLAKE2B bdb9d2b8388f1aadf3a9274133aa8f86b0029fae1ce86d005baa39a7347657f8d4d84395b54e8ccd67944356ee197dfb527f843b4f146e305533e2ad5450721d SHA512 15234ade359a0acf001cf10c7a7fc05f54603a44c67831529c2a6eda03342f9ba1cf40664ac782b5b73c50b23ec5649fb48ccff2aea8f0df2ef634959c47e3e9 +DIST openssl-1.0.2-patches-1.2.tar.xz 12208 BLAKE2B 99b7a3538aeeecf8e1939fb08d26e2ce6aa4140488f0f6fc382a4f0dbdd67a0204c4689809e9d170148ad6686d4dbf0c8fc95802712270b0ea5720bc06c8fbbf SHA512 5e5739ab7132e986abe9704739dab2ccd16df9696318ed29762d4ee0245fd2645f9435f7340ba36edd5531a83e48489fc659ad78c09ded0e0d021dd5a3906ea6 +DIST openssl-1.0.2n.tar.gz 5375802 BLAKE2B 2e04f8c3d5e2296859b8474d7e100e270f53f18a26c6d37a4cf5e01cd14f44d24d334b4e705da05d77c33b5dc91cffea0feea9f7c83c77ba16c9b6d5f5085894 SHA512 144bf0d6aa27b4af01df0b7b734c39962649e1711554247d42e05e14d8945742b18745aefdba162e2dfc762b941fd7d3b2d5dc6a781ae4ba10a6f5a3cadb0687 +DIST openssl-1.0.2o.tar.gz 5329472 BLAKE2B 30226db49be04317da3a76cce68d5aa401decd198f92505bddb0c72a7ef6a79f3c9c06d4a816db734e2a0991ebcab8b207feced26d83639e50c821d9e76ddc45 SHA512 8a2c93657c85143e76785bb32ee836908c31a6f5f8db993fa9777acba6079e630cdddd03edbad65d1587199fc13a1507789eacf038b56eb99139c2091d9df7fd +EBUILD openssl-1.0.2n.ebuild 11156 BLAKE2B 01080fc345ea0d9d2c2861e4c645ce11ced131f110d3ae4de9f5c59713c63e66bf84ae3665286c28fb6f69ac23fbcd3c6ed9355702b4a4a5d579882b578896e8 SHA512 ea744957dc5a622a3824ac16878df0d89689685698a4c970dff7ed8278aa5941618590fe0a3e49fea3dfe12772e6369738c59fc13341af053fcd019874c93062 +EBUILD openssl-1.0.2o.ebuild 11156 BLAKE2B a650409dfefee84bd7974a00b821b1687fbde0733b02e037558de8f341ca58cc266228b10104bf1d37ed8de9c3e2d6b7f72c52aa8070cb75236cff7498cde0a2 SHA512 d8f327b12cbcf3d1b65de31ca322455daed9d8bb82dcc1fba05cffbbaf9be5c87cb0b30da4ec61fd84d8bf8e277742e5c39c14d034738993b991ec86859d1abe diff --git a/dev-libs/openssl/openssl-1.0.1g-r1.ebuild b/dev-libs/openssl/openssl-1.0.1g-r1.ebuild deleted file mode 100644 index f1486fcf..00000000 --- a/dev-libs/openssl/openssl-1.0.1g-r1.ebuild +++ /dev/null @@ -1,313 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1g-r1.ebuild,v 1.5 2014/06/18 19:18:41 mgorny Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="~ppc-aix ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt ~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -src_unpack() { - unpack ${P}.tar.gz - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 -} - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1e-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-perl-5.18.patch #497286 - epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-0.9.8l-aixso.patch #213277: with import files now - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.1-gethostbyname2-solaris.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-domd.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-flags $(test-flags-CC -Qunused-arguments) - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.1g.ebuild b/dev-libs/openssl/openssl-1.0.1g.ebuild deleted file mode 100644 index 91f40711..00000000 --- a/dev-libs/openssl/openssl-1.0.1g.ebuild +++ /dev/null @@ -1,303 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1g.ebuild,v 1.11 2014/04/29 19:21:00 vapier Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib - -REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib" - -# Have the sub-libs in RDEPEND with [static-libs] since, logically, -# our libssl.a depends on libz.a/etc... at runtime. -LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] ) - zlib? ( sys-libs/zlib[static-libs(+)] ) - kerberos? ( app-crypt/mit-krb5 )" -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="static-libs? ( ${LIB_DEPEND} ) - !static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -src_unpack() { - unpack ${P}.tar.gz - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 -} - -src_prepare() { - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1e-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-perl-5.18.patch #497286 - epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-0.9.8l-aixso.patch #213277: with import files now - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.1-gethostbyname2-solaris.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-domd.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-flags $(test-flags-CC -Qunused-arguments) - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" -} - -src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - echoit \ - ./${config} \ - ${sslout} \ - $(use sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -src_test() { - emake -j1 test -} - -src_install() { - emake INSTALL_PREFIX="${D}" install - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.1h-r2.ebuild b/dev-libs/openssl/openssl-1.0.1h-r2.ebuild deleted file mode 100644 index 9abf6a35..00000000 --- a/dev-libs/openssl/openssl-1.0.1h-r2.ebuild +++ /dev/null @@ -1,312 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1h-r2.ebuild,v 1.11 2014/08/10 09:30:35 ago Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux ~ppc-aix ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" -IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -src_unpack() { - unpack ${P}.tar.gz - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 -} - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1h-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-0.9.8l-aixso.patch #213277: with import files now - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.1-gethostbyname2-solaris.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-domd.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-flags $(test-flags-CC -Qunused-arguments) - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.1i.ebuild b/dev-libs/openssl/openssl-1.0.1i.ebuild deleted file mode 100644 index 7b3a5cb7..00000000 --- a/dev-libs/openssl/openssl-1.0.1i.ebuild +++ /dev/null @@ -1,312 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1i.ebuild,v 1.12 2014/09/19 10:34:21 ago Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux ~ppc-aix ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" -IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -src_unpack() { - unpack ${P}.tar.gz - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 -} - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1h-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-0.9.8l-aixso.patch #213277: with import files now - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.1-gethostbyname2-solaris.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-domd.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-flags $(test-flags-CC -Qunused-arguments) - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.1j.ebuild b/dev-libs/openssl/openssl-1.0.1j.ebuild deleted file mode 100644 index b43af6d2..00000000 --- a/dev-libs/openssl/openssl-1.0.1j.ebuild +++ /dev/null @@ -1,317 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1j.ebuild,v 1.11 2015/01/28 19:35:28 mgorny Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -src_unpack() { - unpack ${P}.tar.gz - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 -} - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1h-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-0.9.8l-aixso.patch #213277: with import files now - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.1-gethostbyname2-solaris.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-domd.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.1k.ebuild b/dev-libs/openssl/openssl-1.0.1k.ebuild deleted file mode 100644 index 4ffe0f62..00000000 --- a/dev-libs/openssl/openssl-1.0.1k.ebuild +++ /dev/null @@ -1,321 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1k.ebuild,v 1.11 2015/01/28 19:35:28 mgorny Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -src_unpack() { - unpack ${P}.tar.gz - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 -} - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1h-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.1k-aix-soname.patch #213277: like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.1-gethostbyname2-solaris.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-domd.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm --with-aix-soname=svr4" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.1l-r1.ebuild b/dev-libs/openssl/openssl-1.0.1l-r1.ebuild deleted file mode 100644 index 4a88ae56..00000000 --- a/dev-libs/openssl/openssl-1.0.1l-r1.ebuild +++ /dev/null @@ -1,323 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: 8f063dc44e0d7fb79345d2cff408346d4998627b $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -src_unpack() { - unpack ${P}.tar.gz - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 -} - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1h-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - epatch "${FILESDIR}"/${PN}-1.0.1l-CVE-2015-0286.patch #543552 - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.1k-aix-soname.patch #213277: like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.1-gethostbyname2-solaris.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-domd.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm --with-aix-soname=svr4" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.1m.ebuild b/dev-libs/openssl/openssl-1.0.1m.ebuild deleted file mode 100644 index 12d0a531..00000000 --- a/dev-libs/openssl/openssl-1.0.1m.ebuild +++ /dev/null @@ -1,322 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: 7f30b56b69af323662d97a19e58d353249697418 $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh ~sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -src_unpack() { - unpack ${P}.tar.gz - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 -} - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.1m-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.1m-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1m-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.1m-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.1k-aix-soname.patch #213277: like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.1m-gethostbyname2-solaris.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-domd.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm --with-aix-soname=svr4" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.1o.ebuild b/dev-libs/openssl/openssl-1.0.1o.ebuild deleted file mode 100644 index 29bb5337..00000000 --- a/dev-libs/openssl/openssl-1.0.1o.ebuild +++ /dev/null @@ -1,321 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: f6c6c16f556f76c4a036da7a4e942bd223e7a9a5 $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -src_unpack() { - unpack ${P}.tar.gz - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 -} - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.1m-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.1m-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1m-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.1k-aix-soname.patch #213277: like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.1m-gethostbyname2-solaris.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-domd.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm --with-aix-soname=svr4" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.1p.ebuild b/dev-libs/openssl/openssl-1.0.1p.ebuild deleted file mode 100644 index 86b72a80..00000000 --- a/dev-libs/openssl/openssl-1.0.1p.ebuild +++ /dev/null @@ -1,322 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: 40a538fe2cf2618dec8e45a36fd6b3c0c0daf194 $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140406-r3 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -src_unpack() { - unpack ${P}.tar.gz - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 -} - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch - epatch "${FILESDIR}"/${PN}-1.0.1p-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.1m-x32.patch - epatch "${FILESDIR}"/${PN}-1.0.1m-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.1k-aix-soname.patch #213277: like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.1m-gethostbyname2-solaris.patch - epatch "${FILESDIR}"/${PN}-1.0.1f-domd.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm --with-aix-soname=svr4" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - $(use_ssl !bindist rc5) \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.2-r3.ebuild b/dev-libs/openssl/openssl-1.0.2-r3.ebuild deleted file mode 100644 index d37d07f6..00000000 --- a/dev-libs/openssl/openssl-1.0.2-r3.ebuild +++ /dev/null @@ -1,333 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: 231155dac06726a4ddc267ed6d53957107b7aa0e $ -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2-r3.ebuild,v 1.3 2015/03/19 21:14:17 vapier Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -KEYWORDS+="~ppc-aix ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" -IUSE="bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - epatch "${FILESDIR}"/${P}-CVE-2015-0209.patch #541502 - epatch "${FILESDIR}"/${P}-CVE-2015-0288.patch #542038 - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.2-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${PN}-1.0.2-CVE-2015-0291.patch - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-0.9.8l-aixso.patch #213277: with import files now - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm --with-aix-soname=svr4" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use sctp && echo "sctp") \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.2a.ebuild b/dev-libs/openssl/openssl-1.0.2a.ebuild deleted file mode 100644 index 4823a523..00000000 --- a/dev-libs/openssl/openssl-1.0.2a.ebuild +++ /dev/null @@ -1,336 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: 6c22a2e934e37b4783384dcddabbbb3c48bfc168 $ -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2a.ebuild,v 1.9 2015/04/03 05:44:45 vapier Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -KEYWORDS+="~ppc-aix ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2-s_client-verify.patch #472584 - epatch "${FILESDIR}"/${P}-malloc-typo.patch #543828 - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-aix-soname.patch # like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - $(use_ssl asm) \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl sctp) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.2c.ebuild b/dev-libs/openssl/openssl-1.0.2c.ebuild deleted file mode 100644 index eae160a1..00000000 --- a/dev-libs/openssl/openssl-1.0.2c.ebuild +++ /dev/null @@ -1,334 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: 3ede9dd6398c3f8ccae06174764a2de580509053 $ -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2c.ebuild,v 1.1 2015/06/12 16:06:03 vapier Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -KEYWORDS+="~ppc-aix ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - sys-apps/diffutils - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( sys-devel/bc )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-aix-soname.patch # like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - $(use_ssl asm) \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl sctp) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.2d-r2.ebuild b/dev-libs/openssl/openssl-1.0.2d-r2.ebuild deleted file mode 100644 index fb9337f1..00000000 --- a/dev-libs/openssl/openssl-1.0.2d-r2.ebuild +++ /dev/null @@ -1,332 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: e45dd2463b89db555260180cf6ae5027ed4f65ea $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND=">=app-misc/c_rehash-1.7-r1 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( - sys-apps/diffutils - sys-devel/bc - )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # keep this in sync with app-misc/c_rehash - SSL_CNF_DIR="/etc/ssl" - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.2d-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-aix-soname.patch # like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - $(use_ssl asm) \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl sctp) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - # openssl installs perl version of c_rehash by default, but - # we provide a shell version via app-misc/c_rehash - rm "${ED}"/usr/bin/c_rehash || die - - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.2d.ebuild b/dev-libs/openssl/openssl-1.0.2d.ebuild deleted file mode 100644 index 966399d8..00000000 --- a/dev-libs/openssl/openssl-1.0.2d.ebuild +++ /dev/null @@ -1,337 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: 98f1978b3039e6a70b79de99566bc1f8688d9d03 $ -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.2d.ebuild,v 1.2 2015/07/10 06:08:30 vapier Exp $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -REV="1.7" -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz - http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -KEYWORDS+="~ppc-aix ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( - sys-apps/diffutils - sys-devel/bc - )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - SSL_CNF_DIR="/etc/ssl" - sed \ - -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \ - -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \ - "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \ - > "${WORKDIR}"/c_rehash || die #416717 #350601 - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.2d-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-aix-soname.patch # like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - sed -i '1s/perl5/perl/' tools/c_rehash || die #308455 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - $(use_ssl asm) \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl sctp) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - dobin "${WORKDIR}"/c_rehash #333117 - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.2e.ebuild b/dev-libs/openssl/openssl-1.0.2e.ebuild deleted file mode 100644 index 664861b2..00000000 --- a/dev-libs/openssl/openssl-1.0.2e.ebuild +++ /dev/null @@ -1,332 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: 444743d6c8e0df2a30bd85395aff8eb99561bf8f $ - -EAPI="4" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND=">=app-misc/c_rehash-1.7-r1 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( - sys-apps/diffutils - sys-devel/bc - )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # keep this in sync with app-misc/c_rehash - SSL_CNF_DIR="/etc/ssl" - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.2e-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-aix-soname.patch # like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - #sed -i '1s,^:$,#!'"$(type -P perl)"',' Configure || die #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - $(use_ssl asm) \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl sctp) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - # openssl installs perl version of c_rehash by default, but - # we provide a shell version via app-misc/c_rehash - rm "${ED}"/usr/bin/c_rehash || die - - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.2f.ebuild b/dev-libs/openssl/openssl-1.0.2f.ebuild deleted file mode 100644 index 5d51351f..00000000 --- a/dev-libs/openssl/openssl-1.0.2f.ebuild +++ /dev/null @@ -1,331 +0,0 @@ -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: a7c3eb620a05f339ae6fb37a6ea2220d0c183adf $ - -EAPI=5 - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -# The blocks are temporary just to make sure people upgrade to a -# version that lack runtime version checking. We'll drop them in -# the future. -RDEPEND=">=app-misc/c_rehash-1.7-r1 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] ) - abi_x86_32? ( - !<=app-emulation/emul-linux-x86-baselibs-20140508 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] - ) - !<net-misc/openssh-5.9_p1-r4 - !<net-libs/neon-0.29.6-r1" -DEPEND="${RDEPEND} - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( - sys-apps/diffutils - sys-devel/bc - )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # keep this in sync with app-misc/c_rehash - SSL_CNF_DIR="/etc/ssl" - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.2e-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-aix-soname.patch # like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "I AM NOT SANE" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - $(use_ssl asm) \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl sctp) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain : with e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - # openssl installs perl version of c_rehash by default, but - # we provide a shell version via app-misc/c_rehash - rm "${ED}"/usr/bin/c_rehash || die - - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.2g-r2.ebuild b/dev-libs/openssl/openssl-1.0.2g-r2.ebuild deleted file mode 100644 index f581186e..00000000 --- a/dev-libs/openssl/openssl-1.0.2g-r2.ebuild +++ /dev/null @@ -1,325 +0,0 @@ -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: a69dae46b1088c2c1ef49b1adc253c99db134045 $ - -EAPI=5 - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -# subslot set to 1.0.2g version as this is the first release without SSLv2 -# support and thus breaks nearly every openssl consumer (see bug #575548) -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -RDEPEND=">=app-misc/c_rehash-1.7-r1 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )" -DEPEND="${RDEPEND} - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( - sys-apps/diffutils - sys-devel/bc - )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # keep this in sync with app-misc/c_rehash - SSL_CNF_DIR="/etc/ssl" - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.2g-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-aix-soname.patch # like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "Sanity checks failed" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - enable-ssl2 \ - $(use_ssl asm) \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl sctp) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain ':', e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - # openssl installs perl version of c_rehash by default, but - # we provide a shell version via app-misc/c_rehash - rm "${ED}"/usr/bin/c_rehash || die - - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.2h-r2.ebuild b/dev-libs/openssl/openssl-1.0.2h-r2.ebuild deleted file mode 100644 index 845bc257..00000000 --- a/dev-libs/openssl/openssl-1.0.2h-r2.ebuild +++ /dev/null @@ -1,320 +0,0 @@ -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: 333ae66b5bfabea161108ac9cc16ca19a97b68d2 $ - -EAPI="5" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 sslv2 +sslv3 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -RDEPEND=">=app-misc/c_rehash-1.7-r1 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )" -DEPEND="${RDEPEND} - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( - sys-apps/diffutils - sys-devel/bc - )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # keep this in sync with app-misc/c_rehash - SSL_CNF_DIR="/etc/ssl" - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - # bugs 585142 and 585276 - epatch "${FILESDIR}"/${P}-CVE-2016-2177.patch - epatch "${FILESDIR}"/${P}-CVE-2016-2178.patch - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.2g-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-aix-soname.patch # like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "Sanity checks failed" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - $(use_ssl asm) \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl sctp) \ - $(use_ssl sslv2 ssl2) \ - $(use_ssl sslv3 ssl3) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain ':', e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - # openssl installs perl version of c_rehash by default, but - # we provide a shell version via app-misc/c_rehash - rm "${ED}"/usr/bin/c_rehash || die - - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? -} diff --git a/dev-libs/openssl/openssl-1.0.2h.ebuild b/dev-libs/openssl/openssl-1.0.2h.ebuild deleted file mode 100644 index f581186e..00000000 --- a/dev-libs/openssl/openssl-1.0.2h.ebuild +++ /dev/null @@ -1,325 +0,0 @@ -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: a69dae46b1088c2c1ef49b1adc253c99db134045 $ - -EAPI=5 - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -# subslot set to 1.0.2g version as this is the first release without SSLv2 -# support and thus breaks nearly every openssl consumer (see bug #575548) -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -RDEPEND=">=app-misc/c_rehash-1.7-r1 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )" -DEPEND="${RDEPEND} - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( - sys-apps/diffutils - sys-devel/bc - )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # keep this in sync with app-misc/c_rehash - SSL_CNF_DIR="/etc/ssl" - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743 - epatch "${FILESDIR}"/${PN}-1.0.2g-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-aix-soname.patch # like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "Sanity checks failed" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - enable-ssl2 \ - $(use_ssl asm) \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl sctp) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads ${confopts} \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain ':', e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - # openssl installs perl version of c_rehash by default, but - # we provide a shell version via app-misc/c_rehash - rm "${ED}"/usr/bin/c_rehash || die - - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_preinst() { - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? - - has_version ${CATEGORY}/${PN}:0.9.8 && return 0 - preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 0.9.8) -} diff --git a/dev-libs/openssl/openssl-1.0.2i.ebuild b/dev-libs/openssl/openssl-1.0.2i.ebuild deleted file mode 100644 index 6895502a..00000000 --- a/dev-libs/openssl/openssl-1.0.2i.ebuild +++ /dev/null @@ -1,315 +0,0 @@ -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: ce2aa6672be31fb813e452e7381910c4c68a6c80 $ - -EAPI="5" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="~alpha amd64 ~arm ~arm64 hppa ~ia64 ~m68k ~mips ~ppc ppc64 ~s390 ~sh ~sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 sslv2 +sslv3 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -RDEPEND=">=app-misc/c_rehash-1.7-r1 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )" -DEPEND="${RDEPEND} - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( - sys-apps/diffutils - sys-devel/bc - )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # keep this in sync with app-misc/c_rehash - SSL_CNF_DIR="/etc/ssl" - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.2i-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-aix-soname.patch # like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "Sanity checks failed" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - $(use_ssl asm) \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl sctp) \ - $(use_ssl sslv2 ssl2) \ - $(use_ssl sslv3 ssl3) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain ':', e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - # openssl installs perl version of c_rehash by default, but - # we provide a shell version via app-misc/c_rehash - rm "${ED}"/usr/bin/c_rehash || die - - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? -} diff --git a/dev-libs/openssl/openssl-1.0.2j.ebuild b/dev-libs/openssl/openssl-1.0.2j.ebuild deleted file mode 100644 index 6fcf8db4..00000000 --- a/dev-libs/openssl/openssl-1.0.2j.ebuild +++ /dev/null @@ -1,315 +0,0 @@ -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: db6a0e316b320d84fbf8d6aac32ad91d4384cb84 $ - -EAPI="5" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 sslv2 +sslv3 static-libs test +tls-heartbeat vanilla zlib" -RESTRICT="!bindist? ( bindist )" - -RDEPEND=">=app-misc/c_rehash-1.7-r1 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )" -DEPEND="${RDEPEND} - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( - sys-apps/diffutils - sys-devel/bc - )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # keep this in sync with app-misc/c_rehash - SSL_CNF_DIR="/etc/ssl" - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.2i-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 - - epatch_user #332661 - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-aix-soname.patch # like libtool - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure || die #141906 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config -t --test-sanity || die "Sanity checks failed" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - $(use_ssl asm) \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl sctp) \ - $(use_ssl sslv2 ssl2) \ - $(use_ssl sslv3 ssl3) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain ':', e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install -} - -multilib_src_install_all() { - # openssl installs perl version of c_rehash by default, but - # we provide a shell version via app-misc/c_rehash - rm "${ED}"/usr/bin/c_rehash || die - - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || rm -f "${ED}"/usr/lib*/lib*.a - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? -} diff --git a/dev-libs/openssl/openssl-1.0.2k.ebuild b/dev-libs/openssl/openssl-1.0.2k.ebuild deleted file mode 100644 index 76a724fd..00000000 --- a/dev-libs/openssl/openssl-1.0.2k.ebuild +++ /dev/null @@ -1,332 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -KEYWORDS+="~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" -IUSE="+asm bindist gmp kerberos rfc3779 sctp sep-usr sslv2 +sslv3 static-libs test +tls-heartbeat vanilla zlib cpu_flags_x86_sse2" -RESTRICT="!bindist? ( bindist )" - -RDEPEND=">=app-misc/c_rehash-1.7-r1 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )" -DEPEND="${RDEPEND} - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( - sys-apps/diffutils - sys-devel/bc - )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # keep this in sync with app-misc/c_rehash - SSL_CNF_DIR="/etc/ssl" - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.2i-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 - - epatch_user #332661 - - # Solaris /bin/sh does not support "[ -e file ]", added by patches - sed -e 's/\[ -e /\[ -r /' -i Makefile.shared - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-1.0.0a-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.0a-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-aix-soname.patch # like libtool - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for Darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - use prefix-chain && sed -i '1s,^:$,#!/usr/bin/env perl,' Configure #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config --test-sanity || die "Sanity checks failed" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - # https://github.com/openssl/openssl/issues/2286 - if use ia64 ; then - replace-flags -g3 -g2 - replace-flags -ggdb3 -ggdb2 - fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - $(use_ssl asm) \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl sctp) \ - $(use_ssl sslv2 ssl2) \ - $(use_ssl sslv3 ssl3) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain ':', e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install - - if use sep-usr && multilib_is_native_abi; then - # need the libs in / - gen_usr_ldscript -a crypto - fi -} - -multilib_src_install_all() { - # openssl installs perl version of c_rehash by default, but - # we provide a shell version via app-misc/c_rehash - rm "${ED}"/usr/bin/c_rehash || die - - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || find "${ED}"usr/lib* -mindepth 1 -maxdepth 1 \ - -name "lib*.a" -not -name "lib*$(get_libname)" -delete - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? -} diff --git a/dev-libs/openssl/openssl-1.0.2l.ebuild b/dev-libs/openssl/openssl-1.0.2l.ebuild deleted file mode 100644 index 67cfad16..00000000 --- a/dev-libs/openssl/openssl-1.0.2l.ebuild +++ /dev/null @@ -1,332 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" - -inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal - -MY_P=${P/_/-} -DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" -HOMEPAGE="http://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" - -LICENSE="openssl" -SLOT="0" -KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -KEYWORDS+="~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" -IUSE="+asm bindist gmp kerberos rfc3779 sctp sep-usr sslv2 +sslv3 static-libs test +tls-heartbeat vanilla zlib cpu_flags_x86_sse2" -RESTRICT="!bindist? ( bindist )" - -RDEPEND=">=app-misc/c_rehash-1.7-r1 - gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] ) - kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )" -DEPEND="${RDEPEND} - >=dev-lang/perl-5 - sctp? ( >=net-misc/lksctp-tools-1.0.12 ) - test? ( - sys-apps/diffutils - sys-devel/bc - )" -PDEPEND="app-misc/ca-certificates" - -S="${WORKDIR}/${MY_P}" - -MULTILIB_WRAPPED_HEADERS=( - usr/include/openssl/opensslconf.h -) - -src_prepare() { - # keep this in sync with app-misc/c_rehash - SSL_CNF_DIR="/etc/ssl" - - # Make sure we only ever touch Makefile.org and avoid patching a file - # that gets blown away anyways by the Configure script in src_configure - rm -f Makefile - - if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.2i-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 - - epatch_user #332661 - - # Solaris /bin/sh does not support "[ -e file ]", added by patches - sed -e 's/\[ -e /\[ -r /' -i Makefile.shared - fi - - # disable fips in the build - # make sure the man pages are suffixed #302165 - # don't bother building man pages if they're disabled - sed -i \ - -e '/DIRS/s: fips : :g' \ - -e '/^MANSUFFIX/s:=.*:=ssl:' \ - -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \ - -e $(has noman FEATURES \ - && echo '/^install:/s:install_docs::' \ - || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \ - Makefile.org \ - || die - # show the actual commands in the log - sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared - - # avoid using /bin/sh because it's fragile on some platforms (Solaris) - sed -i -e "/SHELL=/s:=.*$:=${CONFIG_SHELL:-${BASH}}:" Makefile.org || die - sed -i -e "1a\SHELL=${CONFIG_SHELL:-${BASH}}" Makefile.shared || die - - epatch "${FILESDIR}"/${PN}-1.0.2l-interix.patch - epatch "${FILESDIR}"/${PN}-1.0.2l-mint.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-aix-soname.patch # like libtool - epatch "${FILESDIR}"/${PN}-0.9.8g-engines-installnames.patch - epatch "${FILESDIR}"/${PN}-1.0.0b-darwin-bundle-compile-fix.patch - epatch "${FILESDIR}"/${PN}-1.0.2-gethostbyname2-solaris.patch - - if [[ ${CHOST} == *-interix* ]] ; then - sed -i -e 's/-Wl,-soname=/-Wl,-h -Wl,/' Makefile.shared || die - fi - - # again, this windows patch should not do any harm to others, but - # header files are copied instead of linked now, so leave it conditional. - [[ ${CHOST} == *-winnt* ]] && epatch "${FILESDIR}"/${PN}-0.9.8k-winnt.patch - - # remove -arch for Darwin - sed -i '/^"darwin/s,-arch [^ ]\+,,g' Configure || die - - # since we're forcing $(CC) as makedep anyway, just fix - # the conditional as always-on - # helps clang (#417795), and versioned gcc (#499818) - sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die - - # quiet out unknown driver argument warnings since openssl - # doesn't have well-split CFLAGS and we're making it even worse - # and 'make depend' uses -Werror for added fun (#417795 again) - #[[ ${CC} == *clang* ]] && append-flags -Qunused-arguments - #append-flags $(test-flags-CC -Qunused-arguments) - append-flags $(test-flags-CC -Wno-error=unused-command-line-argument) - - # allow openssl to be cross-compiled - cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die - chmod a+rx gentoo.config - - append-flags -fno-strict-aliasing - append-flags $(test-flags-CC -Wa,--noexecstack) - append-cppflags -DOPENSSL_NO_BUF_FREELISTS - - # avoid waiting on terminal input forever when spitting - # 64bit warning message. - [[ ${CHOST} == *-hpux* ]] && sed -i -e 's,stty,true,g' -e 's,read waste,true,g' config - - # Upstream insists that the GNU assembler fails, so insist on calling the - # vendor assembler. However, I find otherwise. At least on Solaris-9 - # --darkside (26 Aug 2008) - if [[ ${CHOST} == sparc-sun-solaris2.9 ]]; then - sed -i -e "s:/usr/ccs/bin/::" crypto/bn/Makefile || die "sed failed" - fi - - # type -P required on platforms where perl is not installed - # in the same prefix (prefix-chaining). - use prefix-chain && sed -i '1s,^:$,#!/usr/bin/env perl,' Configure #141906 - sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906 - - # The config script does stupid stuff to prompt the user. Kill it. - sed -i '/stty -icanon min 0 time 50; read waste/d' config || die - ./config --test-sanity || die "Sanity checks failed" - - multilib_copy_sources -} - -multilib_src_configure() { - unset APPS #197996 - unset SCRIPTS #312551 - unset CROSS_COMPILE #311473 - - tc-export CC AR RANLIB RC - - # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 - - use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } - echoit() { echo "$@" ; "$@" ; } - - local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal") - - case $CHOST in - sparc*-sun-solaris*) - # openssl doesn't grok this setup, and guesses - # the architecture wrong causing segfaults, - # just disable asm for now - # FIXME: I need to report this upstream - confopts="${confopts} no-asm" - ;; - *-aix*) - # symbols in asm file aren't exported for yet unknown reason - confopts="${confopts} no-asm" - ;; - esac - - # See if our toolchain supports __uint128_t. If so, it's 64bit - # friendly and can use the nicely optimized code paths. #460790 - local ec_nistp_64_gcc_128 - # Disable it for now though #469976 - #if ! use bindist ; then - # echo "__uint128_t i;" > "${T}"/128.c - # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then - # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128" - # fi - #fi - - # https://github.com/openssl/openssl/issues/2286 - if use ia64 ; then - replace-flags -g3 -g2 - replace-flags -ggdb3 -ggdb2 - fi - - local sslout=$(./gentoo.config) - einfo "Use configuration ${sslout:-(openssl knows best)}" - local config="Configure" - [[ -z ${sslout} ]] && config="config" - - echoit \ - ./${config} \ - ${sslout} \ - $(use cpu_flags_x86_sse2 || echo "no-sse2") \ - enable-camellia \ - $(use_ssl !bindist ec) \ - ${ec_nistp_64_gcc_128} \ - enable-idea \ - enable-mdc2 \ - enable-rc5 \ - enable-tlsext \ - $(use_ssl asm) \ - $(use_ssl gmp gmp -lgmp) \ - $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ - $(use_ssl rfc3779) \ - $(use_ssl sctp) \ - $(use_ssl sslv2 ssl2) \ - $(use_ssl sslv3 ssl3) \ - $(use_ssl tls-heartbeat heartbeats) \ - $(use_ssl zlib) \ - --prefix="${EPREFIX}"/usr \ - --openssldir="${EPREFIX}"${SSL_CNF_DIR} \ - --libdir=$(get_libdir) \ - shared threads \ - || die - - if [[ ${CHOST} == i?86*-*-linux* || ${CHOST} == i?86*-*-freebsd* ]]; then - # does not compile without optimization on x86-linux and x86-fbsd - filter-flags -O0 - is-flagq -O* || append-flags -O1 - fi - - # Clean out hardcoded flags that openssl uses - local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \ - -e 's:^CFLAG=::' \ - -e 's:-fomit-frame-pointer ::g' \ - -e 's:-O[0-9] ::g' \ - -e 's:-march=[-a-z0-9]* ::g' \ - -e 's:-mcpu=[-a-z0-9]* ::g' \ - -e 's:-m[a-z0-9]* ::g' \ - ) - # CFLAGS can contain ':', e.g. MIPSpro - sed -i \ - -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \ - -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \ - Makefile || die -} - -multilib_src_compile() { - if [[ ${CHOST} == *-winnt* ]]; then - ( cd fips && emake -j1 links PERL=$(type -P perl) ) || die "make links in fips failed" - fi - - # depend is needed to use $confopts; it also doesn't matter - # that it's -j1 as the code itself serializes subdirs - emake -j1 depend - emake all - # rehash is needed to prep the certs/ dir; do this - # separately to avoid parallel build issues. - emake rehash -} - -multilib_src_test() { - emake -j1 test -} - -multilib_src_install() { - emake INSTALL_PREFIX="${D}" install - - if use sep-usr && multilib_is_native_abi; then - # need the libs in / - gen_usr_ldscript -a crypto - fi -} - -multilib_src_install_all() { - # openssl installs perl version of c_rehash by default, but - # we provide a shell version via app-misc/c_rehash - rm "${ED}"/usr/bin/c_rehash || die - - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* - use rfc3779 && dodoc engines/ccgost/README.gost - - # At least wget (>1.15?) is unhappy if any non-certificate appears - # in ${SSL_CNF_DIR}/certs... - dodoc certs/README.* && rm certs/README.* - - # This is crappy in that the static archives are still built even - # when USE=static-libs. But this is due to a failing in the openssl - # build system: the static archives are built as PIC all the time. - # Only way around this would be to manually configure+compile openssl - # twice; once with shared lib support enabled and once without. - use static-libs || find "${ED}"usr/lib* -mindepth 1 -maxdepth 1 \ - -name "lib*.a" -not -name "lib*$(get_libname)" -delete - - # create the certs directory - dodir ${SSL_CNF_DIR}/certs - cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die - rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired} - - # Namespace openssl programs to prevent conflicts with other man pages - cd "${ED}"/usr/share/man - local m d s - for m in $(find . -type f | xargs grep -L '#include') ; do - d=${m%/*} ; d=${d#./} ; m=${m##*/} - [[ ${m} == openssl.1* ]] && continue - [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!" - mv ${d}/{,ssl-}${m} - # fix up references to renamed man pages - sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m} - ln -s ssl-${m} ${d}/openssl-${m} - # locate any symlinks that point to this man page ... we assume - # that any broken links are due to the above renaming - for s in $(find -L ${d} -type l) ; do - s=${s##*/} - rm -f ${d}/${s} - ln -s ssl-${m} ${d}/ssl-${s} - ln -s ssl-${s} ${d}/openssl-${s} - done - done - [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :(" - - dodir /etc/sandbox.d #254521 - echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl - - diropts -m0700 - keepdir ${SSL_CNF_DIR}/private -} - -pkg_postinst() { - ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069" - c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null - eend $? -} diff --git a/dev-libs/openssl/openssl-1.0.2m.ebuild b/dev-libs/openssl/openssl-1.0.2o.ebuild index 9f0f378b..7e008717 100644 --- a/dev-libs/openssl/openssl-1.0.2m.ebuild +++ b/dev-libs/openssl/openssl-1.0.2o.ebuild @@ -1,18 +1,21 @@ -# Copyright 1999-2017 Gentoo Foundation +# Copyright 1999-2018 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -EAPI="5" +EAPI="6" inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal +PATCH_SET="openssl-1.0.2-patches-1.2" MY_P=${P/_/-} DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)" HOMEPAGE="https://www.openssl.org/" -SRC_URI="mirror://openssl/source/${MY_P}.tar.gz" +SRC_URI="mirror://openssl/source/${MY_P}.tar.gz + mirror://gentoo/${PATCH_SET}.tar.xz + https://dev.gentoo.org/~whissi/dist/${PN}/${PATCH_SET}.tar.xz" LICENSE="openssl" SLOT="0" -KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~x86-fbsd ~arm-linux ~x86-linux" KEYWORDS+="~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" IUSE="+asm bindist gmp kerberos rfc3779 sctp sep-usr sslv2 +sslv3 static-libs test +tls-heartbeat vanilla zlib cpu_flags_x86_sse2" RESTRICT="!bindist? ( bindist )" @@ -45,21 +48,14 @@ src_prepare() { rm -f Makefile if ! use vanilla ; then - epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421 - epatch "${FILESDIR}"/${PN}-1.0.2i-parallel-build.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028 - epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch - epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 - epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 - - epatch_user #332661 - - # Solaris /bin/sh does not support "[ -e file ]", added by patches - sed -e 's/\[ -e /\[ -r /' -i Makefile.shared + eapply "${WORKDIR}"/patch/*.patch fi + eapply_user + + # Solaris /bin/sh does not support "[ -e file ]", added by patches + sed -e 's/\[ -e /\[ -r /' -i Makefile.shared + # disable fips in the build # make sure the man pages are suffixed #302165 # don't bother building man pages if they're disabled @@ -111,7 +107,7 @@ src_prepare() { # allow openssl to be cross-compiled cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die - chmod a+rx gentoo.config + chmod a+rx gentoo.config || die append-flags -fno-strict-aliasing append-flags $(test-flags-CC -Wa,--noexecstack) @@ -148,11 +144,11 @@ multilib_src_configure() { tc-export CC AR RANLIB RC # Clean out patent-or-otherwise-encumbered code - # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher) - # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm - # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography - # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2 - # RC5: Expired http://en.wikipedia.org/wiki/RC5 + # Camellia: Royalty Free https://en.wikipedia.org/wiki/Camellia_(cipher) + # IDEA: Expired https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm + # EC: ????????? ??/??/2015 https://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography + # MDC2: Expired https://en.wikipedia.org/wiki/MDC-2 + # RC5: Expired https://en.wikipedia.org/wiki/RC5 use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; } echoit() { echo "$@" ; "$@" ; } @@ -275,8 +271,9 @@ multilib_src_install_all() { # we provide a shell version via app-misc/c_rehash rm "${ED}"/usr/bin/c_rehash || die - dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el - dohtml -r doc/* + local -a DOCS=( CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el ) + einstalldocs + use rfc3779 && dodoc engines/ccgost/README.gost # At least wget (>1.15?) is unhappy if any non-certificate appears |