From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 0A8BD138334 for ; Wed, 13 Feb 2019 10:07:59 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 0B19CE08E2; Wed, 13 Feb 2019 10:07:58 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 8A6CEE08E2 for ; Wed, 13 Feb 2019 10:07:57 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 0A80D340CD0 for ; Wed, 13 Feb 2019 10:07:55 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 115E0503 for ; Wed, 13 Feb 2019 10:07:53 +0000 (UTC) From: "Michael Haubenwallner" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Michael Haubenwallner" Message-ID: <1550052117.115c900ced8385c2ccf38780b95f53b224f47731.haubi@gentoo> Subject: [gentoo-commits] repo/proj/prefix:master commit in: dev-libs/openssl/, dev-libs/openssl/files/ X-VCS-Repository: repo/proj/prefix X-VCS-Files: dev-libs/openssl/Manifest dev-libs/openssl/files/gentoo.config-0.9.8 dev-libs/openssl/files/gentoo.config-1.0.0 dev-libs/openssl/files/gentoo.config-1.0.1 dev-libs/openssl/files/gentoo.config-1.0.2 dev-libs/openssl/files/openssl-0.9.7-alpha-default-gcc.patch dev-libs/openssl/files/openssl-0.9.7e-gentoo.patch dev-libs/openssl/files/openssl-0.9.8-make-engines-dir.patch dev-libs/openssl/files/openssl-0.9.8-makedepend.patch dev-libs/openssl/files/openssl-0.9.8b-doc-updates.patch dev-libs/openssl/files/openssl-0.9.8e-bsd-sparc64.patch dev-libs/openssl/files/openssl-0.9.8e-make.patch dev-libs/openssl/files/openssl-0.9.8g-interix.patch dev-libs/openssl/files/openssl-0.9.8g-mint.patch dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch dev-libs/openssl/files/openssl-0.9.8h-ldflags.patch dev-libs/openssl/files/openssl-0.9.8h-winnt.patch dev-libs/openssl/files/openssl-0.9.8j-parallel-build.patch dev-libs/openssl/files/openssl-0.9.8k-aixdll.patch dev-libs/openssl/files/open ssl-0.9.8k-cc-mxx.patch dev-libs/openssl/files/openssl-0.9.8k-toolchain.patch dev-libs/openssl/files/openssl-0.9.8k-winnt.patch dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1377.patch dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1378.patch dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1379.patch dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1387.patch dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-2409.patch dev-libs/openssl/files/openssl-0.9.8l-aixso.patch dev-libs/openssl/files/openssl-0.9.8l-binutils.patch dev-libs/openssl/files/openssl-0.9.8l-dtls-compat.patch dev-libs/openssl/files/openssl-0.9.8m-binutils.patch dev-libs/openssl/files/openssl-0.9.8n-interix.patch dev-libs/openssl/files/openssl-0.9.8n-mint.patch dev-libs/openssl/files/openssl-1.0.0a-alpha-mont.patch dev-libs/openssl/files/openssl-1.0.0a-alphacpuid.patch dev-libs/openssl/files/openssl-1.0.0a-fix-double-free.patch dev-libs/openssl/files/openssl-1.0.0a-interix.patch dev-libs/openssl/files/openssl-1.0.0a-ldflag s.patch dev-libs/openssl/files/openssl-1.0.0a-mint.patch dev-libs/openssl/files/openssl-1.0.0b-rev19998.patch dev-libs/openssl/files/openssl-1.0.0d-alpha-fix-unalign.patch dev-libs/openssl/files/openssl-1.0.0d-alpha-typo.patch dev-libs/openssl/files/openssl-1.0.0d-fbsd-amd64.patch dev-libs/openssl/files/openssl-1.0.0d-windres.patch dev-libs/openssl/files/openssl-1.0.0e-parallel-build.patch dev-libs/openssl/files/openssl-1.0.0e-pkg-config.patch dev-libs/openssl/files/openssl-1.0.0e-x32.patch dev-libs/openssl/files/openssl-1.0.0h-pkg-config.patch dev-libs/openssl/files/openssl-1.0.1-gethostbyname2-solaris.patch dev-libs/openssl/files/openssl-1.0.1-ipv6.patch dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch dev-libs/openssl/files/openssl-1.0.1-x32.patch dev-libs/openssl/files/openssl-1.0.1e-bad-mac-aes-ni.patch dev-libs/openssl/files/openssl-1.0.1e-ipv6.patch dev-libs/openssl/files/openssl-1.0.1e-perl-5.18.patch dev-libs/openssl/files/openssl-1.0.1e-rdrand-explicit.patch dev-l ibs/openssl/files/openssl-1.0.1e-s_client-verify.patch dev-libs/openssl/files/openssl-1.0.1e-tls-ver-crash.patch dev-libs/openssl/files/openssl-1.0.1f-perl-5.18.patch dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch dev-libs/openssl/files/openssl-1.0.1k-aix-soname.patch dev-libs/openssl/files/openssl-1.0.1p-default-source.patch dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0209.patch dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0291.patch dev-libs/openssl/files/openssl-1.0.2-ipv6.patch dev-libs/openssl/files/openssl-1.0.2-parallel-build.patch dev-libs/openssl/files/openssl-1.0.2-s_client-verify.patch dev-libs/openssl/files/openssl-1.0.2_beta2-ipv6.patch dev-libs/openssl/files/openssl-1.0.2a-malloc-typo.patch dev-libs/openssl/files/openssl-1.0.2a-parallel-build.patch dev-libs/openssl/files/openssl-1.0.2a-parallel-install-dirs.patch dev-libs/openssl/files/ openssl-1.0.2a-parallel-obj-headers.patch dev-libs/openssl/files/openssl-1.0.2a-parallel-symlinking.patch dev-libs/openssl/files/openssl-1.0.2d-parallel-build.patch dev-libs/openssl/files/openssl-1.0.2e-parallel-build.patch dev-libs/openssl/files/openssl-1.0.2g-parallel-build.patch dev-libs/openssl/files/openssl-1.0.2i-parallel-build.patch dev-libs/openssl/files/openssl-1.0.2o-CVE-2018-0732.patch dev-libs/openssl/files/openssl-1.0.2p-hobble-ecc.patch dev-libs/openssl/files/openssl-1.1.0g-CVE-2017-3738.patch dev-libs/openssl/files/openssl-1.1.0h-CVE-2018-0732.patch dev-libs/openssl/files/openssl-1.1.0h-CVE-2018-0737.patch dev-libs/openssl/files/openssl-1.1.1-CVE-2018-0734.patch dev-libs/openssl/files/openssl-1.1.1-CVE-2018-0735.patch dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch de v-libs/openssl/files/openssl-1.1.1a-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch dev-libs/openssl/files/openssl-1.1.1a-make-sure-build_SYS_str_reasons_preserves_errno.patch dev-libs/openssl/files/openssl-1.1.1a-preserve-errno-on-dlopen.patch dev-libs/openssl/files/openssl-1.1.1a-preserve-system-error-number-in-a-few-more-places.patch dev-libs/openssl/files/openssl-1.1.1a-revert-reduce-stack-usage-in-tls13_hkdf_expand.patch dev-libs/openssl/openssl-1.1.0j.ebuild dev-libs/openssl/openssl-1.1.1a-r1.ebuild dev-libs/openssl/openssl-1.1.1a.ebuild X-VCS-Directories: dev-libs/openssl/ dev-libs/openssl/files/ X-VCS-Committer: haubi X-VCS-Committer-Name: Michael Haubenwallner X-VCS-Revision: 115c900ced8385c2ccf38780b95f53b224f47731 X-VCS-Branch: master Date: Wed, 13 Feb 2019 10:07:53 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 11cca911-c1f6-4466-b393-f7aab1ea5f7c X-Archives-Hash: feb2bfe77a8d5a793ce13f2b56ab2630 commit: 115c900ced8385c2ccf38780b95f53b224f47731 Author: Michael Haubenwallner gentoo org> AuthorDate: Wed Feb 13 10:01:44 2019 +0000 Commit: Michael Haubenwallner gentoo org> CommitDate: Wed Feb 13 10:01:57 2019 +0000 URL: https://gitweb.gentoo.org/repo/proj/prefix.git/commit/?id=115c900c dev-libs/openssl: sync and cleanup remaining diffs in ebuilds: * Configure shebang * static libs removal remaining diffs in files/gentoo.config-1.0.2: * cygwin * winnt * sparc-solaris Package-Manager: Portage-2.3.55.1-prefix, Repoman-2.3.12 Signed-off-by: Michael Haubenwallner gentoo.org> dev-libs/openssl/Manifest | 13 +- dev-libs/openssl/files/gentoo.config-0.9.8 | 148 ----- dev-libs/openssl/files/gentoo.config-1.0.0 | 159 ----- dev-libs/openssl/files/gentoo.config-1.0.1 | 165 ----- dev-libs/openssl/files/gentoo.config-1.0.2 | 14 +- .../files/openssl-0.9.7-alpha-default-gcc.patch | 12 - dev-libs/openssl/files/openssl-0.9.7e-gentoo.patch | 16 - .../files/openssl-0.9.8-make-engines-dir.patch | 12 - .../openssl/files/openssl-0.9.8-makedepend.patch | 15 - .../openssl/files/openssl-0.9.8b-doc-updates.patch | 270 -------- .../openssl/files/openssl-0.9.8e-bsd-sparc64.patch | 25 - dev-libs/openssl/files/openssl-0.9.8e-make.patch | 26 - .../openssl/files/openssl-0.9.8g-interix.patch | 38 -- dev-libs/openssl/files/openssl-0.9.8g-mint.patch | 33 - .../files/openssl-0.9.8g-sslv3-no-tlsext.patch | 31 - .../openssl/files/openssl-0.9.8h-ldflags.patch | 29 - dev-libs/openssl/files/openssl-0.9.8h-winnt.patch | 104 ---- .../files/openssl-0.9.8j-parallel-build.patch | 25 - dev-libs/openssl/files/openssl-0.9.8k-aixdll.patch | 46 -- dev-libs/openssl/files/openssl-0.9.8k-cc-mxx.patch | 51 -- .../openssl/files/openssl-0.9.8k-toolchain.patch | 22 - dev-libs/openssl/files/openssl-0.9.8k-winnt.patch | 92 --- .../files/openssl-0.9.8l-CVE-2009-1377.patch | 53 -- .../files/openssl-0.9.8l-CVE-2009-1378.patch | 24 - .../files/openssl-0.9.8l-CVE-2009-1379.patch | 22 - .../files/openssl-0.9.8l-CVE-2009-1387.patch | 59 -- .../files/openssl-0.9.8l-CVE-2009-2409.patch | 71 --- dev-libs/openssl/files/openssl-0.9.8l-aixso.patch | 30 - .../openssl/files/openssl-0.9.8l-binutils.patch | 67 -- .../openssl/files/openssl-0.9.8l-dtls-compat.patch | 167 ----- .../openssl/files/openssl-0.9.8m-binutils.patch | 24 - .../openssl/files/openssl-0.9.8n-interix.patch | 39 -- dev-libs/openssl/files/openssl-0.9.8n-mint.patch | 33 - .../openssl/files/openssl-1.0.0a-alpha-mont.patch | 125 ---- .../openssl/files/openssl-1.0.0a-alphacpuid.patch | 18 - .../files/openssl-1.0.0a-fix-double-free.patch | 12 - .../openssl/files/openssl-1.0.0a-interix.patch | 36 -- .../openssl/files/openssl-1.0.0a-ldflags.patch | 29 - dev-libs/openssl/files/openssl-1.0.0a-mint.patch | 33 - .../openssl/files/openssl-1.0.0b-rev19998.patch | 16 - .../files/openssl-1.0.0d-alpha-fix-unalign.patch | 59 -- .../openssl/files/openssl-1.0.0d-alpha-typo.patch | 13 - .../openssl/files/openssl-1.0.0d-fbsd-amd64.patch | 12 - .../openssl/files/openssl-1.0.0d-windres.patch | 76 --- .../files/openssl-1.0.0e-parallel-build.patch | 315 ---------- .../openssl/files/openssl-1.0.0e-pkg-config.patch | 42 -- dev-libs/openssl/files/openssl-1.0.0e-x32.patch | 92 --- .../openssl/files/openssl-1.0.0h-pkg-config.patch | 34 -- .../openssl-1.0.1-gethostbyname2-solaris.patch | 17 - dev-libs/openssl/files/openssl-1.0.1-ipv6.patch | 678 --------------------- .../files/openssl-1.0.1-parallel-build.patch | 354 ----------- dev-libs/openssl/files/openssl-1.0.1-x32.patch | 79 --- .../files/openssl-1.0.1e-bad-mac-aes-ni.patch | 35 -- dev-libs/openssl/files/openssl-1.0.1e-ipv6.patch | 656 -------------------- .../openssl/files/openssl-1.0.1e-perl-5.18.patch | 375 ------------ .../files/openssl-1.0.1e-rdrand-explicit.patch | 28 - .../files/openssl-1.0.1e-s_client-verify.patch | 18 - .../files/openssl-1.0.1e-tls-ver-crash.patch | 34 -- .../openssl/files/openssl-1.0.1f-perl-5.18.patch | 356 ----------- ...enssl-1.0.1f-revert-alpha-perl-generation.patch | 84 --- dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch | 642 ------------------- .../openssl/files/openssl-1.0.1k-aix-soname.patch | 76 --- .../files/openssl-1.0.1p-default-source.patch | 30 - .../files/openssl-1.0.2-CVE-2015-0209.patch | 49 -- .../files/openssl-1.0.2-CVE-2015-0288.patch | 31 - .../files/openssl-1.0.2-CVE-2015-0291.patch | 459 -------------- dev-libs/openssl/files/openssl-1.0.2-ipv6.patch | 611 ------------------- .../files/openssl-1.0.2-parallel-build.patch | 354 ----------- .../files/openssl-1.0.2-s_client-verify.patch | 17 - .../openssl/files/openssl-1.0.2_beta2-ipv6.patch | 640 ------------------- .../openssl/files/openssl-1.0.2a-malloc-typo.patch | 38 -- .../files/openssl-1.0.2a-parallel-build.patch | 314 ---------- .../openssl-1.0.2a-parallel-install-dirs.patch | 64 -- .../openssl-1.0.2a-parallel-obj-headers.patch | 37 -- .../files/openssl-1.0.2a-parallel-symlinking.patch | 63 -- .../files/openssl-1.0.2d-parallel-build.patch | 309 ---------- .../files/openssl-1.0.2e-parallel-build.patch | 314 ---------- .../files/openssl-1.0.2g-parallel-build.patch | 318 ---------- .../files/openssl-1.0.2i-parallel-build.patch | 326 ---------- .../files/openssl-1.0.2o-CVE-2018-0732.patch | 39 -- .../openssl/files/openssl-1.0.2p-hobble-ecc.patch | 283 +++++++++ .../files/openssl-1.1.0g-CVE-2017-3738.patch | 77 --- .../files/openssl-1.1.0h-CVE-2018-0732.patch | 39 -- .../files/openssl-1.1.0h-CVE-2018-0737.patch | 31 - .../files/openssl-1.1.1-CVE-2018-0734.patch | 131 ---- .../files/openssl-1.1.1-CVE-2018-0735.patch | 44 -- ...-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch | 27 + ...ix-cert-with-rsa-instead-of-rsaEncryption.patch | 97 +++ ...ix-some-SSL_export_keying_material-issues.patch | 420 +++++++++++++ ...a-fix-wrong-return-value-in-ssl3_ctx_ctrl.patch | 26 + ...ure-build_SYS_str_reasons_preserves_errno.patch | 68 +++ .../openssl-1.1.1a-preserve-errno-on-dlopen.patch | 51 ++ ...-system-error-number-in-a-few-more-places.patch | 57 ++ ...t-reduce-stack-usage-in-tls13_hkdf_expand.patch | 56 ++ dev-libs/openssl/openssl-1.1.0j.ebuild | 26 +- ...nssl-1.1.0j.ebuild => openssl-1.1.1a-r1.ebuild} | 57 +- ...openssl-1.1.0j.ebuild => openssl-1.1.1a.ebuild} | 46 +- 97 files changed, 1185 insertions(+), 10643 deletions(-) diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest index 72b6620c97..7620ca80de 100644 --- a/dev-libs/openssl/Manifest +++ b/dev-libs/openssl/Manifest @@ -4,12 +4,19 @@ DIST openssl-1.0.2p_ec_curve.c 17254 BLAKE2B d40d8d6e770443f07abe70e2c4ddda6aec1 DIST openssl-1.0.2p_ectest.c 30735 BLAKE2B 95333a27f1cf0a4305a3cee7f6d46b9d4673582ca9acfcf5ba2a0d9d317ab6219cd0d2ff0ba3a55a317c8f5819342f05cc17ba80ec2c92b2b4cab9a3552382e1 SHA512 f2e4d34327b490bc8371f0845c69df3f9fc51ea16f0ea0de0411a0c1fa9d49bb2b6fafc363eb3b3cd919dc7c24e4a0d075c6ff878c01d70dae918f2540874c19 DIST openssl-1.0.2p_hobble-openssl 1302 BLAKE2B 647caa6a0f4c53a2e77baa3b8e5961eaef3bb0ff38e7d5475eab8deef3439f7fe49028ec9ed0406f3453870b62cac67c496b3a048ee4c9ff4c6866d520235960 SHA512 3d757a4708e74a03dd5cb9b8114dfe442ed9520739a6eca693be4c4265771696f1449ea06d1c9bcfc6e94fc9b0dd0c10e153f1c3b0334831c0550b36cd63326e DIST openssl-1.1.0-build.patch 3028 BLAKE2B f8cf981ed3717af234ce02fa50f27cdbcbf2b766968a5957fc6f0a4ea997549505fa77398444d7f3b9a75f66048447fe62542b9cb1d5f0268add87c44915a6fd SHA512 b19a912900970052f80c67f28975e793ae9e70ebfc62efae0544e09931079e98c4cd29ce1cc8d937ceca97aff9a12fdc1ff9ce6c2b47fea68c79e7065464a0f0 +DIST openssl-1.1.0-build_d2ede125556ac99aa0faa7744c703af3f559094e.patch 3001 BLAKE2B 8f0ac4be6409b4ec50bec171697da2aebe2688e8ae06bd0dfac8b0c74661d38ebeb0a12bde0ef941b213eee9b85965262213b140636060285dcfb02a3bd14961 SHA512 ec6710e9669ac19e4c6f1286c89a383e7d276a773a2740037f98a8f2dbf18305614e7d30d9ed530923a0e7d10a3776fea2ca77229adc25df13ecad55589a3673 DIST openssl-1.1.0-ec-curves.patch 2967 BLAKE2B 1c639514445ea85cf731732aa7901b5a03ddb5f637b0483ab2ec6825433ad978723c5a07316db684bdaca4a12fc673b4e049a49c0cd4dbe5f25a5e2bd3b75cf5 SHA512 8fb9c6759ae2077ad3697ba77e85ab3970fd8b3f64b21eb260b4f6333b7ebf2f5a53c7eee311229edfbd96a2b904ec5e5e00dfa5b62cf1105fece13069077bd2 +DIST openssl-1.1.0-ec-curves_d2ede125556ac99aa0faa7744c703af3f559094e.patch 5311 BLAKE2B e9ec985adf6f13eb04412158a05da7cbe10be7d64bce73b899152ea379336ece7b7069089ef46993ac301ef850fd46fd0352898e249b2ea9fff5baf20896e5b5 SHA512 c38c4b05195f2b323a07efd8d17335ba2a168a16a59d7941da36568081f1c043da8d2216b7084b0617963635ded9bafeee736ecddbfa251cf0a02e4cba64cdc8 DIST openssl-1.1.0i.tar.gz 5453234 BLAKE2B ae6bec9c116769d98a77165b96fb7d201fe2ede8ee98e3cb68eba496cc90a5fae38dbcbb68b824c9eeacb25605aa80c3ccca9b4f00725658da3ad646834b0f9d SHA512 4a9d454031f644a3072a980f4ea20df976f6c5c58178549dfa62fd4dcf1417509e3be517d2ccb265c87688836f2993531b142fc5971bac5c41d33060057627df DIST openssl-1.1.0i_ec_curve.c 18401 BLAKE2B f969071ac1b5d0e43b50d54e50b5c4d9201fc8b94458902e9849f14841b5505a2e43ed57a8c13255f042a211af9ee904776c155c36da838a8ad22e1052b02bc1 SHA512 a1c2bb3c3e3d342bddc8c952985e87fc4bad2e8142d5d760b18f346c44c20f00db61c4856f3dcf879b2098e0c036330762915f65d80a1a2cba717d2caeb95457 DIST openssl-1.1.0i_ectest.c 30688 BLAKE2B 6673ef0fd139af82d830794179b19b9e06be25fac4a13b8bdfa5fd5dad25f594ce8eab118aab9ec2aab25001e1de127c03f8e1a04f4f3ef4c464b7fb1811ed4a SHA512 240fc72916caf4a8b0af774ce307abfe9a93a762eba6fae760cec79d619fe3db0d6919fc92a8951cb031f73958237700b45f590aa7f9f2890762cccda1f1e74b DIST openssl-1.1.0i_hobble-openssl 1117 BLAKE2B c3a1477e63331e83cf1cbe58e9ef131ec500a311e22d3da55034800ca353c387b2e202575acf3badb00b236ff91d4bac1bb131a33930939646d26bec27be6e04 SHA512 fa9cc70afa11a7a292548b4bddbba8159824a364ce5c279b483768e6ae2aa4b5491d9bf2cc734819f30a11c8ee0d91bcb991c4a7ab357296aeb4c04feac74826 DIST openssl-1.1.0j.tar.gz 5411919 BLAKE2B 0fbd936f38d30b64bea717a67cd59704c5ce44ee19f377a820f89ba66b9e0a7509cf39e0fb00c104ae6440a6bd811e388239b458ffe685d8601235bab2afb2f1 SHA512 e7d30951ebb3cbcb6d59e3eb40f64f5a84634b7f5c380a588d378973f1c415395e3ab71a9aaff6478a89ec6efcc88f17f1882c99c25dcd18165f1435a51e5768 -DIST openssl-1.1.0j_ec_curve.c 18401 BLAKE2B f969071ac1b5d0e43b50d54e50b5c4d9201fc8b94458902e9849f14841b5505a2e43ed57a8c13255f042a211af9ee904776c155c36da838a8ad22e1052b02bc1 SHA512 a1c2bb3c3e3d342bddc8c952985e87fc4bad2e8142d5d760b18f346c44c20f00db61c4856f3dcf879b2098e0c036330762915f65d80a1a2cba717d2caeb95457 -DIST openssl-1.1.0j_ectest.c 30688 BLAKE2B 6673ef0fd139af82d830794179b19b9e06be25fac4a13b8bdfa5fd5dad25f594ce8eab118aab9ec2aab25001e1de127c03f8e1a04f4f3ef4c464b7fb1811ed4a SHA512 240fc72916caf4a8b0af774ce307abfe9a93a762eba6fae760cec79d619fe3db0d6919fc92a8951cb031f73958237700b45f590aa7f9f2890762cccda1f1e74b -DIST openssl-1.1.0j_hobble-openssl 1117 BLAKE2B c3a1477e63331e83cf1cbe58e9ef131ec500a311e22d3da55034800ca353c387b2e202575acf3badb00b236ff91d4bac1bb131a33930939646d26bec27be6e04 SHA512 fa9cc70afa11a7a292548b4bddbba8159824a364ce5c279b483768e6ae2aa4b5491d9bf2cc734819f30a11c8ee0d91bcb991c4a7ab357296aeb4c04feac74826 +DIST openssl-1.1.0j_d2ede125556ac99aa0faa7744c703af3f559094e_ec_curve.c 18401 BLAKE2B f969071ac1b5d0e43b50d54e50b5c4d9201fc8b94458902e9849f14841b5505a2e43ed57a8c13255f042a211af9ee904776c155c36da838a8ad22e1052b02bc1 SHA512 a1c2bb3c3e3d342bddc8c952985e87fc4bad2e8142d5d760b18f346c44c20f00db61c4856f3dcf879b2098e0c036330762915f65d80a1a2cba717d2caeb95457 +DIST openssl-1.1.0j_d2ede125556ac99aa0faa7744c703af3f559094e_ectest.c 30688 BLAKE2B 6673ef0fd139af82d830794179b19b9e06be25fac4a13b8bdfa5fd5dad25f594ce8eab118aab9ec2aab25001e1de127c03f8e1a04f4f3ef4c464b7fb1811ed4a SHA512 240fc72916caf4a8b0af774ce307abfe9a93a762eba6fae760cec79d619fe3db0d6919fc92a8951cb031f73958237700b45f590aa7f9f2890762cccda1f1e74b +DIST openssl-1.1.0j_d2ede125556ac99aa0faa7744c703af3f559094e_hobble-openssl 1117 BLAKE2B c3a1477e63331e83cf1cbe58e9ef131ec500a311e22d3da55034800ca353c387b2e202575acf3badb00b236ff91d4bac1bb131a33930939646d26bec27be6e04 SHA512 fa9cc70afa11a7a292548b4bddbba8159824a364ce5c279b483768e6ae2aa4b5491d9bf2cc734819f30a11c8ee0d91bcb991c4a7ab357296aeb4c04feac74826 +DIST openssl-1.1.1-ec-curves.patch 7265 BLAKE2B 04725d226c430132cf54afbfaa30a82f8f8bbfd3608823d1d0cd42c3c13f417e90762759da3134d7b0c4373e531925db337b681340f2f284cb2f16a4caef22e3 SHA512 de4d0f1635740c57217836a476c420141c0d34a5f90cbf7957aed7a80e7ac9ca036de2d8448e6bf4c122999e308730575899f61cea6e51ab6825dd04890d75a1 +DIST openssl-1.1.1a.tar.gz 8350547 BLAKE2B 71dae2f44ade3e31983599a491b5efe5da63bbe4f32a2336a8022b282f844a9d898f3b1c3fa825a5973cb16898e8e87fcd73d68e9b602b58f500c3f3e047b199 SHA512 1523985ba90f38aa91aa6c2d57652f4e243cb2a095ce6336bf34b39b5a9b5b876804299a6825c758b65990e57948da532cca761aa12b10958c97478d04dd6d34 +DIST openssl-1.1.1a_ec_curve.c 17938 BLAKE2B d5cbde40dcd8608087aed6ffa9feb040ffadecf0c46b7f3978cc468a9503f0a5ad0a426ea6f8db56f49a64474a508bebdf946e01ebf09adc727675f3b180bcdc SHA512 ec470f6514cb9a4f680b8cbbe02e2bbe71639b288f3429d976726047901d9c50377dfb2737f32429da2fb0e52fd67878a86debb54520e307ee196d97b5c66415 +DIST openssl-1.1.1a_ectest.c 35091 BLAKE2B a9602255ab529751c2af2419206ce113f03f93b7b776691ea2ec550f26ddbecd241844bb81dc86988fdbb1c0a587318f82ce4faecba1a6142a19cf08d40fb2c5 SHA512 7813d9b6b7ab62119a7f2dd5431c17c5839f4c320ac7071b0714c9b8528bda5fda779dbb263328dca6ee8446e9fa09c663da659c9a82832a65cf53d1cd8a4cef +DIST openssl-1.1.1a_hobble-openssl 1117 BLAKE2B c3a1477e63331e83cf1cbe58e9ef131ec500a311e22d3da55034800ca353c387b2e202575acf3badb00b236ff91d4bac1bb131a33930939646d26bec27be6e04 SHA512 fa9cc70afa11a7a292548b4bddbba8159824a364ce5c279b483768e6ae2aa4b5491d9bf2cc734819f30a11c8ee0d91bcb991c4a7ab357296aeb4c04feac74826 diff --git a/dev-libs/openssl/files/gentoo.config-0.9.8 b/dev-libs/openssl/files/gentoo.config-0.9.8 deleted file mode 100755 index 09e5b0b7f8..0000000000 --- a/dev-libs/openssl/files/gentoo.config-0.9.8 +++ /dev/null @@ -1,148 +0,0 @@ -#!/usr/bin/env bash -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/gentoo.config-0.9.8,v 1.18 2012/05/25 17:41:21 vapier Exp $ -# -# Openssl doesn't play along nicely with cross-compiling -# like autotools based projects, so let's teach it new tricks. -# -# Review the bundled 'config' script to see why kind of targets -# we can pass to the 'Configure' script. - - -# Testing routines -if [[ $1 == "test" ]] ; then - for c in \ - "arm-gentoo-linux-uclibc |linux-generic32 -DL_ENDIAN" \ - "armv5b-linux-gnu |linux-generic32 -DB_ENDIAN" \ - "x86_64-pc-linux-gnu |linux-x86_64" \ - "alphaev56-unknown-linux-gnu |linux-alpha+bwx-gcc" \ - "i686-pc-linux-gnu |linux-elf" \ - "whatever-gentoo-freebsdX.Y |BSD-generic32" \ - "i686-gentoo-freebsdX.Y |BSD-x86-elf" \ - "sparc64-alpha-freebsdX.Y |BSD-sparc64" \ - "ia64-gentoo-freebsd5.99234 |BSD-ia64" \ - "x86_64-gentoo-freebsdX.Y |BSD-x86_64" \ - "hppa64-aldsF-linux-gnu5.3 |linux-generic32 -DB_ENDIAN" \ - "powerpc-gentOO-linux-uclibc |linux-ppc" \ - "powerpc64-unk-linux-gnu |linux-ppc64" \ - "x86_64-apple-darwinX |darwin64-x86_64-cc" \ - "powerpc64-apple-darwinX |darwin64-ppc-cc" \ - "i686-apple-darwinX |darwin-i386-cc" \ - "i386-apple-darwinX |darwin-i386-cc" \ - "powerpc-apple-darwinX |darwin-ppc-cc" \ - "i586-pc-winnt |winnt-parity" \ - ;do - CHOST=${c/|*} - ret_want=${c/*|} - ret_got=$(CHOST=${CHOST} "$0") - - if [[ ${ret_want} == "${ret_got}" ]] ; then - echo "PASS: ${CHOST}" - else - echo "FAIL: ${CHOST}" - echo -e "\twanted: ${ret_want}" - echo -e "\twe got: ${ret_got}" - fi - done - exit 0 -fi -[[ -z ${CHOST} && -n $1 ]] && CHOST=$1 - - -# Detect the operating system -case ${CHOST} in - *-aix*) system="aix";; - *-darwin*) system="darwin";; - *-freebsd*) system="BSD";; - *-hpux*) system="hpux";; - *-linux*) system="linux";; - *-solaris*) system="solaris";; - *-winnt*) system="winnt";; - *) exit 0;; -esac - - -# Compiler munging -compiler="gcc" -if [[ ${CC} == "ccc" ]] ; then - compiler=${CC} -fi - - -# Detect target arch -machine="" -chost_machine=${CHOST%%-*} -case ${system} in -linux) - case ${chost_machine} in - alphaev56*) machine=alpha+bwx-${compiler};; - alphaev[678]*)machine=alpha+bwx-${compiler};; - alpha*) machine=alpha-${compiler};; - arm*b*) machine="generic32 -DB_ENDIAN";; - arm*) machine="generic32 -DL_ENDIAN";; - # hppa64*) machine=parisc64;; - hppa*) machine="generic32 -DB_ENDIAN";; - i[0-9]86*) machine=elf;; - ia64*) machine=ia64;; - m68*) machine="generic32 -DB_ENDIAN";; - mips*el*) machine="generic32 -DL_ENDIAN";; - mips*) machine="generic32 -DB_ENDIAN";; - powerpc64*) machine=ppc64;; - powerpc*) machine=ppc;; - # sh64*) machine=elf;; - sh*b*) machine="generic32 -DB_ENDIAN";; - sh*) machine="generic32 -DL_ENDIAN";; - sparc*v7*) machine="generic32 -DB_ENDIAN";; - sparc64*) machine=sparcv9;; - sparc*) machine=sparcv8;; - s390x*) machine="generic64 -DB_ENDIAN";; - s390*) machine="generic32 -DB_ENDIAN";; - x86_64*) machine=x86_64;; - esac - ;; -BSD) - case ${chost_machine} in - alpha*) machine=generic64;; - i[6-9]86*) machine=x86-elf;; - ia64*) machine=ia64;; - sparc64*) machine=sparc64;; - x86_64*) machine=x86_64;; - *) machine=generic32;; - esac - ;; -aix) - machine=${compiler} - ;; -darwin) - case ${chost_machine} in - powerpc64) machine=ppc-cc; system=${system}64;; - powerpc) machine=ppc-cc;; - i?86*) machine=i386-cc;; - x86_64) machine=x86_64-cc; system=${system}64;; - esac - ;; -hpux) - case ${chost_machine} in - ia64) machine=ia64-${compiler} ;; - hppa64) machine=parisc2-${compiler}; system=${system}64 ;; - hppa1*) machine=parisc-${compiler} ;; - hppa*) machine=parisc2-${compiler} ;; - esac - ;; -solaris) - case ${chost_machine} in - i386) machine=x86-${compiler} ;; - x86_64*) machine=x86_64-${compiler}; system=${system}64;; - sparcv9*) machine=sparcv9-${compiler}; system=${system}64;; - sparc*) machine=sparcv8-${compiler};; - esac - ;; -winnt) - machine=parity - ;; -esac - - -# If we have something, show it -[[ -n ${machine} ]] && echo ${system}-${machine} diff --git a/dev-libs/openssl/files/gentoo.config-1.0.0 b/dev-libs/openssl/files/gentoo.config-1.0.0 deleted file mode 100755 index 0c479f1692..0000000000 --- a/dev-libs/openssl/files/gentoo.config-1.0.0 +++ /dev/null @@ -1,159 +0,0 @@ -#!/usr/bin/env bash -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/gentoo.config-1.0.0,v 1.5 2012/05/25 17:41:21 vapier Exp $ -# -# Openssl doesn't play along nicely with cross-compiling -# like autotools based projects, so let's teach it new tricks. -# -# Review the bundled 'config' script to see why kind of targets -# we can pass to the 'Configure' script. - - -# Testing routines -if [[ $1 == "test" ]] ; then - for c in \ - "arm-gentoo-linux-uclibc |linux-generic32 -DL_ENDIAN" \ - "armv5b-linux-gnu |linux-armv4 -DB_ENDIAN" \ - "x86_64-pc-linux-gnu |linux-x86_64" \ - "alphaev56-unknown-linux-gnu |linux-alpha+bwx-gcc" \ - "i686-pc-linux-gnu |linux-elf" \ - "whatever-gentoo-freebsdX.Y |BSD-generic32" \ - "i686-gentoo-freebsdX.Y |BSD-x86-elf" \ - "sparc64-alpha-freebsdX.Y |BSD-sparc64" \ - "ia64-gentoo-freebsd5.99234 |BSD-ia64" \ - "x86_64-gentoo-freebsdX.Y |BSD-x86_64" \ - "hppa64-aldsF-linux-gnu5.3 |linux-generic32 -DB_ENDIAN" \ - "powerpc-gentOO-linux-uclibc |linux-ppc" \ - "powerpc64-unk-linux-gnu |linux-ppc64" \ - "x86_64-apple-darwinX |darwin64-x86_64-cc" \ - "powerpc64-apple-darwinX |darwin64-ppc-cc" \ - "i686-apple-darwinX |darwin-i386-cc" \ - "i386-apple-darwinX |darwin-i386-cc" \ - "powerpc-apple-darwinX |darwin-ppc-cc" \ - "i586-pc-winnt |winnt-parity" \ - "s390-ibm-linux-gnu |linux-generic32 -DB_ENDIAN" \ - "s390x-linux-gnu |linux-s390x" \ - ;do - CHOST=${c/|*} - ret_want=${c/*|} - ret_got=$(CHOST=${CHOST} "$0") - - if [[ ${ret_want} == "${ret_got}" ]] ; then - echo "PASS: ${CHOST}" - else - echo "FAIL: ${CHOST}" - echo -e "\twanted: ${ret_want}" - echo -e "\twe got: ${ret_got}" - fi - done - exit 0 -fi -[[ -z ${CHOST} && -n $1 ]] && CHOST=$1 - - -# Detect the operating system -case ${CHOST} in - *-aix*) system="aix";; - *-darwin*) system="darwin";; - *-freebsd*) system="BSD";; - *-hpux*) system="hpux";; - *-linux*) system="linux";; - *-solaris*) system="solaris";; - *-winnt*) system="winnt";; - x86_64-*-mingw*) system="mingw64";; - *mingw*) system="mingw";; - *) exit 0;; -esac - - -# Compiler munging -compiler="gcc" -if [[ ${CC} == "ccc" ]] ; then - compiler=${CC} -fi - - -# Detect target arch -machine="" -chost_machine=${CHOST%%-*} -case ${system} in -linux) - case ${chost_machine}:${ABI} in - alphaev56*) machine=alpha+bwx-${compiler};; - alphaev[678]*)machine=alpha+bwx-${compiler};; - alpha*) machine=alpha-${compiler};; - armv[4-9]*b*) machine="armv4 -DB_ENDIAN";; - armv[4-9]*) machine="armv4 -DL_ENDIAN";; - arm*b*) machine="generic32 -DB_ENDIAN";; - arm*) machine="generic32 -DL_ENDIAN";; - avr*) machine="generic32 -DL_ENDIAN";; - bfin*) machine="generic32 -DL_ENDIAN";; - # hppa64*) machine=parisc64;; - hppa*) machine="generic32 -DB_ENDIAN";; - i[0-9]86*|\ - x86_64*:x86) machine=elf;; - ia64*) machine=ia64;; - m68*) machine="generic32 -DB_ENDIAN";; - mips*el*) machine="generic32 -DL_ENDIAN";; - mips*) machine="generic32 -DB_ENDIAN";; - powerpc64*) machine=ppc64;; - powerpc*) machine=ppc;; - # sh64*) machine=elf;; - sh*b*) machine="generic32 -DB_ENDIAN";; - sh*) machine="generic32 -DL_ENDIAN";; - sparc*v7*) machine="generic32 -DB_ENDIAN";; - sparc64*) machine=sparcv9;; - sparc*) machine=sparcv8;; - s390x*) machine=s390x;; - s390*) machine="generic32 -DB_ENDIAN";; - x86_64*:x32) machine=x32;; - x86_64*) machine=x86_64;; - esac - ;; -BSD) - case ${chost_machine} in - alpha*) machine=generic64;; - i[6-9]86*) machine=x86-elf;; - ia64*) machine=ia64;; - sparc64*) machine=sparc64;; - x86_64*) machine=x86_64;; - *) machine=generic32;; - esac - ;; -aix) - machine=${compiler} - ;; -darwin) - case ${chost_machine} in - powerpc64) machine=ppc-cc; system=${system}64;; - powerpc) machine=ppc-cc;; - i?86*) machine=i386-cc;; - x86_64) machine=x86_64-cc; system=${system}64;; - esac - ;; -hpux) - case ${chost_machine} in - ia64) machine=ia64-${compiler} ;; - esac - ;; -solaris) - case ${chost_machine} in - i386) machine=x86-${compiler} ;; - x86_64*) machine=x86_64-${compiler}; system=${system}64;; - sparcv9*) machine=sparcv9-${compiler}; system=${system}64;; - sparc*) machine=sparcv8-${compiler};; - esac - ;; -winnt) - machine=parity - ;; -mingw*) - # special case ... no xxx-yyy style name - echo ${system} - ;; -esac - - -# If we have something, show it -[[ -n ${machine} ]] && echo ${system}-${machine} diff --git a/dev-libs/openssl/files/gentoo.config-1.0.1 b/dev-libs/openssl/files/gentoo.config-1.0.1 deleted file mode 100644 index cca1c261ff..0000000000 --- a/dev-libs/openssl/files/gentoo.config-1.0.1 +++ /dev/null @@ -1,165 +0,0 @@ -#!/usr/bin/env bash -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/gentoo.config-1.0.1,v 1.2 2014/01/17 04:27:03 vapier Exp $ -# -# Openssl doesn't play along nicely with cross-compiling -# like autotools based projects, so let's teach it new tricks. -# -# Review the bundled 'config' script to see why kind of targets -# we can pass to the 'Configure' script. - - -# Testing routines -if [[ $1 == "test" ]] ; then - for c in \ - "arm-gentoo-linux-uclibc |linux-generic32 -DL_ENDIAN" \ - "armv5b-linux-gnu |linux-armv4 -DB_ENDIAN" \ - "x86_64-pc-linux-gnu |linux-x86_64" \ - "alpha-linux-gnu |linux-alpha-gcc" \ - "alphaev56-unknown-linux-gnu |linux-alpha+bwx-gcc" \ - "i686-pc-linux-gnu |linux-elf" \ - "whatever-gentoo-freebsdX.Y |BSD-generic32" \ - "i686-gentoo-freebsdX.Y |BSD-x86-elf" \ - "sparc64-alpha-freebsdX.Y |BSD-sparc64" \ - "ia64-gentoo-freebsd5.99234 |BSD-ia64" \ - "x86_64-gentoo-freebsdX.Y |BSD-x86_64" \ - "hppa64-aldsF-linux-gnu5.3 |linux-generic32 -DB_ENDIAN" \ - "powerpc-gentOO-linux-uclibc |linux-ppc" \ - "powerpc64-unk-linux-gnu |linux-ppc64" \ - "x86_64-apple-darwinX |darwin64-x86_64-cc" \ - "powerpc64-apple-darwinX |darwin64-ppc-cc" \ - "i686-apple-darwinX |darwin-i386-cc" \ - "i386-apple-darwinX |darwin-i386-cc" \ - "powerpc-apple-darwinX |darwin-ppc-cc" \ - "i586-pc-winnt |winnt-parity" \ - "s390-ibm-linux-gnu |linux-generic32 -DB_ENDIAN" \ - "s390x-linux-gnu |linux64-s390x" \ - "powerpc-ibm-aixX.Y |aix-gcc --with-aix-soname=svr4" \ - ;do - CHOST=${c/|*} - ret_want=${c/*|} - ret_got=$(CHOST=${CHOST} "$0") - - if [[ ${ret_want} == "${ret_got}" ]] ; then - echo "PASS: ${CHOST}" - else - echo "FAIL: ${CHOST}" - echo -e "\twanted: ${ret_want}" - echo -e "\twe got: ${ret_got}" - fi - done - exit 0 -fi -[[ -z ${CHOST} && -n $1 ]] && CHOST=$1 - - -# Detect the operating system -case ${CHOST} in - *-aix*) system="aix";; - *-darwin*) system="darwin";; - *-freebsd*) system="BSD";; - *-hpux*) system="hpux";; - *-linux*) system="linux";; - *-solaris*) system="solaris";; - *-winnt*) system="winnt";; - x86_64-*-mingw*) system="mingw64";; - *mingw*) system="mingw";; - *) exit 0;; -esac - - -# Compiler munging -compiler="gcc" -if [[ ${CC} == "ccc" ]] ; then - compiler=${CC} -fi - - -# Detect target arch -machine="" -chost_machine=${CHOST%%-*} -case ${system} in -linux) - case ${chost_machine}:${ABI} in - aarch64*be) machine="generic64 -DB_ENDIAN";; - aarch64*) machine="generic64 -DL_ENDIAN";; - alphaev56*|\ - alphaev[678]*)machine=alpha+bwx-${compiler};; - alpha*) machine=alpha-${compiler};; - armv[4-9]*b*) machine="armv4 -DB_ENDIAN";; - armv[4-9]*) machine="armv4 -DL_ENDIAN";; - arm*b*) machine="generic32 -DB_ENDIAN";; - arm*) machine="generic32 -DL_ENDIAN";; - avr*) machine="generic32 -DL_ENDIAN";; - bfin*) machine="generic32 -DL_ENDIAN";; - # hppa64*) machine=parisc64;; - hppa*) machine="generic32 -DB_ENDIAN";; - i[0-9]86*|\ - x86_64*:x86) machine=elf;; - ia64*) machine=ia64;; - m68*) machine="generic32 -DB_ENDIAN";; - mips*el*) machine="generic32 -DL_ENDIAN";; - mips*) machine="generic32 -DB_ENDIAN";; - powerpc64*le) machine="generic64 -DL_ENDIAN";; - powerpc64*) machine=ppc64;; - powerpc*le) machine="generic32 -DL_ENDIAN";; - powerpc*) machine=ppc;; - # sh64*) machine=elf;; - sh*b*) machine="generic32 -DB_ENDIAN";; - sh*) machine="generic32 -DL_ENDIAN";; - sparc*v7*) machine="generic32 -DB_ENDIAN";; - sparc64*) machine=sparcv9;; - sparc*) machine=sparcv8;; - s390x*) machine=s390x system=linux64;; - s390*) machine="generic32 -DB_ENDIAN";; - x86_64*:x32) machine=x32;; - x86_64*) machine=x86_64;; - esac - ;; -BSD) - case ${chost_machine} in - alpha*) machine=generic64;; - i[6-9]86*) machine=x86-elf;; - ia64*) machine=ia64;; - sparc64*) machine=sparc64;; - x86_64*) machine=x86_64;; - *) machine=generic32;; - esac - ;; -aix) - machine="${compiler} --with-aix-soname=svr4" - ;; -darwin) - case ${chost_machine} in - powerpc64) machine=ppc-cc; system=${system}64;; - powerpc) machine=ppc-cc;; - i?86*) machine=i386-cc;; - x86_64) machine=x86_64-cc; system=${system}64;; - esac - ;; -hpux) - case ${chost_machine} in - ia64) machine=ia64-${compiler} ;; - esac - ;; -solaris) - case ${chost_machine} in - i386) machine=x86-${compiler} ;; - x86_64*) machine=x86_64-${compiler}; system=${system}64;; - sparcv9*) machine=sparcv9-${compiler}; system=${system}64;; - sparc*) machine=sparcv8-${compiler};; - esac - ;; -winnt) - machine=parity - ;; -mingw*) - # special case ... no xxx-yyy style name - echo ${system} - ;; -esac - - -# If we have something, show it -[[ -n ${machine} ]] && echo ${system}-${machine} diff --git a/dev-libs/openssl/files/gentoo.config-1.0.2 b/dev-libs/openssl/files/gentoo.config-1.0.2 index 64933771ca..3decbee261 100755 --- a/dev-libs/openssl/files/gentoo.config-1.0.2 +++ b/dev-libs/openssl/files/gentoo.config-1.0.2 @@ -1,7 +1,6 @@ #!/usr/bin/env bash -# Copyright 1999-2018 Gentoo Authors +# Copyright 1999-2019 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -# $Id$ # # Openssl doesn't play along nicely with cross-compiling # like autotools based projects, so let's teach it new tricks. @@ -85,8 +84,8 @@ chost_machine=${CHOST%%-*} case ${system} in linux) case ${chost_machine}:${ABI} in - aarch64*be*) machine="generic64 -DB_ENDIAN";; - aarch64*) machine="generic64 -DL_ENDIAN";; + aarch64*be*) machine="aarch64 -DB_ENDIAN";; + aarch64*) machine="aarch64 -DL_ENDIAN";; alphaev56*|\ alphaev[678]*)machine=alpha+bwx-${compiler};; alpha*) machine=alpha-${compiler};; @@ -111,8 +110,13 @@ linux) # sh64*) machine=elf;; sh*b*) machine="generic32 -DB_ENDIAN";; sh*) machine="generic32 -DL_ENDIAN";; + # TODO: Might want to do -mcpu probing like glibc to determine a + # better default for sparc-linux-gnu targets. This logic will + # break v7 and older systems when they use it. sparc*v7*) machine="generic32 -DB_ENDIAN";; - sparc64*) machine=sparcv9;; + sparc64*) machine=sparcv9 system=linux64;; + sparc*v9*) machine=sparcv9;; + sparc*v8*) machine=sparcv8;; sparc*) machine=sparcv8;; s390x*) machine=s390x system=linux64;; s390*) machine="generic32 -DB_ENDIAN";; diff --git a/dev-libs/openssl/files/openssl-0.9.7-alpha-default-gcc.patch b/dev-libs/openssl/files/openssl-0.9.7-alpha-default-gcc.patch deleted file mode 100644 index a56e76e17a..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.7-alpha-default-gcc.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -ur openssl-0.9.7d.orig/config openssl-0.9.7d/config ---- openssl-0.9.7d.orig/config 2004-12-11 19:01:11.077248504 -0500 -+++ openssl-0.9.7d/config 2004-12-11 19:08:52.099162520 -0500 -@@ -452,7 +452,7 @@ - sed 's/.* C V\([0-9]\)\.\([0-9]\).*/\1\2/'` - CCCVER=${CCCVER:-0} - if [ $CCCVER -gt 60 ]; then -- CC=ccc # overrides gcc!!! well, ccc outperforms inoticeably -+ CC=gcc # overrides gcc!!! well, ccc outperforms inoticeably - # only on hash routines and des, otherwise gcc (2.95) - # keeps along rather tight... - fi diff --git a/dev-libs/openssl/files/openssl-0.9.7e-gentoo.patch b/dev-libs/openssl/files/openssl-0.9.7e-gentoo.patch deleted file mode 100644 index b3753d20de..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.7e-gentoo.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff -r -c -C 2 openssl-0.9.6g-orig/test/Makefile openssl-0.9.6g/test/Makefile -*** openssl-0.9.6g-orig/test/Makefile Thu Sep 26 15:20:47 2002 ---- openssl-0.9.6g/test/Makefile Thu Sep 26 15:23:26 2002 -*************** -*** 28,32 **** - DLIBCRYPTO= ../libcrypto.a - DLIBSSL= ../libssl.a -! LIBCRYPTO= -L.. -lcrypto - LIBSSL= -L.. -lssl - ---- 28,32 ---- - DLIBCRYPTO= ../libcrypto.a - DLIBSSL= ../libssl.a -! LIBCRYPTO= -L.. -lcrypto -lcrypt - LIBSSL= -L.. -lssl - diff --git a/dev-libs/openssl/files/openssl-0.9.8-make-engines-dir.patch b/dev-libs/openssl/files/openssl-0.9.8-make-engines-dir.patch deleted file mode 100644 index 5cba456c7e..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8-make-engines-dir.patch +++ /dev/null @@ -1,12 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=2082 - ---- openssl-0.9.8/engines/Makefile -+++ openssl-0.9.8.az/engines/Makefile -@@ -88,6 +88,7 @@ - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ -+ $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines; \ - for l in $(LIBNAMES); do \ - ( echo installing $$l; \ - if [ "$(PLATFORM)" != "Cygwin" ]; then \ diff --git a/dev-libs/openssl/files/openssl-0.9.8-makedepend.patch b/dev-libs/openssl/files/openssl-0.9.8-makedepend.patch deleted file mode 100644 index 9abbe8ef37..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8-makedepend.patch +++ /dev/null @@ -1,15 +0,0 @@ -http://bugs.gentoo.org/149583 - -http://rt.openssl.org/Ticket/Display.html?id=2085 - ---- util/domd -+++ util/domd -@@ -14,7 +14,7 @@ - cp Makefile Makefile.save - # fake the presence of Kerberos - touch $TOP/krb5.h --if [ "$MAKEDEPEND" = "gcc" ]; then -+if [ "$MAKEDEPEND" != "makedepend" ]; then - args="" - while [ $# -gt 0 ]; do - if [ "$1" != "--" ]; then args="$args $1"; fi diff --git a/dev-libs/openssl/files/openssl-0.9.8b-doc-updates.patch b/dev-libs/openssl/files/openssl-0.9.8b-doc-updates.patch deleted file mode 100644 index 37cc34cb4c..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8b-doc-updates.patch +++ /dev/null @@ -1,270 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=2083 - ---- doc/crypto/ASN1_generate_nconf.pod -+++ doc/crypto/ASN1_generate_nconf.pod -@@ -6,6 +6,8 @@ ASN1_generate_nconf, ASN1_generate_v3 - - - =head1 SYNOPSIS - -+ #include -+ - ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf); - ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf); - ---- doc/crypto/ASN1_OBJECT_new.pod -+++ doc/crypto/ASN1_OBJECT_new.pod -@@ -6,6 +6,8 @@ ASN1_OBJECT_new, ASN1_OBJECT_free, - obj - - =head1 SYNOPSIS - -+ #include -+ - ASN1_OBJECT *ASN1_OBJECT_new(void); - void ASN1_OBJECT_free(ASN1_OBJECT *a); - ---- doc/crypto/ASN1_STRING_length.pod -+++ doc/crypto/ASN1_STRING_length.pod -@@ -8,6 +8,8 @@ ASN1_STRING utility functions - - =head1 SYNOPSIS - -+ #include -+ - int ASN1_STRING_length(ASN1_STRING *x); - unsigned char * ASN1_STRING_data(ASN1_STRING *x); - ---- doc/crypto/ASN1_STRING_new.pod -+++ doc/crypto/ASN1_STRING_new.pod -@@ -7,6 +7,8 @@ ASN1_STRING allocation functions - - =head1 SYNOPSIS - -+ #include -+ - ASN1_STRING * ASN1_STRING_new(void); - ASN1_STRING * ASN1_STRING_type_new(int type); - void ASN1_STRING_free(ASN1_STRING *a); ---- doc/crypto/bn_internal.pod -+++ doc/crypto/bn_internal.pod -@@ -13,6 +13,8 @@ library internal functions - - =head1 SYNOPSIS - -+ #include -+ - BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w); - BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, - BN_ULONG w); ---- doc/crypto/CRYPTO_set_ex_data.pod -+++ doc/crypto/CRYPTO_set_ex_data.pod -@@ -6,6 +6,8 @@ CRYPTO_set_ex_data, CRYPTO_get_ex_data - - - =head1 SYNOPSIS - -+ #include -+ - int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg); - - void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx); ---- doc/crypto/OBJ_nid2obj.pod -+++ doc/crypto/OBJ_nid2obj.pod -@@ -8,6 +8,8 @@ functions - - =head1 SYNOPSIS - -+ #include -+ - ASN1_OBJECT * OBJ_nid2obj(int n); - const char * OBJ_nid2ln(int n); - const char * OBJ_nid2sn(int n); ---- doc/crypto/PKCS7_decrypt.pod -+++ doc/crypto/PKCS7_decrypt.pod -@@ -6,7 +6,9 @@ PKCS7_decrypt - decrypt content from a P - - =head1 SYNOPSIS - --int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); -+ #include -+ -+ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); - - =head1 DESCRIPTION - ---- doc/crypto/PKCS7_encrypt.pod -+++ doc/crypto/PKCS7_encrypt.pod -@@ -6,7 +6,9 @@ PKCS7_encrypt - create a PKCS#7 envelope - - =head1 SYNOPSIS - --PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags); -+ #include -+ -+ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags); - - =head1 DESCRIPTION - ---- doc/crypto/PKCS7_sign.pod -+++ doc/crypto/PKCS7_sign.pod -@@ -6,7 +6,9 @@ PKCS7_sign - create a PKCS#7 signedData - - =head1 SYNOPSIS - --PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags); -+ #include -+ -+ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags); - - =head1 DESCRIPTION - ---- doc/crypto/PKCS7_verify.pod -+++ doc/crypto/PKCS7_verify.pod -@@ -6,9 +6,11 @@ PKCS7_verify - verify a PKCS#7 signedDat - - =head1 SYNOPSIS - --int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags); -+ #include - --STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); -+ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags); -+ -+ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); - - =head1 DESCRIPTION - ---- doc/crypto/SMIME_read_PKCS7.pod -+++ doc/crypto/SMIME_read_PKCS7.pod -@@ -6,7 +6,9 @@ SMIME_read_PKCS7 - parse S/MIME message. - - =head1 SYNOPSIS - --PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont); -+ #include -+ -+ PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont); - - =head1 DESCRIPTION - ---- doc/crypto/SMIME_write_PKCS7.pod -+++ doc/crypto/SMIME_write_PKCS7.pod -@@ -6,7 +6,9 @@ SMIME_write_PKCS7 - convert PKCS#7 struc - - =head1 SYNOPSIS - --int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags); -+ #include -+ -+ int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags); - - =head1 DESCRIPTION - ---- doc/crypto/ui_compat.pod -+++ doc/crypto/ui_compat.pod -@@ -7,6 +7,8 @@ Compatibility user interface functions - - =head1 SYNOPSIS - -+ #include -+ - int des_read_password(DES_cblock *key,const char *prompt,int verify); - int des_read_2passwords(DES_cblock *key1,DES_cblock *key2, - const char *prompt,int verify); ---- doc/crypto/X509_NAME_add_entry_by_txt.pod -+++ doc/crypto/X509_NAME_add_entry_by_txt.pod -@@ -7,15 +7,17 @@ X509_NAME_add_entry, X509_NAME_delete_en - - =head1 SYNOPSIS - --int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, const unsigned char *bytes, int len, int loc, int set); -+ #include - --int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, unsigned char *bytes, int len, int loc, int set); -+ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, const unsigned char *bytes, int len, int loc, int set); - --int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set); -+ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, unsigned char *bytes, int len, int loc, int set); - --int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set); -+ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set); - --X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); -+ int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set); -+ -+ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); - - =head1 DESCRIPTION - ---- doc/crypto/X509_NAME_ENTRY_get_object.pod -+++ doc/crypto/X509_NAME_ENTRY_get_object.pod -@@ -9,15 +9,17 @@ X509_NAME_ENTRY_create_by_OBJ - X509_NAM - - =head1 SYNOPSIS - --ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); --ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); -+ #include - --int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj); --int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, int len); -+ ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); -+ ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); - --X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field, int type, const unsigned char *bytes, int len); --X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len); --X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len); -+ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj); -+ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, int len); -+ -+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field, int type, const unsigned char *bytes, int len); -+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len); -+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len); - - =head1 DESCRIPTION - ---- doc/crypto/X509_NAME_get_index_by_NID.pod -+++ doc/crypto/X509_NAME_get_index_by_NID.pod -@@ -8,14 +8,16 @@ X509_NAME lookup and enumeration functio - - =head1 SYNOPSIS - --int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos); --int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos); -+ #include - --int X509_NAME_entry_count(X509_NAME *name); --X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc); -+ int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos); -+ int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos); - --int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len); --int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len); -+ int X509_NAME_entry_count(X509_NAME *name); -+ X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc); -+ -+ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len); -+ int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len); - - =head1 DESCRIPTION - ---- doc/crypto/X509_new.pod -+++ doc/crypto/X509_new.pod -@@ -6,6 +6,8 @@ X509_new, X509_free - X509 certificate A - - =head1 SYNOPSIS - -+ #include -+ - X509 *X509_new(void); - void X509_free(X509 *a); - ---- Makefile.org -+++ Makefile.org -@@ -218,7 +218,7 @@ - MANDIR=$(OPENSSLDIR)/man - MAN1=1 - MAN3=3 --MANSUFFIX= -+MANSUFFIX=ssl - SHELL=/bin/sh - - TOP= . diff --git a/dev-libs/openssl/files/openssl-0.9.8e-bsd-sparc64.patch b/dev-libs/openssl/files/openssl-0.9.8e-bsd-sparc64.patch deleted file mode 100644 index a798164a90..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8e-bsd-sparc64.patch +++ /dev/null @@ -1,25 +0,0 @@ ---- a/Configure -+++ b/Configure -@@ -365,7 +365,7 @@ - # -DMD32_REG_T=int doesn't actually belong in sparc64 target, it - # simply *happens* to work around a compiler bug in gcc 3.3.3, - # triggered by RIPEMD160 code. --"BSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:::des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"BSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:ULTRASPARC::SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:::des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "BSD-ia64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "BSD-x86_64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - - -the -B flag is a no-op nowadays - ---- a/crypto/des/Makefile -+++ b/crypto/des/Makefile -@@ -62,7 +62,7 @@ - $(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB) - - des_enc-sparc.S: asm/des_enc.m4 -- m4 -B 8192 asm/des_enc.m4 > des_enc-sparc.S -+ m4 asm/des_enc.m4 > des_enc-sparc.S - - # ELF - dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl diff --git a/dev-libs/openssl/files/openssl-0.9.8e-make.patch b/dev-libs/openssl/files/openssl-0.9.8e-make.patch deleted file mode 100644 index 54f4302cbe..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8e-make.patch +++ /dev/null @@ -1,26 +0,0 @@ -respect $MAKE if it is set in the environment so we don't get a mix -of the host `make` and whatever $MAKE is set to when recursing - -http://bugs.gentoo.org/146316 - -http://rt.openssl.org/Ticket/Display.html?id=2080 - ---- openssl-0.9.8e/Configure -+++ openssl-0.9.8e/Configure -@@ -931,6 +931,7 @@ - $default_ranlib= &which("ranlib") or $default_ranlib="true"; - $perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl") - or $perl="perl"; -+my $make = $ENV{'MAKE'} || "make"; - - chop $openssldir if $openssldir =~ /\/$/; - chop $prefix if $prefix =~ /\/$/; -@@ -1554,7 +1557,7 @@ - EOF - close(OUT); - } else { -- my $make_command = "make PERL=\'$perl\'"; -+ my $make_command = "$make PERL=\'$perl\'"; - my $make_targets = ""; - $make_targets .= " links" if $symlink; - $make_targets .= " depend" if $depflags ne $default_depflags && $make_depend; diff --git a/dev-libs/openssl/files/openssl-0.9.8g-interix.patch b/dev-libs/openssl/files/openssl-0.9.8g-interix.patch deleted file mode 100644 index 545e95dcf8..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8g-interix.patch +++ /dev/null @@ -1,38 +0,0 @@ -reported upstream to rt@openssl.org on 24 Apr 2009: -http://rt.openssl.org/Ticket/Display.html?id=1908 - -diff -ru openssl-0.9.8g.orig/Configure openssl-0.9.8g/Configure ---- openssl-0.9.8g.orig/Configure Mon Jan 21 11:20:03 2008 -+++ openssl-0.9.8g/Configure Mon Jan 21 11:22:20 2008 -@@ -464,6 +464,9 @@ - "VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", - "VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", - -+# Interix (GCC) -+"interix-gcc", "gcc:-D_ALL_SOURCE -DL_ENDIAN -DTERMIOS -O2 -Wall::-D_REENTRANT::-ldl:::::::::::::dlfcn:gnu:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+ - # Borland C++ 4.5 - "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32", - -diff -ru openssl-0.9.8g.orig/config openssl-0.9.8g/config ---- openssl-0.9.8g.orig/config Mon Jan 21 11:20:03 2008 -+++ openssl-0.9.8g/config Mon Jan 21 11:31:46 2008 -@@ -336,6 +336,10 @@ - echo "mips-sony-newsos4"; exit 0; - ;; - -+ Interix*) -+ echo "i586-pc-interix${VERSION}"; exit 0; -+ ;; -+ - MINGW*) - echo "${MACHINE}-whatever-mingw"; exit 0; - ;; -@@ -763,6 +767,7 @@ - t3e-cray-unicosmk) OUT="cray-t3e" ;; - j90-cray-unicos) OUT="cray-j90" ;; - nsr-tandem-nsk) OUT="tandem-c89" ;; -+ *-interix*) OUT="interix-gcc" ;; - *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;; - esac - diff --git a/dev-libs/openssl/files/openssl-0.9.8g-mint.patch b/dev-libs/openssl/files/openssl-0.9.8g-mint.patch deleted file mode 100644 index ab881c8893..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8g-mint.patch +++ /dev/null @@ -1,33 +0,0 @@ ---- Configure.old 2008-04-11 21:28:45.000000000 +0100 -+++ Configure 2008-04-11 23:46:19.000000000 +0100 -@@ -467,6 +467,9 @@ - # Interix (GCC) - "interix-gcc", "gcc:-D_ALL_SOURCE -DL_ENDIAN -DTERMIOS -O2 -Wall::-D_REENTRANT::-ldl:::::::::::::dlfcn:gnu:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - -+# FreeMiNT (GCC) -+"mint-gcc", "gcc:-O2 -fomit-frame-pointer -DB_ENDIAN -DTERMIOS::-D_REENTRANT:::BN_LLONG:::", -+ - # Borland C++ 4.5 - "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32", - ---- config.old 2008-04-11 23:41:29.000000000 +0100 -+++ config 2008-04-11 23:42:19.000000000 +0100 -@@ -340,6 +340,10 @@ - echo "i586-pc-interix${VERSION}"; exit 0; - ;; - -+ FreeMiNT*) -+ echo "m68k-atari-mint"; exit 0; -+ ;; -+ - MINGW*) - echo "${MACHINE}-whatever-mingw"; exit 0; - ;; -@@ -768,6 +772,7 @@ - j90-cray-unicos) OUT="cray-j90" ;; - nsr-tandem-nsk) OUT="tandem-c89" ;; - *-interix*) OUT="interix-gcc" ;; -+ *-mint*) OUT="mint-gcc" ;; - *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;; - esac - diff --git a/dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch b/dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch deleted file mode 100644 index ef6134b02c..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch +++ /dev/null @@ -1,31 +0,0 @@ -Fix from upstream cvs - -Index: ssl/t1_lib.c -=================================================================== -RCS file: /usr/local/src/openssl/CVSROOT/openssl/ssl/t1_lib.c,v -retrieving revision 1.64 -retrieving revision 1.65 -diff -u -p -r1.64 -r1.65 ---- ssl/t1_lib.c 29 Dec 2008 16:15:27 -0000 1.64 -+++ ssl/t1_lib.c 28 Apr 2009 22:10:54 -0000 1.65 -@@ -267,6 +267,10 @@ unsigned char *ssl_add_clienthello_tlsex - int extdatalen=0; - unsigned char *ret = p; - -+ /* don't add extensions for SSLv3 */ -+ if (s->client_version == SSL3_VERSION) -+ return p; -+ - ret+=2; - - if (ret>=limit) return NULL; /* this really never occurs, but ... */ -@@ -448,6 +452,10 @@ unsigned char *ssl_add_serverhello_tlsex - int extdatalen=0; - unsigned char *ret = p; - -+ /* don't add extensions for SSLv3 */ -+ if (s->version == SSL3_VERSION) -+ return p; -+ - ret+=2; - if (ret>=limit) return NULL; /* this really never occurs, but ... */ diff --git a/dev-libs/openssl/files/openssl-0.9.8h-ldflags.patch b/dev-libs/openssl/files/openssl-0.9.8h-ldflags.patch deleted file mode 100644 index 64cc7bde05..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8h-ldflags.patch +++ /dev/null @@ -1,29 +0,0 @@ -http://bugs.gentoo.org/181438 -http://bugs.gentoo.org/327421 -https://rt.openssl.org/Ticket/Display.html?id=3332&user=guest&pass=guest - -make sure we respect LDFLAGS - -also make sure we don't add useless -rpath flags to the system libdir - ---- openssl-0.9.8h/Makefile.org -+++ openssl-0.9.8h/Makefile.org -@@ -180,6 +181,7 @@ - MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD ${MAKEDEPPROG}' \ - DEPFLAG='-DOPENSSL_NO_DEPRECATED ${DEPFLAG}' \ - MAKEDEPPROG='${MAKEDEPPROG}' \ -+ LDFLAGS='${LDFLAGS}' \ - SHARED_LDFLAGS='${SHARED_LDFLAGS}' \ - KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' \ - EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' \ ---- openssl-0.9.8h/Makefile.shared -+++ openssl-0.9.8h/Makefile.shared -@@ -153,7 +153,7 @@ - NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ - SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" - --DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" -+DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS)" - - #This is rather special. It's a special target with which one can link - #applications without bothering with any features that have anything to diff --git a/dev-libs/openssl/files/openssl-0.9.8h-winnt.patch b/dev-libs/openssl/files/openssl-0.9.8h-winnt.patch deleted file mode 100644 index 957c4217a2..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8h-winnt.patch +++ /dev/null @@ -1,104 +0,0 @@ -diff -ru openssl-0.9.8h.orig/Configure openssl-0.9.8h/Configure ---- openssl-0.9.8h.orig/Configure 2008-08-28 07:50:21 +0200 -+++ openssl-0.9.8h/Configure 2008-08-28 07:55:02 +0200 -@@ -468,6 +468,7 @@ - "VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", - "VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", - "VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", -+"winnt-parity","parity.gnu.gcc:-DNOCRYPT:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::::win32:gnu:-fPIC -DPIC:-shared:.so", - - # Interix (GCC) - "interix-gcc", "gcc:-D_ALL_SOURCE -DL_ENDIAN -DTERMIOS -O2 -Wall::-D_REENTRANT::-ldl:::::::::::::dlfcn:gnu:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -diff -ru openssl-0.9.8h.orig/Makefile.org openssl-0.9.8h/Makefile.org ---- openssl-0.9.8h.orig/Makefile.org 2008-08-28 07:50:37 +0200 -+++ openssl-0.9.8h/Makefile.org 2008-08-28 07:54:26 +0200 -@@ -269,6 +269,7 @@ - done; \ - fi; \ - ( set -x; rm -f lib$$i$(SHLIB_EXT) ); \ -+ ( set -x; rm -f lib$$i$(SHLIB_EXT)* ); \ - if [ "$(PLATFORM)" = "Cygwin" ]; then \ - ( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \ - fi; \ -@@ -507,9 +508,11 @@ - if [ -f "$$i" -o -f "$$i.a" ]; then \ - ( echo installing $$i; \ - if [ "$(PLATFORM)" != "Cygwin" ]; then \ -- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ -- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ -- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ -+ for x in $${i}*; do \ -+ cp $$x $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$x.new; \ -+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$x.new; \ -+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$x.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$x; \ -+ done; \ - else \ - c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \ - cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ -diff -ru openssl-0.9.8h.orig/engines/Makefile openssl-0.9.8h/engines/Makefile ---- openssl-0.9.8h.orig/engines/Makefile 2008-08-28 07:50:34 +0200 -+++ openssl-0.9.8h/engines/Makefile 2008-08-28 07:54:28 +0200 -@@ -96,6 +96,7 @@ - case "$(CFLAGS)" in \ - *DSO_DLFCN*) sfx="so";; \ - *DSO_DL*) sfx="sl";; \ -+ *DSO_WIN*) sfx="so.dll";; \ - *) sfx="bad";; \ - esac; \ - cp lib$$l.$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \ -diff -ru openssl-0.9.8h.orig/util/mklink.pl openssl-0.9.8h/util/mklink.pl ---- openssl-0.9.8h.orig/util/mklink.pl 2008-08-28 07:50:42 +0200 -+++ openssl-0.9.8h/util/mklink.pl 2008-08-28 07:54:26 +0200 -@@ -50,23 +50,7 @@ - my $to = join('/', @to_path); - - my $file; --$symlink_exists=eval {symlink("",""); 1}; - foreach $file (@files) { -- my $err = ""; -- if ($symlink_exists) { -- unlink "$from/$file"; -- symlink("$to/$file", "$from/$file") or $err = " [$!]"; -- } else { -- unlink "$from/$file"; -- open (OLD, "<$file") or die "Can't open $file: $!"; -- open (NEW, ">$from/$file") or die "Can't open $from/$file: $!"; -- binmode(OLD); -- binmode(NEW); -- while () { -- print NEW $_; -- } -- close (OLD) or die "Can't close $file: $!"; -- close (NEW) or die "Can't close $from/$file: $!"; -- } -- print $file . " => $from/$file$err\n"; -+ $err=eval {system("rm -f $from/$file; cp $file $from/$file"); 1}; -+ print $file . " => $from/$file => $err\n"; - } -diff -ru openssl-0.9.8h.orig/util/opensslwrap.sh openssl-0.9.8h/util/opensslwrap.sh ---- openssl-0.9.8h.orig/util/opensslwrap.sh 2008-08-28 07:50:42 +0200 -+++ openssl-0.9.8h/util/opensslwrap.sh 2008-08-28 07:54:26 +0200 -@@ -7,6 +7,11 @@ - OPENSSL_ENGINES="${HERE}../engines"; export OPENSSL_ENGINES - fi - -+if [ "`uname`" = "Interix" ]; then -+ LD_LIBRARY_PATH="${HERE}..:$LD_LIBRARY_PATH"; export LD_LIBRARY_PATH -+ exec "${OPENSSL}" "$@" -+fi -+ - if [ -x "${OPENSSL}.exe" ]; then - # The original reason for this script existence is to work around - # certain caveats in run-time linker behaviour. On Windows platforms -diff -ru openssl-0.9.8h.orig/util/domd openssl-0.9.8h/util/domd ---- openssl-0.9.8h.orig/util/domd 2008-08-28 08:37:35 +0200 -+++ openssl-0.9.8h/util/domd 2008-08-28 08:37:00 +0200 -@@ -23,7 +23,7 @@ - done - sed -e '/^# DO NOT DELETE.*/,$d' < Makefile > Makefile.tmp - echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp -- gcc -D OPENSSL_DOING_MAKEDEPEND -M $args >> Makefile.tmp -+ ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND -M $args >> Makefile.tmp - ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new - rm -f Makefile.tmp - else diff --git a/dev-libs/openssl/files/openssl-0.9.8j-parallel-build.patch b/dev-libs/openssl/files/openssl-0.9.8j-parallel-build.patch deleted file mode 100644 index b9bb7a6a46..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8j-parallel-build.patch +++ /dev/null @@ -1,25 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=2084 - ---- openssl-0.9.8j/Makefile.org -+++ openssl-0.9.8j/Makefile.org -@@ -333,15 +333,15 @@ - dir=crypto; target=all; $(BUILD_ONE_CMD) - build_fips: - @dir=fips; target=all; [ -z "$(FIPSCANLIB)" ] || $(BUILD_ONE_CMD) --build_ssl: -+build_ssl: build_crypto - @dir=ssl; target=all; $(BUILD_ONE_CMD) --build_engines: -+build_engines: build_crypto - @dir=engines; target=all; $(BUILD_ONE_CMD) --build_apps: -+build_apps: build_libs - @dir=apps; target=all; $(BUILD_ONE_CMD) --build_tests: -+build_tests: build_libs - @dir=test; target=all; $(BUILD_ONE_CMD) --build_tools: -+build_tools: build_libs - @dir=tools; target=all; $(BUILD_ONE_CMD) - - all_testapps: build_libs build_testapps diff --git a/dev-libs/openssl/files/openssl-0.9.8k-aixdll.patch b/dev-libs/openssl/files/openssl-0.9.8k-aixdll.patch deleted file mode 100644 index 593382e824..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8k-aixdll.patch +++ /dev/null @@ -1,46 +0,0 @@ ---- Makefile.shared.orig 2009-11-02 16:31:28 +0100 -+++ Makefile.shared 2009-11-02 17:03:31 +0100 -@@ -506,10 +506,16 @@ - OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \ - SHLIB=lib$(LIBNAME).so; \ - SHLIB_SUFFIX=; \ -- ALLSYMSFLAGS='-bnogc'; \ -+ ALLSYMSFLAGS=''; \ - NOALLSYMSFLAGS=''; \ -- SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-bexpall,-bnolibpath,-bM:SRE'; \ -- $(LINK_SO_A_VIA_O) -+ SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-G,-bexpall,-bnolibpath,-bernotok'; \ -+ INHIBIT_SYMLINKS=yes; \ -+ set dummy $(AR); $$2 t lib$(LIBNAME).a | grep $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX >/dev/null || { \ -+ $(LINK_SO_A_UNPACKED); \ -+ mv -f lib$(LIBNAME).a lib$(LIBNAME).sa; \ -+ }; \ -+ rm -f lib$(LIBNAME).a; \ -+ $(AR) lib$(LIBNAME).a $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; - link_app.aix: - LDFLAGS="$(CFLAGS) -Wl,-brtl,-blibpath:$(LIBRPATH):$${LIBPATH:-/usr/lib:/lib}"; \ - $(LINK_APP) -@@ -535,10 +541,11 @@ - - # Targets to build symbolic links when needed - symlink.gnu symlink.solaris symlink.svr3 symlink.svr5 symlink.irix \ --symlink.aix symlink.reliantunix: -+symlink.reliantunix: - @ $(CALC_VERSIONS); \ - SHLIB=lib$(LIBNAME).so; \ - $(SYMLINK_SO) -+symlink.aix: - symlink.darwin: - @ $(CALC_VERSIONS); \ - SHLIB=lib$(LIBNAME); \ ---- Makefile.org.orig 2009-11-02 16:37:36 +0100 -+++ Makefile.org 2009-11-02 16:38:19 +0100 -@@ -638,7 +638,7 @@ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \ - fi; \ - done; -- @set -e; if [ -n "$(SHARED_LIBS)" ]; then \ -+ @set -e; if [ -n "$(SHARED_LIBS)" -a "$(SHLIB_TARGET)" != "aix-shared" ]; then \ - tmp="$(SHARED_LIBS)"; \ - for i in $${tmp:-x}; \ - do \ diff --git a/dev-libs/openssl/files/openssl-0.9.8k-cc-mxx.patch b/dev-libs/openssl/files/openssl-0.9.8k-cc-mxx.patch deleted file mode 100644 index 4a57151a03..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8k-cc-mxx.patch +++ /dev/null @@ -1,51 +0,0 @@ -Allow compilation using e.g. CC="gcc -m32" - ---- apps/Makefile -+++ apps/Makefile -@@ -153,12 +153,12 @@ - shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ - shlib_target="$(SHLIB_TARGET)"; \ - elif [ -n "$(FIPSCANLIB)" ]; then \ -- FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \ -+ FIPSLD_CC="$(CC)"; CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \ - fi; \ - LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \ - [ "x$(FIPSCANLIB)" = "xlibfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \ - $(MAKE) -f $(TOP)/Makefile.shared -e \ -- CC=$${CC} APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \ -+ CC="$${CC}" APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \ - LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ - link_app.$${shlib_target} - -(cd ..; \ ---- test/Makefile -+++ test/Makefile -@@ -402,13 +402,13 @@ - if [ "$(FIPSCANLIB)" = "libfips" ]; then \ - LIBRARIES="-L$(TOP) -lfips"; \ - elif [ -n "$(FIPSCANLIB)" ]; then \ -- FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \ -+ FIPSLD_CC="$(CC)"; CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \ - LIBRARIES="$${FIPSLIBDIR:-$(TOP)/fips/}fipscanister.o"; \ - else \ - LIBRARIES="$(LIBCRYPTO)"; \ - fi; \ - $(MAKE) -f $(TOP)/Makefile.shared -e \ -- CC=$${CC} APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ -+ CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ - LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ - link_app.$${shlib_target} - -@@ -417,11 +417,11 @@ - fi; \ - LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \ - if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \ -- FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \ -+ FIPSLD_CC="$(CC)"; CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \ - fi; \ - [ "$(FIPSCANLIB)" = "libfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \ - $(MAKE) -f $(TOP)/Makefile.shared -e \ -- CC=$${CC} APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ -+ CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ - LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ - link_app.$${shlib_target} - diff --git a/dev-libs/openssl/files/openssl-0.9.8k-toolchain.patch b/dev-libs/openssl/files/openssl-0.9.8k-toolchain.patch deleted file mode 100644 index 78d77d0a74..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8k-toolchain.patch +++ /dev/null @@ -1,22 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=2081 - ---- Configure -+++ Configure -@@ -979,7 +979,8 @@ - my $shared_cflag = $fields[$idx_shared_cflag]; - my $shared_ldflag = $fields[$idx_shared_ldflag]; - my $shared_extension = $fields[$idx_shared_extension]; --my $ranlib = $fields[$idx_ranlib]; -+my $ar = $ENV{'AR'} || "ar"; -+my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib]; - my $arflags = $fields[$idx_arflags]; - - if ($fips) -@@ -1487,6 +1488,7 @@ - s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/; - s/^PROCESSOR=.*/PROCESSOR= $processor/; - s/^RANLIB=.*/RANLIB= $ranlib/; -+ s/^AR=ar /AR= $ar /; - s/^ARFLAGS=.*/ARFLAGS= $arflags/; - s/^PERL=.*/PERL= $perl/; - s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/; diff --git a/dev-libs/openssl/files/openssl-0.9.8k-winnt.patch b/dev-libs/openssl/files/openssl-0.9.8k-winnt.patch deleted file mode 100644 index 6894d1cdef..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8k-winnt.patch +++ /dev/null @@ -1,92 +0,0 @@ -diff -ru openssl-0.9.8h.orig/Configure openssl-0.9.8h/Configure ---- openssl-0.9.8h.orig/Configure 2008-08-28 07:50:21 +0200 -+++ openssl-0.9.8h/Configure 2008-08-28 07:55:02 +0200 -@@ -468,6 +468,7 @@ - "VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", - "VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", - "VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", -+"winnt-parity","parity.gnu.gcc:-DNOCRYPT:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::::win32:gnu:-fPIC -DPIC:-shared:.so", - - # Interix (GCC) - "interix-gcc", "gcc:-D_ALL_SOURCE -DL_ENDIAN -DTERMIOS -O2 -Wall::-D_REENTRANT::-ldl:::::::::::::dlfcn:gnu:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -diff -ru openssl-0.9.8h.orig/Makefile.org openssl-0.9.8h/Makefile.org ---- openssl-0.9.8h.orig/Makefile.org 2008-08-28 07:50:37 +0200 -+++ openssl-0.9.8h/Makefile.org 2008-08-28 07:54:26 +0200 -@@ -269,6 +269,7 @@ - done; \ - fi; \ - ( set -x; rm -f lib$$i$(SHLIB_EXT) ); \ -+ ( set -x; rm -f lib$$i$(SHLIB_EXT)* ); \ - if [ "$(PLATFORM)" = "Cygwin" ]; then \ - ( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \ - fi; \ -@@ -507,9 +508,11 @@ - if [ -f "$$i" -o -f "$$i.a" ]; then \ - ( echo installing $$i; \ - if [ "$(PLATFORM)" != "Cygwin" ]; then \ -- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ -- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ -- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \ -+ for x in $${i}*; do \ -+ cp $$x $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$x.new; \ -+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$x.new; \ -+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$x.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$x; \ -+ done; \ - else \ - c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \ - cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \ -diff -ru openssl-0.9.8h.orig/engines/Makefile openssl-0.9.8h/engines/Makefile ---- openssl-0.9.8h.orig/engines/Makefile 2008-08-28 07:50:34 +0200 -+++ openssl-0.9.8h/engines/Makefile 2008-08-28 07:54:28 +0200 -@@ -96,6 +96,7 @@ - case "$(CFLAGS)" in \ - *DSO_DLFCN*) sfx="so";; \ - *DSO_DL*) sfx="sl";; \ -+ *DSO_WIN*) sfx="so.dll";; \ - *) sfx="bad";; \ - esac; \ - cp lib$$l.$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.$$sfx.new; \ -diff -ru openssl-0.9.8h.orig/util/mklink.pl openssl-0.9.8h/util/mklink.pl ---- openssl-0.9.8h.orig/util/mklink.pl 2008-08-28 07:50:42 +0200 -+++ openssl-0.9.8h/util/mklink.pl 2008-08-28 07:54:26 +0200 -@@ -50,23 +50,7 @@ - my $to = join('/', @to_path); - - my $file; --$symlink_exists=eval {symlink("",""); 1}; - foreach $file (@files) { -- my $err = ""; -- if ($symlink_exists) { -- unlink "$from/$file"; -- symlink("$to/$file", "$from/$file") or $err = " [$!]"; -- } else { -- unlink "$from/$file"; -- open (OLD, "<$file") or die "Can't open $file: $!"; -- open (NEW, ">$from/$file") or die "Can't open $from/$file: $!"; -- binmode(OLD); -- binmode(NEW); -- while () { -- print NEW $_; -- } -- close (OLD) or die "Can't close $file: $!"; -- close (NEW) or die "Can't close $from/$file: $!"; -- } -- print $file . " => $from/$file$err\n"; -+ $err=eval {system("rm -f $from/$file; cp $file $from/$file"); 1}; -+ print $file . " => $from/$file => $err\n"; - } -diff -ru openssl-0.9.8h.orig/util/opensslwrap.sh openssl-0.9.8h/util/opensslwrap.sh ---- openssl-0.9.8h.orig/util/opensslwrap.sh 2008-08-28 07:50:42 +0200 -+++ openssl-0.9.8h/util/opensslwrap.sh 2008-08-28 07:54:26 +0200 -@@ -7,6 +7,11 @@ - OPENSSL_ENGINES="${HERE}../engines"; export OPENSSL_ENGINES - fi - -+if [ "`uname`" = "Interix" ]; then -+ LD_LIBRARY_PATH="${HERE}..:$LD_LIBRARY_PATH"; export LD_LIBRARY_PATH -+ exec "${OPENSSL}" "$@" -+fi -+ - if [ -x "${OPENSSL}.exe" ]; then - # The original reason for this script existence is to work around - # certain caveats in run-time linker behaviour. On Windows platforms diff --git a/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1377.patch b/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1377.patch deleted file mode 100644 index 761698e0f1..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1377.patch +++ /dev/null @@ -1,53 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest - -Index: openssl/crypto/pqueue/pqueue.c -RCS File: /v/openssl/cvs/openssl/crypto/pqueue/pqueue.c,v -rcsdiff -q -kk '-r1.2.2.4' '-r1.2.2.5' -u '/v/openssl/cvs/openssl/crypto/pqueue/pqueue.c,v' 2>/dev/null ---- crypto/pqueue/pqueue.c 2005/06/28 12:53:33 1.2.2.4 -+++ crypto/pqueue/pqueue.c 2009/05/16 16:18:44 1.2.2.5 -@@ -234,3 +234,17 @@ - - return ret; - } -+ -+int -+pqueue_size(pqueue_s *pq) -+{ -+ pitem *item = pq->items; -+ int count = 0; -+ -+ while(item != NULL) -+ { -+ count++; -+ item = item->next; -+ } -+ return count; -+} -Index: openssl/crypto/pqueue/pqueue.h -RCS File: /v/openssl/cvs/openssl/crypto/pqueue/pqueue.h,v -rcsdiff -q -kk '-r1.2.2.1' '-r1.2.2.2' -u '/v/openssl/cvs/openssl/crypto/pqueue/pqueue.h,v' 2>/dev/null ---- crypto/pqueue/pqueue.h 2005/05/30 22:34:27 1.2.2.1 -+++ crypto/pqueue/pqueue.h 2009/05/16 16:18:44 1.2.2.2 -@@ -91,5 +91,6 @@ - pitem *pqueue_next(piterator *iter); - - void pqueue_print(pqueue pq); -+int pqueue_size(pqueue pq); - - #endif /* ! HEADER_PQUEUE_H */ -Index: openssl/ssl/d1_pkt.c -RCS File: /v/openssl/cvs/openssl/ssl/d1_pkt.c,v -rcsdiff -q -kk '-r1.4.2.17' '-r1.4.2.18' -u '/v/openssl/cvs/openssl/ssl/d1_pkt.c,v' 2>/dev/null ---- ssl/d1_pkt.c 2009/05/16 15:51:59 1.4.2.17 -+++ ssl/d1_pkt.c 2009/05/16 16:18:45 1.4.2.18 -@@ -167,6 +167,10 @@ - DTLS1_RECORD_DATA *rdata; - pitem *item; - -+ /* Limit the size of the queue to prevent DOS attacks */ -+ if (pqueue_size(queue->q) >= 100) -+ return 0; -+ - rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA)); - item = pitem_new(priority, rdata); - if (rdata == NULL || item == NULL) diff --git a/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1378.patch b/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1378.patch deleted file mode 100644 index f111a4c086..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1378.patch +++ /dev/null @@ -1,24 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest - -Index: ssl/d1_both.c -=================================================================== ---- ssl/d1_both.c.orig -+++ ssl/d1_both.c -@@ -561,7 +561,16 @@ dtls1_process_out_of_seq_message(SSL *s, - if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len) - goto err; - -- if (msg_hdr->seq <= s->d1->handshake_read_seq) -+ /* Try to find item in queue, to prevent duplicate entries */ -+ pq_64bit_init(&seq64); -+ pq_64bit_assign_word(&seq64, msg_hdr->seq); -+ item = pqueue_find(s->d1->buffered_messages, seq64); -+ pq_64bit_free(&seq64); -+ -+ /* Discard the message if sequence number was already there, is -+ * too far in the future or the fragment is already in the queue */ -+ if (msg_hdr->seq <= s->d1->handshake_read_seq || -+ msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL) - { - unsigned char devnull [256]; - diff --git a/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1379.patch b/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1379.patch deleted file mode 100644 index 7067324350..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1379.patch +++ /dev/null @@ -1,22 +0,0 @@ -Index: openssl/ssl/d1_both.c -RCS File: /v/openssl/cvs/openssl/ssl/d1_both.c,v -rcsdiff -q -kk '-r1.14.2.6' '-r1.14.2.7' -u '/v/openssl/cvs/openssl/ssl/d1_both.c,v' 2>/dev/null ---- d1_both.c 2009/04/22 12:17:02 1.14.2.6 -+++ d1_both.c 2009/05/13 11:51:30 1.14.2.7 -@@ -519,6 +519,7 @@ - - if ( s->d1->handshake_read_seq == frag->msg_header.seq) - { -+ unsigned long frag_len = frag->msg_header.frag_len; - pqueue_pop(s->d1->buffered_messages); - - al=dtls1_preprocess_fragment(s,&frag->msg_header,max); -@@ -536,7 +537,7 @@ - if (al==0) - { - *ok = 1; -- return frag->msg_header.frag_len; -+ return frag_len; - } - - ssl3_send_alert(s,SSL3_AL_FATAL,al); diff --git a/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1387.patch b/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1387.patch deleted file mode 100644 index a9e5ea054f..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1387.patch +++ /dev/null @@ -1,59 +0,0 @@ -http://bugs.gentoo.org/270305 - -fix from upstream - -Index: ssl/d1_both.c -=================================================================== -RCS file: /usr/local/src/openssl/CVSROOT/openssl/ssl/d1_both.c,v -retrieving revision 1.4.2.7 -retrieving revision 1.4.2.8 -diff -u -p -r1.4.2.7 -r1.4.2.8 ---- ssl/d1_both.c 17 Oct 2007 21:17:49 -0000 1.4.2.7 -+++ ssl/d1_both.c 2 Apr 2009 22:12:13 -0000 1.4.2.8 -@@ -575,30 +575,31 @@ dtls1_process_out_of_seq_message(SSL *s, - } - } - -- frag = dtls1_hm_fragment_new(frag_len); -- if ( frag == NULL) -- goto err; -+ if (frag_len) -+ { -+ frag = dtls1_hm_fragment_new(frag_len); -+ if ( frag == NULL) -+ goto err; - -- memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr)); -+ memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr)); - -- if (frag_len) -- { -- /* read the body of the fragment (header has already been read */ -+ /* read the body of the fragment (header has already been read) */ - i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, - frag->fragment,frag_len,0); - if (i<=0 || (unsigned long)i!=frag_len) - goto err; -- } - -- pq_64bit_init(&seq64); -- pq_64bit_assign_word(&seq64, msg_hdr->seq); -+ pq_64bit_init(&seq64); -+ pq_64bit_assign_word(&seq64, msg_hdr->seq); - -- item = pitem_new(seq64, frag); -- pq_64bit_free(&seq64); -- if ( item == NULL) -- goto err; -+ item = pitem_new(seq64, frag); -+ pq_64bit_free(&seq64); -+ if ( item == NULL) -+ goto err; -+ -+ pqueue_insert(s->d1->buffered_messages, item); -+ } - -- pqueue_insert(s->d1->buffered_messages, item); - return DTLS1_HM_FRAGMENT_RETRY; - - err: diff --git a/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-2409.patch b/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-2409.patch deleted file mode 100644 index b097869f3b..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-2409.patch +++ /dev/null @@ -1,71 +0,0 @@ -http://bugs.gentoo.org/280591 - -fix from upstream - -http://cvs.openssl.org/chngview?cn=18260 - -Index: openssl/crypto/x509/x509_vfy.c -RCS File: /v/openssl/cvs/openssl/crypto/x509/x509_vfy.c,v -rcsdiff -q -kk '-r1.77.2.8' '-r1.77.2.9' -u '/v/openssl/cvs/openssl/crypto/x509/x509_vfy.c,v' 2>/dev/null ---- crypto/x509/x509_vfy.c 2008/07/13 14:33:15 1.77.2.8 -+++ crypto/x509/x509_vfy.c 2009/06/15 14:52:38 1.77.2.9 -@@ -986,7 +986,11 @@ - while (n >= 0) - { - ctx->error_depth=n; -- if (!xs->valid) -+ -+ /* Skip signature check for self signed certificates. It -+ * doesn't add any security and just wastes time. -+ */ -+ if (!xs->valid && xs != xi) - { - if ((pkey=X509_get_pubkey(xi)) == NULL) - { -@@ -996,13 +1000,6 @@ - if (!ok) goto end; - } - else if (X509_verify(xs,pkey) <= 0) -- /* XXX For the final trusted self-signed cert, -- * this is a waste of time. That check should -- * optional so that e.g. 'openssl x509' can be -- * used to detect invalid self-signatures, but -- * we don't verify again and again in SSL -- * handshakes and the like once the cert has -- * been declared trusted. */ - { - ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; - ctx->current_cert=xs; - -http://cvs.openssl.org/chngview?cn=18317 - -Index: openssl/crypto/evp/c_alld.c -RCS File: /v/openssl/cvs/openssl/crypto/evp/c_alld.c,v -rcsdiff -q -kk '-r1.7' '-r1.7.2.1' -u '/v/openssl/cvs/openssl/crypto/evp/c_alld.c,v' 2>/dev/null ---- crypto/evp/c_alld.c 2005/04/30 21:51:40 1.7 -+++ crypto/evp/c_alld.c 2009/07/08 08:33:26 1.7.2.1 -@@ -64,9 +64,6 @@ - - void OpenSSL_add_all_digests(void) - { --#ifndef OPENSSL_NO_MD2 -- EVP_add_digest(EVP_md2()); --#endif - #ifndef OPENSSL_NO_MD4 - EVP_add_digest(EVP_md4()); - #endif -Index: openssl/ssl/ssl_algs.c -RCS File: /v/openssl/cvs/openssl/ssl/ssl_algs.c,v -rcsdiff -q -kk '-r1.12.2.3' '-r1.12.2.4' -u '/v/openssl/cvs/openssl/ssl/ssl_algs.c,v' 2>/dev/null ---- ssl/ssl_algs.c 2007/04/23 23:50:21 1.12.2.3 -+++ ssl/ssl_algs.c 2009/07/08 08:33:27 1.12.2.4 -@@ -92,9 +92,6 @@ - EVP_add_cipher(EVP_seed_cbc()); - #endif - --#ifndef OPENSSL_NO_MD2 -- EVP_add_digest(EVP_md2()); --#endif - #ifndef OPENSSL_NO_MD5 - EVP_add_digest(EVP_md5()); - EVP_add_digest_alias(SN_md5,"ssl2-md5"); diff --git a/dev-libs/openssl/files/openssl-0.9.8l-aixso.patch b/dev-libs/openssl/files/openssl-0.9.8l-aixso.patch deleted file mode 100644 index a89d070b86..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8l-aixso.patch +++ /dev/null @@ -1,30 +0,0 @@ -With a little help from my friend, the native-cctools wrapping ld to support -'-soname' flag on AIX, we can provide full soname support there (#213277). -However, this patch is not for upstream, as they cannot rely on that ld wrapper: -They would have to do the aix-soname magic themself instead. - ---- Makefile.shared.orig 2009-11-24 09:25:23.835657176 +0100 -+++ Makefile.shared 2009-11-24 09:25:53.165563599 +0100 -@@ -498,7 +498,7 @@ - SHLIB_SUFFIX=; \ - ALLSYMSFLAGS=''; \ - NOALLSYMSFLAGS=''; \ -- SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-bexpall,-bnolibpath,-bM:SRE'; \ -+ SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-bexpall,-bnolibpath,-bM:SRE'; \ - $(LINK_SO_O); - link_a.aix: - @ $(CALC_VERSIONS); \ -@@ -506,10 +506,10 @@ - OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \ - SHLIB=lib$(LIBNAME).so; \ - SHLIB_SUFFIX=; \ -- ALLSYMSFLAGS='-bnogc'; \ -+ ALLSYMSFLAGS=; \ - NOALLSYMSFLAGS=''; \ -- SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-bexpall,-bnolibpath,-bM:SRE'; \ -- $(LINK_SO_A_VIA_O) -+ SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-bexpall,-bnolibpath,-G,-bernotok,-bsymbolic,'"-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \ -+ $(LINK_SO_A_UNPACKED) - link_app.aix: - LDFLAGS="$(CFLAGS) -Wl,-brtl,-blibpath:$(LIBRPATH):$${LIBPATH:-/usr/lib:/lib}"; \ - $(LINK_APP) diff --git a/dev-libs/openssl/files/openssl-0.9.8l-binutils.patch b/dev-libs/openssl/files/openssl-0.9.8l-binutils.patch deleted file mode 100644 index d1bb7754f5..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8l-binutils.patch +++ /dev/null @@ -1,67 +0,0 @@ -fix from upstream for building with newer binutils - -http://bugs.gentoo.org/289130 - -Index: crypto/md5/asm/md5-x86_64.pl -=================================================================== -RCS file: /usr/local/src/openssl/CVSROOT/openssl/crypto/md5/asm/md5-x86_64.pl,v -retrieving revision 1.2.2.1 -retrieving revision 1.2.2.2 -diff -u -p -r1.2.2.1 -r1.2.2.2 ---- openssl/crypto/md5/asm/md5-x86_64.pl 11 Nov 2007 13:34:06 -0000 1.2.2.1 -+++ openssl/crypto/md5/asm/md5-x86_64.pl 13 Nov 2009 14:14:46 -0000 1.2.2.2 -@@ -19,6 +19,7 @@ my $code; - sub round1_step - { - my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_; -+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal - $code .= " mov 0*4(%rsi), %r10d /* (NEXT STEP) X[0] */\n" if ($pos == -1); - $code .= " mov %edx, %r11d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1); - $code .= </dev/null ---- d1_clnt.c 2009/04/14 15:20:47 1.3.2.15 -+++ d1_clnt.c 2009/04/19 18:08:11 1.3.2.16 -@@ -130,7 +130,7 @@ - - static SSL_METHOD *dtls1_get_client_method(int ver) - { -- if (ver == DTLS1_VERSION) -+ if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER) - return(DTLSv1_client_method()); - else - return(NULL); -@@ -181,7 +181,8 @@ - s->server=0; - if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); - -- if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00)) -+ if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00) && -+ (s->version & 0xff00 ) != (DTLS1_BAD_VER & 0xff00)) - { - SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR); - ret = -1; -Index: openssl/ssl/d1_lib.c -RCS File: /v/openssl/cvs/openssl/ssl/d1_lib.c,v -rcsdiff -q -kk '-r1.1.2.7' '-r1.1.2.8' -u '/v/openssl/cvs/openssl/ssl/d1_lib.c,v' 2>/dev/null ---- d1_lib.c 2009/04/02 22:34:59 1.1.2.7 -+++ d1_lib.c 2009/04/19 18:08:11 1.1.2.8 -@@ -198,7 +198,10 @@ - void dtls1_clear(SSL *s) - { - ssl3_clear(s); -- s->version=DTLS1_VERSION; -+ if (s->options & SSL_OP_CISCO_ANYCONNECT) -+ s->version=DTLS1_BAD_VER; -+ else -+ s->version=DTLS1_VERSION; - } - - /* -Index: openssl/ssl/d1_pkt.c -RCS File: /v/openssl/cvs/openssl/ssl/d1_pkt.c,v -rcsdiff -q -kk '-r1.4.2.15' '-r1.4.2.16' -u '/v/openssl/cvs/openssl/ssl/d1_pkt.c,v' 2>/dev/null ---- d1_pkt.c 2009/04/02 22:34:59 1.4.2.15 -+++ d1_pkt.c 2009/04/19 18:08:12 1.4.2.16 -@@ -1024,15 +1024,17 @@ - if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) - { - struct ccs_header_st ccs_hdr; -+ int ccs_hdr_len = DTLS1_CCS_HEADER_LENGTH; - - dtls1_get_ccs_header(rr->data, &ccs_hdr); - - /* 'Change Cipher Spec' is just a single byte, so we know - * exactly what the record payload has to look like */ - /* XDTLS: check that epoch is consistent */ -- if ( (s->client_version == DTLS1_BAD_VER && rr->length != 3) || -- (s->client_version != DTLS1_BAD_VER && rr->length != DTLS1_CCS_HEADER_LENGTH) || -- (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) -+ if (s->client_version == DTLS1_BAD_VER || s->version == DTLS1_BAD_VER) -+ ccs_hdr_len = 3; -+ -+ if ((rr->length != ccs_hdr_len) || (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) - { - i=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC); -@@ -1358,7 +1360,7 @@ - #if 0 - /* 'create_empty_fragment' is true only when this function calls itself */ - if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done -- && SSL_version(s) != DTLS1_VERSION) -+ && SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER) - { - /* countermeasure against known-IV weakness in CBC ciphersuites - * (see http://www.openssl.org/~bodo/tls-cbc.txt) -Index: openssl/ssl/s3_clnt.c -RCS File: /v/openssl/cvs/openssl/ssl/s3_clnt.c,v -rcsdiff -q -kk '-r1.88.2.21' '-r1.88.2.22' -u '/v/openssl/cvs/openssl/ssl/s3_clnt.c,v' 2>/dev/null ---- s3_clnt.c 2009/02/14 21:50:14 1.88.2.21 -+++ s3_clnt.c 2009/04/19 18:08:12 1.88.2.22 -@@ -708,7 +708,7 @@ - - if (!ok) return((int)n); - -- if ( SSL_version(s) == DTLS1_VERSION) -+ if ( SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) - { - if ( s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) - { -Index: openssl/ssl/ssl.h -RCS File: /v/openssl/cvs/openssl/ssl/ssl.h,v -rcsdiff -q -kk '-r1.161.2.21' '-r1.161.2.22' -u '/v/openssl/cvs/openssl/ssl/ssl.h,v' 2>/dev/null ---- ssl.h 2008/08/13 19:44:44 1.161.2.21 -+++ ssl.h 2009/04/19 18:08:12 1.161.2.22 -@@ -510,6 +510,8 @@ - #define SSL_OP_COOKIE_EXCHANGE 0x00002000L - /* Don't use RFC4507 ticket extension */ - #define SSL_OP_NO_TICKET 0x00004000L -+/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client) */ -+#define SSL_OP_CISCO_ANYCONNECT 0x00008000L - - /* As server, disallow session resumption on renegotiation */ - #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L -Index: openssl/ssl/ssl_lib.c -RCS File: /v/openssl/cvs/openssl/ssl/ssl_lib.c,v -rcsdiff -q -kk '-r1.133.2.16' '-r1.133.2.17' -u '/v/openssl/cvs/openssl/ssl/ssl_lib.c,v' 2>/dev/null ---- ssl_lib.c 2009/02/23 16:02:47 1.133.2.16 -+++ ssl_lib.c 2009/04/19 18:08:12 1.133.2.17 -@@ -995,7 +995,8 @@ - s->max_cert_list=larg; - return(l); - case SSL_CTRL_SET_MTU: -- if (SSL_version(s) == DTLS1_VERSION) -+ if (SSL_version(s) == DTLS1_VERSION || -+ SSL_version(s) == DTLS1_BAD_VER) - { - s->d1->mtu = larg; - return larg; -Index: openssl/ssl/ssl_sess.c -RCS File: /v/openssl/cvs/openssl/ssl/ssl_sess.c,v -rcsdiff -q -kk '-r1.51.2.9' '-r1.51.2.10' -u '/v/openssl/cvs/openssl/ssl/ssl_sess.c,v' 2>/dev/null ---- ssl_sess.c 2008/06/04 18:35:27 1.51.2.9 -+++ ssl_sess.c 2009/04/19 18:08:12 1.51.2.10 -@@ -211,6 +211,11 @@ - ss->ssl_version=TLS1_VERSION; - ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; - } -+ else if (s->version == DTLS1_BAD_VER) -+ { -+ ss->ssl_version=DTLS1_BAD_VER; -+ ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; -+ } - else if (s->version == DTLS1_VERSION) - { - ss->ssl_version=DTLS1_VERSION; -Index: openssl/ssl/t1_enc.c -RCS File: /v/openssl/cvs/openssl/ssl/t1_enc.c,v -rcsdiff -q -kk '-r1.35.2.8' '-r1.35.2.9' -u '/v/openssl/cvs/openssl/ssl/t1_enc.c,v' 2>/dev/null ---- t1_enc.c 2009/01/05 14:43:07 1.35.2.8 -+++ t1_enc.c 2009/04/19 18:08:12 1.35.2.9 -@@ -765,10 +765,10 @@ - HMAC_CTX_init(&hmac); - HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash,NULL); - -- if (ssl->version == DTLS1_VERSION && ssl->client_version != DTLS1_BAD_VER) -+ if (ssl->version == DTLS1_BAD_VER || -+ (ssl->version == DTLS1_VERSION && ssl->client_version != DTLS1_BAD_VER)) - { - unsigned char dtlsseq[8],*p=dtlsseq; -- - s2n(send?ssl->d1->w_epoch:ssl->d1->r_epoch, p); - memcpy (p,&seq[2],6); - -@@ -793,7 +793,7 @@ - {unsigned int z; for (z=0; zlength; z++) printf("%02X ",buf[z]); printf("\n"); } - #endif - -- if ( SSL_version(ssl) != DTLS1_VERSION) -+ if ( SSL_version(ssl) != DTLS1_VERSION && SSL_version(ssl) != DTLS1_BAD_VER) - { - for (i=7; i>=0; i--) - { diff --git a/dev-libs/openssl/files/openssl-0.9.8m-binutils.patch b/dev-libs/openssl/files/openssl-0.9.8m-binutils.patch deleted file mode 100644 index 9fa79b9a65..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8m-binutils.patch +++ /dev/null @@ -1,24 +0,0 @@ -http://bugs.gentoo.org/289130 - -Ripped from Fedora - ---- openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl.binutils 2009-11-12 15:17:29.000000000 +0100 -+++ openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl 2009-11-12 17:24:18.000000000 +0100 -@@ -150,7 +150,7 @@ ___ - sub BODY_20_39 { - my ($i,$a,$b,$c,$d,$e,$f)=@_; - my $j=$i+1; --my $K=($i<40)?0x6ed9eba1:0xca62c1d6; -+my $K=($i<40)?0x6ed9eba1:-0x359d3e2a; - $code.=<<___ if ($i<79); - lea $K($xi,$e),$f - mov `4*($j%16)`(%rsp),$xi -@@ -187,7 +187,7 @@ sub BODY_40_59 { - my ($i,$a,$b,$c,$d,$e,$f)=@_; - my $j=$i+1; - $code.=<<___; -- lea 0x8f1bbcdc($xi,$e),$f -+ lea -0x70e44324($xi,$e),$f - mov `4*($j%16)`(%rsp),$xi - mov $b,$t0 - mov $b,$t1 diff --git a/dev-libs/openssl/files/openssl-0.9.8n-interix.patch b/dev-libs/openssl/files/openssl-0.9.8n-interix.patch deleted file mode 100644 index fa42fa8a5a..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8n-interix.patch +++ /dev/null @@ -1,39 +0,0 @@ -reported upstream to rt@openssl.org on 24 Apr 2009: -http://rt.openssl.org/Ticket/Display.html?id=1908 - -diff -ru openssl-0.9.8g.orig/Configure openssl-0.9.8g/Configure ---- openssl-0.9.8g.orig/Configure Mon Jan 21 11:20:03 2008 -+++ openssl-0.9.8g/Configure Mon Jan 21 11:22:20 2008 -@@ -464,6 +464,9 @@ - "VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", - "VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", - -+# Interix (GCC) -+"interix-gcc", "gcc:-D_ALL_SOURCE -DL_ENDIAN -DTERMIOS -O2 -Wall::-D_REENTRANT::-ldl:::::::::::::dlfcn:gnu:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+ - # Borland C++ 4.5 - "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32", - -diff -ru openssl-0.9.8g.orig/config openssl-0.9.8g/config ---- openssl-0.9.8g.orig/config Mon Jan 21 11:20:03 2008 -+++ openssl-0.9.8g/config Mon Jan 21 11:31:46 2008 -@@ -336,6 +336,10 @@ - echo "mips-sony-newsos4"; exit 0; - ;; - -+ Interix*) -+ echo "i586-pc-interix${VERSION}"; exit 0; -+ ;; -+ - MINGW*) - echo "${MACHINE}-whatever-mingw"; exit 0; - ;; -@@ -763,6 +767,7 @@ - t3e-cray-unicosmk) OUT="cray-t3e" ;; - j90-cray-unicos) OUT="cray-j90" ;; - nsr-tandem-nsk) OUT="tandem-c89" ;; -+ *-interix*) OUT="interix-gcc" ;; - x86pc-*-qnx6) OUT="QNX6-i386" ;; - *-*-qnx6) OUT="QNX6" ;; - *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;; - diff --git a/dev-libs/openssl/files/openssl-0.9.8n-mint.patch b/dev-libs/openssl/files/openssl-0.9.8n-mint.patch deleted file mode 100644 index f241fbad93..0000000000 --- a/dev-libs/openssl/files/openssl-0.9.8n-mint.patch +++ /dev/null @@ -1,33 +0,0 @@ ---- Configure.old 2008-04-11 21:28:45.000000000 +0100 -+++ Configure 2008-04-11 23:46:19.000000000 +0100 -@@ -467,6 +467,9 @@ - # Interix (GCC) - "interix-gcc", "gcc:-D_ALL_SOURCE -DL_ENDIAN -DTERMIOS -O2 -Wall::-D_REENTRANT::-ldl:::::::::::::dlfcn:gnu:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - -+# FreeMiNT (GCC) -+"mint-gcc", "gcc:-O2 -fomit-frame-pointer -DB_ENDIAN -DTERMIOS::-D_REENTRANT:::BN_LLONG:::", -+ - # Borland C++ 4.5 - "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32", - ---- config.old 2008-04-11 23:41:29.000000000 +0100 -+++ config 2008-04-11 23:42:19.000000000 +0100 -@@ -340,6 +340,10 @@ - echo "i586-pc-interix${VERSION}"; exit 0; - ;; - -+ FreeMiNT*) -+ echo "m68k-atari-mint"; exit 0; -+ ;; -+ - MINGW*) - echo "${MACHINE}-whatever-mingw"; exit 0; - ;; -@@ -768,6 +772,7 @@ - j90-cray-unicos) OUT="cray-j90" ;; - nsr-tandem-nsk) OUT="tandem-c89" ;; - *-interix*) OUT="interix-gcc" ;; -+ *-mint*) OUT="mint-gcc" ;; - x86pc-*-qnx6) OUT="QNX6-i386" ;; - *-*-qnx6) OUT="QNX6" ;; - *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;; diff --git a/dev-libs/openssl/files/openssl-1.0.0a-alpha-mont.patch b/dev-libs/openssl/files/openssl-1.0.0a-alpha-mont.patch deleted file mode 100644 index cb7d5655aa..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0a-alpha-mont.patch +++ /dev/null @@ -1,125 +0,0 @@ -get the new alpha-mont code building with GNU toolchains - -https://bugs.gentoo.org/330915 - -Index: crypto/bn/asm/alpha-mont.pl -=================================================================== -RCS file: /usr/local/src/openssl/CVSROOT/openssl/crypto/bn/asm/alpha-mont.pl,v -retrieving revision 1.6 -retrieving revision 1.7 -diff -u -p -r1.6 -r1.7 ---- crypto/bn/asm/alpha-mont.pl 10 Apr 2010 13:33:04 -0000 1.6 -+++ crypto/bn/asm/alpha-mont.pl 13 Sep 2010 13:28:51 -0000 1.7 -@@ -41,8 +41,12 @@ $j="s4"; - $m1="s5"; - - $code=<<___; -+#ifdef __linux__ -+#include -+#else - #include - #include -+#endif - - .text - -@@ -76,7 +80,7 @@ bn_mul_mont: - ldq $aj,8($ap) - subq sp,AT,sp - ldq $bi,0($bp) # bp[0] -- mov -4096,AT -+ lda AT,-4096(zero) # mov -4096,AT - ldq $n0,0($n0) - and sp,AT,sp - -@@ -106,9 +110,9 @@ bn_mul_mont: - .align 4 - .L1st: - .set noreorder -- ldq $aj,($aj) -+ ldq $aj,0($aj) - addl $j,1,$j -- ldq $nj,($nj) -+ ldq $nj,0($nj) - lda $tp,8($tp) - - addq $alo,$hi0,$lo0 -@@ -159,12 +163,12 @@ bn_mul_mont: - .align 4 - .Louter: - s8addq $i,$bp,$bi -- ldq $hi0,($ap) -+ ldq $hi0,0($ap) - ldq $aj,8($ap) -- ldq $bi,($bi) -- ldq $hi1,($np) -+ ldq $bi,0($bi) -+ ldq $hi1,0($np) - ldq $nj,8($np) -- ldq $tj,(sp) -+ ldq $tj,0(sp) - - mulq $hi0,$bi,$lo0 - umulh $hi0,$bi,$hi0 -@@ -195,10 +199,10 @@ bn_mul_mont: - .set noreorder - ldq $tj,8($tp) #L0 - nop #U1 -- ldq $aj,($aj) #L1 -+ ldq $aj,0($aj) #L1 - s8addq $j,$np,$nj #U0 - -- ldq $nj,($nj) #L0 -+ ldq $nj,0($nj) #L0 - nop #U1 - addq $alo,$hi0,$lo0 #L1 - lda $tp,8($tp) -@@ -247,7 +251,7 @@ bn_mul_mont: - addq $hi1,v0,$hi1 - - addq $hi1,$hi0,$lo1 -- stq $j,($tp) -+ stq $j,0($tp) - cmpult $lo1,$hi0,$hi1 - addq $lo1,$tj,$lo1 - cmpult $lo1,$tj,AT -@@ -265,8 +269,8 @@ bn_mul_mont: - mov 0,$hi0 # clear borrow bit - - .align 4 --.Lsub: ldq $lo0,($tp) -- ldq $lo1,($np) -+.Lsub: ldq $lo0,0($tp) -+ ldq $lo1,0($np) - lda $tp,8($tp) - lda $np,8($np) - subq $lo0,$lo1,$lo1 # tp[i]-np[i] -@@ -274,7 +278,7 @@ bn_mul_mont: - subq $lo1,$hi0,$lo0 - cmpult $lo1,$lo0,$hi0 - or $hi0,AT,$hi0 -- stq $lo0,($rp) -+ stq $lo0,0($rp) - cmpult $tp,$tj,v0 - lda $rp,8($rp) - bne v0,.Lsub -@@ -288,7 +292,7 @@ bn_mul_mont: - bis $bp,$ap,$ap # ap=borrow?tp:rp - - .align 4 --.Lcopy: ldq $aj,($ap) # copy or in-place refresh -+.Lcopy: ldq $aj,0($ap) # copy or in-place refresh - lda $tp,8($tp) - lda $rp,8($rp) - lda $ap,8($ap) -@@ -309,8 +313,8 @@ bn_mul_mont: - lda sp,48(sp) - ret (ra) - .end bn_mul_mont --.rdata --.asciiz "Montgomery Multiplication for Alpha, CRYPTOGAMS by " -+.ascii "Montgomery Multiplication for Alpha, CRYPTOGAMS by " -+.align 2 - ___ - - print $code; diff --git a/dev-libs/openssl/files/openssl-1.0.0a-alphacpuid.patch b/dev-libs/openssl/files/openssl-1.0.0a-alphacpuid.patch deleted file mode 100644 index 0c4cc71e70..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0a-alphacpuid.patch +++ /dev/null @@ -1,18 +0,0 @@ -fix by Matt Turner to alpha syntax - -https://bugs.gentoo.org/330915 - ---- a/crypto/alphacpuid.s -+++ b/crypto/alphacpuid.s -@@ -68,9 +68,9 @@ OPENSSL_wipe_cpu: - OPENSSL_atomic_add: - .frame $30,0,$26 - .prologue 0 --1: ldl_l $0,($16) -+1: ldl_l $0,0($16) - addl $0,$17,$1 -- stl_c $1,($16) -+ stl_c $1,0($16) - beq $1,1b - addl $0,$17,$0 - ret ($26) diff --git a/dev-libs/openssl/files/openssl-1.0.0a-fix-double-free.patch b/dev-libs/openssl/files/openssl-1.0.0a-fix-double-free.patch deleted file mode 100644 index a5aaf1eac0..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0a-fix-double-free.patch +++ /dev/null @@ -1,12 +0,0 @@ -http://bugs.gentoo.org/332027 - ---- ssl/s3_clnt.c -+++ ssl/s3_clnt.c -@@ -1508,6 +1508,7 @@ - s->session->sess_cert->peer_ecdh_tmp=ecdh; - ecdh=NULL; - BN_CTX_free(bn_ctx); -+ bn_ctx = NULL; - EC_POINT_free(srvr_ecpoint); - srvr_ecpoint = NULL; - } diff --git a/dev-libs/openssl/files/openssl-1.0.0a-interix.patch b/dev-libs/openssl/files/openssl-1.0.0a-interix.patch deleted file mode 100644 index ce32350dc8..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0a-interix.patch +++ /dev/null @@ -1,36 +0,0 @@ -reported upstream to rt@openssl.org on 24 Apr 2009: -http://rt.openssl.org/Ticket/Display.html?id=1908 - ---- Configure -+++ Configure -@@ -499,6 +499,9 @@ - "debug-VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32", - "VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", - -+# Interix (GCC) -+"interix-gcc", "gcc:-D_ALL_SOURCE -DL_ENDIAN -DTERMIOS -O2 -Wall::-D_REENTRANT::-ldl::${no_asm}:dlfcn:gnu:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+ - # Borland C++ 4.5 - "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32", - ---- config -+++ config -@@ -344,6 +344,10 @@ - echo "mips-sony-newsos4"; exit 0; - ;; - -+ Interix*) -+ echo "i586-pc-interix${VERSION}"; exit 0; -+ ;; -+ - MINGW*) - echo "${MACHINE}-whatever-mingw"; exit 0; - ;; -@@ -807,6 +811,7 @@ - t3e-cray-unicosmk) OUT="cray-t3e" ;; - j90-cray-unicos) OUT="cray-j90" ;; - nsr-tandem-nsk) OUT="tandem-c89" ;; -+ *-interix*) OUT="interix-gcc" ;; - beos-*) OUT="$GUESSOS" ;; - x86pc-*-qnx6) OUT="QNX6-i386" ;; - *-*-qnx6) OUT="QNX6" ;; diff --git a/dev-libs/openssl/files/openssl-1.0.0a-ldflags.patch b/dev-libs/openssl/files/openssl-1.0.0a-ldflags.patch deleted file mode 100644 index c99ef4abb8..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0a-ldflags.patch +++ /dev/null @@ -1,29 +0,0 @@ -http://bugs.gentoo.org/181438 -http://bugs.gentoo.org/327421 -https://rt.openssl.org/Ticket/Display.html?id=3331&user=guest&pass=guest - -make sure we respect LDFLAGS - -also make sure we don't add useless -rpath flags to the system libdir - ---- Makefile.org -+++ Makefile.org -@@ -189,6 +189,7 @@ - MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \ - DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \ - MAKEDEPPROG='$(MAKEDEPPROG)' \ -+ LDFLAGS='${LDFLAGS}' \ - SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \ - KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \ - ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \ ---- Makefile.shared -+++ Makefile.shared -@@ -153,7 +153,7 @@ - NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ - SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" - --DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" -+DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS)" - - #This is rather special. It's a special target with which one can link - #applications without bothering with any features that have anything to diff --git a/dev-libs/openssl/files/openssl-1.0.0a-mint.patch b/dev-libs/openssl/files/openssl-1.0.0a-mint.patch deleted file mode 100644 index 88ff3ba036..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0a-mint.patch +++ /dev/null @@ -1,33 +0,0 @@ ---- Configure -+++ Configure -@@ -502,6 +502,9 @@ - # Interix (GCC) - "interix-gcc", "gcc:-D_ALL_SOURCE -DL_ENDIAN -DTERMIOS -O2 -Wall::-D_REENTRANT::-ldl:::::::::::::dlfcn:gnu:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - -+# FreeMiNT (GCC) -+"mint-gcc", "gcc:-O2 -fomit-frame-pointer -DB_ENDIAN -DTERMIOS::-D_REENTRANT:::BN_LLONG:::", -+ - # Borland C++ 4.5 - "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32", - ---- config -+++ config -@@ -348,6 +348,10 @@ - echo "i586-pc-interix${VERSION}"; exit 0; - ;; - -+ FreeMiNT*) -+ echo "m68k-atari-mint"; exit 0; -+ ;; -+ - MINGW*) - echo "${MACHINE}-whatever-mingw"; exit 0; - ;; -@@ -812,6 +816,7 @@ - j90-cray-unicos) OUT="cray-j90" ;; - nsr-tandem-nsk) OUT="tandem-c89" ;; - *-interix*) OUT="interix-gcc" ;; -+ *-mint*) OUT="mint-gcc" ;; - beos-*) OUT="$GUESSOS" ;; - x86pc-*-qnx6) OUT="QNX6-i386" ;; - *-*-qnx6) OUT="QNX6" ;; diff --git a/dev-libs/openssl/files/openssl-1.0.0b-rev19998.patch b/dev-libs/openssl/files/openssl-1.0.0b-rev19998.patch deleted file mode 100644 index d986ae512f..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0b-rev19998.patch +++ /dev/null @@ -1,16 +0,0 @@ -Index: openssl/ssl/t1_lib.c -RCS File: /v/openssl/cvs/openssl/ssl/t1_lib.c,v -rcsdiff -q -kk '-r1.64.2.15' '-r1.64.2.16' -u '/v/openssl/cvs/openssl/ssl/t1_lib.c,v' 2>/dev/null ---- t1_lib.c 2010/11/16 13:26:24 1.64.2.15 -+++ t1_lib.c 2010/11/16 22:41:07 1.64.2.16 -@@ -779,8 +779,8 @@ - { - if(s->session->tlsext_ecpointformatlist) - { -- *al = TLS1_AD_DECODE_ERROR; -- return 0; -+ OPENSSL_free(s->session->tlsext_ecpointformatlist); -+ s->session->tlsext_ecpointformatlist = NULL; - } - s->session->tlsext_ecpointformatlist_length = 0; - if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL) diff --git a/dev-libs/openssl/files/openssl-1.0.0d-alpha-fix-unalign.patch b/dev-libs/openssl/files/openssl-1.0.0d-alpha-fix-unalign.patch deleted file mode 100644 index c8fe3301fb..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0d-alpha-fix-unalign.patch +++ /dev/null @@ -1,59 +0,0 @@ -fix unaligned access in alpha specific 'OPENSSL_cleanse' function - -Debugged with the following simple program: - // gcc cleanse_test.c -o ct -lcrypto - #include - int main(void) - { - char buffer [128]; - int off; - int sz; - for (off = 0; off < sizeof (buffer); ++off) - for (sz = 0; sz < sizeof (buffer) - off; ++sz) - OPENSSL_cleanse (buffer + off, sz); - return 0; - } - $ prctl --unaligned=signal ./cleanse_test - Bus error - -https://bugs.gentoo.org/show_bug.cgi?id=371561 -http://cvs.openssl.org/chngview?cn=21233 -Reported by Tobias Klausmann -Fixed by Andy Polyakov -diff --git a/crypto/alphacpuid.pl b/crypto/alphacpuid.pl -index 11f2e30..5b0e21b 100644 ---- a/crypto/alphacpuid.pl -+++ b/crypto/alphacpuid.pl -@@ -99,19 +99,19 @@ OPENSSL_cleanse: - beq $0,.Laligned - - .Little: -+ subq $0,8,$0 - ldq_u $1,0($16) - mov $16,$2 - .Lalign: - mskbl $1,$16,$1 - lda $16,1($16) - subq $17,1,$17 -- subq $0,1,$0 -+ addq $0,1,$0 - beq $17,.Lout - bne $0,.Lalign - .Lout: stq_u $1,0($2) - beq $17,.Ldone - bic $17,7,$at -- mov $17,$0 - beq $at,.Little - - .Laligned: -@@ -120,9 +120,7 @@ OPENSSL_cleanse: - lda $16,8($16) - bic $17,7,$at - bne $at,.Laligned -- beq $17,.Ldone -- mov $17,$0 -- br .Little -+ bne $17,.Little - .Ldone: ret ($26) - .end OPENSSL_cleanse - ___ diff --git a/dev-libs/openssl/files/openssl-1.0.0d-alpha-typo.patch b/dev-libs/openssl/files/openssl-1.0.0d-alpha-typo.patch deleted file mode 100644 index 1d5496daed..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0d-alpha-typo.patch +++ /dev/null @@ -1,13 +0,0 @@ -http://bugs.gentoo.org/364699 - ---- crypto/bn/asm/alpha-mont.pl -+++ crypto/bn/asm/alpha-mont.pl -@@ -41,7 +41,7 @@ $j="s4"; - $m1="s5"; - - $code=<<___; --#indef __linux__ -+#ifdef __linux__ - #include - #else - #include diff --git a/dev-libs/openssl/files/openssl-1.0.0d-fbsd-amd64.patch b/dev-libs/openssl/files/openssl-1.0.0d-fbsd-amd64.patch deleted file mode 100644 index 5b27ce5c33..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0d-fbsd-amd64.patch +++ /dev/null @@ -1,12 +0,0 @@ -Taken from http://rt.openssl.org/Ticket/Display.html?id=2440 - ---- crypto/sha/asm/sha512-x86_64.pl 2008-12-19 11:17:28.000000000 +0000 -+++ crypto/sha/asm/sha512-x86_64.pl 2011-01-15 23:33:13.000000000 +0000 -@@ -51,6 +51,7 @@ - ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or - die "can't locate x86_64-xlate.pl"; - -+close STDOUT; - open STDOUT,"| $^X $xlate $flavour $output"; - - if ($output =~ /512/) { diff --git a/dev-libs/openssl/files/openssl-1.0.0d-windres.patch b/dev-libs/openssl/files/openssl-1.0.0d-windres.patch deleted file mode 100644 index 0b360d2b3b..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0d-windres.patch +++ /dev/null @@ -1,76 +0,0 @@ -URL: http://rt.openssl.org/Ticket/Display.html?id=2558&user=guest&pass=guest -Subject: make windres controllable via build env var settings - -atm, the windres code in openssl is only usable via the cross-compile prefix -option unlike all the other build tools. so add support for the standard $RC -/ $WINDRES env vars as well. - -Index: Configure -=================================================================== -RCS file: /usr/local/src/openssl/CVSROOT/openssl/Configure,v -retrieving revision 1.621.2.40 -diff -u -p -r1.621.2.40 Configure ---- Configure 30 Nov 2010 22:19:26 -0000 1.621.2.40 -+++ Configure 4 Jul 2011 23:12:32 -0000 -@@ -1094,6 +1094,7 @@ my $shared_extension = $fields[$idx_shar - my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib]; - my $ar = $ENV{'AR'} || "ar"; - my $arflags = $fields[$idx_arflags]; -+my $windres = $ENV{'RC'} || $ENV{'WINDRES'} || "windres"; - my $multilib = $fields[$idx_multilib]; - - # if $prefix/lib$multilib is not an existing directory, then -@@ -1511,12 +1512,14 @@ while () - s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/; - s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/; - s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/; -+ s/^WINDRES=\s*/WINDRES= \$\(CROSS_COMPILE\)/; - s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc"; - } - else { - s/^CC=.*$/CC= $cc/; - s/^AR=\s*ar/AR= $ar/; - s/^RANLIB=.*/RANLIB= $ranlib/; -+ s/^WINDRES=.*/WINDRES= $windres/; - s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc"; - } - s/^CFLAG=.*$/CFLAG= $cflags/; -Index: Makefile.org -=================================================================== -RCS file: /usr/local/src/openssl/CVSROOT/openssl/Makefile.org,v -retrieving revision 1.295.2.10 -diff -u -p -r1.295.2.10 Makefile.org ---- Makefile.org 27 Jan 2010 16:06:58 -0000 1.295.2.10 -+++ Makefile.org 4 Jul 2011 23:13:08 -0000 -@@ -66,6 +66,7 @@ EXE_EXT= - ARFLAGS= - AR=ar $(ARFLAGS) r - RANLIB= ranlib -+WINDRES= windres - NM= nm - PERL= perl - TAR= tar -@@ -180,6 +181,7 @@ BUILDENV= PLATFORM='$(PLATFORM)' PROCESS - CC='$(CC)' CFLAG='$(CFLAG)' \ - AS='$(CC)' ASFLAG='$(CFLAG) -c' \ - AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \ -+ WINDRES='$(WINDRES)' \ - CROSS_COMPILE='$(CROSS_COMPILE)' \ - PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \ - SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \ -Index: Makefile.shared -=================================================================== -RCS file: /usr/local/src/openssl/CVSROOT/openssl/Makefile.shared,v -retrieving revision 1.72.2.4 -diff -u -p -r1.72.2.4 Makefile.shared ---- Makefile.shared 21 Aug 2010 11:36:49 -0000 1.72.2.4 -+++ Makefile.shared 4 Jul 2011 23:13:52 -0000 -@@ -293,7 +293,7 @@ link_a.cygwin: - fi; \ - dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \ - $(PERL) util/mkrc.pl $$dll_name | \ -- $(CROSS_COMPILE)windres -o rc.o; \ -+ $(WINDRES) -o rc.o; \ - extras="$$extras rc.o"; \ - ALLSYMSFLAGS='-Wl,--whole-archive'; \ - NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ diff --git a/dev-libs/openssl/files/openssl-1.0.0e-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.0e-parallel-build.patch deleted file mode 100644 index e1a030f9eb..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0e-parallel-build.patch +++ /dev/null @@ -1,315 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=2084 - ---- a/Makefile.org -+++ b/Makefile.org -@@ -247,17 +247,17 @@ - build_libs: build_crypto build_ssl build_engines - - build_crypto: -- @dir=crypto; target=all; $(BUILD_ONE_CMD) -+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) --build_ssl: -+build_ssl: build_crypto -- @dir=ssl; target=all; $(BUILD_ONE_CMD) -+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) --build_engines: -+build_engines: build_crypto -- @dir=engines; target=all; $(BUILD_ONE_CMD) -+ +@dir=engines; target=all; $(BUILD_ONE_CMD) --build_apps: -+build_apps: build_libs -- @dir=apps; target=all; $(BUILD_ONE_CMD) -+ +@dir=apps; target=all; $(BUILD_ONE_CMD) --build_tests: -+build_tests: build_libs -- @dir=test; target=all; $(BUILD_ONE_CMD) -+ +@dir=test; target=all; $(BUILD_ONE_CMD) --build_tools: -+build_tools: build_libs -- @dir=tools; target=all; $(BUILD_ONE_CMD) -+ +@dir=tools; target=all; $(BUILD_ONE_CMD) - - all_testapps: build_libs build_testapps - build_testapps: -@@ -497,9 +497,9 @@ - dist_pem_h: - (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) - --install: all install_docs install_sw -+install: install_docs install_sw - --install_sw: -+install_dirs: - @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ - $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ - $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ -@@ -508,6 +508,13 @@ - $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ - $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ - $(INSTALL_PREFIX)$(OPENSSLDIR)/private -+ @$(PERL) $(TOP)/util/mkdir-p.pl \ -+ $(INSTALL_PREFIX)$(MANDIR)/man1 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man3 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man5 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man7 -+ -+install_sw: install_dirs - @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ -@@ -511,7 +511,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @set -e; target=install; $(RECURSIVE_BUILD_CMD) -+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) - @set -e; for i in $(LIBS) ;\ - do \ - if [ -f "$$i" ]; then \ -@@ -593,12 +600,7 @@ - done; \ - done - --install_docs: -- @$(PERL) $(TOP)/util/mkdir-p.pl \ -- $(INSTALL_PREFIX)$(MANDIR)/man1 \ -- $(INSTALL_PREFIX)$(MANDIR)/man3 \ -- $(INSTALL_PREFIX)$(MANDIR)/man5 \ -- $(INSTALL_PREFIX)$(MANDIR)/man7 -+install_docs: install_dirs - @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ - here="`pwd`"; \ - filecase=; \ ---- a/crypto/Makefile -+++ b/crypto/Makefile -@@ -85,11 +85,11 @@ - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - - subdirs: -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO -- @target=files; $(RECURSIVE_MAKE) -+ +@target=files; $(RECURSIVE_MAKE) - - links: - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) -@@ -100,7 +100,7 @@ - # lib: $(LIB): are splitted to avoid end-less loop - lib: $(LIB) - @touch lib --$(LIB): $(LIBOBJ) -+$(LIB): $(LIBOBJ) | subdirs - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - -@@ -110,7 +110,7 @@ - fi - - libs: -- @target=lib; $(RECURSIVE_MAKE) -+ +@target=lib; $(RECURSIVE_MAKE) - - install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... -@@ -119,7 +119,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - lint: - @target=lint; $(RECURSIVE_MAKE) ---- a/engines/Makefile -+++ b/engines/Makefile -@@ -72,7 +72,7 @@ - - all: lib subdirs - --lib: $(LIBOBJ) -+lib: $(LIBOBJ) | subdirs - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - for l in $(LIBNAMES); do \ -@@ -89,7 +89,7 @@ - - subdirs: - echo $(EDIRS) -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO -@@ -128,7 +128,7 @@ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ - done; \ - fi -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - tags: - ctags $(SRC) ---- a/test/Makefile -+++ b/test/Makefile -@@ -123,7 +123,7 @@ - tags: - ctags $(SRC) - --tests: exe apps $(TESTS) -+tests: exe $(TESTS) - - apps: - @(cd ..; $(MAKE) DIRS=apps all) -@@ -345,106 +345,106 @@ - link_app.$${shlib_target} - - $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) -- @target=$(RSATEST); $(BUILD_CMD) -+ +@target=$(RSATEST); $(BUILD_CMD) - - $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) -- @target=$(BNTEST); $(BUILD_CMD) -+ +@target=$(BNTEST); $(BUILD_CMD) - - $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) -- @target=$(ECTEST); $(BUILD_CMD) -+ +@target=$(ECTEST); $(BUILD_CMD) - - $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) -- @target=$(EXPTEST); $(BUILD_CMD) -+ +@target=$(EXPTEST); $(BUILD_CMD) - - $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) -- @target=$(IDEATEST); $(BUILD_CMD) -+ +@target=$(IDEATEST); $(BUILD_CMD) - - $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) -- @target=$(MD2TEST); $(BUILD_CMD) -+ +@target=$(MD2TEST); $(BUILD_CMD) - - $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) -- @target=$(SHATEST); $(BUILD_CMD) -+ +@target=$(SHATEST); $(BUILD_CMD) - - $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) -- @target=$(SHA1TEST); $(BUILD_CMD) -+ +@target=$(SHA1TEST); $(BUILD_CMD) - - $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) -- @target=$(SHA256TEST); $(BUILD_CMD) -+ +@target=$(SHA256TEST); $(BUILD_CMD) - - $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) -- @target=$(SHA512TEST); $(BUILD_CMD) -+ +@target=$(SHA512TEST); $(BUILD_CMD) - - $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) -- @target=$(RMDTEST); $(BUILD_CMD) -+ +@target=$(RMDTEST); $(BUILD_CMD) - - $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) -- @target=$(MDC2TEST); $(BUILD_CMD) -+ +@target=$(MDC2TEST); $(BUILD_CMD) - - $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) -- @target=$(MD4TEST); $(BUILD_CMD) -+ +@target=$(MD4TEST); $(BUILD_CMD) - - $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) -- @target=$(MD5TEST); $(BUILD_CMD) -+ +@target=$(MD5TEST); $(BUILD_CMD) - - $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) -- @target=$(HMACTEST); $(BUILD_CMD) -+ +@target=$(HMACTEST); $(BUILD_CMD) - - $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) -- @target=$(WPTEST); $(BUILD_CMD) -+ +@target=$(WPTEST); $(BUILD_CMD) - - $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) -- @target=$(RC2TEST); $(BUILD_CMD) -+ +@target=$(RC2TEST); $(BUILD_CMD) - - $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) -- @target=$(BFTEST); $(BUILD_CMD) -+ +@target=$(BFTEST); $(BUILD_CMD) - - $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) -- @target=$(CASTTEST); $(BUILD_CMD) -+ +@target=$(CASTTEST); $(BUILD_CMD) - - $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) -- @target=$(RC4TEST); $(BUILD_CMD) -+ +@target=$(RC4TEST); $(BUILD_CMD) - - $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) -- @target=$(RC5TEST); $(BUILD_CMD) -+ +@target=$(RC5TEST); $(BUILD_CMD) - - $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) -- @target=$(DESTEST); $(BUILD_CMD) -+ +@target=$(DESTEST); $(BUILD_CMD) - - $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) -- @target=$(RANDTEST); $(BUILD_CMD) -+ +@target=$(RANDTEST); $(BUILD_CMD) - - $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) -- @target=$(DHTEST); $(BUILD_CMD) -+ +@target=$(DHTEST); $(BUILD_CMD) - - $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) -- @target=$(DSATEST); $(BUILD_CMD) -+ +@target=$(DSATEST); $(BUILD_CMD) - - $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) -- @target=$(METHTEST); $(BUILD_CMD) -+ +@target=$(METHTEST); $(BUILD_CMD) - - $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) -- @target=$(SSLTEST); $(BUILD_CMD) -+ +@target=$(SSLTEST); $(BUILD_CMD) - - $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) -- @target=$(ENGINETEST); $(BUILD_CMD) -+ +@target=$(ENGINETEST); $(BUILD_CMD) - - $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) -- @target=$(EVPTEST); $(BUILD_CMD) -+ +@target=$(EVPTEST); $(BUILD_CMD) - - $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) -- @target=$(ECDSATEST); $(BUILD_CMD) -+ +@target=$(ECDSATEST); $(BUILD_CMD) - - $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) -- @target=$(ECDHTEST); $(BUILD_CMD) -+ +@target=$(ECDHTEST); $(BUILD_CMD) - - $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) -- @target=$(IGETEST); $(BUILD_CMD) -+ +@target=$(IGETEST); $(BUILD_CMD) - - $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) -- @target=$(JPAKETEST); $(BUILD_CMD) -+ +@target=$(JPAKETEST); $(BUILD_CMD) - - $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) -- @target=$(ASN1TEST); $(BUILD_CMD) -+ +@target=$(ASN1TEST); $(BUILD_CMD) - - #$(AESTEST).o: $(AESTEST).c - # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c -@@ -457,7 +457,7 @@ - # fi - - dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) -- @target=dummytest; $(BUILD_CMD) -+ +@target=dummytest; $(BUILD_CMD) - - # DO NOT DELETE THIS LINE -- make depend depends on it. - diff --git a/dev-libs/openssl/files/openssl-1.0.0e-pkg-config.patch b/dev-libs/openssl/files/openssl-1.0.0e-pkg-config.patch deleted file mode 100644 index fcf286c2ec..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0e-pkg-config.patch +++ /dev/null @@ -1,42 +0,0 @@ -move internal libraries to ".private" fields so that the default ---libs output matches only what we need - ---- a/Makefile.org -+++ b/Makefile.org -@@ -325,7 +325,8 @@ libcrypto.pc: Makefile - echo 'Description: OpenSSL cryptography library'; \ - echo 'Version: '$(VERSION); \ - echo 'Requires: '; \ -- echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \ -+ echo 'Libs: -L$${libdir} -lcrypto'; \ -+ echo 'Libs.private: $(EX_LIBS)'; \ - echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc - - libssl.pc: Makefile -@@ -334,11 +335,12 @@ libssl.pc: Makefile - echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \ - echo 'includedir=$${prefix}/include'; \ - echo ''; \ -- echo 'Name: OpenSSL'; \ -+ echo 'Name: OpenSSL-libssl'; \ - echo 'Description: Secure Sockets Layer and cryptography libraries'; \ - echo 'Version: '$(VERSION); \ -- echo 'Requires: '; \ -- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \ -+ echo 'Requires.private: libcrypto'; \ -+ echo 'Libs: -L$${libdir} -lssl'; \ -+ echo 'Libs.private: $(EX_LIBS)'; \ - echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc - - openssl.pc: Makefile -@@ -350,9 +352,7 @@ openssl.pc: Makefile - echo 'Name: OpenSSL'; \ - echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \ - echo 'Version: '$(VERSION); \ -- echo 'Requires: '; \ -- echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \ -- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc -+ echo 'Requires: libssl libcrypto' ) > openssl.pc - - Makefile: Makefile.org Configure config - @echo "Makefile is older than Makefile.org, Configure or config." diff --git a/dev-libs/openssl/files/openssl-1.0.0e-x32.patch b/dev-libs/openssl/files/openssl-1.0.0e-x32.patch deleted file mode 100644 index d73a050ec9..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0e-x32.patch +++ /dev/null @@ -1,92 +0,0 @@ -http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=51bfed2e26fc13a66e8b5710aa2ce1d7a04af721 - -UpstreamStatus: Pending - -Received from H J Liu @ Intel -Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors. -Signed-Off-By: Nitin A Kamble 2011/07/13 - -ported the patch to the 1.0.0e version -Signed-Off-By: Nitin A Kamble 2011/12/01 -Index: openssl-1.0.0e/Configure -=================================================================== ---- openssl-1.0.0e.orig/Configure -+++ openssl-1.0.0e/Configure -@@ -393,6 +393,7 @@ my %table=( - "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", -+"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "linux-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", - #### SPARC Linux setups - # Ray Miller has patiently -Index: openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c -=================================================================== ---- openssl-1.0.0e.orig/crypto/bn/asm/x86_64-gcc.c -+++ openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c -@@ -55,7 +55,7 @@ - * machine. - */ - --#ifdef _WIN64 -+#if defined _WIN64 || !defined __LP64__ - #define BN_ULONG unsigned long long - #else - #define BN_ULONG unsigned long -@@ -192,9 +192,9 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con - asm ( - " subq %2,%2 \n" - ".p2align 4 \n" -- "1: movq (%4,%2,8),%0 \n" -- " adcq (%5,%2,8),%0 \n" -- " movq %0,(%3,%2,8) \n" -+ "1: movq (%q4,%2,8),%0 \n" -+ " adcq (%q5,%2,8),%0 \n" -+ " movq %0,(%q3,%2,8) \n" - " leaq 1(%2),%2 \n" - " loop 1b \n" - " sbbq %0,%0 \n" -@@ -215,9 +215,9 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con - asm ( - " subq %2,%2 \n" - ".p2align 4 \n" -- "1: movq (%4,%2,8),%0 \n" -- " sbbq (%5,%2,8),%0 \n" -- " movq %0,(%3,%2,8) \n" -+ "1: movq (%q4,%2,8),%0 \n" -+ " sbbq (%q5,%2,8),%0 \n" -+ " movq %0,(%q3,%2,8) \n" - " leaq 1(%2),%2 \n" - " loop 1b \n" - " sbbq %0,%0 \n" -Index: openssl-1.0.0e/crypto/bn/bn.h -=================================================================== ---- openssl-1.0.0e.orig/crypto/bn/bn.h -+++ openssl-1.0.0e/crypto/bn/bn.h -@@ -172,6 +172,13 @@ extern "C" { - # endif - #endif - -+/* Address type. */ -+#ifdef _WIN64 -+#define BN_ADDR unsigned long long -+#else -+#define BN_ADDR unsigned long -+#endif -+ - /* assuming long is 64bit - this is the DEC Alpha - * unsigned long long is only 64 bits :-(, don't define - * BN_LLONG for the DEC Alpha */ -Index: openssl-1.0.0e/crypto/bn/bn_exp.c -=================================================================== ---- openssl-1.0.0e.orig/crypto/bn/bn_exp.c -+++ openssl-1.0.0e/crypto/bn/bn_exp.c -@@ -561,7 +561,7 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBU - - /* Given a pointer value, compute the next address that is a cache line multiple. */ - #define MOD_EXP_CTIME_ALIGN(x_) \ -- ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ULONG)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) -+ ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ADDR)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) - - /* This variant of BN_mod_exp_mont() uses fixed windows and the special - * precomputation memory layout to limit data-dependency to a minimum diff --git a/dev-libs/openssl/files/openssl-1.0.0h-pkg-config.patch b/dev-libs/openssl/files/openssl-1.0.0h-pkg-config.patch deleted file mode 100644 index 66fd8220c5..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.0h-pkg-config.patch +++ /dev/null @@ -1,34 +0,0 @@ -https://rt.openssl.org/Ticket/Display.html?id=3332&user=guest&pass=guest - -depend on other pc files rather than encoding library info directly in -every pkg-config file - ---- a/Makefile.org -+++ b/Makefile.org -@@ -335,11 +335,11 @@ libssl.pc: Makefile - echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \ - echo 'includedir=$${prefix}/include'; \ - echo ''; \ -- echo 'Name: OpenSSL'; \ -+ echo 'Name: OpenSSL-libssl'; \ - echo 'Description: Secure Sockets Layer and cryptography libraries'; \ - echo 'Version: '$(VERSION); \ -- echo 'Requires: '; \ -- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \ -+ echo 'Requires.private: libcrypto'; \ -+ echo 'Libs: -L$${libdir} -lssl'; \ - echo 'Libs.private: $(EX_LIBS)'; \ - echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc - -@@ -352,10 +353,7 @@ openssl.pc: Makefile - echo 'Name: OpenSSL'; \ - echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \ - echo 'Version: '$(VERSION); \ -- echo 'Requires: '; \ -- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \ -- echo 'Libs.private: $(EX_LIBS)'; \ -- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc -+ echo 'Requires: libssl libcrypto' ) > openssl.pc - - Makefile: Makefile.org Configure config - @echo "Makefile is older than Makefile.org, Configure or config." diff --git a/dev-libs/openssl/files/openssl-1.0.1-gethostbyname2-solaris.patch b/dev-libs/openssl/files/openssl-1.0.1-gethostbyname2-solaris.patch deleted file mode 100644 index a65e3c3f7a..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1-gethostbyname2-solaris.patch +++ /dev/null @@ -1,17 +0,0 @@ ---- apps/s_socket.c -+++ apps/s_socket.c -@@ -718,9 +718,14 @@ - if (domain == AF_INET) - ret=gethostbyname(name); - #if OPENSSL_USE_IPV6 -+#if defined (__SVR4) && defined (__sun) -+ else -+ ret=getipnodebyname(name, AF_INET6, AI_DEFAULT, NULL); -+#else - else - ret=gethostbyname2(name, AF_INET6); - #endif -+#endif - if (ret == NULL) return(NULL); - /* else add to cache */ - if(strlen(name) < sizeof ghbn_cache[0].name) diff --git a/dev-libs/openssl/files/openssl-1.0.1-ipv6.patch b/dev-libs/openssl/files/openssl-1.0.1-ipv6.patch deleted file mode 100644 index 4955c65d31..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1-ipv6.patch +++ /dev/null @@ -1,678 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=2051 -user/pass: guest/guest - -Index: apps/s_apps.h -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_apps.h,v -retrieving revision 1.21.2.1 -diff -u -r1.21.2.1 s_apps.h ---- apps/s_apps.h 4 Sep 2009 17:42:04 -0000 1.21.2.1 -+++ apps/s_apps.h 28 Dec 2011 00:28:14 -0000 -@@ -148,7 +148,7 @@ - #define PORT_STR "4433" - #define PROTOCOL "tcp" - --int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context); -+int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6); - #ifdef HEADER_X509_H - int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); - #endif -@@ -156,7 +156,7 @@ - int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file); - int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key); - #endif --int init_client(int *sock, char *server, int port, int type); -+int init_client(int *sock, char *server, int port, int type, int use_ipv4, int use_ipv6); - int should_retry(int i); - int extract_port(char *str, short *port_ptr); - int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p); -Index: apps/s_cb.c -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_cb.c,v -retrieving revision 1.27.2.8.2.2 -diff -u -r1.27.2.8.2.2 s_cb.c ---- apps/s_cb.c 13 Nov 2011 13:13:13 -0000 1.27.2.8.2.2 -+++ apps/s_cb.c 28 Dec 2011 00:28:14 -0000 -Index: apps/s_client.c -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_client.c,v -retrieving revision 1.123.2.6.2.10 -diff -u -r1.123.2.6.2.10 s_client.c ---- apps/s_client.c 14 Dec 2011 22:18:02 -0000 1.123.2.6.2.10 -+++ apps/s_client.c 28 Dec 2011 00:28:14 -0000 -@@ -285,6 +285,9 @@ - { - BIO_printf(bio_err,"usage: s_client args\n"); - BIO_printf(bio_err,"\n"); -+#if OPENSSL_USE_IPV6 -+ BIO_printf(bio_err," -6 - use IPv6\n"); -+#endif - BIO_printf(bio_err," -host host - use -connect instead\n"); - BIO_printf(bio_err," -port port - use -connect instead\n"); - BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); -@@ -564,6 +567,7 @@ - int sbuf_len,sbuf_off; - fd_set readfds,writefds; - short port=PORT; -+ int use_ipv4, use_ipv6; - int full_log=1; - char *host=SSL_HOST_NAME; - char *cert_file=NULL,*key_file=NULL; -@@ -609,7 +613,11 @@ - #endif - char *sess_in = NULL; - char *sess_out = NULL; -- struct sockaddr peer; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage peer; -+#else -+ struct sockaddr_in peer; -+#endif - int peerlen = sizeof(peer); - int enable_timeouts = 0 ; - long socket_mtu = 0; -@@ -630,6 +638,8 @@ - meth=SSLv2_client_method(); - #endif - -+ use_ipv4 = 1; -+ use_ipv6 = 0; - apps_startup(); - c_Pause=0; - c_quiet=0; -@@ -951,6 +961,13 @@ - jpake_secret = *++argv; - } - #endif -+#if OPENSSL_USE_IPV6 -+ else if (strcmp(*argv,"-6") == 0) -+ { -+ use_ipv4 = 0; -+ use_ipv6 = 1; -+ } -+#endif - else if (strcmp(*argv,"-use_srtp") == 0) - { - if (--argc < 1) goto bad; -@@ -967,7 +984,7 @@ - keymatexportlen=atoi(*(++argv)); - if (keymatexportlen == 0) goto bad; - } -- else -+ else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badop=1; -@@ -1259,7 +1276,7 @@ - - re_start: - -- if (init_client(&s,host,port,socket_type) == 0) -+ if (init_client(&s,host,port,socket_type,use_ipv4,use_ipv6) == 0) - { - BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error()); - SHUTDOWN(s); -@@ -1285,7 +1302,7 @@ - { - - sbio=BIO_new_dgram(s,BIO_NOCLOSE); -- if (getsockname(s, &peer, (void *)&peerlen) < 0) -+ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0) - { - BIO_printf(bio_err, "getsockname:errno=%d\n", - get_last_socket_error()); -@@ -2036,7 +2061,7 @@ - BIO_printf(bio,"Expansion: %s\n", - expansion ? SSL_COMP_get_name(expansion) : "NONE"); - #endif -- -+ - #ifdef SSL_DEBUG - { - /* Print out local port of connection: useful for debugging */ -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_server.c,v -retrieving revision 1.136.2.15.2.13 -diff -u -r1.136.2.15.2.13 s_server.c ---- apps/s_server.c 27 Dec 2011 14:23:22 -0000 1.136.2.15.2.13 -+++ apps/s_server.c 28 Dec 2011 00:28:14 -0000 -@@ -558,6 +558,10 @@ - # endif - BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list"); - #endif -+ BIO_printf(bio_err," -4 - use IPv4 only\n"); -+#if OPENSSL_USE_IPV6 -+ BIO_printf(bio_err," -6 - use IPv6 only\n"); -+#endif - BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); - BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); - } -@@ -943,6 +947,7 @@ - int state=0; - const SSL_METHOD *meth=NULL; - int socket_type=SOCK_STREAM; -+ int use_ipv4, use_ipv6; - ENGINE *e=NULL; - char *inrand=NULL; - int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; -@@ -981,6 +986,12 @@ - /* #error no SSL version enabled */ - #endif - -+ use_ipv4 = 1; -+#if OPENSSL_USE_IPV6 -+ use_ipv6 = 1; -+#else -+ use_ipv6 = 0; -+#endif - local_argc=argc; - local_argv=argv; - -@@ -1329,6 +1340,18 @@ - jpake_secret = *(++argv); - } - #endif -+ else if (strcmp(*argv,"-4") == 0) -+ { -+ use_ipv4 = 1; -+ use_ipv6 = 0; -+ } -+#if OPENSSL_USE_IPV6 -+ else if (strcmp(*argv,"-6") == 0) -+ { -+ use_ipv4 = 0; -+ use_ipv6 = 1; -+ } -+#endif - else if (strcmp(*argv,"-use_srtp") == 0) - { - if (--argc < 1) goto bad; -@@ -1884,9 +1907,9 @@ - BIO_printf(bio_s_out,"ACCEPT\n"); - (void)BIO_flush(bio_s_out); - if (www) -- do_server(port,socket_type,&accept_socket,www_body, context); -+ do_server(port,socket_type,&accept_socket,www_body, context, use_ipv4, use_ipv6); - else -- do_server(port,socket_type,&accept_socket,sv_body, context); -+ do_server(port,socket_type,&accept_socket,sv_body, context, use_ipv4, use_ipv6); - print_stats(bio_s_out,ctx); - ret=0; - end: -Index: apps/s_socket.c -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_socket.c,v -retrieving revision 1.43.2.3.2.2 -diff -u -r1.43.2.3.2.2 s_socket.c ---- apps/s_socket.c 2 Dec 2011 14:39:40 -0000 1.43.2.3.2.2 -+++ apps/s_socket.c 28 Dec 2011 00:28:14 -0000 -@@ -97,16 +97,16 @@ - #include "netdb.h" - #endif - --static struct hostent *GetHostByName(char *name); -+static struct hostent *GetHostByName(char *name, int domain); - #if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) - static void ssl_sock_cleanup(void); - #endif - static int ssl_sock_init(void); --static int init_client_ip(int *sock,unsigned char ip[4], int port, int type); --static int init_server(int *sock, int port, int type); --static int init_server_long(int *sock, int port,char *ip, int type); -+static int init_client_ip(int *sock,unsigned char *ip, int port, int type, int domain); -+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6); -+static int init_server_long(int *sock, int port,char *ip, int type, int use_ipv4, int use_ipv6); - static int do_accept(int acc_sock, int *sock, char **host); --static int host_ip(char *str, unsigned char ip[4]); -+static int host_ip(char *str, unsigned char *ip, int domain); - - #ifdef OPENSSL_SYS_WIN16 - #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ -@@ -234,38 +234,76 @@ - return(1); - } - --int init_client(int *sock, char *host, int port, int type) -+int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6) - { -+#if OPENSSL_USE_IPV6 -+ unsigned char ip[16]; -+#else - unsigned char ip[4]; -+#endif - -- memset(ip, '\0', sizeof ip); -- if (!host_ip(host,&(ip[0]))) -+ if (!use_ipv4 && !use_ipv6) - return 0; -- return init_client_ip(sock,ip,port,type); -- } -- --static int init_client_ip(int *sock, unsigned char ip[4], int port, int type) -- { -- unsigned long addr; -+#if OPENSSL_USE_IPV6 -+ /* we are fine here */ -+#else -+ if (use_ipv6) -+ return 0; -+#endif -+ if (use_ipv4) -+ if (host_ip(host,ip,AF_INET)) -+ return(init_client_ip(sock,ip,port,type,AF_INET)); -+#if OPENSSL_USE_IPV6 -+ if (use_ipv6) -+ if (host_ip(host,ip,AF_INET6)) -+ return(init_client_ip(sock,ip,port,type,AF_INET6)); -+#endif -+ return 0; -+ } -+ -+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain) -+ { -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage them; -+ struct sockaddr_in *them_in = (struct sockaddr_in *)&them; -+ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them; -+#else - struct sockaddr_in them; -+ struct sockaddr_in *them_in = &them; -+#endif -+ socklen_t addr_len; - int s,i; - - if (!ssl_sock_init()) return(0); - - memset((char *)&them,0,sizeof(them)); -- them.sin_family=AF_INET; -- them.sin_port=htons((unsigned short)port); -- addr=(unsigned long) -- ((unsigned long)ip[0]<<24L)| -- ((unsigned long)ip[1]<<16L)| -- ((unsigned long)ip[2]<< 8L)| -- ((unsigned long)ip[3]); -- them.sin_addr.s_addr=htonl(addr); -+ if (domain == AF_INET) -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in); -+ them_in->sin_family=AF_INET; -+ them_in->sin_port=htons((unsigned short)port); -+#ifndef BIT_FIELD_LIMITS -+ memcpy(&them_in->sin_addr.s_addr, ip, 4); -+#else -+ memcpy(&them_in->sin_addr, ip, 4); -+#endif -+ } -+ else -+#if OPENSSL_USE_IPV6 -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in6); -+ them_in6->sin6_family=AF_INET6; -+ them_in6->sin6_port=htons((unsigned short)port); -+ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr)); -+ } -+#else -+ return(0); -+#endif - - if (type == SOCK_STREAM) -- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); -+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL); - else /* ( type == SOCK_DGRAM) */ -- s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP); -+ s=socket(domain,SOCK_DGRAM,IPPROTO_UDP); - - if (s == INVALID_SOCKET) { perror("socket"); return(0); } - -@@ -277,29 +315,27 @@ - if (i < 0) { perror("keepalive"); return(0); } - } - #endif -- -- if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1) -+ if (connect(s,(struct sockaddr *)&them,addr_len) == -1) - { closesocket(s); perror("connect"); return(0); } - *sock=s; - return(1); - } - --int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context) -+int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6) - { - int sock; - char *name = NULL; - int accept_socket = 0; - int i; - -- if (!init_server(&accept_socket,port,type)) return(0); -- -+ if (!init_server(&accept_socket,port,type, use_ipv4, use_ipv6)) return(0); - if (ret != NULL) - { - *ret=accept_socket; - /* return(1);*/ - } -- for (;;) -- { -+ for (;;) -+ { - if (type==SOCK_STREAM) - { - if (do_accept(accept_socket,&sock,&name) == 0) -@@ -322,41 +358,88 @@ - } - } - --static int init_server_long(int *sock, int port, char *ip, int type) -+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6) - { - int ret=0; -+ int domain; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage server; -+ struct sockaddr_in *server_in = (struct sockaddr_in *)&server; -+ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server; -+#else - struct sockaddr_in server; -+ struct sockaddr_in *server_in = &server; -+#endif -+ socklen_t addr_len; - int s= -1; - -+ if (!use_ipv4 && !use_ipv6) -+ goto err; -+#if OPENSSL_USE_IPV6 -+ /* we are fine here */ -+#else -+ if (use_ipv6) -+ goto err; -+#endif - if (!ssl_sock_init()) return(0); - -- memset((char *)&server,0,sizeof(server)); -- server.sin_family=AF_INET; -- server.sin_port=htons((unsigned short)port); -- if (ip == NULL) -- server.sin_addr.s_addr=INADDR_ANY; -- else --/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ --#ifndef BIT_FIELD_LIMITS -- memcpy(&server.sin_addr.s_addr,ip,4); -+#if OPENSSL_USE_IPV6 -+ domain = use_ipv6 ? AF_INET6 : AF_INET; - #else -- memcpy(&server.sin_addr,ip,4); -+ domain = AF_INET; - #endif -- -- if (type == SOCK_STREAM) -- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); -- else /* type == SOCK_DGRAM */ -- s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP); -+ if (type == SOCK_STREAM) -+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL); -+ else /* type == SOCK_DGRAM */ -+ s=socket(domain, SOCK_DGRAM,IPPROTO_UDP); - - if (s == INVALID_SOCKET) goto err; - #if defined SOL_SOCKET && defined SO_REUSEADDR -+ { -+ int j = 1; -+ setsockopt(s, SOL_SOCKET, SO_REUSEADDR, -+ (void *) &j, sizeof j); -+ } -+#endif -+#if OPENSSL_USE_IPV6 -+ if ((use_ipv4 == 0) && (use_ipv6 == 1)) - { -- int j = 1; -- setsockopt(s, SOL_SOCKET, SO_REUSEADDR, -- (void *) &j, sizeof j); -+ const int on = 1; -+ -+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, -+ (const void *) &on, sizeof(int)); - } - #endif -- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1) -+ if (domain == AF_INET) -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in); -+ memset(server_in, 0, sizeof(struct sockaddr_in)); -+ server_in->sin_family=AF_INET; -+ server_in->sin_port = htons((unsigned short)port); -+ if (ip == NULL) -+ server_in->sin_addr.s_addr = htonl(INADDR_ANY); -+ else -+/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ -+#ifndef BIT_FIELD_LIMITS -+ memcpy(&server_in->sin_addr.s_addr, ip, 4); -+#else -+ memcpy(&server_in->sin_addr, ip, 4); -+#endif -+ } -+#if OPENSSL_USE_IPV6 -+ else -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in6); -+ memset(server_in6, 0, sizeof(struct sockaddr_in6)); -+ server_in6->sin6_family = AF_INET6; -+ server_in6->sin6_port = htons((unsigned short)port); -+ if (ip == NULL) -+ server_in6->sin6_addr = in6addr_any; -+ else -+ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr)); -+ } -+#endif -+ if (bind(s, (struct sockaddr *)&server, addr_len) == -1) - { - #ifndef OPENSSL_SYS_WINDOWS - perror("bind"); -@@ -375,16 +458,23 @@ - return(ret); - } - --static int init_server(int *sock, int port, int type) -+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6) - { -- return(init_server_long(sock, port, NULL, type)); -+ return(init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6)); - } - - static int do_accept(int acc_sock, int *sock, char **host) - { - int ret; - struct hostent *h1,*h2; -- static struct sockaddr_in from; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage from; -+ struct sockaddr_in *from_in = (struct sockaddr_in *)&from; -+ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from; -+#else -+ struct sockaddr_in from; -+ struct sockaddr_in *from_in = &from; -+#endif - int len; - /* struct linger ling; */ - -@@ -431,13 +521,23 @@ - */ - - if (host == NULL) goto end; -+#if OPENSSL_USE_IPV6 -+ if (from.ss_family == AF_INET) -+#else -+ if (from.sin_family == AF_INET) -+#endif - #ifndef BIT_FIELD_LIMITS -- /* I should use WSAAsyncGetHostByName() under windows */ -- h1=gethostbyaddr((char *)&from.sin_addr.s_addr, -- sizeof(from.sin_addr.s_addr),AF_INET); -+ /* I should use WSAAsyncGetHostByName() under windows */ -+ h1=gethostbyaddr((char *)&from_in->sin_addr.s_addr, -+ sizeof(from_in->sin_addr.s_addr), AF_INET); - #else -- h1=gethostbyaddr((char *)&from.sin_addr, -- sizeof(struct in_addr),AF_INET); -+ h1=gethostbyaddr((char *)&from_in->sin_addr, -+ sizeof(struct in_addr), AF_INET); -+#endif -+#if OPENSSL_USE_IPV6 -+ else -+ h1=gethostbyaddr((char *)&from_in6->sin6_addr, -+ sizeof(struct in6_addr), AF_INET6); - #endif - if (h1 == NULL) - { -@@ -454,15 +554,23 @@ - } - BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1); - -- h2=GetHostByName(*host); -+#if OPENSSL_USE_IPV6 -+ h2=GetHostByName(*host, from.ss_family); -+#else -+ h2=GetHostByName(*host, from.sin_family); -+#endif - if (h2 == NULL) - { - BIO_printf(bio_err,"gethostbyname failure\n"); - return(0); - } -- if (h2->h_addrtype != AF_INET) -+#if OPENSSL_USE_IPV6 -+ if (h2->h_addrtype != from.ss_family) -+#else -+ if (h2->h_addrtype != from.sin_family) -+#endif - { -- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); -+ BIO_printf(bio_err,"gethostbyname addr address is not correct\n"); - return(0); - } - } -@@ -477,7 +585,7 @@ - char *h,*p; - - h=str; -- p=strchr(str,':'); -+ p=strrchr(str,':'); - if (p == NULL) - { - BIO_printf(bio_err,"no port defined\n"); -@@ -485,7 +593,7 @@ - } - *(p++)='\0'; - -- if ((ip != NULL) && !host_ip(str,ip)) -+ if ((ip != NULL) && !host_ip(str,ip,AF_INET)) - goto err; - if (host_ptr != NULL) *host_ptr=h; - -@@ -496,48 +604,58 @@ - return(0); - } - --static int host_ip(char *str, unsigned char ip[4]) -+static int host_ip(char *str, unsigned char *ip, int domain) - { -- unsigned int in[4]; -+ unsigned int in[4]; -+ unsigned long l; - int i; - -- if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4) -+ if ((domain == AF_INET) && -+ (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)) - { -+ - for (i=0; i<4; i++) - if (in[i] > 255) - { - BIO_printf(bio_err,"invalid IP address\n"); - goto err; - } -- ip[0]=in[0]; -- ip[1]=in[1]; -- ip[2]=in[2]; -- ip[3]=in[3]; -- } -+ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]); -+ memcpy(ip, &l, 4); -+ return 1; -+ } -+#if OPENSSL_USE_IPV6 -+ else if ((domain == AF_INET6) && -+ (inet_pton(AF_INET6, str, ip) == 1)) -+ return 1; -+#endif - else - { /* do a gethostbyname */ - struct hostent *he; - - if (!ssl_sock_init()) return(0); - -- he=GetHostByName(str); -+ he=GetHostByName(str,domain); - if (he == NULL) - { - BIO_printf(bio_err,"gethostbyname failure\n"); - goto err; - } - /* cast to short because of win16 winsock definition */ -- if ((short)he->h_addrtype != AF_INET) -+ if ((short)he->h_addrtype != domain) - { -- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); -+ BIO_printf(bio_err,"gethostbyname addr family is not correct\n"); - return(0); - } -- ip[0]=he->h_addr_list[0][0]; -- ip[1]=he->h_addr_list[0][1]; -- ip[2]=he->h_addr_list[0][2]; -- ip[3]=he->h_addr_list[0][3]; -+ if (domain == AF_INET) -+ memset(ip, 0, 4); -+#if OPENSSL_USE_IPV6 -+ else -+ memset(ip, 0, 16); -+#endif -+ memcpy(ip, he->h_addr_list[0], he->h_length); -+ return 1; - } -- return(1); - err: - return(0); - } -@@ -574,7 +692,7 @@ - static unsigned long ghbn_hits=0L; - static unsigned long ghbn_miss=0L; - --static struct hostent *GetHostByName(char *name) -+static struct hostent *GetHostByName(char *name, int domain) - { - struct hostent *ret; - int i,lowi=0; -@@ -589,14 +707,20 @@ - } - if (ghbn_cache[i].order > 0) - { -- if (strncmp(name,ghbn_cache[i].name,128) == 0) -+ if ((strncmp(name,ghbn_cache[i].name,128) == 0) && -+ (ghbn_cache[i].ent.h_addrtype == domain)) - break; - } - } - if (i == GHBN_NUM) /* no hit*/ - { - ghbn_miss++; -- ret=gethostbyname(name); -+ if (domain == AF_INET) -+ ret=gethostbyname(name); -+#if OPENSSL_USE_IPV6 -+ else -+ ret=gethostbyname2(name, AF_INET6); -+#endif - if (ret == NULL) return(NULL); - /* else add to cache */ - if(strlen(name) < sizeof ghbn_cache[0].name) diff --git a/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch deleted file mode 100644 index 19f859abb2..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch +++ /dev/null @@ -1,354 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=2084 - ---- a/Makefile.org -+++ b/Makefile.org -@@ -247,17 +247,17 @@ - build_libs: build_crypto build_ssl build_engines - - build_crypto: -- @dir=crypto; target=all; $(BUILD_ONE_CMD) -+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) --build_ssl: -+build_ssl: build_crypto -- @dir=ssl; target=all; $(BUILD_ONE_CMD) -+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) --build_engines: -+build_engines: build_crypto -- @dir=engines; target=all; $(BUILD_ONE_CMD) -+ +@dir=engines; target=all; $(BUILD_ONE_CMD) --build_apps: -+build_apps: build_libs -- @dir=apps; target=all; $(BUILD_ONE_CMD) -+ +@dir=apps; target=all; $(BUILD_ONE_CMD) --build_tests: -+build_tests: build_libs -- @dir=test; target=all; $(BUILD_ONE_CMD) -+ +@dir=test; target=all; $(BUILD_ONE_CMD) --build_tools: -+build_tools: build_libs -- @dir=tools; target=all; $(BUILD_ONE_CMD) -+ +@dir=tools; target=all; $(BUILD_ONE_CMD) - - all_testapps: build_libs build_testapps - build_testapps: -@@ -497,9 +497,9 @@ - dist_pem_h: - (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) - --install: all install_docs install_sw -+install: install_docs install_sw - --install_sw: -+install_dirs: - @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ - $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ - $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ -@@ -508,6 +508,13 @@ - $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ - $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ - $(INSTALL_PREFIX)$(OPENSSLDIR)/private -+ @$(PERL) $(TOP)/util/mkdir-p.pl \ -+ $(INSTALL_PREFIX)$(MANDIR)/man1 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man3 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man5 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man7 -+ -+install_sw: install_dirs - @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ -@@ -511,7 +511,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @set -e; target=install; $(RECURSIVE_BUILD_CMD) -+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) - @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ - do \ - if [ -f "$$i" ]; then \ -@@ -593,12 +600,7 @@ - done; \ - done - --install_docs: -- @$(PERL) $(TOP)/util/mkdir-p.pl \ -- $(INSTALL_PREFIX)$(MANDIR)/man1 \ -- $(INSTALL_PREFIX)$(MANDIR)/man3 \ -- $(INSTALL_PREFIX)$(MANDIR)/man5 \ -- $(INSTALL_PREFIX)$(MANDIR)/man7 -+install_docs: install_dirs - @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ - here="`pwd`"; \ - filecase=; \ ---- a/Makefile.shared -+++ b/Makefile.shared -@@ -105,6 +105,7 @@ LINK_SO= \ - SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ - LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ - LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ -+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ - $${SHAREDCMD} $${SHAREDFLAGS} \ - -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ -@@ -122,6 +124,7 @@ SYMLINK_SO= \ - done; \ - fi; \ - if [ -n "$$SHLIB_SOVER" ]; then \ -+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ - ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ - ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ - fi; \ ---- a/crypto/Makefile -+++ b/crypto/Makefile -@@ -85,11 +85,11 @@ - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - - subdirs: -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO -- @target=files; $(RECURSIVE_MAKE) -+ +@target=files; $(RECURSIVE_MAKE) - - links: - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) -@@ -100,7 +100,7 @@ - # lib: $(LIB): are splitted to avoid end-less loop - lib: $(LIB) - @touch lib --$(LIB): $(LIBOBJ) -+$(LIB): $(LIBOBJ) | subdirs - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - -@@ -110,7 +110,7 @@ - fi - - libs: -- @target=lib; $(RECURSIVE_MAKE) -+ +@target=lib; $(RECURSIVE_MAKE) - - install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... -@@ -119,7 +119,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - lint: - @target=lint; $(RECURSIVE_MAKE) ---- a/engines/Makefile -+++ b/engines/Makefile -@@ -72,7 +72,7 @@ - - all: lib subdirs - --lib: $(LIBOBJ) -+lib: $(LIBOBJ) | subdirs - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - for l in $(LIBNAMES); do \ -@@ -89,7 +89,7 @@ - - subdirs: - echo $(EDIRS) -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO -@@ -128,7 +128,7 @@ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ - done; \ - fi -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - tags: - ctags $(SRC) ---- a/test/Makefile -+++ b/test/Makefile -@@ -123,7 +123,7 @@ - tags: - ctags $(SRC) - --tests: exe apps $(TESTS) -+tests: exe $(TESTS) - - apps: - @(cd ..; $(MAKE) DIRS=apps all) -@@ -365,109 +365,109 @@ - link_app.$${shlib_target} - - $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) -- @target=$(RSATEST); $(BUILD_CMD) -+ +@target=$(RSATEST); $(BUILD_CMD) - - $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) -- @target=$(BNTEST); $(BUILD_CMD) -+ +@target=$(BNTEST); $(BUILD_CMD) - - $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) -- @target=$(ECTEST); $(BUILD_CMD) -+ +@target=$(ECTEST); $(BUILD_CMD) - - $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) -- @target=$(EXPTEST); $(BUILD_CMD) -+ +@target=$(EXPTEST); $(BUILD_CMD) - - $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) -- @target=$(IDEATEST); $(BUILD_CMD) -+ +@target=$(IDEATEST); $(BUILD_CMD) - - $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) -- @target=$(MD2TEST); $(BUILD_CMD) -+ +@target=$(MD2TEST); $(BUILD_CMD) - - $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) -- @target=$(SHATEST); $(BUILD_CMD) -+ +@target=$(SHATEST); $(BUILD_CMD) - - $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) -- @target=$(SHA1TEST); $(BUILD_CMD) -+ +@target=$(SHA1TEST); $(BUILD_CMD) - - $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) -- @target=$(SHA256TEST); $(BUILD_CMD) -+ +@target=$(SHA256TEST); $(BUILD_CMD) - - $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) -- @target=$(SHA512TEST); $(BUILD_CMD) -+ +@target=$(SHA512TEST); $(BUILD_CMD) - - $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) -- @target=$(RMDTEST); $(BUILD_CMD) -+ +@target=$(RMDTEST); $(BUILD_CMD) - - $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) -- @target=$(MDC2TEST); $(BUILD_CMD) -+ +@target=$(MDC2TEST); $(BUILD_CMD) - - $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) -- @target=$(MD4TEST); $(BUILD_CMD) -+ +@target=$(MD4TEST); $(BUILD_CMD) - - $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) -- @target=$(MD5TEST); $(BUILD_CMD) -+ +@target=$(MD5TEST); $(BUILD_CMD) - - $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) -- @target=$(HMACTEST); $(BUILD_CMD) -+ +@target=$(HMACTEST); $(BUILD_CMD) - - $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) -- @target=$(WPTEST); $(BUILD_CMD) -+ +@target=$(WPTEST); $(BUILD_CMD) - - $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) -- @target=$(RC2TEST); $(BUILD_CMD) -+ +@target=$(RC2TEST); $(BUILD_CMD) - - $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) -- @target=$(BFTEST); $(BUILD_CMD) -+ +@target=$(BFTEST); $(BUILD_CMD) - - $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) -- @target=$(CASTTEST); $(BUILD_CMD) -+ +@target=$(CASTTEST); $(BUILD_CMD) - - $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) -- @target=$(RC4TEST); $(BUILD_CMD) -+ +@target=$(RC4TEST); $(BUILD_CMD) - - $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) -- @target=$(RC5TEST); $(BUILD_CMD) -+ +@target=$(RC5TEST); $(BUILD_CMD) - - $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) -- @target=$(DESTEST); $(BUILD_CMD) -+ +@target=$(DESTEST); $(BUILD_CMD) - - $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) -- @target=$(RANDTEST); $(BUILD_CMD) -+ +@target=$(RANDTEST); $(BUILD_CMD) - - $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) -- @target=$(DHTEST); $(BUILD_CMD) -+ +@target=$(DHTEST); $(BUILD_CMD) - - $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) -- @target=$(DSATEST); $(BUILD_CMD) -+ +@target=$(DSATEST); $(BUILD_CMD) - - $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) -- @target=$(METHTEST); $(BUILD_CMD) -+ +@target=$(METHTEST); $(BUILD_CMD) - - $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) -- @target=$(SSLTEST); $(FIPS_BUILD_CMD) -+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) - - $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) -- @target=$(ENGINETEST); $(BUILD_CMD) -+ +@target=$(ENGINETEST); $(BUILD_CMD) - - $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) -- @target=$(EVPTEST); $(BUILD_CMD) -+ +@target=$(EVPTEST); $(BUILD_CMD) - - $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) -- @target=$(ECDSATEST); $(BUILD_CMD) -+ +@target=$(ECDSATEST); $(BUILD_CMD) - - $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) -- @target=$(ECDHTEST); $(BUILD_CMD) -+ +@target=$(ECDHTEST); $(BUILD_CMD) - - $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) -- @target=$(IGETEST); $(BUILD_CMD) -+ +@target=$(IGETEST); $(BUILD_CMD) - - $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) -- @target=$(JPAKETEST); $(BUILD_CMD) -+ +@target=$(JPAKETEST); $(BUILD_CMD) - - $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) -- @target=$(ASN1TEST); $(BUILD_CMD) -+ +@target=$(ASN1TEST); $(BUILD_CMD) - - $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) -- @target=$(SRPTEST); $(BUILD_CMD) -+ +@target=$(SRPTEST); $(BUILD_CMD) - - #$(AESTEST).o: $(AESTEST).c - # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c -@@ -480,7 +480,7 @@ - # fi - - dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) -- @target=dummytest; $(BUILD_CMD) -+ +@target=dummytest; $(BUILD_CMD) - - # DO NOT DELETE THIS LINE -- make depend depends on it. - ---- a/crypto/objects/Makefile -+++ b/crypto/objects/Makefile -@@ -44,11 +44,11 @@ obj_dat.h: obj_dat.pl obj_mac.h - # objects.pl both reads and writes obj_mac.num - obj_mac.h: objects.pl objects.txt obj_mac.num - $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h -- @sleep 1; touch obj_mac.h; sleep 1 - --obj_xref.h: objxref.pl obj_xref.txt obj_mac.num -+# This doesn't really need obj_mac.h, but since that rule reads & writes -+# obj_mac.num, we can't run in parallel with it. -+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h - $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h -- @sleep 1; touch obj_xref.h; sleep 1 - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO diff --git a/dev-libs/openssl/files/openssl-1.0.1-x32.patch b/dev-libs/openssl/files/openssl-1.0.1-x32.patch deleted file mode 100644 index 5106cb6e82..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1-x32.patch +++ /dev/null @@ -1,79 +0,0 @@ -http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=51bfed2e26fc13a66e8b5710aa2ce1d7a04af721 - -UpstreamStatus: Pending - -Received from H J Liu @ Intel -Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors. -Signed-Off-By: Nitin A Kamble 2011/07/13 - -ported the patch to the 1.0.0e version -Signed-Off-By: Nitin A Kamble 2011/12/01 -Index: openssl-1.0.0e/Configure -=================================================================== ---- openssl-1.0.0e.orig/Configure -+++ openssl-1.0.0e/Configure -@@ -393,6 +393,7 @@ my %table=( - "debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", -+"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "dist", "cc:-O::(unknown)::::::", - - # Basic configs that should work on any (32 and less bit) box -Index: openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c -=================================================================== ---- openssl-1.0.0e.orig/crypto/bn/asm/x86_64-gcc.c -+++ openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c -@@ -55,7 +55,7 @@ - * machine. - */ - --#ifdef _WIN64 -+#if defined _WIN64 || !defined __LP64__ - #define BN_ULONG unsigned long long - #else - #define BN_ULONG unsigned long -@@ -192,9 +192,9 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con - asm ( - " subq %2,%2 \n" - ".p2align 4 \n" -- "1: movq (%4,%2,8),%0 \n" -- " adcq (%5,%2,8),%0 \n" -- " movq %0,(%3,%2,8) \n" -+ "1: movq (%q4,%2,8),%0 \n" -+ " adcq (%q5,%2,8),%0 \n" -+ " movq %0,(%q3,%2,8) \n" - " leaq 1(%2),%2 \n" - " loop 1b \n" - " sbbq %0,%0 \n" -@@ -215,9 +215,9 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con - asm ( - " subq %2,%2 \n" - ".p2align 4 \n" -- "1: movq (%4,%2,8),%0 \n" -- " sbbq (%5,%2,8),%0 \n" -- " movq %0,(%3,%2,8) \n" -+ "1: movq (%q4,%2,8),%0 \n" -+ " sbbq (%q5,%2,8),%0 \n" -+ " movq %0,(%q3,%2,8) \n" - " leaq 1(%2),%2 \n" - " loop 1b \n" - " sbbq %0,%0 \n" -Index: openssl-1.0.0e/crypto/bn/bn.h -=================================================================== ---- openssl-1.0.0e.orig/crypto/bn/bn.h -+++ openssl-1.0.0e/crypto/bn/bn.h -@@ -172,6 +172,13 @@ extern "C" { - # endif - #endif - -+/* Address type. */ -+#ifdef _WIN64 -+#define BN_ADDR unsigned long long -+#else -+#define BN_ADDR unsigned long -+#endif -+ - /* assuming long is 64bit - this is the DEC Alpha - * unsigned long long is only 64 bits :-(, don't define - * BN_LLONG for the DEC Alpha */ diff --git a/dev-libs/openssl/files/openssl-1.0.1e-bad-mac-aes-ni.patch b/dev-libs/openssl/files/openssl-1.0.1e-bad-mac-aes-ni.patch deleted file mode 100644 index 4422a62c42..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1e-bad-mac-aes-ni.patch +++ /dev/null @@ -1,35 +0,0 @@ -https://bugs.gentoo.org/463444 - -From 9ab3ce124616cb12bd39c6aa1e1bde0f46969b29 Mon Sep 17 00:00:00 2001 -From: Andy Polyakov -Date: Mon, 18 Mar 2013 19:29:41 +0100 -Subject: [PATCH] e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI - plaforms. - -PR: 3002 -(cherry picked from commit 5c60046553716fcf160718f59160493194f212dc) ---- - crypto/evp/e_aes_cbc_hmac_sha1.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c -index 483e04b..fb2c884 100644 ---- a/crypto/evp/e_aes_cbc_hmac_sha1.c -+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c -@@ -328,10 +328,11 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - - if (res!=SHA_CBLOCK) continue; - -- mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1)); -+ /* j is not incremented yet */ -+ mask = 0-((inp_len+7-j)>>(sizeof(j)*8-1)); - data->u[SHA_LBLOCK-1] |= bitlen&mask; - sha1_block_data_order(&key->md,data,1); -- mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1)); -+ mask &= 0-((j-inp_len-72)>>(sizeof(j)*8-1)); - pmac->u[0] |= key->md.h0 & mask; - pmac->u[1] |= key->md.h1 & mask; - pmac->u[2] |= key->md.h2 & mask; --- -1.8.2.1 - diff --git a/dev-libs/openssl/files/openssl-1.0.1e-ipv6.patch b/dev-libs/openssl/files/openssl-1.0.1e-ipv6.patch deleted file mode 100644 index 521cfb5ed6..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1e-ipv6.patch +++ /dev/null @@ -1,656 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=2051 -user/pass: guest/guest - -Index: apps/s_apps.h -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_apps.h,v -retrieving revision 1.21.2.1 -diff -u -r1.21.2.1 s_apps.h ---- apps/s_apps.h 4 Sep 2009 17:42:04 -0000 1.21.2.1 -+++ apps/s_apps.h 28 Dec 2011 00:28:14 -0000 -@@ -148,7 +148,7 @@ - #define PORT_STR "4433" - #define PROTOCOL "tcp" - --int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context); -+int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6); - #ifdef HEADER_X509_H - int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); - #endif -@@ -156,7 +156,7 @@ - int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file); - int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key); - #endif --int init_client(int *sock, char *server, int port, int type); -+int init_client(int *sock, char *server, int port, int type, int use_ipv4, int use_ipv6); - int should_retry(int i); - int extract_port(char *str, short *port_ptr); - int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p); -Index: apps/s_client.c -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_client.c,v -retrieving revision 1.123.2.6.2.10 -diff -u -r1.123.2.6.2.10 s_client.c ---- apps/s_client.c 14 Dec 2011 22:18:02 -0000 1.123.2.6.2.10 -+++ apps/s_client.c 28 Dec 2011 00:28:14 -0000 -@@ -285,6 +285,10 @@ - { - BIO_printf(bio_err,"usage: s_client args\n"); - BIO_printf(bio_err,"\n"); -+ BIO_printf(bio_err," -4 - use IPv4 only\n"); -+#if OPENSSL_USE_IPV6 -+ BIO_printf(bio_err," -6 - use IPv6 only\n"); -+#endif - BIO_printf(bio_err," -host host - use -connect instead\n"); - BIO_printf(bio_err," -port port - use -connect instead\n"); - BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); -@@ -564,6 +567,7 @@ - int sbuf_len,sbuf_off; - fd_set readfds,writefds; - short port=PORT; -+ int use_ipv4, use_ipv6; - int full_log=1; - char *host=SSL_HOST_NAME; - char *cert_file=NULL,*key_file=NULL; -@@ -609,7 +613,11 @@ - #endif - char *sess_in = NULL; - char *sess_out = NULL; -- struct sockaddr peer; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage peer; -+#else -+ struct sockaddr_in peer; -+#endif - int peerlen = sizeof(peer); - int enable_timeouts = 0 ; - long socket_mtu = 0; -@@ -630,6 +638,12 @@ - meth=SSLv2_client_method(); - #endif - -+ use_ipv4 = 1; -+#if OPENSSL_USE_IPV6 -+ use_ipv6 = 1; -+#else -+ use_ipv6 = 0; -+#endif - apps_startup(); - c_Pause=0; - c_quiet=0; -@@ -951,6 +961,18 @@ - jpake_secret = *++argv; - } - #endif -+ else if (strcmp(*argv,"-4") == 0) -+ { -+ use_ipv4 = 1; -+ use_ipv6 = 0; -+ } -+#if OPENSSL_USE_IPV6 -+ else if (strcmp(*argv,"-6") == 0) -+ { -+ use_ipv4 = 0; -+ use_ipv6 = 1; -+ } -+#endif - #ifndef OPENSSL_NO_SRTP - else if (strcmp(*argv,"-use_srtp") == 0) - { -@@ -1259,7 +1276,7 @@ - - re_start: - -- if (init_client(&s,host,port,socket_type) == 0) -+ if (init_client(&s,host,port,socket_type,use_ipv4,use_ipv6) == 0) - { - BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error()); - SHUTDOWN(s); -@@ -1285,7 +1302,7 @@ - { - - sbio=BIO_new_dgram(s,BIO_NOCLOSE); -- if (getsockname(s, &peer, (void *)&peerlen) < 0) -+ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0) - { - BIO_printf(bio_err, "getsockname:errno=%d\n", - get_last_socket_error()); -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_server.c,v -retrieving revision 1.136.2.15.2.13 -diff -u -r1.136.2.15.2.13 s_server.c ---- apps/s_server.c 27 Dec 2011 14:23:22 -0000 1.136.2.15.2.13 -+++ apps/s_server.c 28 Dec 2011 00:28:14 -0000 -@@ -558,6 +558,10 @@ - # endif - BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list"); - #endif -+ BIO_printf(bio_err," -4 - use IPv4 only\n"); -+#if OPENSSL_USE_IPV6 -+ BIO_printf(bio_err," -6 - use IPv6 only\n"); -+#endif - BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); - BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); - } -@@ -943,6 +947,7 @@ - int state=0; - const SSL_METHOD *meth=NULL; - int socket_type=SOCK_STREAM; -+ int use_ipv4, use_ipv6; - ENGINE *e=NULL; - char *inrand=NULL; - int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; -@@ -981,6 +986,12 @@ - /* #error no SSL version enabled */ - #endif - -+ use_ipv4 = 1; -+#if OPENSSL_USE_IPV6 -+ use_ipv6 = 1; -+#else -+ use_ipv6 = 0; -+#endif - local_argc=argc; - local_argv=argv; - -@@ -1329,6 +1340,18 @@ - jpake_secret = *(++argv); - } - #endif -+ else if (strcmp(*argv,"-4") == 0) -+ { -+ use_ipv4 = 1; -+ use_ipv6 = 0; -+ } -+#if OPENSSL_USE_IPV6 -+ else if (strcmp(*argv,"-6") == 0) -+ { -+ use_ipv4 = 0; -+ use_ipv6 = 1; -+ } -+#endif - #ifndef OPENSSL_NO_SRTP - else if (strcmp(*argv,"-use_srtp") == 0) - { -@@ -1884,9 +1907,9 @@ - BIO_printf(bio_s_out,"ACCEPT\n"); - (void)BIO_flush(bio_s_out); - if (www) -- do_server(port,socket_type,&accept_socket,www_body, context); -+ do_server(port,socket_type,&accept_socket,www_body, context, use_ipv4, use_ipv6); - else -- do_server(port,socket_type,&accept_socket,sv_body, context); -+ do_server(port,socket_type,&accept_socket,sv_body, context, use_ipv4, use_ipv6); - print_stats(bio_s_out,ctx); - ret=0; - end: -Index: apps/s_socket.c -=================================================================== -RCS file: /v/openssl/cvs/openssl/apps/s_socket.c,v -retrieving revision 1.43.2.3.2.2 -diff -u -r1.43.2.3.2.2 s_socket.c ---- apps/s_socket.c 2 Dec 2011 14:39:40 -0000 1.43.2.3.2.2 -+++ apps/s_socket.c 28 Dec 2011 00:28:14 -0000 -@@ -97,16 +97,16 @@ - #include "netdb.h" - #endif - --static struct hostent *GetHostByName(char *name); -+static struct hostent *GetHostByName(char *name, int domain); - #if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) - static void ssl_sock_cleanup(void); - #endif - static int ssl_sock_init(void); --static int init_client_ip(int *sock,unsigned char ip[4], int port, int type); --static int init_server(int *sock, int port, int type); --static int init_server_long(int *sock, int port,char *ip, int type); -+static int init_client_ip(int *sock,unsigned char *ip, int port, int type, int domain); -+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6); -+static int init_server_long(int *sock, int port,char *ip, int type, int use_ipv4, int use_ipv6); - static int do_accept(int acc_sock, int *sock, char **host); --static int host_ip(char *str, unsigned char ip[4]); -+static int host_ip(char *str, unsigned char *ip, int domain); - - #ifdef OPENSSL_SYS_WIN16 - #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ -@@ -234,38 +234,68 @@ - return(1); - } - --int init_client(int *sock, char *host, int port, int type) -+int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6) - { -+#if OPENSSL_USE_IPV6 -+ unsigned char ip[16]; -+#else - unsigned char ip[4]; -+#endif - -- memset(ip, '\0', sizeof ip); -- if (!host_ip(host,&(ip[0]))) -- return 0; -- return init_client_ip(sock,ip,port,type); -- } -- --static int init_client_ip(int *sock, unsigned char ip[4], int port, int type) -- { -- unsigned long addr; -+ if (use_ipv4) -+ if (host_ip(host,ip,AF_INET)) -+ return(init_client_ip(sock,ip,port,type,AF_INET)); -+#if OPENSSL_USE_IPV6 -+ if (use_ipv6) -+ if (host_ip(host,ip,AF_INET6)) -+ return(init_client_ip(sock,ip,port,type,AF_INET6)); -+#endif -+ return 0; -+ } -+ -+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain) -+ { -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage them; -+ struct sockaddr_in *them_in = (struct sockaddr_in *)&them; -+ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them; -+#else - struct sockaddr_in them; -+ struct sockaddr_in *them_in = &them; -+#endif -+ socklen_t addr_len; - int s,i; - - if (!ssl_sock_init()) return(0); - - memset((char *)&them,0,sizeof(them)); -- them.sin_family=AF_INET; -- them.sin_port=htons((unsigned short)port); -- addr=(unsigned long) -- ((unsigned long)ip[0]<<24L)| -- ((unsigned long)ip[1]<<16L)| -- ((unsigned long)ip[2]<< 8L)| -- ((unsigned long)ip[3]); -- them.sin_addr.s_addr=htonl(addr); -+ if (domain == AF_INET) -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in); -+ them_in->sin_family=AF_INET; -+ them_in->sin_port=htons((unsigned short)port); -+#ifndef BIT_FIELD_LIMITS -+ memcpy(&them_in->sin_addr.s_addr, ip, 4); -+#else -+ memcpy(&them_in->sin_addr, ip, 4); -+#endif -+ } -+ else -+#if OPENSSL_USE_IPV6 -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in6); -+ them_in6->sin6_family=AF_INET6; -+ them_in6->sin6_port=htons((unsigned short)port); -+ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr)); -+ } -+#else -+ return(0); -+#endif - - if (type == SOCK_STREAM) -- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); -+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL); - else /* ( type == SOCK_DGRAM) */ -- s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP); -+ s=socket(domain,SOCK_DGRAM,IPPROTO_UDP); - - if (s == INVALID_SOCKET) { perror("socket"); return(0); } - -@@ -277,29 +315,27 @@ - if (i < 0) { perror("keepalive"); return(0); } - } - #endif -- -- if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1) -+ if (connect(s,(struct sockaddr *)&them,addr_len) == -1) - { closesocket(s); perror("connect"); return(0); } - *sock=s; - return(1); - } - --int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context) -+int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6) - { - int sock; - char *name = NULL; - int accept_socket = 0; - int i; - -- if (!init_server(&accept_socket,port,type)) return(0); -- -+ if (!init_server(&accept_socket,port,type, use_ipv4, use_ipv6)) return(0); - if (ret != NULL) - { - *ret=accept_socket; - /* return(1);*/ - } -- for (;;) -- { -+ for (;;) -+ { - if (type==SOCK_STREAM) - { - if (do_accept(accept_socket,&sock,&name) == 0) -@@ -322,41 +358,88 @@ - } - } - --static int init_server_long(int *sock, int port, char *ip, int type) -+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6) - { - int ret=0; -+ int domain; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage server; -+ struct sockaddr_in *server_in = (struct sockaddr_in *)&server; -+ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server; -+#else - struct sockaddr_in server; -+ struct sockaddr_in *server_in = &server; -+#endif -+ socklen_t addr_len; - int s= -1; - -+ if (!use_ipv4 && !use_ipv6) -+ goto err; -+#if OPENSSL_USE_IPV6 -+ /* we are fine here */ -+#else -+ if (use_ipv6) -+ goto err; -+#endif - if (!ssl_sock_init()) return(0); - -- memset((char *)&server,0,sizeof(server)); -- server.sin_family=AF_INET; -- server.sin_port=htons((unsigned short)port); -- if (ip == NULL) -- server.sin_addr.s_addr=INADDR_ANY; -- else --/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ --#ifndef BIT_FIELD_LIMITS -- memcpy(&server.sin_addr.s_addr,ip,4); -+#if OPENSSL_USE_IPV6 -+ domain = use_ipv6 ? AF_INET6 : AF_INET; - #else -- memcpy(&server.sin_addr,ip,4); -+ domain = AF_INET; - #endif -- -- if (type == SOCK_STREAM) -- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); -- else /* type == SOCK_DGRAM */ -- s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP); -+ if (type == SOCK_STREAM) -+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL); -+ else /* type == SOCK_DGRAM */ -+ s=socket(domain, SOCK_DGRAM,IPPROTO_UDP); - - if (s == INVALID_SOCKET) goto err; - #if defined SOL_SOCKET && defined SO_REUSEADDR -+ { -+ int j = 1; -+ setsockopt(s, SOL_SOCKET, SO_REUSEADDR, -+ (void *) &j, sizeof j); -+ } -+#endif -+#if OPENSSL_USE_IPV6 -+ if ((use_ipv4 == 0) && (use_ipv6 == 1)) - { -- int j = 1; -- setsockopt(s, SOL_SOCKET, SO_REUSEADDR, -- (void *) &j, sizeof j); -+ const int on = 1; -+ -+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, -+ (const void *) &on, sizeof(int)); - } - #endif -- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1) -+ if (domain == AF_INET) -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in); -+ memset(server_in, 0, sizeof(struct sockaddr_in)); -+ server_in->sin_family=AF_INET; -+ server_in->sin_port = htons((unsigned short)port); -+ if (ip == NULL) -+ server_in->sin_addr.s_addr = htonl(INADDR_ANY); -+ else -+/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ -+#ifndef BIT_FIELD_LIMITS -+ memcpy(&server_in->sin_addr.s_addr, ip, 4); -+#else -+ memcpy(&server_in->sin_addr, ip, 4); -+#endif -+ } -+#if OPENSSL_USE_IPV6 -+ else -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in6); -+ memset(server_in6, 0, sizeof(struct sockaddr_in6)); -+ server_in6->sin6_family = AF_INET6; -+ server_in6->sin6_port = htons((unsigned short)port); -+ if (ip == NULL) -+ server_in6->sin6_addr = in6addr_any; -+ else -+ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr)); -+ } -+#endif -+ if (bind(s, (struct sockaddr *)&server, addr_len) == -1) - { - #ifndef OPENSSL_SYS_WINDOWS - perror("bind"); -@@ -375,16 +458,23 @@ - return(ret); - } - --static int init_server(int *sock, int port, int type) -+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6) - { -- return(init_server_long(sock, port, NULL, type)); -+ return(init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6)); - } - - static int do_accept(int acc_sock, int *sock, char **host) - { - int ret; - struct hostent *h1,*h2; -- static struct sockaddr_in from; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage from; -+ struct sockaddr_in *from_in = (struct sockaddr_in *)&from; -+ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from; -+#else -+ struct sockaddr_in from; -+ struct sockaddr_in *from_in = &from; -+#endif - int len; - /* struct linger ling; */ - -@@ -431,13 +521,23 @@ - */ - - if (host == NULL) goto end; -+#if OPENSSL_USE_IPV6 -+ if (from.ss_family == AF_INET) -+#else -+ if (from.sin_family == AF_INET) -+#endif - #ifndef BIT_FIELD_LIMITS -- /* I should use WSAAsyncGetHostByName() under windows */ -- h1=gethostbyaddr((char *)&from.sin_addr.s_addr, -- sizeof(from.sin_addr.s_addr),AF_INET); -+ /* I should use WSAAsyncGetHostByName() under windows */ -+ h1=gethostbyaddr((char *)&from_in->sin_addr.s_addr, -+ sizeof(from_in->sin_addr.s_addr), AF_INET); - #else -- h1=gethostbyaddr((char *)&from.sin_addr, -- sizeof(struct in_addr),AF_INET); -+ h1=gethostbyaddr((char *)&from_in->sin_addr, -+ sizeof(struct in_addr), AF_INET); -+#endif -+#if OPENSSL_USE_IPV6 -+ else -+ h1=gethostbyaddr((char *)&from_in6->sin6_addr, -+ sizeof(struct in6_addr), AF_INET6); - #endif - if (h1 == NULL) - { -@@ -454,15 +554,23 @@ - } - BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1); - -- h2=GetHostByName(*host); -+#if OPENSSL_USE_IPV6 -+ h2=GetHostByName(*host, from.ss_family); -+#else -+ h2=GetHostByName(*host, from.sin_family); -+#endif - if (h2 == NULL) - { - BIO_printf(bio_err,"gethostbyname failure\n"); - return(0); - } -- if (h2->h_addrtype != AF_INET) -+#if OPENSSL_USE_IPV6 -+ if (h2->h_addrtype != from.ss_family) -+#else -+ if (h2->h_addrtype != from.sin_family) -+#endif - { -- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); -+ BIO_printf(bio_err,"gethostbyname addr address is not correct\n"); - return(0); - } - } -@@ -477,7 +585,7 @@ - char *h,*p; - - h=str; -- p=strchr(str,':'); -+ p=strrchr(str,':'); - if (p == NULL) - { - BIO_printf(bio_err,"no port defined\n"); -@@ -485,7 +593,7 @@ - } - *(p++)='\0'; - -- if ((ip != NULL) && !host_ip(str,ip)) -+ if ((ip != NULL) && !host_ip(str,ip,AF_INET)) - goto err; - if (host_ptr != NULL) *host_ptr=h; - -@@ -496,48 +604,58 @@ - return(0); - } - --static int host_ip(char *str, unsigned char ip[4]) -+static int host_ip(char *str, unsigned char *ip, int domain) - { -- unsigned int in[4]; -+ unsigned int in[4]; -+ unsigned long l; - int i; - -- if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4) -+ if ((domain == AF_INET) && -+ (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)) - { -+ - for (i=0; i<4; i++) - if (in[i] > 255) - { - BIO_printf(bio_err,"invalid IP address\n"); - goto err; - } -- ip[0]=in[0]; -- ip[1]=in[1]; -- ip[2]=in[2]; -- ip[3]=in[3]; -- } -+ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]); -+ memcpy(ip, &l, 4); -+ return 1; -+ } -+#if OPENSSL_USE_IPV6 -+ else if ((domain == AF_INET6) && -+ (inet_pton(AF_INET6, str, ip) == 1)) -+ return 1; -+#endif - else - { /* do a gethostbyname */ - struct hostent *he; - - if (!ssl_sock_init()) return(0); - -- he=GetHostByName(str); -+ he=GetHostByName(str,domain); - if (he == NULL) - { - BIO_printf(bio_err,"gethostbyname failure\n"); - goto err; - } - /* cast to short because of win16 winsock definition */ -- if ((short)he->h_addrtype != AF_INET) -+ if ((short)he->h_addrtype != domain) - { -- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); -+ BIO_printf(bio_err,"gethostbyname addr family is not correct\n"); - return(0); - } -- ip[0]=he->h_addr_list[0][0]; -- ip[1]=he->h_addr_list[0][1]; -- ip[2]=he->h_addr_list[0][2]; -- ip[3]=he->h_addr_list[0][3]; -+ if (domain == AF_INET) -+ memset(ip, 0, 4); -+#if OPENSSL_USE_IPV6 -+ else -+ memset(ip, 0, 16); -+#endif -+ memcpy(ip, he->h_addr_list[0], he->h_length); -+ return 1; - } -- return(1); - err: - return(0); - } -@@ -574,7 +692,7 @@ - static unsigned long ghbn_hits=0L; - static unsigned long ghbn_miss=0L; - --static struct hostent *GetHostByName(char *name) -+static struct hostent *GetHostByName(char *name, int domain) - { - struct hostent *ret; - int i,lowi=0; -@@ -589,14 +707,20 @@ - } - if (ghbn_cache[i].order > 0) - { -- if (strncmp(name,ghbn_cache[i].name,128) == 0) -+ if ((strncmp(name,ghbn_cache[i].name,128) == 0) && -+ (ghbn_cache[i].ent.h_addrtype == domain)) - break; - } - } - if (i == GHBN_NUM) /* no hit*/ - { - ghbn_miss++; -- ret=gethostbyname(name); -+ if (domain == AF_INET) -+ ret=gethostbyname(name); -+#if OPENSSL_USE_IPV6 -+ else -+ ret=gethostbyname2(name, AF_INET6); -+#endif - if (ret == NULL) return(NULL); - /* else add to cache */ - if(strlen(name) < sizeof ghbn_cache[0].name) diff --git a/dev-libs/openssl/files/openssl-1.0.1e-perl-5.18.patch b/dev-libs/openssl/files/openssl-1.0.1e-perl-5.18.patch deleted file mode 100644 index 6427c53599..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1e-perl-5.18.patch +++ /dev/null @@ -1,375 +0,0 @@ -https://bugs.gentoo.org/483820 - -Submitted By: Martin Ward -Date: 2013-06-18 -Initial Package Version: 1.0.1e -Upstream Status: Unknown -Origin: self, based on fedora -Description: Fixes install with perl-5.18. - ---- openssl-1.0.1e.orig/doc/apps/cms.pod -+++ openssl-1.0.1e/doc/apps/cms.pod -@@ -450,28 +450,28 @@ - - =over 4 - --=item 0 -+=item C<0> - - the operation was completely successfully. - --=item 1 -+=item C<1> - - an error occurred parsing the command options. - --=item 2 -+=item C<2> - - one of the input files could not be read. - --=item 3 -+=item C<3> - - an error occurred creating the CMS file or when reading the MIME - message. - --=item 4 -+=item C<4> - - an error occurred decrypting or verifying the message. - --=item 5 -+=item C<5> - - the message was verified correctly but an error occurred writing out - the signers certificates. ---- openssl-1.0.1e.orig/doc/apps/smime.pod -+++ openssl-1.0.1e/doc/apps/smime.pod -@@ -308,28 +308,28 @@ - - =over 4 - --=item 0 -+=item C<0> - - the operation was completely successfully. - --=item 1 -+=item C<1> - - an error occurred parsing the command options. - --=item 2 -+=item C<2> - - one of the input files could not be read. - --=item 3 -+=item C<3> - - an error occurred creating the PKCS#7 file or when reading the MIME - message. - --=item 4 -+=item C<4> - - an error occurred decrypting or verifying the message. - --=item 5 -+=item C<5> - - the message was verified correctly but an error occurred writing out - the signers certificates. ---- openssl-1.0.1e.orig/doc/crypto/X509_STORE_CTX_get_error.pod -+++ openssl-1.0.1e/doc/crypto/X509_STORE_CTX_get_error.pod -@@ -278,6 +278,8 @@ - an application specific error. This will never be returned unless explicitly - set by an application. - -+=back -+ - =head1 NOTES - - The above functions should be used instead of directly referencing the fields ---- openssl-1.0.1e.orig/doc/ssl/SSL_accept.pod -+++ openssl-1.0.1e/doc/ssl/SSL_accept.pod -@@ -44,12 +44,12 @@ - - =over 4 - --=item 1 -+=item C<1> - - The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been - established. - --=item 0 -+=item C<0> - - The TLS/SSL handshake was not successful but was shut down controlled and - by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the ---- openssl-1.0.1e.orig/doc/ssl/SSL_clear.pod -+++ openssl-1.0.1e/doc/ssl/SSL_clear.pod -@@ -56,12 +56,12 @@ - - =over 4 - --=item 0 -+=item C<0> - - The SSL_clear() operation could not be performed. Check the error stack to - find out the reason. - --=item 1 -+=item C<1> - - The SSL_clear() operation was successful. - ---- openssl-1.0.1e.orig/doc/ssl/SSL_COMP_add_compression_method.pod -+++ openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod -@@ -53,11 +53,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation succeeded. - --=item 1 -+=item C<1> - - The operation failed. Check the error queue to find out the reason. - ---- openssl-1.0.1e.orig/doc/ssl/SSL_connect.pod -+++ openssl-1.0.1e/doc/ssl/SSL_connect.pod -@@ -41,12 +41,12 @@ - - =over 4 - --=item 1 -+=item C<1> - - The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been - established. - --=item 0 -+=item C<0> - - The TLS/SSL handshake was not successful but was shut down controlled and - by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the ---- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_add_session.pod -+++ openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod -@@ -52,13 +52,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation failed. In case of the add operation, it was tried to add - the same (identical) session twice. In case of the remove operation, the - session was not found in the cache. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_load_verify_locations.pod -+++ openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod -@@ -100,13 +100,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation failed because B and B are NULL or the - processing at one of the locations specified failed. Check the error - stack to find out the reason. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_client_CA_list.pod -+++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod -@@ -66,11 +66,11 @@ - - =over 4 - --=item 1 -+=item C<1> - - The operation succeeded. - --=item 0 -+=item C<0> - - A failure while manipulating the STACK_OF(X509_NAME) object occurred or - the X509_NAME could not be extracted from B. Check the error stack ---- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_session_id_context.pod -+++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod -@@ -64,13 +64,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The length B of the session id context B exceeded - the maximum allowed length of B. The error - is logged to the error stack. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_ssl_version.pod -+++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod -@@ -42,11 +42,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - The new choice failed, check the error stack to find out the reason. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_use_psk_identity_hint.pod -+++ openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod -@@ -81,6 +81,8 @@ - - Return values from the server callback are interpreted as follows: - -+=over -+ - =item > 0 - - PSK identity was found and the server callback has provided the PSK -@@ -94,9 +96,11 @@ - connection will fail with decryption_error before it will be finished - completely. - --=item 0 -+=item C<0> - - PSK identity was not found. An "unknown_psk_identity" alert message - will be sent and the connection setup fails. - -+=back -+ - =cut ---- openssl-1.0.1e.orig/doc/ssl/SSL_do_handshake.pod -+++ openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod -@@ -45,12 +45,12 @@ - - =over 4 - --=item 1 -+=item C<1> - - The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been - established. - --=item 0 -+=item C<0> - - The TLS/SSL handshake was not successful but was shut down controlled and - by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the ---- openssl-1.0.1e.orig/doc/ssl/SSL_read.pod -+++ openssl-1.0.1e/doc/ssl/SSL_read.pod -@@ -86,7 +86,7 @@ - The read operation was successful; the return value is the number of - bytes actually read from the TLS/SSL connection. - --=item 0 -+=item C<0> - - The read operation was not successful. The reason may either be a clean - shutdown due to a "close notify" alert sent by the peer (in which case ---- openssl-1.0.1e.orig/doc/ssl/SSL_session_reused.pod -+++ openssl-1.0.1e/doc/ssl/SSL_session_reused.pod -@@ -27,11 +27,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - A new session was negotiated. - --=item 1 -+=item C<1> - - A session was reused. - ---- openssl-1.0.1e.orig/doc/ssl/SSL_set_fd.pod -+++ openssl-1.0.1e/doc/ssl/SSL_set_fd.pod -@@ -35,11 +35,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation failed. Check the error stack to find out why. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.1e.orig/doc/ssl/SSL_set_session.pod -+++ openssl-1.0.1e/doc/ssl/SSL_set_session.pod -@@ -37,11 +37,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation failed; check the error stack to find out the reason. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.1e.orig/doc/ssl/SSL_shutdown.pod -+++ openssl-1.0.1e/doc/ssl/SSL_shutdown.pod -@@ -92,12 +92,12 @@ - - =over 4 - --=item 1 -+=item C<1> - - The shutdown was successfully completed. The "close notify" alert was sent - and the peer's "close notify" alert was received. - --=item 0 -+=item C<0> - - The shutdown is not yet finished. Call SSL_shutdown() for a second time, - if a bidirectional shutdown shall be performed. ---- openssl-1.0.1e.orig/doc/ssl/SSL_write.pod -+++ openssl-1.0.1e/doc/ssl/SSL_write.pod -@@ -79,7 +79,7 @@ - The write operation was successful, the return value is the number of - bytes actually written to the TLS/SSL connection. - --=item 0 -+=item C<0> - - The write operation was not successful. Probably the underlying connection - was closed. Call SSL_get_error() with the return value B to find out, diff --git a/dev-libs/openssl/files/openssl-1.0.1e-rdrand-explicit.patch b/dev-libs/openssl/files/openssl-1.0.1e-rdrand-explicit.patch deleted file mode 100644 index 8c414a42ee..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1e-rdrand-explicit.patch +++ /dev/null @@ -1,28 +0,0 @@ -https://chromium-review.googlesource.com/181001 - -From 8a1956f3eac8b164f8c741ff1a259008bab3bac1 Mon Sep 17 00:00:00 2001 -From: "Dr. Stephen Henson" -Date: Wed, 11 Dec 2013 14:45:12 +0000 -Subject: [PATCH] Don't use rdrand engine as default unless explicitly - requested. (cherry picked from commit - 16898401bd47a153fbf799127ff57fdcfcbd324f) - ---- - crypto/engine/eng_rdrand.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/crypto/engine/eng_rdrand.c b/crypto/engine/eng_rdrand.c -index a9ba5ae..4e9e91d 100644 ---- a/crypto/engine/eng_rdrand.c -+++ b/crypto/engine/eng_rdrand.c -@@ -104,6 +104,7 @@ static int bind_helper(ENGINE *e) - { - if (!ENGINE_set_id(e, engine_e_rdrand_id) || - !ENGINE_set_name(e, engine_e_rdrand_name) || -+ !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) || - !ENGINE_set_init_function(e, rdrand_init) || - !ENGINE_set_RAND(e, &rdrand_meth) ) - return 0; --- -1.8.4.3 - diff --git a/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch b/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch deleted file mode 100644 index 03e4f59989..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch +++ /dev/null @@ -1,18 +0,0 @@ -https://bugs.gentoo.org/472584 -http://rt.openssl.org/Ticket/Display.html?id=2387&user=guest&pass=guest - -fix verification handling in s_client. when loading paths, make sure -we properly fallback to setting the default paths. - ---- a/apps/s_client.c -+++ b/apps/s_client.c -@@ -899,7 +899,7 @@ - if (!set_cert_key_stuff(ctx,cert,key)) - goto end; - -- if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || -+ if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) && - (!SSL_CTX_set_default_verify_paths(ctx))) - { - /* BIO_printf(bio_err,"error setting default verify locations\n"); */ - diff --git a/dev-libs/openssl/files/openssl-1.0.1e-tls-ver-crash.patch b/dev-libs/openssl/files/openssl-1.0.1e-tls-ver-crash.patch deleted file mode 100644 index 034da7d414..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1e-tls-ver-crash.patch +++ /dev/null @@ -1,34 +0,0 @@ -https://bugs.gentoo.org/494816 -https://bugzilla.redhat.com/show_bug.cgi?id=1045363 -http://rt.openssl.org/Ticket/Display.html?id=3200&user=guest&pass=guest - -From ca989269a2876bae79393bd54c3e72d49975fc75 Mon Sep 17 00:00:00 2001 -From: "Dr. Stephen Henson" -Date: Thu, 19 Dec 2013 14:37:39 +0000 -Subject: [PATCH] Use version in SSL_METHOD not SSL structure. - -When deciding whether to use TLS 1.2 PRF and record hash algorithms -use the version number in the corresponding SSL_METHOD structure -instead of the SSL structure. The SSL structure version is sometimes -inaccurate. Note: OpenSSL 1.0.2 and later effectively do this already. -(CVE-2013-6449) ---- - ssl/s3_lib.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c -index bf832bb..c4ef273 100644 ---- a/ssl/s3_lib.c -+++ b/ssl/s3_lib.c -@@ -4286,7 +4286,7 @@ need to go to SSL_ST_ACCEPT. - long ssl_get_algorithm2(SSL *s) - { - long alg2 = s->s3->tmp.new_cipher->algorithm2; -- if (TLS1_get_version(s) >= TLS1_2_VERSION && -+ if (s->method->version == TLS1_2_VERSION && - alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF)) - return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; - return alg2; --- -1.8.4.3 - diff --git a/dev-libs/openssl/files/openssl-1.0.1f-perl-5.18.patch b/dev-libs/openssl/files/openssl-1.0.1f-perl-5.18.patch deleted file mode 100644 index c662096377..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1f-perl-5.18.patch +++ /dev/null @@ -1,356 +0,0 @@ -Forward-ported from openssl-1.0.1e-perl-5.18.patch -Fixes install with perl-5.18. - -https://bugs.gentoo.org/show_bug.cgi?id=497286 - -Signed-off-by: Lars Wendler - ---- openssl-1.0.1f/doc/apps/cms.pod -+++ openssl-1.0.1f/doc/apps/cms.pod -@@ -450,28 +450,28 @@ - - =over 4 - --=item 0 -+=item C<0> - - the operation was completely successfully. - --=item 1 -+=item C<1> - - an error occurred parsing the command options. - --=item 2 -+=item C<2> - - one of the input files could not be read. - --=item 3 -+=item C<3> - - an error occurred creating the CMS file or when reading the MIME - message. - --=item 4 -+=item C<4> - - an error occurred decrypting or verifying the message. - --=item 5 -+=item C<5> - - the message was verified correctly but an error occurred writing out - the signers certificates. ---- openssl-1.0.1f/doc/apps/smime.pod -+++ openssl-1.0.1f/doc/apps/smime.pod -@@ -308,28 +308,28 @@ - - =over 4 - --=item 0 -+=item C<0> - - the operation was completely successfully. - --=item 1 -+=item C<1> - - an error occurred parsing the command options. - --=item 2 -+=item C<2> - - one of the input files could not be read. - --=item 3 -+=item C<3> - - an error occurred creating the PKCS#7 file or when reading the MIME - message. - --=item 4 -+=item C<4> - - an error occurred decrypting or verifying the message. - --=item 5 -+=item C<5> - - the message was verified correctly but an error occurred writing out - the signers certificates. ---- openssl-1.0.1f/doc/ssl/SSL_accept.pod -+++ openssl-1.0.1f/doc/ssl/SSL_accept.pod -@@ -44,13 +44,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The TLS/SSL handshake was not successful but was shut down controlled and - by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the - return value B to find out the reason. - --=item 1 -+=item C<1> - - The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been - established. ---- openssl-1.0.1f/doc/ssl/SSL_clear.pod -+++ openssl-1.0.1f/doc/ssl/SSL_clear.pod -@@ -56,12 +56,12 @@ - - =over 4 - --=item 0 -+=item C<0> - - The SSL_clear() operation could not be performed. Check the error stack to - find out the reason. - --=item 1 -+=item C<1> - - The SSL_clear() operation was successful. - ---- openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod -+++ openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod -@@ -53,11 +53,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation succeeded. - --=item 1 -+=item C<1> - - The operation failed. Check the error queue to find out the reason. - ---- openssl-1.0.1f/doc/ssl/SSL_connect.pod -+++ openssl-1.0.1f/doc/ssl/SSL_connect.pod -@@ -41,13 +41,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The TLS/SSL handshake was not successful but was shut down controlled and - by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the - return value B to find out the reason. - --=item 1 -+=item C<1> - - The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been - established. ---- openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod -+++ openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod -@@ -52,13 +52,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation failed. In case of the add operation, it was tried to add - the same (identical) session twice. In case of the remove operation, the - session was not found in the cache. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod -+++ openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod -@@ -100,13 +100,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation failed because B and B are NULL or the - processing at one of the locations specified failed. Check the error - stack to find out the reason. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod -+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod -@@ -66,13 +66,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - A failure while manipulating the STACK_OF(X509_NAME) object occurred or - the X509_NAME could not be extracted from B. Check the error stack - to find out the reason. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod -+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod -@@ -64,13 +64,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The length B of the session id context B exceeded - the maximum allowed length of B. The error - is logged to the error stack. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod -+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod -@@ -42,11 +42,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - The new choice failed, check the error stack to find out the reason. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod -+++ openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod -@@ -96,7 +96,7 @@ - connection will fail with decryption_error before it will be finished - completely. - --=item 0 -+=item C<0> - - PSK identity was not found. An "unknown_psk_identity" alert message - will be sent and the connection setup fails. ---- openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod -+++ openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod -@@ -45,13 +45,13 @@ - - =over 4 - --=item 0 -+=item C<0> - - The TLS/SSL handshake was not successful but was shut down controlled and - by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the - return value B to find out the reason. - --=item 1 -+=item C<1> - - The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been - established. ---- openssl-1.0.1f/doc/ssl/SSL_read.pod -+++ openssl-1.0.1f/doc/ssl/SSL_read.pod -@@ -86,7 +86,7 @@ - The read operation was successful; the return value is the number of - bytes actually read from the TLS/SSL connection. - --=item 0 -+=item C<0> - - The read operation was not successful. The reason may either be a clean - shutdown due to a "close notify" alert sent by the peer (in which case ---- openssl-1.0.1f/doc/ssl/SSL_session_reused.pod -+++ openssl-1.0.1f/doc/ssl/SSL_session_reused.pod -@@ -27,11 +27,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - A new session was negotiated. - --=item 1 -+=item C<1> - - A session was reused. - ---- openssl-1.0.1f/doc/ssl/SSL_set_fd.pod -+++ openssl-1.0.1f/doc/ssl/SSL_set_fd.pod -@@ -35,11 +35,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation failed. Check the error stack to find out why. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.1f/doc/ssl/SSL_set_session.pod -+++ openssl-1.0.1f/doc/ssl/SSL_set_session.pod -@@ -37,11 +37,11 @@ - - =over 4 - --=item 0 -+=item C<0> - - The operation failed; check the error stack to find out the reason. - --=item 1 -+=item C<1> - - The operation succeeded. - ---- openssl-1.0.1f/doc/ssl/SSL_shutdown.pod -+++ openssl-1.0.1f/doc/ssl/SSL_shutdown.pod -@@ -92,14 +92,14 @@ - - =over 4 - --=item 0 -+=item C<0> - - The shutdown is not yet finished. Call SSL_shutdown() for a second time, - if a bidirectional shutdown shall be performed. - The output of L may be misleading, as an - erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred. - --=item 1 -+=item C<1> - - The shutdown was successfully completed. The "close notify" alert was sent - and the peer's "close notify" alert was received. ---- openssl-1.0.1f/doc/ssl/SSL_write.pod -+++ openssl-1.0.1f/doc/ssl/SSL_write.pod -@@ -79,7 +79,7 @@ - The write operation was successful, the return value is the number of - bytes actually written to the TLS/SSL connection. - --=item 0 -+=item C<0> - - The write operation was not successful. Probably the underlying connection - was closed. Call SSL_get_error() with the return value B to find out, diff --git a/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch b/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch deleted file mode 100644 index 1a942d27eb..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch +++ /dev/null @@ -1,84 +0,0 @@ -https://bugs.gentoo.org/499086 -https://rt.openssl.org/Ticket/Display.html?id=3333&user=guest&pass=guest - -when gcc is given a .s file and told to preprocess it, it outputs nothing - -From a2976461784ce463fc7f336cd0dce607d21c2fad Mon Sep 17 00:00:00 2001 -From: Mike Frysinger -Date: Sat, 25 Jan 2014 05:44:47 -0500 -Subject: [PATCH] Revert "Make Makefiles OSF-make-friendly." - -This reverts commit d1cf23ac86c05b22b8780e2c03b67230564d2d34. ---- - crypto/Makefile | 4 +--- - crypto/bn/Makefile | 4 +--- - crypto/evp/Makefile | 2 +- - crypto/modes/Makefile | 5 +---- - crypto/sha/Makefile | 4 +--- - util/shlib_wrap.sh | 6 +----- - 6 files changed, 6 insertions(+), 19 deletions(-) - -diff --git a/crypto/Makefile b/crypto/Makefile -index b253f50..1de9d5f 100644 ---- a/crypto/Makefile -+++ b/crypto/Makefile -@@ -86,9 +86,7 @@ ia64cpuid.s: ia64cpuid.S; $(CC) $(CFLAGS) -E ia64cpuid.S > $@ - ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@ - pariscid.s: pariscid.pl; $(PERL) pariscid.pl $(PERLASM_SCHEME) $@ - alphacpuid.s: alphacpuid.pl -- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \ -- $(PERL) alphacpuid.pl > $$preproc && \ -- $(CC) -E $$preproc > $@ && rm $$preproc) -+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null - - subdirs: - @target=all; $(RECURSIVE_MAKE) -diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile -index b62b676..6c03363 100644 ---- a/crypto/bn/Makefile -+++ b/crypto/bn/Makefile -@@ -136,9 +136,7 @@ ppc-mont.s: asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@ - ppc64-mont.s: asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@ - - alpha-mont.s: asm/alpha-mont.pl -- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \ -- $(PERL) asm/alpha-mont.pl > $$preproc && \ -- $(CC) -E $$preproc > $@ && rm $$preproc) -+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null - - # GNU make "catch all" - %-mont.S: asm/%-mont.pl; $(PERL) $< $(PERLASM_SCHEME) $@ -diff --git a/crypto/modes/Makefile b/crypto/modes/Makefile -index ce0dcd6..88ac65e 100644 ---- a/crypto/modes/Makefile -+++ b/crypto/modes/Makefile -@@ -55,10 +55,7 @@ aesni-gcm-x86_64.s: asm/aesni-gcm-x86_64.pl - ghash-sparcv9.s: asm/ghash-sparcv9.pl - $(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS) - ghash-alpha.s: asm/ghash-alpha.pl -- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \ -- $(PERL) asm/ghash-alpha.pl > $$preproc && \ -- $(CC) -E $$preproc > $@ && rm $$preproc) -- -+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null - ghash-parisc.s: asm/ghash-parisc.pl - $(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@ - -diff --git a/crypto/sha/Makefile b/crypto/sha/Makefile -index 64eab6c..63fba69 100644 ---- a/crypto/sha/Makefile -+++ b/crypto/sha/Makefile -@@ -60,9 +60,7 @@ sha256-armv4.S: asm/sha256-armv4.pl - $(PERL) $< $(PERLASM_SCHEME) $@ - - sha1-alpha.s: asm/sha1-alpha.pl -- (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \ -- $(PERL) asm/sha1-alpha.pl > $$preproc && \ -- $(CC) -E $$preproc > $@ && rm $$preproc) -+ $(PERL) $< | $(CC) -E - | tee $@ > /dev/null - - # Solaris make has to be explicitly told - sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@ --- -1.8.5.3 - diff --git a/dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch b/dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch deleted file mode 100644 index 10c1ba222f..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1h-ipv6.patch +++ /dev/null @@ -1,642 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=2051&user=guest&pass=guest - -Forward ported from openssl-1.0.1e-ipv6.patch - -Signed-off-by: Lars Wendler - ---- openssl-1.0.1h/apps/s_apps.h -+++ openssl-1.0.1h/apps/s_apps.h -@@ -148,7 +148,7 @@ - #define PORT_STR "4433" - #define PROTOCOL "tcp" - --int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context); -+int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6); - #ifdef HEADER_X509_H - int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); - #endif -@@ -156,7 +156,7 @@ - int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file); - int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key); - #endif --int init_client(int *sock, char *server, int port, int type); -+int init_client(int *sock, char *server, int port, int type, int use_ipv4, int use_ipv6); - int should_retry(int i); - int extract_port(char *str, short *port_ptr); - int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p); ---- openssl-1.0.1h/apps/s_client.c -+++ openssl-1.0.1h/apps/s_client.c -@@ -285,6 +285,10 @@ - { - BIO_printf(bio_err,"usage: s_client args\n"); - BIO_printf(bio_err,"\n"); -+ BIO_printf(bio_err," -4 - use IPv4 only\n"); -+#if OPENSSL_USE_IPV6 -+ BIO_printf(bio_err," -6 - use IPv6 only\n"); -+#endif - BIO_printf(bio_err," -host host - use -connect instead\n"); - BIO_printf(bio_err," -port port - use -connect instead\n"); - BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); -@@ -568,6 +572,7 @@ - int sbuf_len,sbuf_off; - fd_set readfds,writefds; - short port=PORT; -+ int use_ipv4, use_ipv6; - int full_log=1; - char *host=SSL_HOST_NAME; - char *cert_file=NULL,*key_file=NULL; -@@ -613,7 +618,11 @@ - #endif - char *sess_in = NULL; - char *sess_out = NULL; -- struct sockaddr peer; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage peer; -+#else -+ struct sockaddr_in peer; -+#endif - int peerlen = sizeof(peer); - int enable_timeouts = 0 ; - long socket_mtu = 0; -@@ -628,6 +637,12 @@ - - meth=SSLv23_client_method(); - -+ use_ipv4 = 1; -+#if OPENSSL_USE_IPV6 -+ use_ipv6 = 1; -+#else -+ use_ipv6 = 0; -+#endif - apps_startup(); - c_Pause=0; - c_quiet=0; -@@ -949,6 +964,18 @@ - jpake_secret = *++argv; - } - #endif -+ else if (strcmp(*argv,"-4") == 0) -+ { -+ use_ipv4 = 1; -+ use_ipv6 = 0; -+ } -+#if OPENSSL_USE_IPV6 -+ else if (strcmp(*argv,"-6") == 0) -+ { -+ use_ipv4 = 0; -+ use_ipv6 = 1; -+ } -+#endif - #ifndef OPENSSL_NO_SRTP - else if (strcmp(*argv,"-use_srtp") == 0) - { -@@ -1260,7 +1287,7 @@ - - re_start: - -- if (init_client(&s,host,port,socket_type) == 0) -+ if (init_client(&s,host,port,socket_type,use_ipv4,use_ipv6) == 0) - { - BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error()); - SHUTDOWN(s); -@@ -1286,7 +1313,7 @@ - { - - sbio=BIO_new_dgram(s,BIO_NOCLOSE); -- if (getsockname(s, &peer, (void *)&peerlen) < 0) -+ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0) - { - BIO_printf(bio_err, "getsockname:errno=%d\n", - get_last_socket_error()); ---- openssl-1.0.1h/apps/s_server.c -+++ openssl-1.0.1h/apps/s_server.c -@@ -560,6 +560,10 @@ - BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); - # endif - #endif -+ BIO_printf(bio_err," -4 - use IPv4 only\n"); -+#if OPENSSL_USE_IPV6 -+ BIO_printf(bio_err," -6 - use IPv6 only\n"); -+#endif - BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); - BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); - } -@@ -947,6 +951,7 @@ - int state=0; - const SSL_METHOD *meth=NULL; - int socket_type=SOCK_STREAM; -+ int use_ipv4, use_ipv6; - ENGINE *e=NULL; - char *inrand=NULL; - int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; -@@ -975,6 +980,12 @@ - #endif - meth=SSLv23_server_method(); - -+ use_ipv4 = 1; -+#if OPENSSL_USE_IPV6 -+ use_ipv6 = 1; -+#else -+ use_ipv6 = 0; -+#endif - local_argc=argc; - local_argv=argv; - -@@ -1323,6 +1334,18 @@ - jpake_secret = *(++argv); - } - #endif -+ else if (strcmp(*argv,"-4") == 0) -+ { -+ use_ipv4 = 1; -+ use_ipv6 = 0; -+ } -+#if OPENSSL_USE_IPV6 -+ else if (strcmp(*argv,"-6") == 0) -+ { -+ use_ipv4 = 0; -+ use_ipv6 = 1; -+ } -+#endif - #ifndef OPENSSL_NO_SRTP - else if (strcmp(*argv,"-use_srtp") == 0) - { -@@ -1881,9 +1904,9 @@ - BIO_printf(bio_s_out,"ACCEPT\n"); - (void)BIO_flush(bio_s_out); - if (www) -- do_server(port,socket_type,&accept_socket,www_body, context); -+ do_server(port,socket_type,&accept_socket,www_body, context, use_ipv4, use_ipv6); - else -- do_server(port,socket_type,&accept_socket,sv_body, context); -+ do_server(port,socket_type,&accept_socket,sv_body, context, use_ipv4, use_ipv6); - print_stats(bio_s_out,ctx); - ret=0; - end: ---- openssl-1.0.1h/apps/s_socket.c -+++ openssl-1.0.1h/apps/s_socket.c -@@ -97,16 +97,16 @@ - #include "netdb.h" - #endif - --static struct hostent *GetHostByName(char *name); -+static struct hostent *GetHostByName(char *name, int domain); - #if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) - static void ssl_sock_cleanup(void); - #endif - static int ssl_sock_init(void); --static int init_client_ip(int *sock,unsigned char ip[4], int port, int type); --static int init_server(int *sock, int port, int type); --static int init_server_long(int *sock, int port,char *ip, int type); -+static int init_client_ip(int *sock,unsigned char *ip, int port, int type, int domain); -+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6); -+static int init_server_long(int *sock, int port,char *ip, int type, int use_ipv4, int use_ipv6); - static int do_accept(int acc_sock, int *sock, char **host); --static int host_ip(char *str, unsigned char ip[4]); -+static int host_ip(char *str, unsigned char *ip, int domain); - - #ifdef OPENSSL_SYS_WIN16 - #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ -@@ -234,38 +234,68 @@ - return(1); - } - --int init_client(int *sock, char *host, int port, int type) -+int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6) - { -+#if OPENSSL_USE_IPV6 -+ unsigned char ip[16]; -+#else - unsigned char ip[4]; -+#endif - -- memset(ip, '\0', sizeof ip); -- if (!host_ip(host,&(ip[0]))) -- return 0; -- return init_client_ip(sock,ip,port,type); -- } -- --static int init_client_ip(int *sock, unsigned char ip[4], int port, int type) -- { -- unsigned long addr; -+ if (use_ipv4) -+ if (host_ip(host,ip,AF_INET)) -+ return(init_client_ip(sock,ip,port,type,AF_INET)); -+#if OPENSSL_USE_IPV6 -+ if (use_ipv6) -+ if (host_ip(host,ip,AF_INET6)) -+ return(init_client_ip(sock,ip,port,type,AF_INET6)); -+#endif -+ return 0; -+ } -+ -+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain) -+ { -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage them; -+ struct sockaddr_in *them_in = (struct sockaddr_in *)&them; -+ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them; -+#else - struct sockaddr_in them; -+ struct sockaddr_in *them_in = &them; -+#endif -+ socklen_t addr_len; - int s,i; - - if (!ssl_sock_init()) return(0); - - memset((char *)&them,0,sizeof(them)); -- them.sin_family=AF_INET; -- them.sin_port=htons((unsigned short)port); -- addr=(unsigned long) -- ((unsigned long)ip[0]<<24L)| -- ((unsigned long)ip[1]<<16L)| -- ((unsigned long)ip[2]<< 8L)| -- ((unsigned long)ip[3]); -- them.sin_addr.s_addr=htonl(addr); -+ if (domain == AF_INET) -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in); -+ them_in->sin_family=AF_INET; -+ them_in->sin_port=htons((unsigned short)port); -+#ifndef BIT_FIELD_LIMITS -+ memcpy(&them_in->sin_addr.s_addr, ip, 4); -+#else -+ memcpy(&them_in->sin_addr, ip, 4); -+#endif -+ } -+ else -+#if OPENSSL_USE_IPV6 -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in6); -+ them_in6->sin6_family=AF_INET6; -+ them_in6->sin6_port=htons((unsigned short)port); -+ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr)); -+ } -+#else -+ return(0); -+#endif - - if (type == SOCK_STREAM) -- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); -+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL); - else /* ( type == SOCK_DGRAM) */ -- s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP); -+ s=socket(domain,SOCK_DGRAM,IPPROTO_UDP); - - if (s == INVALID_SOCKET) { perror("socket"); return(0); } - -@@ -277,29 +307,27 @@ - if (i < 0) { closesocket(s); perror("keepalive"); return(0); } - } - #endif -- -- if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1) -+ if (connect(s,(struct sockaddr *)&them,addr_len) == -1) - { closesocket(s); perror("connect"); return(0); } - *sock=s; - return(1); - } - --int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context) -+int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6) - { - int sock; - char *name = NULL; - int accept_socket = 0; - int i; - -- if (!init_server(&accept_socket,port,type)) return(0); -- -+ if (!init_server(&accept_socket,port,type, use_ipv4, use_ipv6)) return(0); - if (ret != NULL) - { - *ret=accept_socket; - /* return(1);*/ - } -- for (;;) -- { -+ for (;;) -+ { - if (type==SOCK_STREAM) - { - if (do_accept(accept_socket,&sock,&name) == 0) -@@ -322,41 +350,88 @@ - } - } - --static int init_server_long(int *sock, int port, char *ip, int type) -+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6) - { - int ret=0; -+ int domain; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage server; -+ struct sockaddr_in *server_in = (struct sockaddr_in *)&server; -+ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server; -+#else - struct sockaddr_in server; -+ struct sockaddr_in *server_in = &server; -+#endif -+ socklen_t addr_len; - int s= -1; - -+ if (!use_ipv4 && !use_ipv6) -+ goto err; -+#if OPENSSL_USE_IPV6 -+ /* we are fine here */ -+#else -+ if (use_ipv6) -+ goto err; -+#endif - if (!ssl_sock_init()) return(0); - -- memset((char *)&server,0,sizeof(server)); -- server.sin_family=AF_INET; -- server.sin_port=htons((unsigned short)port); -- if (ip == NULL) -- server.sin_addr.s_addr=INADDR_ANY; -- else --/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ --#ifndef BIT_FIELD_LIMITS -- memcpy(&server.sin_addr.s_addr,ip,4); -+#if OPENSSL_USE_IPV6 -+ domain = use_ipv6 ? AF_INET6 : AF_INET; - #else -- memcpy(&server.sin_addr,ip,4); -+ domain = AF_INET; - #endif -- -- if (type == SOCK_STREAM) -- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); -- else /* type == SOCK_DGRAM */ -- s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP); -+ if (type == SOCK_STREAM) -+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL); -+ else /* type == SOCK_DGRAM */ -+ s=socket(domain, SOCK_DGRAM,IPPROTO_UDP); - - if (s == INVALID_SOCKET) goto err; - #if defined SOL_SOCKET && defined SO_REUSEADDR -+ { -+ int j = 1; -+ setsockopt(s, SOL_SOCKET, SO_REUSEADDR, -+ (void *) &j, sizeof j); -+ } -+#endif -+#if OPENSSL_USE_IPV6 -+ if ((use_ipv4 == 0) && (use_ipv6 == 1)) -+ { -+ const int on = 1; -+ -+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, -+ (const void *) &on, sizeof(int)); -+ } -+#endif -+ if (domain == AF_INET) -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in); -+ memset(server_in, 0, sizeof(struct sockaddr_in)); -+ server_in->sin_family=AF_INET; -+ server_in->sin_port = htons((unsigned short)port); -+ if (ip == NULL) -+ server_in->sin_addr.s_addr = htonl(INADDR_ANY); -+ else -+/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ -+#ifndef BIT_FIELD_LIMITS -+ memcpy(&server_in->sin_addr.s_addr, ip, 4); -+#else -+ memcpy(&server_in->sin_addr, ip, 4); -+#endif -+ } -+#if OPENSSL_USE_IPV6 -+ else - { -- int j = 1; -- setsockopt(s, SOL_SOCKET, SO_REUSEADDR, -- (void *) &j, sizeof j); -+ addr_len = (socklen_t)sizeof(struct sockaddr_in6); -+ memset(server_in6, 0, sizeof(struct sockaddr_in6)); -+ server_in6->sin6_family = AF_INET6; -+ server_in6->sin6_port = htons((unsigned short)port); -+ if (ip == NULL) -+ server_in6->sin6_addr = in6addr_any; -+ else -+ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr)); - } - #endif -- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1) -+ if (bind(s, (struct sockaddr *)&server, addr_len) == -1) - { - #ifndef OPENSSL_SYS_WINDOWS - perror("bind"); -@@ -375,16 +450,23 @@ - return(ret); - } - --static int init_server(int *sock, int port, int type) -+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6) - { -- return(init_server_long(sock, port, NULL, type)); -+ return(init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6)); - } - - static int do_accept(int acc_sock, int *sock, char **host) - { - int ret; - struct hostent *h1,*h2; -- static struct sockaddr_in from; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage from; -+ struct sockaddr_in *from_in = (struct sockaddr_in *)&from; -+ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from; -+#else -+ struct sockaddr_in from; -+ struct sockaddr_in *from_in = &from; -+#endif - int len; - /* struct linger ling; */ - -@@ -431,13 +513,23 @@ - */ - - if (host == NULL) goto end; -+#if OPENSSL_USE_IPV6 -+ if (from.ss_family == AF_INET) -+#else -+ if (from.sin_family == AF_INET) -+#endif - #ifndef BIT_FIELD_LIMITS -- /* I should use WSAAsyncGetHostByName() under windows */ -- h1=gethostbyaddr((char *)&from.sin_addr.s_addr, -- sizeof(from.sin_addr.s_addr),AF_INET); -+ /* I should use WSAAsyncGetHostByName() under windows */ -+ h1=gethostbyaddr((char *)&from_in->sin_addr.s_addr, -+ sizeof(from_in->sin_addr.s_addr), AF_INET); - #else -- h1=gethostbyaddr((char *)&from.sin_addr, -- sizeof(struct in_addr),AF_INET); -+ h1=gethostbyaddr((char *)&from_in->sin_addr, -+ sizeof(struct in_addr), AF_INET); -+#endif -+#if OPENSSL_USE_IPV6 -+ else -+ h1=gethostbyaddr((char *)&from_in6->sin6_addr, -+ sizeof(struct in6_addr), AF_INET6); - #endif - if (h1 == NULL) - { -@@ -455,16 +547,25 @@ - } - BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1); - -- h2=GetHostByName(*host); -+#if OPENSSL_USE_IPV6 -+ h2=GetHostByName(*host, from.ss_family); -+#else -+ h2=GetHostByName(*host, from.sin_family); -+#endif -+ - if (h2 == NULL) - { - BIO_printf(bio_err,"gethostbyname failure\n"); - closesocket(ret); - return(0); - } -- if (h2->h_addrtype != AF_INET) -+#if OPENSSL_USE_IPV6 -+ if (h2->h_addrtype != from.ss_family) -+#else -+ if (h2->h_addrtype != from.sin_family) -+#endif - { -- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); -+ BIO_printf(bio_err,"gethostbyname addr address is not correct\n"); - closesocket(ret); - return(0); - } -@@ -480,7 +581,7 @@ - char *h,*p; - - h=str; -- p=strchr(str,':'); -+ p=strrchr(str,':'); - if (p == NULL) - { - BIO_printf(bio_err,"no port defined\n"); -@@ -488,7 +589,7 @@ - } - *(p++)='\0'; - -- if ((ip != NULL) && !host_ip(str,ip)) -+ if ((ip != NULL) && !host_ip(str,ip,AF_INET)) - goto err; - if (host_ptr != NULL) *host_ptr=h; - -@@ -499,48 +600,58 @@ - return(0); - } - --static int host_ip(char *str, unsigned char ip[4]) -+static int host_ip(char *str, unsigned char *ip, int domain) - { -- unsigned int in[4]; -+ unsigned int in[4]; -+ unsigned long l; - int i; - -- if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4) -+ if ((domain == AF_INET) && -+ (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)) - { -+ - for (i=0; i<4; i++) - if (in[i] > 255) - { - BIO_printf(bio_err,"invalid IP address\n"); - goto err; - } -- ip[0]=in[0]; -- ip[1]=in[1]; -- ip[2]=in[2]; -- ip[3]=in[3]; -- } -+ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]); -+ memcpy(ip, &l, 4); -+ return 1; -+ } -+#if OPENSSL_USE_IPV6 -+ else if ((domain == AF_INET6) && -+ (inet_pton(AF_INET6, str, ip) == 1)) -+ return 1; -+#endif - else - { /* do a gethostbyname */ - struct hostent *he; - - if (!ssl_sock_init()) return(0); - -- he=GetHostByName(str); -+ he=GetHostByName(str,domain); - if (he == NULL) - { - BIO_printf(bio_err,"gethostbyname failure\n"); - goto err; - } - /* cast to short because of win16 winsock definition */ -- if ((short)he->h_addrtype != AF_INET) -+ if ((short)he->h_addrtype != domain) - { -- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); -+ BIO_printf(bio_err,"gethostbyname addr family is not correct\n"); - return(0); - } -- ip[0]=he->h_addr_list[0][0]; -- ip[1]=he->h_addr_list[0][1]; -- ip[2]=he->h_addr_list[0][2]; -- ip[3]=he->h_addr_list[0][3]; -+ if (domain == AF_INET) -+ memset(ip, 0, 4); -+#if OPENSSL_USE_IPV6 -+ else -+ memset(ip, 0, 16); -+#endif -+ memcpy(ip, he->h_addr_list[0], he->h_length); -+ return 1; - } -- return(1); - err: - return(0); - } -@@ -577,7 +688,7 @@ - static unsigned long ghbn_hits=0L; - static unsigned long ghbn_miss=0L; - --static struct hostent *GetHostByName(char *name) -+static struct hostent *GetHostByName(char *name, int domain) - { - struct hostent *ret; - int i,lowi=0; -@@ -592,14 +703,20 @@ - } - if (ghbn_cache[i].order > 0) - { -- if (strncmp(name,ghbn_cache[i].name,128) == 0) -+ if ((strncmp(name,ghbn_cache[i].name,128) == 0) && -+ (ghbn_cache[i].ent.h_addrtype == domain)) - break; - } - } - if (i == GHBN_NUM) /* no hit*/ - { - ghbn_miss++; -- ret=gethostbyname(name); -+ if (domain == AF_INET) -+ ret=gethostbyname(name); -+#if OPENSSL_USE_IPV6 -+ else -+ ret=gethostbyname2(name, AF_INET6); -+#endif - if (ret == NULL) return(NULL); - /* else add to cache */ - if(strlen(name) < sizeof ghbn_cache[0].name) diff --git a/dev-libs/openssl/files/openssl-1.0.1k-aix-soname.patch b/dev-libs/openssl/files/openssl-1.0.1k-aix-soname.patch deleted file mode 100644 index 50c11d1c47..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1k-aix-soname.patch +++ /dev/null @@ -1,76 +0,0 @@ ---- Configure -+++ Configure -@@ -933,6 +933,10 @@ - { - $cross_compile_prefix=$1; - } -+ elsif (/^--with-aix-soname=(aix|both|svr4)$/) -+ { -+ $withargs{"aix-soname"}=$1; -+ } - else - { - print STDERR $usage; -@@ -1386,6 +1390,10 @@ - $no_shared_warn = 1 if !$no_shared; - $no_shared = 1; - } -+elsif ($shared_target eq "aix-shared" && defined($withargs{"aix-soname"})) -+ { -+ $shared_target .= "-" . $withargs{"aix-soname"}; -+ } - if (!$no_shared) - { - if ($shared_cflag ne "") ---- Makefile.shared -+++ Makefile.shared -@@ -545,6 +545,38 @@ - NOALLSYMSFLAGS=''; \ - SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-bexpall,-bnolibpath,-bM:SRE'; \ - $(LINK_SO_O); -+link_a.aix.svr4: -+ @ $(CALC_VERSIONS); \ -+ OBJECT_MODE=`expr "x$(SHARED_LDFLAGS)" : 'x\-[a-z]*\(64\)'` || : ; \ -+ OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \ -+ SHLIB=lib$(LIBNAME).so; \ -+ SHLIB_SUFFIX=; \ -+ test "$$OBJECT_MODE" = 64 && shr='shr_64' || shr='shr'; \ -+ shrexp=$$SHLIB$$SHLIB_SOVER.d/$$shr.exp; \ -+ shrimp=$$SHLIB$$SHLIB_SOVER.d/$$shr.imp; \ -+ ALLSYMSFLAGS="-Wl,-bexport:$$shrexp"; \ -+ NOALLSYMSFLAGS=''; \ -+ SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-G,-bernotok,-bsymbolic,-bnolibpath'; \ -+ NM='$(NM)'; : $${NM:=nm}; \ -+ AR='$(AR)'; : $${AR:=ar r}; \ -+ STRIP='$(STRIP)'; : $${STRIP:=strip}; \ -+ SHOBJECTS="lib$(LIBNAME).a $(LIBEXTRAS)"; \ -+ ( rm -rf $$SHLIB$$SHLIB_SOVER.d && \ -+ mkdir $$SHLIB$$SHLIB_SOVER.d && \ -+ $${NM} -PCpgl $$SHOBJECTS \ -+ | awk '{ \ -+ if ((($$ 2 == "T") || ($$ 2 == "D") || ($$ 2 == "B") || ($$ 2 == "W") || ($$ 2 == "V") || ($$ 2 == "Z")) && (substr($$ 1, 1, 1) != ".")) { \ -+ if (($$ 2 == "W") || ($$ 2 == "V") || ($$ 2 == "Z")) { print $$ 1 " weak" } else { print $$ 1 } \ -+ } }' \ -+ | sort -u > $$shrexp && \ -+ { echo "#! $$SHLIB$$SHLIB_SOVER($$shr.o)"; echo "# $$OBJECT_MODE"; cat $$shrexp; } > $$shrimp && \ -+ INHIBIT_SYMLINKS=1; \ -+ SHLIB_SUFFIX=".d/$$shr.o"; \ -+ $(LINK_SO) && \ -+ $${STRIP} -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX && \ -+ $${AR} $$SHLIB$$SHLIB_SOVER $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX $$shrimp && \ -+ rm -rf $$SHLIB$$SHLIB_SOVER.d \ -+ ) && $(SYMLINK_SO) - link_a.aix: - @ $(CALC_VERSIONS); \ - OBJECT_MODE=`expr "x$(SHARED_LDFLAGS)" : 'x\-[a-z]*\(64\)'` || : ; \ -@@ -649,6 +681,10 @@ - link_a.aix-shared: link_a.aix - link_app.aix-shared: link_app.aix - symlink.aix-shared: symlink.aix -+link_o.aix-shared-svr4: link_o.aix -+link_a.aix-shared-svr4: link_a.aix.svr4 -+link_app.aix-shared-svr4: link_app.aix -+symlink.aix-shared-svr4: symlink.aix - link_o.reliantunix-shared: link_o.reliantunix - link_a.reliantunix-shared: link_a.reliantunix - link_app.reliantunix-shared: link_app.reliantunix diff --git a/dev-libs/openssl/files/openssl-1.0.1p-default-source.patch b/dev-libs/openssl/files/openssl-1.0.1p-default-source.patch deleted file mode 100644 index 73029985ae..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.1p-default-source.patch +++ /dev/null @@ -1,30 +0,0 @@ -https://bugs.gentoo.org/554338 -https://rt.openssl.org/Ticket/Display.html?id=3934&user=guest&pass=guest - -From 7c2e97f8bbae517496fdc11f475b4ae54b2534f5 Mon Sep 17 00:00:00 2001 -From: Mike Frysinger -Date: Fri, 10 Jul 2015 01:50:52 -0400 -Subject: [PATCH] test: use _DEFAULT_SOURCE with newer glibc versions - -The _BSD_SOURCE macro is replaced by the _DEFAULT_SOURCE macro. Using -just the former with newer versions leads to a build time warning, so -make sure to use the new macro too. ---- - ssl/ssltest.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/ssl/ssltest.c b/ssl/ssltest.c -index 26cf96c..b36f667 100644 ---- a/ssl/ssltest.c -+++ b/ssl/ssltest.c -@@ -141,6 +141,7 @@ - */ - - /* Or gethostname won't be declared properly on Linux and GNU platforms. */ -+#define _DEFAULT_SOURCE 1 - #define _BSD_SOURCE 1 - - #include --- -2.4.4 - diff --git a/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0209.patch b/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0209.patch deleted file mode 100644 index 6d396b42be..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0209.patch +++ /dev/null @@ -1,49 +0,0 @@ -https://bugs.gentoo.org/541502 - -From 1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Mon, 9 Feb 2015 11:38:41 +0000 -Subject: [PATCH] Fix a failure to NULL a pointer freed on error. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Inspired by BoringSSL commit 517073cd4b by Eric Roman - -CVE-2015-0209 - -Reviewed-by: Emilia Käsper ---- - crypto/ec/ec_asn1.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c -index 30b7df4..d3e8316 100644 ---- a/crypto/ec/ec_asn1.c -+++ b/crypto/ec/ec_asn1.c -@@ -1014,8 +1014,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) - ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE); - goto err; - } -- if (a) -- *a = ret; - } else - ret = *a; - -@@ -1067,10 +1065,12 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) - } - } - -+ if (a) -+ *a = ret; - ok = 1; - err: - if (!ok) { -- if (ret) -+ if (ret && (a == NULL || *a != ret)) - EC_KEY_free(ret); - ret = NULL; - } --- -2.3.1 - diff --git a/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch b/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch deleted file mode 100644 index a6a10b0a2c..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0288.patch +++ /dev/null @@ -1,31 +0,0 @@ -https://bugs.gentoo.org/542038 - -From 28a00bcd8e318da18031b2ac8778c64147cd54f9 Mon Sep 17 00:00:00 2001 -From: "Dr. Stephen Henson" -Date: Wed, 18 Feb 2015 00:34:59 +0000 -Subject: [PATCH] Check public key is not NULL. - -CVE-2015-0288 -PR#3708 - -Reviewed-by: Matt Caswell ---- - crypto/x509/x509_req.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c -index bc6e566..01795f4 100644 ---- a/crypto/x509/x509_req.c -+++ b/crypto/x509/x509_req.c -@@ -92,6 +92,8 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) - goto err; - - pktmp = X509_get_pubkey(x); -+ if (pktmp == NULL) -+ goto err; - i = X509_REQ_set_pubkey(ret, pktmp); - EVP_PKEY_free(pktmp); - if (!i) --- -2.3.1 - diff --git a/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0291.patch b/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0291.patch deleted file mode 100644 index 852d06e918..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2-CVE-2015-0291.patch +++ /dev/null @@ -1,459 +0,0 @@ ---- openssl-1.0.2/crypto/asn1/a_type.c -+++ openssl-1.0.2/crypto/asn1/a_type.c -@@ -119,6 +119,9 @@ - case V_ASN1_OBJECT: - result = OBJ_cmp(a->value.object, b->value.object); - break; -+ case V_ASN1_BOOLEAN: -+ result = a->value.boolean - b->value.boolean; -+ break; - case V_ASN1_NULL: - result = 0; /* They do not have content. */ - break; ---- openssl-1.0.2/crypto/asn1/tasn_dec.c -+++ openssl-1.0.2/crypto/asn1/tasn_dec.c -@@ -140,11 +140,17 @@ - { - ASN1_TLC c; - ASN1_VALUE *ptmpval = NULL; -- if (!pval) -- pval = &ptmpval; - asn1_tlc_clear_nc(&c); -- if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) -- return *pval; -+ if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE) -+ ptmpval = *pval; -+ if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) { -+ if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) { -+ if (*pval) -+ ASN1_item_free(*pval, it); -+ *pval = ptmpval; -+ } -+ return ptmpval; -+ } - return NULL; - } - -@@ -304,9 +310,16 @@ - case ASN1_ITYPE_CHOICE: - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) - goto auxerr; -- -- /* Allocate structure */ -- if (!*pval && !ASN1_item_ex_new(pval, it)) { -+ if (*pval) { -+ /* Free up and zero CHOICE value if initialised */ -+ i = asn1_get_choice_selector(pval, it); -+ if ((i >= 0) && (i < it->tcount)) { -+ tt = it->templates + i; -+ pchptr = asn1_get_field_ptr(pval, tt); -+ ASN1_template_free(pchptr, tt); -+ asn1_set_choice_selector(pval, -1, it); -+ } -+ } else if (!ASN1_item_ex_new(pval, it)) { - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); - goto err; - } -@@ -386,6 +399,17 @@ - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) - goto auxerr; - -+ /* Free up and zero any ADB found */ -+ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { -+ if (tt->flags & ASN1_TFLG_ADB_MASK) { -+ const ASN1_TEMPLATE *seqtt; -+ ASN1_VALUE **pseqval; -+ seqtt = asn1_do_adb(pval, tt, 1); -+ pseqval = asn1_get_field_ptr(pval, seqtt); -+ ASN1_template_free(pseqval, seqtt); -+ } -+ } -+ - /* Get each field entry */ - for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { - const ASN1_TEMPLATE *seqtt; ---- openssl-1.0.2/crypto/pkcs7/pk7_doit.c -+++ openssl-1.0.2/crypto/pkcs7/pk7_doit.c -@@ -261,6 +261,25 @@ - PKCS7_RECIP_INFO *ri = NULL; - ASN1_OCTET_STRING *os = NULL; - -+ if (p7 == NULL) { -+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER); -+ return NULL; -+ } -+ /* -+ * The content field in the PKCS7 ContentInfo is optional, but that really -+ * only applies to inner content (precisely, detached signatures). -+ * -+ * When reading content, missing outer content is therefore treated as an -+ * error. -+ * -+ * When creating content, PKCS7_content_new() must be called before -+ * calling this method, so a NULL p7->d is always an error. -+ */ -+ if (p7->d.ptr == NULL) { -+ PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT); -+ return NULL; -+ } -+ - i = OBJ_obj2nid(p7->type); - p7->state = PKCS7_S_HEADER; - -@@ -411,6 +430,16 @@ - unsigned char *ek = NULL, *tkey = NULL; - int eklen = 0, tkeylen = 0; - -+ if (p7 == NULL) { -+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER); -+ return NULL; -+ } -+ -+ if (p7->d.ptr == NULL) { -+ PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT); -+ return NULL; -+ } -+ - i = OBJ_obj2nid(p7->type); - p7->state = PKCS7_S_HEADER; - -@@ -707,6 +736,16 @@ - STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL; - ASN1_OCTET_STRING *os = NULL; - -+ if (p7 == NULL) { -+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER); -+ return 0; -+ } -+ -+ if (p7->d.ptr == NULL) { -+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT); -+ return 0; -+ } -+ - EVP_MD_CTX_init(&ctx_tmp); - i = OBJ_obj2nid(p7->type); - p7->state = PKCS7_S_HEADER; -@@ -746,6 +785,7 @@ - /* If detached data then the content is excluded */ - if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) { - M_ASN1_OCTET_STRING_free(os); -+ os = NULL; - p7->d.sign->contents->d.data = NULL; - } - break; -@@ -755,6 +795,7 @@ - /* If detached data then the content is excluded */ - if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) { - M_ASN1_OCTET_STRING_free(os); -+ os = NULL; - p7->d.digest->contents->d.data = NULL; - } - break; -@@ -820,22 +861,30 @@ - M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len); - } - -- if (!PKCS7_is_detached(p7) && !(os->flags & ASN1_STRING_FLAG_NDEF)) { -- char *cont; -- long contlen; -- btmp = BIO_find_type(bio, BIO_TYPE_MEM); -- if (btmp == NULL) { -- PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO); -- goto err; -- } -- contlen = BIO_get_mem_data(btmp, &cont); -+ if (!PKCS7_is_detached(p7)) { - /* -- * Mark the BIO read only then we can use its copy of the data -- * instead of making an extra copy. -+ * NOTE(emilia): I think we only reach os == NULL here because detached -+ * digested data support is broken. - */ -- BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); -- BIO_set_mem_eof_return(btmp, 0); -- ASN1_STRING_set0(os, (unsigned char *)cont, contlen); -+ if (os == NULL) -+ goto err; -+ if (!(os->flags & ASN1_STRING_FLAG_NDEF)) { -+ char *cont; -+ long contlen; -+ btmp = BIO_find_type(bio, BIO_TYPE_MEM); -+ if (btmp == NULL) { -+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO); -+ goto err; -+ } -+ contlen = BIO_get_mem_data(btmp, &cont); -+ /* -+ * Mark the BIO read only then we can use its copy of the data -+ * instead of making an extra copy. -+ */ -+ BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); -+ BIO_set_mem_eof_return(btmp, 0); -+ ASN1_STRING_set0(os, (unsigned char *)cont, contlen); -+ } - } - ret = 1; - err: -@@ -910,6 +959,16 @@ - STACK_OF(X509) *cert; - X509 *x509; - -+ if (p7 == NULL) { -+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER); -+ return 0; -+ } -+ -+ if (p7->d.ptr == NULL) { -+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT); -+ return 0; -+ } -+ - if (PKCS7_type_is_signed(p7)) { - cert = p7->d.sign->cert; - } else if (PKCS7_type_is_signedAndEnveloped(p7)) { ---- openssl-1.0.2/crypto/pkcs7/pk7_lib.c -+++ openssl-1.0.2/crypto/pkcs7/pk7_lib.c -@@ -70,6 +70,7 @@ - nid = OBJ_obj2nid(p7->type); - - switch (cmd) { -+ /* NOTE(emilia): does not support detached digested data. */ - case PKCS7_OP_SET_DETACHED_SIGNATURE: - if (nid == NID_pkcs7_signed) { - ret = p7->detached = (int)larg; -@@ -444,6 +445,8 @@ - - STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) - { -+ if (p7 == NULL || p7->d.ptr == NULL) -+ return NULL; - if (PKCS7_type_is_signed(p7)) { - return (p7->d.sign->signer_info); - } else if (PKCS7_type_is_signedAndEnveloped(p7)) { ---- openssl-1.0.2/crypto/rsa/rsa_ameth.c -+++ openssl-1.0.2/crypto/rsa/rsa_ameth.c -@@ -698,9 +698,10 @@ - RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_SIGNATURE_TYPE); - return -1; - } -- if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey)) -+ if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey) > 0) { - /* Carry on */ - return 2; -+ } - return -1; - } - ---- openssl-1.0.2/doc/crypto/d2i_X509.pod -+++ openssl-1.0.2/doc/crypto/d2i_X509.pod -@@ -207,6 +207,12 @@ - persist if they are not present in the new one. As a result the use - of this "reuse" behaviour is strongly discouraged. - -+Current versions of OpenSSL will not modify B<*px> if an error occurs. -+If parsing succeeds then B<*px> is freed (if it is not NULL) and then -+set to the value of the newly decoded structure. As a result B<*px> -+B be allocated on the stack or an attempt will be made to -+free an invalid pointer. -+ - i2d_X509() will not return an error in many versions of OpenSSL, - if mandatory fields are not initialized due to a programming error - then the encoded structure may contain invalid data or omit the -@@ -233,7 +239,9 @@ - - d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B structure - or B if an error occurs. The error code that can be obtained by --L. -+L. If the "reuse" capability has been used -+with a valid X509 structure being passed in via B then the object is not -+modified in the event of error. - - i2d_X509() returns the number of bytes successfully encoded or a negative - value if an error occurs. The error code can be obtained by ---- openssl-1.0.2/ssl/d1_lib.c -+++ openssl-1.0.2/ssl/d1_lib.c -@@ -543,6 +543,9 @@ - { - int ret; - -+ /* Ensure there is no state left over from a previous invocation */ -+ SSL_clear(s); -+ - SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE); - s->d1->listen = 1; - ---- openssl-1.0.2/ssl/s2_lib.c -+++ openssl-1.0.2/ssl/s2_lib.c -@@ -493,7 +493,7 @@ - - OPENSSL_assert(s->session->master_key_length >= 0 - && s->session->master_key_length -- < (int)sizeof(s->session->master_key)); -+ <= (int)sizeof(s->session->master_key)); - EVP_DigestUpdate(&ctx, s->session->master_key, - s->session->master_key_length); - EVP_DigestUpdate(&ctx, &c, 1); ---- openssl-1.0.2/ssl/s2_srvr.c -+++ openssl-1.0.2/ssl/s2_srvr.c -@@ -454,11 +454,6 @@ - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_PRIVATEKEY); - return (-1); - } -- i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc, -- &(p[s->s2->tmp.clear]), -- &(p[s->s2->tmp.clear]), -- (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : -- RSA_PKCS1_PADDING); - - is_export = SSL_C_IS_EXPORT(s->session->cipher); - -@@ -475,23 +470,61 @@ - } else - ek = 5; - -+ /* -+ * The format of the CLIENT-MASTER-KEY message is -+ * 1 byte message type -+ * 3 bytes cipher -+ * 2-byte clear key length (stored in s->s2->tmp.clear) -+ * 2-byte encrypted key length (stored in s->s2->tmp.enc) -+ * 2-byte key args length (IV etc) -+ * clear key -+ * encrypted key -+ * key args -+ * -+ * If the cipher is an export cipher, then the encrypted key bytes -+ * are a fixed portion of the total key (5 or 8 bytes). The size of -+ * this portion is in |ek|. If the cipher is not an export cipher, -+ * then the entire key material is encrypted (i.e., clear key length -+ * must be zero). -+ */ -+ if ((!is_export && s->s2->tmp.clear != 0) || -+ (is_export && s->s2->tmp.clear + ek != EVP_CIPHER_key_length(c))) { -+ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); -+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH); -+ return -1; -+ } -+ /* -+ * The encrypted blob must decrypt to the encrypted portion of the key. -+ * Decryption can't be expanding, so if we don't have enough encrypted -+ * bytes to fit the key in the buffer, stop now. -+ */ -+ if ((is_export && s->s2->tmp.enc < ek) || -+ (!is_export && s->s2->tmp.enc < EVP_CIPHER_key_length(c))) { -+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); -+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT); -+ return -1; -+ } -+ -+ i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc, -+ &(p[s->s2->tmp.clear]), -+ &(p[s->s2->tmp.clear]), -+ (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING : -+ RSA_PKCS1_PADDING); -+ - /* bad decrypt */ - # if 1 - /* - * If a bad decrypt, continue with protocol but with a random master - * secret (Bleichenbacher attack) - */ -- if ((i < 0) || ((!is_export && (i != EVP_CIPHER_key_length(c))) -- || (is_export && ((i != ek) -- || (s->s2->tmp.clear + -- (unsigned int)i != (unsigned int) -- EVP_CIPHER_key_length(c)))))) { -+ if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c)) -+ || (is_export && i != ek))) { - ERR_clear_error(); - if (is_export) - i = ek; - else - i = EVP_CIPHER_key_length(c); -- if (RAND_pseudo_bytes(p, i) <= 0) -+ if (RAND_pseudo_bytes(&p[s->s2->tmp.clear], i) <= 0) - return 0; - } - # else -@@ -513,7 +546,7 @@ - # endif - - if (is_export) -- i += s->s2->tmp.clear; -+ i = EVP_CIPHER_key_length(c); - - if (i > SSL_MAX_MASTER_KEY_LENGTH) { - ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); ---- openssl-1.0.2/ssl/s3_pkt.c -+++ openssl-1.0.2/ssl/s3_pkt.c -@@ -780,7 +780,7 @@ - - i = ssl3_write_pending(s, type, &buf[tot], nw); - if (i <= 0) { -- if (i < 0) { -+ if (i < 0 && (!s->wbio || !BIO_should_retry(s->wbio))) { - OPENSSL_free(wb->buf); - wb->buf = NULL; - } ---- openssl-1.0.2/ssl/s3_srvr.c -+++ openssl-1.0.2/ssl/s3_srvr.c -@@ -2251,10 +2251,17 @@ - if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) { - int idx = -1; - EVP_PKEY *skey = NULL; -- if (n) -+ if (n) { - n2s(p, i); -- else -+ } else { -+ if (alg_k & SSL_kDHE) { -+ al = SSL_AD_HANDSHAKE_FAILURE; -+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, -+ SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG); -+ goto f_err; -+ } - i = 0; -+ } - if (n && n != i + 2) { - if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG)) { - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ---- openssl-1.0.2/ssl/t1_lib.c -+++ openssl-1.0.2/ssl/t1_lib.c -@@ -2965,6 +2965,7 @@ - if (s->cert->shared_sigalgs) { - OPENSSL_free(s->cert->shared_sigalgs); - s->cert->shared_sigalgs = NULL; -+ s->cert->shared_sigalgslen = 0; - } - /* Clear certificate digests and validity flags */ - for (i = 0; i < SSL_PKEY_NUM; i++) { -@@ -3618,6 +3619,7 @@ - if (c->shared_sigalgs) { - OPENSSL_free(c->shared_sigalgs); - c->shared_sigalgs = NULL; -+ c->shared_sigalgslen = 0; - } - /* If client use client signature algorithms if not NULL */ - if (!s->server && c->client_sigalgs && !is_suiteb) { -@@ -3640,12 +3642,14 @@ - preflen = c->peer_sigalgslen; - } - nmatch = tls12_do_shared_sigalgs(NULL, pref, preflen, allow, allowlen); -- if (!nmatch) -- return 1; -- salgs = OPENSSL_malloc(nmatch * sizeof(TLS_SIGALGS)); -- if (!salgs) -- return 0; -- nmatch = tls12_do_shared_sigalgs(salgs, pref, preflen, allow, allowlen); -+ if (nmatch) { -+ salgs = OPENSSL_malloc(nmatch * sizeof(TLS_SIGALGS)); -+ if (!salgs) -+ return 0; -+ nmatch = tls12_do_shared_sigalgs(salgs, pref, preflen, allow, allowlen); -+ } else { -+ salgs = NULL; -+ } - c->shared_sigalgs = salgs; - c->shared_sigalgslen = nmatch; - return 1; diff --git a/dev-libs/openssl/files/openssl-1.0.2-ipv6.patch b/dev-libs/openssl/files/openssl-1.0.2-ipv6.patch deleted file mode 100644 index 27574ea616..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2-ipv6.patch +++ /dev/null @@ -1,611 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=2051&user=guest&pass=guest - ---- openssl-1.0.2/apps/s_apps.h -+++ openssl-1.0.2/apps/s_apps.h -@@ -154,7 +154,7 @@ - int do_server(int port, int type, int *ret, - int (*cb) (char *hostname, int s, int stype, - unsigned char *context), unsigned char *context, -- int naccept); -+ int naccept, int use_ipv4, int use_ipv6); - #ifdef HEADER_X509_H - int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); - #endif -@@ -167,7 +167,8 @@ - int ssl_print_curves(BIO *out, SSL *s, int noshared); - #endif - int ssl_print_tmp_key(BIO *out, SSL *s); --int init_client(int *sock, char *server, int port, int type); -+int init_client(int *sock, char *server, int port, int type, -+ int use_ipv4, int use_ipv6); - int should_retry(int i); - int extract_port(char *str, short *port_ptr); - int extract_host_port(char *str, char **host_ptr, unsigned char *ip, ---- openssl-1.0.2/apps/s_client.c -+++ openssl-1.0.2/apps/s_client.c -@@ -302,6 +302,10 @@ - { - BIO_printf(bio_err, "usage: s_client args\n"); - BIO_printf(bio_err, "\n"); -+ BIO_printf(bio_err, " -4 - use IPv4 only\n"); -+#if OPENSSL_USE_IPV6 -+ BIO_printf(bio_err, " -6 - use IPv6 only\n"); -+#endif - BIO_printf(bio_err, " -host host - use -connect instead\n"); - BIO_printf(bio_err, " -port port - use -connect instead\n"); - BIO_printf(bio_err, -@@ -658,6 +662,7 @@ - int sbuf_len, sbuf_off; - fd_set readfds, writefds; - short port = PORT; -+ int use_ipv4, use_ipv6; - int full_log = 1; - char *host = SSL_HOST_NAME; - char *cert_file = NULL, *key_file = NULL, *chain_file = NULL; -@@ -709,7 +714,11 @@ - #endif - char *sess_in = NULL; - char *sess_out = NULL; -- struct sockaddr peer; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage peer; -+#else -+ struct sockaddr_in peer; -+#endif - int peerlen = sizeof(peer); - int fallback_scsv = 0; - int enable_timeouts = 0; -@@ -737,6 +746,12 @@ - - meth = SSLv23_client_method(); - -+ use_ipv4 = 1; -+#if OPENSSL_USE_IPV6 -+ use_ipv6 = 1; -+#else -+ use_ipv6 = 0; -+#endif - apps_startup(); - c_Pause = 0; - c_quiet = 0; -@@ -1096,6 +1111,16 @@ - jpake_secret = *++argv; - } - #endif -+ else if (strcmp(*argv,"-4") == 0) { -+ use_ipv4 = 1; -+ use_ipv6 = 0; -+ } -+#if OPENSSL_USE_IPV6 -+ else if (strcmp(*argv,"-6") == 0) { -+ use_ipv4 = 0; -+ use_ipv6 = 1; -+ } -+#endif - #ifndef OPENSSL_NO_SRTP - else if (strcmp(*argv, "-use_srtp") == 0) { - if (--argc < 1) -@@ -1421,7 +1446,7 @@ - - re_start: - -- if (init_client(&s, host, port, socket_type) == 0) { -+ if (init_client(&s, host, port, socket_type, use_ipv4, use_ipv6) == 0) { - BIO_printf(bio_err, "connect:errno=%d\n", get_last_socket_error()); - SHUTDOWN(s); - goto end; -@@ -1444,7 +1469,7 @@ - if (socket_type == SOCK_DGRAM) { - - sbio = BIO_new_dgram(s, BIO_NOCLOSE); -- if (getsockname(s, &peer, (void *)&peerlen) < 0) { -+ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0) { - BIO_printf(bio_err, "getsockname:errno=%d\n", - get_last_socket_error()); - SHUTDOWN(s); ---- openssl-1.0.2/apps/s_server.c -+++ openssl-1.0.2/apps/s_server.c -@@ -643,6 +643,10 @@ - BIO_printf(bio_err, - " -alpn arg - set the advertised protocols for the ALPN extension (comma-separated list)\n"); - #endif -+ BIO_printf(bio_err, " -4 - use IPv4 only\n"); -+#if OPENSSL_USE_IPV6 -+ BIO_printf(bio_err, " -6 - use IPv6 only\n"); -+#endif - BIO_printf(bio_err, - " -keymatexport label - Export keying material using label\n"); - BIO_printf(bio_err, -@@ -1070,6 +1074,7 @@ - int state = 0; - const SSL_METHOD *meth = NULL; - int socket_type = SOCK_STREAM; -+ int use_ipv4, use_ipv6; - ENGINE *e = NULL; - char *inrand = NULL; - int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; -@@ -1111,6 +1116,12 @@ - - meth = SSLv23_server_method(); - -+ use_ipv4 = 1; -+#if OPENSSL_USE_IPV6 -+ use_ipv6 = 1; -+#else -+ use_ipv6 = 0; -+#endif - local_argc = argc; - local_argv = argv; - -@@ -1503,6 +1514,16 @@ - jpake_secret = *(++argv); - } - #endif -+ else if (strcmp(*argv,"-4") == 0) { -+ use_ipv4 = 1; -+ use_ipv6 = 0; -+ } -+#if OPENSSL_USE_IPV6 -+ else if (strcmp(*argv,"-6") == 0) { -+ use_ipv4 = 0; -+ use_ipv6 = 1; -+ } -+#endif - #ifndef OPENSSL_NO_SRTP - else if (strcmp(*argv, "-use_srtp") == 0) { - if (--argc < 1) -@@ -2023,13 +2044,13 @@ - (void)BIO_flush(bio_s_out); - if (rev) - do_server(port, socket_type, &accept_socket, rev_body, context, -- naccept); -+ naccept, use_ipv4, use_ipv6); - else if (www) - do_server(port, socket_type, &accept_socket, www_body, context, -- naccept); -+ naccept, use_ipv4, use_ipv6); - else - do_server(port, socket_type, &accept_socket, sv_body, context, -- naccept); -+ naccept, use_ipv4, use_ipv6); - print_stats(bio_s_out, ctx); - ret = 0; - end: ---- openssl-1.0.2/apps/s_socket.c -+++ openssl-1.0.2/apps/s_socket.c -@@ -101,16 +101,16 @@ - # include "netdb.h" - # endif - --static struct hostent *GetHostByName(char *name); -+static struct hostent *GetHostByName(char *name, int domain); - # if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) - static void ssl_sock_cleanup(void); - # endif - static int ssl_sock_init(void); --static int init_client_ip(int *sock, unsigned char ip[4], int port, int type); --static int init_server(int *sock, int port, int type); --static int init_server_long(int *sock, int port, char *ip, int type); -+static int init_client_ip(int *sock, unsigned char *ip, int port, int type, int domain); -+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6); -+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6); - static int do_accept(int acc_sock, int *sock, char **host); --static int host_ip(char *str, unsigned char ip[4]); -+static int host_ip(char *str, unsigned char *ip, int domain); - - # ifdef OPENSSL_SYS_WIN16 - # define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ -@@ -231,38 +231,68 @@ - return (1); - } - --int init_client(int *sock, char *host, int port, int type) -+int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6) - { -+# if OPENSSL_USE_IPV6 -+ unsigned char ip[16]; -+# else - unsigned char ip[4]; -+# endif - -- memset(ip, '\0', sizeof ip); -- if (!host_ip(host, &(ip[0]))) -- return 0; -- return init_client_ip(sock, ip, port, type); --} -- --static int init_client_ip(int *sock, unsigned char ip[4], int port, int type) --{ -- unsigned long addr; -+ if (use_ipv4) -+ if (host_ip(host, ip, AF_INET)) -+ return(init_client_ip(sock, ip, port, type, AF_INET)); -+# if OPENSSL_USE_IPV6 -+ if (use_ipv6) -+ if (host_ip(host, ip, AF_INET6)) -+ return(init_client_ip(sock, ip, port, type, AF_INET6)); -+# endif -+ return 0; -+} -+ -+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain) -+{ -+# if OPENSSL_USE_IPV6 -+ struct sockaddr_storage them; -+ struct sockaddr_in *them_in = (struct sockaddr_in *)&them; -+ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them; -+# else - struct sockaddr_in them; -+ struct sockaddr_in *them_in = &them; -+# endif -+ socklen_t addr_len; - int s, i; - - if (!ssl_sock_init()) - return (0); - - memset((char *)&them, 0, sizeof(them)); -- them.sin_family = AF_INET; -- them.sin_port = htons((unsigned short)port); -- addr = (unsigned long) -- ((unsigned long)ip[0] << 24L) | -- ((unsigned long)ip[1] << 16L) | -- ((unsigned long)ip[2] << 8L) | ((unsigned long)ip[3]); -- them.sin_addr.s_addr = htonl(addr); -+ if (domain == AF_INET) { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in); -+ them_in->sin_family=AF_INET; -+ them_in->sin_port=htons((unsigned short)port); -+# ifndef BIT_FIELD_LIMITS -+ memcpy(&them_in->sin_addr.s_addr, ip, 4); -+# else -+ memcpy(&them_in->sin_addr, ip, 4); -+# endif -+ } -+ else -+# if OPENSSL_USE_IPV6 -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in6); -+ them_in6->sin6_family=AF_INET6; -+ them_in6->sin6_port=htons((unsigned short)port); -+ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr)); -+ } -+# else -+ return(0); -+# endif - - if (type == SOCK_STREAM) -- s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL); -+ s = socket(domain, SOCK_STREAM, SOCKET_PROTOCOL); - else /* ( type == SOCK_DGRAM) */ -- s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); -+ s = socket(domain, SOCK_DGRAM, IPPROTO_UDP); - - if (s == INVALID_SOCKET) { - perror("socket"); -@@ -280,7 +310,7 @@ - } - # endif - -- if (connect(s, (struct sockaddr *)&them, sizeof(them)) == -1) { -+ if (connect(s, (struct sockaddr *)&them, addr_len) == -1) { - closesocket(s); - perror("connect"); - return (0); -@@ -292,14 +322,14 @@ - int do_server(int port, int type, int *ret, - int (*cb) (char *hostname, int s, int stype, - unsigned char *context), unsigned char *context, -- int naccept) -+ int naccept, int use_ipv4, int use_ipv6) - { - int sock; - char *name = NULL; - int accept_socket = 0; - int i; - -- if (!init_server(&accept_socket, port, type)) -+ if (!init_server(&accept_socket, port, type, use_ipv4, use_ipv6)) - return (0); - - if (ret != NULL) { -@@ -328,32 +358,41 @@ - } - } - --static int init_server_long(int *sock, int port, char *ip, int type) -+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6) - { - int ret = 0; -+ int domain; -+# if OPENSSL_USE_IPV6 -+ struct sockaddr_storage server; -+ struct sockaddr_in *server_in = (struct sockaddr_in *)&server; -+ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server; -+# else - struct sockaddr_in server; -+ struct sockaddr_in *server_in = &server; -+# endif -+ socklen_t addr_len; - int s = -1; - -+ if (!use_ipv4 && !use_ipv6) -+ goto err; -+# if OPENSSL_USE_IPV6 -+ /* we are fine here */ -+# else -+ if (use_ipv6) -+ goto err; -+# endif - if (!ssl_sock_init()) - return (0); - -- memset((char *)&server, 0, sizeof(server)); -- server.sin_family = AF_INET; -- server.sin_port = htons((unsigned short)port); -- if (ip == NULL) -- server.sin_addr.s_addr = INADDR_ANY; -- else --/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ --# ifndef BIT_FIELD_LIMITS -- memcpy(&server.sin_addr.s_addr, ip, 4); -+#if OPENSSL_USE_IPV6 -+ domain = use_ipv6 ? AF_INET6 : AF_INET; - # else -- memcpy(&server.sin_addr, ip, 4); -+ domain = AF_INET; - # endif -- - if (type == SOCK_STREAM) -- s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL); -- else /* type == SOCK_DGRAM */ -- s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); -+ s=socket(domain, SOCK_STREAM, SOCKET_PROTOCOL); -+ else /* type == SOCK_DGRAM */ -+ s=socket(domain, SOCK_DGRAM, IPPROTO_UDP); - - if (s == INVALID_SOCKET) - goto err; -@@ -363,7 +402,42 @@ - setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof j); - } - # endif -- if (bind(s, (struct sockaddr *)&server, sizeof(server)) == -1) { -+# if OPENSSL_USE_IPV6 -+ if ((use_ipv4 == 0) && (use_ipv6 == 1)) { -+ const int on = 1; -+ -+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, -+ (const void *) &on, sizeof(int)); -+ } -+# endif -+ if (domain == AF_INET) { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in); -+ memset(server_in, 0, sizeof(struct sockaddr_in)); -+ server_in->sin_family=AF_INET; -+ server_in->sin_port = htons((unsigned short)port); -+ if (ip == NULL) -+ server_in->sin_addr.s_addr = htonl(INADDR_ANY); -+ else -+/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ -+# ifndef BIT_FIELD_LIMITS -+ memcpy(&server_in->sin_addr.s_addr, ip, 4); -+# else -+ memcpy(&server_in->sin_addr, ip, 4); -+# endif -+ } -+# if OPENSSL_USE_IPV6 -+ else { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in6); -+ memset(server_in6, 0, sizeof(struct sockaddr_in6)); -+ server_in6->sin6_family = AF_INET6; -+ server_in6->sin6_port = htons((unsigned short)port); -+ if (ip == NULL) -+ server_in6->sin6_addr = in6addr_any; -+ else -+ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr)); -+ } -+# endif -+ if (bind(s, (struct sockaddr *)&server, addr_len) == -1) { - # ifndef OPENSSL_SYS_WINDOWS - perror("bind"); - # endif -@@ -381,16 +455,23 @@ - return (ret); - } - --static int init_server(int *sock, int port, int type) -+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6) - { -- return (init_server_long(sock, port, NULL, type)); -+ return (init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6)); - } - - static int do_accept(int acc_sock, int *sock, char **host) - { - int ret; - struct hostent *h1, *h2; -- static struct sockaddr_in from; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage from; -+ struct sockaddr_in *from_in = (struct sockaddr_in *)&from; -+ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from; -+#else -+ struct sockaddr_in from; -+ struct sockaddr_in *from_in = &from; -+#endif - int len; - /* struct linger ling; */ - -@@ -440,14 +521,25 @@ - - if (host == NULL) - goto end; -+# if OPENSSL_USE_IPV6 -+ if (from.ss_family == AF_INET) -+# else -+ if (from.sin_family == AF_INET) -+# endif - # ifndef BIT_FIELD_LIMITS -- /* I should use WSAAsyncGetHostByName() under windows */ -- h1 = gethostbyaddr((char *)&from.sin_addr.s_addr, -- sizeof(from.sin_addr.s_addr), AF_INET); -+ /* I should use WSAAsyncGetHostByName() under windows */ -+ h1 = gethostbyaddr((char *)&from_in->sin_addr.s_addr, -+ sizeof(from_in->sin_addr.s_addr), AF_INET); - # else -- h1 = gethostbyaddr((char *)&from.sin_addr, -- sizeof(struct in_addr), AF_INET); -+ h1 = gethostbyaddr((char *)&from_in->sin_addr, -+ sizeof(struct in_addr), AF_INET); -+# endif -+# if OPENSSL_USE_IPV6 -+ else -+ h1 = gethostbyaddr((char *)&from_in6->sin6_addr, -+ sizeof(struct in6_addr), AF_INET6); - # endif -+ - if (h1 == NULL) { - BIO_printf(bio_err, "bad gethostbyaddr\n"); - *host = NULL; -@@ -460,14 +552,22 @@ - } - BUF_strlcpy(*host, h1->h_name, strlen(h1->h_name) + 1); - -- h2 = GetHostByName(*host); -+# if OPENSSL_USE_IPV6 -+ h2=GetHostByName(*host, from.ss_family); -+# else -+ h2=GetHostByName(*host, from.sin_family); -+# endif - if (h2 == NULL) { - BIO_printf(bio_err, "gethostbyname failure\n"); - closesocket(ret); - return (0); - } -- if (h2->h_addrtype != AF_INET) { -- BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n"); -+# if OPENSSL_USE_IPV6 -+ if (h2->h_addrtype != from.ss_family) { -+# else -+ if (h2->h_addrtype != from.sin_family) { -+# endif -+ BIO_printf(bio_err, "gethostbyname addr is not correct\n"); - closesocket(ret); - return (0); - } -@@ -483,14 +583,14 @@ - char *h, *p; - - h = str; -- p = strchr(str, ':'); -+ p = strrchr(str, ':'); - if (p == NULL) { - BIO_printf(bio_err, "no port defined\n"); - return (0); - } - *(p++) = '\0'; - -- if ((ip != NULL) && !host_ip(str, ip)) -+ if ((ip != NULL) && !host_ip(str, ip, AF_INET)) - goto err; - if (host_ptr != NULL) - *host_ptr = h; -@@ -502,44 +602,51 @@ - return (0); - } - --static int host_ip(char *str, unsigned char ip[4]) -+static int host_ip(char *str, unsigned char *ip, int domain) - { - unsigned int in[4]; -+ unsigned long l; - int i; - -- if (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) == -- 4) { -+ if ((domain == AF_INET) && (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) == 4)) { - for (i = 0; i < 4; i++) - if (in[i] > 255) { - BIO_printf(bio_err, "invalid IP address\n"); - goto err; - } -- ip[0] = in[0]; -- ip[1] = in[1]; -- ip[2] = in[2]; -- ip[3] = in[3]; -- } else { /* do a gethostbyname */ -+ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]); -+ memcpy(ip, &l, 4); -+ return 1; -+ } -+# if OPENSSL_USE_IPV6 -+ else if ((domain == AF_INET6) && (inet_pton(AF_INET6, str, ip) == 1)) -+ return 1; -+# endif -+ else { /* do a gethostbyname */ - struct hostent *he; - - if (!ssl_sock_init()) - return (0); - -- he = GetHostByName(str); -+ he = GetHostByName(str, domain); - if (he == NULL) { - BIO_printf(bio_err, "gethostbyname failure\n"); - goto err; - } - /* cast to short because of win16 winsock definition */ -- if ((short)he->h_addrtype != AF_INET) { -- BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n"); -+ if ((short)he->h_addrtype != domain) { -+ BIO_printf(bio_err, "gethostbyname addr is not correct\n"); - return (0); - } -- ip[0] = he->h_addr_list[0][0]; -- ip[1] = he->h_addr_list[0][1]; -- ip[2] = he->h_addr_list[0][2]; -- ip[3] = he->h_addr_list[0][3]; -+ if (domain == AF_INET) -+ memset(ip, 0, 4); -+# if OPENSSL_USE_IPV6 -+ else -+ memset(ip, 0, 16); -+# endif -+ memcpy(ip, he->h_addr_list[0], he->h_length); -+ return 1; - } -- return (1); - err: - return (0); - } -@@ -573,7 +680,7 @@ - static unsigned long ghbn_hits = 0L; - static unsigned long ghbn_miss = 0L; - --static struct hostent *GetHostByName(char *name) -+static struct hostent *GetHostByName(char *name, int domain) - { - struct hostent *ret; - int i, lowi = 0; -@@ -585,13 +692,18 @@ - lowi = i; - } - if (ghbn_cache[i].order > 0) { -- if (strncmp(name, ghbn_cache[i].name, 128) == 0) -+ if ((strncmp(name, ghbn_cache[i].name, 128) == 0) && (ghbn_cache[i].ent.h_addrtype == domain)) - break; - } - } - if (i == GHBN_NUM) { /* no hit */ - ghbn_miss++; -- ret = gethostbyname(name); -+ if (domain == AF_INET) -+ ret = gethostbyname(name); -+# if OPENSSL_USE_IPV6 -+ else -+ ret = gethostbyname2(name, AF_INET6); -+# endif - if (ret == NULL) - return (NULL); - /* else add to cache */ diff --git a/dev-libs/openssl/files/openssl-1.0.2-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.2-parallel-build.patch deleted file mode 100644 index 31d3f1d634..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2-parallel-build.patch +++ /dev/null @@ -1,354 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=2084&user=guest&pass=guest - ---- a/Makefile.org -+++ b/Makefile.org -@@ -247,17 +247,17 @@ - build_libs: build_crypto build_ssl build_engines - - build_crypto: -- @dir=crypto; target=all; $(BUILD_ONE_CMD) -+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) --build_ssl: -+build_ssl: build_crypto -- @dir=ssl; target=all; $(BUILD_ONE_CMD) -+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) --build_engines: -+build_engines: build_crypto -- @dir=engines; target=all; $(BUILD_ONE_CMD) -+ +@dir=engines; target=all; $(BUILD_ONE_CMD) --build_apps: -+build_apps: build_libs -- @dir=apps; target=all; $(BUILD_ONE_CMD) -+ +@dir=apps; target=all; $(BUILD_ONE_CMD) --build_tests: -+build_tests: build_libs -- @dir=test; target=all; $(BUILD_ONE_CMD) -+ +@dir=test; target=all; $(BUILD_ONE_CMD) --build_tools: -+build_tools: build_libs -- @dir=tools; target=all; $(BUILD_ONE_CMD) -+ +@dir=tools; target=all; $(BUILD_ONE_CMD) - - all_testapps: build_libs build_testapps - build_testapps: -@@ -497,9 +497,9 @@ - dist_pem_h: - (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) - --install: all install_docs install_sw -+install: install_docs install_sw - --install_sw: -+install_dirs: - @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ - $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ - $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ -@@ -508,6 +508,13 @@ - $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ - $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ - $(INSTALL_PREFIX)$(OPENSSLDIR)/private -+ @$(PERL) $(TOP)/util/mkdir-p.pl \ -+ $(INSTALL_PREFIX)$(MANDIR)/man1 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man3 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man5 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man7 -+ -+install_sw: install_dirs - @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ -@@ -511,7 +511,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @set -e; target=install; $(RECURSIVE_BUILD_CMD) -+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) - @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ - do \ - if [ -f "$$i" ]; then \ -@@ -593,12 +600,7 @@ - done; \ - done - --install_docs: -- @$(PERL) $(TOP)/util/mkdir-p.pl \ -- $(INSTALL_PREFIX)$(MANDIR)/man1 \ -- $(INSTALL_PREFIX)$(MANDIR)/man3 \ -- $(INSTALL_PREFIX)$(MANDIR)/man5 \ -- $(INSTALL_PREFIX)$(MANDIR)/man7 -+install_docs: install_dirs - @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ - here="`pwd`"; \ - filecase=; \ ---- a/Makefile.shared -+++ b/Makefile.shared -@@ -105,6 +105,7 @@ LINK_SO= \ - SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ - LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ - LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ -+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ - $${SHAREDCMD} $${SHAREDFLAGS} \ - -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ -@@ -122,6 +124,7 @@ SYMLINK_SO= \ - done; \ - fi; \ - if [ -n "$$SHLIB_SOVER" ]; then \ -+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ - ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ - ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ - fi; \ ---- a/crypto/Makefile -+++ b/crypto/Makefile -@@ -85,11 +85,11 @@ - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - - subdirs: -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO -- @target=files; $(RECURSIVE_MAKE) -+ +@target=files; $(RECURSIVE_MAKE) - - links: - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) -@@ -100,7 +100,7 @@ - # lib: $(LIB): are splitted to avoid end-less loop - lib: $(LIB) - @touch lib --$(LIB): $(LIBOBJ) -+$(LIB): $(LIBOBJ) | subdirs - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - -@@ -110,7 +110,7 @@ - fi - - libs: -- @target=lib; $(RECURSIVE_MAKE) -+ +@target=lib; $(RECURSIVE_MAKE) - - install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... -@@ -119,7 +119,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - lint: - @target=lint; $(RECURSIVE_MAKE) ---- a/engines/Makefile -+++ b/engines/Makefile -@@ -72,7 +72,7 @@ - - all: lib subdirs - --lib: $(LIBOBJ) -+lib: $(LIBOBJ) | subdirs - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - for l in $(LIBNAMES); do \ -@@ -89,7 +89,7 @@ - - subdirs: - echo $(EDIRS) -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO -@@ -128,7 +128,7 @@ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ - done; \ - fi -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - tags: - ctags $(SRC) ---- a/test/Makefile -+++ b/test/Makefile -@@ -123,7 +123,7 @@ - tags: - ctags $(SRC) - --tests: exe apps $(TESTS) -+tests: exe $(TESTS) - - apps: - @(cd ..; $(MAKE) DIRS=apps all) -@@ -365,109 +365,109 @@ - link_app.$${shlib_target} - - $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) -- @target=$(RSATEST); $(BUILD_CMD) -+ +@target=$(RSATEST); $(BUILD_CMD) - - $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) -- @target=$(BNTEST); $(BUILD_CMD) -+ +@target=$(BNTEST); $(BUILD_CMD) - - $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) -- @target=$(ECTEST); $(BUILD_CMD) -+ +@target=$(ECTEST); $(BUILD_CMD) - - $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) -- @target=$(EXPTEST); $(BUILD_CMD) -+ +@target=$(EXPTEST); $(BUILD_CMD) - - $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) -- @target=$(IDEATEST); $(BUILD_CMD) -+ +@target=$(IDEATEST); $(BUILD_CMD) - - $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) -- @target=$(MD2TEST); $(BUILD_CMD) -+ +@target=$(MD2TEST); $(BUILD_CMD) - - $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) -- @target=$(SHATEST); $(BUILD_CMD) -+ +@target=$(SHATEST); $(BUILD_CMD) - - $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) -- @target=$(SHA1TEST); $(BUILD_CMD) -+ +@target=$(SHA1TEST); $(BUILD_CMD) - - $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) -- @target=$(SHA256TEST); $(BUILD_CMD) -+ +@target=$(SHA256TEST); $(BUILD_CMD) - - $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) -- @target=$(SHA512TEST); $(BUILD_CMD) -+ +@target=$(SHA512TEST); $(BUILD_CMD) - - $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) -- @target=$(RMDTEST); $(BUILD_CMD) -+ +@target=$(RMDTEST); $(BUILD_CMD) - - $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) -- @target=$(MDC2TEST); $(BUILD_CMD) -+ +@target=$(MDC2TEST); $(BUILD_CMD) - - $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) -- @target=$(MD4TEST); $(BUILD_CMD) -+ +@target=$(MD4TEST); $(BUILD_CMD) - - $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) -- @target=$(MD5TEST); $(BUILD_CMD) -+ +@target=$(MD5TEST); $(BUILD_CMD) - - $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) -- @target=$(HMACTEST); $(BUILD_CMD) -+ +@target=$(HMACTEST); $(BUILD_CMD) - - $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) -- @target=$(WPTEST); $(BUILD_CMD) -+ +@target=$(WPTEST); $(BUILD_CMD) - - $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) -- @target=$(RC2TEST); $(BUILD_CMD) -+ +@target=$(RC2TEST); $(BUILD_CMD) - - $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) -- @target=$(BFTEST); $(BUILD_CMD) -+ +@target=$(BFTEST); $(BUILD_CMD) - - $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) -- @target=$(CASTTEST); $(BUILD_CMD) -+ +@target=$(CASTTEST); $(BUILD_CMD) - - $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) -- @target=$(RC4TEST); $(BUILD_CMD) -+ +@target=$(RC4TEST); $(BUILD_CMD) - - $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) -- @target=$(RC5TEST); $(BUILD_CMD) -+ +@target=$(RC5TEST); $(BUILD_CMD) - - $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) -- @target=$(DESTEST); $(BUILD_CMD) -+ +@target=$(DESTEST); $(BUILD_CMD) - - $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) -- @target=$(RANDTEST); $(BUILD_CMD) -+ +@target=$(RANDTEST); $(BUILD_CMD) - - $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) -- @target=$(DHTEST); $(BUILD_CMD) -+ +@target=$(DHTEST); $(BUILD_CMD) - - $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) -- @target=$(DSATEST); $(BUILD_CMD) -+ +@target=$(DSATEST); $(BUILD_CMD) - - $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) -- @target=$(METHTEST); $(BUILD_CMD) -+ +@target=$(METHTEST); $(BUILD_CMD) - - $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) -- @target=$(SSLTEST); $(FIPS_BUILD_CMD) -+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) - - $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) -- @target=$(ENGINETEST); $(BUILD_CMD) -+ +@target=$(ENGINETEST); $(BUILD_CMD) - - $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) -- @target=$(EVPTEST); $(BUILD_CMD) -+ +@target=$(EVPTEST); $(BUILD_CMD) - - $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) -- @target=$(ECDSATEST); $(BUILD_CMD) -+ +@target=$(ECDSATEST); $(BUILD_CMD) - - $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) -- @target=$(ECDHTEST); $(BUILD_CMD) -+ +@target=$(ECDHTEST); $(BUILD_CMD) - - $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) -- @target=$(IGETEST); $(BUILD_CMD) -+ +@target=$(IGETEST); $(BUILD_CMD) - - $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) -- @target=$(JPAKETEST); $(BUILD_CMD) -+ +@target=$(JPAKETEST); $(BUILD_CMD) - - $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) -- @target=$(ASN1TEST); $(BUILD_CMD) -+ +@target=$(ASN1TEST); $(BUILD_CMD) - - $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) -- @target=$(SRPTEST); $(BUILD_CMD) -+ +@target=$(SRPTEST); $(BUILD_CMD) - - #$(AESTEST).o: $(AESTEST).c - # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c -@@ -480,7 +480,7 @@ - # fi - - dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) -- @target=dummytest; $(BUILD_CMD) -+ +@target=dummytest; $(BUILD_CMD) - - # DO NOT DELETE THIS LINE -- make depend depends on it. - ---- a/crypto/objects/Makefile -+++ b/crypto/objects/Makefile -@@ -44,11 +44,11 @@ obj_dat.h: obj_dat.pl obj_mac.h - # objects.pl both reads and writes obj_mac.num - obj_mac.h: objects.pl objects.txt obj_mac.num - $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h -- @sleep 1; touch obj_mac.h; sleep 1 - --obj_xref.h: objxref.pl obj_xref.txt obj_mac.num -+# This doesn't really need obj_mac.h, but since that rule reads & writes -+# obj_mac.num, we can't run in parallel with it. -+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h - $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h -- @sleep 1; touch obj_xref.h; sleep 1 - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO diff --git a/dev-libs/openssl/files/openssl-1.0.2-s_client-verify.patch b/dev-libs/openssl/files/openssl-1.0.2-s_client-verify.patch deleted file mode 100644 index 803a91dde9..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2-s_client-verify.patch +++ /dev/null @@ -1,17 +0,0 @@ -https://bugs.gentoo.org/472584 -http://rt.openssl.org/Ticket/Display.html?id=2387&user=guest&pass=guest - -fix verification handling in s_client. when loading paths, make sure -we properly fallback to setting the default paths. - ---- openssl-1.0.2/apps/s_client.c -+++ openssl-1.0.2/apps/s_client.c -@@ -1337,7 +1337,7 @@ - - SSL_CTX_set_verify(ctx, verify, verify_callback); - -- if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) || -+ if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) && - (!SSL_CTX_set_default_verify_paths(ctx))) { - /* - * BIO_printf(bio_err,"error setting default verify locations\n"); diff --git a/dev-libs/openssl/files/openssl-1.0.2_beta2-ipv6.patch b/dev-libs/openssl/files/openssl-1.0.2_beta2-ipv6.patch deleted file mode 100644 index 8683d2829f..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2_beta2-ipv6.patch +++ /dev/null @@ -1,640 +0,0 @@ -http://rt.openssl.org/Ticket/Display.html?id=2051&user=guest&pass=guest - ---- openssl-1.0.2-beta2/apps/s_apps.h -+++ openssl-1.0.2-beta2/apps/s_apps.h -@@ -148,7 +148,7 @@ - #define PORT_STR "4433" - #define PROTOCOL "tcp" - --int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, int stype, unsigned char *context), unsigned char *context, int naccept); -+int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, int stype, unsigned char *context), unsigned char *context, int naccept, int use_ipv4, int use_ipv6); - #ifdef HEADER_X509_H - int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); - #endif -@@ -161,7 +161,7 @@ - int ssl_print_curves(BIO *out, SSL *s, int noshared); - #endif - int ssl_print_tmp_key(BIO *out, SSL *s); --int init_client(int *sock, char *server, int port, int type); -+int init_client(int *sock, char *server, int port, int type, int use_ipv4, int use_ipv6); - int should_retry(int i); - int extract_port(char *str, short *port_ptr); - int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p); ---- openssl-1.0.2-beta2/apps/s_client.c -+++ openssl-1.0.2-beta2/apps/s_client.c -@@ -288,6 +288,10 @@ - { - BIO_printf(bio_err,"usage: s_client args\n"); - BIO_printf(bio_err,"\n"); -+ BIO_printf(bio_err," -4 - use IPv4 only\n"); -+#if OPENSSL_USE_IPV6 -+ BIO_printf(bio_err," -6 - use IPv6 only\n"); -+#endif - BIO_printf(bio_err," -host host - use -connect instead\n"); - BIO_printf(bio_err," -port port - use -connect instead\n"); - BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); -@@ -595,6 +599,7 @@ - int sbuf_len,sbuf_off; - fd_set readfds,writefds; - short port=PORT; -+ int use_ipv4, use_ipv6; - int full_log=1; - char *host=SSL_HOST_NAME; - char *cert_file=NULL,*key_file=NULL,*chain_file=NULL; -@@ -647,7 +652,11 @@ - #endif - char *sess_in = NULL; - char *sess_out = NULL; -- struct sockaddr peer; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage peer; -+#else -+ struct sockaddr_in peer; -+#endif - int peerlen = sizeof(peer); - int enable_timeouts = 0 ; - long socket_mtu = 0; -@@ -674,6 +683,12 @@ - - meth=SSLv23_client_method(); - -+ use_ipv4 = 1; -+#if OPENSSL_USE_IPV6 -+ use_ipv6 = 1; -+#else -+ use_ipv6 = 0; -+#endif - apps_startup(); - c_Pause=0; - c_quiet=0; -@@ -1079,6 +1094,18 @@ - jpake_secret = *++argv; - } - #endif -+ else if (strcmp(*argv,"-4") == 0) -+ { -+ use_ipv4 = 1; -+ use_ipv6 = 0; -+ } -+#if OPENSSL_USE_IPV6 -+ else if (strcmp(*argv,"-6") == 0) -+ { -+ use_ipv4 = 0; -+ use_ipv6 = 1; -+ } -+#endif - else if (strcmp(*argv,"-use_srtp") == 0) - { - if (--argc < 1) goto bad; -@@ -1445,7 +1472,7 @@ - - re_start: - -- if (init_client(&s,host,port,socket_type) == 0) -+ if (init_client(&s,host,port,socket_type,use_ipv4,use_ipv6) == 0) - { - BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error()); - SHUTDOWN(s); -@@ -1471,7 +1498,7 @@ - { - - sbio=BIO_new_dgram(s,BIO_NOCLOSE); -- if (getsockname(s, &peer, (void *)&peerlen) < 0) -+ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0) - { - BIO_printf(bio_err, "getsockname:errno=%d\n", - get_last_socket_error()); ---- openssl-1.0.2-beta2/apps/s_server.c -+++ openssl-1.0.2-beta2/apps/s_server.c -@@ -584,6 +584,10 @@ - BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); - BIO_printf(bio_err," -alpn arg - set the advertised protocols for the ALPN extension (comma-separated list)\n"); - #endif -+ BIO_printf(bio_err," -4 - use IPv4 only\n"); -+#if OPENSSL_USE_IPV6 -+ BIO_printf(bio_err," -6 - use IPv6 only\n"); -+#endif - BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); - BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); - BIO_printf(bio_err," -status - respond to certificate status requests\n"); -@@ -1014,6 +1018,7 @@ - int state=0; - const SSL_METHOD *meth=NULL; - int socket_type=SOCK_STREAM; -+ int use_ipv4, use_ipv6; - ENGINE *e=NULL; - char *inrand=NULL; - int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; -@@ -1055,6 +1060,12 @@ - - meth=SSLv23_server_method(); - -+ use_ipv4 = 1; -+#if OPENSSL_USE_IPV6 -+ use_ipv6 = 1; -+#else -+ use_ipv6 = 0; -+#endif - local_argc=argc; - local_argv=argv; - -@@ -1493,6 +1504,18 @@ - jpake_secret = *(++argv); - } - #endif -+ else if (strcmp(*argv,"-4") == 0) -+ { -+ use_ipv4 = 1; -+ use_ipv6 = 0; -+ } -+#if OPENSSL_USE_IPV6 -+ else if (strcmp(*argv,"-6") == 0) -+ { -+ use_ipv4 = 0; -+ use_ipv6 = 1; -+ } -+#endif - else if (strcmp(*argv,"-use_srtp") == 0) - { - if (--argc < 1) goto bad; -@@ -2063,11 +2086,11 @@ - BIO_printf(bio_s_out,"ACCEPT\n"); - (void)BIO_flush(bio_s_out); - if (rev) -- do_server(port,socket_type,&accept_socket,rev_body, context, naccept); -+ do_server(port,socket_type,&accept_socket,rev_body, context, naccept, use_ipv4, use_ipv6); - else if (www) -- do_server(port,socket_type,&accept_socket,www_body, context, naccept); -+ do_server(port,socket_type,&accept_socket,www_body, context, naccept, use_ipv4, use_ipv6); - else -- do_server(port,socket_type,&accept_socket,sv_body, context, naccept); -+ do_server(port,socket_type,&accept_socket,sv_body, context, naccept, use_ipv4, use_ipv6); - print_stats(bio_s_out,ctx); - ret=0; - end: ---- openssl-1.0.2-beta2/apps/s_socket.c -+++ openssl-1.0.2-beta2/apps/s_socket.c -@@ -97,16 +97,16 @@ - #include "netdb.h" - #endif - --static struct hostent *GetHostByName(char *name); -+static struct hostent *GetHostByName(char *name, int domain); - #if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) - static void ssl_sock_cleanup(void); - #endif - static int ssl_sock_init(void); --static int init_client_ip(int *sock,unsigned char ip[4], int port, int type); --static int init_server(int *sock, int port, int type); --static int init_server_long(int *sock, int port,char *ip, int type); -+static int init_client_ip(int *sock,unsigned char *ip, int port, int type, int domain); -+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6); -+static int init_server_long(int *sock, int port,char *ip, int type, int use_ipv4, int use_ipv6); - static int do_accept(int acc_sock, int *sock, char **host); --static int host_ip(char *str, unsigned char ip[4]); -+static int host_ip(char *str, unsigned char *ip, int domain); - - #ifdef OPENSSL_SYS_WIN16 - #define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ -@@ -234,38 +234,68 @@ - return(1); - } - --int init_client(int *sock, char *host, int port, int type) -+int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6) - { -+#if OPENSSL_USE_IPV6 -+ unsigned char ip[16]; -+#else - unsigned char ip[4]; -+#endif - -- memset(ip, '\0', sizeof ip); -- if (!host_ip(host,&(ip[0]))) -- return 0; -- return init_client_ip(sock,ip,port,type); -- } -- --static int init_client_ip(int *sock, unsigned char ip[4], int port, int type) -- { -- unsigned long addr; -+ if (use_ipv4) -+ if (host_ip(host,ip,AF_INET)) -+ return(init_client_ip(sock,ip,port,type,AF_INET)); -+#if OPENSSL_USE_IPV6 -+ if (use_ipv6) -+ if (host_ip(host,ip,AF_INET6)) -+ return(init_client_ip(sock,ip,port,type,AF_INET6)); -+#endif -+ return 0; -+ } -+ -+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain) -+ { -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage them; -+ struct sockaddr_in *them_in = (struct sockaddr_in *)&them; -+ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them; -+#else - struct sockaddr_in them; -+ struct sockaddr_in *them_in = &them; -+#endif -+ socklen_t addr_len; - int s,i; - - if (!ssl_sock_init()) return(0); - - memset((char *)&them,0,sizeof(them)); -- them.sin_family=AF_INET; -- them.sin_port=htons((unsigned short)port); -- addr=(unsigned long) -- ((unsigned long)ip[0]<<24L)| -- ((unsigned long)ip[1]<<16L)| -- ((unsigned long)ip[2]<< 8L)| -- ((unsigned long)ip[3]); -- them.sin_addr.s_addr=htonl(addr); -+ if (domain == AF_INET) -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in); -+ them_in->sin_family=AF_INET; -+ them_in->sin_port=htons((unsigned short)port); -+#ifndef BIT_FIELD_LIMITS -+ memcpy(&them_in->sin_addr.s_addr, ip, 4); -+#else -+ memcpy(&them_in->sin_addr, ip, 4); -+#endif -+ } -+ else -+#if OPENSSL_USE_IPV6 -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in6); -+ them_in6->sin6_family=AF_INET6; -+ them_in6->sin6_port=htons((unsigned short)port); -+ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr)); -+ } -+#else -+ return(0); -+#endif - - if (type == SOCK_STREAM) -- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); -+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL); - else /* ( type == SOCK_DGRAM) */ -- s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP); -+ s=socket(domain,SOCK_DGRAM,IPPROTO_UDP); - - if (s == INVALID_SOCKET) { perror("socket"); return(0); } - -@@ -277,29 +307,27 @@ - if (i < 0) { closesocket(s); perror("keepalive"); return(0); } - } - #endif -- -- if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1) -+ if (connect(s,(struct sockaddr *)&them,addr_len) == -1) - { closesocket(s); perror("connect"); return(0); } - *sock=s; - return(1); - } - --int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, int stype, unsigned char *context), unsigned char *context, int naccept) -+int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, int stype, unsigned char *context), unsigned char *context, int naccept, int use_ipv4, int use_ipv6) - { - int sock; - char *name = NULL; - int accept_socket = 0; - int i; - -- if (!init_server(&accept_socket,port,type)) return(0); -- -+ if (!init_server(&accept_socket,port,type, use_ipv4, use_ipv6)) return(0); - if (ret != NULL) - { - *ret=accept_socket; - /* return(1);*/ - } -- for (;;) -- { -+ for (;;) -+ { - if (type==SOCK_STREAM) - { - if (do_accept(accept_socket,&sock,&name) == 0) -@@ -324,41 +352,88 @@ - } - } - --static int init_server_long(int *sock, int port, char *ip, int type) -+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6) - { - int ret=0; -+ int domain; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage server; -+ struct sockaddr_in *server_in = (struct sockaddr_in *)&server; -+ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server; -+#else - struct sockaddr_in server; -+ struct sockaddr_in *server_in = &server; -+#endif -+ socklen_t addr_len; - int s= -1; - -+ if (!use_ipv4 && !use_ipv6) -+ goto err; -+#if OPENSSL_USE_IPV6 -+ /* we are fine here */ -+#else -+ if (use_ipv6) -+ goto err; -+#endif - if (!ssl_sock_init()) return(0); - -- memset((char *)&server,0,sizeof(server)); -- server.sin_family=AF_INET; -- server.sin_port=htons((unsigned short)port); -- if (ip == NULL) -- server.sin_addr.s_addr=INADDR_ANY; -- else --/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ --#ifndef BIT_FIELD_LIMITS -- memcpy(&server.sin_addr.s_addr,ip,4); -+#if OPENSSL_USE_IPV6 -+ domain = use_ipv6 ? AF_INET6 : AF_INET; - #else -- memcpy(&server.sin_addr,ip,4); -+ domain = AF_INET; - #endif -- -- if (type == SOCK_STREAM) -- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); -- else /* type == SOCK_DGRAM */ -- s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP); -+ if (type == SOCK_STREAM) -+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL); -+ else /* type == SOCK_DGRAM */ -+ s=socket(domain, SOCK_DGRAM,IPPROTO_UDP); - - if (s == INVALID_SOCKET) goto err; - #if defined SOL_SOCKET && defined SO_REUSEADDR -+ { -+ int j = 1; -+ setsockopt(s, SOL_SOCKET, SO_REUSEADDR, -+ (void *) &j, sizeof j); -+ } -+#endif -+#if OPENSSL_USE_IPV6 -+ if ((use_ipv4 == 0) && (use_ipv6 == 1)) -+ { -+ const int on = 1; -+ -+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, -+ (const void *) &on, sizeof(int)); -+ } -+#endif -+ if (domain == AF_INET) -+ { -+ addr_len = (socklen_t)sizeof(struct sockaddr_in); -+ memset(server_in, 0, sizeof(struct sockaddr_in)); -+ server_in->sin_family=AF_INET; -+ server_in->sin_port = htons((unsigned short)port); -+ if (ip == NULL) -+ server_in->sin_addr.s_addr = htonl(INADDR_ANY); -+ else -+/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */ -+#ifndef BIT_FIELD_LIMITS -+ memcpy(&server_in->sin_addr.s_addr, ip, 4); -+#else -+ memcpy(&server_in->sin_addr, ip, 4); -+#endif -+ } -+#if OPENSSL_USE_IPV6 -+ else - { -- int j = 1; -- setsockopt(s, SOL_SOCKET, SO_REUSEADDR, -- (void *) &j, sizeof j); -+ addr_len = (socklen_t)sizeof(struct sockaddr_in6); -+ memset(server_in6, 0, sizeof(struct sockaddr_in6)); -+ server_in6->sin6_family = AF_INET6; -+ server_in6->sin6_port = htons((unsigned short)port); -+ if (ip == NULL) -+ server_in6->sin6_addr = in6addr_any; -+ else -+ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr)); - } - #endif -- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1) -+ if (bind(s, (struct sockaddr *)&server, addr_len) == -1) - { - #ifndef OPENSSL_SYS_WINDOWS - perror("bind"); -@@ -377,16 +452,23 @@ - return(ret); - } - --static int init_server(int *sock, int port, int type) -+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6) - { -- return(init_server_long(sock, port, NULL, type)); -+ return(init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6)); - } - - static int do_accept(int acc_sock, int *sock, char **host) - { - int ret; - struct hostent *h1,*h2; -- static struct sockaddr_in from; -+#if OPENSSL_USE_IPV6 -+ struct sockaddr_storage from; -+ struct sockaddr_in *from_in = (struct sockaddr_in *)&from; -+ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from; -+#else -+ struct sockaddr_in from; -+ struct sockaddr_in *from_in = &from; -+#endif - int len; - /* struct linger ling; */ - -@@ -433,13 +515,23 @@ - */ - - if (host == NULL) goto end; -+#if OPENSSL_USE_IPV6 -+ if (from.ss_family == AF_INET) -+#else -+ if (from.sin_family == AF_INET) -+#endif - #ifndef BIT_FIELD_LIMITS -- /* I should use WSAAsyncGetHostByName() under windows */ -- h1=gethostbyaddr((char *)&from.sin_addr.s_addr, -- sizeof(from.sin_addr.s_addr),AF_INET); -+ /* I should use WSAAsyncGetHostByName() under windows */ -+ h1=gethostbyaddr((char *)&from_in->sin_addr.s_addr, -+ sizeof(from_in->sin_addr.s_addr), AF_INET); - #else -- h1=gethostbyaddr((char *)&from.sin_addr, -- sizeof(struct in_addr),AF_INET); -+ h1=gethostbyaddr((char *)&from_in->sin_addr, -+ sizeof(struct in_addr), AF_INET); -+#endif -+#if OPENSSL_USE_IPV6 -+ else -+ h1=gethostbyaddr((char *)&from_in6->sin6_addr, -+ sizeof(struct in6_addr), AF_INET6); - #endif - if (h1 == NULL) - { -@@ -457,16 +549,24 @@ - } - BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1); - -- h2=GetHostByName(*host); -+#if OPENSSL_USE_IPV6 -+ h2=GetHostByName(*host, from.ss_family); -+#else -+ h2=GetHostByName(*host, from.sin_family); -+#endif - if (h2 == NULL) - { - BIO_printf(bio_err,"gethostbyname failure\n"); - closesocket(ret); - return(0); - } -- if (h2->h_addrtype != AF_INET) -+#if OPENSSL_USE_IPV6 -+ if (h2->h_addrtype != from.ss_family) -+#else -+ if (h2->h_addrtype != from.sin_family) -+#endif - { -- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); -+ BIO_printf(bio_err,"gethostbyname addr is not correct\n"); - closesocket(ret); - return(0); - } -@@ -482,7 +582,7 @@ - char *h,*p; - - h=str; -- p=strchr(str,':'); -+ p=strrchr(str,':'); - if (p == NULL) - { - BIO_printf(bio_err,"no port defined\n"); -@@ -490,7 +590,7 @@ - } - *(p++)='\0'; - -- if ((ip != NULL) && !host_ip(str,ip)) -+ if ((ip != NULL) && !host_ip(str,ip,AF_INET)) - goto err; - if (host_ptr != NULL) *host_ptr=h; - -@@ -501,48 +601,58 @@ - return(0); - } - --static int host_ip(char *str, unsigned char ip[4]) -+static int host_ip(char *str, unsigned char *ip, int domain) - { -- unsigned int in[4]; -+ unsigned int in[4]; -+ unsigned long l; - int i; - -- if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4) -+ if ((domain == AF_INET) && -+ (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)) - { -+ - for (i=0; i<4; i++) - if (in[i] > 255) - { - BIO_printf(bio_err,"invalid IP address\n"); - goto err; - } -- ip[0]=in[0]; -- ip[1]=in[1]; -- ip[2]=in[2]; -- ip[3]=in[3]; -- } -+ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]); -+ memcpy(ip, &l, 4); -+ return 1; -+ } -+#if OPENSSL_USE_IPV6 -+ else if ((domain == AF_INET6) && -+ (inet_pton(AF_INET6, str, ip) == 1)) -+ return 1; -+#endif - else - { /* do a gethostbyname */ - struct hostent *he; - - if (!ssl_sock_init()) return(0); - -- he=GetHostByName(str); -+ he=GetHostByName(str,domain); - if (he == NULL) - { - BIO_printf(bio_err,"gethostbyname failure\n"); - goto err; - } - /* cast to short because of win16 winsock definition */ -- if ((short)he->h_addrtype != AF_INET) -+ if ((short)he->h_addrtype != domain) - { -- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); -+ BIO_printf(bio_err,"gethostbyname addr family is not correct\n"); - return(0); - } -- ip[0]=he->h_addr_list[0][0]; -- ip[1]=he->h_addr_list[0][1]; -- ip[2]=he->h_addr_list[0][2]; -- ip[3]=he->h_addr_list[0][3]; -+ if (domain == AF_INET) -+ memset(ip, 0, 4); -+#if OPENSSL_USE_IPV6 -+ else -+ memset(ip, 0, 16); -+#endif -+ memcpy(ip, he->h_addr_list[0], he->h_length); -+ return 1; - } -- return(1); - err: - return(0); - } -@@ -579,7 +689,7 @@ - static unsigned long ghbn_hits=0L; - static unsigned long ghbn_miss=0L; - --static struct hostent *GetHostByName(char *name) -+static struct hostent *GetHostByName(char *name, int domain) - { - struct hostent *ret; - int i,lowi=0; -@@ -594,14 +704,20 @@ - } - if (ghbn_cache[i].order > 0) - { -- if (strncmp(name,ghbn_cache[i].name,128) == 0) -+ if ((strncmp(name,ghbn_cache[i].name,128) == 0) && -+ (ghbn_cache[i].ent.h_addrtype == domain)) - break; - } - } - if (i == GHBN_NUM) /* no hit*/ - { - ghbn_miss++; -- ret=gethostbyname(name); -+ if (domain == AF_INET) -+ ret=gethostbyname(name); -+#if OPENSSL_USE_IPV6 -+ else -+ ret=gethostbyname2(name, AF_INET6); -+#endif - if (ret == NULL) return(NULL); - /* else add to cache */ - if(strlen(name) < sizeof ghbn_cache[0].name) diff --git a/dev-libs/openssl/files/openssl-1.0.2a-malloc-typo.patch b/dev-libs/openssl/files/openssl-1.0.2a-malloc-typo.patch deleted file mode 100644 index 831e5759a2..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2a-malloc-typo.patch +++ /dev/null @@ -1,38 +0,0 @@ -https://rt.openssl.org/Ticket/Display.html?id=3758 - -From 7b4152089fe39c3495508076ab81ed4aca3d65ba Mon Sep 17 00:00:00 2001 -From: Mike Frysinger -Date: Sat, 21 Mar 2015 05:08:41 -0400 -Subject: [PATCH] fix malloc define typo - -Reported-by: Conrad Kostecki -URL: https://bugs.gentoo.org/543828 ---- - crypto/bio/bss_dgram.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c -index aef8149..ed275d1 100644 ---- a/crypto/bio/bss_dgram.c -+++ b/crypto/bio/bss_dgram.c -@@ -1338,7 +1338,7 @@ static int dgram_sctp_read(BIO *b, char *out, int outl) - (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t)); - authchunks = OPENSSL_malloc(optlen); - if (!authchunks) { -- BIOerr(BIO_F_DGRAM_SCTP_READ, ERR_R_MALLOC_ERROR); -+ BIOerr(BIO_F_DGRAM_SCTP_READ, ERR_R_MALLOC_FAILURE); - return -1; - } - memset(authchunks, 0, optlen); -@@ -1410,7 +1410,7 @@ static int dgram_sctp_write(BIO *b, const char *in, int inl) - char *tmp; - data->saved_message.bio = b; - if(!(tmp = OPENSSL_malloc(inl))) { -- BIOerr(BIO_F_DGRAM_SCTP_WRITE, ERR_R_MALLOC_ERROR); -+ BIOerr(BIO_F_DGRAM_SCTP_WRITE, ERR_R_MALLOC_FAILURE); - return -1; - } - if (data->saved_message.data) --- -2.3.3 - diff --git a/dev-libs/openssl/files/openssl-1.0.2a-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.2a-parallel-build.patch deleted file mode 100644 index f4226c3b6d..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2a-parallel-build.patch +++ /dev/null @@ -1,314 +0,0 @@ -https://rt.openssl.org/Ticket/Display.html?id=2084&user=guest&pass=guest -https://rt.openssl.org/Ticket/Display.html?id=3738&user=guest&pass=guest - ---- openssl-1.0.2a/crypto/Makefile -+++ openssl-1.0.2a/crypto/Makefile -@@ -85,11 +85,11 @@ - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - - subdirs: -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO -- @target=files; $(RECURSIVE_MAKE) -+ +@target=files; $(RECURSIVE_MAKE) - - links: - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) -@@ -100,7 +100,7 @@ - # lib: $(LIB): are splitted to avoid end-less loop - lib: $(LIB) - @touch lib --$(LIB): $(LIBOBJ) -+$(LIB): $(LIBOBJ) | subdirs - $(AR) $(LIB) $(LIBOBJ) - test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o - $(RANLIB) $(LIB) || echo Never mind. -@@ -111,7 +111,7 @@ - fi - - libs: -- @target=lib; $(RECURSIVE_MAKE) -+ +@target=lib; $(RECURSIVE_MAKE) - - install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... -@@ -120,7 +120,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - lint: - @target=lint; $(RECURSIVE_MAKE) ---- openssl-1.0.2a/engines/Makefile -+++ openssl-1.0.2a/engines/Makefile -@@ -72,7 +72,7 @@ - - all: lib subdirs - --lib: $(LIBOBJ) -+lib: $(LIBOBJ) | subdirs - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - for l in $(LIBNAMES); do \ -@@ -89,7 +89,7 @@ - - subdirs: - echo $(EDIRS) -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO -@@ -128,7 +128,7 @@ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ - done; \ - fi -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - tags: - ctags $(SRC) ---- openssl-1.0.2a/Makefile.org -+++ openssl-1.0.2a/Makefile.org -@@ -274,17 +274,17 @@ - build_libs: build_crypto build_ssl build_engines - - build_crypto: -- @dir=crypto; target=all; $(BUILD_ONE_CMD) -+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) --build_ssl: -+build_ssl: build_crypto -- @dir=ssl; target=all; $(BUILD_ONE_CMD) -+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) --build_engines: -+build_engines: build_crypto -- @dir=engines; target=all; $(BUILD_ONE_CMD) -+ +@dir=engines; target=all; $(BUILD_ONE_CMD) --build_apps: -+build_apps: build_libs -- @dir=apps; target=all; $(BUILD_ONE_CMD) -+ +@dir=apps; target=all; $(BUILD_ONE_CMD) --build_tests: -+build_tests: build_libs -- @dir=test; target=all; $(BUILD_ONE_CMD) -+ +@dir=test; target=all; $(BUILD_ONE_CMD) --build_tools: -+build_tools: build_libs -- @dir=tools; target=all; $(BUILD_ONE_CMD) -+ +@dir=tools; target=all; $(BUILD_ONE_CMD) - - all_testapps: build_libs build_testapps - build_testapps: -@@ -555,7 +555,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @set -e; target=install; $(RECURSIVE_BUILD_CMD) -+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) - @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ - do \ - if [ -f "$$i" ]; then \ ---- openssl-1.0.2a/Makefile.shared -+++ openssl-1.0.2a/Makefile.shared -@@ -105,6 +105,7 @@ - SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ - LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ - LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ -+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ - $${SHAREDCMD} $${SHAREDFLAGS} \ - -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ -@@ -122,6 +123,7 @@ - done; \ - fi; \ - if [ -n "$$SHLIB_SOVER" ]; then \ -+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ - ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ - ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ - fi; \ ---- openssl-1.0.2a/test/Makefile -+++ openssl-1.0.2a/test/Makefile -@@ -133,7 +133,7 @@ - tags: - ctags $(SRC) - --tests: exe apps $(TESTS) -+tests: exe $(TESTS) - - apps: - @(cd ..; $(MAKE) DIRS=apps all) -@@ -402,121 +402,121 @@ - link_app.$${shlib_target} - - $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) -- @target=$(RSATEST); $(BUILD_CMD) -+ +@target=$(RSATEST); $(BUILD_CMD) - - $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) -- @target=$(BNTEST); $(BUILD_CMD) -+ +@target=$(BNTEST); $(BUILD_CMD) - - $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) -- @target=$(ECTEST); $(BUILD_CMD) -+ +@target=$(ECTEST); $(BUILD_CMD) - - $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) -- @target=$(EXPTEST); $(BUILD_CMD) -+ +@target=$(EXPTEST); $(BUILD_CMD) - - $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) -- @target=$(IDEATEST); $(BUILD_CMD) -+ +@target=$(IDEATEST); $(BUILD_CMD) - - $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) -- @target=$(MD2TEST); $(BUILD_CMD) -+ +@target=$(MD2TEST); $(BUILD_CMD) - - $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) -- @target=$(SHATEST); $(BUILD_CMD) -+ +@target=$(SHATEST); $(BUILD_CMD) - - $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) -- @target=$(SHA1TEST); $(BUILD_CMD) -+ +@target=$(SHA1TEST); $(BUILD_CMD) - - $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) -- @target=$(SHA256TEST); $(BUILD_CMD) -+ +@target=$(SHA256TEST); $(BUILD_CMD) - - $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) -- @target=$(SHA512TEST); $(BUILD_CMD) -+ +@target=$(SHA512TEST); $(BUILD_CMD) - - $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) -- @target=$(RMDTEST); $(BUILD_CMD) -+ +@target=$(RMDTEST); $(BUILD_CMD) - - $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) -- @target=$(MDC2TEST); $(BUILD_CMD) -+ +@target=$(MDC2TEST); $(BUILD_CMD) - - $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) -- @target=$(MD4TEST); $(BUILD_CMD) -+ +@target=$(MD4TEST); $(BUILD_CMD) - - $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) -- @target=$(MD5TEST); $(BUILD_CMD) -+ +@target=$(MD5TEST); $(BUILD_CMD) - - $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) -- @target=$(HMACTEST); $(BUILD_CMD) -+ +@target=$(HMACTEST); $(BUILD_CMD) - - $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) -- @target=$(WPTEST); $(BUILD_CMD) -+ +@target=$(WPTEST); $(BUILD_CMD) - - $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) -- @target=$(RC2TEST); $(BUILD_CMD) -+ +@target=$(RC2TEST); $(BUILD_CMD) - - $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) -- @target=$(BFTEST); $(BUILD_CMD) -+ +@target=$(BFTEST); $(BUILD_CMD) - - $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) -- @target=$(CASTTEST); $(BUILD_CMD) -+ +@target=$(CASTTEST); $(BUILD_CMD) - - $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) -- @target=$(RC4TEST); $(BUILD_CMD) -+ +@target=$(RC4TEST); $(BUILD_CMD) - - $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) -- @target=$(RC5TEST); $(BUILD_CMD) -+ +@target=$(RC5TEST); $(BUILD_CMD) - - $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) -- @target=$(DESTEST); $(BUILD_CMD) -+ +@target=$(DESTEST); $(BUILD_CMD) - - $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) -- @target=$(RANDTEST); $(BUILD_CMD) -+ +@target=$(RANDTEST); $(BUILD_CMD) - - $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) -- @target=$(DHTEST); $(BUILD_CMD) -+ +@target=$(DHTEST); $(BUILD_CMD) - - $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) -- @target=$(DSATEST); $(BUILD_CMD) -+ +@target=$(DSATEST); $(BUILD_CMD) - - $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) -- @target=$(METHTEST); $(BUILD_CMD) -+ +@target=$(METHTEST); $(BUILD_CMD) - - $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) -- @target=$(SSLTEST); $(FIPS_BUILD_CMD) -+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) - - $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) -- @target=$(ENGINETEST); $(BUILD_CMD) -+ +@target=$(ENGINETEST); $(BUILD_CMD) - - $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) -- @target=$(EVPTEST); $(BUILD_CMD) -+ +@target=$(EVPTEST); $(BUILD_CMD) - - $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO) -- @target=$(EVPEXTRATEST); $(BUILD_CMD) -+ +@target=$(EVPEXTRATEST); $(BUILD_CMD) - - $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) -- @target=$(ECDSATEST); $(BUILD_CMD) -+ +@target=$(ECDSATEST); $(BUILD_CMD) - - $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) -- @target=$(ECDHTEST); $(BUILD_CMD) -+ +@target=$(ECDHTEST); $(BUILD_CMD) - - $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) -- @target=$(IGETEST); $(BUILD_CMD) -+ +@target=$(IGETEST); $(BUILD_CMD) - - $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) -- @target=$(JPAKETEST); $(BUILD_CMD) -+ +@target=$(JPAKETEST); $(BUILD_CMD) - - $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) -- @target=$(ASN1TEST); $(BUILD_CMD) -+ +@target=$(ASN1TEST); $(BUILD_CMD) - - $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) -- @target=$(SRPTEST); $(BUILD_CMD) -+ +@target=$(SRPTEST); $(BUILD_CMD) - - $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO) -- @target=$(V3NAMETEST); $(BUILD_CMD) -+ +@target=$(V3NAMETEST); $(BUILD_CMD) - - $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO) -- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) -+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) - - $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o -- @target=$(CONSTTIMETEST) $(BUILD_CMD) -+ +@target=$(CONSTTIMETEST) $(BUILD_CMD) - - #$(AESTEST).o: $(AESTEST).c - # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c -@@ -529,7 +529,7 @@ - # fi - - dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) -- @target=dummytest; $(BUILD_CMD) -+ +@target=dummytest; $(BUILD_CMD) - - # DO NOT DELETE THIS LINE -- make depend depends on it. - diff --git a/dev-libs/openssl/files/openssl-1.0.2a-parallel-install-dirs.patch b/dev-libs/openssl/files/openssl-1.0.2a-parallel-install-dirs.patch deleted file mode 100644 index 0198818c5f..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2a-parallel-install-dirs.patch +++ /dev/null @@ -1,64 +0,0 @@ -https://rt.openssl.org/Ticket/Display.html?id=3736&user=guest&pass=guest - -From aba899f2eca21e11e5e9797bf8258e7265dea9f5 Mon Sep 17 00:00:00 2001 -From: Mike Frysinger -Date: Sun, 8 Mar 2015 01:32:01 -0500 -Subject: [PATCH] fix parallel install with dir creation - -The mkdir-p.pl does not handle parallel creation of directories. -This comes up when the install_sw and install_docs rules run and -both call mkdir-p.pl on sibling directory trees. - -Instead, lets create a single install_dirs rule that makes all of -the dirs we need, and have these two install steps depend on that. ---- - Makefile.org | 17 +++++++++-------- - 1 file changed, 9 insertions(+), 8 deletions(-) - -diff --git a/Makefile.org b/Makefile.org -index a6d9471..78e6143 100644 ---- a/Makefile.org -+++ b/Makefile.org -@@ -536,9 +536,9 @@ - dist_pem_h: - (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) - --install: all install_docs install_sw -+install: install_docs install_sw - --install_sw: -+install_dirs: - @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ - $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ - $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ -@@ -547,6 +547,13 @@ - $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ - $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ - $(INSTALL_PREFIX)$(OPENSSLDIR)/private -+ @$(PERL) $(TOP)/util/mkdir-p.pl \ -+ $(INSTALL_PREFIX)$(MANDIR)/man1 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man3 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man5 \ -+ $(INSTALL_PREFIX)$(MANDIR)/man7 -+ -+install_sw: install_dirs - @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ -@@ -636,12 +643,7 @@ - done; \ - done - --install_docs: -- @$(PERL) $(TOP)/util/mkdir-p.pl \ -- $(INSTALL_PREFIX)$(MANDIR)/man1 \ -- $(INSTALL_PREFIX)$(MANDIR)/man3 \ -- $(INSTALL_PREFIX)$(MANDIR)/man5 \ -- $(INSTALL_PREFIX)$(MANDIR)/man7 -+install_docs: install_dirs - @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \ - here="`pwd`"; \ - filecase=; \ --- -2.3.4 - diff --git a/dev-libs/openssl/files/openssl-1.0.2a-parallel-obj-headers.patch b/dev-libs/openssl/files/openssl-1.0.2a-parallel-obj-headers.patch deleted file mode 100644 index a7d6f4effe..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2a-parallel-obj-headers.patch +++ /dev/null @@ -1,37 +0,0 @@ -https://rt.openssl.org/Ticket/Display.html?id=3737&user=guest&pass=guest - -From ce279d4361e07e9af9ceca8a6e326e661758ad53 Mon Sep 17 00:00:00 2001 -From: Mike Frysinger -Date: Sun, 8 Mar 2015 01:34:48 -0500 -Subject: [PATCH] fix parallel generation of obj headers - -The current code has dummy sleep/touch commands to try and work -around the parallel issue, but that is obviously racy. Instead -lets force one of the files to depend on the other so we know -they'll never run in parallel. ---- - crypto/objects/Makefile | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/crypto/objects/Makefile b/crypto/objects/Makefile -index ad2db1e..7d32504 100644 ---- a/crypto/objects/Makefile -+++ b/crypto/objects/Makefile -@@ -44,11 +44,11 @@ - # objects.pl both reads and writes obj_mac.num - obj_mac.h: objects.pl objects.txt obj_mac.num - $(PERL) objects.pl objects.txt obj_mac.num obj_mac.h -- @sleep 1; touch obj_mac.h; sleep 1 - --obj_xref.h: objxref.pl obj_xref.txt obj_mac.num -+# This doesn't really need obj_mac.h, but since that rule reads & writes -+# obj_mac.num, we can't run in parallel with it. -+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h - $(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h -- @sleep 1; touch obj_xref.h; sleep 1 - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO --- -2.3.4 - diff --git a/dev-libs/openssl/files/openssl-1.0.2a-parallel-symlinking.patch b/dev-libs/openssl/files/openssl-1.0.2a-parallel-symlinking.patch deleted file mode 100644 index f2be696b10..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2a-parallel-symlinking.patch +++ /dev/null @@ -1,63 +0,0 @@ -https://rt.openssl.org/Ticket/Display.html?id=3780&user=guest&pass=guest - -From cc81af135bda47eaa6956a0329cbbc55bf993ac1 Mon Sep 17 00:00:00 2001 -From: Mike Frysinger -Date: Fri, 3 Apr 2015 01:16:23 -0400 -Subject: [PATCH] fix race when symlink shareds libs - -When the crypto/ssl targets attempt to build their shared libs, they run: - cd ..; make libcrypto.so.1.0.0 -The top level Makefile in turn runs the build-shared target for that lib. - -The build-shared target depends on both do_$(SHLIB_TARGET) & link-shared. -When building in parallel, make is allowed to run both of these. They -both run Makefile.shared for their respective targets: -do_$(SHLIB_TARGET) -> - link_a.linux-shared -> - link_a.gnu -> - ...; $(LINK_SO_A) -> - $(LINK_SO) -> - $(SYMLINK_SO) -link-shared -> - symlink.linux-shared -> - symlink.gnu -> - ...; $(SYMLINK_SO) - -The shell code for SYMLINK_SO attempts to do a [ -e lib ] check, but fails -basic TOCTOU semantics. Depending on the load, that means two processes -will run the sequence: - rm -f libcrypto.so - ln -s libcrypto.so.1.0.0 libcrypto.so - -Which obviously fails: - ln: failed to create symbolic link 'libcrypto.so': File exists - -Since we know do_$(SHLIB_TARGET) will create the symlink for us, don't -bother depending on link-shared at all in the top level Makefile when -building things. - -Reported-by: Martin von Gagern -URL: https://bugs.gentoo.org/545028 ---- - Makefile.org | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/Makefile.org b/Makefile.org -index 890bfe4..576c60e 100644 ---- a/Makefile.org -+++ b/Makefile.org -@@ -350,7 +350,10 @@ link-shared: - libs="$$libs -l$$i"; \ - done - --build-shared: do_$(SHLIB_TARGET) link-shared -+# The link target in Makefile.shared will create the symlink for us, so no need -+# to call link-shared directly. Doing so will cause races with two processes -+# trying to symlink the lib. -+build-shared: do_$(SHLIB_TARGET) - - do_$(SHLIB_TARGET): - @ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \ --- -2.3.4 - diff --git a/dev-libs/openssl/files/openssl-1.0.2d-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.2d-parallel-build.patch deleted file mode 100644 index b7aa0ea809..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2d-parallel-build.patch +++ /dev/null @@ -1,309 +0,0 @@ -https://rt.openssl.org/Ticket/Display.html?id=2084&user=guest&pass=guest -https://rt.openssl.org/Ticket/Display.html?id=3738&user=guest&pass=guest - ---- openssl-1.0.2d/crypto/Makefile -+++ openssl-1.0.2d/crypto/Makefile -@@ -85,11 +85,11 @@ - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - - subdirs: -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO -- @target=files; $(RECURSIVE_MAKE) -+ +@target=files; $(RECURSIVE_MAKE) - - links: - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) -@@ -100,7 +100,7 @@ - # lib: $(LIB): are splitted to avoid end-less loop - lib: $(LIB) - @touch lib --$(LIB): $(LIBOBJ) -+$(LIB): $(LIBOBJ) | subdirs - $(AR) $(LIB) $(LIBOBJ) - test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o - $(RANLIB) $(LIB) || echo Never mind. -@@ -111,7 +111,7 @@ - fi - - libs: -- @target=lib; $(RECURSIVE_MAKE) -+ +@target=lib; $(RECURSIVE_MAKE) - - install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... -@@ -120,7 +120,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - lint: - @target=lint; $(RECURSIVE_MAKE) ---- openssl-1.0.2d/engines/Makefile -+++ openssl-1.0.2d/engines/Makefile -@@ -72,7 +72,7 @@ - - all: lib subdirs - --lib: $(LIBOBJ) -+lib: $(LIBOBJ) | subdirs - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - for l in $(LIBNAMES); do \ -@@ -89,7 +89,7 @@ - - subdirs: - echo $(EDIRS) -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO -@@ -128,7 +128,7 @@ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ - done; \ - fi -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - tags: - ctags $(SRC) ---- openssl-1.0.2d/Makefile.org -+++ openssl-1.0.2d/Makefile.org -@@ -274,17 +274,17 @@ - build_libs: build_crypto build_ssl build_engines - - build_crypto: -- @dir=crypto; target=all; $(BUILD_ONE_CMD) -+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) - build_ssl: build_crypto -- @dir=ssl; target=all; $(BUILD_ONE_CMD) -+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) - build_engines: build_crypto -- @dir=engines; target=all; $(BUILD_ONE_CMD) -+ +@dir=engines; target=all; $(BUILD_ONE_CMD) - build_apps: build_libs -- @dir=apps; target=all; $(BUILD_ONE_CMD) -+ +@dir=apps; target=all; $(BUILD_ONE_CMD) - build_tests: build_libs -- @dir=test; target=all; $(BUILD_ONE_CMD) -+ +@dir=test; target=all; $(BUILD_ONE_CMD) - build_tools: build_libs -- @dir=tools; target=all; $(BUILD_ONE_CMD) -+ +@dir=tools; target=all; $(BUILD_ONE_CMD) - - all_testapps: build_libs build_testapps - build_testapps: -@@ -555,7 +555,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @set -e; target=install; $(RECURSIVE_BUILD_CMD) -+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) - @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ - do \ - if [ -f "$$i" ]; then \ ---- openssl-1.0.2d/Makefile.shared -+++ openssl-1.0.2d/Makefile.shared -@@ -105,6 +105,7 @@ - SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ - LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ - LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ -+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ - $${SHAREDCMD} $${SHAREDFLAGS} \ - -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ -@@ -122,6 +123,7 @@ - done; \ - fi; \ - if [ -n "$$SHLIB_SOVER" ]; then \ -+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ - ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ - ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ - fi; \ ---- openssl-1.0.2d/test/Makefile -+++ openssl-1.0.2d/test/Makefile -@@ -133,7 +133,7 @@ - tags: - ctags $(SRC) - --tests: exe apps $(TESTS) -+tests: exe $(TESTS) - - apps: - @(cd ..; $(MAKE) DIRS=apps all) -@@ -402,121 +402,121 @@ - link_app.$${shlib_target} - - $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) -- @target=$(RSATEST); $(BUILD_CMD) -+ +@target=$(RSATEST); $(BUILD_CMD) - - $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) -- @target=$(BNTEST); $(BUILD_CMD) -+ +@target=$(BNTEST); $(BUILD_CMD) - - $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) -- @target=$(ECTEST); $(BUILD_CMD) -+ +@target=$(ECTEST); $(BUILD_CMD) - - $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) -- @target=$(EXPTEST); $(BUILD_CMD) -+ +@target=$(EXPTEST); $(BUILD_CMD) - - $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) -- @target=$(IDEATEST); $(BUILD_CMD) -+ +@target=$(IDEATEST); $(BUILD_CMD) - - $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) -- @target=$(MD2TEST); $(BUILD_CMD) -+ +@target=$(MD2TEST); $(BUILD_CMD) - - $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) -- @target=$(SHATEST); $(BUILD_CMD) -+ +@target=$(SHATEST); $(BUILD_CMD) - - $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) -- @target=$(SHA1TEST); $(BUILD_CMD) -+ +@target=$(SHA1TEST); $(BUILD_CMD) - - $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) -- @target=$(SHA256TEST); $(BUILD_CMD) -+ +@target=$(SHA256TEST); $(BUILD_CMD) - - $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) -- @target=$(SHA512TEST); $(BUILD_CMD) -+ +@target=$(SHA512TEST); $(BUILD_CMD) - - $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) -- @target=$(RMDTEST); $(BUILD_CMD) -+ +@target=$(RMDTEST); $(BUILD_CMD) - - $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) -- @target=$(MDC2TEST); $(BUILD_CMD) -+ +@target=$(MDC2TEST); $(BUILD_CMD) - - $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) -- @target=$(MD4TEST); $(BUILD_CMD) -+ +@target=$(MD4TEST); $(BUILD_CMD) - - $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) -- @target=$(MD5TEST); $(BUILD_CMD) -+ +@target=$(MD5TEST); $(BUILD_CMD) - - $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) -- @target=$(HMACTEST); $(BUILD_CMD) -+ +@target=$(HMACTEST); $(BUILD_CMD) - - $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) -- @target=$(WPTEST); $(BUILD_CMD) -+ +@target=$(WPTEST); $(BUILD_CMD) - - $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) -- @target=$(RC2TEST); $(BUILD_CMD) -+ +@target=$(RC2TEST); $(BUILD_CMD) - - $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) -- @target=$(BFTEST); $(BUILD_CMD) -+ +@target=$(BFTEST); $(BUILD_CMD) - - $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) -- @target=$(CASTTEST); $(BUILD_CMD) -+ +@target=$(CASTTEST); $(BUILD_CMD) - - $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) -- @target=$(RC4TEST); $(BUILD_CMD) -+ +@target=$(RC4TEST); $(BUILD_CMD) - - $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) -- @target=$(RC5TEST); $(BUILD_CMD) -+ +@target=$(RC5TEST); $(BUILD_CMD) - - $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) -- @target=$(DESTEST); $(BUILD_CMD) -+ +@target=$(DESTEST); $(BUILD_CMD) - - $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) -- @target=$(RANDTEST); $(BUILD_CMD) -+ +@target=$(RANDTEST); $(BUILD_CMD) - - $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) -- @target=$(DHTEST); $(BUILD_CMD) -+ +@target=$(DHTEST); $(BUILD_CMD) - - $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) -- @target=$(DSATEST); $(BUILD_CMD) -+ +@target=$(DSATEST); $(BUILD_CMD) - - $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) -- @target=$(METHTEST); $(BUILD_CMD) -+ +@target=$(METHTEST); $(BUILD_CMD) - - $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) -- @target=$(SSLTEST); $(FIPS_BUILD_CMD) -+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) - - $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) -- @target=$(ENGINETEST); $(BUILD_CMD) -+ +@target=$(ENGINETEST); $(BUILD_CMD) - - $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) -- @target=$(EVPTEST); $(BUILD_CMD) -+ +@target=$(EVPTEST); $(BUILD_CMD) - - $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO) -- @target=$(EVPEXTRATEST); $(BUILD_CMD) -+ +@target=$(EVPEXTRATEST); $(BUILD_CMD) - - $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) -- @target=$(ECDSATEST); $(BUILD_CMD) -+ +@target=$(ECDSATEST); $(BUILD_CMD) - - $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) -- @target=$(ECDHTEST); $(BUILD_CMD) -+ +@target=$(ECDHTEST); $(BUILD_CMD) - - $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) -- @target=$(IGETEST); $(BUILD_CMD) -+ +@target=$(IGETEST); $(BUILD_CMD) - - $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) -- @target=$(JPAKETEST); $(BUILD_CMD) -+ +@target=$(JPAKETEST); $(BUILD_CMD) - - $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) -- @target=$(ASN1TEST); $(BUILD_CMD) -+ +@target=$(ASN1TEST); $(BUILD_CMD) - - $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) -- @target=$(SRPTEST); $(BUILD_CMD) -+ +@target=$(SRPTEST); $(BUILD_CMD) - - $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO) -- @target=$(V3NAMETEST); $(BUILD_CMD) -+ +@target=$(V3NAMETEST); $(BUILD_CMD) - - $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO) -- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) -+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) - - $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o -- @target=$(CONSTTIMETEST) $(BUILD_CMD) -+ +@target=$(CONSTTIMETEST) $(BUILD_CMD) - - #$(AESTEST).o: $(AESTEST).c - # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c -@@ -529,7 +529,7 @@ - # fi - - dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) -- @target=dummytest; $(BUILD_CMD) -+ +@target=dummytest; $(BUILD_CMD) - - # DO NOT DELETE THIS LINE -- make depend depends on it. - diff --git a/dev-libs/openssl/files/openssl-1.0.2e-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.2e-parallel-build.patch deleted file mode 100644 index 53d4baa764..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2e-parallel-build.patch +++ /dev/null @@ -1,314 +0,0 @@ ---- openssl-1.0.2e/crypto/Makefile -+++ openssl-1.0.2e/crypto/Makefile -@@ -85,11 +85,11 @@ - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - - subdirs: -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO -- @target=files; $(RECURSIVE_MAKE) -+ +@target=files; $(RECURSIVE_MAKE) - - links: - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) -@@ -100,7 +100,7 @@ - # lib: $(LIB): are splitted to avoid end-less loop - lib: $(LIB) - @touch lib --$(LIB): $(LIBOBJ) -+$(LIB): $(LIBOBJ) | subdirs - $(AR) $(LIB) $(LIBOBJ) - test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o - $(RANLIB) $(LIB) || echo Never mind. -@@ -111,7 +111,7 @@ - fi - - libs: -- @target=lib; $(RECURSIVE_MAKE) -+ +@target=lib; $(RECURSIVE_MAKE) - - install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... -@@ -120,7 +120,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - lint: - @target=lint; $(RECURSIVE_MAKE) ---- openssl-1.0.2e/engines/Makefile -+++ openssl-1.0.2e/engines/Makefile -@@ -72,7 +72,7 @@ - - all: lib subdirs - --lib: $(LIBOBJ) -+lib: $(LIBOBJ) | subdirs - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - for l in $(LIBNAMES); do \ -@@ -89,7 +89,7 @@ - - subdirs: - echo $(EDIRS) -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO -@@ -128,7 +128,7 @@ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ - done; \ - fi -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - tags: - ctags $(SRC) ---- openssl-1.0.2e/Makefile.org -+++ openssl-1.0.2e/Makefile.org -@@ -280,17 +280,17 @@ - build_libssl: build_ssl libssl.pc - - build_crypto: -- @dir=crypto; target=all; $(BUILD_ONE_CMD) -+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) - build_ssl: build_crypto -- @dir=ssl; target=all; $(BUILD_ONE_CMD) -+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) - build_engines: build_crypto -- @dir=engines; target=all; $(BUILD_ONE_CMD) -+ +@dir=engines; target=all; $(BUILD_ONE_CMD) - build_apps: build_libs -- @dir=apps; target=all; $(BUILD_ONE_CMD) -+ +@dir=apps; target=all; $(BUILD_ONE_CMD) - build_tests: build_libs -- @dir=test; target=all; $(BUILD_ONE_CMD) -+ +@dir=test; target=all; $(BUILD_ONE_CMD) - build_tools: build_libs -- @dir=tools; target=all; $(BUILD_ONE_CMD) -+ +@dir=tools; target=all; $(BUILD_ONE_CMD) - - all_testapps: build_libs build_testapps - build_testapps: -@@ -548,7 +548,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @set -e; target=install; $(RECURSIVE_BUILD_CMD) -+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) - @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ - do \ - if [ -f "$$i" ]; then \ ---- openssl-1.0.2e/Makefile.shared -+++ openssl-1.0.2e/Makefile.shared -@@ -105,6 +105,7 @@ - SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ - LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ - LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ -+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ - $${SHAREDCMD} $${SHAREDFLAGS} \ - -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ -@@ -122,6 +123,7 @@ - done; \ - fi; \ - if [ -n "$$SHLIB_SOVER" ]; then \ -+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ - ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ - ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ - fi; \ ---- openssl-1.0.2e/test/Makefile -+++ openssl-1.0.2e/test/Makefile -@@ -138,7 +138,7 @@ - tags: - ctags $(SRC) - --tests: exe apps $(TESTS) -+tests: exe $(TESTS) - - apps: - @(cd ..; $(MAKE) DIRS=apps all) -@@ -416,127 +416,127 @@ - link_app.$${shlib_target} - - $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) -- @target=$(RSATEST); $(BUILD_CMD) -+ +@target=$(RSATEST); $(BUILD_CMD) - - $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) -- @target=$(BNTEST); $(BUILD_CMD) -+ +@target=$(BNTEST); $(BUILD_CMD) - - $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) -- @target=$(ECTEST); $(BUILD_CMD) -+ +@target=$(ECTEST); $(BUILD_CMD) - - $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) -- @target=$(EXPTEST); $(BUILD_CMD) -+ +@target=$(EXPTEST); $(BUILD_CMD) - - $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) -- @target=$(IDEATEST); $(BUILD_CMD) -+ +@target=$(IDEATEST); $(BUILD_CMD) - - $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) -- @target=$(MD2TEST); $(BUILD_CMD) -+ +@target=$(MD2TEST); $(BUILD_CMD) - - $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) -- @target=$(SHATEST); $(BUILD_CMD) -+ +@target=$(SHATEST); $(BUILD_CMD) - - $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) -- @target=$(SHA1TEST); $(BUILD_CMD) -+ +@target=$(SHA1TEST); $(BUILD_CMD) - - $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) -- @target=$(SHA256TEST); $(BUILD_CMD) -+ +@target=$(SHA256TEST); $(BUILD_CMD) - - $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) -- @target=$(SHA512TEST); $(BUILD_CMD) -+ +@target=$(SHA512TEST); $(BUILD_CMD) - - $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) -- @target=$(RMDTEST); $(BUILD_CMD) -+ +@target=$(RMDTEST); $(BUILD_CMD) - - $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) -- @target=$(MDC2TEST); $(BUILD_CMD) -+ +@target=$(MDC2TEST); $(BUILD_CMD) - - $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) -- @target=$(MD4TEST); $(BUILD_CMD) -+ +@target=$(MD4TEST); $(BUILD_CMD) - - $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) -- @target=$(MD5TEST); $(BUILD_CMD) -+ +@target=$(MD5TEST); $(BUILD_CMD) - - $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) -- @target=$(HMACTEST); $(BUILD_CMD) -+ +@target=$(HMACTEST); $(BUILD_CMD) - - $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) -- @target=$(WPTEST); $(BUILD_CMD) -+ +@target=$(WPTEST); $(BUILD_CMD) - - $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) -- @target=$(RC2TEST); $(BUILD_CMD) -+ +@target=$(RC2TEST); $(BUILD_CMD) - - $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) -- @target=$(BFTEST); $(BUILD_CMD) -+ +@target=$(BFTEST); $(BUILD_CMD) - - $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) -- @target=$(CASTTEST); $(BUILD_CMD) -+ +@target=$(CASTTEST); $(BUILD_CMD) - - $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) -- @target=$(RC4TEST); $(BUILD_CMD) -+ +@target=$(RC4TEST); $(BUILD_CMD) - - $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) -- @target=$(RC5TEST); $(BUILD_CMD) -+ +@target=$(RC5TEST); $(BUILD_CMD) - - $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) -- @target=$(DESTEST); $(BUILD_CMD) -+ +@target=$(DESTEST); $(BUILD_CMD) - - $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) -- @target=$(RANDTEST); $(BUILD_CMD) -+ +@target=$(RANDTEST); $(BUILD_CMD) - - $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) -- @target=$(DHTEST); $(BUILD_CMD) -+ +@target=$(DHTEST); $(BUILD_CMD) - - $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) -- @target=$(DSATEST); $(BUILD_CMD) -+ +@target=$(DSATEST); $(BUILD_CMD) - - $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) -- @target=$(METHTEST); $(BUILD_CMD) -+ +@target=$(METHTEST); $(BUILD_CMD) - - $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) -- @target=$(SSLTEST); $(FIPS_BUILD_CMD) -+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) - - $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) -- @target=$(ENGINETEST); $(BUILD_CMD) -+ +@target=$(ENGINETEST); $(BUILD_CMD) - - $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) -- @target=$(EVPTEST); $(BUILD_CMD) -+ +@target=$(EVPTEST); $(BUILD_CMD) - - $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO) -- @target=$(EVPEXTRATEST); $(BUILD_CMD) -+ +@target=$(EVPEXTRATEST); $(BUILD_CMD) - - $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) -- @target=$(ECDSATEST); $(BUILD_CMD) -+ +@target=$(ECDSATEST); $(BUILD_CMD) - - $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) -- @target=$(ECDHTEST); $(BUILD_CMD) -+ +@target=$(ECDHTEST); $(BUILD_CMD) - - $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) -- @target=$(IGETEST); $(BUILD_CMD) -+ +@target=$(IGETEST); $(BUILD_CMD) - - $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) -- @target=$(JPAKETEST); $(BUILD_CMD) -+ +@target=$(JPAKETEST); $(BUILD_CMD) - - $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) -- @target=$(ASN1TEST); $(BUILD_CMD) -+ +@target=$(ASN1TEST); $(BUILD_CMD) - - $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) -- @target=$(SRPTEST); $(BUILD_CMD) -+ +@target=$(SRPTEST); $(BUILD_CMD) - - $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO) -- @target=$(V3NAMETEST); $(BUILD_CMD) -+ +@target=$(V3NAMETEST); $(BUILD_CMD) - - $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO) -- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) -+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) - - $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o -- @target=$(CONSTTIMETEST) $(BUILD_CMD) -+ +@target=$(CONSTTIMETEST) $(BUILD_CMD) - - $(VERIFYEXTRATEST)$(EXE_EXT): $(VERIFYEXTRATEST).o -- @target=$(VERIFYEXTRATEST) $(BUILD_CMD) -+ +@target=$(VERIFYEXTRATEST) $(BUILD_CMD) - - $(CLIENTHELLOTEST)$(EXE_EXT): $(CLIENTHELLOTEST).o -- @target=$(CLIENTHELLOTEST) $(BUILD_CMD) -+ +@target=$(CLIENTHELLOTEST) $(BUILD_CMD) - - #$(AESTEST).o: $(AESTEST).c - # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c -@@ -549,7 +549,7 @@ - # fi - - dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) -- @target=dummytest; $(BUILD_CMD) -+ +@target=dummytest; $(BUILD_CMD) - - # DO NOT DELETE THIS LINE -- make depend depends on it. - diff --git a/dev-libs/openssl/files/openssl-1.0.2g-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.2g-parallel-build.patch deleted file mode 100644 index 3582810da2..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2g-parallel-build.patch +++ /dev/null @@ -1,318 +0,0 @@ ---- openssl-1.0.2g/crypto/Makefile -+++ openssl-1.0.2g/crypto/Makefile -@@ -85,11 +85,11 @@ - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - - subdirs: -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO -- @target=files; $(RECURSIVE_MAKE) -+ +@target=files; $(RECURSIVE_MAKE) - - links: - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) -@@ -100,7 +100,7 @@ - # lib: $(LIB): are splitted to avoid end-less loop - lib: $(LIB) - @touch lib --$(LIB): $(LIBOBJ) -+$(LIB): $(LIBOBJ) | subdirs - $(AR) $(LIB) $(LIBOBJ) - test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o - $(RANLIB) $(LIB) || echo Never mind. -@@ -111,7 +111,7 @@ - fi - - libs: -- @target=lib; $(RECURSIVE_MAKE) -+ +@target=lib; $(RECURSIVE_MAKE) - - install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... -@@ -120,7 +120,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - lint: - @target=lint; $(RECURSIVE_MAKE) ---- openssl-1.0.2g/engines/Makefile -+++ openssl-1.0.2g/engines/Makefile -@@ -72,7 +72,7 @@ - - all: lib subdirs - --lib: $(LIBOBJ) -+lib: $(LIBOBJ) | subdirs - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - for l in $(LIBNAMES); do \ -@@ -89,7 +89,7 @@ - - subdirs: - echo $(EDIRS) -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO -@@ -128,7 +128,7 @@ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ - done; \ - fi -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - tags: - ctags $(SRC) ---- openssl-1.0.2g/Makefile.org -+++ openssl-1.0.2g/Makefile.org -@@ -279,17 +279,17 @@ - build_libssl: build_ssl libssl.pc - - build_crypto: -- @dir=crypto; target=all; $(BUILD_ONE_CMD) -+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) - build_ssl: build_crypto -- @dir=ssl; target=all; $(BUILD_ONE_CMD) -+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) - build_engines: build_crypto -- @dir=engines; target=all; $(BUILD_ONE_CMD) -+ +@dir=engines; target=all; $(BUILD_ONE_CMD) - build_apps: build_libs -- @dir=apps; target=all; $(BUILD_ONE_CMD) -+ +@dir=apps; target=all; $(BUILD_ONE_CMD) - build_tests: build_libs -- @dir=test; target=all; $(BUILD_ONE_CMD) -+ +@dir=test; target=all; $(BUILD_ONE_CMD) - build_tools: build_libs -- @dir=tools; target=all; $(BUILD_ONE_CMD) -+ +@dir=tools; target=all; $(BUILD_ONE_CMD) - - all_testapps: build_libs build_testapps - build_testapps: -@@ -544,7 +544,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @set -e; target=install; $(RECURSIVE_BUILD_CMD) -+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) - @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ - do \ - if [ -f "$$i" ]; then \ ---- openssl-1.0.2g/Makefile.shared -+++ openssl-1.0.2g/Makefile.shared -@@ -105,6 +105,7 @@ - SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ - LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ - LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ -+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ - $${SHAREDCMD} $${SHAREDFLAGS} \ - -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ -@@ -122,6 +123,7 @@ - done; \ - fi; \ - if [ -n "$$SHLIB_SOVER" ]; then \ -+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ - ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ - ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ - fi; \ ---- openssl-1.0.2g/test/Makefile -+++ openssl-1.0.2g/test/Makefile -@@ -139,7 +139,7 @@ - tags: - ctags $(SRC) - --tests: exe apps $(TESTS) -+tests: exe $(TESTS) - - apps: - @(cd ..; $(MAKE) DIRS=apps all) -@@ -421,130 +421,130 @@ - link_app.$${shlib_target} - - $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) -- @target=$(RSATEST); $(BUILD_CMD) -+ +@target=$(RSATEST); $(BUILD_CMD) - - $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) -- @target=$(BNTEST); $(BUILD_CMD) -+ +@target=$(BNTEST); $(BUILD_CMD) - - $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) -- @target=$(ECTEST); $(BUILD_CMD) -+ +@target=$(ECTEST); $(BUILD_CMD) - - $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) -- @target=$(EXPTEST); $(BUILD_CMD) -+ +@target=$(EXPTEST); $(BUILD_CMD) - - $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) -- @target=$(IDEATEST); $(BUILD_CMD) -+ +@target=$(IDEATEST); $(BUILD_CMD) - - $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) -- @target=$(MD2TEST); $(BUILD_CMD) -+ +@target=$(MD2TEST); $(BUILD_CMD) - - $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) -- @target=$(SHATEST); $(BUILD_CMD) -+ +@target=$(SHATEST); $(BUILD_CMD) - - $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) -- @target=$(SHA1TEST); $(BUILD_CMD) -+ +@target=$(SHA1TEST); $(BUILD_CMD) - - $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) -- @target=$(SHA256TEST); $(BUILD_CMD) -+ +@target=$(SHA256TEST); $(BUILD_CMD) - - $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) -- @target=$(SHA512TEST); $(BUILD_CMD) -+ +@target=$(SHA512TEST); $(BUILD_CMD) - - $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) -- @target=$(RMDTEST); $(BUILD_CMD) -+ +@target=$(RMDTEST); $(BUILD_CMD) - - $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) -- @target=$(MDC2TEST); $(BUILD_CMD) -+ +@target=$(MDC2TEST); $(BUILD_CMD) - - $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) -- @target=$(MD4TEST); $(BUILD_CMD) -+ +@target=$(MD4TEST); $(BUILD_CMD) - - $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) -- @target=$(MD5TEST); $(BUILD_CMD) -+ +@target=$(MD5TEST); $(BUILD_CMD) - - $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) -- @target=$(HMACTEST); $(BUILD_CMD) -+ +@target=$(HMACTEST); $(BUILD_CMD) - - $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) -- @target=$(WPTEST); $(BUILD_CMD) -+ +@target=$(WPTEST); $(BUILD_CMD) - - $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) -- @target=$(RC2TEST); $(BUILD_CMD) -+ +@target=$(RC2TEST); $(BUILD_CMD) - - $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) -- @target=$(BFTEST); $(BUILD_CMD) -+ +@target=$(BFTEST); $(BUILD_CMD) - - $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) -- @target=$(CASTTEST); $(BUILD_CMD) -+ +@target=$(CASTTEST); $(BUILD_CMD) - - $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) -- @target=$(RC4TEST); $(BUILD_CMD) -+ +@target=$(RC4TEST); $(BUILD_CMD) - - $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) -- @target=$(RC5TEST); $(BUILD_CMD) -+ +@target=$(RC5TEST); $(BUILD_CMD) - - $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) -- @target=$(DESTEST); $(BUILD_CMD) -+ +@target=$(DESTEST); $(BUILD_CMD) - - $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) -- @target=$(RANDTEST); $(BUILD_CMD) -+ +@target=$(RANDTEST); $(BUILD_CMD) - - $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) -- @target=$(DHTEST); $(BUILD_CMD) -+ +@target=$(DHTEST); $(BUILD_CMD) - - $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) -- @target=$(DSATEST); $(BUILD_CMD) -+ +@target=$(DSATEST); $(BUILD_CMD) - - $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) -- @target=$(METHTEST); $(BUILD_CMD) -+ +@target=$(METHTEST); $(BUILD_CMD) - - $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) -- @target=$(SSLTEST); $(FIPS_BUILD_CMD) -+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) - - $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) -- @target=$(ENGINETEST); $(BUILD_CMD) -+ +@target=$(ENGINETEST); $(BUILD_CMD) - - $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) -- @target=$(EVPTEST); $(BUILD_CMD) -+ +@target=$(EVPTEST); $(BUILD_CMD) - - $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO) -- @target=$(EVPEXTRATEST); $(BUILD_CMD) -+ +@target=$(EVPEXTRATEST); $(BUILD_CMD) - - $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) -- @target=$(ECDSATEST); $(BUILD_CMD) -+ +@target=$(ECDSATEST); $(BUILD_CMD) - - $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) -- @target=$(ECDHTEST); $(BUILD_CMD) -+ +@target=$(ECDHTEST); $(BUILD_CMD) - - $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) -- @target=$(IGETEST); $(BUILD_CMD) -+ +@target=$(IGETEST); $(BUILD_CMD) - - $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) -- @target=$(JPAKETEST); $(BUILD_CMD) -+ +@target=$(JPAKETEST); $(BUILD_CMD) - - $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) -- @target=$(ASN1TEST); $(BUILD_CMD) -+ +@target=$(ASN1TEST); $(BUILD_CMD) - - $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) -- @target=$(SRPTEST); $(BUILD_CMD) -+ +@target=$(SRPTEST); $(BUILD_CMD) - - $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO) -- @target=$(V3NAMETEST); $(BUILD_CMD) -+ +@target=$(V3NAMETEST); $(BUILD_CMD) - - $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO) -- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) -+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) - - $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o -- @target=$(CONSTTIMETEST) $(BUILD_CMD) -+ +@target=$(CONSTTIMETEST) $(BUILD_CMD) - - $(VERIFYEXTRATEST)$(EXE_EXT): $(VERIFYEXTRATEST).o -- @target=$(VERIFYEXTRATEST) $(BUILD_CMD) -+ +@target=$(VERIFYEXTRATEST) $(BUILD_CMD) - - $(CLIENTHELLOTEST)$(EXE_EXT): $(CLIENTHELLOTEST).o -- @target=$(CLIENTHELLOTEST) $(BUILD_CMD) -+ +@target=$(CLIENTHELLOTEST) $(BUILD_CMD) - - $(SSLV2CONFTEST)$(EXE_EXT): $(SSLV2CONFTEST).o -- @target=$(SSLV2CONFTEST) $(BUILD_CMD) -+ +@target=$(SSLV2CONFTEST) $(BUILD_CMD) - - #$(AESTEST).o: $(AESTEST).c - # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c -@@ -557,7 +557,7 @@ - # fi - - dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) -- @target=dummytest; $(BUILD_CMD) -+ +@target=dummytest; $(BUILD_CMD) - - # DO NOT DELETE THIS LINE -- make depend depends on it. - diff --git a/dev-libs/openssl/files/openssl-1.0.2i-parallel-build.patch b/dev-libs/openssl/files/openssl-1.0.2i-parallel-build.patch deleted file mode 100644 index 387a077da2..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2i-parallel-build.patch +++ /dev/null @@ -1,326 +0,0 @@ ---- openssl-1.0.2i/crypto/Makefile -+++ openssl-1.0.2i/crypto/Makefile -@@ -85,11 +85,11 @@ - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - - subdirs: -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO -- @target=files; $(RECURSIVE_MAKE) -+ +@target=files; $(RECURSIVE_MAKE) - - links: - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) -@@ -100,7 +100,7 @@ - # lib: $(LIB): are splitted to avoid end-less loop - lib: $(LIB) - @touch lib --$(LIB): $(LIBOBJ) -+$(LIB): $(LIBOBJ) | subdirs - $(AR) $(LIB) $(LIBOBJ) - test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o - $(RANLIB) $(LIB) || echo Never mind. -@@ -111,7 +111,7 @@ - fi - - libs: -- @target=lib; $(RECURSIVE_MAKE) -+ +@target=lib; $(RECURSIVE_MAKE) - - install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... -@@ -120,7 +120,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - lint: - @target=lint; $(RECURSIVE_MAKE) ---- openssl-1.0.2i/engines/Makefile -+++ openssl-1.0.2i/engines/Makefile -@@ -72,7 +72,7 @@ - - all: lib subdirs - --lib: $(LIBOBJ) -+lib: $(LIBOBJ) | subdirs - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - for l in $(LIBNAMES); do \ -@@ -89,7 +89,7 @@ - - subdirs: - echo $(EDIRS) -- @target=all; $(RECURSIVE_MAKE) -+ +@target=all; $(RECURSIVE_MAKE) - - files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO -@@ -128,7 +128,7 @@ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ - done; \ - fi -- @target=install; $(RECURSIVE_MAKE) -+ +@target=install; $(RECURSIVE_MAKE) - - tags: - ctags $(SRC) ---- openssl-1.0.2i/Makefile.org -+++ openssl-1.0.2i/Makefile.org -@@ -281,17 +281,17 @@ - build_libssl: build_ssl libssl.pc - - build_crypto: -- @dir=crypto; target=all; $(BUILD_ONE_CMD) -+ +@dir=crypto; target=all; $(BUILD_ONE_CMD) - build_ssl: build_crypto -- @dir=ssl; target=all; $(BUILD_ONE_CMD) -+ +@dir=ssl; target=all; $(BUILD_ONE_CMD) - build_engines: build_crypto -- @dir=engines; target=all; $(BUILD_ONE_CMD) -+ +@dir=engines; target=all; $(BUILD_ONE_CMD) - build_apps: build_libs -- @dir=apps; target=all; $(BUILD_ONE_CMD) -+ +@dir=apps; target=all; $(BUILD_ONE_CMD) - build_tests: build_libs -- @dir=test; target=all; $(BUILD_ONE_CMD) -+ +@dir=test; target=all; $(BUILD_ONE_CMD) - build_tools: build_libs -- @dir=tools; target=all; $(BUILD_ONE_CMD) -+ +@dir=tools; target=all; $(BUILD_ONE_CMD) - - all_testapps: build_libs build_testapps - build_testapps: -@@ -547,7 +547,7 @@ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; -- @set -e; target=install; $(RECURSIVE_BUILD_CMD) -+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) - @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ - do \ - if [ -f "$$i" ]; then \ ---- openssl-1.0.2i/Makefile.shared -+++ openssl-1.0.2i/Makefile.shared -@@ -105,6 +105,7 @@ - SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ - LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ - LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ -+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ - LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ - $${SHAREDCMD} $${SHAREDFLAGS} \ - -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ -@@ -122,6 +123,7 @@ - done; \ - fi; \ - if [ -n "$$SHLIB_SOVER" ]; then \ -+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ - ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ - ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ - fi; \ ---- openssl-1.0.2i/test/Makefile -+++ openssl-1.0.2i/test/Makefile -@@ -144,7 +144,7 @@ - tags: - ctags $(SRC) - --tests: exe apps $(TESTS) -+tests: exe $(TESTS) - - apps: - @(cd ..; $(MAKE) DIRS=apps all) -@@ -435,136 +435,136 @@ - link_app.$${shlib_target} - - $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) -- @target=$(RSATEST); $(BUILD_CMD) -+ +@target=$(RSATEST); $(BUILD_CMD) - - $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) -- @target=$(BNTEST); $(BUILD_CMD) -+ +@target=$(BNTEST); $(BUILD_CMD) - - $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) -- @target=$(ECTEST); $(BUILD_CMD) -+ +@target=$(ECTEST); $(BUILD_CMD) - - $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) -- @target=$(EXPTEST); $(BUILD_CMD) -+ +@target=$(EXPTEST); $(BUILD_CMD) - - $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) -- @target=$(IDEATEST); $(BUILD_CMD) -+ +@target=$(IDEATEST); $(BUILD_CMD) - - $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) -- @target=$(MD2TEST); $(BUILD_CMD) -+ +@target=$(MD2TEST); $(BUILD_CMD) - - $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) -- @target=$(SHATEST); $(BUILD_CMD) -+ +@target=$(SHATEST); $(BUILD_CMD) - - $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) -- @target=$(SHA1TEST); $(BUILD_CMD) -+ +@target=$(SHA1TEST); $(BUILD_CMD) - - $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) -- @target=$(SHA256TEST); $(BUILD_CMD) -+ +@target=$(SHA256TEST); $(BUILD_CMD) - - $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) -- @target=$(SHA512TEST); $(BUILD_CMD) -+ +@target=$(SHA512TEST); $(BUILD_CMD) - - $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) -- @target=$(RMDTEST); $(BUILD_CMD) -+ +@target=$(RMDTEST); $(BUILD_CMD) - - $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) -- @target=$(MDC2TEST); $(BUILD_CMD) -+ +@target=$(MDC2TEST); $(BUILD_CMD) - - $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) -- @target=$(MD4TEST); $(BUILD_CMD) -+ +@target=$(MD4TEST); $(BUILD_CMD) - - $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) -- @target=$(MD5TEST); $(BUILD_CMD) -+ +@target=$(MD5TEST); $(BUILD_CMD) - - $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) -- @target=$(HMACTEST); $(BUILD_CMD) -+ +@target=$(HMACTEST); $(BUILD_CMD) - - $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) -- @target=$(WPTEST); $(BUILD_CMD) -+ +@target=$(WPTEST); $(BUILD_CMD) - - $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) -- @target=$(RC2TEST); $(BUILD_CMD) -+ +@target=$(RC2TEST); $(BUILD_CMD) - - $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) -- @target=$(BFTEST); $(BUILD_CMD) -+ +@target=$(BFTEST); $(BUILD_CMD) - - $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) -- @target=$(CASTTEST); $(BUILD_CMD) -+ +@target=$(CASTTEST); $(BUILD_CMD) - - $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) -- @target=$(RC4TEST); $(BUILD_CMD) -+ +@target=$(RC4TEST); $(BUILD_CMD) - - $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) -- @target=$(RC5TEST); $(BUILD_CMD) -+ +@target=$(RC5TEST); $(BUILD_CMD) - - $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) -- @target=$(DESTEST); $(BUILD_CMD) -+ +@target=$(DESTEST); $(BUILD_CMD) - - $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) -- @target=$(RANDTEST); $(BUILD_CMD) -+ +@target=$(RANDTEST); $(BUILD_CMD) - - $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) -- @target=$(DHTEST); $(BUILD_CMD) -+ +@target=$(DHTEST); $(BUILD_CMD) - - $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) -- @target=$(DSATEST); $(BUILD_CMD) -+ +@target=$(DSATEST); $(BUILD_CMD) - - $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) -- @target=$(METHTEST); $(BUILD_CMD) -+ +@target=$(METHTEST); $(BUILD_CMD) - - $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) -- @target=$(SSLTEST); $(FIPS_BUILD_CMD) -+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) - - $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) -- @target=$(ENGINETEST); $(BUILD_CMD) -+ +@target=$(ENGINETEST); $(BUILD_CMD) - - $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) -- @target=$(EVPTEST); $(BUILD_CMD) -+ +@target=$(EVPTEST); $(BUILD_CMD) - - $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO) -- @target=$(EVPEXTRATEST); $(BUILD_CMD) -+ +@target=$(EVPEXTRATEST); $(BUILD_CMD) - - $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) -- @target=$(ECDSATEST); $(BUILD_CMD) -+ +@target=$(ECDSATEST); $(BUILD_CMD) - - $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) -- @target=$(ECDHTEST); $(BUILD_CMD) -+ +@target=$(ECDHTEST); $(BUILD_CMD) - - $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) -- @target=$(IGETEST); $(BUILD_CMD) -+ +@target=$(IGETEST); $(BUILD_CMD) - - $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) -- @target=$(JPAKETEST); $(BUILD_CMD) -+ +@target=$(JPAKETEST); $(BUILD_CMD) - - $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) -- @target=$(ASN1TEST); $(BUILD_CMD) -+ +@target=$(ASN1TEST); $(BUILD_CMD) - - $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) -- @target=$(SRPTEST); $(BUILD_CMD) -+ +@target=$(SRPTEST); $(BUILD_CMD) - - $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO) -- @target=$(V3NAMETEST); $(BUILD_CMD) -+ +@target=$(V3NAMETEST); $(BUILD_CMD) - - $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO) -- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) -+ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) - - $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o -- @target=$(CONSTTIMETEST) $(BUILD_CMD) -+ +@target=$(CONSTTIMETEST) $(BUILD_CMD) - - $(VERIFYEXTRATEST)$(EXE_EXT): $(VERIFYEXTRATEST).o -- @target=$(VERIFYEXTRATEST) $(BUILD_CMD) -+ +@target=$(VERIFYEXTRATEST) $(BUILD_CMD) - - $(CLIENTHELLOTEST)$(EXE_EXT): $(CLIENTHELLOTEST).o -- @target=$(CLIENTHELLOTEST) $(BUILD_CMD) -+ +@target=$(CLIENTHELLOTEST) $(BUILD_CMD) - - $(BADDTLSTEST)$(EXE_EXT): $(BADDTLSTEST).o -- @target=$(BADDTLSTEST) $(BUILD_CMD) -+ +@target=$(BADDTLSTEST) $(BUILD_CMD) - - $(SSLV2CONFTEST)$(EXE_EXT): $(SSLV2CONFTEST).o -- @target=$(SSLV2CONFTEST) $(BUILD_CMD) -+ +@target=$(SSLV2CONFTEST) $(BUILD_CMD) - - $(DTLSTEST)$(EXE_EXT): $(DTLSTEST).o ssltestlib.o $(DLIBSSL) $(DLIBCRYPTO) -- @target=$(DTLSTEST); exobj=ssltestlib.o; $(BUILD_CMD) -+ +@target=$(DTLSTEST); exobj=ssltestlib.o; $(BUILD_CMD) - - #$(AESTEST).o: $(AESTEST).c - # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c -@@ -577,7 +577,7 @@ - # fi - - dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) -- @target=dummytest; $(BUILD_CMD) -+ +@target=dummytest; $(BUILD_CMD) - - # DO NOT DELETE THIS LINE -- make depend depends on it. - diff --git a/dev-libs/openssl/files/openssl-1.0.2o-CVE-2018-0732.patch b/dev-libs/openssl/files/openssl-1.0.2o-CVE-2018-0732.patch deleted file mode 100644 index 148e7c3bc1..0000000000 --- a/dev-libs/openssl/files/openssl-1.0.2o-CVE-2018-0732.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 3984ef0b72831da8b3ece4745cac4f8575b19098 Mon Sep 17 00:00:00 2001 -From: Guido Vranken -Date: Mon, 11 Jun 2018 19:38:54 +0200 -Subject: [PATCH] Reject excessively large primes in DH key generation. - -CVE-2018-0732 - -Signed-off-by: Guido Vranken - -(cherry picked from commit 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe) - -Reviewed-by: Tim Hudson -Reviewed-by: Matt Caswell -(Merged from https://github.com/openssl/openssl/pull/6457) ---- - crypto/dh/dh_key.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c -index 387558f1467..f235e0d682b 100644 ---- a/crypto/dh/dh_key.c -+++ b/crypto/dh/dh_key.c -@@ -130,10 +130,15 @@ static int generate_key(DH *dh) - int ok = 0; - int generate_new_key = 0; - unsigned l; -- BN_CTX *ctx; -+ BN_CTX *ctx = NULL; - BN_MONT_CTX *mont = NULL; - BIGNUM *pub_key = NULL, *priv_key = NULL; - -+ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { -+ DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE); -+ return 0; -+ } -+ - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; diff --git a/dev-libs/openssl/files/openssl-1.0.2p-hobble-ecc.patch b/dev-libs/openssl/files/openssl-1.0.2p-hobble-ecc.patch new file mode 100644 index 0000000000..3a458a7836 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.0.2p-hobble-ecc.patch @@ -0,0 +1,283 @@ +Port of Fedora's Hobble-EC patches for OpenSSL 1.0 series. + +From https://src.fedoraproject.org/git/rpms/openssl.git + +Contains parts of the following patches, rediffed. The patches are on various +different branches. +f23 openssl-1.0.2c-ecc-suiteb.patch +f23 openssl-1.0.2a-fips-ec.patch +f28 openssl-1.1.0-ec-curves.patch + +Signed-off-By: Robin H. Johnson + +--- a/apps/speed.c ++++ b/apps/speed.c +@@ -989,10 +989,7 @@ int MAIN(int argc, char **argv) + } else + # endif + # ifndef OPENSSL_NO_ECDSA +- if (strcmp(*argv, "ecdsap160") == 0) +- ecdsa_doit[R_EC_P160] = 2; +- else if (strcmp(*argv, "ecdsap192") == 0) +- ecdsa_doit[R_EC_P192] = 2; ++ if (0) {} + else if (strcmp(*argv, "ecdsap224") == 0) + ecdsa_doit[R_EC_P224] = 2; + else if (strcmp(*argv, "ecdsap256") == 0) +@@ -1001,36 +998,13 @@ int MAIN(int argc, char **argv) + ecdsa_doit[R_EC_P384] = 2; + else if (strcmp(*argv, "ecdsap521") == 0) + ecdsa_doit[R_EC_P521] = 2; +- else if (strcmp(*argv, "ecdsak163") == 0) +- ecdsa_doit[R_EC_K163] = 2; +- else if (strcmp(*argv, "ecdsak233") == 0) +- ecdsa_doit[R_EC_K233] = 2; +- else if (strcmp(*argv, "ecdsak283") == 0) +- ecdsa_doit[R_EC_K283] = 2; +- else if (strcmp(*argv, "ecdsak409") == 0) +- ecdsa_doit[R_EC_K409] = 2; +- else if (strcmp(*argv, "ecdsak571") == 0) +- ecdsa_doit[R_EC_K571] = 2; +- else if (strcmp(*argv, "ecdsab163") == 0) +- ecdsa_doit[R_EC_B163] = 2; +- else if (strcmp(*argv, "ecdsab233") == 0) +- ecdsa_doit[R_EC_B233] = 2; +- else if (strcmp(*argv, "ecdsab283") == 0) +- ecdsa_doit[R_EC_B283] = 2; +- else if (strcmp(*argv, "ecdsab409") == 0) +- ecdsa_doit[R_EC_B409] = 2; +- else if (strcmp(*argv, "ecdsab571") == 0) +- ecdsa_doit[R_EC_B571] = 2; + else if (strcmp(*argv, "ecdsa") == 0) { +- for (i = 0; i < EC_NUM; i++) ++ for (i = R_EC_P224; i < R_EC_P521; i++) + ecdsa_doit[i] = 1; + } else + # endif + # ifndef OPENSSL_NO_ECDH +- if (strcmp(*argv, "ecdhp160") == 0) +- ecdh_doit[R_EC_P160] = 2; +- else if (strcmp(*argv, "ecdhp192") == 0) +- ecdh_doit[R_EC_P192] = 2; ++ if (0) {} + else if (strcmp(*argv, "ecdhp224") == 0) + ecdh_doit[R_EC_P224] = 2; + else if (strcmp(*argv, "ecdhp256") == 0) +@@ -1039,28 +1013,8 @@ int MAIN(int argc, char **argv) + ecdh_doit[R_EC_P384] = 2; + else if (strcmp(*argv, "ecdhp521") == 0) + ecdh_doit[R_EC_P521] = 2; +- else if (strcmp(*argv, "ecdhk163") == 0) +- ecdh_doit[R_EC_K163] = 2; +- else if (strcmp(*argv, "ecdhk233") == 0) +- ecdh_doit[R_EC_K233] = 2; +- else if (strcmp(*argv, "ecdhk283") == 0) +- ecdh_doit[R_EC_K283] = 2; +- else if (strcmp(*argv, "ecdhk409") == 0) +- ecdh_doit[R_EC_K409] = 2; +- else if (strcmp(*argv, "ecdhk571") == 0) +- ecdh_doit[R_EC_K571] = 2; +- else if (strcmp(*argv, "ecdhb163") == 0) +- ecdh_doit[R_EC_B163] = 2; +- else if (strcmp(*argv, "ecdhb233") == 0) +- ecdh_doit[R_EC_B233] = 2; +- else if (strcmp(*argv, "ecdhb283") == 0) +- ecdh_doit[R_EC_B283] = 2; +- else if (strcmp(*argv, "ecdhb409") == 0) +- ecdh_doit[R_EC_B409] = 2; +- else if (strcmp(*argv, "ecdhb571") == 0) +- ecdh_doit[R_EC_B571] = 2; + else if (strcmp(*argv, "ecdh") == 0) { +- for (i = 0; i < EC_NUM; i++) ++ for (i = R_EC_P224; i <= R_EC_P521; i++) + ecdh_doit[i] = 1; + } else + # endif +@@ -1149,21 +1103,13 @@ int MAIN(int argc, char **argv) + BIO_printf(bio_err, "dsa512 dsa1024 dsa2048\n"); + # endif + # ifndef OPENSSL_NO_ECDSA +- BIO_printf(bio_err, "ecdsap160 ecdsap192 ecdsap224 " ++ BIO_printf(bio_err, "ecdsap224 " + "ecdsap256 ecdsap384 ecdsap521\n"); +- BIO_printf(bio_err, +- "ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n"); +- BIO_printf(bio_err, +- "ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n"); + BIO_printf(bio_err, "ecdsa\n"); + # endif + # ifndef OPENSSL_NO_ECDH +- BIO_printf(bio_err, "ecdhp160 ecdhp192 ecdhp224 " ++ BIO_printf(bio_err, "ecdhp224 " + "ecdhp256 ecdhp384 ecdhp521\n"); +- BIO_printf(bio_err, +- "ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n"); +- BIO_printf(bio_err, +- "ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571\n"); + BIO_printf(bio_err, "ecdh\n"); + # endif + +@@ -1242,11 +1188,11 @@ int MAIN(int argc, char **argv) + for (i = 0; i < DSA_NUM; i++) + dsa_doit[i] = 1; + # ifndef OPENSSL_NO_ECDSA +- for (i = 0; i < EC_NUM; i++) ++ for (i = R_EC_P224; i <= R_EC_P521; i++) + ecdsa_doit[i] = 1; + # endif + # ifndef OPENSSL_NO_ECDH +- for (i = 0; i < EC_NUM; i++) ++ for (i = R_EC_P224; i <= R_EC_P521; i++) + ecdh_doit[i] = 1; + # endif + } +--- a/crypto/ec/ecp_smpl.c ++++ b/crypto/ec/ecp_smpl.c +@@ -187,6 +187,11 @@ int ec_GFp_simple_group_set_curve(EC_GROUP *group, + return 0; + } + ++ if (BN_num_bits(p) < 224) { ++ ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD); ++ return 0; ++ } ++ + if (ctx == NULL) { + ctx = new_ctx = BN_CTX_new(); + if (ctx == NULL) +--- a/crypto/ecdh/ecdhtest.c ++++ b/crypto/ecdh/ecdhtest.c +@@ -501,11 +501,13 @@ int main(int argc, char *argv[]) + goto err; + + /* NIST PRIME CURVES TESTS */ ++# if 0 + if (!test_ecdh_curve + (NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out)) + goto err; + if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out)) + goto err; ++# endif + if (!test_ecdh_curve + (NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out)) + goto err; +@@ -536,13 +538,14 @@ int main(int argc, char *argv[]) + if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out)) + goto err; + # endif ++# if 0 + if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP256r1", 256)) + goto err; + if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP384r1", 384)) + goto err; + if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP512r1", 512)) + goto err; +- ++# endif + ret = 0; + + err: +--- a/crypto/ecdsa/ecdsatest.c ++++ b/crypto/ecdsa/ecdsatest.c +@@ -138,9 +138,12 @@ int restore_rand(void) + } + + static int fbytes_counter = 0, use_fake = 0; +-static const char *numbers[8] = { ++static const char *numbers[10] = { ++ "651056770906015076056810763456358567190100156695615665659", + "651056770906015076056810763456358567190100156695615665659", + "6140507067065001063065065565667405560006161556565665656654", ++ "8763001015071075675010661307616710783570106710677817767166" ++ "71676178726717", + "8763001015071075675010661307616710783570106710677817767166" + "71676178726717", + "7000000175690566466555057817571571075705015757757057795755" +@@ -163,7 +166,7 @@ int fbytes(unsigned char *buf, int num) + + use_fake = 0; + +- if (fbytes_counter >= 8) ++ if (fbytes_counter >= 10) + return 0; + tmp = BN_new(); + if (!tmp) +@@ -539,8 +542,10 @@ int main(void) + RAND_seed(rnd_seed, sizeof(rnd_seed)); + + /* the tests */ ++# if 0 + if (!x9_62_tests(out)) + goto err; ++# endif + if (!test_builtin(out)) + goto err; + +--- a/ssl/t1_lib.c ++++ b/ssl/t1_lib.c +@@ -271,10 +271,7 @@ static const unsigned char eccurves_auto[] = { + 0, 23, /* secp256r1 (23) */ + /* Other >= 256-bit prime curves. */ + 0, 25, /* secp521r1 (25) */ +- 0, 28, /* brainpool512r1 (28) */ +- 0, 27, /* brainpoolP384r1 (27) */ + 0, 24, /* secp384r1 (24) */ +- 0, 26, /* brainpoolP256r1 (26) */ + 0, 22, /* secp256k1 (22) */ + # ifndef OPENSSL_NO_EC2M + /* >= 256-bit binary curves. */ +@@ -292,10 +289,7 @@ static const unsigned char eccurves_all[] = { + 0, 23, /* secp256r1 (23) */ + /* Other >= 256-bit prime curves. */ + 0, 25, /* secp521r1 (25) */ +- 0, 28, /* brainpool512r1 (28) */ +- 0, 27, /* brainpoolP384r1 (27) */ + 0, 24, /* secp384r1 (24) */ +- 0, 26, /* brainpoolP256r1 (26) */ + 0, 22, /* secp256k1 (22) */ + # ifndef OPENSSL_NO_EC2M + /* >= 256-bit binary curves. */ +@@ -310,13 +304,6 @@ static const unsigned char eccurves_all[] = { + * Remaining curves disabled by default but still permitted if set + * via an explicit callback or parameters. + */ +- 0, 20, /* secp224k1 (20) */ +- 0, 21, /* secp224r1 (21) */ +- 0, 18, /* secp192k1 (18) */ +- 0, 19, /* secp192r1 (19) */ +- 0, 15, /* secp160k1 (15) */ +- 0, 16, /* secp160r1 (16) */ +- 0, 17, /* secp160r2 (17) */ + # ifndef OPENSSL_NO_EC2M + 0, 8, /* sect239k1 (8) */ + 0, 6, /* sect233k1 (6) */ +@@ -351,29 +338,21 @@ static const unsigned char fips_curves_default[] = { + 0, 9, /* sect283k1 (9) */ + 0, 10, /* sect283r1 (10) */ + # endif +- 0, 22, /* secp256k1 (22) */ + 0, 23, /* secp256r1 (23) */ + # ifndef OPENSSL_NO_EC2M + 0, 8, /* sect239k1 (8) */ + 0, 6, /* sect233k1 (6) */ + 0, 7, /* sect233r1 (7) */ + # endif +- 0, 20, /* secp224k1 (20) */ +- 0, 21, /* secp224r1 (21) */ + # ifndef OPENSSL_NO_EC2M + 0, 4, /* sect193r1 (4) */ + 0, 5, /* sect193r2 (5) */ + # endif +- 0, 18, /* secp192k1 (18) */ +- 0, 19, /* secp192r1 (19) */ + # ifndef OPENSSL_NO_EC2M + 0, 1, /* sect163k1 (1) */ + 0, 2, /* sect163r1 (2) */ + 0, 3, /* sect163r2 (3) */ + # endif +- 0, 15, /* secp160k1 (15) */ +- 0, 16, /* secp160r1 (16) */ +- 0, 17, /* secp160r2 (17) */ + }; + # endif + diff --git a/dev-libs/openssl/files/openssl-1.1.0g-CVE-2017-3738.patch b/dev-libs/openssl/files/openssl-1.1.0g-CVE-2017-3738.patch deleted file mode 100644 index 4b01feb8e8..0000000000 --- a/dev-libs/openssl/files/openssl-1.1.0g-CVE-2017-3738.patch +++ /dev/null @@ -1,77 +0,0 @@ -From e502cc86df9dafded1694fceb3228ee34d11c11a Mon Sep 17 00:00:00 2001 -From: Andy Polyakov -Date: Fri, 24 Nov 2017 11:35:50 +0100 -Subject: [PATCH] bn/asm/rsaz-avx2.pl: fix digit correction bug in - rsaz_1024_mul_avx2. - -Credit to OSS-Fuzz for finding this. - -CVE-2017-3738 - -Reviewed-by: Rich Salz ---- - crypto/bn/asm/rsaz-avx2.pl | 15 +++++++-------- - 1 file changed, 7 insertions(+), 8 deletions(-) - -diff --git a/crypto/bn/asm/rsaz-avx2.pl b/crypto/bn/asm/rsaz-avx2.pl -index 0c1b236ef98..46d746b7d0e 100755 ---- a/crypto/bn/asm/rsaz-avx2.pl -+++ b/crypto/bn/asm/rsaz-avx2.pl -@@ -246,7 +246,7 @@ - vmovdqu 32*8-128($ap), $ACC8 - - lea 192(%rsp), $tp0 # 64+128=192 -- vpbroadcastq .Land_mask(%rip), $AND_MASK -+ vmovdqu .Land_mask(%rip), $AND_MASK - jmp .LOOP_GRANDE_SQR_1024 - - .align 32 -@@ -1077,10 +1077,10 @@ - vpmuludq 32*6-128($np),$Yi,$TEMP1 - vpaddq $TEMP1,$ACC6,$ACC6 - vpmuludq 32*7-128($np),$Yi,$TEMP2 -- vpblendd \$3, $ZERO, $ACC9, $ACC9 # correct $ACC3 -+ vpblendd \$3, $ZERO, $ACC9, $TEMP1 # correct $ACC3 - vpaddq $TEMP2,$ACC7,$ACC7 - vpmuludq 32*8-128($np),$Yi,$TEMP0 -- vpaddq $ACC9, $ACC3, $ACC3 # correct $ACC3 -+ vpaddq $TEMP1, $ACC3, $ACC3 # correct $ACC3 - vpaddq $TEMP0,$ACC8,$ACC8 - - mov %rbx, %rax -@@ -1093,7 +1093,9 @@ - vmovdqu -8+32*2-128($ap),$TEMP2 - - mov $r1, %rax -+ vpblendd \$0xfc, $ZERO, $ACC9, $ACC9 # correct $ACC3 - imull $n0, %eax -+ vpaddq $ACC9,$ACC4,$ACC4 # correct $ACC3 - and \$0x1fffffff, %eax - - imulq 16-128($ap),%rbx -@@ -1329,15 +1331,12 @@ - # But as we underutilize resources, it's possible to correct in - # each iteration with marginal performance loss. But then, as - # we do it in each iteration, we can correct less digits, and --# avoid performance penalties completely. Also note that we --# correct only three digits out of four. This works because --# most significant digit is subjected to less additions. -+# avoid performance penalties completely. - - $TEMP0 = $ACC9; - $TEMP3 = $Bi; - $TEMP4 = $Yi; - $code.=<<___; -- vpermq \$0, $AND_MASK, $AND_MASK - vpaddq (%rsp), $TEMP1, $ACC0 - - vpsrlq \$29, $ACC0, $TEMP1 -@@ -1770,7 +1769,7 @@ - - .align 64 - .Land_mask: -- .quad 0x1fffffff,0x1fffffff,0x1fffffff,-1 -+ .quad 0x1fffffff,0x1fffffff,0x1fffffff,0x1fffffff - .Lscatter_permd: - .long 0,2,4,6,7,7,7,7 - .Lgather_permd: diff --git a/dev-libs/openssl/files/openssl-1.1.0h-CVE-2018-0732.patch b/dev-libs/openssl/files/openssl-1.1.0h-CVE-2018-0732.patch deleted file mode 100644 index e7dfba43f2..0000000000 --- a/dev-libs/openssl/files/openssl-1.1.0h-CVE-2018-0732.patch +++ /dev/null @@ -1,39 +0,0 @@ -From ea7abeeabf92b7aca160bdd0208636d4da69f4f4 Mon Sep 17 00:00:00 2001 -From: Guido Vranken -Date: Mon, 11 Jun 2018 19:38:54 +0200 -Subject: [PATCH] Reject excessively large primes in DH key generation. - -CVE-2018-0732 - -Signed-off-by: Guido Vranken - -(cherry picked from commit 91f7361f47b082ae61ffe1a7b17bb2adf213c7fe) - -Reviewed-by: Tim Hudson -Reviewed-by: Matt Caswell -(Merged from https://github.com/openssl/openssl/pull/6457) ---- - crypto/dh/dh_key.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c -index fce9ff47f36..58003d70878 100644 ---- a/crypto/dh/dh_key.c -+++ b/crypto/dh/dh_key.c -@@ -78,10 +78,15 @@ static int generate_key(DH *dh) - int ok = 0; - int generate_new_key = 0; - unsigned l; -- BN_CTX *ctx; -+ BN_CTX *ctx = NULL; - BN_MONT_CTX *mont = NULL; - BIGNUM *pub_key = NULL, *priv_key = NULL; - -+ if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { -+ DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE); -+ return 0; -+ } -+ - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; diff --git a/dev-libs/openssl/files/openssl-1.1.0h-CVE-2018-0737.patch b/dev-libs/openssl/files/openssl-1.1.0h-CVE-2018-0737.patch deleted file mode 100644 index 34c9cc02fa..0000000000 --- a/dev-libs/openssl/files/openssl-1.1.0h-CVE-2018-0737.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 349a41da1ad88ad87825414752a8ff5fdd6a6c3f Mon Sep 17 00:00:00 2001 -From: Billy Brumley -Date: Wed, 11 Apr 2018 10:10:58 +0300 -Subject: [PATCH] RSA key generation: ensure BN_mod_inverse and BN_mod_exp_mont - both get called with BN_FLG_CONSTTIME flag set. - -CVE-2018-0737 - -Reviewed-by: Rich Salz -Reviewed-by: Matt Caswell -(cherry picked from commit 6939eab03a6e23d2bd2c3f5e34fe1d48e542e787) ---- - crypto/rsa/rsa_gen.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c -index 9ca5dfe..42b89a8 100644 ---- a/crypto/rsa/rsa_gen.c -+++ b/crypto/rsa/rsa_gen.c -@@ -156,6 +156,8 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, - if (BN_copy(rsa->e, e_value) == NULL) - goto err; - -+ BN_set_flags(rsa->p, BN_FLG_CONSTTIME); -+ BN_set_flags(rsa->q, BN_FLG_CONSTTIME); - BN_set_flags(r2, BN_FLG_CONSTTIME); - /* generate p and q */ - for (;;) { --- -2.7.4 - diff --git a/dev-libs/openssl/files/openssl-1.1.1-CVE-2018-0734.patch b/dev-libs/openssl/files/openssl-1.1.1-CVE-2018-0734.patch deleted file mode 100644 index dbc379c80d..0000000000 --- a/dev-libs/openssl/files/openssl-1.1.1-CVE-2018-0734.patch +++ /dev/null @@ -1,131 +0,0 @@ -CVE-2018-0734 -https://github.com/openssl/openssl/commit/f1b12b8713a739f27d74e6911580b2e70aea2fa4 -https://github.com/openssl/openssl/commit/8abfe72e8c1de1b95f50aa0d9134803b4d00070f - ---- a/crypto/dsa/dsa_ossl.c -+++ b/crypto/dsa/dsa_ossl.c -@@ -9,6 +9,7 @@ - - #include - #include "internal/cryptlib.h" -+#include "internal/bn_int.h" - #include - #include - #include "dsa_locl.h" -@@ -23,6 +24,8 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); - static int dsa_init(DSA *dsa); - static int dsa_finish(DSA *dsa); -+static BIGNUM *dsa_mod_inverse_fermat(const BIGNUM *k, const BIGNUM *q, -+ BN_CTX *ctx); - - static DSA_METHOD openssl_dsa_meth = { - "OpenSSL DSA method", -@@ -178,9 +181,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, - { - BN_CTX *ctx = NULL; - BIGNUM *k, *kinv = NULL, *r = *rp; -- BIGNUM *l, *m; -+ BIGNUM *l; - int ret = 0; -- int q_bits; -+ int q_bits, q_words; - - if (!dsa->p || !dsa->q || !dsa->g) { - DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_MISSING_PARAMETERS); -@@ -189,8 +192,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, - - k = BN_new(); - l = BN_new(); -- m = BN_new(); -- if (k == NULL || l == NULL || m == NULL) -+ if (k == NULL || l == NULL) - goto err; - - if (ctx_in == NULL) { -@@ -201,9 +203,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, - - /* Preallocate space */ - q_bits = BN_num_bits(dsa->q); -- if (!BN_set_bit(k, q_bits) -- || !BN_set_bit(l, q_bits) -- || !BN_set_bit(m, q_bits)) -+ q_words = bn_get_top(dsa->q); -+ if (!bn_wexpand(k, q_words + 2) -+ || !bn_wexpand(l, q_words + 2)) - goto err; - - /* Get random k */ -@@ -238,14 +240,17 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, - * small timing information leakage. We then choose the sum that is - * one bit longer than the modulus. - * -- * TODO: revisit the BN_copy aiming for a memory access agnostic -- * conditional copy. -+ * There are some concerns about the efficacy of doing this. More -+ * specificly refer to the discussion starting with: -+ * https://github.com/openssl/openssl/pull/7486#discussion_r228323705 -+ * The fix is to rework BN so these gymnastics aren't required. - */ - if (!BN_add(l, k, dsa->q) -- || !BN_add(m, l, dsa->q) -- || !BN_copy(k, BN_num_bits(l) > q_bits ? l : m)) -+ || !BN_add(k, l, dsa->q)) - goto err; - -+ BN_consttime_swap(BN_is_bit_set(l, q_bits), k, l, q_words + 2); -+ - if ((dsa)->meth->bn_mod_exp != NULL) { - if (!dsa->meth->bn_mod_exp(dsa, r, dsa->g, k, dsa->p, ctx, - dsa->method_mont_p)) -@@ -258,8 +263,8 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, - if (!BN_mod(r, r, dsa->q, ctx)) - goto err; - -- /* Compute part of 's = inv(k) (m + xr) mod q' */ -- if ((kinv = BN_mod_inverse(NULL, k, dsa->q, ctx)) == NULL) -+ /* Compute part of 's = inv(k) (m + xr) mod q' */ -+ if ((kinv = dsa_mod_inverse_fermat(k, dsa->q, ctx)) == NULL) - goto err; - - BN_clear_free(*kinvp); -@@ -273,7 +278,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, - BN_CTX_free(ctx); - BN_clear_free(k); - BN_clear_free(l); -- BN_clear_free(m); - return ret; - } - -@@ -393,3 +397,31 @@ static int dsa_finish(DSA *dsa) - BN_MONT_CTX_free(dsa->method_mont_p); - return 1; - } -+ -+/* -+ * Compute the inverse of k modulo q. -+ * Since q is prime, Fermat's Little Theorem applies, which reduces this to -+ * mod-exp operation. Both the exponent and modulus are public information -+ * so a mod-exp that doesn't leak the base is sufficient. A newly allocated -+ * BIGNUM is returned which the caller must free. -+ */ -+static BIGNUM *dsa_mod_inverse_fermat(const BIGNUM *k, const BIGNUM *q, -+ BN_CTX *ctx) -+{ -+ BIGNUM *res = NULL; -+ BIGNUM *r, *e; -+ -+ if ((r = BN_new()) == NULL) -+ return NULL; -+ -+ BN_CTX_start(ctx); -+ if ((e = BN_CTX_get(ctx)) != NULL -+ && BN_set_word(r, 2) -+ && BN_sub(e, q, r) -+ && BN_mod_exp_mont(r, k, e, q, ctx, NULL)) -+ res = r; -+ else -+ BN_free(r); -+ BN_CTX_end(ctx); -+ return res; -+} diff --git a/dev-libs/openssl/files/openssl-1.1.1-CVE-2018-0735.patch b/dev-libs/openssl/files/openssl-1.1.1-CVE-2018-0735.patch deleted file mode 100644 index 295f5dbe8d..0000000000 --- a/dev-libs/openssl/files/openssl-1.1.1-CVE-2018-0735.patch +++ /dev/null @@ -1,44 +0,0 @@ -From b1d6d55ece1c26fa2829e2b819b038d7b6d692b4 Mon Sep 17 00:00:00 2001 -From: Pauli -Date: Fri, 26 Oct 2018 10:54:58 +1000 -Subject: [PATCH] Timing vulnerability in ECDSA signature generation - (CVE-2018-0735) - -Preallocate an extra limb for some of the big numbers to avoid a reallocation -that can potentially provide a side channel. - -Reviewed-by: Bernd Edlinger -(Merged from https://github.com/openssl/openssl/pull/7486) - -(cherry picked from commit 99540ec79491f59ed8b46b4edf130e17dc907f52) ---- - crypto/ec/ec_mult.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c -index 7e1b3650e7..0e0a5e1394 100644 ---- a/crypto/ec/ec_mult.c -+++ b/crypto/ec/ec_mult.c -@@ -206,8 +206,8 @@ int ec_scalar_mul_ladder(const EC_GROUP *group, EC_POINT *r, - */ - cardinality_bits = BN_num_bits(cardinality); - group_top = bn_get_top(cardinality); -- if ((bn_wexpand(k, group_top + 1) == NULL) -- || (bn_wexpand(lambda, group_top + 1) == NULL)) { -+ if ((bn_wexpand(k, group_top + 2) == NULL) -+ || (bn_wexpand(lambda, group_top + 2) == NULL)) { - ECerr(EC_F_EC_SCALAR_MUL_LADDER, ERR_R_BN_LIB); - goto err; - } -@@ -244,7 +244,7 @@ int ec_scalar_mul_ladder(const EC_GROUP *group, EC_POINT *r, - * k := scalar + 2*cardinality - */ - kbit = BN_is_bit_set(lambda, cardinality_bits); -- BN_consttime_swap(kbit, k, lambda, group_top + 1); -+ BN_consttime_swap(kbit, k, lambda, group_top + 2); - - group_top = bn_get_top(group->field); - if ((bn_wexpand(s->X, group_top) == NULL) --- -2.19.1 - diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch new file mode 100644 index 0000000000..8014be130a --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-a-minor-nit-in-hkdflabel-size.patch @@ -0,0 +1,27 @@ +From 3be71a31a1dda204bb95462a92cf7f247e64b939 Mon Sep 17 00:00:00 2001 +From: Bernd Edlinger +Date: Sun, 16 Dec 2018 12:43:59 +0100 +Subject: [PATCH] Fix a minor nit in the hkdflabel size + +Reviewed-by: Paul Dale +Reviewed-by: Matt Caswell +(Merged from https://github.com/openssl/openssl/pull/7913) + +(cherry picked from commit 0b4233f5a4a181a6dcb7c511cd2663e500e659a4) +--- + ssl/tls13_enc.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c +index c3021d18aa9..e36b7d3a066 100644 +--- a/ssl/tls13_enc.c ++++ b/ssl/tls13_enc.c +@@ -41,7 +41,7 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, + * + bytes for the hash itself + */ + unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t) + +- + sizeof(label_prefix) + TLS13_MAX_LABEL_LEN ++ + (sizeof(label_prefix) - 1) + TLS13_MAX_LABEL_LEN + + 1 + EVP_MAX_MD_SIZE]; + WPACKET pkt; + diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch new file mode 100644 index 0000000000..8f249e22a1 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-cert-with-rsa-instead-of-rsaEncryption.patch @@ -0,0 +1,97 @@ +From c25ae0fff78cb3cb784ef79167329d5cd55b62de Mon Sep 17 00:00:00 2001 +From: Bernd Edlinger +Date: Thu, 27 Dec 2018 22:18:21 +0100 +Subject: [PATCH] Fix cert with rsa instead of rsaEncryption as public key + algorithm + +Reviewed-by: Kurt Roeckx +(Merged from https://github.com/openssl/openssl/pull/7962) + +(cherry picked from commit 1f483a69bce11c940309edc437eee6e32294d5f2) +--- + crypto/rsa/rsa_ameth.c | 9 ++++++--- + test/certs/root-cert-rsa2.pem | 18 ++++++++++++++++++ + test/recipes/25-test_verify.t | 4 +++- + 3 files changed, 27 insertions(+), 4 deletions(-) + create mode 100644 test/certs/root-cert-rsa2.pem + +diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c +index a6595aec054..75debb3e0a9 100644 +--- a/crypto/rsa/rsa_ameth.c ++++ b/crypto/rsa/rsa_ameth.c +@@ -34,7 +34,7 @@ static int rsa_param_encode(const EVP_PKEY *pkey, + + *pstr = NULL; + /* If RSA it's just NULL type */ +- if (pkey->ameth->pkey_id == EVP_PKEY_RSA) { ++ if (pkey->ameth->pkey_id != EVP_PKEY_RSA_PSS) { + *pstrtype = V_ASN1_NULL; + return 1; + } +@@ -58,7 +58,7 @@ static int rsa_param_decode(RSA *rsa, const X509_ALGOR *alg) + int algptype; + + X509_ALGOR_get0(&algoid, &algptype, &algp, alg); +- if (OBJ_obj2nid(algoid) == EVP_PKEY_RSA) ++ if (OBJ_obj2nid(algoid) != EVP_PKEY_RSA_PSS) + return 1; + if (algptype == V_ASN1_UNDEF) + return 1; +@@ -109,7 +109,10 @@ static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) + RSA_free(rsa); + return 0; + } +- EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa); ++ if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa)) { ++ RSA_free(rsa); ++ return 0; ++ } + return 1; + } + +diff --git a/test/certs/root-cert-rsa2.pem b/test/certs/root-cert-rsa2.pem +new file mode 100644 +index 00000000000..b817fdf3e5d +--- /dev/null ++++ b/test/certs/root-cert-rsa2.pem +@@ -0,0 +1,18 @@ ++-----BEGIN CERTIFICATE----- ++MIIC7DCCAdSgAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 ++IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjASMRAwDgYDVQQD ++DAdSb290IENBMIIBHTAIBgRVCAEBBQADggEPADCCAQoCggEBAOHmAPUGvKBGOHkP ++Px5xGRNtAt8rm3Zr/KywIe3WkQhCO6VjNexSW6CiSsXWAJQDl1o9uWco0n3jIVyk ++7cY8jY6E0Z1Uwz3ZdKKWdmdx+cYaUHez/XjuW+DjjIkjwpoi7D7UN54HzcArVREX ++OjRCHGkNOhiw7RWUXsb9nofGHOeUGpLAXwXBc0PlA94JkckkztiOi34u4DFI0YYq ++alUmeugLNk6XseCkydpcaUsDgAhWg6Mfsiq4wUz+xbFN1MABqu2+ziW97mmt9gfN ++biuhiVT1aOuYCe3JYGbLM2JKA7Bo1g6rX8E1VX79Ru6669y2oqPthX9337VoIkN+ ++ZiQjr8UCAwEAAaNQME4wHQYDVR0OBBYEFI71Ja8em2uEPXyAmslTnE1y96NSMB8G ++A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ ++KoZIhvcNAQELBQADggEBAJ0OIdog3uQ1pmsjv1Qtf1w4If1geOn5uK0EOj2wYBHt ++NxlFn7l8d9+51QMZFO+RlQJ0s3Webyo1ReuaL2dMn2LGJhWMoSBAwrMALAENU3lv ++8jioRbfO2OamsdpJpKxQUyUJYudNe+BoKNX/ry3rxezmsFsRr9nDMiJZpmBCXiMm ++mFFJOJkG0CheexBbMkua4kyStIOwO4rb5bSHszVso/9ucdGHBSC7oRcJXoWSDjBx ++PdQPPBK5g4yqL8Lz26ehgsmhRKL9k32eVyjDKcIzgpmgcPTfTqNbd1KHQJKx4ssb ++7nEpGKHalSo5Oq5L9s9qYrUv37kwBY4OpJFtmGaodoI= ++-----END CERTIFICATE----- +diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t +index 6c3deab7c67..b80a1cde3ed 100644 +--- a/test/recipes/25-test_verify.t ++++ b/test/recipes/25-test_verify.t +@@ -27,7 +27,7 @@ sub verify { + run(app([@args])); + } + +-plan tests => 134; ++plan tests => 135; + + # Canonical success + ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]), +@@ -361,6 +361,8 @@ ok(verify("some-names2", "sslserver", ["many-constraints"], ["many-constraints"] + "Not too many names and constraints to check (2)"); + ok(verify("some-names2", "sslserver", ["many-constraints"], ["many-constraints"], ), + "Not too many names and constraints to check (3)"); ++ok(verify("root-cert-rsa2", "sslserver", ["root-cert-rsa2"], [], "-check_ss_sig"), ++ "Public Key Algorithm rsa instead of rsaEncryption"); + + SKIP: { + skip "Ed25519 is not supported by this OpenSSL build", 1 diff --git a/dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch b/dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch new file mode 100644 index 0000000000..2db64d83e4 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.1.1a-fix-some-SSL_export_keying_material-issues.patch @@ -0,0 +1,420 @@ +From 0fb2815b873304d145ed00283454fc9f3bd35e6b Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Tue, 4 Dec 2018 08:37:04 +0000 +Subject: [PATCH] Fix some SSL_export_keying_material() issues + +Fix some issues in tls13_hkdf_expand() which impact the above function +for TLSv1.3. In particular test that we can use the maximum label length +in TLSv1.3. + +Reviewed-by: Tim Hudson +(Merged from https://github.com/openssl/openssl/pull/7755) +--- + doc/man3/SSL_export_keying_material.pod | 3 +- + ssl/ssl_locl.h | 2 +- + ssl/statem/extensions.c | 2 +- + ssl/statem/statem_clnt.c | 2 +- + ssl/statem/statem_srvr.c | 2 +- + ssl/tls13_enc.c | 73 +++++++++++++++++-------- + test/sslapitest.c | 48 ++++++++++++---- + test/tls13secretstest.c | 2 +- + 8 files changed, 92 insertions(+), 42 deletions(-) + +diff --git a/doc/man3/SSL_export_keying_material.pod b/doc/man3/SSL_export_keying_material.pod +index abebf911fc3..4c81a60ffbb 100644 +--- a/doc/man3/SSL_export_keying_material.pod ++++ b/doc/man3/SSL_export_keying_material.pod +@@ -59,7 +59,8 @@ B