From: "Doug Goldstein" <cardoe@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: dev-libs/openssl/, dev-libs/openssl/files/
Date: Fri, 26 Feb 2016 22:46:39 +0000 (UTC) [thread overview]
Message-ID: <1456526758.e47b9611f34d6141b0e389e94e0b84135afa25ba.cardoe@gentoo> (raw)
commit: e47b9611f34d6141b0e389e94e0b84135afa25ba
Author: Doug Goldstein <cardoe <AT> gentoo <DOT> org>
AuthorDate: Fri Feb 26 22:45:58 2016 +0000
Commit: Doug Goldstein <cardoe <AT> gentoo <DOT> org>
CommitDate: Fri Feb 26 22:45:58 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e47b9611
dev-libs/openssl: remove vulnerable versions
Due to multiple vulnerabilities remove outdated versions of OpenSSL.
Gentoo-Bug: 567476
Package-Manager: portage-2.2.26
Signed-off-by: Doug Goldstein <cardoe <AT> gentoo.org>
dev-libs/openssl/Manifest | 4 -
.../openssl/files/openssl-1.0.0h-pkg-config.patch | 34 --
...enssl-1.0.1f-revert-alpha-perl-generation.patch | 84 ---
dev-libs/openssl/files/openssl-1.0.1m-ipv6.patch | 618 ---------------------
dev-libs/openssl/files/openssl-1.0.1m-x32.patch | 66 ---
.../files/openssl-1.0.1p-parallel-build.patch | 359 ------------
dev-libs/openssl/files/openssl-1.0.1r-x32.patch | 66 ---
dev-libs/openssl/openssl-1.0.1p.ebuild | 259 ---------
dev-libs/openssl/openssl-1.0.1r.ebuild | 256 ---------
dev-libs/openssl/openssl-1.0.2e.ebuild | 265 ---------
10 files changed, 2011 deletions(-)
diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest
index ddc4c31..5decc0a 100644
--- a/dev-libs/openssl/Manifest
+++ b/dev-libs/openssl/Manifest
@@ -1,7 +1,3 @@
DIST openssl-0.9.8zg.tar.gz 3826891 SHA256 06500060639930e471050474f537fcd28ec934af92ee282d78b52460fbe8f580 SHA512 c757454de321d168ac6d89fe2859966a9f07a8b28305bf697af9018db13fc457e0883346b3d35977461ab058442375563554ecb2a8756a687ff9fc2fdd9103c9 WHIRLPOOL 55ecf50a264a2ddd9b5755b5d90b9b736d2f27e0ba2fd529ccff3b68bbd726d1f60460182a0d215ae6712dbc4d3ef2df11339fb2d8424e049f54c3e904fcfab0
DIST openssl-0.9.8zh.tar.gz 3818524 SHA256 f1d9f3ed1b85a82ecf80d0e2d389e1fda3fca9a4dba0bf07adbf231e1a5e2fd6 SHA512 b97fa2468211f86c0719c68ad1781eff84f772c479ed5193d6da14bac086b4ca706e7d851209d9df3f0962943b5e5333ab0def00110fb2e517caa73c0c6674c6 WHIRLPOOL 8ed3362e6aed89cd6ae02438bc3fb58ff3a91afb8a2d401d1d66c1ee4fd96f4befb50558131dd03a60fc15b588172fc1ede5d56bb1f68e184453bfe3b34f9abf
-DIST openssl-1.0.1p.tar.gz 4560208 SHA256 bd5ee6803165c0fb60bbecbacacf244f1f90d2aa0d71353af610c29121e9b2f1 SHA512 64e475c53a85b78de7c5aa71a22d4bb3a456142842373ebf8f22e9857cb0352b646e591b21af866933baecdbdb5ac4a22aeb64914440c53a0f30cd25914029e5 WHIRLPOOL 2a81f3b9274e3fef37a2a88e3084d8283159b3a61db08e7805879905c87a74faa85bc6e570d18525741bd5c27c34fe09eeb58b2bfe500545d0f304716e14f819
-DIST openssl-1.0.1r.tar.gz 4547786 SHA256 784bd8d355ed01ce98b812f873f8b2313da61df7c7b5677fcf2e57b0863a3346 SHA512 7a5a2efe5d9421ea6f4f86f75ed40b4459b3825355ad18da3bdba28393bc50a6f457b2e1f11a31828f1af0d62a716d258ac7868fb719c9997f3bc750a1723e86 WHIRLPOOL de9c92f5ddb9bcaac967ac735696e739f5762b7d3a0b2430dbfa0c6cd7ac021fdf3c3257255a2fe995f24aa3550d59ce3067f030f09acc5d43b61dfda627686a
-DIST openssl-1.0.2e.tar.gz 5256555 SHA256 e23ccafdb75cfcde782da0151731aa2185195ac745eea3846133f2e05c0e0bff SHA512 b73f114a117ccab284cf5891dac050e3016d28e0b1fc71639442cdb42accef676115af90a12deff4bcc1f599cc0cbdeb38142cbf4570bd7d03634786ad32c95f WHIRLPOOL 8e1c1800a66f57fa78dc391e717e4b2bdf0e6e37a837c5ac033d7a4b1a6437451c7e7540c4ec2f75f936a2d2ef4f9293b42c76f51b0c9c93706639589612f196
DIST openssl-1.0.2f.tar.gz 5258384 SHA256 932b4ee4def2b434f85435d9e3e19ca8ba99ce9a065a61524b429a9d5e9b2e9c SHA512 50abf6dc94cafd06e7fd20770808bdc675c88daa369e4f752bd584ab17f72a57357c1ca1eca3c83e6745b5a3c9c73c99dce70adaa904d73f6df4c75bc7138351 WHIRLPOOL 179e1b5ad38c50a4c8110024aa7b33c53634c39690917e3bf5c2099548430beef96132ae9f9588ff0cedd6e08bb216a8d36835baaaa04e506fb3fbaed37d31c9
-DIST openssl-c_rehash.sh.1.7 4167 SHA256 4999ee79892f52bd6a4a7baba9fac62262454d573bbffd72685d3aae9e48cee0 SHA512 55e8c2e827750a4f375cb83c86bfe2d166c01ffa5d7e9b16657b72b38b747c8985dd2c98f854c911dfbbee2ff3e92aff39fdf089d979b2e3534b7685ee8b80da WHIRLPOOL c88f06a3b8651f76b6289552cccceb64e13f6697c5f0ce3ff114c781ce1c218912b8ee308af9d087cd76a9600fdacda1953175bff07d7d3eb21b0c0b7f4f1ce1
diff --git a/dev-libs/openssl/files/openssl-1.0.0h-pkg-config.patch b/dev-libs/openssl/files/openssl-1.0.0h-pkg-config.patch
deleted file mode 100644
index 66fd822..0000000
--- a/dev-libs/openssl/files/openssl-1.0.0h-pkg-config.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-https://rt.openssl.org/Ticket/Display.html?id=3332&user=guest&pass=guest
-
-depend on other pc files rather than encoding library info directly in
-every pkg-config file
-
---- a/Makefile.org
-+++ b/Makefile.org
-@@ -335,11 +335,11 @@ libssl.pc: Makefile
- echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
- echo 'includedir=$${prefix}/include'; \
- echo ''; \
-- echo 'Name: OpenSSL'; \
-+ echo 'Name: OpenSSL-libssl'; \
- echo 'Description: Secure Sockets Layer and cryptography libraries'; \
- echo 'Version: '$(VERSION); \
-- echo 'Requires: '; \
-- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
-+ echo 'Requires.private: libcrypto'; \
-+ echo 'Libs: -L$${libdir} -lssl'; \
- echo 'Libs.private: $(EX_LIBS)'; \
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
-
-@@ -352,10 +353,7 @@ openssl.pc: Makefile
- echo 'Name: OpenSSL'; \
- echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
- echo 'Version: '$(VERSION); \
-- echo 'Requires: '; \
-- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
-- echo 'Libs.private: $(EX_LIBS)'; \
-- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
-+ echo 'Requires: libssl libcrypto' ) > openssl.pc
-
- Makefile: Makefile.org Configure config
- @echo "Makefile is older than Makefile.org, Configure or config."
diff --git a/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch b/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch
deleted file mode 100644
index 1a942d2..0000000
--- a/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch
+++ /dev/null
@@ -1,84 +0,0 @@
-https://bugs.gentoo.org/499086
-https://rt.openssl.org/Ticket/Display.html?id=3333&user=guest&pass=guest
-
-when gcc is given a .s file and told to preprocess it, it outputs nothing
-
-From a2976461784ce463fc7f336cd0dce607d21c2fad Mon Sep 17 00:00:00 2001
-From: Mike Frysinger <vapier@gentoo.org>
-Date: Sat, 25 Jan 2014 05:44:47 -0500
-Subject: [PATCH] Revert "Make Makefiles OSF-make-friendly."
-
-This reverts commit d1cf23ac86c05b22b8780e2c03b67230564d2d34.
----
- crypto/Makefile | 4 +---
- crypto/bn/Makefile | 4 +---
- crypto/evp/Makefile | 2 +-
- crypto/modes/Makefile | 5 +----
- crypto/sha/Makefile | 4 +---
- util/shlib_wrap.sh | 6 +-----
- 6 files changed, 6 insertions(+), 19 deletions(-)
-
-diff --git a/crypto/Makefile b/crypto/Makefile
-index b253f50..1de9d5f 100644
---- a/crypto/Makefile
-+++ b/crypto/Makefile
-@@ -86,9 +86,7 @@ ia64cpuid.s: ia64cpuid.S; $(CC) $(CFLAGS) -E ia64cpuid.S > $@
- ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
- pariscid.s: pariscid.pl; $(PERL) pariscid.pl $(PERLASM_SCHEME) $@
- alphacpuid.s: alphacpuid.pl
-- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
-- $(PERL) alphacpuid.pl > $$preproc && \
-- $(CC) -E $$preproc > $@ && rm $$preproc)
-+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
-
- subdirs:
- @target=all; $(RECURSIVE_MAKE)
-diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile
-index b62b676..6c03363 100644
---- a/crypto/bn/Makefile
-+++ b/crypto/bn/Makefile
-@@ -136,9 +136,7 @@ ppc-mont.s: asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
- ppc64-mont.s: asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
-
- alpha-mont.s: asm/alpha-mont.pl
-- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
-- $(PERL) asm/alpha-mont.pl > $$preproc && \
-- $(CC) -E $$preproc > $@ && rm $$preproc)
-+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
-
- # GNU make "catch all"
- %-mont.S: asm/%-mont.pl; $(PERL) $< $(PERLASM_SCHEME) $@
-diff --git a/crypto/modes/Makefile b/crypto/modes/Makefile
-index ce0dcd6..88ac65e 100644
---- a/crypto/modes/Makefile
-+++ b/crypto/modes/Makefile
-@@ -55,10 +55,7 @@ aesni-gcm-x86_64.s: asm/aesni-gcm-x86_64.pl
- ghash-sparcv9.s: asm/ghash-sparcv9.pl
- $(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS)
- ghash-alpha.s: asm/ghash-alpha.pl
-- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
-- $(PERL) asm/ghash-alpha.pl > $$preproc && \
-- $(CC) -E $$preproc > $@ && rm $$preproc)
--
-+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
- ghash-parisc.s: asm/ghash-parisc.pl
- $(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@
-
-diff --git a/crypto/sha/Makefile b/crypto/sha/Makefile
-index 64eab6c..63fba69 100644
---- a/crypto/sha/Makefile
-+++ b/crypto/sha/Makefile
-@@ -60,9 +60,7 @@ sha256-armv4.S: asm/sha256-armv4.pl
- $(PERL) $< $(PERLASM_SCHEME) $@
-
- sha1-alpha.s: asm/sha1-alpha.pl
-- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
-- $(PERL) asm/sha1-alpha.pl > $$preproc && \
-- $(CC) -E $$preproc > $@ && rm $$preproc)
-+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
-
- # Solaris make has to be explicitly told
- sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@
---
-1.8.5.3
-
diff --git a/dev-libs/openssl/files/openssl-1.0.1m-ipv6.patch b/dev-libs/openssl/files/openssl-1.0.1m-ipv6.patch
deleted file mode 100644
index 34a7e53..0000000
--- a/dev-libs/openssl/files/openssl-1.0.1m-ipv6.patch
+++ /dev/null
@@ -1,618 +0,0 @@
-http://rt.openssl.org/Ticket/Display.html?id=2051&user=guest&pass=guest
-
-Forward ported from openssl-1.0.1h-ipv6.patch
-
-Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
-
---- openssl-1.0.1m/apps/s_apps.h
-+++ openssl-1.0.1m/apps/s_apps.h
-@@ -153,7 +153,7 @@ typedef fd_mask fd_set;
-
- int do_server(int port, int type, int *ret,
- int (*cb) (char *hostname, int s, unsigned char *context),
-- unsigned char *context);
-+ unsigned char *context, int use_ipv4, int use_ipv6);
- #ifdef HEADER_X509_H
- int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
- #endif
-@@ -161,7 +161,8 @@ int MS_CALLBACK verify_callback(int ok,
- int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
- int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
- #endif
--int init_client(int *sock, char *server, int port, int type);
-+int init_client(int *sock, char *server, int port, int type,
-+ int use_ipv4, int use_ipv6);
- int should_retry(int i);
- int extract_port(char *str, short *port_ptr);
- int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
---- openssl-1.0.1m/apps/s_client.c
-+++ openssl-1.0.1m/apps/s_client.c
-@@ -299,6 +299,10 @@ static void sc_usage(void)
- {
- BIO_printf(bio_err, "usage: s_client args\n");
- BIO_printf(bio_err, "\n");
-+ BIO_printf(bio_err," -4 - use IPv4 only\n");
-+#if OPENSSL_USE_IPV6
-+ BIO_printf(bio_err," -6 - use IPv6 only\n");
-+#endif
- BIO_printf(bio_err, " -host host - use -connect instead\n");
- BIO_printf(bio_err, " -port port - use -connect instead\n");
- BIO_printf(bio_err,
-@@ -629,6 +633,7 @@ int MAIN(int argc, char **argv)
- int sbuf_len, sbuf_off;
- fd_set readfds, writefds;
- short port = PORT;
-+ int use_ipv4, use_ipv6;
- int full_log = 1;
- char *host = SSL_HOST_NAME;
- char *cert_file = NULL, *key_file = NULL;
-@@ -673,7 +678,11 @@ int MAIN(int argc, char **argv)
- #endif
- char *sess_in = NULL;
- char *sess_out = NULL;
-- struct sockaddr peer;
-+#if OPENSSL_USE_IPV6
-+ struct sockaddr_storage peer;
-+#else
-+ struct sockaddr_in peer;
-+#endif
- int peerlen = sizeof(peer);
- int fallback_scsv = 0;
- int enable_timeouts = 0;
-@@ -689,6 +698,13 @@ int MAIN(int argc, char **argv)
-
- meth = SSLv23_client_method();
-
-+ use_ipv4 = 1;
-+#if OPENSSL_USE_IPV6
-+ use_ipv6 = 1;
-+#else
-+ use_ipv6 = 0;
-+#endif
-+
- apps_startup();
- c_Pause = 0;
- c_quiet = 0;
-@@ -985,6 +1001,16 @@ int MAIN(int argc, char **argv)
- jpake_secret = *++argv;
- }
- #endif
-+ else if (strcmp(*argv,"-4") == 0) {
-+ use_ipv4 = 1;
-+ use_ipv6 = 0;
-+ }
-+#if OPENSSL_USE_IPV6
-+ else if (strcmp(*argv,"-6") == 0) {
-+ use_ipv4 = 0;
-+ use_ipv6 = 1;
-+ }
-+#endif
- #ifndef OPENSSL_NO_SRTP
- else if (strcmp(*argv, "-use_srtp") == 0) {
- if (--argc < 1)
-@@ -1256,7 +1282,7 @@ int MAIN(int argc, char **argv)
-
- re_start:
-
-- if (init_client(&s, host, port, socket_type) == 0) {
-+ if (init_client(&s, host, port, socket_type, use_ipv4, use_ipv6) == 0) {
- BIO_printf(bio_err, "connect:errno=%d\n", get_last_socket_error());
- SHUTDOWN(s);
- goto end;
-@@ -1279,7 +1305,7 @@ int MAIN(int argc, char **argv)
- if (SSL_version(con) == DTLS1_VERSION) {
-
- sbio = BIO_new_dgram(s, BIO_NOCLOSE);
-- if (getsockname(s, &peer, (void *)&peerlen) < 0) {
-+ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0) {
- BIO_printf(bio_err, "getsockname:errno=%d\n",
- get_last_socket_error());
- SHUTDOWN(s);
---- openssl-1.0.1m/apps/s_server.c
-+++ openssl-1.0.1m/apps/s_server.c
-@@ -609,6 +609,10 @@ static void sv_usage(void)
- " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
- # endif
- #endif
-+ BIO_printf(bio_err," -4 - use IPv4 only\n");
-+#if OPENSSL_USE_IPV6
-+ BIO_printf(bio_err," -6 - use IPv6 only\n");
-+#endif
- BIO_printf(bio_err,
- " -keymatexport label - Export keying material using label\n");
- BIO_printf(bio_err,
-@@ -1003,6 +1007,7 @@ int MAIN(int argc, char *argv[])
- int state = 0;
- const SSL_METHOD *meth = NULL;
- int socket_type = SOCK_STREAM;
-+ int use_ipv4, use_ipv6;
- ENGINE *e = NULL;
- char *inrand = NULL;
- int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
-@@ -1031,6 +1036,13 @@ int MAIN(int argc, char *argv[])
- #endif
- meth = SSLv23_server_method();
-
-+ use_ipv4 = 1;
-+#if OPENSSL_USE_IPV6
-+ use_ipv6 = 1;
-+#else
-+ use_ipv6 = 0;
-+#endif
-+
- local_argc = argc;
- local_argv = argv;
-
-@@ -1356,6 +1368,16 @@ int MAIN(int argc, char *argv[])
- jpake_secret = *(++argv);
- }
- #endif
-+ else if (strcmp(*argv,"-4") == 0) {
-+ use_ipv4 = 1;
-+ use_ipv6 = 0;
-+ }
-+#if OPENSSL_USE_IPV6
-+ else if (strcmp(*argv,"-6") == 0) {
-+ use_ipv4 = 0;
-+ use_ipv6 = 1;
-+ }
-+#endif
- #ifndef OPENSSL_NO_SRTP
- else if (strcmp(*argv, "-use_srtp") == 0) {
- if (--argc < 1)
-@@ -1850,9 +1872,11 @@ int MAIN(int argc, char *argv[])
- BIO_printf(bio_s_out, "ACCEPT\n");
- (void)BIO_flush(bio_s_out);
- if (www)
-- do_server(port, socket_type, &accept_socket, www_body, context);
-+ do_server(port, socket_type, &accept_socket, www_body, context,
-+ use_ipv4, use_ipv6);
- else
-- do_server(port, socket_type, &accept_socket, sv_body, context);
-+ do_server(port, socket_type, &accept_socket, sv_body, context,
-+ use_ipv4, use_ipv6);
- print_stats(bio_s_out, ctx);
- ret = 0;
- end:
---- openssl-1.0.1m/apps/s_socket.c
-+++ openssl-1.0.1m/apps/s_socket.c
-@@ -101,16 +101,16 @@ typedef unsigned int u_int;
- # include "netdb.h"
- # endif
-
--static struct hostent *GetHostByName(char *name);
-+static struct hostent *GetHostByName(char *name, int domain);
- # if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
- static void ssl_sock_cleanup(void);
- # endif
- static int ssl_sock_init(void);
--static int init_client_ip(int *sock, unsigned char ip[4], int port, int type);
--static int init_server(int *sock, int port, int type);
--static int init_server_long(int *sock, int port, char *ip, int type);
-+static int init_client_ip(int *sock, unsigned char *ip, int port, int type, int domain);
-+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6);
-+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6);
- static int do_accept(int acc_sock, int *sock, char **host);
--static int host_ip(char *str, unsigned char ip[4]);
-+static int host_ip(char *str, unsigned char *ip, int domain);
-
- # ifdef OPENSSL_SYS_WIN16
- # define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
-@@ -231,38 +231,66 @@ static int ssl_sock_init(void)
- return (1);
- }
-
--int init_client(int *sock, char *host, int port, int type)
-+int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6)
- {
-+#if OPENSSL_USE_IPV6
-+ unsigned char ip[16];
-+#else
- unsigned char ip[4];
-+#endif
-
-- memset(ip, '\0', sizeof ip);
-- if (!host_ip(host, &(ip[0])))
-- return 0;
-- return init_client_ip(sock, ip, port, type);
--}
--
--static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
--{
-- unsigned long addr;
-+ if (use_ipv4)
-+ if (host_ip(host,ip,AF_INET))
-+ return(init_client_ip(sock,ip,port,type,AF_INET));
-+#if OPENSSL_USE_IPV6
-+ if (use_ipv6)
-+ if (host_ip(host,ip,AF_INET6))
-+ return(init_client_ip(sock,ip,port,type,AF_INET6));
-+#endif
-+ return 0;
-+}
-+
-+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain)
-+{
-+#if OPENSSL_USE_IPV6
-+ struct sockaddr_storage them;
-+ struct sockaddr_in *them_in = (struct sockaddr_in *)&them;
-+ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them;
-+#else
- struct sockaddr_in them;
-+ struct sockaddr_in *them_in = &them;
-+#endif
-+ socklen_t addr_len;
- int s, i;
-
- if (!ssl_sock_init())
- return (0);
-
- memset((char *)&them, 0, sizeof(them));
-- them.sin_family = AF_INET;
-- them.sin_port = htons((unsigned short)port);
-- addr = (unsigned long)
-- ((unsigned long)ip[0] << 24L) |
-- ((unsigned long)ip[1] << 16L) |
-- ((unsigned long)ip[2] << 8L) | ((unsigned long)ip[3]);
-- them.sin_addr.s_addr = htonl(addr);
-+ if (domain == AF_INET) {
-+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
-+ them_in->sin_family=AF_INET;
-+ them_in->sin_port=htons((unsigned short)port);
-+#ifndef BIT_FIELD_LIMITS
-+ memcpy(&them_in->sin_addr.s_addr, ip, 4);
-+#else
-+ memcpy(&them_in->sin_addr, ip, 4);
-+#endif
-+ } else {
-+#if OPENSSL_USE_IPV6
-+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
-+ them_in6->sin6_family=AF_INET6;
-+ them_in6->sin6_port=htons((unsigned short)port);
-+ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr));
-+ }
-+#else
-+ return(0);
-+#endif
-
- if (type == SOCK_STREAM)
-- s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
-+ s = socket(domain, SOCK_STREAM, SOCKET_PROTOCOL);
- else /* ( type == SOCK_DGRAM) */
-- s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
-+ s = socket(domain, SOCK_DGRAM, IPPROTO_UDP);
-
- if (s == INVALID_SOCKET) {
- perror("socket");
-@@ -280,7 +308,7 @@ static int init_client_ip(int *sock, uns
- }
- # endif
-
-- if (connect(s, (struct sockaddr *)&them, sizeof(them)) == -1) {
-+ if (connect(s, (struct sockaddr *)&them, addr_len) == -1) {
- closesocket(s);
- perror("connect");
- return (0);
-@@ -291,14 +319,14 @@ static int init_client_ip(int *sock, uns
-
- int do_server(int port, int type, int *ret,
- int (*cb) (char *hostname, int s, unsigned char *context),
-- unsigned char *context)
-+ unsigned char *context, int use_ipv4, int use_ipv6)
- {
- int sock;
- char *name = NULL;
- int accept_socket = 0;
- int i;
-
-- if (!init_server(&accept_socket, port, type))
-+ if (!init_server(&accept_socket, port, type, use_ipv4, use_ipv6))
- return (0);
-
- if (ret != NULL) {
-@@ -325,32 +353,45 @@ int do_server(int port, int type, int *r
- }
- }
-
--static int init_server_long(int *sock, int port, char *ip, int type)
-+static int init_server_long(int *sock, int port, char *ip, int type,
-+ int use_ipv4, int use_ipv6)
- {
- int ret = 0;
-+ int domain;
-+#if OPENSSL_USE_IPV6
-+ struct sockaddr_storage server;
-+ struct sockaddr_in *server_in = (struct sockaddr_in *)&server;
-+ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server;
-+#else
- struct sockaddr_in server;
-+ struct sockaddr_in *server_in = &server;
-+#endif
-+ socklen_t addr_len;
- int s = -1;
-
-+ if (!use_ipv4 && !use_ipv6)
-+ goto err;
-+#if OPENSSL_USE_IPV6
-+ /*
-+ * we are fine here
-+ */
-+#else
-+ if (use_ipv6)
-+ goto err;
-+#endif
- if (!ssl_sock_init())
- return (0);
-
-- memset((char *)&server, 0, sizeof(server));
-- server.sin_family = AF_INET;
-- server.sin_port = htons((unsigned short)port);
-- if (ip == NULL)
-- server.sin_addr.s_addr = INADDR_ANY;
-- else
--/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
--# ifndef BIT_FIELD_LIMITS
-- memcpy(&server.sin_addr.s_addr, ip, 4);
-+#if OPENSSL_USE_IPV6
-+ domain = use_ipv6 ? AF_INET6 : AF_INET;
- # else
-- memcpy(&server.sin_addr, ip, 4);
-+ domain = AF_INET;
- # endif
-
- if (type == SOCK_STREAM)
-- s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
-+ s = socket(domain, SOCK_STREAM, SOCKET_PROTOCOL);
- else /* type == SOCK_DGRAM */
-- s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
-+ s = socket(domain, SOCK_DGRAM, IPPROTO_UDP);
-
- if (s == INVALID_SOCKET)
- goto err;
-@@ -360,7 +401,44 @@ static int init_server_long(int *sock, i
- setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof j);
- }
- # endif
-- if (bind(s, (struct sockaddr *)&server, sizeof(server)) == -1) {
-+#if OPENSSL_USE_IPV6
-+ if ((use_ipv4 == 0) && (use_ipv6 == 1)) {
-+ const int on = 1;
-+
-+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY,
-+ (const void *) &on, sizeof(int));
-+ }
-+#endif
-+ if (domain == AF_INET) {
-+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
-+ memset(server_in, 0, sizeof(struct sockaddr_in));
-+ server_in->sin_family=AF_INET;
-+ server_in->sin_port = htons((unsigned short)port);
-+ if (ip == NULL)
-+ server_in->sin_addr.s_addr = htonl(INADDR_ANY);
-+ else
-+/*
-+ * Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov)
-+ */
-+#ifndef BIT_FIELD_LIMITS
-+ memcpy(&server_in->sin_addr.s_addr, ip, 4);
-+#else
-+ memcpy(&server_in->sin_addr, ip, 4);
-+#endif
-+ }
-+#if OPENSSL_USE_IPV6
-+ else {
-+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
-+ memset(server_in6, 0, sizeof(struct sockaddr_in6));
-+ server_in6->sin6_family = AF_INET6;
-+ server_in6->sin6_port = htons((unsigned short)port);
-+ if (ip == NULL)
-+ server_in6->sin6_addr = in6addr_any;
-+ else
-+ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr));
-+ }
-+#endif
-+ if (bind(s, (struct sockaddr *)&server, addr_len) == -1) {
- # ifndef OPENSSL_SYS_WINDOWS
- perror("bind");
- # endif
-@@ -378,16 +456,24 @@ static int init_server_long(int *sock, i
- return (ret);
- }
-
--static int init_server(int *sock, int port, int type)
-+static int init_server(int *sock, int port, int type,
-+ int use_ipv4, int use_ipv6)
- {
-- return (init_server_long(sock, port, NULL, type));
-+ return (init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6));
- }
-
- static int do_accept(int acc_sock, int *sock, char **host)
- {
- int ret;
- struct hostent *h1, *h2;
-+#if OPENSSL_USE_IPV6
-+ struct sockaddr_storage from;
-+ struct sockaddr_in *from_in = (struct sockaddr_in *)&from;
-+ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from;
-+#else
- static struct sockaddr_in from;
-+ struct sockaddr_in *from_in = &from;
-+#endif
- int len;
- /* struct linger ling; */
-
-@@ -437,14 +523,24 @@ static int do_accept(int acc_sock, int *
-
- if (host == NULL)
- goto end;
-+#if OPENSSL_USE_IPV6
-+ if (from.ss_family == AF_INET)
-+#else
-+ if (from.sin_family == AF_INET)
-+#endif
- # ifndef BIT_FIELD_LIMITS
- /* I should use WSAAsyncGetHostByName() under windows */
-- h1 = gethostbyaddr((char *)&from.sin_addr.s_addr,
-- sizeof(from.sin_addr.s_addr), AF_INET);
-+ h1 = gethostbyaddr((char *)&from_in->sin_addr.s_addr,
-+ sizeof(from_in->sin_addr.s_addr), AF_INET);
- # else
-- h1 = gethostbyaddr((char *)&from.sin_addr,
-+ h1 = gethostbyaddr((char *)&from_in->sin_addr,
- sizeof(struct in_addr), AF_INET);
- # endif
-+#if OPENSSL_USE_IPV6
-+ else
-+ h1 = gethostbyaddr((char *)&from_in6->sin6_addr,
-+ sizeof(struct in6_addr), AF_INET6);
-+#endif
- if (h1 == NULL) {
- BIO_printf(bio_err, "bad gethostbyaddr\n");
- *host = NULL;
-@@ -457,14 +553,23 @@ static int do_accept(int acc_sock, int *
- }
- BUF_strlcpy(*host, h1->h_name, strlen(h1->h_name) + 1);
-
-- h2 = GetHostByName(*host);
-+#if OPENSSL_USE_IPV6
-+ h2 = GetHostByName(*host, from.ss_family);
-+#else
-+ h2 = GetHostByName(*host, from.sin_family);
-+#endif
-+
- if (h2 == NULL) {
- BIO_printf(bio_err, "gethostbyname failure\n");
- closesocket(ret);
- return (0);
- }
-- if (h2->h_addrtype != AF_INET) {
-- BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
-+#if OPENSSL_USE_IPV6
-+ if (h2->h_addrtype != from.ss_family) {
-+#else
-+ if (h2->h_addrtype != from.sin_family) {
-+#endif
-+ BIO_printf(bio_err, "gethostbyname addr address is not correct\n");
- closesocket(ret);
- return (0);
- }
-@@ -480,14 +585,14 @@ int extract_host_port(char *str, char **
- char *h, *p;
-
- h = str;
-- p = strchr(str, ':');
-+ p = strrchr(str, ':');
- if (p == NULL) {
- BIO_printf(bio_err, "no port defined\n");
- return (0);
- }
- *(p++) = '\0';
-
-- if ((ip != NULL) && !host_ip(str, ip))
-+ if ((ip != NULL) && !host_ip(str, ip, AF_INET))
- goto err;
- if (host_ptr != NULL)
- *host_ptr = h;
-@@ -499,44 +604,54 @@ int extract_host_port(char *str, char **
- return (0);
- }
-
--static int host_ip(char *str, unsigned char ip[4])
-+static int host_ip(char *str, unsigned char *ip, int domain)
- {
- unsigned int in[4];
-+ unsigned long l;
- int i;
-
-- if (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) ==
-- 4) {
-+ if ((domain == AF_INET) &&
-+ (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) ==
-+ 4)) {
- for (i = 0; i < 4; i++)
- if (in[i] > 255) {
- BIO_printf(bio_err, "invalid IP address\n");
- goto err;
- }
-- ip[0] = in[0];
-- ip[1] = in[1];
-- ip[2] = in[2];
-- ip[3] = in[3];
-- } else { /* do a gethostbyname */
-+ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]);
-+ memcpy(ip, &l, 4);
-+ return 1;
-+ }
-+#if OPENSSL_USE_IPV6
-+ else if ((domain == AF_INET6) &&
-+ (inet_pton(AF_INET6, str, ip) == 1))
-+ return 1;
-+#endif
-+ else { /* do a gethostbyname */
- struct hostent *he;
-
- if (!ssl_sock_init())
- return (0);
-
-- he = GetHostByName(str);
-+ he = GetHostByName(str, domain);
- if (he == NULL) {
- BIO_printf(bio_err, "gethostbyname failure\n");
- goto err;
- }
- /* cast to short because of win16 winsock definition */
-- if ((short)he->h_addrtype != AF_INET) {
-- BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
-+ if ((short)he->h_addrtype != domain) {
-+ BIO_printf(bio_err, "gethostbyname addr family is not correct\n");
- return (0);
- }
-- ip[0] = he->h_addr_list[0][0];
-- ip[1] = he->h_addr_list[0][1];
-- ip[2] = he->h_addr_list[0][2];
-- ip[3] = he->h_addr_list[0][3];
-+ if (domain == AF_INET)
-+ memset(ip, 0, 4);
-+#if OPENSSL_USE_IPV6
-+ else
-+ memset(ip, 0, 16);
-+#endif
-+ memcpy(ip, he->h_addr_list[0], he->h_length);
-+ return 1;
- }
-- return (1);
- err:
- return (0);
- }
-@@ -570,7 +685,7 @@ static struct ghbn_cache_st {
- static unsigned long ghbn_hits = 0L;
- static unsigned long ghbn_miss = 0L;
-
--static struct hostent *GetHostByName(char *name)
-+static struct hostent *GetHostByName(char *name, int domain)
- {
- struct hostent *ret;
- int i, lowi = 0;
-@@ -582,13 +697,19 @@ static struct hostent *GetHostByName(cha
- lowi = i;
- }
- if (ghbn_cache[i].order > 0) {
-- if (strncmp(name, ghbn_cache[i].name, 128) == 0)
-+ if ((strncmp(name, ghbn_cache[i].name, 128) == 0) &&
-+ (ghbn_cache[i].ent.h_addrtype == domain))
- break;
- }
- }
- if (i == GHBN_NUM) { /* no hit */
- ghbn_miss++;
-- ret = gethostbyname(name);
-+ if (domain == AF_INET)
-+ ret = gethostbyname(name);
-+#if OPENSSL_USE_IPV6
-+ else
-+ ret=gethostbyname2(name, AF_INET6);
-+#endif
- if (ret == NULL)
- return (NULL);
- /* else add to cache */
diff --git a/dev-libs/openssl/files/openssl-1.0.1m-x32.patch b/dev-libs/openssl/files/openssl-1.0.1m-x32.patch
deleted file mode 100644
index 48717a5..0000000
--- a/dev-libs/openssl/files/openssl-1.0.1m-x32.patch
+++ /dev/null
@@ -1,66 +0,0 @@
---- openssl-1.0.1m/Configure
-+++ openssl-1.0.1m/Configure
-@@ -361,6 +361,7 @@ my %table=(
- "linux-ia64-ecc","ecc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-ia64-icc","icc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-x86_64", "gcc:-m64 -DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-+"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux64-s390x", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
- #### So called "highgprs" target for z/Architecture CPUs
- # "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
---- openssl-1.0.1m/crypto/bn/asm/x86_64-gcc.c
-+++ openssl-1.0.1m/crypto/bn/asm/x86_64-gcc.c
-@@ -55,7 +55,7 @@
- * machine.
- */
-
--# ifdef _WIN64
-+# if defined _WIN64 || !defined __LP64__
- # define BN_ULONG unsigned long long
- # else
- # define BN_ULONG unsigned long
-@@ -211,9 +211,9 @@ BN_ULONG bn_add_words(BN_ULONG *rp, cons
-
- asm volatile (" subq %2,%2 \n"
- ".p2align 4 \n"
-- "1: movq (%4,%2,8),%0 \n"
-- " adcq (%5,%2,8),%0 \n"
-- " movq %0,(%3,%2,8) \n"
-+ "1: movq (%q4,%2,8),%0 \n"
-+ " adcq (%q5,%2,8),%0 \n"
-+ " movq %0,(%q3,%2,8) \n"
- " leaq 1(%2),%2 \n"
- " loop 1b \n"
- " sbbq %0,%0 \n":"=&a" (ret), "+c"(n),
-@@ -235,9 +235,9 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, cons
-
- asm volatile (" subq %2,%2 \n"
- ".p2align 4 \n"
-- "1: movq (%4,%2,8),%0 \n"
-- " sbbq (%5,%2,8),%0 \n"
-- " movq %0,(%3,%2,8) \n"
-+ "1: movq (%q4,%2,8),%0 \n"
-+ " sbbq (%q5,%2,8),%0 \n"
-+ " movq %0,(%q3,%2,8) \n"
- " leaq 1(%2),%2 \n"
- " loop 1b \n"
- " sbbq %0,%0 \n":"=&a" (ret), "+c"(n),
---- openssl-1.0.1m/crypto/bn/bn.h
-+++ openssl-1.0.1m/crypto/bn/bn.h
-@@ -174,6 +174,16 @@ extern "C" {
- # endif
-
- /*
-+ * Address type.
-+ */
-+#ifdef _WIN64
-+#define BN_ADDR unsigned long long
-+#else
-+#define BN_ADDR unsigned long
-+#endif
-+
-+
-+/*
- * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
- * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
- */
diff --git a/dev-libs/openssl/files/openssl-1.0.1p-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.1p-parallel-build.patch
deleted file mode 100644
index dfefd56..0000000
--- a/dev-libs/openssl/files/openssl-1.0.1p-parallel-build.patch
+++ /dev/null
@@ -1,359 +0,0 @@
-http://rt.openssl.org/Ticket/Display.html?id=2084
-
---- openssl-1.0.1p/crypto/Makefile
-+++ openssl-1.0.1p/crypto/Makefile
-@@ -85,11 +85,11 @@
- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
-
- subdirs:
-- @target=all; $(RECURSIVE_MAKE)
-+ +@target=all; $(RECURSIVE_MAKE)
-
- files:
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
-- @target=files; $(RECURSIVE_MAKE)
-+ +@target=files; $(RECURSIVE_MAKE)
-
- links:
- @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
-@@ -100,7 +100,7 @@
- # lib: $(LIB): are splitted to avoid end-less loop
- lib: $(LIB)
- @touch lib
--$(LIB): $(LIBOBJ)
-+$(LIB): $(LIBOBJ) | subdirs
- $(AR) $(LIB) $(LIBOBJ)
- [ -z "$(FIPSLIBDIR)" ] || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
- $(RANLIB) $(LIB) || echo Never mind.
-@@ -111,7 +111,7 @@
- fi
-
- libs:
-- @target=lib; $(RECURSIVE_MAKE)
-+ +@target=lib; $(RECURSIVE_MAKE)
-
- install:
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
-@@ -120,7 +120,7 @@
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- done;
-- @target=install; $(RECURSIVE_MAKE)
-+ +@target=install; $(RECURSIVE_MAKE)
-
- lint:
- @target=lint; $(RECURSIVE_MAKE)
---- openssl-1.0.1p/crypto/objects/Makefile
-+++ openssl-1.0.1p/crypto/objects/Makefile
-@@ -44,11 +44,11 @@
- # objects.pl both reads and writes obj_mac.num
- obj_mac.h: objects.pl objects.txt obj_mac.num
- $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
-- @sleep 1; touch obj_mac.h; sleep 1
-
--obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
-+# This doesn't really need obj_mac.h, but since that rule reads & writes
-+# obj_mac.num, we can't run in parallel with it.
-+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h
- $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
-- @sleep 1; touch obj_xref.h; sleep 1
-
- files:
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
---- openssl-1.0.1p/engines/Makefile
-+++ openssl-1.0.1p/engines/Makefile
-@@ -72,7 +72,7 @@
-
- all: lib subdirs
-
--lib: $(LIBOBJ)
-+lib: $(LIBOBJ) | subdirs
- @if [ -n "$(SHARED_LIBS)" ]; then \
- set -e; \
- for l in $(LIBNAMES); do \
-@@ -89,7 +89,7 @@
-
- subdirs:
- echo $(EDIRS)
-- @target=all; $(RECURSIVE_MAKE)
-+ +@target=all; $(RECURSIVE_MAKE)
-
- files:
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
-@@ -128,7 +128,7 @@
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
- done; \
- fi
-- @target=install; $(RECURSIVE_MAKE)
-+ +@target=install; $(RECURSIVE_MAKE)
-
- tags:
- ctags $(SRC)
---- openssl-1.0.1p/Makefile.org
-+++ openssl-1.0.1p/Makefile.org
-@@ -273,17 +273,17 @@
- build_libs: build_crypto build_ssl build_engines
-
- build_crypto:
-- @dir=crypto; target=all; $(BUILD_ONE_CMD)
-+ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
- build_ssl: build_crypto
-- @dir=ssl; target=all; $(BUILD_ONE_CMD)
-+ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
- build_engines: build_crypto
-- @dir=engines; target=all; $(BUILD_ONE_CMD)
-+ +@dir=engines; target=all; $(BUILD_ONE_CMD)
- build_apps: build_libs
-- @dir=apps; target=all; $(BUILD_ONE_CMD)
-+ +@dir=apps; target=all; $(BUILD_ONE_CMD)
- build_tests: build_libs
-- @dir=test; target=all; $(BUILD_ONE_CMD)
-+ +@dir=test; target=all; $(BUILD_ONE_CMD)
- build_tools: build_libs
-- @dir=tools; target=all; $(BUILD_ONE_CMD)
-+ +@dir=tools; target=all; $(BUILD_ONE_CMD)
-
- all_testapps: build_libs build_testapps
- build_testapps:
-@@ -538,9 +538,9 @@
- dist_pem_h:
- (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
-
--install: all install_docs install_sw
-+install: install_docs install_sw
-
--install_sw:
-+install_dirs:
- @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
- $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
-@@ -549,12 +549,19 @@
- $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
- $(INSTALL_PREFIX)$(OPENSSLDIR)/private
-+ @$(PERL) $(TOP)/util/mkdir-p.pl \
-+ $(INSTALL_PREFIX)$(MANDIR)/man1 \
-+ $(INSTALL_PREFIX)$(MANDIR)/man3 \
-+ $(INSTALL_PREFIX)$(MANDIR)/man5 \
-+ $(INSTALL_PREFIX)$(MANDIR)/man7
-+
-+install_sw: install_dirs
- @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
- do \
- (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
- chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
- done;
-- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
-+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD)
- @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
- do \
- if [ -f "$$i" ]; then \
-@@ -634,12 +641,7 @@
- done; \
- done
-
--install_docs:
-- @$(PERL) $(TOP)/util/mkdir-p.pl \
-- $(INSTALL_PREFIX)$(MANDIR)/man1 \
-- $(INSTALL_PREFIX)$(MANDIR)/man3 \
-- $(INSTALL_PREFIX)$(MANDIR)/man5 \
-- $(INSTALL_PREFIX)$(MANDIR)/man7
-+install_docs: install_dirs
- @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
- here="`pwd`"; \
- filecase=; \
---- openssl-1.0.1p/Makefile.shared
-+++ openssl-1.0.1p/Makefile.shared
-@@ -105,6 +105,7 @@
- SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
- LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
- LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
-+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
- LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
- $${SHAREDCMD} $${SHAREDFLAGS} \
- -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
-@@ -122,6 +123,7 @@
- done; \
- fi; \
- if [ -n "$$SHLIB_SOVER" ]; then \
-+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
- ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
- ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
- fi; \
---- openssl-1.0.1p/test/Makefile
-+++ openssl-1.0.1p/test/Makefile
-@@ -130,7 +130,7 @@
- tags:
- ctags $(SRC)
-
--tests: exe apps $(TESTS)
-+tests: exe $(TESTS)
-
- apps:
- @(cd ..; $(MAKE) DIRS=apps all)
-@@ -388,118 +388,118 @@
- link_app.$${shlib_target}
-
- $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
-- @target=$(RSATEST); $(BUILD_CMD)
-+ +@target=$(RSATEST); $(BUILD_CMD)
-
- $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
-- @target=$(BNTEST); $(BUILD_CMD)
-+ +@target=$(BNTEST); $(BUILD_CMD)
-
- $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
-- @target=$(ECTEST); $(BUILD_CMD)
-+ +@target=$(ECTEST); $(BUILD_CMD)
-
- $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
-- @target=$(EXPTEST); $(BUILD_CMD)
-+ +@target=$(EXPTEST); $(BUILD_CMD)
-
- $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
-- @target=$(IDEATEST); $(BUILD_CMD)
-+ +@target=$(IDEATEST); $(BUILD_CMD)
-
- $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
-- @target=$(MD2TEST); $(BUILD_CMD)
-+ +@target=$(MD2TEST); $(BUILD_CMD)
-
- $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
-- @target=$(SHATEST); $(BUILD_CMD)
-+ +@target=$(SHATEST); $(BUILD_CMD)
-
- $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
-- @target=$(SHA1TEST); $(BUILD_CMD)
-+ +@target=$(SHA1TEST); $(BUILD_CMD)
-
- $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
-- @target=$(SHA256TEST); $(BUILD_CMD)
-+ +@target=$(SHA256TEST); $(BUILD_CMD)
-
- $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
-- @target=$(SHA512TEST); $(BUILD_CMD)
-+ +@target=$(SHA512TEST); $(BUILD_CMD)
-
- $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
-- @target=$(RMDTEST); $(BUILD_CMD)
-+ +@target=$(RMDTEST); $(BUILD_CMD)
-
- $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
-- @target=$(MDC2TEST); $(BUILD_CMD)
-+ +@target=$(MDC2TEST); $(BUILD_CMD)
-
- $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
-- @target=$(MD4TEST); $(BUILD_CMD)
-+ +@target=$(MD4TEST); $(BUILD_CMD)
-
- $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
-- @target=$(MD5TEST); $(BUILD_CMD)
-+ +@target=$(MD5TEST); $(BUILD_CMD)
-
- $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
-- @target=$(HMACTEST); $(BUILD_CMD)
-+ +@target=$(HMACTEST); $(BUILD_CMD)
-
- $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
-- @target=$(WPTEST); $(BUILD_CMD)
-+ +@target=$(WPTEST); $(BUILD_CMD)
-
- $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
-- @target=$(RC2TEST); $(BUILD_CMD)
-+ +@target=$(RC2TEST); $(BUILD_CMD)
-
- $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
-- @target=$(BFTEST); $(BUILD_CMD)
-+ +@target=$(BFTEST); $(BUILD_CMD)
-
- $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
-- @target=$(CASTTEST); $(BUILD_CMD)
-+ +@target=$(CASTTEST); $(BUILD_CMD)
-
- $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
-- @target=$(RC4TEST); $(BUILD_CMD)
-+ +@target=$(RC4TEST); $(BUILD_CMD)
-
- $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
-- @target=$(RC5TEST); $(BUILD_CMD)
-+ +@target=$(RC5TEST); $(BUILD_CMD)
-
- $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
-- @target=$(DESTEST); $(BUILD_CMD)
-+ +@target=$(DESTEST); $(BUILD_CMD)
-
- $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
-- @target=$(RANDTEST); $(BUILD_CMD)
-+ +@target=$(RANDTEST); $(BUILD_CMD)
-
- $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
-- @target=$(DHTEST); $(BUILD_CMD)
-+ +@target=$(DHTEST); $(BUILD_CMD)
-
- $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
-- @target=$(DSATEST); $(BUILD_CMD)
-+ +@target=$(DSATEST); $(BUILD_CMD)
-
- $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
-- @target=$(METHTEST); $(BUILD_CMD)
-+ +@target=$(METHTEST); $(BUILD_CMD)
-
- $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
-- @target=$(SSLTEST); $(FIPS_BUILD_CMD)
-+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD)
-
- $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
-- @target=$(ENGINETEST); $(BUILD_CMD)
-+ +@target=$(ENGINETEST); $(BUILD_CMD)
-
- $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
-- @target=$(EVPTEST); $(BUILD_CMD)
-+ +@target=$(EVPTEST); $(BUILD_CMD)
-
- $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO)
-- @target=$(EVPEXTRATEST); $(BUILD_CMD)
-+ +@target=$(EVPEXTRATEST); $(BUILD_CMD)
-
- $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
-- @target=$(ECDSATEST); $(BUILD_CMD)
-+ +@target=$(ECDSATEST); $(BUILD_CMD)
-
- $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
-- @target=$(ECDHTEST); $(BUILD_CMD)
-+ +@target=$(ECDHTEST); $(BUILD_CMD)
-
- $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
-- @target=$(IGETEST); $(BUILD_CMD)
-+ +@target=$(IGETEST); $(BUILD_CMD)
-
- $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
-- @target=$(JPAKETEST); $(BUILD_CMD)
-+ +@target=$(JPAKETEST); $(BUILD_CMD)
-
- $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
-- @target=$(ASN1TEST); $(BUILD_CMD)
-+ +@target=$(ASN1TEST); $(BUILD_CMD)
-
- $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
-- @target=$(SRPTEST); $(BUILD_CMD)
-+ +@target=$(SRPTEST); $(BUILD_CMD)
-
- $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
-- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
-+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
-
- $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
-- @target=$(CONSTTIMETEST) $(BUILD_CMD)
-+ +@target=$(CONSTTIMETEST) $(BUILD_CMD)
-
- #$(AESTEST).o: $(AESTEST).c
- # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
-@@ -512,7 +512,7 @@
- # fi
-
- dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
-- @target=dummytest; $(BUILD_CMD)
-+ +@target=dummytest; $(BUILD_CMD)
-
- # DO NOT DELETE THIS LINE -- make depend depends on it.
-
diff --git a/dev-libs/openssl/files/openssl-1.0.1r-x32.patch b/dev-libs/openssl/files/openssl-1.0.1r-x32.patch
deleted file mode 100644
index 9e490fd..0000000
--- a/dev-libs/openssl/files/openssl-1.0.1r-x32.patch
+++ /dev/null
@@ -1,66 +0,0 @@
---- openssl-1.0.1r/Configure
-+++ openssl-1.0.1r/Configure
-@@ -368,6 +368,7 @@
- "linux-ia64-icc","icc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-x86_64", "gcc:-m64 -DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
- "linux-x86_64-clang","clang: -m64 -DL_ENDIAN -O3 -Wall -Qunused-arguments::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
-+"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux64-s390x", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
- #### So called "highgprs" target for z/Architecture CPUs
- # "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
---- openssl-1.0.1r/crypto/bn/asm/x86_64-gcc.c
-+++ openssl-1.0.1r/crypto/bn/asm/x86_64-gcc.c
-@@ -55,7 +55,7 @@
- * machine.
- */
-
--# ifdef _WIN64
-+# ifdef _WIN64 || !defined __LP64__
- # define BN_ULONG unsigned long long
- # else
- # define BN_ULONG unsigned long
-@@ -211,9 +211,9 @@
-
- asm volatile (" subq %2,%2 \n"
- ".p2align 4 \n"
-- "1: movq (%4,%2,8),%0 \n"
-- " adcq (%5,%2,8),%0 \n"
-- " movq %0,(%3,%2,8) \n"
-+ "1: movq (%q4,%2,8),%0 \n"
-+ " adcq (%q5,%2,8),%0 \n"
-+ " movq %0,(%q3,%2,8) \n"
- " leaq 1(%2),%2 \n"
- " loop 1b \n"
- " sbbq %0,%0 \n":"=&a" (ret), "+c"(n),
-@@ -235,9 +235,9 @@
-
- asm volatile (" subq %2,%2 \n"
- ".p2align 4 \n"
-- "1: movq (%4,%2,8),%0 \n"
-- " sbbq (%5,%2,8),%0 \n"
-- " movq %0,(%3,%2,8) \n"
-+ "1: movq (%q4,%2,8),%0 \n"
-+ " sbbq (%q5,%2,8),%0 \n"
-+ " movq %0,(%q3,%2,8) \n"
- " leaq 1(%2),%2 \n"
- " loop 1b \n"
- " sbbq %0,%0 \n":"=&a" (ret), "+c"(n),
---- openssl-1.0.1r/crypto/bn/bn.h
-+++ openssl-1.0.1r/crypto/bn/bn.h
-@@ -174,6 +174,16 @@
- # endif
-
- /*
-+ * Address type.
-+ */
-+#ifdef _WIN64
-+#define BN_ADDR unsigned long long
-+#else
-+#define BN_ADDR unsigned long
-+#endif
-+
-+
-+/*
- * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
- * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
- */
diff --git a/dev-libs/openssl/openssl-1.0.1p.ebuild b/dev-libs/openssl/openssl-1.0.1p.ebuild
deleted file mode 100644
index 40a538f..0000000
--- a/dev-libs/openssl/openssl-1.0.1p.ebuild
+++ /dev/null
@@ -1,259 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="4"
-
-inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal
-
-REV="1.7"
-DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
-HOMEPAGE="http://www.openssl.org/"
-SRC_URI="mirror://openssl/source/${P}.tar.gz
- http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
-
-LICENSE="openssl"
-SLOT="0"
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
-IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib"
-RESTRICT="!bindist? ( bindist )"
-
-# The blocks are temporary just to make sure people upgrade to a
-# version that lack runtime version checking. We'll drop them in
-# the future.
-RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
- zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
- kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )
- abi_x86_32? (
- !<=app-emulation/emul-linux-x86-baselibs-20140406-r3
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
- )
- !<net-misc/openssh-5.9_p1-r4
- !<net-libs/neon-0.29.6-r1"
-DEPEND="${RDEPEND}
- sys-apps/diffutils
- >=dev-lang/perl-5
- test? ( sys-devel/bc )"
-PDEPEND="app-misc/ca-certificates"
-
-src_unpack() {
- unpack ${P}.tar.gz
- SSL_CNF_DIR="/etc/ssl"
- sed \
- -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \
- -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \
- "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
- > "${WORKDIR}"/c_rehash || die #416717
-}
-
-MULTILIB_WRAPPED_HEADERS=(
- usr/include/openssl/opensslconf.h
-)
-
-src_prepare() {
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile
-
- if ! use vanilla ; then
- epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
- epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
- epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
- epatch "${FILESDIR}"/${PN}-1.0.1p-parallel-build.patch
- epatch "${FILESDIR}"/${PN}-1.0.1m-x32.patch
- epatch "${FILESDIR}"/${PN}-1.0.1m-ipv6.patch
- epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086
- epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338
- epatch_user #332661
- fi
-
- # disable fips in the build
- # make sure the man pages are suffixed #302165
- # don't bother building man pages if they're disabled
- sed -i \
- -e '/DIRS/s: fips : :g' \
- -e '/^MANSUFFIX/s:=.*:=ssl:' \
- -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
- -e $(has noman FEATURES \
- && echo '/^install:/s:install_docs::' \
- || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
- Makefile.org \
- || die
- # show the actual commands in the log
- sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
-
- # since we're forcing $(CC) as makedep anyway, just fix
- # the conditional as always-on
- # helps clang (#417795), and versioned gcc (#499818)
- sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die
-
- # quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (#417795 again)
- [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments
-
- # allow openssl to be cross-compiled
- cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die
- chmod a+rx gentoo.config
-
- append-flags -fno-strict-aliasing
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
- # The config script does stupid stuff to prompt the user. Kill it.
- sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
- ./config --test-sanity || die "I AM NOT SANE"
-
- multilib_copy_sources
-}
-
-multilib_src_configure() {
- unset APPS #197996
- unset SCRIPTS #312551
- unset CROSS_COMPILE #311473
-
- tc-export CC AR RANLIB RC
-
- # Clean out patent-or-otherwise-encumbered code
- # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
- # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
- # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
- # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
- # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
-
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
- echoit() { echo "$@" ; "$@" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths. #460790
- local ec_nistp_64_gcc_128
- # Disable it for now though #469976
- #if ! use bindist ; then
- # echo "__uint128_t i;" > "${T}"/128.c
- # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- # fi
- #fi
-
- local sslout=$(./gentoo.config)
- einfo "Use configuration ${sslout:-(openssl knows best)}"
- local config="Configure"
- [[ -z ${sslout} ]] && config="config"
-
- echoit \
- ./${config} \
- ${sslout} \
- $(use cpu_flags_x86_sse2 || echo "no-sse2") \
- enable-camellia \
- $(use_ssl !bindist ec) \
- ${ec_nistp_64_gcc_128} \
- enable-idea \
- enable-mdc2 \
- $(use_ssl !bindist rc5) \
- enable-tlsext \
- $(use_ssl gmp gmp -lgmp) \
- $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
- $(use_ssl rfc3779) \
- $(use_ssl tls-heartbeat heartbeats) \
- $(use_ssl zlib) \
- --prefix="${EPREFIX}"/usr \
- --openssldir="${EPREFIX}"${SSL_CNF_DIR} \
- --libdir=$(get_libdir) \
- shared threads \
- || die
-
- # Clean out hardcoded flags that openssl uses
- local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
- -e 's:^CFLAG=::' \
- -e 's:-fomit-frame-pointer ::g' \
- -e 's:-O[0-9] ::g' \
- -e 's:-march=[-a-z0-9]* ::g' \
- -e 's:-mcpu=[-a-z0-9]* ::g' \
- -e 's:-m[a-z0-9]* ::g' \
- )
- sed -i \
- -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
- -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
- Makefile || die
-}
-
-multilib_src_compile() {
- # depend is needed to use $confopts; it also doesn't matter
- # that it's -j1 as the code itself serializes subdirs
- emake -j1 depend
- emake all
- # rehash is needed to prep the certs/ dir; do this
- # separately to avoid parallel build issues.
- emake rehash
-}
-
-multilib_src_test() {
- emake -j1 test
-}
-
-multilib_src_install() {
- emake INSTALL_PREFIX="${D}" install
-}
-
-multilib_src_install_all() {
- dobin "${WORKDIR}"/c_rehash #333117
- dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
- dohtml -r doc/*
- use rfc3779 && dodoc engines/ccgost/README.gost
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
-
- # create the certs directory
- dodir ${SSL_CNF_DIR}/certs
- cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
- rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
-
- # Namespace openssl programs to prevent conflicts with other man pages
- cd "${ED}"/usr/share/man
- local m d s
- for m in $(find . -type f | xargs grep -L '#include') ; do
- d=${m%/*} ; d=${d#./} ; m=${m##*/}
- [[ ${m} == openssl.1* ]] && continue
- [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
- mv ${d}/{,ssl-}${m}
- # fix up references to renamed man pages
- sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
- ln -s ssl-${m} ${d}/openssl-${m}
- # locate any symlinks that point to this man page ... we assume
- # that any broken links are due to the above renaming
- for s in $(find -L ${d} -type l) ; do
- s=${s##*/}
- rm -f ${d}/${s}
- ln -s ssl-${m} ${d}/ssl-${s}
- ln -s ssl-${s} ${d}/openssl-${s}
- done
- done
- [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
-
- dodir /etc/sandbox.d #254521
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
-}
-
-pkg_postinst() {
- ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
- c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
- eend $?
-
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
-}
diff --git a/dev-libs/openssl/openssl-1.0.1r.ebuild b/dev-libs/openssl/openssl-1.0.1r.ebuild
deleted file mode 100644
index 8d590fa..0000000
--- a/dev-libs/openssl/openssl-1.0.1r.ebuild
+++ /dev/null
@@ -1,256 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-
-inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal
-
-REV="1.7"
-DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
-HOMEPAGE="http://www.openssl.org/"
-SRC_URI="mirror://openssl/source/${P}.tar.gz
- http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
-
-LICENSE="openssl"
-SLOT="0"
-KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
-IUSE="bindist gmp kerberos rfc3779 cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib"
-RESTRICT="!bindist? ( bindist )"
-
-# The blocks are temporary just to make sure people upgrade to a
-# version that lack runtime version checking. We'll drop them in
-# the future.
-RDEPEND="gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
- zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
- kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )
- abi_x86_32? (
- !<=app-emulation/emul-linux-x86-baselibs-20140406-r3
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
- )
- !<net-misc/openssh-5.9_p1-r4
- !<net-libs/neon-0.29.6-r1"
-DEPEND="${RDEPEND}
- sys-apps/diffutils
- >=dev-lang/perl-5
- test? ( sys-devel/bc )"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
- usr/include/openssl/opensslconf.h
-)
-
-src_prepare() {
- SSL_CNF_DIR="/etc/ssl"
- sed \
- -e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \
- -e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \
- "${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
- > "${WORKDIR}"/c_rehash || die #416717
-
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile
-
- if ! use vanilla ; then
- epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
- epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
- epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
- epatch "${FILESDIR}"/${PN}-1.0.1p-parallel-build.patch
- epatch "${FILESDIR}"/${PN}-1.0.1r-x32.patch
- epatch "${FILESDIR}"/${PN}-1.0.1m-ipv6.patch
- epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086
- epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338
- epatch_user #332661
- fi
-
- # disable fips in the build
- # make sure the man pages are suffixed #302165
- # don't bother building man pages if they're disabled
- sed -i \
- -e '/DIRS/s: fips : :g' \
- -e '/^MANSUFFIX/s:=.*:=ssl:' \
- -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
- -e $(has noman FEATURES \
- && echo '/^install:/s:install_docs::' \
- || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
- Makefile.org \
- || die
- # show the actual commands in the log
- sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
-
- # since we're forcing $(CC) as makedep anyway, just fix
- # the conditional as always-on
- # helps clang (#417795), and versioned gcc (#499818)
- sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die
-
- # quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (#417795 again)
- [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments
-
- # allow openssl to be cross-compiled
- cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die
- chmod a+rx gentoo.config
-
- append-flags -fno-strict-aliasing
- append-flags $(test-flags-CC -Wa,--noexecstack)
-
- sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
- # The config script does stupid stuff to prompt the user. Kill it.
- sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
- ./config --test-sanity || die "I AM NOT SANE"
-
- multilib_copy_sources
-}
-
-multilib_src_configure() {
- unset APPS #197996
- unset SCRIPTS #312551
- unset CROSS_COMPILE #311473
-
- tc-export CC AR RANLIB RC
-
- # Clean out patent-or-otherwise-encumbered code
- # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
- # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
- # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
- # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
- # RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
-
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
- echoit() { echo "$@" ; "$@" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths. #460790
- local ec_nistp_64_gcc_128
- # Disable it for now though #469976
- #if ! use bindist ; then
- # echo "__uint128_t i;" > "${T}"/128.c
- # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- # fi
- #fi
-
- local sslout=$(./gentoo.config)
- einfo "Use configuration ${sslout:-(openssl knows best)}"
- local config="Configure"
- [[ -z ${sslout} ]] && config="config"
-
- echoit \
- ./${config} \
- ${sslout} \
- $(use cpu_flags_x86_sse2 || echo "no-sse2") \
- enable-camellia \
- $(use_ssl !bindist ec) \
- ${ec_nistp_64_gcc_128} \
- enable-idea \
- enable-mdc2 \
- $(use_ssl !bindist rc5) \
- enable-tlsext \
- $(use_ssl gmp gmp -lgmp) \
- $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
- $(use_ssl rfc3779) \
- $(use_ssl tls-heartbeat heartbeats) \
- $(use_ssl zlib) \
- --prefix="${EPREFIX}"/usr \
- --openssldir="${EPREFIX}"${SSL_CNF_DIR} \
- --libdir=$(get_libdir) \
- shared threads \
- || die
-
- # Clean out hardcoded flags that openssl uses
- local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
- -e 's:^CFLAG=::' \
- -e 's:-fomit-frame-pointer ::g' \
- -e 's:-O[0-9] ::g' \
- -e 's:-march=[-a-z0-9]* ::g' \
- -e 's:-mcpu=[-a-z0-9]* ::g' \
- -e 's:-m[a-z0-9]* ::g' \
- )
- sed -i \
- -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
- -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
- Makefile || die
-}
-
-multilib_src_compile() {
- # depend is needed to use $confopts; it also doesn't matter
- # that it's -j1 as the code itself serializes subdirs
- emake -j1 depend
- emake all
- # rehash is needed to prep the certs/ dir; do this
- # separately to avoid parallel build issues.
- emake rehash
-}
-
-multilib_src_test() {
- emake -j1 test
-}
-
-multilib_src_install() {
- emake INSTALL_PREFIX="${D}" install
-}
-
-multilib_src_install_all() {
- dobin "${WORKDIR}"/c_rehash #333117
- dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
- dohtml -r doc/*
- use rfc3779 && dodoc engines/ccgost/README.gost
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
-
- # create the certs directory
- dodir ${SSL_CNF_DIR}/certs
- cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
- rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
-
- # Namespace openssl programs to prevent conflicts with other man pages
- cd "${ED}"/usr/share/man
- local m d s
- for m in $(find . -type f | xargs grep -L '#include') ; do
- d=${m%/*} ; d=${d#./} ; m=${m##*/}
- [[ ${m} == openssl.1* ]] && continue
- [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
- mv ${d}/{,ssl-}${m}
- # fix up references to renamed man pages
- sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
- ln -s ssl-${m} ${d}/openssl-${m}
- # locate any symlinks that point to this man page ... we assume
- # that any broken links are due to the above renaming
- for s in $(find -L ${d} -type l) ; do
- s=${s##*/}
- rm -f ${d}/${s}
- ln -s ssl-${m} ${d}/ssl-${s}
- ln -s ssl-${s} ${d}/openssl-${s}
- done
- done
- [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
-
- dodir /etc/sandbox.d #254521
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
-}
-
-pkg_postinst() {
- ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
- c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
- eend $?
-
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
-}
diff --git a/dev-libs/openssl/openssl-1.0.2e.ebuild b/dev-libs/openssl/openssl-1.0.2e.ebuild
deleted file mode 100644
index 444743d..0000000
--- a/dev-libs/openssl/openssl-1.0.2e.ebuild
+++ /dev/null
@@ -1,265 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="4"
-
-inherit eutils flag-o-matic toolchain-funcs multilib multilib-minimal
-
-MY_P=${P/_/-}
-DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
-HOMEPAGE="http://www.openssl.org/"
-SRC_URI="mirror://openssl/source/${MY_P}.tar.gz"
-
-LICENSE="openssl"
-SLOT="0"
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
-IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 static-libs test +tls-heartbeat vanilla zlib"
-RESTRICT="!bindist? ( bindist )"
-
-# The blocks are temporary just to make sure people upgrade to a
-# version that lack runtime version checking. We'll drop them in
-# the future.
-RDEPEND=">=app-misc/c_rehash-1.7-r1
- gmp? ( >=dev-libs/gmp-5.1.3-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
- zlib? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
- kerberos? ( >=app-crypt/mit-krb5-1.11.4[${MULTILIB_USEDEP}] )
- abi_x86_32? (
- !<=app-emulation/emul-linux-x86-baselibs-20140508
- !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
- )
- !<net-misc/openssh-5.9_p1-r4
- !<net-libs/neon-0.29.6-r1"
-DEPEND="${RDEPEND}
- >=dev-lang/perl-5
- sctp? ( >=net-misc/lksctp-tools-1.0.12 )
- test? (
- sys-apps/diffutils
- sys-devel/bc
- )"
-PDEPEND="app-misc/ca-certificates"
-
-S="${WORKDIR}/${MY_P}"
-
-MULTILIB_WRAPPED_HEADERS=(
- usr/include/openssl/opensslconf.h
-)
-
-src_prepare() {
- # keep this in sync with app-misc/c_rehash
- SSL_CNF_DIR="/etc/ssl"
-
- # Make sure we only ever touch Makefile.org and avoid patching a file
- # that gets blown away anyways by the Configure script in src_configure
- rm -f Makefile
-
- if ! use vanilla ; then
- epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
- epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
- epatch "${FILESDIR}"/${PN}-1.0.2e-parallel-build.patch
- epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-obj-headers.patch
- epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-install-dirs.patch
- epatch "${FILESDIR}"/${PN}-1.0.2a-parallel-symlinking.patch #545028
- epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch
- epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618
- epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338
-
- epatch_user #332661
- fi
-
- # disable fips in the build
- # make sure the man pages are suffixed #302165
- # don't bother building man pages if they're disabled
- sed -i \
- -e '/DIRS/s: fips : :g' \
- -e '/^MANSUFFIX/s:=.*:=ssl:' \
- -e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
- -e $(has noman FEATURES \
- && echo '/^install:/s:install_docs::' \
- || echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
- Makefile.org \
- || die
- # show the actual commands in the log
- sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
-
- # since we're forcing $(CC) as makedep anyway, just fix
- # the conditional as always-on
- # helps clang (#417795), and versioned gcc (#499818)
- sed -i 's/expr.*MAKEDEPEND.*;/true;/' util/domd || die
-
- # quiet out unknown driver argument warnings since openssl
- # doesn't have well-split CFLAGS and we're making it even worse
- # and 'make depend' uses -Werror for added fun (#417795 again)
- [[ ${CC} == *clang* ]] && append-flags -Qunused-arguments
-
- # allow openssl to be cross-compiled
- cp "${FILESDIR}"/gentoo.config-1.0.2 gentoo.config || die
- chmod a+rx gentoo.config
-
- append-flags -fno-strict-aliasing
- append-flags $(test-flags-CC -Wa,--noexecstack)
- append-cppflags -DOPENSSL_NO_BUF_FREELISTS
-
- sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
- # The config script does stupid stuff to prompt the user. Kill it.
- sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
- ./config --test-sanity || die "I AM NOT SANE"
-
- multilib_copy_sources
-}
-
-multilib_src_configure() {
- unset APPS #197996
- unset SCRIPTS #312551
- unset CROSS_COMPILE #311473
-
- tc-export CC AR RANLIB RC
-
- # Clean out patent-or-otherwise-encumbered code
- # Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
- # IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
- # EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
- # MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
- # RC5: Expired http://en.wikipedia.org/wiki/RC5
-
- use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
- echoit() { echo "$@" ; "$@" ; }
-
- local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
- # See if our toolchain supports __uint128_t. If so, it's 64bit
- # friendly and can use the nicely optimized code paths. #460790
- local ec_nistp_64_gcc_128
- # Disable it for now though #469976
- #if ! use bindist ; then
- # echo "__uint128_t i;" > "${T}"/128.c
- # if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
- # ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
- # fi
- #fi
-
- local sslout=$(./gentoo.config)
- einfo "Use configuration ${sslout:-(openssl knows best)}"
- local config="Configure"
- [[ -z ${sslout} ]] && config="config"
-
- echoit \
- ./${config} \
- ${sslout} \
- $(use cpu_flags_x86_sse2 || echo "no-sse2") \
- enable-camellia \
- $(use_ssl !bindist ec) \
- ${ec_nistp_64_gcc_128} \
- enable-idea \
- enable-mdc2 \
- enable-rc5 \
- enable-tlsext \
- $(use_ssl asm) \
- $(use_ssl gmp gmp -lgmp) \
- $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
- $(use_ssl rfc3779) \
- $(use_ssl sctp) \
- $(use_ssl tls-heartbeat heartbeats) \
- $(use_ssl zlib) \
- --prefix="${EPREFIX}"/usr \
- --openssldir="${EPREFIX}"${SSL_CNF_DIR} \
- --libdir=$(get_libdir) \
- shared threads \
- || die
-
- # Clean out hardcoded flags that openssl uses
- local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
- -e 's:^CFLAG=::' \
- -e 's:-fomit-frame-pointer ::g' \
- -e 's:-O[0-9] ::g' \
- -e 's:-march=[-a-z0-9]* ::g' \
- -e 's:-mcpu=[-a-z0-9]* ::g' \
- -e 's:-m[a-z0-9]* ::g' \
- )
- sed -i \
- -e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
- -e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
- Makefile || die
-}
-
-multilib_src_compile() {
- # depend is needed to use $confopts; it also doesn't matter
- # that it's -j1 as the code itself serializes subdirs
- emake -j1 depend
- emake all
- # rehash is needed to prep the certs/ dir; do this
- # separately to avoid parallel build issues.
- emake rehash
-}
-
-multilib_src_test() {
- emake -j1 test
-}
-
-multilib_src_install() {
- emake INSTALL_PREFIX="${D}" install
-}
-
-multilib_src_install_all() {
- # openssl installs perl version of c_rehash by default, but
- # we provide a shell version via app-misc/c_rehash
- rm "${ED}"/usr/bin/c_rehash || die
-
- dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
- dohtml -r doc/*
- use rfc3779 && dodoc engines/ccgost/README.gost
-
- # This is crappy in that the static archives are still built even
- # when USE=static-libs. But this is due to a failing in the openssl
- # build system: the static archives are built as PIC all the time.
- # Only way around this would be to manually configure+compile openssl
- # twice; once with shared lib support enabled and once without.
- use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
-
- # create the certs directory
- dodir ${SSL_CNF_DIR}/certs
- cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
- rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
-
- # Namespace openssl programs to prevent conflicts with other man pages
- cd "${ED}"/usr/share/man
- local m d s
- for m in $(find . -type f | xargs grep -L '#include') ; do
- d=${m%/*} ; d=${d#./} ; m=${m##*/}
- [[ ${m} == openssl.1* ]] && continue
- [[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
- mv ${d}/{,ssl-}${m}
- # fix up references to renamed man pages
- sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
- ln -s ssl-${m} ${d}/openssl-${m}
- # locate any symlinks that point to this man page ... we assume
- # that any broken links are due to the above renaming
- for s in $(find -L ${d} -type l) ; do
- s=${s##*/}
- rm -f ${d}/${s}
- ln -s ssl-${m} ${d}/ssl-${s}
- ln -s ssl-${s} ${d}/openssl-${s}
- done
- done
- [[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
-
- dodir /etc/sandbox.d #254521
- echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
- diropts -m0700
- keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0
- preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
-}
-
-pkg_postinst() {
- ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
- c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
- eend $?
-
- has_version ${CATEGORY}/${PN}:0.9.8 && return 0
- preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
-}
next reply other threads:[~2016-02-26 22:46 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-26 22:46 Doug Goldstein [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-02-06 12:59 [gentoo-commits] repo/gentoo:master commit in: dev-libs/openssl/, dev-libs/openssl/files/ Sam James
2024-10-29 2:10 Sam James
2024-10-29 2:10 Sam James
2024-08-07 2:41 Sam James
2024-08-03 5:08 Sam James
2024-07-19 17:03 Jakov Smolić
2024-04-29 17:07 Sam James
2024-04-15 7:16 Sam James
2024-04-15 7:16 Sam James
2024-02-01 16:46 Sam James
2023-07-19 15:06 Sam James
2023-04-20 16:58 Patrick McLean
2023-03-22 23:00 Patrick McLean
2022-12-18 5:00 Andreas K. Hüttel
2022-12-18 2:11 Andreas K. Hüttel
2020-12-22 22:44 Thomas Deutschmann
2020-12-17 16:23 Andreas K. Hüttel
2019-11-25 0:13 Thomas Deutschmann
2019-10-04 15:48 Thomas Deutschmann
2019-10-04 15:48 Thomas Deutschmann
2019-08-23 18:10 Thomas Deutschmann
2019-01-02 21:58 Thomas Deutschmann
2018-12-25 17:24 Lars Wendler
2018-11-20 14:46 Lars Wendler
2018-11-12 18:36 Thomas Deutschmann
2018-06-20 15:38 Lars Wendler
2018-06-12 10:40 Thomas Deutschmann
2017-12-30 19:55 Thomas Deutschmann
2017-12-07 18:53 Thomas Deutschmann
2016-09-22 13:15 Lars Wendler
2016-05-03 14:21 Lars Wendler
2016-02-09 13:32 Jason Donenfeld
2016-01-29 6:59 Lars Wendler
2015-12-03 19:58 Mike Frysinger
2015-12-03 18:40 Lars Wendler
2015-12-03 17:10 Mike Frysinger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1456526758.e47b9611f34d6141b0e389e94e0b84135afa25ba.cardoe@gentoo \
--to=cardoe@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox