mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-09-30 18:12:08 +02:00
Code Issues Packages Projects Releases Wiki Activity

chore(package moves): move packages to portage-stable

Browse Source
This commit is contained in:
Brandon Philips 2013-02-12 06:50:46 -08:00
parent 25a96d53e6
commit 0f64b833eb
62 changed files with 0 additions and 6165 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

203
sdk_container/src/third_party/coreos-overlay/dev-libs/dbus-glib/ChangeLog vendored
View File

@ -1,203 +0,0 @@
# ChangeLog for dev-libs/dbus-glib
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/dbus-glib/ChangeLog,v 1.52 2010/01/22 07:39:51 eva Exp $
*dbus-glib-0.82-r1 (22 Jan 2010)
22 Jan 2010; Gilles Dartiguelongue <eva@gentoo.org>
+dbus-glib-0.82-r1.ebuild:
Version bump. Do not use static dbus instrospection file. Enable checks
always just like for every other glib-based program.
*dbus-glib-0.82 (07 Nov 2009)
07 Nov 2009; Gilles Dartiguelongue <eva@gentoo.org>
-files/dbus-glib-0.73-namespaces.patch, -dbus-glib-0.74.ebuild,
-dbus-glib-0.74-r1.ebuild, -dbus-glib-0.78.ebuild,
-files/dbus-glib-0.78-as-needed.patch,
-files/dbus-glib-0.78-fix-building-tests.patch, +dbus-glib-0.82.ebuild:
Version bump.
30 Mar 2009; Raúl Porcel <armin76@gentoo.org> dbus-glib-0.76.ebuild:
arm/ia64/s390/sh stable wrt #250289
*dbus-glib-0.80 (08 Mar 2009)
08 Mar 2009; Gilles Dartiguelongue <eva@gentoo.org>
-dbus-glib-0.73.ebuild, +dbus-glib-0.80.ebuild:
Bump to 0.80. Various fixes and notably testsuite.
06 Feb 2009; Jeroen Roovers <jer@gentoo.org> dbus-glib-0.76.ebuild:
Stable for HPPA (bug #250289).
18 Jan 2009; Gilles Dartiguelongue <eva@gentoo.org> dbus-glib-0.78.ebuild:
Clean up econf per bug #253596 and add missing deps.
13 Jan 2009; Doug Goldstein <cardoe@gentoo.org> metadata.xml:
gentopia is becoming freedesktop
30 Dec 2008; Doug Goldstein <cardoe@gentoo.org>
files/dbus-glib-0.78-as-needed.patch,
+files/dbus-glib-0.78-fix-building-tests.patch, dbus-glib-0.78.ebuild:
fix building tests in parallel make situations. upstream bug #19325.
Update --as-needed patch to follow upstream's patch.
27 Dec 2008; Doug Goldstein <cardoe@gentoo.org> dbus-glib-0.78.ebuild:
add gtk-doc-am to DEPEND so that automake successfully runs
*dbus-glib-0.78 (23 Dec 2008)
23 Dec 2008; Doug Goldstein <cardoe@gentoo.org>
+files/dbus-glib-0.78-as-needed.patch, +dbus-glib-0.78.ebuild:
version bump. ebuild from Santiago M. Mola <coldwind@gentoo.org> with
additional changes for fixing tests and correcting depends by me
15 Dec 2008; Tobias Klausmann <klausman@gentoo.org> dbus-glib-0.76.ebuild:
Stable on alpha, bug #250289
14 Dec 2008; nixnut <nixnut@gentoo.org> dbus-glib-0.76.ebuild:
Stable on ppc wrt bug 250289
10 Dec 2008; Markus Meier <maekke@gentoo.org> dbus-glib-0.76.ebuild:
amd64/x86 stable, bug #250289
08 Dec 2008; Brent Baude <ranger@gentoo.org> dbus-glib-0.76.ebuild:
stable ppc64, bug 250289
08 Dec 2008; Ferris McCormick <fmccor@gentoo.org> dbus-glib-0.76.ebuild:
Sparc stable, Bug #250289.
*dbus-glib-0.76 (15 Aug 2008)
15 Aug 2008; Doug Goldstein <cardoe@gentoo.org> -dbus-glib-0.72.ebuild,
+dbus-glib-0.76.ebuild:
remove old version. add new version.
http://lists.freedesktop.org/archives/dbus/2008-June/009898.html
*dbus-glib-0.74-r1 (22 Apr 2008)
22 Apr 2008; Saleem Abdulrasool <compnerd@gentoo.org>
+files/dbus-glib-0.73-namespaces.patch, +dbus-glib-0.74-r1.ebuild:
Add patch for namespace support in dbus-binding-tool
29 Feb 2008; Jeroen Roovers <jer@gentoo.org> dbus-glib-0.74.ebuild:
Stable for HPPA (bug #208917).
29 Feb 2008; Brent Baude <ranger@gentoo.org> dbus-glib-0.74.ebuild:
stable ppc64, bug 208917
28 Feb 2008; Santiago M. Mola <coldwind@gentoo.org> dbus-glib-0.74.ebuild:
amd64 stable wrt bug #208917
28 Feb 2008; Raúl Porcel <armin76@gentoo.org> dbus-glib-0.74.ebuild:
alpha/ia64 stable wrt #208917
28 Feb 2008; nixnut <nixnut@gentoo.org> dbus-glib-0.74.ebuild:
Stable on ppc wrt bug 208917
28 Feb 2008; Christian Faulhammer <opfer@gentoo.org>
dbus-glib-0.74.ebuild:
stable x86, bug 208917
27 Feb 2008; Ferris McCormick <fmccor@gentoo.org> dbus-glib-0.74.ebuild:
Sparc stable --- Bug #208917 --- around over 5 months and all tests pass.
*dbus-glib-0.74 (06 Sep 2007)
06 Sep 2007; Doug Goldstein <cardoe@gentoo.org> +dbus-glib-0.74.ebuild:
ver bump
13 May 2007; Joshua Kinard <kumba@gentoo.org> dbus-glib-0.73.ebuild:
Stable on mips, per #174808.
22 Apr 2007; Tobias Scherbaum <dertobi123@gentoo.org>
dbus-glib-0.73.ebuild:
ppc stable, bug #174808
18 Apr 2007; Alexander H. Færøy <eroyf@gentoo.org>
dbus-glib-0.73.ebuild:
Marked ~mips.
18 Apr 2007; Christian Faulhammer <opfer@gentoo.org>
dbus-glib-0.73.ebuild:
stable x86, bug 174808
18 Apr 2007; Daniel Gryniewicz <dang@gentoo.org> dbus-glib-0.73.ebuild:
Marked stable on amd64 for bug #174808
17 Apr 2007; Jeroen Roovers <jer@gentoo.org> dbus-glib-0.73.ebuild:
Stable for HPPA (bug #174808).
17 Apr 2007; Gustavo Zacarias <gustavoz@gentoo.org> dbus-glib-0.73.ebuild:
Stable on sparc wrt #174808
17 Apr 2007; Markus Rothe <corsair@gentoo.org> dbus-glib-0.73.ebuild:
Stable on ppc64; bug #174808
16 Apr 2007; Bryan Østergaard <kloeri@gentoo.org> dbus-glib-0.73.ebuild:
Stable on Alpha, bug 174808.
16 Apr 2007; Raúl Porcel <armin76@gentoo.org> dbus-glib-0.73.ebuild:
ia64 stable wrt bug 174808
04 Apr 2007; Bryan Østergaard <kloeri@gentoo.org> dbus-glib-0.72.ebuild:
Stable on Alpha.
*dbus-glib-0.73 (13 Feb 2007)
13 Feb 2007; Doug Goldstein <cardoe@gentoo.org> +dbus-glib-0.73.ebuild:
rev bump
29 Jan 2007; Gustavo Zacarias <gustavoz@gentoo.org> dbus-glib-0.72.ebuild:
Stable on sparc wrt #162877
23 Jan 2007; Jeroen Roovers <jer@gentoo.org> dbus-glib-0.72.ebuild:
Stable for HPPA (bug #162877).
22 Jan 2007; Olivier Crête <tester@gentoo.org> dbus-glib-0.72.ebuild:
stable on amd64 per bug #162877
21 Jan 2007; Andrej Kacian <ticho@gentoo.org> dbus-glib-0.72.ebuild:
Stable on x86, bug 162877.
21 Jan 2007; Markus Rothe <corsair@gentoo.org> dbus-glib-0.72.ebuild:
Stable on ppc64; bug #162877
21 Jan 2007; nixnut <nixnut@gentoo.org> dbus-glib-0.72.ebuild:
Stable on ppc wrt bug 162877
16 Jan 2007; Roy Marples <uberlord@gentoo.org> dbus-glib-0.72.ebuild:
Added ~x86-fbsd keyword.
05 Jan 2007; Diego Pettenò <flameeyes@gentoo.org> dbus-glib-0.72.ebuild:
Remove debug.eclass usage.
02 Dec 2006; Doug Goldstein <cardoe@gentoo.org> dbus-glib-0.72.ebuild:
Fixed glib depend
30 Oct 2006; Steev Klimaszewski <steev@gentoo.org> -dbus-glib-0.71.ebuild,
dbus-glib-0.72.ebuild:
Remove dbus-glib .71 and update the dependency to reflect dbus instead of
dbus-core.
28 Oct 2006; Steev Klimaszewski <steev@gentoo.org> dbus-glib-0.72.ebuild:
dbus-glib .72 requires dbus-core .94 or better.
*dbus-glib-0.72 (27 Oct 2006)
27 Oct 2006; Steev Klimaszewski <steev@gentoo.org> +dbus-glib-0.72.ebuild:
New upstream release, quite a few changes, if you program anything and use
these bindings, PLEASE read the ChangeLog.
21 Aug 2006; Steev Klimaszewski <steev@gentoo.org>
files/dbus-glib-introspection.patch:
Fix the patch to apply the xml file properly to not try to connect to the D-Bus
daemon.
*dbus-glib-0.71 (18 Aug 2006)
18 Aug 2006; Steev Klimaszewski <steev@gentoo.org>
+files/dbus-glib-introspection.patch, +metadata.xml,
+dbus-glib-0.71.ebuild:
Glib bindings for dbus. Initial import

2
sdk_container/src/third_party/coreos-overlay/dev-libs/dbus-glib/Manifest vendored
View File

@ -1,2 +0,0 @@
DIST dbus-glib-0.82.tar.gz 674953 RMD160 570664552de2d455ca4aa27144243be3974e7d77 SHA1 8ad09cf13810382048a685bcafc72f252b2539a8 SHA256 ddfb062797341b5c5a22555ffe80138953cc61a67ba805647b2746f519bfbde1
DIST dbus-glib-0.92.tar.gz 687138 RMD160 63ad9e0a673f4df7d1b24f752502b697b9f54ab3 SHA1 69aa860251a2c916907ac7b34d5a40196cf073ff SHA256 5a7fd4cf937cdcb7f2eed61341b70ee0f2607450a50db381618598adf60dd40e

77
sdk_container/src/third_party/coreos-overlay/dev-libs/dbus-glib/dbus-glib-0.82.ebuild vendored
View File

@ -1,77 +0,0 @@
# Copyright 1999-2009 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/dbus-glib/dbus-glib-0.82.ebuild,v 1.1 2009/11/07 20:00:54 eva Exp $
EAPI="2"
inherit eutils bash-completion
DESCRIPTION="D-Bus bindings for glib"
HOMEPAGE="http://dbus.freedesktop.org/"
SRC_URI="http://dbus.freedesktop.org/releases/${PN}/${P}.tar.gz"
LICENSE="|| ( GPL-2 AFL-2.1 )"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
IUSE="bash-completion debug doc test"
RDEPEND=">=sys-apps/dbus-1.1
>=dev-libs/glib-2.10
>=dev-libs/expat-1.95.8"
DEPEND="${RDEPEND}
dev-util/pkgconfig
sys-devel/gettext
doc? (
app-doc/doxygen
app-text/xmlto
>=dev-util/gtk-doc-1.4 )"
BASH_COMPLETION_NAME="dbus"
pkg_setup() {
# We need a dbus-binding-tool installed on the host for cross-compilation.
# So check if we have it in the path and can call it right at the beginning...
if tc-is-cross-compiler ; then
dbus-binding-tool --version >/dev/null 2>&1
[[ "$?" != "0" ]] && die "Cross-compilation requires a dbus-binding-tool on the host. Please emerge dbus-glib to your host!"
fi
}
src_prepare() {
# description ?
epatch "${FILESDIR}"/${PN}-introspection.patch
}
src_configure() {
local myconf=""
# For cross-compilation we need the host dbus-binding-tool
if tc-is-cross-compiler ; then
myconf="${myconf} \
--with-dbus-binding-tool=dbus-binding-tool"
fi
econf \
--localstatedir=/var \
$(use_enable bash-completion) \
$(use_enable debug verbose-mode) \
$(use_enable debug checks) \
$(use_enable debug asserts) \
$(use_enable doc doxygen-docs) \
$(use_enable doc gtk-doc) \
$(use_enable test tests) \
$(use_with test test-socket-dir "${T}"/dbus-test-socket) \
${myconf}
}
src_install() {
emake DESTDIR="${D}" install || die "make install failed"
dodoc AUTHORS ChangeLog HACKING NEWS README || die "dodoc failed."
# FIXME: We need --with-bash-completion-dir
if use bash-completion ; then
dobashcompletion "${D}"/etc/bash_completion.d/dbus-bash-completion.sh
rm -rf "${D}"/etc/bash_completion.d || die "rm failed"
fi
}

109
sdk_container/src/third_party/coreos-overlay/dev-libs/dbus-glib/dbus-glib-0.92.ebuild vendored
View File

@ -1,109 +0,0 @@
# Copyright 1999-2010 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/dbus-glib/dbus-glib-0.92.ebuild,v 1.1 2010/11/10 16:49:58 ssuominen Exp $
EAPI=2
inherit bash-completion toolchain-funcs
DESCRIPTION="D-Bus bindings for glib"
HOMEPAGE="http://dbus.freedesktop.org/"
SRC_URI="http://dbus.freedesktop.org/releases/${PN}/${P}.tar.gz"
LICENSE="|| ( GPL-2 AFL-2.1 )"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
IUSE="bash-completion debug doc static-libs test"
RDEPEND=">=sys-apps/dbus-1.1
>=dev-libs/glib-2.26
>=dev-libs/expat-1.95.8"
DEPEND="${RDEPEND}
dev-util/pkgconfig
sys-devel/gettext
doc? (
app-doc/doxygen
app-text/xmlto
>=dev-util/gtk-doc-1.4 )"
# out of sources build directory
BD=${WORKDIR}/${P}-build
# out of sources build dir for make check
TBD=${WORKDIR}/${P}-tests-build
BASHCOMPLETION_NAME="dbus"
pkg_setup() {
# We need a dbus-binding-tool installed on the host for cross-compilation.
# So check if we have it in the path and can call it right at the beginning...
if tc-is-cross-compiler ; then
dbus-binding-tool --version >/dev/null 2>&1
[[ "$?" != "0" ]] && die "Cross-compilation requires a dbus-binding-tool on the host. Please emerge dbus-glib to your host!"
fi
}
src_configure() {
local my_conf
my_conf="--localstatedir=/var
$(use_enable bash-completion)
$(use_enable debug verbose-mode)
$(use_enable debug asserts)
$(use_enable doc doxygen-docs)
$(use_enable static-libs static)
$(use_enable doc gtk-doc)
--with-html-dir=/usr/share/doc/${PF}/html"
if tc-is-cross-compiler ; then
my_conf="${my_conf} \
--with-dbus-binding-tool=dbus-binding-tool"
fi
mkdir "${BD}"
cd "${BD}"
einfo "Running configure in ${BD}"
ECONF_SOURCE="${S}" econf ${my_conf}
if use test; then
mkdir "${TBD}"
cd "${TBD}"
einfo "Running configure in ${TBD}"
ECONF_SOURCE="${S}" econf \
${my_conf} \
$(use_enable test checks) \
$(use_enable test tests) \
$(use_enable test asserts) \
$(use_with test test-socket-dir "${T}"/dbus-test-socket)
fi
}
src_compile() {
cd "${BD}"
einfo "Running make in ${BD}"
emake || die
if use test; then
cd "${TBD}"
einfo "Running make in ${TBD}"
emake || die
fi
}
src_test() {
cd "${TBD}"
emake check || die
}
src_install() {
dodoc AUTHORS ChangeLog HACKING NEWS README || die
cd "${BD}"
emake DESTDIR="${D}" install || die
# FIXME: We need --with-bash-completion-dir
if use bash-completion ; then
dobashcompletion "${D}"/etc/bash_completion.d/dbus-bash-completion.sh
rm -rf "${D}"/etc/bash_completion.d || die
fi
find "${D}" -name '*.la' -exec rm -f '{}' +
}

78
sdk_container/src/third_party/coreos-overlay/dev-libs/dbus-glib/files/dbus-glib-introspection.patch vendored
View File

@ -1,78 +0,0 @@
diff -Npru dbus-glib-0.71-orig/tools/dbus-bus-introspect.xml dbus-glib-0.71/tools/dbus-bus-introspect.xml
--- tools/dbus-bus-introspect.xml 1969-12-31 17:00:00.000000000 -0700
+++ tools/dbus-bus-introspect.xml 2006-07-24 14:32:01.000000000 -0600
@@ -0,0 +1,74 @@
+ <!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN"
+"http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
+<node>
+ <interface name="org.freedesktop.DBus.Introspectable">
+ <method name="Introspect">
+ <arg name="data" direction="out" type="s"/>
+ </method>
+ </interface>
+ <interface name="org.freedesktop.DBus">
+ <method name="RequestName">
+ <arg direction="in" type="s"/>
+ <arg direction="in" type="u"/>
+ <arg direction="out" type="u"/>
+ </method>
+ <method name="ReleaseName">
+ <arg direction="in" type="s"/>
+ <arg direction="out" type="u"/>
+ </method>
+ <method name="StartServiceByName">
+ <arg direction="in" type="s"/>
+ <arg direction="in" type="u"/>
+ <arg direction="out" type="u"/>
+ </method>
+ <method name="Hello">
+ <arg direction="out" type="s"/>
+ </method>
+ <method name="NameHasOwner">
+ <arg direction="in" type="s"/>
+ <arg direction="out" type="b"/>
+ </method>
+ <method name="ListNames">
+ <arg direction="out" type="as"/>
+ </method>
+ <method name="AddMatch">
+ <arg direction="in" type="s"/>
+ </method>
+ <method name="RemoveMatch">
+ <arg direction="in" type="s"/>
+ </method>
+ <method name="GetNameOwner">
+ <arg direction="in" type="s"/>
+ <arg direction="out" type="s"/>
+ </method>
+ <method name="ListQueuedOwners">
+ <arg direction="in" type="s"/>
+ <arg direction="out" type="as"/>
+ </method>
+ <method name="GetConnectionUnixUser">
+ <arg direction="in" type="s"/>
+ <arg direction="out" type="u"/>
+ </method>
+ <method name="GetConnectionUnixProcessID">
+ <arg direction="in" type="s"/>
+ <arg direction="out" type="u"/>
+ </method>
+ <method name="GetConnectionSELinuxSecurityContext">
+ <arg direction="in" type="s"/>
+ <arg direction="out" type="ay"/>
+ </method>
+ <method name="ReloadConfig">
+ </method>
+ <signal name="NameOwnerChanged">
+ <arg type="s"/>
+ <arg type="s"/>
+ <arg type="s"/>
+ </signal>
+ <signal name="NameLost">
+ <arg type="s"/>
+ </signal>
+ <signal name="NameAcquired">
+ <arg type="s"/>
+ </signal>
+ </interface>
+</node>

11
sdk_container/src/third_party/coreos-overlay/dev-libs/dbus-glib/metadata.xml vendored
View File

@ -1,11 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<herd>freedesktop</herd>
<maintainer>
<email>cardoe@gentoo.org</email>
</maintainer>
<maintainer>
<email>steev@gentoo.org</email>
</maintainer>
</pkgmetadata>

34
sdk_container/src/third_party/coreos-overlay/dev-libs/opencryptoki/ChangeLog vendored
View File

@ -1,34 +0,0 @@
# ChangeLog for dev-libs/opencryptoki
# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/opencryptoki/ChangeLog,v 1.7 2009/06/28 10:48:58 arfrever Exp $
*opencryptoki-2.2.8 (28 Jun 2009)
28 Jun 2009; Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org>
+opencryptoki-2.2.8.ebuild:
Version bump.
06 Aug 2008; Ulrich Mueller <ulm@gentoo.org> metadata.xml:
Add USE flag description to metadata wrt GLEP 56.
10 Nov 2007; Alon Bar-Lev <alonbl@gentoo.org>
-opencryptoki-2.2.4-r1.ebuild, opencryptoki-2.2.4.1.ebuild:
Cleanups
29 Aug 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
Removing kaiowas from metadata due to his retirement (see #61930 for
reference).
*opencryptoki-2.2.4.1 (25 Mar 2007)
25 Mar 2007; Petre Rodan <kaiowas@gentoo.org>
+files/opencryptoki-2.2.4.1-tpm_util.c.patch,
+opencryptoki-2.2.4.1.ebuild:
version bump
*opencryptoki-2.2.4-r1 (03 Jun 2006)
03 Jun 2006; Petre Rodan <kaiowas@gentoo.org> +files/pkcsslotd.init,
+metadata.xml, +opencryptoki-2.2.4-r1.ebuild:
initial commit

11
sdk_container/src/third_party/coreos-overlay/dev-libs/opencryptoki/metadata.xml vendored
View File

@ -1,11 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<herd>crypto</herd>
<longdescription>
PKCS#11 provider for IBM cryptographic hardware.
</longdescription>
<use>
<flag name='tpmtok'>Offer support for TPM token</flag>
</use>
</pkgmetadata>

40
sdk_container/src/third_party/coreos-overlay/dev-libs/opencryptoki/opencryptoki-2.2.8-r17.ebuild vendored
View File

@ -1,40 +0,0 @@
# Copyright 2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/opencryptoki/opencryptoki-2.2.8.ebuild,v 1.1 2009/06/28 10:48:58 arfrever Exp $
EAPI="2"
CROS_WORKON_COMMIT="a8cef4ae1b31664c9f59c509f6e79c1fc03f4bc4"
CROS_WORKON_TREE="8f71d13ce4e947d8a631fc03d8bfd4f63587d3a7"
inherit cros-workon autotools eutils multilib toolchain-funcs
DESCRIPTION="PKCS#11 provider for IBM cryptographic hardware"
HOMEPAGE="http://sourceforge.net/projects/opencryptoki"
LICENSE="CPL-0.5"
SLOT="0"
KEYWORDS="amd64 arm x86"
IUSE="tpmtok"
CROS_WORKON_PROJECT="chromiumos/third_party/opencryptoki"
RDEPEND="tpmtok? ( app-crypt/trousers )
dev-libs/openssl"
DEPEND="${RDEPEND}"
src_prepare() {
eautoreconf
}
src_configure() {
econf $(use_enable tpmtok)
}
src_install() {
emake install DESTDIR="${D}" || die "emake install failed"
# tpmtoken_* binaries expect to find the libraries in /usr/lib/.
dosym opencryptoki/stdll/libpkcs11_sw.so.0.0.0 "/usr/$(get_libdir)/libpkcs11_sw.so"
dosym opencryptoki/stdll/libpkcs11_tpm.so.0.0.0 "/usr/$(get_libdir)/libpkcs11_tpm.so"
dosym opencryptoki/libopencryptoki.so.0.0.0 "/usr/$(get_libdir)/libopencryptoki.so"
dosym opencryptoki/stdll/libpkcs11_sw.so.0.0.0 "/usr/$(get_libdir)/libpkcs11_sw.so.0"
dosym opencryptoki/stdll/libpkcs11_tpm.so.0.0.0 "/usr/$(get_libdir)/libpkcs11_tpm.so.0"
dosym opencryptoki/libopencryptoki.so.0.0.0 "/usr/$(get_libdir)/libopencryptoki.so.0"
}

38
sdk_container/src/third_party/coreos-overlay/dev-libs/opencryptoki/opencryptoki-9999.ebuild vendored
View File

@ -1,38 +0,0 @@
# Copyright 2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/opencryptoki/opencryptoki-2.2.8.ebuild,v 1.1 2009/06/28 10:48:58 arfrever Exp $
EAPI="2"
inherit cros-workon autotools eutils multilib toolchain-funcs
DESCRIPTION="PKCS#11 provider for IBM cryptographic hardware"
HOMEPAGE="http://sourceforge.net/projects/opencryptoki"
LICENSE="CPL-0.5"
SLOT="0"
KEYWORDS="~amd64 ~arm ~x86"
IUSE="tpmtok"
CROS_WORKON_PROJECT="chromiumos/third_party/opencryptoki"
RDEPEND="tpmtok? ( app-crypt/trousers )
dev-libs/openssl"
DEPEND="${RDEPEND}"
src_prepare() {
eautoreconf
}
src_configure() {
econf $(use_enable tpmtok)
}
src_install() {
emake install DESTDIR="${D}" || die "emake install failed"
# tpmtoken_* binaries expect to find the libraries in /usr/lib/.
dosym opencryptoki/stdll/libpkcs11_sw.so.0.0.0 "/usr/$(get_libdir)/libpkcs11_sw.so"
dosym opencryptoki/stdll/libpkcs11_tpm.so.0.0.0 "/usr/$(get_libdir)/libpkcs11_tpm.so"
dosym opencryptoki/libopencryptoki.so.0.0.0 "/usr/$(get_libdir)/libopencryptoki.so"
dosym opencryptoki/stdll/libpkcs11_sw.so.0.0.0 "/usr/$(get_libdir)/libpkcs11_sw.so.0"
dosym opencryptoki/stdll/libpkcs11_tpm.so.0.0.0 "/usr/$(get_libdir)/libpkcs11_tpm.so.0"
dosym opencryptoki/libopencryptoki.so.0.0.0 "/usr/$(get_libdir)/libopencryptoki.so.0"
}

1308
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/ChangeLog vendored
View File

File diff suppressed because it is too large Load Diff

42
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/blacklist vendored
View File

@ -1,42 +0,0 @@
# Certs listed by serial at https://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html
serial 047ecbe9fca55f7bd09eae36e10cae1e
serial 00f5c86af36162f13a64f54f6dc9587c06
serial 00d7558fdaf5f1105bb213282b707729a3
serial 392a434f0e07df1f8aa305de34e0c229
serial 3e75ced46b693021218830ae86a82a71
serial 00e9028b9578e415dc1a710a2b88154447
serial 009239d5348f40d1695a745470e1f23f43
serial 00b0b7133ed096f9b56fae91c874bd3ac0
serial 00d8f35f4eb7872b2dab0692e315382fb0
# Certs listed by hash in the Chrome source - DigiNotar's cross-signed roots
# Subject: CN=DigiNotar Root CA
# Issuer: CN=Entrust.net x2 and self-signed
sha1 410f36363258f30b347d12ce4863e433437806a8
# Subject: CN=DigiNotar Cyber CA
# Issuer: CN=GTE CyberTrust Global Root
sha1 c4f9663716cd5e71d6950b5f33ce041c95b435d1
# Subject: CN=DigiNotar Services 1024 CA
# Issuer: CN=Entrust.net
sha1 e23b8d105f87710a68d9248050ebefc627be4ca6
# Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2
# Issuer: CN=Staat der Nederlanden Organisatie CA - G2
sha1 7b2e16bc39bcd72b456e9f055d1de615b74945db
# Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven
# Issuer: CN=Staat der Nederlanden Overheid CA
sha1 e8f91200c65cee16e039b9f883841661635f81c5
# Subject: O=Digicert Sdn. Bhd.
# Issuer: CN=GTE CyberTrust Global Root
# Expires: Jul 17 15:16:54 2012 GMT
sha1 0129bcd5b448ae8d2496d1c3e19723919088e152
# Subject: O=Digicert Sdn. Bhd.
# Issuer: CN=Entrust.net Certification Authority (2048)
# Expires: Jul 16 17:53:37 2015 GMT
sha1 d33c5b41e45cc4b3be9ad6952c4ecc2528032981
# Issuer: CN=Trustwave Organization Issuing CA, Level 2
# Covers two certificates, the latter of which expires Apr 15 21:09:30
# 2021 GMT.
sha1 e12d89f56d2276f830e6ceafa66c725c0b41a932
# Cyberoam CA certificate. Private key leaked, but this certificate would
# only have been installed by Cyberoam customers. The certificate expires
# in 2036, but we can probably remove in a couple of years (2014).
sha1 d9f5c6ce57ffaa39cc7ed172bd53e0d307834bd1

210
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/c_rehash.sh vendored
View File

@ -1,210 +0,0 @@
#!/bin/sh
#
# Ben Secrest <blsecres@gmail.com>
#
# sh c_rehash script, scan all files in a directory
# and add symbolic links to their hash values.
#
# based on the c_rehash perl script distributed with openssl
#
# LICENSE: See OpenSSL license
# ^^acceptable?^^
#
# default certificate location
DIR=/etc/openssl
# for filetype bitfield
IS_CERT=$(( 1 << 0 ))
IS_CRL=$(( 1 << 1 ))
# check to see if a file is a certificate file or a CRL file
# arguments:
# 1. the filename to be scanned
# returns:
# bitfield of file type; uses ${IS_CERT} and ${IS_CRL}
#
check_file()
{
local IS_TYPE=0
# make IFS a newline so we can process grep output line by line
local OLDIFS=${IFS}
IFS=$( printf "\n" )
# XXX: could be more efficient to have two 'grep -m' but is -m portable?
for LINE in $( grep '^-----BEGIN .*-----' ${1} )
do
if echo ${LINE} \
| grep -q -E '^-----BEGIN (X509 |TRUSTED )?CERTIFICATE-----'
then
IS_TYPE=$(( ${IS_TYPE} | ${IS_CERT} ))
if [ $(( ${IS_TYPE} & ${IS_CRL} )) -ne 0 ]
then
break
fi
elif echo ${LINE} | grep -q '^-----BEGIN X509 CRL-----'
then
IS_TYPE=$(( ${IS_TYPE} | ${IS_CRL} ))
if [ $(( ${IS_TYPE} & ${IS_CERT} )) -ne 0 ]
then
break
fi
fi
done
# restore IFS
IFS=${OLDIFS}
return ${IS_TYPE}
}
#
# use openssl to fingerprint a file
# arguments:
# 1. the filename to fingerprint
# 2. the method to use (x509, crl)
# returns:
# none
# assumptions:
# user will capture output from last stage of pipeline
#
fingerprint()
{
${SSL_CMD} ${2} -fingerprint -noout -in ${1} | sed 's/^.*=//' | tr -d ':'
}
#
# link_hash - create links to certificate files
# arguments:
# 1. the filename to create a link for
# 2. the type of certificate being linked (x509, crl)
# returns:
# 0 on success, 1 otherwise
#
link_hash()
{
local FINGERPRINT=$( fingerprint ${1} ${2} )
local HASH=$( ${SSL_CMD} ${2} -hash -noout -in ${1} )
local SUFFIX=0
local LINKFILE=''
local TAG=''
if [ ${2} = "crl" ]
then
TAG='r'
fi
LINKFILE=${HASH}.${TAG}${SUFFIX}
while [ -f ${LINKFILE} ]
do
if [ ${FINGERPRINT} = $( fingerprint ${LINKFILE} ${2} ) ]
then
echo "WARNING: Skipping duplicate file ${1}" >&2
return 1
fi
SUFFIX=$(( ${SUFFIX} + 1 ))
LINKFILE=${HASH}.${TAG}${SUFFIX}
done
echo "${1} => ${LINKFILE}"
# assume any system with a POSIX shell will either support symlinks or
# do something to handle this gracefully
ln -s ${1} ${LINKFILE}
return 0
}
# hash_dir create hash links in a given directory
hash_dir()
{
echo "Doing ${1}"
cd ${1}
ls -1 * 2>/dev/null | while read FILE
do
if echo ${FILE} | grep -q -E '^[[:xdigit:]]{8}\.r?[[:digit:]]+$' \
&& [ -h "${FILE}" ]
then
rm ${FILE}
fi
done
ls -1 *.pem 2>/dev/null | while read FILE
do
check_file ${FILE}
local FILE_TYPE=${?}
local TYPE_STR=''
if [ $(( ${FILE_TYPE} & ${IS_CERT} )) -ne 0 ]
then
TYPE_STR='x509'
elif [ $(( ${FILE_TYPE} & ${IS_CRL} )) -ne 0 ]
then
TYPE_STR='crl'
else
echo "WARNING: ${FILE} does not contain a certificate or CRL: skipping" >&2
continue
fi
link_hash ${FILE} ${TYPE_STR}
done
}
# choose the name of an ssl application
if [ -n "${OPENSSL}" ]
then
SSL_CMD=$(which ${OPENSSL} 2>/dev/null)
else
SSL_CMD=/usr/bin/openssl
OPENSSL=${SSL_CMD}
export OPENSSL
fi
# fix paths
PATH=${PATH}:${DIR}/bin
export PATH
# confirm existance/executability of ssl command
if ! [ -x ${SSL_CMD} ]
then
echo "${0}: rehashing skipped ('openssl' program not available)" >&2
exit 0
fi
# determine which directories to process
old_IFS=$IFS
if [ ${#} -gt 0 ]
then
IFS=':'
DIRLIST=${*}
elif [ -n "${SSL_CERT_DIR}" ]
then
DIRLIST=$SSL_CERT_DIR
else
DIRLIST=${DIR}/certs
fi
IFS=':'
# process directories
for CERT_DIR in ${DIRLIST}
do
if [ -d ${CERT_DIR} -a -w ${CERT_DIR} ]
then
IFS=$old_IFS
hash_dir ${CERT_DIR}
IFS=':'
fi
done

2
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/chromeos-version.sh vendored
View File

@ -1,2 +0,0 @@
#!/bin/sh
exec sed -n '/^VERSION=/s:.*=::p' "$1"/Makefile

145
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/gentoo.config-0.9.8 vendored
View File

@ -1,145 +0,0 @@
#!/usr/bin/env bash
# Copyright 1999-2009 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/gentoo.config-0.9.8,v 1.17 2009/06/21 11:40:34 grobian Exp $
#
# Openssl doesn't play along nicely with cross-compiling
# like autotools based projects, so let's teach it new tricks.
#
# Review the bundled 'config' script to see why kind of targets
# we can pass to the 'Configure' script.
# Testing routines
if [[ $1 == "test" ]] ; then
for c in \
"arm-gentoo-linux-uclibc |linux-generic32 -DL_ENDIAN" \
"armv5b-linux-gnu |linux-generic32 -DB_ENDIAN" \
"x86_64-pc-linux-gnu |linux-x86_64" \
"alphaev56-unknown-linux-gnu |linux-alpha+bwx-gcc" \
"i686-pc-linux-gnu |linux-elf" \
"whatever-gentoo-freebsdX.Y |BSD-generic32" \
"i686-gentoo-freebsdX.Y |BSD-x86-elf" \
"sparc64-alpha-freebsdX.Y |BSD-sparc64" \
"ia64-gentoo-freebsd5.99234 |BSD-ia64" \
"x86_64-gentoo-freebsdX.Y |BSD-x86_64" \
"hppa64-aldsF-linux-gnu5.3 |linux-generic32 -DB_ENDIAN" \
"powerpc-gentOO-linux-uclibc |linux-ppc" \
"powerpc64-unk-linux-gnu |linux-ppc64" \
"x86_64-apple-darwinX |darwin64-x86_64-cc" \
"powerpc64-apple-darwinX |darwin64-ppc-cc" \
"i686-apple-darwinX |darwin-i386-cc" \
"i386-apple-darwinX |darwin-i386-cc" \
"powerpc-apple-darwinX |darwin-ppc-cc" \
"i586-pc-winnt |winnt-parity" \
;do
CHOST=${c/|*}
ret_want=${c/*|}
ret_got=$(CHOST=${CHOST} "$0")
if [[ ${ret_want} == "${ret_got}" ]] ; then
echo "PASS: ${CHOST}"
else
echo "FAIL: ${CHOST}"
echo -e "\twanted: ${ret_want}"
echo -e "\twe got: ${ret_got}"
fi
done
exit 0
fi
[[ -z ${CHOST} && -n $1 ]] && CHOST=$1
# Detect the operating system
case ${CHOST} in
*-aix*) system="aix";;
*-darwin*) system="darwin";;
*-freebsd*) system="BSD";;
*-hpux*) system="hpux";;
*-linux*) system="linux";;
*-solaris*) system="solaris";;
*-winnt*) system="winnt";;
*) exit 0;;
esac
# Compiler munging
compiler="gcc"
if [[ ${CC} == "ccc" ]] ; then
compiler=${CC}
fi
# Detect target arch
machine=""
chost_machine=${CHOST%%-*}
case ${system} in
linux)
case ${chost_machine} in
alphaev56*) machine=alpha+bwx-${compiler};;
alphaev[678]*)machine=alpha+bwx-${compiler};;
alpha*) machine=alpha-${compiler};;
arm*b*) machine="generic32 -DB_ENDIAN";;
arm*) machine="generic32 -DL_ENDIAN";;
# hppa64*) machine=parisc64;;
hppa*) machine="generic32 -DB_ENDIAN";;
i[0-9]86*) machine=elf;;
ia64*) machine=ia64;;
m68*) machine="generic32 -DB_ENDIAN";;
mips*el*) machine="generic32 -DL_ENDIAN";;
mips*) machine="generic32 -DB_ENDIAN";;
powerpc64*) machine=ppc64;;
powerpc*) machine=ppc;;
# sh64*) machine=elf;;
sh*b*) machine="generic32 -DB_ENDIAN";;
sh*) machine="generic32 -DL_ENDIAN";;
sparc*v7*) machine="generic32 -DB_ENDIAN";;
sparc64*) machine=sparcv9;;
sparc*) machine=sparcv8;;
s390x*) machine="generic64 -DB_ENDIAN";;
s390*) machine="generic32 -DB_ENDIAN";;
x86_64*) machine=x86_64;;
esac
;;
BSD)
case ${chost_machine} in
alpha*) machine=generic64;;
i[6-9]86*) machine=x86-elf;;
ia64*) machine=ia64;;
sparc64*) machine=sparc64;;
x86_64*) machine=x86_64;;
*) machine=generic32;;
esac
;;
aix)
machine=${compiler}
;;
darwin)
case ${chost_machine} in
powerpc64) machine=ppc-cc; system=${system}64;;
powerpc) machine=ppc-cc;;
i?86*) machine=i386-cc;;
x86_64) machine=x86_64-cc; system=${system}64;;
esac
;;
hpux)
case ${chost_machine} in
ia64) machine=ia64-${compiler} ;;
esac
;;
solaris)
case ${chost_machine} in
i386) machine=x86-${compiler} ;;
x86_64*) machine=x86_64-${compiler}; system=${system}64;;
sparcv9*) machine=sparcv9-${compiler}; system=${system}64;;
sparc*) machine=sparcv8-${compiler};;
esac
;;
winnt)
machine=parity
;;
esac
# If we have something, show it
[[ -n ${machine} ]] && echo ${system}-${machine}

159
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/gentoo.config-1.0.0 vendored
View File

@ -1,159 +0,0 @@
#!/usr/bin/env bash
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/gentoo.config-1.0.0,v 1.4 2011/12/07 16:03:05 vapier Exp $
#
# Openssl doesn't play along nicely with cross-compiling
# like autotools based projects, so let's teach it new tricks.
#
# Review the bundled 'config' script to see why kind of targets
# we can pass to the 'Configure' script.
# Testing routines
if [[ $1 == "test" ]] ; then
for c in \
"arm-gentoo-linux-uclibc |linux-generic32 -DL_ENDIAN" \
"armv5b-linux-gnu |linux-armv4 -DB_ENDIAN" \
"x86_64-pc-linux-gnu |linux-x86_64" \
"alphaev56-unknown-linux-gnu |linux-alpha+bwx-gcc" \
"i686-pc-linux-gnu |linux-elf" \
"whatever-gentoo-freebsdX.Y |BSD-generic32" \
"i686-gentoo-freebsdX.Y |BSD-x86-elf" \
"sparc64-alpha-freebsdX.Y |BSD-sparc64" \
"ia64-gentoo-freebsd5.99234 |BSD-ia64" \
"x86_64-gentoo-freebsdX.Y |BSD-x86_64" \
"hppa64-aldsF-linux-gnu5.3 |linux-generic32 -DB_ENDIAN" \
"powerpc-gentOO-linux-uclibc |linux-ppc" \
"powerpc64-unk-linux-gnu |linux-ppc64" \
"x86_64-apple-darwinX |darwin64-x86_64-cc" \
"powerpc64-apple-darwinX |darwin64-ppc-cc" \
"i686-apple-darwinX |darwin-i386-cc" \
"i386-apple-darwinX |darwin-i386-cc" \
"powerpc-apple-darwinX |darwin-ppc-cc" \
"i586-pc-winnt |winnt-parity" \
"s390-ibm-linux-gnu |linux-generic32 -DB_ENDIAN" \
"s390x-linux-gnu |linux-s390x" \
;do
CHOST=${c/|*}
ret_want=${c/*|}
ret_got=$(CHOST=${CHOST} "$0")
if [[ ${ret_want} == "${ret_got}" ]] ; then
echo "PASS: ${CHOST}"
else
echo "FAIL: ${CHOST}"
echo -e "\twanted: ${ret_want}"
echo -e "\twe got: ${ret_got}"
fi
done
exit 0
fi
[[ -z ${CHOST} && -n $1 ]] && CHOST=$1
# Detect the operating system
case ${CHOST} in
*-aix*) system="aix";;
*-darwin*) system="darwin";;
*-freebsd*) system="BSD";;
*-hpux*) system="hpux";;
*-linux*) system="linux";;
*-solaris*) system="solaris";;
*-winnt*) system="winnt";;
x86_64-*-mingw*) system="mingw64";;
*mingw*) system="mingw";;
*) exit 0;;
esac
# Compiler munging
compiler="gcc"
if [[ ${CC} == "ccc" ]] ; then
compiler=${CC}
fi
# Detect target arch
machine=""
chost_machine=${CHOST%%-*}
case ${system} in
linux)
case ${chost_machine}:${ABI} in
alphaev56*) machine=alpha+bwx-${compiler};;
alphaev[678]*)machine=alpha+bwx-${compiler};;
alpha*) machine=alpha-${compiler};;
armv[4-9]*b*) machine="armv4 -DB_ENDIAN";;
armv[4-9]*) machine="armv4 -DL_ENDIAN";;
arm*b*) machine="generic32 -DB_ENDIAN";;
arm*) machine="generic32 -DL_ENDIAN";;
avr*) machine="generic32 -DL_ENDIAN";;
bfin*) machine="generic32 -DL_ENDIAN";;
# hppa64*) machine=parisc64;;
hppa*) machine="generic32 -DB_ENDIAN";;
i[0-9]86*|\
x86_64*:x86) machine=elf;;
ia64*) machine=ia64;;
m68*) machine="generic32 -DB_ENDIAN";;
mips*el*) machine="generic32 -DL_ENDIAN";;
mips*) machine="generic32 -DB_ENDIAN";;
powerpc64*) machine=ppc64;;
powerpc*) machine=ppc;;
# sh64*) machine=elf;;
sh*b*) machine="generic32 -DB_ENDIAN";;
sh*) machine="generic32 -DL_ENDIAN";;
sparc*v7*) machine="generic32 -DB_ENDIAN";;
sparc64*) machine=sparcv9;;
sparc*) machine=sparcv8;;
s390x*) machine=s390x;;
s390*) machine="generic32 -DB_ENDIAN";;
x86_64*:x32) machine=x32;;
x86_64*) machine=x86_64;;
esac
;;
BSD)
case ${chost_machine} in
alpha*) machine=generic64;;
i[6-9]86*) machine=x86-elf;;
ia64*) machine=ia64;;
sparc64*) machine=sparc64;;
x86_64*) machine=x86_64;;
*) machine=generic32;;
esac
;;
aix)
machine=${compiler}
;;
darwin)
case ${chost_machine} in
powerpc64) machine=ppc-cc; system=${system}64;;
powerpc) machine=ppc-cc;;
i?86*) machine=i386-cc;;
x86_64) machine=x86_64-cc; system=${system}64;;
esac
;;
hpux)
case ${chost_machine} in
ia64) machine=ia64-${compiler} ;;
esac
;;
solaris)
case ${chost_machine} in
i386) machine=x86-${compiler} ;;
x86_64*) machine=x86_64-${compiler}; system=${system}64;;
sparcv9*) machine=sparcv9-${compiler}; system=${system}64;;
sparc*) machine=sparcv8-${compiler};;
esac
;;
winnt)
machine=parity
;;
mingw*)
# special case ... no xxx-yyy style name
echo ${system}
;;
esac
# If we have something, show it
[[ -n ${machine} ]] && echo ${system}-${machine}

12
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8-make-engines-dir.patch vendored
View File

@ -1,12 +0,0 @@
http://rt.openssl.org/Ticket/Display.html?id=2082
--- openssl-0.9.8/engines/Makefile
+++ openssl-0.9.8.az/engines/Makefile
@@ -88,6 +88,7 @@
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
@if [ -n "$(SHARED_LIBS)" ]; then \
set -e; \
+ $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines; \
for l in $(LIBNAMES); do \
( echo installing $$l; \
if [ "$(PLATFORM)" != "Cygwin" ]; then \

15
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8-makedepend.patch vendored
View File

@ -1,15 +0,0 @@
http://bugs.gentoo.org/149583
http://rt.openssl.org/Ticket/Display.html?id=2085
--- util/domd
+++ util/domd
@@ -14,7 +14,7 @@
cp Makefile Makefile.save
# fake the presence of Kerberos
touch $TOP/krb5.h
-if [ "$MAKEDEPEND" = "gcc" ]; then
+if [ "$MAKEDEPEND" != "makedepend" ]; then
args=""
while [ $# -gt 0 ]; do
if [ "$1" != "--" ]; then args="$args $1"; fi

270
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8b-doc-updates.patch vendored
View File

@ -1,270 +0,0 @@
http://rt.openssl.org/Ticket/Display.html?id=2083
--- doc/crypto/ASN1_generate_nconf.pod
+++ doc/crypto/ASN1_generate_nconf.pod
@@ -6,6 +6,8 @@ ASN1_generate_nconf, ASN1_generate_v3 -
=head1 SYNOPSIS
+ #include <openssl/asn1.h>
+
ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
--- doc/crypto/ASN1_OBJECT_new.pod
+++ doc/crypto/ASN1_OBJECT_new.pod
@@ -6,6 +6,8 @@ ASN1_OBJECT_new, ASN1_OBJECT_free, - obj
=head1 SYNOPSIS
+ #include <openssl/asn1.h>
+
ASN1_OBJECT *ASN1_OBJECT_new(void);
void ASN1_OBJECT_free(ASN1_OBJECT *a);
--- doc/crypto/ASN1_STRING_length.pod
+++ doc/crypto/ASN1_STRING_length.pod
@@ -8,6 +8,8 @@ ASN1_STRING utility functions
=head1 SYNOPSIS
+ #include <openssl/asn1.h>
+
int ASN1_STRING_length(ASN1_STRING *x);
unsigned char * ASN1_STRING_data(ASN1_STRING *x);
--- doc/crypto/ASN1_STRING_new.pod
+++ doc/crypto/ASN1_STRING_new.pod
@@ -7,6 +7,8 @@ ASN1_STRING allocation functions
=head1 SYNOPSIS
+ #include <openssl/asn1.h>
+
ASN1_STRING * ASN1_STRING_new(void);
ASN1_STRING * ASN1_STRING_type_new(int type);
void ASN1_STRING_free(ASN1_STRING *a);
--- doc/crypto/bn_internal.pod
+++ doc/crypto/bn_internal.pod
@@ -13,6 +13,8 @@ library internal functions
=head1 SYNOPSIS
+ #include <openssl/bn.h>
+
BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num,
BN_ULONG w);
--- doc/crypto/CRYPTO_set_ex_data.pod
+++ doc/crypto/CRYPTO_set_ex_data.pod
@@ -6,6 +6,8 @@ CRYPTO_set_ex_data, CRYPTO_get_ex_data -
=head1 SYNOPSIS
+ #include <openssl/crypto.h>
+
int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
--- doc/crypto/OBJ_nid2obj.pod
+++ doc/crypto/OBJ_nid2obj.pod
@@ -8,6 +8,8 @@ functions
=head1 SYNOPSIS
+ #include <openssl/objects.h>
+
ASN1_OBJECT * OBJ_nid2obj(int n);
const char * OBJ_nid2ln(int n);
const char * OBJ_nid2sn(int n);
--- doc/crypto/PKCS7_decrypt.pod
+++ doc/crypto/PKCS7_decrypt.pod
@@ -6,7 +6,9 @@ PKCS7_decrypt - decrypt content from a P
=head1 SYNOPSIS
-int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
+ #include <openssl/pkcs7.h>
+
+ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
=head1 DESCRIPTION
--- doc/crypto/PKCS7_encrypt.pod
+++ doc/crypto/PKCS7_encrypt.pod
@@ -6,7 +6,9 @@ PKCS7_encrypt - create a PKCS#7 envelope
=head1 SYNOPSIS
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags);
+ #include <openssl/pkcs7.h>
+
+ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags);
=head1 DESCRIPTION
--- doc/crypto/PKCS7_sign.pod
+++ doc/crypto/PKCS7_sign.pod
@@ -6,7 +6,9 @@ PKCS7_sign - create a PKCS#7 signedData
=head1 SYNOPSIS
-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags);
+ #include <openssl/pkcs7.h>
+
+ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags);
=head1 DESCRIPTION
--- doc/crypto/PKCS7_verify.pod
+++ doc/crypto/PKCS7_verify.pod
@@ -6,9 +6,11 @@ PKCS7_verify - verify a PKCS#7 signedDat
=head1 SYNOPSIS
-int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags);
+ #include <openssl/pkcs7.h>
-STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
+ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags);
+
+ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
=head1 DESCRIPTION
--- doc/crypto/SMIME_read_PKCS7.pod
+++ doc/crypto/SMIME_read_PKCS7.pod
@@ -6,7 +6,9 @@ SMIME_read_PKCS7 - parse S/MIME message.
=head1 SYNOPSIS
-PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont);
+ #include <openssl/pkcs7.h>
+
+ PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont);
=head1 DESCRIPTION
--- doc/crypto/SMIME_write_PKCS7.pod
+++ doc/crypto/SMIME_write_PKCS7.pod
@@ -6,7 +6,9 @@ SMIME_write_PKCS7 - convert PKCS#7 struc
=head1 SYNOPSIS
-int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags);
+ #include <openssl/pkcs7.h>
+
+ int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags);
=head1 DESCRIPTION
--- doc/crypto/ui_compat.pod
+++ doc/crypto/ui_compat.pod
@@ -7,6 +7,8 @@ Compatibility user interface functions
=head1 SYNOPSIS
+ #include <openssl/des_old.h>
+
int des_read_password(DES_cblock *key,const char *prompt,int verify);
int des_read_2passwords(DES_cblock *key1,DES_cblock *key2,
const char *prompt,int verify);
--- doc/crypto/X509_NAME_add_entry_by_txt.pod
+++ doc/crypto/X509_NAME_add_entry_by_txt.pod
@@ -7,15 +7,17 @@ X509_NAME_add_entry, X509_NAME_delete_en
=head1 SYNOPSIS
-int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, const unsigned char *bytes, int len, int loc, int set);
+ #include <openssl/x509.h>
-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, unsigned char *bytes, int len, int loc, int set);
+ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, const unsigned char *bytes, int len, int loc, int set);
-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set);
+ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, unsigned char *bytes, int len, int loc, int set);
-int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set);
+ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set);
-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
+ int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set);
+
+ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
=head1 DESCRIPTION
--- doc/crypto/X509_NAME_ENTRY_get_object.pod
+++ doc/crypto/X509_NAME_ENTRY_get_object.pod
@@ -9,15 +9,17 @@ X509_NAME_ENTRY_create_by_OBJ - X509_NAM
=head1 SYNOPSIS
-ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
-ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
+ #include <openssl/x509.h>
-int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
-int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, int len);
+ ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
+ ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field, int type, const unsigned char *bytes, int len);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len);
+ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
+ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, int len);
+
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field, int type, const unsigned char *bytes, int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len);
=head1 DESCRIPTION
--- doc/crypto/X509_NAME_get_index_by_NID.pod
+++ doc/crypto/X509_NAME_get_index_by_NID.pod
@@ -8,14 +8,16 @@ X509_NAME lookup and enumeration functio
=head1 SYNOPSIS
-int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
-int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos);
+ #include <openssl/x509.h>
-int X509_NAME_entry_count(X509_NAME *name);
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+ int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
+ int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos);
-int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len);
-int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len);
+ int X509_NAME_entry_count(X509_NAME *name);
+ X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+
+ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len);
+ int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len);
=head1 DESCRIPTION
--- doc/crypto/X509_new.pod
+++ doc/crypto/X509_new.pod
@@ -6,6 +6,8 @@ X509_new, X509_free - X509 certificate A
=head1 SYNOPSIS
+ #include <openssl/x509.h>
+
X509 *X509_new(void);
void X509_free(X509 *a);
--- Makefile.org
+++ Makefile.org
@@ -218,7 +218,7 @@
MANDIR=$(OPENSSLDIR)/man
MAN1=1
MAN3=3
-MANSUFFIX=
+MANSUFFIX=ssl
SHELL=/bin/sh
TOP= .

25
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8e-bsd-sparc64.patch vendored
View File

@ -1,25 +0,0 @@
--- a/Configure
+++ b/Configure
@@ -365,7 +365,7 @@
# -DMD32_REG_T=int doesn't actually belong in sparc64 target, it
# simply *happens* to work around a compiler bug in gcc 3.3.3,
# triggered by RIPEMD160 code.
-"BSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:::des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:ULTRASPARC::SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:::des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-ia64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"BSD-x86_64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
the -B flag is a no-op nowadays
--- a/crypto/des/Makefile
+++ b/crypto/des/Makefile
@@ -62,7 +62,7 @@
$(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB)
des_enc-sparc.S: asm/des_enc.m4
- m4 -B 8192 asm/des_enc.m4 > des_enc-sparc.S
+ m4 asm/des_enc.m4 > des_enc-sparc.S
# ELF
dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl

26
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8e-make.patch vendored
View File

@ -1,26 +0,0 @@
respect $MAKE if it is set in the environment so we don't get a mix
of the host `make` and whatever $MAKE is set to when recursing
http://bugs.gentoo.org/146316
http://rt.openssl.org/Ticket/Display.html?id=2080
--- openssl-0.9.8e/Configure
+++ openssl-0.9.8e/Configure
@@ -931,6 +931,7 @@
$default_ranlib= &which("ranlib") or $default_ranlib="true";
$perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl")
or $perl="perl";
+my $make = $ENV{'MAKE'} || "make";
chop $openssldir if $openssldir =~ /\/$/;
chop $prefix if $prefix =~ /\/$/;
@@ -1554,7 +1557,7 @@
EOF
close(OUT);
} else {
- my $make_command = "make PERL=\'$perl\'";
+ my $make_command = "$make PERL=\'$perl\'";
my $make_targets = "";
$make_targets .= " links" if $symlink;
$make_targets .= " depend" if $depflags ne $default_depflags && $make_depend;

31
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch vendored
View File

@ -1,31 +0,0 @@
Fix from upstream cvs
Index: ssl/t1_lib.c
===================================================================
RCS file: /usr/local/src/openssl/CVSROOT/openssl/ssl/t1_lib.c,v
retrieving revision 1.64
retrieving revision 1.65
diff -u -p -r1.64 -r1.65
--- ssl/t1_lib.c 29 Dec 2008 16:15:27 -0000 1.64
+++ ssl/t1_lib.c 28 Apr 2009 22:10:54 -0000 1.65
@@ -267,6 +267,10 @@ unsigned char *ssl_add_clienthello_tlsex
int extdatalen=0;
unsigned char *ret = p;
+ /* don't add extensions for SSLv3 */
+ if (s->client_version == SSL3_VERSION)
+ return p;
+
ret+=2;
if (ret>=limit) return NULL; /* this really never occurs, but ... */
@@ -448,6 +452,10 @@ unsigned char *ssl_add_serverhello_tlsex
int extdatalen=0;
unsigned char *ret = p;
+ /* don't add extensions for SSLv3 */
+ if (s->version == SSL3_VERSION)
+ return p;
+
ret+=2;
if (ret>=limit) return NULL; /* this really never occurs, but ... */

27
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8h-ldflags.patch vendored
View File

@ -1,27 +0,0 @@
http://bugs.gentoo.org/181438
make sure we respect LDFLAGS
also make sure we don't add useless -rpath flags to the system libdir
--- openssl-0.9.8h/Makefile.org
+++ openssl-0.9.8h/Makefile.org
@@ -180,6 +181,7 @@
MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD ${MAKEDEPPROG}' \
DEPFLAG='-DOPENSSL_NO_DEPRECATED ${DEPFLAG}' \
MAKEDEPPROG='${MAKEDEPPROG}' \
+ LDFLAGS='${LDFLAGS}' \
SHARED_LDFLAGS='${SHARED_LDFLAGS}' \
KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' \
EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' \
--- openssl-0.9.8h/Makefile.shared
+++ openssl-0.9.8h/Makefile.shared
@@ -153,7 +153,7 @@
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
+DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS)"
#This is rather special. It's a special target with which one can link
#applications without bothering with any features that have anything to

25
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8j-parallel-build.patch vendored
View File

@ -1,25 +0,0 @@
http://rt.openssl.org/Ticket/Display.html?id=2084
--- openssl-0.9.8j/Makefile.org
+++ openssl-0.9.8j/Makefile.org
@@ -333,15 +333,15 @@
dir=crypto; target=all; $(BUILD_ONE_CMD)
build_fips:
@dir=fips; target=all; [ -z "$(FIPSCANLIB)" ] || $(BUILD_ONE_CMD)
-build_ssl:
+build_ssl: build_crypto
@dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines:
+build_engines: build_crypto
@dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps:
+build_apps: build_libs
@dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests:
+build_tests: build_libs
@dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools:
+build_tools: build_libs
@dir=tools; target=all; $(BUILD_ONE_CMD)
all_testapps: build_libs build_testapps

22
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8k-toolchain.patch vendored
View File

@ -1,22 +0,0 @@
http://rt.openssl.org/Ticket/Display.html?id=2081
--- Configure
+++ Configure
@@ -979,7 +979,8 @@
my $shared_cflag = $fields[$idx_shared_cflag];
my $shared_ldflag = $fields[$idx_shared_ldflag];
my $shared_extension = $fields[$idx_shared_extension];
-my $ranlib = $fields[$idx_ranlib];
+my $ar = $ENV{'AR'} || "ar";
+my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
my $arflags = $fields[$idx_arflags];
if ($fips)
@@ -1487,6 +1488,7 @@
s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
s/^PROCESSOR=.*/PROCESSOR= $processor/;
s/^RANLIB=.*/RANLIB= $ranlib/;
+ s/^AR=ar /AR= $ar /;
s/^ARFLAGS=.*/ARFLAGS= $arflags/;
s/^PERL=.*/PERL= $perl/;
s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;

53
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1377.patch vendored
View File

@ -1,53 +0,0 @@
http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest
Index: openssl/crypto/pqueue/pqueue.c
RCS File: /v/openssl/cvs/openssl/crypto/pqueue/pqueue.c,v
rcsdiff -q -kk '-r1.2.2.4' '-r1.2.2.5' -u '/v/openssl/cvs/openssl/crypto/pqueue/pqueue.c,v' 2>/dev/null
--- crypto/pqueue/pqueue.c 2005/06/28 12:53:33 1.2.2.4
+++ crypto/pqueue/pqueue.c 2009/05/16 16:18:44 1.2.2.5
@@ -234,3 +234,17 @@
return ret;
}
+
+int
+pqueue_size(pqueue_s *pq)
+{
+ pitem *item = pq->items;
+ int count = 0;
+
+ while(item != NULL)
+ {
+ count++;
+ item = item->next;
+ }
+ return count;
+}
Index: openssl/crypto/pqueue/pqueue.h
RCS File: /v/openssl/cvs/openssl/crypto/pqueue/pqueue.h,v
rcsdiff -q -kk '-r1.2.2.1' '-r1.2.2.2' -u '/v/openssl/cvs/openssl/crypto/pqueue/pqueue.h,v' 2>/dev/null
--- crypto/pqueue/pqueue.h 2005/05/30 22:34:27 1.2.2.1
+++ crypto/pqueue/pqueue.h 2009/05/16 16:18:44 1.2.2.2
@@ -91,5 +91,6 @@
pitem *pqueue_next(piterator *iter);
void pqueue_print(pqueue pq);
+int pqueue_size(pqueue pq);
#endif /* ! HEADER_PQUEUE_H */
Index: openssl/ssl/d1_pkt.c
RCS File: /v/openssl/cvs/openssl/ssl/d1_pkt.c,v
rcsdiff -q -kk '-r1.4.2.17' '-r1.4.2.18' -u '/v/openssl/cvs/openssl/ssl/d1_pkt.c,v' 2>/dev/null
--- ssl/d1_pkt.c 2009/05/16 15:51:59 1.4.2.17
+++ ssl/d1_pkt.c 2009/05/16 16:18:45 1.4.2.18
@@ -167,6 +167,10 @@
DTLS1_RECORD_DATA *rdata;
pitem *item;
+ /* Limit the size of the queue to prevent DOS attacks */
+ if (pqueue_size(queue->q) >= 100)
+ return 0;
+
rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
item = pitem_new(priority, rdata);
if (rdata == NULL || item == NULL)

24
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1378.patch vendored
View File

@ -1,24 +0,0 @@
http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest
Index: ssl/d1_both.c
===================================================================
--- ssl/d1_both.c.orig
+++ ssl/d1_both.c
@@ -561,7 +561,16 @@ dtls1_process_out_of_seq_message(SSL *s,
if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
goto err;
- if (msg_hdr->seq <= s->d1->handshake_read_seq)
+ /* Try to find item in queue, to prevent duplicate entries */
+ pq_64bit_init(&seq64);
+ pq_64bit_assign_word(&seq64, msg_hdr->seq);
+ item = pqueue_find(s->d1->buffered_messages, seq64);
+ pq_64bit_free(&seq64);
+
+ /* Discard the message if sequence number was already there, is
+ * too far in the future or the fragment is already in the queue */
+ if (msg_hdr->seq <= s->d1->handshake_read_seq ||
+ msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL)
{
unsigned char devnull [256];

22
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1379.patch vendored
View File

@ -1,22 +0,0 @@
Index: openssl/ssl/d1_both.c
RCS File: /v/openssl/cvs/openssl/ssl/d1_both.c,v
rcsdiff -q -kk '-r1.14.2.6' '-r1.14.2.7' -u '/v/openssl/cvs/openssl/ssl/d1_both.c,v' 2>/dev/null
--- d1_both.c 2009/04/22 12:17:02 1.14.2.6
+++ d1_both.c 2009/05/13 11:51:30 1.14.2.7
@@ -519,6 +519,7 @@
if ( s->d1->handshake_read_seq == frag->msg_header.seq)
{
+ unsigned long frag_len = frag->msg_header.frag_len;
pqueue_pop(s->d1->buffered_messages);
al=dtls1_preprocess_fragment(s,&frag->msg_header,max);
@@ -536,7 +537,7 @@
if (al==0)
{
*ok = 1;
- return frag->msg_header.frag_len;
+ return frag_len;
}
ssl3_send_alert(s,SSL3_AL_FATAL,al);

59
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-1387.patch vendored
View File

@ -1,59 +0,0 @@
http://bugs.gentoo.org/270305
fix from upstream
Index: ssl/d1_both.c
===================================================================
RCS file: /usr/local/src/openssl/CVSROOT/openssl/ssl/d1_both.c,v
retrieving revision 1.4.2.7
retrieving revision 1.4.2.8
diff -u -p -r1.4.2.7 -r1.4.2.8
--- ssl/d1_both.c 17 Oct 2007 21:17:49 -0000 1.4.2.7
+++ ssl/d1_both.c 2 Apr 2009 22:12:13 -0000 1.4.2.8
@@ -575,30 +575,31 @@ dtls1_process_out_of_seq_message(SSL *s,
}
}
- frag = dtls1_hm_fragment_new(frag_len);
- if ( frag == NULL)
- goto err;
+ if (frag_len)
+ {
+ frag = dtls1_hm_fragment_new(frag_len);
+ if ( frag == NULL)
+ goto err;
- memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
+ memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
- if (frag_len)
- {
- /* read the body of the fragment (header has already been read */
+ /* read the body of the fragment (header has already been read) */
i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
frag->fragment,frag_len,0);
if (i<=0 || (unsigned long)i!=frag_len)
goto err;
- }
- pq_64bit_init(&seq64);
- pq_64bit_assign_word(&seq64, msg_hdr->seq);
+ pq_64bit_init(&seq64);
+ pq_64bit_assign_word(&seq64, msg_hdr->seq);
- item = pitem_new(seq64, frag);
- pq_64bit_free(&seq64);
- if ( item == NULL)
- goto err;
+ item = pitem_new(seq64, frag);
+ pq_64bit_free(&seq64);
+ if ( item == NULL)
+ goto err;
+
+ pqueue_insert(s->d1->buffered_messages, item);
+ }
- pqueue_insert(s->d1->buffered_messages, item);
return DTLS1_HM_FRAGMENT_RETRY;
err:

71
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8l-CVE-2009-2409.patch vendored
View File

@ -1,71 +0,0 @@
http://bugs.gentoo.org/280591
fix from upstream
http://cvs.openssl.org/chngview?cn=18260
Index: openssl/crypto/x509/x509_vfy.c
RCS File: /v/openssl/cvs/openssl/crypto/x509/x509_vfy.c,v
rcsdiff -q -kk '-r1.77.2.8' '-r1.77.2.9' -u '/v/openssl/cvs/openssl/crypto/x509/x509_vfy.c,v' 2>/dev/null
--- crypto/x509/x509_vfy.c 2008/07/13 14:33:15 1.77.2.8
+++ crypto/x509/x509_vfy.c 2009/06/15 14:52:38 1.77.2.9
@@ -986,7 +986,11 @@
while (n >= 0)
{
ctx->error_depth=n;
- if (!xs->valid)
+
+ /* Skip signature check for self signed certificates. It
+ * doesn't add any security and just wastes time.
+ */
+ if (!xs->valid && xs != xi)
{
if ((pkey=X509_get_pubkey(xi)) == NULL)
{
@@ -996,13 +1000,6 @@
if (!ok) goto end;
}
else if (X509_verify(xs,pkey) <= 0)
- /* XXX For the final trusted self-signed cert,
- * this is a waste of time. That check should
- * optional so that e.g. 'openssl x509' can be
- * used to detect invalid self-signatures, but
- * we don't verify again and again in SSL
- * handshakes and the like once the cert has
- * been declared trusted. */
{
ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
ctx->current_cert=xs;
http://cvs.openssl.org/chngview?cn=18317
Index: openssl/crypto/evp/c_alld.c
RCS File: /v/openssl/cvs/openssl/crypto/evp/c_alld.c,v
rcsdiff -q -kk '-r1.7' '-r1.7.2.1' -u '/v/openssl/cvs/openssl/crypto/evp/c_alld.c,v' 2>/dev/null
--- crypto/evp/c_alld.c 2005/04/30 21:51:40 1.7
+++ crypto/evp/c_alld.c 2009/07/08 08:33:26 1.7.2.1
@@ -64,9 +64,6 @@
void OpenSSL_add_all_digests(void)
{
-#ifndef OPENSSL_NO_MD2
- EVP_add_digest(EVP_md2());
-#endif
#ifndef OPENSSL_NO_MD4
EVP_add_digest(EVP_md4());
#endif
Index: openssl/ssl/ssl_algs.c
RCS File: /v/openssl/cvs/openssl/ssl/ssl_algs.c,v
rcsdiff -q -kk '-r1.12.2.3' '-r1.12.2.4' -u '/v/openssl/cvs/openssl/ssl/ssl_algs.c,v' 2>/dev/null
--- ssl/ssl_algs.c 2007/04/23 23:50:21 1.12.2.3
+++ ssl/ssl_algs.c 2009/07/08 08:33:27 1.12.2.4
@@ -92,9 +92,6 @@
EVP_add_cipher(EVP_seed_cbc());
#endif
-#ifndef OPENSSL_NO_MD2
- EVP_add_digest(EVP_md2());
-#endif
#ifndef OPENSSL_NO_MD5
EVP_add_digest(EVP_md5());
EVP_add_digest_alias(SN_md5,"ssl2-md5");

67
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8l-binutils.patch vendored
View File

@ -1,67 +0,0 @@
fix from upstream for building with newer binutils
http://bugs.gentoo.org/289130
Index: crypto/md5/asm/md5-x86_64.pl
===================================================================
RCS file: /usr/local/src/openssl/CVSROOT/openssl/crypto/md5/asm/md5-x86_64.pl,v
retrieving revision 1.2.2.1
retrieving revision 1.2.2.2
diff -u -p -r1.2.2.1 -r1.2.2.2
--- openssl/crypto/md5/asm/md5-x86_64.pl 11 Nov 2007 13:34:06 -0000 1.2.2.1
+++ openssl/crypto/md5/asm/md5-x86_64.pl 13 Nov 2009 14:14:46 -0000 1.2.2.2
@@ -19,6 +19,7 @@ my $code;
sub round1_step
{
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
$code .= " mov 0*4(%rsi), %r10d /* (NEXT STEP) X[0] */\n" if ($pos == -1);
$code .= " mov %edx, %r11d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
$code .= <<EOF;
@@ -42,6 +43,7 @@ EOF
sub round2_step
{
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
$code .= " mov 1*4(%rsi), %r10d /* (NEXT STEP) X[1] */\n" if ($pos == -1);
$code .= " mov %ecx, %r11d /* (NEXT STEP) y' = %ecx */\n" if ($pos == -1);
$code .= <<EOF;
@@ -65,6 +67,7 @@ EOF
sub round3_step
{
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
$code .= " mov 5*4(%rsi), %r10d /* (NEXT STEP) X[5] */\n" if ($pos == -1);
$code .= " mov %ecx, %r11d /* (NEXT STEP) y' = %ecx */\n" if ($pos == -1);
$code .= <<EOF;
@@ -87,6 +90,7 @@ EOF
sub round4_step
{
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
+ $T_i = unpack("l",pack("l", hex($T_i))); # convert to 32-bit signed decimal
$code .= " mov 0*4(%rsi), %r10d /* (NEXT STEP) X[0] */\n" if ($pos == -1);
$code .= " mov \$0xffffffff, %r11d\n" if ($pos == -1);
$code .= " xor %edx, %r11d /* (NEXT STEP) not z' = not %edx*/\n"
Ripped from Fedora
--- openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl.binutils 2009-11-12 15:17:29.000000000 +0100
+++ openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl 2009-11-12 17:24:18.000000000 +0100
@@ -150,7 +150,7 @@ ___
sub BODY_20_39 {
my ($i,$a,$b,$c,$d,$e,$f)=@_;
my $j=$i+1;
-my $K=($i<40)?0x6ed9eba1:0xca62c1d6;
+my $K=($i<40)?0x6ed9eba1:-0x359d3e2a;
$code.=<<___ if ($i<79);
lea $K($xi,$e),$f
mov `4*($j%16)`(%rsp),$xi
@@ -187,7 +187,7 @@ sub BODY_40_59 {
my ($i,$a,$b,$c,$d,$e,$f)=@_;
my $j=$i+1;
$code.=<<___;
- lea 0x8f1bbcdc($xi,$e),$f
+ lea -0x70e44324($xi,$e),$f
mov `4*($j%16)`(%rsp),$xi
mov $b,$t0
mov $b,$t1

167
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8l-dtls-compat.patch vendored
View File

@ -1,167 +0,0 @@
http://bugs.gentoo.org/280370
fix from upstream
Index: openssl/ssl/d1_clnt.c
RCS File: /v/openssl/cvs/openssl/ssl/d1_clnt.c,v
rcsdiff -q -kk '-r1.3.2.15' '-r1.3.2.16' -u '/v/openssl/cvs/openssl/ssl/d1_clnt.c,v' 2>/dev/null
--- d1_clnt.c 2009/04/14 15:20:47 1.3.2.15
+++ d1_clnt.c 2009/04/19 18:08:11 1.3.2.16
@@ -130,7 +130,7 @@
static SSL_METHOD *dtls1_get_client_method(int ver)
{
- if (ver == DTLS1_VERSION)
+ if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
return(DTLSv1_client_method());
else
return(NULL);
@@ -181,7 +181,8 @@
s->server=0;
if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
- if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00))
+ if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00) &&
+ (s->version & 0xff00 ) != (DTLS1_BAD_VER & 0xff00))
{
SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);
ret = -1;
Index: openssl/ssl/d1_lib.c
RCS File: /v/openssl/cvs/openssl/ssl/d1_lib.c,v
rcsdiff -q -kk '-r1.1.2.7' '-r1.1.2.8' -u '/v/openssl/cvs/openssl/ssl/d1_lib.c,v' 2>/dev/null
--- d1_lib.c 2009/04/02 22:34:59 1.1.2.7
+++ d1_lib.c 2009/04/19 18:08:11 1.1.2.8
@@ -198,7 +198,10 @@
void dtls1_clear(SSL *s)
{
ssl3_clear(s);
- s->version=DTLS1_VERSION;
+ if (s->options & SSL_OP_CISCO_ANYCONNECT)
+ s->version=DTLS1_BAD_VER;
+ else
+ s->version=DTLS1_VERSION;
}
/*
Index: openssl/ssl/d1_pkt.c
RCS File: /v/openssl/cvs/openssl/ssl/d1_pkt.c,v
rcsdiff -q -kk '-r1.4.2.15' '-r1.4.2.16' -u '/v/openssl/cvs/openssl/ssl/d1_pkt.c,v' 2>/dev/null
--- d1_pkt.c 2009/04/02 22:34:59 1.4.2.15
+++ d1_pkt.c 2009/04/19 18:08:12 1.4.2.16
@@ -1024,15 +1024,17 @@
if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
{
struct ccs_header_st ccs_hdr;
+ int ccs_hdr_len = DTLS1_CCS_HEADER_LENGTH;
dtls1_get_ccs_header(rr->data, &ccs_hdr);
/* 'Change Cipher Spec' is just a single byte, so we know
* exactly what the record payload has to look like */
/* XDTLS: check that epoch is consistent */
- if ( (s->client_version == DTLS1_BAD_VER && rr->length != 3) ||
- (s->client_version != DTLS1_BAD_VER && rr->length != DTLS1_CCS_HEADER_LENGTH) ||
- (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS))
+ if (s->client_version == DTLS1_BAD_VER || s->version == DTLS1_BAD_VER)
+ ccs_hdr_len = 3;
+
+ if ((rr->length != ccs_hdr_len) || (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS))
{
i=SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
@@ -1358,7 +1360,7 @@
#if 0
/* 'create_empty_fragment' is true only when this function calls itself */
if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done
- && SSL_version(s) != DTLS1_VERSION)
+ && SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
{
/* countermeasure against known-IV weakness in CBC ciphersuites
* (see http://www.openssl.org/~bodo/tls-cbc.txt)
Index: openssl/ssl/s3_clnt.c
RCS File: /v/openssl/cvs/openssl/ssl/s3_clnt.c,v
rcsdiff -q -kk '-r1.88.2.21' '-r1.88.2.22' -u '/v/openssl/cvs/openssl/ssl/s3_clnt.c,v' 2>/dev/null
--- s3_clnt.c 2009/02/14 21:50:14 1.88.2.21
+++ s3_clnt.c 2009/04/19 18:08:12 1.88.2.22
@@ -708,7 +708,7 @@
if (!ok) return((int)n);
- if ( SSL_version(s) == DTLS1_VERSION)
+ if ( SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
{
if ( s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST)
{
Index: openssl/ssl/ssl.h
RCS File: /v/openssl/cvs/openssl/ssl/ssl.h,v
rcsdiff -q -kk '-r1.161.2.21' '-r1.161.2.22' -u '/v/openssl/cvs/openssl/ssl/ssl.h,v' 2>/dev/null
--- ssl.h 2008/08/13 19:44:44 1.161.2.21
+++ ssl.h 2009/04/19 18:08:12 1.161.2.22
@@ -510,6 +510,8 @@
#define SSL_OP_COOKIE_EXCHANGE 0x00002000L
/* Don't use RFC4507 ticket extension */
#define SSL_OP_NO_TICKET 0x00004000L
+/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client) */
+#define SSL_OP_CISCO_ANYCONNECT 0x00008000L
/* As server, disallow session resumption on renegotiation */
#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
Index: openssl/ssl/ssl_lib.c
RCS File: /v/openssl/cvs/openssl/ssl/ssl_lib.c,v
rcsdiff -q -kk '-r1.133.2.16' '-r1.133.2.17' -u '/v/openssl/cvs/openssl/ssl/ssl_lib.c,v' 2>/dev/null
--- ssl_lib.c 2009/02/23 16:02:47 1.133.2.16
+++ ssl_lib.c 2009/04/19 18:08:12 1.133.2.17
@@ -995,7 +995,8 @@
s->max_cert_list=larg;
return(l);
case SSL_CTRL_SET_MTU:
- if (SSL_version(s) == DTLS1_VERSION)
+ if (SSL_version(s) == DTLS1_VERSION ||
+ SSL_version(s) == DTLS1_BAD_VER)
{
s->d1->mtu = larg;
return larg;
Index: openssl/ssl/ssl_sess.c
RCS File: /v/openssl/cvs/openssl/ssl/ssl_sess.c,v
rcsdiff -q -kk '-r1.51.2.9' '-r1.51.2.10' -u '/v/openssl/cvs/openssl/ssl/ssl_sess.c,v' 2>/dev/null
--- ssl_sess.c 2008/06/04 18:35:27 1.51.2.9
+++ ssl_sess.c 2009/04/19 18:08:12 1.51.2.10
@@ -211,6 +211,11 @@
ss->ssl_version=TLS1_VERSION;
ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
}
+ else if (s->version == DTLS1_BAD_VER)
+ {
+ ss->ssl_version=DTLS1_BAD_VER;
+ ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+ }
else if (s->version == DTLS1_VERSION)
{
ss->ssl_version=DTLS1_VERSION;
Index: openssl/ssl/t1_enc.c
RCS File: /v/openssl/cvs/openssl/ssl/t1_enc.c,v
rcsdiff -q -kk '-r1.35.2.8' '-r1.35.2.9' -u '/v/openssl/cvs/openssl/ssl/t1_enc.c,v' 2>/dev/null
--- t1_enc.c 2009/01/05 14:43:07 1.35.2.8
+++ t1_enc.c 2009/04/19 18:08:12 1.35.2.9
@@ -765,10 +765,10 @@
HMAC_CTX_init(&hmac);
HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash,NULL);
- if (ssl->version == DTLS1_VERSION && ssl->client_version != DTLS1_BAD_VER)
+ if (ssl->version == DTLS1_BAD_VER ||
+ (ssl->version == DTLS1_VERSION && ssl->client_version != DTLS1_BAD_VER))
{
unsigned char dtlsseq[8],*p=dtlsseq;
-
s2n(send?ssl->d1->w_epoch:ssl->d1->r_epoch, p);
memcpy (p,&seq[2],6);
@@ -793,7 +793,7 @@
{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
#endif
- if ( SSL_version(ssl) != DTLS1_VERSION)
+ if ( SSL_version(ssl) != DTLS1_VERSION && SSL_version(ssl) != DTLS1_BAD_VER)
{
for (i=7; i>=0; i--)
{

24
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8m-binutils.patch vendored
View File

@ -1,24 +0,0 @@
http://bugs.gentoo.org/289130
Ripped from Fedora
--- openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl.binutils 2009-11-12 15:17:29.000000000 +0100
+++ openssl-1.0.0-beta4/crypto/sha/asm/sha1-x86_64.pl 2009-11-12 17:24:18.000000000 +0100
@@ -150,7 +150,7 @@ ___
sub BODY_20_39 {
my ($i,$a,$b,$c,$d,$e,$f)=@_;
my $j=$i+1;
-my $K=($i<40)?0x6ed9eba1:0xca62c1d6;
+my $K=($i<40)?0x6ed9eba1:-0x359d3e2a;
$code.=<<___ if ($i<79);
lea $K($xi,$e),$f
mov `4*($j%16)`(%rsp),$xi
@@ -187,7 +187,7 @@ sub BODY_40_59 {
my ($i,$a,$b,$c,$d,$e,$f)=@_;
my $j=$i+1;
$code.=<<___;
- lea 0x8f1bbcdc($xi,$e),$f
+ lea -0x70e44324($xi,$e),$f
mov `4*($j%16)`(%rsp),$xi
mov $b,$t0
mov $b,$t1

15
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8m-cfb.patch vendored
View File

@ -1,15 +0,0 @@
--- crypto/evp/evp_locl.h 2010/02/15 19:40:45 1.10.2.7
+++ crypto/evp/evp_locl.h 2010/02/26 14:41:38 1.10.2.8
@@ -127,9 +127,9 @@
#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
iv_len, cbits, flags, init_key, cleanup, \
set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, \
- (cbits + 7)/8, key_len, iv_len, \
- flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
+BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
+ key_len, iv_len, flags, init_key, cleanup, set_asn1, \
+ get_asn1, ctrl)
#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
iv_len, cbits, flags, init_key, cleanup, \

39
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-0.9.8r-verify-retcode.patch vendored
View File

@ -1,39 +0,0 @@
diff --git a/apps/verify.c b/apps/verify.c
index 20cc9e3..19dfb85 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -90,6 +90,7 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
+ int anyfailed = 0;
cert_ctx=X509_STORE_new();
if (cert_ctx == NULL) goto end;
@@ -208,11 +209,12 @@ int MAIN(int argc, char **argv)
}
}
- if (argc < 1) check(cert_ctx, NULL, untrusted, trusted, purpose, e);
+ if (argc < 1)
+ anyfailed = check(cert_ctx, NULL, untrusted, trusted, purpose, e);
else
for (i=0; i<argc; i++)
- check(cert_ctx,argv[i], untrusted, trusted, purpose, e);
- ret=0;
+ anyfailed |= !check(cert_ctx,argv[i], untrusted, trusted, purpose, e);
+ ret = anyfailed ? 2 : 0;
end:
if (ret == 1) {
BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
@@ -272,7 +274,10 @@ end:
ret=1;
}
else
+ {
+ fprintf(stdout, "Error\n");
ERR_print_errors(bio_err);
+ }
if (x != NULL) X509_free(x);
return(ret);

23
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-1.0.0a-ldflags.patch vendored
View File

@ -1,23 +0,0 @@
http://bugs.gentoo.org/327421
--- Makefile.org
+++ Makefile.org
@@ -189,6 +189,7 @@
MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)' \
MAKEDEPPROG='$(MAKEDEPPROG)' \
+ LDFLAGS='${LDFLAGS}' \
SHARED_LDFLAGS='$(SHARED_LDFLAGS)' \
KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)' \
ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)' \
--- Makefile.shared
+++ Makefile.shared
@@ -153,7 +153,7 @@
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
+DO_GNU_APP=LDFLAGS="$(LDFLAGS) $(CFLAGS)"
#This is rather special. It's a special target with which one can link
#applications without bothering with any features that have anything to

12
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-1.0.0d-fbsd-amd64.patch vendored
View File

@ -1,12 +0,0 @@
Taken from http://rt.openssl.org/Ticket/Display.html?id=2440
--- crypto/sha/asm/sha512-x86_64.pl 2008-12-19 11:17:28.000000000 +0000
+++ crypto/sha/asm/sha512-x86_64.pl 2011-01-15 23:33:13.000000000 +0000
@@ -51,6 +51,7 @@
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
+close STDOUT;
open STDOUT,"| $^X $xlate $flavour $output";
if ($output =~ /512/) {

76
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-1.0.0d-windres.patch vendored
View File

@ -1,76 +0,0 @@
URL: http://rt.openssl.org/Ticket/Display.html?id=2558
Subject: make windres controllable via build env var settings
atm, the windres code in openssl is only usable via the cross-compile prefix
option unlike all the other build tools. so add support for the standard $RC
/ $WINDRES env vars as well.
Index: Configure
===================================================================
RCS file: /usr/local/src/openssl/CVSROOT/openssl/Configure,v
retrieving revision 1.621.2.40
diff -u -p -r1.621.2.40 Configure
--- Configure 30 Nov 2010 22:19:26 -0000 1.621.2.40
+++ Configure 4 Jul 2011 23:12:32 -0000
@@ -1094,6 +1094,7 @@ my $shared_extension = $fields[$idx_shar
my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
my $ar = $ENV{'AR'} || "ar";
my $arflags = $fields[$idx_arflags];
+my $windres = $ENV{'RC'} || $ENV{'WINDRES'} || "windres";
my $multilib = $fields[$idx_multilib];
# if $prefix/lib$multilib is not an existing directory, then
@@ -1511,12 +1512,14 @@ while (<IN>)
s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
+ s/^WINDRES=\s*/WINDRES= \$\(CROSS_COMPILE\)/;
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
}
else {
s/^CC=.*$/CC= $cc/;
s/^AR=\s*ar/AR= $ar/;
s/^RANLIB=.*/RANLIB= $ranlib/;
+ s/^WINDRES=.*/WINDRES= $windres/;
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
}
s/^CFLAG=.*$/CFLAG= $cflags/;
Index: Makefile.org
===================================================================
RCS file: /usr/local/src/openssl/CVSROOT/openssl/Makefile.org,v
retrieving revision 1.295.2.10
diff -u -p -r1.295.2.10 Makefile.org
--- Makefile.org 27 Jan 2010 16:06:58 -0000 1.295.2.10
+++ Makefile.org 4 Jul 2011 23:13:08 -0000
@@ -66,6 +66,7 @@ EXE_EXT=
ARFLAGS=
AR=ar $(ARFLAGS) r
RANLIB= ranlib
+WINDRES= windres
NM= nm
PERL= perl
TAR= tar
@@ -180,6 +181,7 @@ BUILDENV= PLATFORM='$(PLATFORM)' PROCESS
CC='$(CC)' CFLAG='$(CFLAG)' \
AS='$(CC)' ASFLAG='$(CFLAG) -c' \
AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \
+ WINDRES='$(WINDRES)' \
CROSS_COMPILE='$(CROSS_COMPILE)' \
PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \
SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \
Index: Makefile.shared
===================================================================
RCS file: /usr/local/src/openssl/CVSROOT/openssl/Makefile.shared,v
retrieving revision 1.72.2.4
diff -u -p -r1.72.2.4 Makefile.shared
--- Makefile.shared 21 Aug 2010 11:36:49 -0000 1.72.2.4
+++ Makefile.shared 4 Jul 2011 23:13:52 -0000
@@ -293,7 +293,7 @@ link_a.cygwin:
fi; \
dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \
$(PERL) util/mkrc.pl $$dll_name | \
- $(CROSS_COMPILE)windres -o rc.o; \
+ $(WINDRES) -o rc.o; \
extras="$$extras rc.o"; \
ALLSYMSFLAGS='-Wl,--whole-archive'; \
NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \

32
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-1.0.0h-pkg-config.patch vendored
View File

@ -1,32 +0,0 @@
depend on other pc files rather than encoding library info directly in
every pkg-config file
--- a/Makefile.org
+++ b/Makefile.org
@@ -335,11 +335,11 @@ libssl.pc: Makefile
echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
echo 'includedir=$${prefix}/include'; \
echo ''; \
- echo 'Name: OpenSSL'; \
+ echo 'Name: OpenSSL-libssl'; \
echo 'Description: Secure Sockets Layer and cryptography libraries'; \
echo 'Version: '$(VERSION); \
- echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
+ echo 'Requires.private: libcrypto'; \
+ echo 'Libs: -L$${libdir} -lssl'; \
echo 'Libs.private: $(EX_LIBS)'; \
echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
@@ -352,10 +353,7 @@ openssl.pc: Makefile
echo 'Name: OpenSSL'; \
echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
echo 'Version: '$(VERSION); \
- echo 'Requires: '; \
- echo 'Libs: -L$${libdir} -lssl -lcrypto'; \
- echo 'Libs.private: $(EX_LIBS)'; \
- echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
+ echo 'Requires: libssl libcrypto' ) > openssl.pc
Makefile: Makefile.org Configure config
@echo "Makefile is older than Makefile.org, Configure or config."

678
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-1.0.1-ipv6.patch vendored
View File

@ -1,678 +0,0 @@
http://rt.openssl.org/Ticket/Display.html?id=2051
user/pass: guest/guest
Index: apps/s_apps.h
===================================================================
RCS file: /v/openssl/cvs/openssl/apps/s_apps.h,v
retrieving revision 1.21.2.1
diff -u -r1.21.2.1 s_apps.h
--- apps/s_apps.h 4 Sep 2009 17:42:04 -0000 1.21.2.1
+++ apps/s_apps.h 28 Dec 2011 00:28:14 -0000
@@ -148,7 +148,7 @@
#define PORT_STR "4433"
#define PROTOCOL "tcp"
-int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
+int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6);
#ifdef HEADER_X509_H
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
#endif
@@ -156,7 +156,7 @@
int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
#endif
-int init_client(int *sock, char *server, int port, int type);
+int init_client(int *sock, char *server, int port, int type, int use_ipv4, int use_ipv6);
int should_retry(int i);
int extract_port(char *str, short *port_ptr);
int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
Index: apps/s_cb.c
===================================================================
RCS file: /v/openssl/cvs/openssl/apps/s_cb.c,v
retrieving revision 1.27.2.8.2.2
diff -u -r1.27.2.8.2.2 s_cb.c
--- apps/s_cb.c 13 Nov 2011 13:13:13 -0000 1.27.2.8.2.2
+++ apps/s_cb.c 28 Dec 2011 00:28:14 -0000
Index: apps/s_client.c
===================================================================
RCS file: /v/openssl/cvs/openssl/apps/s_client.c,v
retrieving revision 1.123.2.6.2.10
diff -u -r1.123.2.6.2.10 s_client.c
--- apps/s_client.c 14 Dec 2011 22:18:02 -0000 1.123.2.6.2.10
+++ apps/s_client.c 28 Dec 2011 00:28:14 -0000
@@ -285,6 +285,9 @@
{
BIO_printf(bio_err,"usage: s_client args\n");
BIO_printf(bio_err,"\n");
+#if OPENSSL_USE_IPV6
+ BIO_printf(bio_err," -6 - use IPv6\n");
+#endif
BIO_printf(bio_err," -host host - use -connect instead\n");
BIO_printf(bio_err," -port port - use -connect instead\n");
BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
@@ -564,6 +567,7 @@
int sbuf_len,sbuf_off;
fd_set readfds,writefds;
short port=PORT;
+ int use_ipv4, use_ipv6;
int full_log=1;
char *host=SSL_HOST_NAME;
char *cert_file=NULL,*key_file=NULL;
@@ -609,7 +613,11 @@
#endif
char *sess_in = NULL;
char *sess_out = NULL;
- struct sockaddr peer;
+#if OPENSSL_USE_IPV6
+ struct sockaddr_storage peer;
+#else
+ struct sockaddr_in peer;
+#endif
int peerlen = sizeof(peer);
int enable_timeouts = 0 ;
long socket_mtu = 0;
@@ -630,6 +638,8 @@
meth=SSLv2_client_method();
#endif
+ use_ipv4 = 1;
+ use_ipv6 = 0;
apps_startup();
c_Pause=0;
c_quiet=0;
@@ -951,6 +961,13 @@
jpake_secret = *++argv;
}
#endif
+#if OPENSSL_USE_IPV6
+ else if (strcmp(*argv,"-6") == 0)
+ {
+ use_ipv4 = 0;
+ use_ipv6 = 1;
+ }
+#endif
else if (strcmp(*argv,"-use_srtp") == 0)
{
if (--argc < 1) goto bad;
@@ -967,7 +984,7 @@
keymatexportlen=atoi(*(++argv));
if (keymatexportlen == 0) goto bad;
}
- else
+ else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badop=1;
@@ -1259,7 +1276,7 @@
re_start:
- if (init_client(&s,host,port,socket_type) == 0)
+ if (init_client(&s,host,port,socket_type,use_ipv4,use_ipv6) == 0)
{
BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
SHUTDOWN(s);
@@ -1285,7 +1302,7 @@
{
sbio=BIO_new_dgram(s,BIO_NOCLOSE);
- if (getsockname(s, &peer, (void *)&peerlen) < 0)
+ if (getsockname(s, (struct sockaddr *)&peer, (void *)&peerlen) < 0)
{
BIO_printf(bio_err, "getsockname:errno=%d\n",
get_last_socket_error());
@@ -2036,7 +2061,7 @@
BIO_printf(bio,"Expansion: %s\n",
expansion ? SSL_COMP_get_name(expansion) : "NONE");
#endif
-
+
#ifdef SSL_DEBUG
{
/* Print out local port of connection: useful for debugging */
===================================================================
RCS file: /v/openssl/cvs/openssl/apps/s_server.c,v
retrieving revision 1.136.2.15.2.13
diff -u -r1.136.2.15.2.13 s_server.c
--- apps/s_server.c 27 Dec 2011 14:23:22 -0000 1.136.2.15.2.13
+++ apps/s_server.c 28 Dec 2011 00:28:14 -0000
@@ -558,6 +558,10 @@
# endif
BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list");
#endif
+ BIO_printf(bio_err," -4 - use IPv4 only\n");
+#if OPENSSL_USE_IPV6
+ BIO_printf(bio_err," -6 - use IPv6 only\n");
+#endif
BIO_printf(bio_err," -keymatexport label - Export keying material using label\n");
BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n");
}
@@ -943,6 +947,7 @@
int state=0;
const SSL_METHOD *meth=NULL;
int socket_type=SOCK_STREAM;
+ int use_ipv4, use_ipv6;
ENGINE *e=NULL;
char *inrand=NULL;
int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
@@ -981,6 +986,12 @@
/* #error no SSL version enabled */
#endif
+ use_ipv4 = 1;
+#if OPENSSL_USE_IPV6
+ use_ipv6 = 1;
+#else
+ use_ipv6 = 0;
+#endif
local_argc=argc;
local_argv=argv;
@@ -1329,6 +1340,18 @@
jpake_secret = *(++argv);
}
#endif
+ else if (strcmp(*argv,"-4") == 0)
+ {
+ use_ipv4 = 1;
+ use_ipv6 = 0;
+ }
+#if OPENSSL_USE_IPV6
+ else if (strcmp(*argv,"-6") == 0)
+ {
+ use_ipv4 = 0;
+ use_ipv6 = 1;
+ }
+#endif
else if (strcmp(*argv,"-use_srtp") == 0)
{
if (--argc < 1) goto bad;
@@ -1884,9 +1907,9 @@
BIO_printf(bio_s_out,"ACCEPT\n");
(void)BIO_flush(bio_s_out);
if (www)
- do_server(port,socket_type,&accept_socket,www_body, context);
+ do_server(port,socket_type,&accept_socket,www_body, context, use_ipv4, use_ipv6);
else
- do_server(port,socket_type,&accept_socket,sv_body, context);
+ do_server(port,socket_type,&accept_socket,sv_body, context, use_ipv4, use_ipv6);
print_stats(bio_s_out,ctx);
ret=0;
end:
Index: apps/s_socket.c
===================================================================
RCS file: /v/openssl/cvs/openssl/apps/s_socket.c,v
retrieving revision 1.43.2.3.2.2
diff -u -r1.43.2.3.2.2 s_socket.c
--- apps/s_socket.c 2 Dec 2011 14:39:40 -0000 1.43.2.3.2.2
+++ apps/s_socket.c 28 Dec 2011 00:28:14 -0000
@@ -97,16 +97,16 @@
#include "netdb.h"
#endif
-static struct hostent *GetHostByName(char *name);
+static struct hostent *GetHostByName(char *name, int domain);
#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
static void ssl_sock_cleanup(void);
#endif
static int ssl_sock_init(void);
-static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
-static int init_server(int *sock, int port, int type);
-static int init_server_long(int *sock, int port,char *ip, int type);
+static int init_client_ip(int *sock,unsigned char *ip, int port, int type, int domain);
+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6);
+static int init_server_long(int *sock, int port,char *ip, int type, int use_ipv4, int use_ipv6);
static int do_accept(int acc_sock, int *sock, char **host);
-static int host_ip(char *str, unsigned char ip[4]);
+static int host_ip(char *str, unsigned char *ip, int domain);
#ifdef OPENSSL_SYS_WIN16
#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
@@ -234,38 +234,76 @@
return(1);
}
-int init_client(int *sock, char *host, int port, int type)
+int init_client(int *sock, char *host, int port, int type, int use_ipv4, int use_ipv6)
{
+#if OPENSSL_USE_IPV6
+ unsigned char ip[16];
+#else
unsigned char ip[4];
+#endif
- memset(ip, '\0', sizeof ip);
- if (!host_ip(host,&(ip[0])))
+ if (!use_ipv4 && !use_ipv6)
return 0;
- return init_client_ip(sock,ip,port,type);
- }
-
-static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
- {
- unsigned long addr;
+#if OPENSSL_USE_IPV6
+ /* we are fine here */
+#else
+ if (use_ipv6)
+ return 0;
+#endif
+ if (use_ipv4)
+ if (host_ip(host,ip,AF_INET))
+ return(init_client_ip(sock,ip,port,type,AF_INET));
+#if OPENSSL_USE_IPV6
+ if (use_ipv6)
+ if (host_ip(host,ip,AF_INET6))
+ return(init_client_ip(sock,ip,port,type,AF_INET6));
+#endif
+ return 0;
+ }
+
+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type, int domain)
+ {
+#if OPENSSL_USE_IPV6
+ struct sockaddr_storage them;
+ struct sockaddr_in *them_in = (struct sockaddr_in *)&them;
+ struct sockaddr_in6 *them_in6 = (struct sockaddr_in6 *)&them;
+#else
struct sockaddr_in them;
+ struct sockaddr_in *them_in = &them;
+#endif
+ socklen_t addr_len;
int s,i;
if (!ssl_sock_init()) return(0);
memset((char *)&them,0,sizeof(them));
- them.sin_family=AF_INET;
- them.sin_port=htons((unsigned short)port);
- addr=(unsigned long)
- ((unsigned long)ip[0]<<24L)|
- ((unsigned long)ip[1]<<16L)|
- ((unsigned long)ip[2]<< 8L)|
- ((unsigned long)ip[3]);
- them.sin_addr.s_addr=htonl(addr);
+ if (domain == AF_INET)
+ {
+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
+ them_in->sin_family=AF_INET;
+ them_in->sin_port=htons((unsigned short)port);
+#ifndef BIT_FIELD_LIMITS
+ memcpy(&them_in->sin_addr.s_addr, ip, 4);
+#else
+ memcpy(&them_in->sin_addr, ip, 4);
+#endif
+ }
+ else
+#if OPENSSL_USE_IPV6
+ {
+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
+ them_in6->sin6_family=AF_INET6;
+ them_in6->sin6_port=htons((unsigned short)port);
+ memcpy(&(them_in6->sin6_addr), ip, sizeof(struct in6_addr));
+ }
+#else
+ return(0);
+#endif
if (type == SOCK_STREAM)
- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL);
else /* ( type == SOCK_DGRAM) */
- s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
+ s=socket(domain,SOCK_DGRAM,IPPROTO_UDP);
if (s == INVALID_SOCKET) { perror("socket"); return(0); }
@@ -277,29 +315,27 @@
if (i < 0) { perror("keepalive"); return(0); }
}
#endif
-
- if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
+ if (connect(s,(struct sockaddr *)&them,addr_len) == -1)
{ closesocket(s); perror("connect"); return(0); }
*sock=s;
return(1);
}
-int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
+int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context, int use_ipv4, int use_ipv6)
{
int sock;
char *name = NULL;
int accept_socket = 0;
int i;
- if (!init_server(&accept_socket,port,type)) return(0);
-
+ if (!init_server(&accept_socket,port,type, use_ipv4, use_ipv6)) return(0);
if (ret != NULL)
{
*ret=accept_socket;
/* return(1);*/
}
- for (;;)
- {
+ for (;;)
+ {
if (type==SOCK_STREAM)
{
if (do_accept(accept_socket,&sock,&name) == 0)
@@ -322,41 +358,88 @@
}
}
-static int init_server_long(int *sock, int port, char *ip, int type)
+static int init_server_long(int *sock, int port, char *ip, int type, int use_ipv4, int use_ipv6)
{
int ret=0;
+ int domain;
+#if OPENSSL_USE_IPV6
+ struct sockaddr_storage server;
+ struct sockaddr_in *server_in = (struct sockaddr_in *)&server;
+ struct sockaddr_in6 *server_in6 = (struct sockaddr_in6 *)&server;
+#else
struct sockaddr_in server;
+ struct sockaddr_in *server_in = &server;
+#endif
+ socklen_t addr_len;
int s= -1;
+ if (!use_ipv4 && !use_ipv6)
+ goto err;
+#if OPENSSL_USE_IPV6
+ /* we are fine here */
+#else
+ if (use_ipv6)
+ goto err;
+#endif
if (!ssl_sock_init()) return(0);
- memset((char *)&server,0,sizeof(server));
- server.sin_family=AF_INET;
- server.sin_port=htons((unsigned short)port);
- if (ip == NULL)
- server.sin_addr.s_addr=INADDR_ANY;
- else
-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
-#ifndef BIT_FIELD_LIMITS
- memcpy(&server.sin_addr.s_addr,ip,4);
+#if OPENSSL_USE_IPV6
+ domain = use_ipv6 ? AF_INET6 : AF_INET;
#else
- memcpy(&server.sin_addr,ip,4);
+ domain = AF_INET;
#endif
-
- if (type == SOCK_STREAM)
- s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
- else /* type == SOCK_DGRAM */
- s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
+ if (type == SOCK_STREAM)
+ s=socket(domain,SOCK_STREAM,SOCKET_PROTOCOL);
+ else /* type == SOCK_DGRAM */
+ s=socket(domain, SOCK_DGRAM,IPPROTO_UDP);
if (s == INVALID_SOCKET) goto err;
#if defined SOL_SOCKET && defined SO_REUSEADDR
+ {
+ int j = 1;
+ setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
+ (void *) &j, sizeof j);
+ }
+#endif
+#if OPENSSL_USE_IPV6
+ if ((use_ipv4 == 0) && (use_ipv6 == 1))
{
- int j = 1;
- setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
- (void *) &j, sizeof j);
+ const int on = 1;
+
+ setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY,
+ (const void *) &on, sizeof(int));
}
#endif
- if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
+ if (domain == AF_INET)
+ {
+ addr_len = (socklen_t)sizeof(struct sockaddr_in);
+ memset(server_in, 0, sizeof(struct sockaddr_in));
+ server_in->sin_family=AF_INET;
+ server_in->sin_port = htons((unsigned short)port);
+ if (ip == NULL)
+ server_in->sin_addr.s_addr = htonl(INADDR_ANY);
+ else
+/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
+#ifndef BIT_FIELD_LIMITS
+ memcpy(&server_in->sin_addr.s_addr, ip, 4);
+#else
+ memcpy(&server_in->sin_addr, ip, 4);
+#endif
+ }
+#if OPENSSL_USE_IPV6
+ else
+ {
+ addr_len = (socklen_t)sizeof(struct sockaddr_in6);
+ memset(server_in6, 0, sizeof(struct sockaddr_in6));
+ server_in6->sin6_family = AF_INET6;
+ server_in6->sin6_port = htons((unsigned short)port);
+ if (ip == NULL)
+ server_in6->sin6_addr = in6addr_any;
+ else
+ memcpy(&server_in6->sin6_addr, ip, sizeof(struct in6_addr));
+ }
+#endif
+ if (bind(s, (struct sockaddr *)&server, addr_len) == -1)
{
#ifndef OPENSSL_SYS_WINDOWS
perror("bind");
@@ -375,16 +458,23 @@
return(ret);
}
-static int init_server(int *sock, int port, int type)
+static int init_server(int *sock, int port, int type, int use_ipv4, int use_ipv6)
{
- return(init_server_long(sock, port, NULL, type));
+ return(init_server_long(sock, port, NULL, type, use_ipv4, use_ipv6));
}
static int do_accept(int acc_sock, int *sock, char **host)
{
int ret;
struct hostent *h1,*h2;
- static struct sockaddr_in from;
+#if OPENSSL_USE_IPV6
+ struct sockaddr_storage from;
+ struct sockaddr_in *from_in = (struct sockaddr_in *)&from;
+ struct sockaddr_in6 *from_in6 = (struct sockaddr_in6 *)&from;
+#else
+ struct sockaddr_in from;
+ struct sockaddr_in *from_in = &from;
+#endif
int len;
/* struct linger ling; */
@@ -431,13 +521,23 @@
*/
if (host == NULL) goto end;
+#if OPENSSL_USE_IPV6
+ if (from.ss_family == AF_INET)
+#else
+ if (from.sin_family == AF_INET)
+#endif
#ifndef BIT_FIELD_LIMITS
- /* I should use WSAAsyncGetHostByName() under windows */
- h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
- sizeof(from.sin_addr.s_addr),AF_INET);
+ /* I should use WSAAsyncGetHostByName() under windows */
+ h1=gethostbyaddr((char *)&from_in->sin_addr.s_addr,
+ sizeof(from_in->sin_addr.s_addr), AF_INET);
#else
- h1=gethostbyaddr((char *)&from.sin_addr,
- sizeof(struct in_addr),AF_INET);
+ h1=gethostbyaddr((char *)&from_in->sin_addr,
+ sizeof(struct in_addr), AF_INET);
+#endif
+#if OPENSSL_USE_IPV6
+ else
+ h1=gethostbyaddr((char *)&from_in6->sin6_addr,
+ sizeof(struct in6_addr), AF_INET6);
#endif
if (h1 == NULL)
{
@@ -454,15 +554,23 @@
}
BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
- h2=GetHostByName(*host);
+#if OPENSSL_USE_IPV6
+ h2=GetHostByName(*host, from.ss_family);
+#else
+ h2=GetHostByName(*host, from.sin_family);
+#endif
if (h2 == NULL)
{
BIO_printf(bio_err,"gethostbyname failure\n");
return(0);
}
- if (h2->h_addrtype != AF_INET)
+#if OPENSSL_USE_IPV6
+ if (h2->h_addrtype != from.ss_family)
+#else
+ if (h2->h_addrtype != from.sin_family)
+#endif
{
- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
+ BIO_printf(bio_err,"gethostbyname addr address is not correct\n");
return(0);
}
}
@@ -477,7 +585,7 @@
char *h,*p;
h=str;
- p=strchr(str,':');
+ p=strrchr(str,':');
if (p == NULL)
{
BIO_printf(bio_err,"no port defined\n");
@@ -485,7 +593,7 @@
}
*(p++)='\0';
- if ((ip != NULL) && !host_ip(str,ip))
+ if ((ip != NULL) && !host_ip(str,ip,AF_INET))
goto err;
if (host_ptr != NULL) *host_ptr=h;
@@ -496,48 +604,58 @@
return(0);
}
-static int host_ip(char *str, unsigned char ip[4])
+static int host_ip(char *str, unsigned char *ip, int domain)
{
- unsigned int in[4];
+ unsigned int in[4];
+ unsigned long l;
int i;
- if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
+ if ((domain == AF_INET) &&
+ (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4))
{
+
for (i=0; i<4; i++)
if (in[i] > 255)
{
BIO_printf(bio_err,"invalid IP address\n");
goto err;
}
- ip[0]=in[0];
- ip[1]=in[1];
- ip[2]=in[2];
- ip[3]=in[3];
- }
+ l=htonl((in[0]<<24L)|(in[1]<<16L)|(in[2]<<8L)|in[3]);
+ memcpy(ip, &l, 4);
+ return 1;
+ }
+#if OPENSSL_USE_IPV6
+ else if ((domain == AF_INET6) &&
+ (inet_pton(AF_INET6, str, ip) == 1))
+ return 1;
+#endif
else
{ /* do a gethostbyname */
struct hostent *he;
if (!ssl_sock_init()) return(0);
- he=GetHostByName(str);
+ he=GetHostByName(str,domain);
if (he == NULL)
{
BIO_printf(bio_err,"gethostbyname failure\n");
goto err;
}
/* cast to short because of win16 winsock definition */
- if ((short)he->h_addrtype != AF_INET)
+ if ((short)he->h_addrtype != domain)
{
- BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
+ BIO_printf(bio_err,"gethostbyname addr family is not correct\n");
return(0);
}
- ip[0]=he->h_addr_list[0][0];
- ip[1]=he->h_addr_list[0][1];
- ip[2]=he->h_addr_list[0][2];
- ip[3]=he->h_addr_list[0][3];
+ if (domain == AF_INET)
+ memset(ip, 0, 4);
+#if OPENSSL_USE_IPV6
+ else
+ memset(ip, 0, 16);
+#endif
+ memcpy(ip, he->h_addr_list[0], he->h_length);
+ return 1;
}
- return(1);
err:
return(0);
}
@@ -574,7 +692,7 @@
static unsigned long ghbn_hits=0L;
static unsigned long ghbn_miss=0L;
-static struct hostent *GetHostByName(char *name)
+static struct hostent *GetHostByName(char *name, int domain)
{
struct hostent *ret;
int i,lowi=0;
@@ -589,14 +707,20 @@
}
if (ghbn_cache[i].order > 0)
{
- if (strncmp(name,ghbn_cache[i].name,128) == 0)
+ if ((strncmp(name,ghbn_cache[i].name,128) == 0) &&
+ (ghbn_cache[i].ent.h_addrtype == domain))
break;
}
}
if (i == GHBN_NUM) /* no hit*/
{
ghbn_miss++;
- ret=gethostbyname(name);
+ if (domain == AF_INET)
+ ret=gethostbyname(name);
+#if OPENSSL_USE_IPV6
+ else
+ ret=gethostbyname2(name, AF_INET6);
+#endif
if (ret == NULL) return(NULL);
/* else add to cache */
if(strlen(name) < sizeof ghbn_cache[0].name)

337
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch vendored
View File

@ -1,337 +0,0 @@
http://rt.openssl.org/Ticket/Display.html?id=2084
--- a/Makefile.org
+++ b/Makefile.org
@@ -247,17 +247,17 @@
build_libs: build_crypto build_ssl build_engines
build_crypto:
- @dir=crypto; target=all; $(BUILD_ONE_CMD)
+ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
-build_ssl:
+build_ssl: build_crypto
- @dir=ssl; target=all; $(BUILD_ONE_CMD)
+ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
-build_engines:
+build_engines: build_crypto
- @dir=engines; target=all; $(BUILD_ONE_CMD)
+ +@dir=engines; target=all; $(BUILD_ONE_CMD)
-build_apps:
+build_apps: build_libs
- @dir=apps; target=all; $(BUILD_ONE_CMD)
+ +@dir=apps; target=all; $(BUILD_ONE_CMD)
-build_tests:
+build_tests: build_libs
- @dir=test; target=all; $(BUILD_ONE_CMD)
+ +@dir=test; target=all; $(BUILD_ONE_CMD)
-build_tools:
+build_tools: build_libs
- @dir=tools; target=all; $(BUILD_ONE_CMD)
+ +@dir=tools; target=all; $(BUILD_ONE_CMD)
all_testapps: build_libs build_testapps
build_testapps:
@@ -497,9 +497,9 @@
dist_pem_h:
(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
-install: all install_docs install_sw
+install: install_docs install_sw
-install_sw:
+install_dirs:
@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
@@ -508,6 +508,13 @@
$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
$(INSTALL_PREFIX)$(OPENSSLDIR)/private
+ @$(PERL) $(TOP)/util/mkdir-p.pl \
+ $(INSTALL_PREFIX)$(MANDIR)/man1 \
+ $(INSTALL_PREFIX)$(MANDIR)/man3 \
+ $(INSTALL_PREFIX)$(MANDIR)/man5 \
+ $(INSTALL_PREFIX)$(MANDIR)/man7
+
+install_sw: install_dirs
@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
@@ -511,7 +511,7 @@
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
+ +@set -e; target=install; $(RECURSIVE_BUILD_CMD)
@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
do \
if [ -f "$$i" ]; then \
@@ -593,12 +600,7 @@
done; \
done
-install_docs:
- @$(PERL) $(TOP)/util/mkdir-p.pl \
- $(INSTALL_PREFIX)$(MANDIR)/man1 \
- $(INSTALL_PREFIX)$(MANDIR)/man3 \
- $(INSTALL_PREFIX)$(MANDIR)/man5 \
- $(INSTALL_PREFIX)$(MANDIR)/man7
+install_docs: install_dirs
@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
here="`pwd`"; \
filecase=; \
--- a/Makefile.shared
+++ b/Makefile.shared
@@ -105,6 +105,7 @@ LINK_SO= \
SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
+ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
$${SHAREDCMD} $${SHAREDFLAGS} \
-o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
@@ -122,6 +124,7 @@ SYMLINK_SO= \
done; \
fi; \
if [ -n "$$SHLIB_SOVER" ]; then \
+ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
fi; \
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -85,11 +85,11 @@
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
subdirs:
- @target=all; $(RECURSIVE_MAKE)
+ +@target=all; $(RECURSIVE_MAKE)
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
- @target=files; $(RECURSIVE_MAKE)
+ +@target=files; $(RECURSIVE_MAKE)
links:
@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
@@ -100,7 +100,7 @@
# lib: $(LIB): are splitted to avoid end-less loop
lib: $(LIB)
@touch lib
-$(LIB): $(LIBOBJ)
+$(LIB): $(LIBOBJ) | subdirs
$(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@@ -110,7 +110,7 @@
fi
libs:
- @target=lib; $(RECURSIVE_MAKE)
+ +@target=lib; $(RECURSIVE_MAKE)
install:
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
@@ -119,7 +119,7 @@
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
- @target=install; $(RECURSIVE_MAKE)
+ +@target=install; $(RECURSIVE_MAKE)
lint:
@target=lint; $(RECURSIVE_MAKE)
--- a/engines/Makefile
+++ b/engines/Makefile
@@ -72,7 +72,7 @@
all: lib subdirs
-lib: $(LIBOBJ)
+lib: $(LIBOBJ) | subdirs
@if [ -n "$(SHARED_LIBS)" ]; then \
set -e; \
for l in $(LIBNAMES); do \
@@ -89,7 +89,7 @@
subdirs:
echo $(EDIRS)
- @target=all; $(RECURSIVE_MAKE)
+ +@target=all; $(RECURSIVE_MAKE)
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -128,7 +128,7 @@
mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
done; \
fi
- @target=install; $(RECURSIVE_MAKE)
+ +@target=install; $(RECURSIVE_MAKE)
tags:
ctags $(SRC)
--- a/test/Makefile
+++ b/test/Makefile
@@ -123,7 +123,7 @@
tags:
ctags $(SRC)
-tests: exe apps $(TESTS)
+tests: exe $(TESTS)
apps:
@(cd ..; $(MAKE) DIRS=apps all)
@@ -365,109 +365,109 @@
link_app.$${shlib_target}
$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
- @target=$(RSATEST); $(BUILD_CMD)
+ +@target=$(RSATEST); $(BUILD_CMD)
$(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
- @target=$(BNTEST); $(BUILD_CMD)
+ +@target=$(BNTEST); $(BUILD_CMD)
$(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
- @target=$(ECTEST); $(BUILD_CMD)
+ +@target=$(ECTEST); $(BUILD_CMD)
$(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
- @target=$(EXPTEST); $(BUILD_CMD)
+ +@target=$(EXPTEST); $(BUILD_CMD)
$(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
- @target=$(IDEATEST); $(BUILD_CMD)
+ +@target=$(IDEATEST); $(BUILD_CMD)
$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
- @target=$(MD2TEST); $(BUILD_CMD)
+ +@target=$(MD2TEST); $(BUILD_CMD)
$(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
- @target=$(SHATEST); $(BUILD_CMD)
+ +@target=$(SHATEST); $(BUILD_CMD)
$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
- @target=$(SHA1TEST); $(BUILD_CMD)
+ +@target=$(SHA1TEST); $(BUILD_CMD)
$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
- @target=$(SHA256TEST); $(BUILD_CMD)
+ +@target=$(SHA256TEST); $(BUILD_CMD)
$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
- @target=$(SHA512TEST); $(BUILD_CMD)
+ +@target=$(SHA512TEST); $(BUILD_CMD)
$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
- @target=$(RMDTEST); $(BUILD_CMD)
+ +@target=$(RMDTEST); $(BUILD_CMD)
$(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
- @target=$(MDC2TEST); $(BUILD_CMD)
+ +@target=$(MDC2TEST); $(BUILD_CMD)
$(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
- @target=$(MD4TEST); $(BUILD_CMD)
+ +@target=$(MD4TEST); $(BUILD_CMD)
$(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
- @target=$(MD5TEST); $(BUILD_CMD)
+ +@target=$(MD5TEST); $(BUILD_CMD)
$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
- @target=$(HMACTEST); $(BUILD_CMD)
+ +@target=$(HMACTEST); $(BUILD_CMD)
$(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
- @target=$(WPTEST); $(BUILD_CMD)
+ +@target=$(WPTEST); $(BUILD_CMD)
$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
- @target=$(RC2TEST); $(BUILD_CMD)
+ +@target=$(RC2TEST); $(BUILD_CMD)
$(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
- @target=$(BFTEST); $(BUILD_CMD)
+ +@target=$(BFTEST); $(BUILD_CMD)
$(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
- @target=$(CASTTEST); $(BUILD_CMD)
+ +@target=$(CASTTEST); $(BUILD_CMD)
$(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
- @target=$(RC4TEST); $(BUILD_CMD)
+ +@target=$(RC4TEST); $(BUILD_CMD)
$(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
- @target=$(RC5TEST); $(BUILD_CMD)
+ +@target=$(RC5TEST); $(BUILD_CMD)
$(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
- @target=$(DESTEST); $(BUILD_CMD)
+ +@target=$(DESTEST); $(BUILD_CMD)
$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
- @target=$(RANDTEST); $(BUILD_CMD)
+ +@target=$(RANDTEST); $(BUILD_CMD)
$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
- @target=$(DHTEST); $(BUILD_CMD)
+ +@target=$(DHTEST); $(BUILD_CMD)
$(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
- @target=$(DSATEST); $(BUILD_CMD)
+ +@target=$(DSATEST); $(BUILD_CMD)
$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
- @target=$(METHTEST); $(BUILD_CMD)
+ +@target=$(METHTEST); $(BUILD_CMD)
$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
- @target=$(SSLTEST); $(FIPS_BUILD_CMD)
+ +@target=$(SSLTEST); $(FIPS_BUILD_CMD)
$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
- @target=$(ENGINETEST); $(BUILD_CMD)
+ +@target=$(ENGINETEST); $(BUILD_CMD)
$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
- @target=$(EVPTEST); $(BUILD_CMD)
+ +@target=$(EVPTEST); $(BUILD_CMD)
$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
- @target=$(ECDSATEST); $(BUILD_CMD)
+ +@target=$(ECDSATEST); $(BUILD_CMD)
$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
- @target=$(ECDHTEST); $(BUILD_CMD)
+ +@target=$(ECDHTEST); $(BUILD_CMD)
$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
- @target=$(IGETEST); $(BUILD_CMD)
+ +@target=$(IGETEST); $(BUILD_CMD)
$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
- @target=$(JPAKETEST); $(BUILD_CMD)
+ +@target=$(JPAKETEST); $(BUILD_CMD)
$(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
- @target=$(ASN1TEST); $(BUILD_CMD)
+ +@target=$(ASN1TEST); $(BUILD_CMD)
$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
- @target=$(SRPTEST); $(BUILD_CMD)
+ +@target=$(SRPTEST); $(BUILD_CMD)
#$(AESTEST).o: $(AESTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
@@ -480,7 +480,7 @@
# fi
dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
- @target=dummytest; $(BUILD_CMD)
+ +@target=dummytest; $(BUILD_CMD)
# DO NOT DELETE THIS LINE -- make depend depends on it.

79
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-1.0.1-x32.patch vendored
View File

@ -1,79 +0,0 @@
http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=51bfed2e26fc13a66e8b5710aa2ce1d7a04af721
UpstreamStatus: Pending
Received from H J Liu @ Intel
Make the assembly syntax compatible with x32 gcc. Othewise x32 gcc throws errors.
Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/07/13
ported the patch to the 1.0.0e version
Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/01
Index: openssl-1.0.0e/Configure
===================================================================
--- openssl-1.0.0e.orig/Configure
+++ openssl-1.0.0e/Configure
@@ -393,6 +393,7 @@ my %table=(
"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-x32", "gcc:-DL_ENDIAN -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"dist", "cc:-O::(unknown)::::::",
# Basic configs that should work on any (32 and less bit) box
Index: openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c
===================================================================
--- openssl-1.0.0e.orig/crypto/bn/asm/x86_64-gcc.c
+++ openssl-1.0.0e/crypto/bn/asm/x86_64-gcc.c
@@ -55,7 +55,7 @@
* machine.
*/
-#ifdef _WIN64
+#if defined _WIN64 || !defined __LP64__
#define BN_ULONG unsigned long long
#else
#define BN_ULONG unsigned long
@@ -192,9 +192,9 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con
asm (
" subq %2,%2 \n"
".p2align 4 \n"
- "1: movq (%4,%2,8),%0 \n"
- " adcq (%5,%2,8),%0 \n"
- " movq %0,(%3,%2,8) \n"
+ "1: movq (%q4,%2,8),%0 \n"
+ " adcq (%q5,%2,8),%0 \n"
+ " movq %0,(%q3,%2,8) \n"
" leaq 1(%2),%2 \n"
" loop 1b \n"
" sbbq %0,%0 \n"
@@ -215,9 +215,9 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con
asm (
" subq %2,%2 \n"
".p2align 4 \n"
- "1: movq (%4,%2,8),%0 \n"
- " sbbq (%5,%2,8),%0 \n"
- " movq %0,(%3,%2,8) \n"
+ "1: movq (%q4,%2,8),%0 \n"
+ " sbbq (%q5,%2,8),%0 \n"
+ " movq %0,(%q3,%2,8) \n"
" leaq 1(%2),%2 \n"
" loop 1b \n"
" sbbq %0,%0 \n"
Index: openssl-1.0.0e/crypto/bn/bn.h
===================================================================
--- openssl-1.0.0e.orig/crypto/bn/bn.h
+++ openssl-1.0.0e/crypto/bn/bn.h
@@ -172,6 +172,13 @@ extern "C" {
# endif
#endif
+/* Address type. */
+#ifdef _WIN64
+#define BN_ADDR unsigned long long
+#else
+#define BN_ADDR unsigned long
+#endif
+
/* assuming long is 64bit - this is the DEC Alpha
* unsigned long long is only 64 bits :-(, don't define
* BN_LLONG for the DEC Alpha */

24
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/files/openssl-pkcs11-engine-r1.patch vendored
View File

@ -1,24 +0,0 @@
--- apps/openssl.cnf
+++ apps/openssl.cnf
@@ -12,6 +12,21 @@
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
+openssl_conf = openssl_def
+
+[openssl_def]
+engines = engine_section
+
+[engine_section]
+pkcs11 = pkcs11_section
+
+[pkcs11_section]
+engine_id = pkcs11
+dynamic_path = @GENTOO_LIBDIR@/engines/engine_pkcs11.so
+MODULE_PATH = @GENTOO_LIBDIR@/libchaps.so
+PIN = 111111
+init = 0
+
# To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use:

8
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/metadata.xml vendored
View File

@ -1,8 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<herd>base-system</herd>
<use>
<flag name='rfc3779'>Enable support for RFC 3779 (X.509 Extensions for IP Addresses and AS Identifiers)</flag>
</use>
</pkgmetadata>

226
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/openssl-1.0.1c-r8.ebuild vendored
View File

@ -1,226 +0,0 @@
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1c.ebuild,v 1.2 2012/05/20 14:01:08 vapier Exp $
EAPI="4"
CROS_WORKON_COMMIT="1c7606ce1b8c853047f1718b8201ac4af488c279"
CROS_WORKON_TREE="3c54d51cd31fbd357c6a08a37e4281836018d2a9"
inherit eutils flag-o-matic toolchain-funcs cros-workon
CROS_WORKON_PROJECT="chromiumos/third_party/openssl"
REV="1.7"
DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
HOMEPAGE="http://www.openssl.org/"
LICENSE="openssl"
SLOT="0"
KEYWORDS="alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86 amd64-fbsd sparc-fbsd x86-fbsd"
IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test vanilla zlib heartbeat"
# Have the sub-libs in RDEPEND with [static-libs] since, logically,
# our libssl.a depends on libz.a/etc... at runtime.
LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] )
zlib? ( sys-libs/zlib[static-libs(+)] )
kerberos? ( app-crypt/mit-krb5 )"
# The blocks are temporary just to make sure people upgrade to a
# version that lack runtime version checking. We'll drop them in
# the future.
RDEPEND="static-libs? ( ${LIB_DEPEND} )
!static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )"
DEPEND="${RDEPEND}
sys-apps/diffutils
>=dev-lang/perl-5
test? ( sys-devel/bc )"
PDEPEND="app-misc/ca-certificates"
src_unpack() {
cros-workon_src_unpack
SSL_CNF_DIR="/etc/ssl"
sed \
-e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \
"${FILESDIR}"/c_rehash.sh \
> "${WORKDIR}"/c_rehash || die #416717
}
src_prepare() {
# Make sure we only ever touch Makefile.org and avoid patching a file
# that gets blown away anyways by the Configure script in src_configure
rm -f Makefile
if ! use vanilla ; then
epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089
epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch
epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch
epatch "${FILESDIR}"/${PN}-1.0.1-ipv6.patch
epatch_user #332661
fi
# disable fips in the build
# make sure the man pages are suffixed #302165
# don't bother building man pages if they're disabled
sed -i \
-e '/DIRS/s: fips : :g' \
-e '/^MANSUFFIX/s:=.*:=ssl:' \
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
-e $(has noman FEATURES \
&& echo '/^install:/s:install_docs::' \
|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
Makefile.org \
|| die
# show the actual commands in the log
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
# allow openssl to be cross-compiled
cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die
chmod a+rx gentoo.config
append-flags -fno-strict-aliasing
append-flags $(test-flags-CC -Wa,--noexecstack)
sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
./config --test-sanity || die "I AM NOT SANE"
}
src_configure() {
unset APPS #197996
unset SCRIPTS #312551
unset CROSS_COMPILE #311473
tc-export CC AR RANLIB # RC
# Clean out patent-or-otherwise-encumbered code
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
echoit() { echo "$@" ; "$@" ; }
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
local sslout=$(./gentoo.config)
einfo "Use configuration ${sslout:-(openssl knows best)}"
local config="Configure"
[[ -z ${sslout} ]] && config="config"
echoit \
./${config} \
${sslout} \
$(use sse2 || echo "no-sse2") \
enable-camellia \
$(use_ssl !bindist ec) \
enable-idea \
enable-mdc2 \
$(use_ssl !bindist rc5) \
enable-tlsext \
$(use_ssl gmp gmp -lgmp) \
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
$(use_ssl rfc3779) \
$(use_ssl zlib) \
$(use_ssl heartbeats) \
--prefix=/usr \
--openssldir=${SSL_CNF_DIR} \
--libdir=$(get_libdir) \
shared threads \
|| die
# Clean out hardcoded flags that openssl uses
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
-e 's:^CFLAG=::' \
-e 's:-fomit-frame-pointer ::g' \
-e 's:-O[0-9] ::g' \
-e 's:-march=[-a-z0-9]* ::g' \
-e 's:-mcpu=[-a-z0-9]* ::g' \
-e 's:-m[a-z0-9]* ::g' \
)
sed -i \
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
Makefile || die
}
src_compile() {
# depend is needed to use $confopts; it also doesn't matter
# that it's -j1 as the code itself serializes subdirs
emake -j1 depend
emake all
# rehash is needed to prep the certs/ dir; do this
# separately to avoid parallel build issues.
emake rehash
}
# TODO(ellyjones): these are broken even in upstream
# src_test() {
# emake -j1 test
# }
src_install() {
emake INSTALL_PREFIX="${D}" install
dobin "${S}"/tools/c_rehash #333117
dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
dohtml -r doc/*
use rfc3779 && dodoc engines/ccgost/README.gost
# This is crappy in that the static archives are still built even
# when USE=static-libs. But this is due to a failing in the openssl
# build system: the static archives are built as PIC all the time.
# Only way around this would be to manually configure+compile openssl
# twice; once with shared lib support enabled and once without.
use static-libs || rm -f "${D}"/usr/lib*/lib*.a
# create the certs directory
dodir ${SSL_CNF_DIR}/certs
cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die
rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired}
# Namespace openssl programs to prevent conflicts with other man pages
cd "${D}"/usr/share/man
local m d s
for m in $(find . -type f | xargs grep -L '#include') ; do
d=${m%/*} ; d=${d#./} ; m=${m##*/}
[[ ${m} == openssl.1* ]] && continue
[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
mv ${d}/{,ssl-}${m}
# fix up references to renamed man pages
sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
ln -s ssl-${m} ${d}/openssl-${m}
# locate any symlinks that point to this man page ... we assume
# that any broken links are due to the above renaming
for s in $(find -L ${d} -type l) ; do
s=${s##*/}
rm -f ${d}/${s}
ln -s ssl-${m} ${d}/ssl-${s}
ln -s ssl-${s} ${d}/openssl-${s}
done
done
[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
dodir /etc/sandbox.d #254521
echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl
diropts -m0700
keepdir ${SSL_CNF_DIR}/private
insinto ${SSL_CNF_DIR}
doins "${FILESDIR}"/blacklist
}
pkg_preinst() {
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
}
pkg_postinst() {
ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
eend $?
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
}

224
sdk_container/src/third_party/coreos-overlay/dev-libs/openssl/openssl-9999.ebuild vendored
View File

@ -1,224 +0,0 @@
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1c.ebuild,v 1.2 2012/05/20 14:01:08 vapier Exp $
EAPI="4"
inherit eutils flag-o-matic toolchain-funcs cros-workon
CROS_WORKON_PROJECT="chromiumos/third_party/openssl"
REV="1.7"
DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
HOMEPAGE="http://www.openssl.org/"
LICENSE="openssl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test vanilla zlib heartbeat"
# Have the sub-libs in RDEPEND with [static-libs] since, logically,
# our libssl.a depends on libz.a/etc... at runtime.
LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] )
zlib? ( sys-libs/zlib[static-libs(+)] )
kerberos? ( app-crypt/mit-krb5 )"
# The blocks are temporary just to make sure people upgrade to a
# version that lack runtime version checking. We'll drop them in
# the future.
RDEPEND="static-libs? ( ${LIB_DEPEND} )
!static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )"
DEPEND="${RDEPEND}
sys-apps/diffutils
>=dev-lang/perl-5
test? ( sys-devel/bc )"
PDEPEND="app-misc/ca-certificates"
src_unpack() {
cros-workon_src_unpack
SSL_CNF_DIR="/etc/ssl"
sed \
-e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \
"${FILESDIR}"/c_rehash.sh \
> "${WORKDIR}"/c_rehash || die #416717
}
src_prepare() {
# Make sure we only ever touch Makefile.org and avoid patching a file
# that gets blown away anyways by the Configure script in src_configure
rm -f Makefile
if ! use vanilla ; then
epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089
epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch
epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch
epatch "${FILESDIR}"/${PN}-1.0.1-ipv6.patch
epatch_user #332661
fi
# disable fips in the build
# make sure the man pages are suffixed #302165
# don't bother building man pages if they're disabled
sed -i \
-e '/DIRS/s: fips : :g' \
-e '/^MANSUFFIX/s:=.*:=ssl:' \
-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
-e $(has noman FEATURES \
&& echo '/^install:/s:install_docs::' \
|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
Makefile.org \
|| die
# show the actual commands in the log
sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
# allow openssl to be cross-compiled
cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die
chmod a+rx gentoo.config
append-flags -fno-strict-aliasing
append-flags $(test-flags-CC -Wa,--noexecstack)
sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
./config --test-sanity || die "I AM NOT SANE"
}
src_configure() {
unset APPS #197996
unset SCRIPTS #312551
unset CROSS_COMPILE #311473
tc-export CC AR RANLIB # RC
# Clean out patent-or-otherwise-encumbered code
# Camellia: Royalty Free http://en.wikipedia.org/wiki/Camellia_(cipher)
# IDEA: Expired http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
# EC: ????????? ??/??/2015 http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
# MDC2: Expired http://en.wikipedia.org/wiki/MDC-2
# RC5: 5,724,428 03/03/2015 http://en.wikipedia.org/wiki/RC5
use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
echoit() { echo "$@" ; "$@" ; }
local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
local sslout=$(./gentoo.config)
einfo "Use configuration ${sslout:-(openssl knows best)}"
local config="Configure"
[[ -z ${sslout} ]] && config="config"
echoit \
./${config} \
${sslout} \
$(use sse2 || echo "no-sse2") \
enable-camellia \
$(use_ssl !bindist ec) \
enable-idea \
enable-mdc2 \
$(use_ssl !bindist rc5) \
enable-tlsext \
$(use_ssl gmp gmp -lgmp) \
$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
$(use_ssl rfc3779) \
$(use_ssl zlib) \
$(use_ssl heartbeats) \
--prefix=/usr \
--openssldir=${SSL_CNF_DIR} \
--libdir=$(get_libdir) \
shared threads \
|| die
# Clean out hardcoded flags that openssl uses
local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
-e 's:^CFLAG=::' \
-e 's:-fomit-frame-pointer ::g' \
-e 's:-O[0-9] ::g' \
-e 's:-march=[-a-z0-9]* ::g' \
-e 's:-mcpu=[-a-z0-9]* ::g' \
-e 's:-m[a-z0-9]* ::g' \
)
sed -i \
-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
Makefile || die
}
src_compile() {
# depend is needed to use $confopts; it also doesn't matter
# that it's -j1 as the code itself serializes subdirs
emake -j1 depend
emake all
# rehash is needed to prep the certs/ dir; do this
# separately to avoid parallel build issues.
emake rehash
}
# TODO(ellyjones): these are broken even in upstream
# src_test() {
# emake -j1 test
# }
src_install() {
emake INSTALL_PREFIX="${D}" install
dobin "${S}"/tools/c_rehash #333117
dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
dohtml -r doc/*
use rfc3779 && dodoc engines/ccgost/README.gost
# This is crappy in that the static archives are still built even
# when USE=static-libs. But this is due to a failing in the openssl
# build system: the static archives are built as PIC all the time.
# Only way around this would be to manually configure+compile openssl
# twice; once with shared lib support enabled and once without.
use static-libs || rm -f "${D}"/usr/lib*/lib*.a
# create the certs directory
dodir ${SSL_CNF_DIR}/certs
cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die
rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired}
# Namespace openssl programs to prevent conflicts with other man pages
cd "${D}"/usr/share/man
local m d s
for m in $(find . -type f | xargs grep -L '#include') ; do
d=${m%/*} ; d=${d#./} ; m=${m##*/}
[[ ${m} == openssl.1* ]] && continue
[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
mv ${d}/{,ssl-}${m}
# fix up references to renamed man pages
sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
ln -s ssl-${m} ${d}/openssl-${m}
# locate any symlinks that point to this man page ... we assume
# that any broken links are due to the above renaming
for s in $(find -L ${d} -type l) ; do
s=${s##*/}
rm -f ${d}/${s}
ln -s ssl-${m} ${d}/ssl-${s}
ln -s ssl-${s} ${d}/openssl-${s}
done
done
[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
dodir /etc/sandbox.d #254521
echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl
diropts -m0700
keepdir ${SSL_CNF_DIR}/private
insinto ${SSL_CNF_DIR}
doins "${FILESDIR}"/blacklist
}
pkg_preinst() {
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
}
pkg_postinst() {
ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
eend $?
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
}

21
sdk_container/src/third_party/coreos-overlay/dev-util/perf/files/chromeos-version.sh vendored
View File

@ -1,21 +0,0 @@
#!/bin/sh
#
# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
#
# This script is given one argument: the base of the source directory of
# the package, and it prints a string on stdout with the numerical version
# number for said repo.
# Matching regexp for all known kernel release tags to date.
PATTERN="v[23].*"
if [ ! -d "$1" ] ; then
exit
fi
cd "$1" || exit
git describe --match "${PATTERN}" --abbrev=0 HEAD 2>&1 | egrep "${PATTERN}" |
sed s/v\\.*//g | sed s/-/_/g

26
sdk_container/src/third_party/coreos-overlay/dev-util/perf/metadata.xml vendored
View File

@ -1,26 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<herd>no-herd</herd>
<maintainer>
<email>flameeyes@gentoo.org</email>
</maintainer>
<use>
<flag name="demangle">
Enable C++ symbol name demangling, using libbfd from
<pkg>sys-devel/binutils</pkg>. When this flag is enabled, the
package will have to be rebuilt after every version bump of
binutils.
</flag>
<flag name="doc">
Build documentation and man pages. With thise USE flag disabled,
the --help parameter for perf and its sub-tools will not be
available. This is optional because it depends on a few
documentation handling tools that are not always welcome on user
systems.
</flag>
<flag name="perl">
Add support for Perl as a scripting language for perf tools.
</flag>
</use>
</pkgmetadata>

74
sdk_container/src/third_party/coreos-overlay/dev-util/perf/perf-3.4-r2115.ebuild vendored
View File

@ -1,74 +0,0 @@
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-util/perf/perf-2.6.32.ebuild,v 1.1 2009/12/04 16:33:24 flameeyes Exp $
EAPI=4
CROS_WORKON_COMMIT="808f8d525c0eeaba7d71f2c9f993c02b1c76e210"
CROS_WORKON_TREE="cf09dbf486aa2e7f53a7236d4d77165325586be8"
CROS_WORKON_PROJECT="chromiumos/third_party/kernel"
inherit cros-workon eutils toolchain-funcs linux-info
DESCRIPTION="Userland tools for Linux Performance Counters"
HOMEPAGE="http://perf.wiki.kernel.org/"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="amd64 arm x86"
IUSE="+demangle +doc perl python ncurses"
RDEPEND="demangle? ( sys-devel/binutils )
dev-libs/elfutils
ncurses? ( dev-libs/newt )
perl? ( || ( >=dev-lang/perl-5.10 sys-devel/libperl ) )
!dev-util/perf-next"
DEPEND="${RDEPEND}
doc? ( app-text/asciidoc app-text/xmlto )"
CROS_WORKON_LOCALNAME="kernel/files"
src_compile() {
local makeargs=
pushd tools/perf
use demangle || makeargs="${makeargs} NO_DEMANGLE=1 "
use perl || makeargs="${makeargs} NO_LIBPERL=1 "
use python || makeargs="${makeargs} NO_LIBPYTHON=1 "
use ncurses || makeargs="${makeargs} NO_NEWT=1 "
if use arm; then
export ARM_SHA=1
fi
emake ${makeargs} \
CC="$(tc-getCC)" AR="$(tc-getAR)" \
prefix="/usr" bindir_relative="sbin" \
CFLAGS="${CFLAGS}" \
LDFLAGS="${LDFLAGS}"
if use doc; then
pushd Documentation
emake ${makeargs}
popd
fi
popd
}
src_install() {
pushd tools/perf
dosbin perf
dosbin perf-archive
dodoc CREDITS
if use doc; then
dodoc Documentation/*.txt
dohtml Documentation/*.html
doman Documentation/*.1
fi
popd
}

72
sdk_container/src/third_party/coreos-overlay/dev-util/perf/perf-9999.ebuild vendored
View File

@ -1,72 +0,0 @@
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/dev-util/perf/perf-2.6.32.ebuild,v 1.1 2009/12/04 16:33:24 flameeyes Exp $
EAPI=4
CROS_WORKON_PROJECT="chromiumos/third_party/kernel"
inherit cros-workon eutils toolchain-funcs linux-info
DESCRIPTION="Userland tools for Linux Performance Counters"
HOMEPAGE="http://perf.wiki.kernel.org/"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~amd64 ~arm ~x86"
IUSE="+demangle +doc perl python ncurses"
RDEPEND="demangle? ( sys-devel/binutils )
dev-libs/elfutils
ncurses? ( dev-libs/newt )
perl? ( || ( >=dev-lang/perl-5.10 sys-devel/libperl ) )
!dev-util/perf-next"
DEPEND="${RDEPEND}
doc? ( app-text/asciidoc app-text/xmlto )"
CROS_WORKON_LOCALNAME="kernel/files"
src_compile() {
local makeargs=
pushd tools/perf
use demangle || makeargs="${makeargs} NO_DEMANGLE=1 "
use perl || makeargs="${makeargs} NO_LIBPERL=1 "
use python || makeargs="${makeargs} NO_LIBPYTHON=1 "
use ncurses || makeargs="${makeargs} NO_NEWT=1 "
if use arm; then
export ARM_SHA=1
fi
emake ${makeargs} \
CC="$(tc-getCC)" AR="$(tc-getAR)" \
prefix="/usr" bindir_relative="sbin" \
CFLAGS="${CFLAGS}" \
LDFLAGS="${LDFLAGS}"
if use doc; then
pushd Documentation
emake ${makeargs}
popd
fi
popd
}
src_install() {
pushd tools/perf
dosbin perf
dosbin perf-archive
dodoc CREDITS
if use doc; then
dodoc Documentation/*.txt
dohtml Documentation/*.html
doman Documentation/*.1
fi
popd
}

2
sdk_container/src/third_party/coreos-overlay/net-misc/tlsdate/files/chromeos-version.sh vendored
View File

@ -1,2 +0,0 @@
#!/bin/sh
exec gawk -F, '{print gensub(/[[\]]/, "", "g", $2); exit}' "$1"/configure.ac

22
sdk_container/src/third_party/coreos-overlay/net-misc/tlsdate/files/tlsdated.conf vendored
View File

@ -1,22 +0,0 @@
base-path /var/cache/tlsdated
dry-run no
jitter 0
max-tries 10
min-steady-state-interval 86400
should-load-disk yes
should-netlink yes
should-save-disk yes
should-sync-hwclock yes
steady-state-interval 86400
subprocess-tries 10
subprocess-wait-between-tries 3
verbose yes
wait-between-tries 10
# Host configuration.
source
host clients3.google.com
port 443
proxy none
end

48
sdk_container/src/third_party/coreos-overlay/net-misc/tlsdate/tlsdate-0.0.5-r16.ebuild vendored
View File

@ -1,48 +0,0 @@
# Copyright 2012 The Chromium OS Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="4"
CROS_WORKON_COMMIT="321d42f690e390771504daf85b5abe94c2d06812"
CROS_WORKON_TREE="3f95510f2675f728abd95e43dfb7cbecf56d2e77"
CROS_WORKON_PROJECT="chromiumos/third_party/tlsdate"
inherit autotools flag-o-matic toolchain-funcs cros-workon
DESCRIPTION="Update local time over HTTPS"
HOMEPAGE="https://github.com/ioerror/tlsdate"
LICENSE="BSD"
SLOT="0"
KEYWORDS="amd64 arm x86"
IUSE="dbus"
DEPEND="dev-libs/openssl
dbus? ( sys-apps/dbus )"
RDEPEND="${DEPEND}"
src_prepare() {
eautoreconf
}
src_configure() {
econf $(use_enable dbus)
}
src_compile() {
# Provide timestamp of when this was built, in number of seconds since
# 01 Jan 1970 in UTC time.
local DATE=$(($(date -u +%s) - 86400))
# Set it back one day to avoid dealing with time zones.
append-cppflags -DRECENT_COMPILE_DATE=${DATE}
# Our unprivileged group is called "nobody"
append-cppflags '-DUNPRIV_GROUP=\"nobody\"'
tc-export CC
emake CFLAGS="-Wall ${CFLAGS} ${CPPFLAGS} ${LDFLAGS}"
}
src_install() {
default
insinto /etc/tlsdate
doins "${FILESDIR}/tlsdated.conf"
}

46
sdk_container/src/third_party/coreos-overlay/net-misc/tlsdate/tlsdate-9999.ebuild vendored
View File

@ -1,46 +0,0 @@
# Copyright 2012 The Chromium OS Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="4"
CROS_WORKON_PROJECT="chromiumos/third_party/tlsdate"
inherit autotools flag-o-matic toolchain-funcs cros-workon
DESCRIPTION="Update local time over HTTPS"
HOMEPAGE="https://github.com/ioerror/tlsdate"
LICENSE="BSD"
SLOT="0"
KEYWORDS="~amd64 ~arm ~x86"
IUSE="dbus"
DEPEND="dev-libs/openssl
dbus? ( sys-apps/dbus )"
RDEPEND="${DEPEND}"
src_prepare() {
eautoreconf
}
src_configure() {
econf $(use_enable dbus)
}
src_compile() {
# Provide timestamp of when this was built, in number of seconds since
# 01 Jan 1970 in UTC time.
local DATE=$(($(date -u +%s) - 86400))
# Set it back one day to avoid dealing with time zones.
append-cppflags -DRECENT_COMPILE_DATE=${DATE}
# Our unprivileged group is called "nobody"
append-cppflags '-DUNPRIV_GROUP=\"nobody\"'
tc-export CC
emake CFLAGS="-Wall ${CFLAGS} ${CPPFLAGS} ${LDFLAGS}"
}
src_install() {
default
insinto /etc/tlsdate
doins "${FILESDIR}/tlsdated.conf"
}

2
sdk_container/src/third_party/coreos-overlay/sys-devel/binutils/Manifest vendored
View File

@ -1,2 +0,0 @@
DIST binutils-2.21.1-patches-1.0.tar.bz2 9168 RMD160 b475a318e371d550d01678da18ac8f4d58c149ec SHA1 1a835aa2ed8c268075a96b6694256410bfaf859d SHA256 f0c3ad8f984242dbc8a4f45b9594fb12dc9a45d348930038ac24c5726aafa716
DIST binutils-2.21.1.tar.bz2 18997755 RMD160 de5ce1d7cb0d44e3ec18c557beefb2a292d59a60 SHA1 525255ca6874b872540c9967a1d26acfbc7c8230 SHA256 cdecfa69f02aa7b05fbcdf678e33137151f361313b2f3e48aba925f64eabf654

308
sdk_container/src/third_party/coreos-overlay/sys-devel/binutils/binutils-2.22-r16.ebuild vendored
View File

@ -1,308 +0,0 @@
# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
# Distributed under the terms of the GNU General Public License v2
CROS_WORKON_COMMIT="9c1580ea72a5a3b15d90a9baf82c2f7707b793c4"
CROS_WORKON_TREE="2a7750a0cddd72df341d61250ade80d6270afbd7"
CROS_WORKON_PROJECT=chromiumos/third_party/binutils
inherit eutils libtool flag-o-matic gnuconfig multilib versionator cros-workon
KEYWORDS="amd64 arm x86"
BVER=${PV}
# Version names
if [[ "${PV}" == "9999" ]] ; then
BINUTILS_VERSION="binutils-2.22"
else
BINUTILS_VERSION="${P}"
fi
BINUTILS_PKG_VERSION="${BINUTILS_VERSION}_cos_gg"
export CTARGET=${CTARGET:-${CHOST}}
if [[ ${CTARGET} == ${CHOST} ]] ; then
if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then
export CTARGET=${CATEGORY/cross-}
fi
fi
is_cross() { [[ ${CHOST} != ${CTARGET} ]] ; }
DESCRIPTION="Tools necessary to build programs"
HOMEPAGE="http://sources.redhat.com/binutils/"
LICENSE="|| ( GPL-3 LGPL-3 )"
IUSE="hardened mounted_binutils multislot multitarget nls test vanilla"
if use multislot ; then
SLOT="${CTARGET}-${BVER}"
elif is_cross ; then
SLOT="${CTARGET}"
else
SLOT="0"
fi
RDEPEND=">=sys-devel/binutils-config-1.9"
DEPEND="${RDEPEND}
test? ( dev-util/dejagnu )
nls? ( sys-devel/gettext )
sys-devel/flex"
S_BINUTILS="${WORKDIR}/${BINUTILS_VERSION}"
RESTRICT="fetch strip"
MY_BUILDDIR_BINUTILS="${WORKDIR}/build"
GITDIR=${WORKDIR}/gitdir
LIBPATH=/usr/$(get_libdir)/binutils/${CTARGET}/${BVER}
INCPATH=${LIBPATH}/include
DATAPATH=/usr/share/binutils-data/${CTARGET}/${BVER}
if is_cross ; then
BINPATH=/usr/${CHOST}/${CTARGET}/binutils-bin/${BVER}
else
BINPATH=/usr/${CTARGET}/binutils-bin/${BVER}
fi
src_unpack() {
if use mounted_binutils ; then
BINUTILS_DIR="/usr/local/toolchain_root/binutils"
if [[ ! -d ${BINUTILS_DIR} ]] ; then
die "binutils dirs not mounted at: ${BINUTILS_DIR}"
fi
else
cros-workon_src_unpack
mv "${S}" "${GITDIR}"
BINUTILS_DIR="${GITDIR}"
if [ -d "${GITDIR}/.git" ]; then
CL=$(cd "${BINUTILS_DIR}"; git log --pretty=format:%s -n1 | egrep -o '[0-9]+')
fi
fi
if [[ ! -z ${CL} ]] ; then
BINUTILS_PKG_VERSION="${BINUTILS_PKG_VERSION}_${CL}"
fi
ln -s ${BINUTILS_DIR} ${S_BINUTILS}
mkdir -p "${MY_BUILDDIR_BINUTILS}"
}
src_compile() {
# keep things sane
strip-flags
local x
echo
for x in CATEGORY CBUILD CHOST CTARGET CFLAGS LDFLAGS ; do
einfo "$(printf '%10s' ${x}:) ${!x}"
done
echo
cd "${MY_BUILDDIR_BINUTILS}"
local myconf=""
is_cross && myconf="${myconf} --with-sysroot=/usr/${CTARGET}"
myconf="--prefix=/usr \
--host=${CHOST} \
--target=${CTARGET} \
--datadir=${DATAPATH} \
--infodir=${DATAPATH}/info \
--mandir=${DATAPATH}/man \
--bindir=${BINPATH} \
--libdir=${LIBPATH} \
--libexecdir=${LIBPATH} \
--includedir=${INCPATH} \
--enable-64-bit-bfd \
--enable-gold \
--enable-shared \
--disable-werror \
--enable-secureplt \
--enable-plugins \
--without-included-gettext \
--build=${CBUILD} \
--with-bugurl=http://code.google.com/p/chromium-os/issues/entry \
${myconf} ${EXTRA_ECONF}"
binutils_conf="${myconf} --with-pkgversion=${BINUTILS_PKG_VERSION}"
echo ./configure ${binutils_conf}
"${S_BINUTILS}"/configure ${binutils_conf} || die "configure failed"
emake all || die "emake failed"
# only build info pages if we user wants them, and if
# we have makeinfo (may not exist when we bootstrap)
if type -p makeinfo > /dev/null ; then
emake info || die "make info failed"
fi
# we nuke the manpages when we're left with junk
# (like when we bootstrap, no perl -> no manpages)
find . -name '*.1' -a -size 0 | xargs rm -f
}
src_test() {
cd "${MY_BUILDDIR_BINUTILS}"
make check || die "check failed :("
}
src_install() {
local x d
cd "${MY_BUILDDIR_BINUTILS}"
emake DESTDIR="${D}" tooldir="${LIBPATH}" install || die
rm -rf "${D}"/${LIBPATH}/bin
# Newer versions of binutils get fancy with ${LIBPATH} #171905
cd "${D}"/${LIBPATH}
for d in ../* ; do
[[ ${d} == ../${BVER} ]] && continue
mv ${d}/* . || die
rmdir ${d} || die
done
# Now we collect everything intp the proper SLOT-ed dirs
# When something is built to cross-compile, it installs into
# /usr/$CHOST/ by default ... we have to 'fix' that :)
if is_cross ; then
cd "${D}"/${BINPATH}
for x in * ; do
mv ${x} ${x/${CTARGET}-}
done
if [[ -d ${D}/usr/${CHOST}/${CTARGET} ]] ; then
mv "${D}"/usr/${CHOST}/${CTARGET}/include "${D}"/${INCPATH}
mv "${D}"/usr/${CHOST}/${CTARGET}/lib/* "${D}"/${LIBPATH}/
rm -r "${D}"/usr/${CHOST}/{include,lib}
fi
fi
insinto ${INCPATH}
doins "${S_BINUTILS}/include/libiberty.h"
if [[ -d ${D}/${LIBPATH}/lib ]] ; then
mv "${D}"/${LIBPATH}/lib/* "${D}"/${LIBPATH}/
rm -r "${D}"/${LIBPATH}/lib
fi
# Now, some binutils are tricky and actually provide
# for multiple TARGETS. Really, we're talking just
# 32bit/64bit support (like mips/ppc/sparc). Here
# we want to tell binutils-config that it's cool if
# it generates multiple sets of binutil symlinks.
# e.g. sparc gets {sparc,sparc64}-unknown-linux-gnu
local targ=${CTARGET/-*} src="" dst=""
local FAKE_TARGETS=${CTARGET}
case ${targ} in
mips*) src="mips" dst="mips64";;
powerpc*) src="powerpc" dst="powerpc64";;
s390*) src="s390" dst="s390x";;
sparc*) src="sparc" dst="sparc64";;
esac
case ${targ} in
mips64*|powerpc64*|s390x*|sparc64*) targ=${src} src=${dst} dst=${targ};;
esac
[[ -n ${src}${dst} ]] && FAKE_TARGETS="${FAKE_TARGETS} ${CTARGET/${src}/${dst}}"
# Generate an env.d entry for this binutils
insinto /etc/env.d/binutils
cat <<-EOF > "${T}"/env.d
TARGET="${CTARGET}"
VER="${BVER}"
LIBPATH="${LIBPATH}"
FAKE_TARGETS="${FAKE_TARGETS}"
EOF
newins "${T}"/env.d ${CTARGET}-${BVER}
# Handle documentation
if ! is_cross ; then
cd "${S_BINUTILS}"
dodoc README
docinto bfd
dodoc bfd/ChangeLog* bfd/README bfd/PORTING bfd/TODO
docinto binutils
dodoc binutils/ChangeLog binutils/NEWS binutils/README
docinto gas
dodoc gas/ChangeLog* gas/CONTRIBUTORS gas/NEWS gas/README*
docinto gprof
dodoc gprof/ChangeLog* gprof/TEST gprof/TODO gprof/bbconv.pl
docinto ld
dodoc ld/ChangeLog* ld/README ld/NEWS ld/TODO
docinto libiberty
dodoc libiberty/ChangeLog* libiberty/README
docinto opcodes
dodoc opcodes/ChangeLog*
fi
# Remove shared info pages
rm -f "${D}"/${DATAPATH}/info/{dir,configure.info,standards.info}
# Trim all empty dirs
find "${D}" -type d | xargs rmdir >& /dev/null
if use hardened ; then
LDWRAPPER=ldwrapper.hardened
else
LDWRAPPER=ldwrapper
fi
mv "${D}/${BINPATH}/ld.bfd" "${D}/${BINPATH}/ld.bfd.real" || die
exeinto "${BINPATH}"
newexe "${FILESDIR}/${LDWRAPPER}" "ld.bfd" || die
mv "${D}/${BINPATH}/ld.gold" "${D}/${BINPATH}/ld.gold.real" || die
exeinto "${BINPATH}"
newexe "${FILESDIR}/${LDWRAPPER}" "ld.gold" || die
# Set default to be ld.bfd in regular installation
dosym ld.bfd "${BINPATH}/ld"
# Make a fake installation for gold with gold as the default linker
# so we can turn gold on/off with binutils-config
LASTDIR=${LIBPATH##/*/}
dosym "${LASTDIR}" "${LIBPATH}-gold"
LASTDIR=${DATAPATH##/*/}
dosym "${LASTDIR}" "${DATAPATH}-gold"
mkdir "${D}/${BINPATH}-gold"
cd "${D}"/${BINPATH}
LASTDIR=${BINPATH##/*/}
for x in * ; do
dosym "../${LASTDIR}/${x}" "${BINPATH}-gold/${x}"
done
dosym ld.gold "${BINPATH}-gold/ld"
# Install gold binutils-config configuration file
insinto /etc/env.d/binutils
cat <<-EOF > "${T}"/env.d
TARGET="${CTARGET}"
VER="${BVER}-gold"
LIBPATH="${LIBPATH}-gold"
FAKE_TARGETS="${FAKE_TARGETS}"
EOF
newins "${T}"/env.d ${CTARGET}-${BVER}-gold
# Move the locale directory to where it is supposed to be
mv "${D}/usr/share/locale" "${D}/${DATAPATH}/"
}
pkg_postinst() {
binutils-config ${CTARGET}-${BVER}
}
pkg_postrm() {
local current_profile=$(binutils-config -c ${CTARGET})
# If no other versions exist, then uninstall for this
# target ... otherwise, switch to the newest version
# Note: only do this if this version is unmerged. We
# rerun binutils-config if this is a remerge, as
# we want the mtimes on the symlinks updated (if
# it is the same as the current selected profile)
if [[ ! -e ${BINPATH}/ld ]] && [[ ${current_profile} == ${CTARGET}-${BVER} ]] ; then
local choice=$(binutils-config -l | grep ${CTARGET} | awk '{print $2}')
choice=${choice//$'\n'/ }
choice=${choice/* }
if [[ -z ${choice} ]] ; then
env -i binutils-config -u ${CTARGET}
else
binutils-config ${choice}
fi
elif [[ $(CHOST=${CTARGET} binutils-config -c) == ${CTARGET}-${BVER} ]] ; then
binutils-config ${CTARGET}-${BVER}
fi
}

9
sdk_container/src/third_party/coreos-overlay/sys-devel/binutils/binutils-2.23.1.ebuild vendored
View File

@ -1,9 +0,0 @@
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sys-devel/binutils/binutils-2.23.1.ebuild,v 1.1 2012/11/15 19:43:36 vapier Exp $
PATCHVER="1.0"
ELF2FLT_VER=""
inherit toolchain-binutils
KEYWORDS=""

306
sdk_container/src/third_party/coreos-overlay/sys-devel/binutils/binutils-9999.ebuild vendored
View File

@ -1,306 +0,0 @@
# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
# Distributed under the terms of the GNU General Public License v2
CROS_WORKON_PROJECT=chromiumos/third_party/binutils
inherit eutils libtool flag-o-matic gnuconfig multilib versionator cros-workon
KEYWORDS="~amd64 ~arm ~x86"
BVER=${PV}
# Version names
if [[ "${PV}" == "9999" ]] ; then
BINUTILS_VERSION="binutils-2.22"
else
BINUTILS_VERSION="${P}"
fi
BINUTILS_PKG_VERSION="${BINUTILS_VERSION}_cos_gg"
export CTARGET=${CTARGET:-${CHOST}}
if [[ ${CTARGET} == ${CHOST} ]] ; then
if [[ ${CATEGORY/cross-} != ${CATEGORY} ]] ; then
export CTARGET=${CATEGORY/cross-}
fi
fi
is_cross() { [[ ${CHOST} != ${CTARGET} ]] ; }
DESCRIPTION="Tools necessary to build programs"
HOMEPAGE="http://sources.redhat.com/binutils/"
LICENSE="|| ( GPL-3 LGPL-3 )"
IUSE="hardened mounted_binutils multislot multitarget nls test vanilla"
if use multislot ; then
SLOT="${CTARGET}-${BVER}"
elif is_cross ; then
SLOT="${CTARGET}"
else
SLOT="0"
fi
RDEPEND=">=sys-devel/binutils-config-1.9"
DEPEND="${RDEPEND}
test? ( dev-util/dejagnu )
nls? ( sys-devel/gettext )
sys-devel/flex"
S_BINUTILS="${WORKDIR}/${BINUTILS_VERSION}"
RESTRICT="fetch strip"
MY_BUILDDIR_BINUTILS="${WORKDIR}/build"
GITDIR=${WORKDIR}/gitdir
LIBPATH=/usr/$(get_libdir)/binutils/${CTARGET}/${BVER}
INCPATH=${LIBPATH}/include
DATAPATH=/usr/share/binutils-data/${CTARGET}/${BVER}
if is_cross ; then
BINPATH=/usr/${CHOST}/${CTARGET}/binutils-bin/${BVER}
else
BINPATH=/usr/${CTARGET}/binutils-bin/${BVER}
fi
src_unpack() {
if use mounted_binutils ; then
BINUTILS_DIR="/usr/local/toolchain_root/binutils"
if [[ ! -d ${BINUTILS_DIR} ]] ; then
die "binutils dirs not mounted at: ${BINUTILS_DIR}"
fi
else
cros-workon_src_unpack
mv "${S}" "${GITDIR}"
BINUTILS_DIR="${GITDIR}"
if [ -d "${GITDIR}/.git" ]; then
CL=$(cd "${BINUTILS_DIR}"; git log --pretty=format:%s -n1 | egrep -o '[0-9]+')
fi
fi
if [[ ! -z ${CL} ]] ; then
BINUTILS_PKG_VERSION="${BINUTILS_PKG_VERSION}_${CL}"
fi
ln -s ${BINUTILS_DIR} ${S_BINUTILS}
mkdir -p "${MY_BUILDDIR_BINUTILS}"
}
src_compile() {
# keep things sane
strip-flags
local x
echo
for x in CATEGORY CBUILD CHOST CTARGET CFLAGS LDFLAGS ; do
einfo "$(printf '%10s' ${x}:) ${!x}"
done
echo
cd "${MY_BUILDDIR_BINUTILS}"
local myconf=""
is_cross && myconf="${myconf} --with-sysroot=/usr/${CTARGET}"
myconf="--prefix=/usr \
--host=${CHOST} \
--target=${CTARGET} \
--datadir=${DATAPATH} \
--infodir=${DATAPATH}/info \
--mandir=${DATAPATH}/man \
--bindir=${BINPATH} \
--libdir=${LIBPATH} \
--libexecdir=${LIBPATH} \
--includedir=${INCPATH} \
--enable-64-bit-bfd \
--enable-gold \
--enable-shared \
--disable-werror \
--enable-secureplt \
--enable-plugins \
--without-included-gettext \
--build=${CBUILD} \
--with-bugurl=http://code.google.com/p/chromium-os/issues/entry \
${myconf} ${EXTRA_ECONF}"
binutils_conf="${myconf} --with-pkgversion=${BINUTILS_PKG_VERSION}"
echo ./configure ${binutils_conf}
"${S_BINUTILS}"/configure ${binutils_conf} || die "configure failed"
emake all || die "emake failed"
# only build info pages if we user wants them, and if
# we have makeinfo (may not exist when we bootstrap)
if type -p makeinfo > /dev/null ; then
emake info || die "make info failed"
fi
# we nuke the manpages when we're left with junk
# (like when we bootstrap, no perl -> no manpages)
find . -name '*.1' -a -size 0 | xargs rm -f
}
src_test() {
cd "${MY_BUILDDIR_BINUTILS}"
make check || die "check failed :("
}
src_install() {
local x d
cd "${MY_BUILDDIR_BINUTILS}"
emake DESTDIR="${D}" tooldir="${LIBPATH}" install || die
rm -rf "${D}"/${LIBPATH}/bin
# Newer versions of binutils get fancy with ${LIBPATH} #171905
cd "${D}"/${LIBPATH}
for d in ../* ; do
[[ ${d} == ../${BVER} ]] && continue
mv ${d}/* . || die
rmdir ${d} || die
done
# Now we collect everything intp the proper SLOT-ed dirs
# When something is built to cross-compile, it installs into
# /usr/$CHOST/ by default ... we have to 'fix' that :)
if is_cross ; then
cd "${D}"/${BINPATH}
for x in * ; do
mv ${x} ${x/${CTARGET}-}
done
if [[ -d ${D}/usr/${CHOST}/${CTARGET} ]] ; then
mv "${D}"/usr/${CHOST}/${CTARGET}/include "${D}"/${INCPATH}
mv "${D}"/usr/${CHOST}/${CTARGET}/lib/* "${D}"/${LIBPATH}/
rm -r "${D}"/usr/${CHOST}/{include,lib}
fi
fi
insinto ${INCPATH}
doins "${S_BINUTILS}/include/libiberty.h"
if [[ -d ${D}/${LIBPATH}/lib ]] ; then
mv "${D}"/${LIBPATH}/lib/* "${D}"/${LIBPATH}/
rm -r "${D}"/${LIBPATH}/lib
fi
# Now, some binutils are tricky and actually provide
# for multiple TARGETS. Really, we're talking just
# 32bit/64bit support (like mips/ppc/sparc). Here
# we want to tell binutils-config that it's cool if
# it generates multiple sets of binutil symlinks.
# e.g. sparc gets {sparc,sparc64}-unknown-linux-gnu
local targ=${CTARGET/-*} src="" dst=""
local FAKE_TARGETS=${CTARGET}
case ${targ} in
mips*) src="mips" dst="mips64";;
powerpc*) src="powerpc" dst="powerpc64";;
s390*) src="s390" dst="s390x";;
sparc*) src="sparc" dst="sparc64";;
esac
case ${targ} in
mips64*|powerpc64*|s390x*|sparc64*) targ=${src} src=${dst} dst=${targ};;
esac
[[ -n ${src}${dst} ]] && FAKE_TARGETS="${FAKE_TARGETS} ${CTARGET/${src}/${dst}}"
# Generate an env.d entry for this binutils
insinto /etc/env.d/binutils
cat <<-EOF > "${T}"/env.d
TARGET="${CTARGET}"
VER="${BVER}"
LIBPATH="${LIBPATH}"
FAKE_TARGETS="${FAKE_TARGETS}"
EOF
newins "${T}"/env.d ${CTARGET}-${BVER}
# Handle documentation
if ! is_cross ; then
cd "${S_BINUTILS}"
dodoc README
docinto bfd
dodoc bfd/ChangeLog* bfd/README bfd/PORTING bfd/TODO
docinto binutils
dodoc binutils/ChangeLog binutils/NEWS binutils/README
docinto gas
dodoc gas/ChangeLog* gas/CONTRIBUTORS gas/NEWS gas/README*
docinto gprof
dodoc gprof/ChangeLog* gprof/TEST gprof/TODO gprof/bbconv.pl
docinto ld
dodoc ld/ChangeLog* ld/README ld/NEWS ld/TODO
docinto libiberty
dodoc libiberty/ChangeLog* libiberty/README
docinto opcodes
dodoc opcodes/ChangeLog*
fi
# Remove shared info pages
rm -f "${D}"/${DATAPATH}/info/{dir,configure.info,standards.info}
# Trim all empty dirs
find "${D}" -type d | xargs rmdir >& /dev/null
if use hardened ; then
LDWRAPPER=ldwrapper.hardened
else
LDWRAPPER=ldwrapper
fi
mv "${D}/${BINPATH}/ld.bfd" "${D}/${BINPATH}/ld.bfd.real" || die
exeinto "${BINPATH}"
newexe "${FILESDIR}/${LDWRAPPER}" "ld.bfd" || die
mv "${D}/${BINPATH}/ld.gold" "${D}/${BINPATH}/ld.gold.real" || die
exeinto "${BINPATH}"
newexe "${FILESDIR}/${LDWRAPPER}" "ld.gold" || die
# Set default to be ld.bfd in regular installation
dosym ld.bfd "${BINPATH}/ld"
# Make a fake installation for gold with gold as the default linker
# so we can turn gold on/off with binutils-config
LASTDIR=${LIBPATH##/*/}
dosym "${LASTDIR}" "${LIBPATH}-gold"
LASTDIR=${DATAPATH##/*/}
dosym "${LASTDIR}" "${DATAPATH}-gold"
mkdir "${D}/${BINPATH}-gold"
cd "${D}"/${BINPATH}
LASTDIR=${BINPATH##/*/}
for x in * ; do
dosym "../${LASTDIR}/${x}" "${BINPATH}-gold/${x}"
done
dosym ld.gold "${BINPATH}-gold/ld"
# Install gold binutils-config configuration file
insinto /etc/env.d/binutils
cat <<-EOF > "${T}"/env.d
TARGET="${CTARGET}"
VER="${BVER}-gold"
LIBPATH="${LIBPATH}-gold"
FAKE_TARGETS="${FAKE_TARGETS}"
EOF
newins "${T}"/env.d ${CTARGET}-${BVER}-gold
# Move the locale directory to where it is supposed to be
mv "${D}/usr/share/locale" "${D}/${DATAPATH}/"
}
pkg_postinst() {
binutils-config ${CTARGET}-${BVER}
}
pkg_postrm() {
local current_profile=$(binutils-config -c ${CTARGET})
# If no other versions exist, then uninstall for this
# target ... otherwise, switch to the newest version
# Note: only do this if this version is unmerged. We
# rerun binutils-config if this is a remerge, as
# we want the mtimes on the symlinks updated (if
# it is the same as the current selected profile)
if [[ ! -e ${BINPATH}/ld ]] && [[ ${current_profile} == ${CTARGET}-${BVER} ]] ; then
local choice=$(binutils-config -l | grep ${CTARGET} | awk '{print $2}')
choice=${choice//$'\n'/ }
choice=${choice/* }
if [[ -z ${choice} ]] ; then
env -i binutils-config -u ${CTARGET}
else
binutils-config ${choice}
fi
elif [[ $(CHOST=${CTARGET} binutils-config -c) == ${CTARGET}-${BVER} ]] ; then
binutils-config ${CTARGET}-${BVER}
fi
}

11
sdk_container/src/third_party/coreos-overlay/sys-devel/binutils/files/aswrapper vendored
View File

@ -1,11 +0,0 @@
#!/bin/sh
# Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This files wraps as.
# In addition, it adds --allow-incbin to the command line before invoking as.
# This flag is necessary on link commands that use the .incbin directive.
exec "$(readlink -f "${0}").real" --allow-incbin "$@"

12
sdk_container/src/third_party/coreos-overlay/sys-devel/binutils/files/chromeos-version.sh vendored
View File

@ -1,12 +0,0 @@
#!/bin/sh
#
# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
#
# This script is given one argument: the base of the source directory of
# the package, and it prints a string on stdout with the numerical version
# number for said repo.
exec sed -n '/^ *VERSION=/{s:.*=::;p;q}' \
"$(find "$1" -path '*/bfd/configure')"

10
sdk_container/src/third_party/coreos-overlay/sys-devel/binutils/files/ldwrapper vendored
View File

@ -1,10 +0,0 @@
#!/bin/bash
# Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This files wraps ld and ld.gold.
# In addition, it adds --hash-style=gnu to the linker command line.
exec "$(readlink -f "${0}").real" --hash-style=gnu "$@"

14
sdk_container/src/third_party/coreos-overlay/sys-devel/binutils/files/ldwrapper.hardened vendored
View File

@ -1,14 +0,0 @@
#!/bin/sh
# Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# This files wraps ld and ld.gold.
# In addition, it inserts hardened flags (-z now and -z relro) to the linker
# before invoking it. It also adds --hash-style=gnu to the linker command line.
#
# There is a similar wrapper around gcc that adds -fPIE, -fstack-protector-all,
# -D_FORTIFY_SOURCE=2 and -pie to the compile command line.
exec "$(readlink -f "${0}").real" -z now -z relro --hash-style=gnu "$@"