Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/dev-libs
diff options
context:
space:
mode:
Diffstat (limited to 'dev-libs')
-rw-r--r--dev-libs/openssl/ChangeLog14
-rw-r--r--dev-libs/openssl/Manifest14
-rw-r--r--dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch28
-rw-r--r--dev-libs/openssl/openssl-0.9.8g-r1.ebuild188
4 files changed, 241 insertions, 3 deletions
diff --git a/dev-libs/openssl/ChangeLog b/dev-libs/openssl/ChangeLog
index dec809403b64..c34e44e9ad9b 100644
--- a/dev-libs/openssl/ChangeLog
+++ b/dev-libs/openssl/ChangeLog
@@ -1,6 +1,16 @@
# ChangeLog for dev-libs/openssl
-# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.257 2007/12/24 17:22:17 vapier Exp $
+# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.258 2008/03/25 00:27:14 cardoe Exp $
+
+*openssl-0.9.8g-r1 (25 Mar 2008)
+
+ 25 Mar 2008; Doug Goldstein <cardoe@gentoo.org>
+ +files/openssl-0.9.8g-sslv3-no-tlsext.patch, +openssl-0.9.8g-r1.ebuild:
+ Patch from OpenSSL's bug tracker not to send TLS Extensions on SSLv3 only
+ connections, while not explicitly against the SSL spec, several SSL
+ implementations can not handle it. Patch by Kaspar Brand
+ <ossl-rt@velox.ch> from http://rt.openssl.org/Ticket/Display.html?id=1629.
+ Resolves bug #198914
24 Dec 2007; Mike Frysinger <vapier@gentoo.org> openssl-0.9.8g.ebuild:
Dont force src_test any longer as things seem to be sane.
diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest
index 0a989a649af2..d920ffe6037b 100644
--- a/dev-libs/openssl/Manifest
+++ b/dev-libs/openssl/Manifest
@@ -1,3 +1,6 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
AUX gentoo.config-0.9.8 3157 RMD160 794fbfe1b01dff11a2722148e62274f38a242ef5 SHA1 fe9ee8b36dab783201a75d853f15dba6758787b6 SHA256 d34e75afa3e3661d29f8a7b0af8e7e47d39c7ba5db3b0e9cc48d6e41c58e94ed
AUX openssl-0.9.7-alpha-default-gcc.patch 533 RMD160 ea2d91421aa4d3f463034b40c2c81c195a71c0dd SHA1 f5ee85db45ab80b66225a222c7655b74760b94fe SHA256 814ae7c09359414e7dcd96008c82d868fba0565de2d1b3e6a4275f8cdbeefb5c
AUX openssl-0.9.7e-gentoo.patch 460 RMD160 60969fd05a15fe00d0d1c27b9098acfde28ba65e SHA1 73ff3c336dfdbeed903ac7b82486674ab4ec66a2 SHA256 ddb8d47429f3aadf3f5142293a2c38cbb9eb3927edfd1b497771337c48a11641
@@ -15,12 +18,21 @@ AUX openssl-0.9.8e-bsd-sparc64.patch 1666 RMD160 fa3ac81b409fa908949185805f733fd
AUX openssl-0.9.8e-make.patch 794 RMD160 2a99f48ef103fa369cc8c513efcc0330eb855b7d SHA1 b6b93f6db5f6519312b35df268eab51c2c3ca988 SHA256 f318fdebb6e035185c2bba2513ceac81f5cd229c1426e16ea4faed528f7795be
AUX openssl-0.9.8e-padlock-O0.patch 844 RMD160 e53dccc662c27a8a62fb45649f567f68394802f2 SHA1 aa6b069997c523738a068d6ce462e5f8bba1844a SHA256 f9ae47c6459d655707adb73333963a6dcd923c82d36cb34949bcc31e5aefc6d4
AUX openssl-0.9.8f-fix-version.patch 445 RMD160 ab3136992eb4028bff06bbc35322a1c2621485e8 SHA1 7a53632a9e13e00737930b22068d88b57879c925 SHA256 73d9952fc7032099a03b3b7fa143229646ae6e52394b4facd043afbce65658f1
+AUX openssl-0.9.8g-sslv3-no-tlsext.patch 848 RMD160 37bad7b70fd0bdae91fffe337dcbe820b371a163 SHA1 32043ee7841bd95bc647efa8fd7ecb5dcc2fa223 SHA256 d61299ab9b5f96f37979d60ea8e65430c59ef3242627de50be8e2fc87c8753be
DIST openssl-0.9.8e.tar.gz 3341665 RMD160 c1a498606dc0fc7219376b950fab6b53687466db SHA1 b429872d2a287714ab37e42296e6a5fbe23d32ff SHA256 414e8428b95fbc51707965fda31390497d058290356426bfe084b49464a60340
DIST openssl-0.9.8f.tar.gz 3357445 RMD160 ad0d9d8b238dbede1aa6b76256d11038bd281e05 SHA1 e8716370093b112763ace0c66c06a0d6049e413b SHA256 be5afd386f5d7acff019acaf46cdaad89a8b42cc9cee85d1adb2774627f32b42
DIST openssl-0.9.8g.tar.gz 3354792 RMD160 f080a32da9becdc8b98c38744d62c6fd8664f603 SHA1 4e9c5ced466715d18fd924de79bde5c15da80fa1 SHA256 0e26886845de95716c9f1b9b75c0e06e9d4075d2bdc9e11504eaa5f7ee901cf0
EBUILD openssl-0.9.8e-r3.ebuild 5834 RMD160 61635cc5dcc3bad24f8a0034bd23bed23b1bd82b SHA1 9d5ff9a41e77e0dfd960d43abe0e37b01a0f7e00 SHA256 6be488a5e215a94656cbc5f9fb20edd04155a3525be1437ac9ae296bd9adaaf2
EBUILD openssl-0.9.8e-r4.ebuild 6557 RMD160 ad9946a39fd4beb295b35a4b10bfc06fc0c77099 SHA1 e62202b0ec42ce354413fbf486870bdf6df95867 SHA256 c6a8090276ba069dc50cb21fe07437166f0cd1d456e8d9fd20e82bc732ec3559
EBUILD openssl-0.9.8f.ebuild 6215 RMD160 7af3dc8ed2b30206ff44e8d80af0c585cc7cea51 SHA1 12dc43a8baf204c3ac724344652c95ce0f8f4bed SHA256 4ffbdf05b8ea00618d3868a8a265220ff25bb5b1d8d58b150b3b6a5868e03fca
+EBUILD openssl-0.9.8g-r1.ebuild 6149 RMD160 9188744b2010b21b8eb3d3fe209332dbc5285782 SHA1 f4c9830fda899bccec7508aaaafb939170d959fe SHA256 72e43cdcdc83ac40feea9d4e26ff5d12ecc67cb29d15a2ab5272a24deea3f580
EBUILD openssl-0.9.8g.ebuild 6077 RMD160 07ea4dfe719b7a2179a5bb673eb169dc8dd8c92d SHA1 b071486e64127272af05aef4c7ac295775266574 SHA256 8745ab99de8a1ecf30ab1e1267e0117a5e11bea567696b7d0b06d867d6a62e06
-MISC ChangeLog 38252 RMD160 14a56be169ac218c229199e000f0f26c1e2d8752 SHA1 c3bb51a67de4cb3dd594c2cb4c42fdb3329524f7 SHA256 8912109a285e9b7eeefbada406ba3b248d97897671f6c27e747621aa14f2660b
+MISC ChangeLog 38716 RMD160 c120722c92a48df9b9bc5bc2e612c4e5be0a8f03 SHA1 11f1de0847c741406a6cbce88a6328946e672e65 SHA256 f64123a26ca23b6744ab67fcfe6b35a82db3acd291acdba7024e7b1a4614b50f
MISC metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 SHA1 9c213f5803676c56439df3716be07d6692588856 SHA256 f5f2891f2a4791cd31350bb2bb572131ad7235cd0eeb124c9912c187ac10ce92
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.7 (GNU/Linux)
+
+iD8DBQFH6EbwoeSe8B0zEfwRAjTnAJ9fV9tZTnbCmd1d6eXL/Q7QRkdCnwCfZ7at
+Py9PyLdklWqUJMRBy+6Rx6Q=
+=Qt3Y
+-----END PGP SIGNATURE-----
diff --git a/dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch b/dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch
new file mode 100644
index 000000000000..4c3cd06f16eb
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch
@@ -0,0 +1,28 @@
+ndex: ssl/t1_lib.c
+===================================================================
+RCS file: /home/ossl-cvs/openssl/ssl/t1_lib.c,v
+retrieving revision 1.51
+diff -p -u -r1.51 t1_lib.c
+--- ssl/t1_lib.c 26 Oct 2007 12:06:35 -0000 1.51
++++ ssl/t1_lib.c 26 Feb 2008 18:02:50 -0000
+@@ -267,6 +267,10 @@ unsigned char *ssl_add_clienthello_tlsex
+ int extdatalen=0;
+ unsigned char *ret = p;
+
++ /* don't add extensions for SSLv3 */
++ if (s->client_version == SSL3_VERSION)
++ return p;
++
+ ret+=2;
+
+ if (ret>=limit) return NULL; /* this really never occurs, but ... */
+@@ -448,6 +452,10 @@ unsigned char *ssl_add_serverhello_tlsex
+ int extdatalen=0;
+ unsigned char *ret = p;
+
++ /* don't add extensions for SSLv3 */
++ if (s->version == SSL3_VERSION)
++ return p;
++
+ ret+=2;
+ if (ret>=limit) return NULL; /* this really never occurs, but ... */
diff --git a/dev-libs/openssl/openssl-0.9.8g-r1.ebuild b/dev-libs/openssl/openssl-0.9.8g-r1.ebuild
new file mode 100644
index 000000000000..ae5fa58b84bb
--- /dev/null
+++ b/dev-libs/openssl/openssl-0.9.8g-r1.ebuild
@@ -0,0 +1,188 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8g-r1.ebuild,v 1.1 2008/03/25 00:27:14 cardoe Exp $
+
+inherit eutils flag-o-matic toolchain-funcs
+
+DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1"
+HOMEPAGE="http://www.openssl.org/"
+SRC_URI="mirror://openssl/source/${P}.tar.gz"
+
+LICENSE="openssl"
+SLOT="0"
+KEYWORDS="-* ~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd"
+IUSE="bindist emacs gmp kerberos sse2 test zlib"
+
+RDEPEND="gmp? ( dev-libs/gmp )
+ zlib? ( sys-libs/zlib )
+ kerberos? ( app-crypt/mit-krb5 )"
+DEPEND="${RDEPEND}
+ sys-apps/diffutils
+ >=dev-lang/perl-5
+ test? ( sys-devel/bc )"
+PDEPEND="app-misc/ca-certificates"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ epatch "${FILESDIR}"/${PN}-0.9.7e-gentoo.patch
+ epatch "${FILESDIR}"/${PN}-0.9.7-alpha-default-gcc.patch
+ epatch "${FILESDIR}"/${PN}-0.9.8b-parallel-build.patch
+ epatch "${FILESDIR}"/${PN}-0.9.8-make-engines-dir.patch
+ epatch "${FILESDIR}"/${PN}-0.9.8-toolchain.patch
+ epatch "${FILESDIR}"/${PN}-0.9.8b-doc-updates.patch
+ epatch "${FILESDIR}"/${PN}-0.9.8-makedepend.patch #149583
+ epatch "${FILESDIR}"/${PN}-0.9.8e-make.patch #146316
+ epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch
+ epatch "${FILESDIR}"/${PN}-0.9.8g-sslv3-no-tlsext.patch
+
+ # allow openssl to be cross-compiled
+ cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed"
+ chmod a+rx gentoo.config
+
+ # Don't build manpages if we don't want them
+ has noman FEATURES \
+ && sed -i '/^install:/s:install_docs::' Makefile.org \
+ || sed -i '/^MANDIR=/s:=.*:=/usr/share/man:' Makefile.org
+
+ # Try to derice users and work around broken ass toolchains
+ if [[ $(gcc-major-version) == "3" ]] ; then
+ filter-flags -fprefetch-loop-arrays -freduce-all-givs -funroll-loops
+ [[ $(tc-arch) == "ppc64" ]] && replace-flags -O? -O
+ fi
+ [[ $(tc-arch) == ppc* ]] && append-flags -fno-strict-aliasing
+ append-flags -Wa,--noexecstack
+
+ # using a library directory other than lib requires some magic
+ sed -i \
+ -e "s+\(\$(INSTALL_PREFIX)\$(INSTALLTOP)\)/lib+\1/$(get_libdir)+g" \
+ -e "s+libdir=\$\${exec_prefix}/lib+libdir=\$\${exec_prefix}/$(get_libdir)+g" \
+ Makefile.org engines/Makefile \
+ || die "sed failed"
+ ./config --test-sanity || die "I AM NOT SANE"
+}
+
+src_compile() {
+ unset APPS #197996
+
+ tc-export CC AR RANLIB
+
+ # Clean out patent-or-otherwise-encumbered code
+ # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
+ # IDEA: 5,214,703 25/05/2010 http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
+ # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
+ # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
+ # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
+
+ use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; }
+ echoit() { echo "$@" ; "$@" ; }
+
+ local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
+
+ local sslout=$(./gentoo.config)
+ einfo "Use configuration ${sslout:-(openssl knows best)}"
+ local config="Configure"
+ [[ -z ${sslout} ]] && config="config"
+ echoit \
+ ./${config} \
+ ${sslout} \
+ $(use sse2 || echo "no-sse2") \
+ enable-camellia \
+ $(use_ssl !bindist ec) \
+ $(use_ssl !bindist idea) \
+ enable-mdc2 \
+ $(use_ssl !bindist rc5) \
+ enable-tlsext \
+ $(use_ssl gmp) \
+ $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
+ $(use_ssl zlib) \
+ $(use_ssl zlib zlib-dynamic) \
+ --prefix=/usr \
+ --openssldir=/etc/ssl \
+ shared threads \
+ || die "Configure failed"
+
+ # Clean out hardcoded flags that openssl uses
+ local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
+ -e 's:^CFLAG=::' \
+ -e 's:-fomit-frame-pointer ::g' \
+ -e 's:-O[0-9] ::g' \
+ -e 's:-march=[-a-z0-9]* ::g' \
+ -e 's:-mcpu=[-a-z0-9]* ::g' \
+ -e 's:-m[a-z0-9]* ::g' \
+ )
+ sed -i \
+ -e "/^CFLAG/s:=.*:=${CFLAG} ${CFLAGS}:" \
+ -e "/^SHARED_LDFLAGS=/s:$: ${LDFLAGS}:" \
+ Makefile || die
+
+ # depend is needed to use $confopts
+ # rehash is needed to prep the certs/ dir
+ emake -j1 depend || die "depend failed"
+ emake all rehash || die "make all failed"
+}
+
+src_test() {
+ # make sure sandbox doesnt die on *BSD
+ addpredict /dev/crypto
+
+ emake -j1 test || die "make test failed"
+}
+
+src_install() {
+ emake -j1 INSTALL_PREFIX="${D}" install || die
+ dodoc CHANGES* FAQ NEWS README doc/*.txt
+ dohtml doc/*
+
+ if use emacs ; then
+ insinto /usr/share/emacs/site-lisp
+ doins doc/c-indentation.el
+ fi
+
+ # create the certs directory
+ dodir /etc/ssl/certs
+ cp -RP certs/* "${D}"/etc/ssl/certs/ || die "failed to install certs"
+ rm -r "${D}"/etc/ssl/certs/{demo,expired}
+
+ # Namespace openssl programs to prevent conflicts with other man pages
+ cd "${D}"/usr/share/man
+ local m d s
+ for m in $(find . -type f | xargs grep -L '#include') ; do
+ d=${m%/*} ; d=${d#./} ; m=${m##*/}
+ [[ ${m} == openssl.1* ]] && continue
+ [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
+ mv ${d}/{,ssl-}${m}
+ ln -s ssl-${m} ${d}/openssl-${m}
+ # locate any symlinks that point to this man page ... we assume
+ # that any broken links are due to the above renaming
+ for s in $(find -L ${d} -type l) ; do
+ s=${s##*/}
+ rm -f ${d}/${s}
+ ln -s ssl-${m} ${d}/ssl-${s}
+ ln -s ssl-${s} ${d}/openssl-${s}
+ done
+ done
+ [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
+
+ diropts -m0700
+ keepdir /etc/ssl/private
+}
+
+pkg_preinst() {
+ preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.{6,7}
+}
+
+pkg_postinst() {
+ preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.{6,7}
+
+ if [[ ${CHOST} == i686* ]] ; then
+ ewarn "Due to the way openssl is architected, you cannot"
+ ewarn "switch between optimized versions without breaking"
+ ewarn "ABI. The default i686 0.9.8 ABI was an unoptimized"
+ ewarn "version with horrible performance. This version uses"
+ ewarn "the optimized ABI. If you experience segfaults when"
+ ewarn "using ssl apps (like openssh), just re-emerge the"
+ ewarn "offending package."
+ fi
+}