Clean up openssl logic to fix cross-compiling #417129 by Bertrand Jacquin.

(Portage version: 2.2.20/cvs/Linux x86_64, signed Manifest commit with key D2E96200)
author: Mike Frysinger <vapier@gentoo.org> 2015-05-26 03:01:00 +0000
committer: Mike Frysinger <vapier@gentoo.org> 2015-05-26 03:01:00 +0000
commit: 98ad1ac359ab97db3dbc1deb5be3a2f1b33af334 (patch)
tree: 1463f2e4f548c368dcf6d4791de81922c2602502 /net-dns
parent: Bump (diff)
download: gentoo-2-98ad1ac359ab97db3dbc1deb5be3a2f1b33af334.tar.gz
gentoo-2-98ad1ac359ab97db3dbc1deb5be3a2f1b33af334.tar.bz2
gentoo-2-98ad1ac359ab97db3dbc1deb5be3a2f1b33af334.zip
3 files changed, 277 insertions, 1 deletions
diff --git a/net-dns/bind-tools/ChangeLog b/net-dns/bind-tools/ChangeLog
index 4f5c641916cf..27a2536f0de0 100644
--- a/net-dns/bind-tools/ChangeLog
+++ b/net-dns/bind-tools/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-dns/bind-tools
 # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-dns/bind-tools/ChangeLog,v 1.284 2015/05/26 01:53:40 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-dns/bind-tools/ChangeLog,v 1.285 2015/05/26 03:01:00 vapier Exp $
+
+*bind-tools-9.10.2-r1 (26 May 2015)
+
+  26 May 2015; Mike Frysinger <vapier@gentoo.org> +bind-tools-9.10.2-r1.ebuild,
+  +files/bind-tools-9.10.2-openssl.patch:
+  Clean up openssl logic to fix cross-compiling #417129 by Bertrand Jacquin.
 
   26 May 2015; Mike Frysinger <vapier@gentoo.org> bind-tools-9.10.1_p1.ebuild:
   Mark s390/sh stable.
diff --git a/net-dns/bind-tools/bind-tools-9.10.2-r1.ebuild b/net-dns/bind-tools/bind-tools-9.10.2-r1.ebuild
new file mode 100644
index 000000000000..b0e61f3ad904
--- /dev/null
+++ b/net-dns/bind-tools/bind-tools-9.10.2-r1.ebuild
@@ -0,0 +1,125 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-dns/bind-tools/bind-tools-9.10.2-r1.ebuild,v 1.1 2015/05/26 03:01:00 vapier Exp $
+
+EAPI="5"
+
+inherit eutils autotools flag-o-matic toolchain-funcs
+
+MY_PN=${PN//-tools}
+MY_PV=${PV/_p/-P}
+MY_PV=${MY_PV/_rc/rc}
+MY_P="${MY_PN}-${MY_PV}"
+
+DESCRIPTION="bind tools: dig, nslookup, host, nsupdate, dnssec-keygen"
+HOMEPAGE="http://www.isc.org/software/bind"
+SRC_URI="ftp://ftp.isc.org/isc/bind9/${MY_PV}/${MY_P}.tar.gz"
+
+LICENSE="ISC BSD BSD-2 HPND JNIC RSA openssl"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="doc gost gssapi idn ipv6 readline seccomp ssl urandom xml"
+# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
+
+REQUIRED_USE="gost? ( ssl )"
+
+DEPEND="ssl? ( dev-libs/openssl:0 )
+	gost? ( >=dev-libs/openssl-1.0.0:0[-bindist] )
+	xml? ( dev-libs/libxml2 )
+	idn? ( net-dns/idnkit )
+	gssapi? ( virtual/krb5 )
+	readline? ( sys-libs/readline:0= )
+	seccomp? ( sys-libs/libseccomp )"
+RDEPEND="${DEPEND}
+	!<net-dns/bind-9.10.2"
+
+S="${WORKDIR}/${MY_P}"
+
+# bug 479092, requires networking
+RESTRICT="test"
+
+src_prepare() {
+	epatch "${FILESDIR}"/${PN}-9.5.0_p1-lwconfig.patch #231247
+	epatch "${FILESDIR}"/${PN}-9.10.2-openssl.patch #417129
+
+	# Disable tests for now, bug 406399
+	sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die
+
+	# bug #220361
+	rm aclocal.m4
+	rm -rf libtool.m4/
+	eautoreconf
+}
+
+src_configure() {
+	local myconf=
+
+	if use urandom; then
+		myconf="${myconf} --with-randomdev=/dev/urandom"
+	else
+		myconf="${myconf} --with-randomdev=/dev/random"
+	fi
+
+	# bug 344029
+	append-cflags "-DDIG_SIGCHASE"
+
+	# localstatedir for nsupdate -l, bug 395785
+	tc-export BUILD_CC
+	econf \
+		--localstatedir=/var \
+		--without-python \
+		--without-libjson \
+		--disable-openssl-version-check \
+		$(use_enable ipv6) \
+		$(use_with idn) \
+		$(usex idn --with-idnlib=-lidnkit '') \
+		$(use_enable seccomp) \
+		$(use_with ssl openssl) \
+		$(use_with xml libxml2) \
+		$(use_with gssapi) \
+		$(use_with readline) \
+		$(use_with gost) \
+		${myconf}
+
+	# bug #151839
+	echo '#undef SO_BSDCOMPAT' >> config.h
+}
+
+src_compile() {
+	local AR=$(tc-getAR)
+
+	emake AR="${AR}" -C lib/
+	emake AR="${AR}" -C bin/delv/
+	emake AR="${AR}" -C bin/dig/
+	emake AR="${AR}" -C bin/nsupdate/
+	emake AR="${AR}" -C bin/dnssec/
+}
+
+src_install() {
+	dodoc README CHANGES FAQ
+
+	cd "${S}"/bin/delv
+	dobin delv
+	doman delv.1
+
+	cd "${S}"/bin/dig
+	dobin dig host nslookup
+	doman {dig,host,nslookup}.1
+
+	cd "${S}"/bin/nsupdate
+	dobin nsupdate
+	doman nsupdate.1
+	if use doc; then
+		dohtml nsupdate.html
+	fi
+
+	cd "${S}"/bin/dnssec
+	for tool in dsfromkey importkey keyfromlabel keygen \
+	  revoke settime signzone verify; do
+		dobin dnssec-"${tool}"
+		doman dnssec-"${tool}".8
+		if use doc; then
+			dohtml dnssec-"${tool}".html
+		fi
+	done
+}
diff --git a/net-dns/bind-tools/files/bind-tools-9.10.2-openssl.patch b/net-dns/bind-tools/files/bind-tools-9.10.2-openssl.patch
new file mode 100644
index 000000000000..deeb1096162e
--- /dev/null
+++ b/net-dns/bind-tools/files/bind-tools-9.10.2-openssl.patch
@@ -0,0 +1,145 @@
+https://bugs.gentoo.org/417129
+
+fix openssl build logic:
+* do not probe direct filesystem paths (including hardcoding things like /usr)
+* use pkg-config to locate proper openssl libraries
+* turn dsa check into a header one
+* turn ecdsa check into a link one
+* have gost/aes actually default to --with-xxx value when cross-compiling
+
+Patch by Mike Frysinger <vapier@chromium.org>
+
+--- a/configure.in
++++ b/configure.in
+@@ -1442,16 +1442,21 @@ case "$use_openssl" in
+ 		OPENSSLLINKOBJS=""
+ 		OPENSSLLINKSRCS=""
+ 		;;
+-	auto)
+-		DST_OPENSSL_INC=""
+-		CRYPTO=""
++	yes|auto)
++		CRYPTO=""
++		PKG_CHECK_MODULES([OPENSSL], [libcrypto], [CRYPTO='-DOPENSSL'], [
++			if test "$use_openssl" = "yes"; then
++				AC_MSG_ERROR(openssl not found)
++			fi
++			use_openssl="no"
++		])
++
++		DST_OPENSSL_INC=$OPENSSL_CFLAGS
++		DST_OPENSSL_LIBS=$OPENSSL_LIBS
+ 		OPENSSLGOSTLINKOBJS=""
+ 		OPENSSLGOSTLINKSRS=""
+ 		OPENSSLLINKOBJS=""
+ 		OPENSSLLINKSRCS=""
+-		AC_MSG_ERROR(
+-[OpenSSL was not found in any of $openssldirs; use --with-openssl=/path
+-If you don't want OpenSSL, use --without-openssl])
+ 		;;
+ 	*)
+ 		if test "$want_native_pkcs11" = "yes"
+@@ -1588,27 +1593,39 @@ no)
+ ;;
+ esac
+ 
++		CC="$saved_cc"
++		CFLAGS="$saved_cflags"
++		LIBS="$saved_libs"
++		OPENSSLLINKOBJS='${OPENSSLLINKOBJS}'
++		OPENSSLLINKSRCS='${OPENSSLLINKSRCS}'
++		;;
++esac
++
++if test "$use_openssl" = "yes"; then
++	saved_cc="$CC"
++	saved_cflags="$CFLAGS"
++	saved_libs="$LIBS"
++	CFLAGS="$CFLAGS $DST_OPENSSL_INC"
++	LIBS="$LIBS $DST_OPENSSL_LIBS"
++
+-	AC_MSG_CHECKING(for OpenSSL DSA support)
+-	if test -f $use_openssl/include/openssl/dsa.h
+-	then
++	AC_CHECK_HEADERS([openssl/dsa.h])
++	if test "$ac_cv_header_openssl_dsa_h" = yes; then
+ 		AC_DEFINE(HAVE_OPENSSL_DSA)
+-		AC_MSG_RESULT(yes)
+-	else
+-		AC_MSG_RESULT(no)
+ 	fi
+ 
+ 	AC_CHECK_FUNCS(EVP_sha256 EVP_sha384 EVP_sha512)
+ 
+ 	AC_MSG_CHECKING(for OpenSSL ECDSA support)
+ 	have_ecdsa=""
+-	AC_TRY_RUN([
++	AC_TRY_LINK([
+ #include <openssl/ecdsa.h>
+ #include <openssl/objects.h>
++],[
+ int main() {
+ 	EC_KEY *ec256, *ec384;
+ 
+ #if !defined(HAVE_EVP_SHA256) || !defined(HAVE_EVP_SHA384)
+-	return (1);
++#error choke
+ #endif
+ 	ec256 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ 	ec384 = EC_KEY_new_by_curve_name(NID_secp384r1);
+@@ -1637,24 +1654,7 @@ int main() {
+ 	[AC_MSG_RESULT(yes)
+ 	have_ecdsa="yes"],
+ 	[AC_MSG_RESULT(no)
+-	have_ecdsa="no"],
++	have_ecdsa="no"])
+-	[AC_MSG_RESULT(using --with-ecdsa)])
+-	case "$with_ecdsa" in
+-	yes)
+-	    case "$have_ecdsa" in
+-	    no)  AC_MSG_ERROR([ecdsa not supported]) ;;
+-	    *)  have_ecdsa=yes ;;
+-	    esac
+-	    ;;
+-	no)
+-	    have_ecdsa=no ;;
+-	*)
+-	    case "$have_ecdsa" in
+-	    yes|no) ;;
+-	    *) AC_MSG_ERROR([need --with-ecdsa=[[yes or no]]]) ;;
+-	    esac
+-	    ;;
+-	esac
+ 	case $have_ecdsa in
+ 	yes)
+ 		OPENSSL_ECDSA="yes"
+@@ -1702,7 +1702,8 @@ int main() {
+ 	have_gost="yes"],
+ 	[AC_MSG_RESULT(no)
+ 	have_gost="no"],
+-	[AC_MSG_RESULT(using --with-gost)])
++	[AC_MSG_RESULT(using --with-gost)
++	have_gost=$with_gost])
+ 	case "$with_gost" in
+ 	yes)
+ 	    case "$have_gost" in
+@@ -1752,7 +1753,8 @@ int main() {
+ 	[AC_MSG_RESULT(yes)
+ 	 have_aes="yes"],
+ 	[AC_MSG_RESULT(no)])],
+-	[AC_MSG_RESULT(using --with-aes)])
++	[AC_MSG_RESULT(using --with-aes)
++	 have_aes=$with_aes])
+ 
+ 	ISC_OPENSSL_INC=""
+ 	ISC_OPENSSL_LIBS=""
+@@ -1765,8 +1767,7 @@ int main() {
+ 	OPENSSLLINKOBJS='${OPENSSLLINKOBJS}'
+ 	OPENSSLLINKSRCS='${OPENSSLLINKSRCS}'
+ 
+-	;;
+-esac
++fi
+ 
+ #
+ # This would include the system openssl path (and linker options to use
author	Mike Frysinger <vapier@gentoo.org>	2015-05-26 03:01:00 +0000
committer	Mike Frysinger <vapier@gentoo.org>	2015-05-26 03:01:00 +0000
commit	98ad1ac359ab97db3dbc1deb5be3a2f1b33af334 (patch)
tree	1463f2e4f548c368dcf6d4791de81922c2602502 /net-dns
parent	Bump (diff)
download	gentoo-2-98ad1ac359ab97db3dbc1deb5be3a2f1b33af334.tar.gz gentoo-2-98ad1ac359ab97db3dbc1deb5be3a2f1b33af334.tar.bz2 gentoo-2-98ad1ac359ab97db3dbc1deb5be3a2f1b33af334.zip